last executing test programs: 3.352662187s ago: executing program 0 (id=2849): r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="120100009ac0b620110f211066865578ac0109029c000100000400090400bf900b64ea00090587033b"], 0x0) syz_usb_disconnect(r0) syz_usb_connect$cdc_ecm(0x2, 0x4d, &(0x7f0000000440)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x525, 0xa4a1, 0x40, 0x0, 0x0, 0xffffffffffff8001, 0x1, [{{0x9, 0x2, 0x3b, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x2, 0x6, 0x0, 0x0, {{0x5}, {0x5}, {0xd}}}}]}}]}}, 0x0) syz_open_dev$char_usb(0xc, 0xb4, 0x0) 1.893777768s ago: executing program 2 (id=2872): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r0) sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)={0x28, r1, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_DOI={0x8}, @NLBL_CIPSOV4_A_TAGLST={0x4}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x1}]}, 0x28}}, 0x0) 1.816191235s ago: executing program 2 (id=2874): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) r1 = eventfd(0x0) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000003c0)={0x3, r1}) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x0, r1}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x1, 0x0, &(0x7f0000000480)=""/53, 0x0, 0x2}) openat$vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x400, 0x0) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000180)={0x2, r1}) ioctl$int_in(0xffffffffffffffff, 0x5421, 0x0) waitid$P_PIDFD(0x3, 0xffffffffffffffff, 0x0, 0x6100000c, 0x0) r2 = open(&(0x7f0000000040)='./bus\x00', 0x147042, 0x0) preadv(r2, &(0x7f00000054c0)=[{&(0x7f0000005380)=""/167, 0xa7}], 0x1, 0x0, 0x0) r3 = open(&(0x7f00000000c0)='./bus\x00', 0xc2, 0x111) ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0}) pipe(0x0) write$FUSE_STATFS(0xffffffffffffffff, 0x0, 0x0) ioctl$FIONREAD(r3, 0x541b, 0x0) pipe(0x0) ioctl$FIONREAD(0xffffffffffffffff, 0x541b, 0x0) read$FUSE(0xffffffffffffffff, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) sendmsg$NL80211_CMD_DEL_PMKSA(0xffffffffffffffff, 0x0, 0x0) pipe(0x0) ioctl$FIONREAD(0xffffffffffffffff, 0x541b, 0x0) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0) r4 = add_key$keyring(&(0x7f0000000340), &(0x7f0000000380), 0x0, 0x0, 0xffffffffffffffff) request_key(&(0x7f00000001c0)='dns_resolver\x00', &(0x7f0000000200)={'syz', 0x2}, &(0x7f0000000440)='\x00', r4) add_key(&(0x7f0000000240)='dns_resolver\x00', &(0x7f0000000080)={'syz', 0x1}, &(0x7f0000000280)="dee7030022cf5c6c7bc31bd2599759fafa9e5e1dbac27b0426fc0299c41fb9b9761a1b44dac894f365ae68edf335abf35ec53d6751467ebd2c187491bcab2c8d34fec505fc8a14622dba33ff9b054eb7e8a5bc4ab2719cb230328931deb95ef3fcafb1ce27743a93f4715976edec860ab49c3a4f51ab0124b50c3362201a307df03000", 0x83, r4) keyctl$search(0xa, r4, &(0x7f0000000400)='dns_resolver\x00', &(0x7f0000000140)={'syz', 0x1, 0x2e}, 0xffffffffffffffff) 1.72877985s ago: executing program 2 (id=2877): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, 0x0) mkdirat(0xffffffffffffff9c, 0x0, 0x0) setxattr$incfs_metadata(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, 0x0, 0x0) llistxattr(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) 1.647573478s ago: executing program 2 (id=2878): socket$inet6_udp(0xa, 0x2, 0x0) r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c) socket$netlink(0x10, 0x3, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/bus/input/devices\x00', 0x0, 0x0) pselect6(0x40, &(0x7f0000000600), 0x0, &(0x7f0000000680)={0xff}, 0x0, 0x0) 981.539186ms ago: executing program 1 (id=2894): rseq(&(0x7f0000000200), 0x20, 0x0, 0x0) r0 = socket(0x28, 0x5, 0x0) r1 = socket(0x28, 0x5, 0x0) bind$vsock_stream(r1, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10) listen(r1, 0x0) connect$vsock_stream(r0, &(0x7f0000000080), 0x10) shutdown(r0, 0x0) 956.929113ms ago: executing program 0 (id=2895): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x1c, 0x2, [@TCA_FQ_FLOW_DEFAULT_RATE={0x18, 0x10}, @TCA_FQ_FLOW_MAX_RATE={0x2, 0x2}, @TCA_FQ_FLOW_PLIMIT]}}]}, 0x48}}, 0x0) 894.281497ms ago: executing program 1 (id=2896): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000fee000)=0x3fa, 0x4) bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) listen(r0, 0x50) r1 = socket$inet6(0xa, 0x5, 0x0) setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000fee000)=0x3fa, 0x4) bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) listen(r1, 0x50) r2 = socket$inet6(0xa, 0x5, 0x0) setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000fee000)=0x3fa, 0x4) bind$inet6(r2, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) listen(r2, 0x50) 830.04377ms ago: executing program 0 (id=2898): socket$nl_generic(0x10, 0x3, 0x10) setsockopt$MRT_ADD_VIF(0xffffffffffffffff, 0x0, 0x22, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xf, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x90) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r0, 0x26, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) r1 = socket$pppl2tp(0x18, 0x1, 0x1) ioctl$SIOCSIFMTU(r1, 0x8922, &(0x7f00000008c0)={'team0\x00', 0xe761}) 829.739457ms ago: executing program 1 (id=2899): r0 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f00000003c0)=0x11, 0x4) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0x2, &(0x7f0000001a00)=0x9, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='io.stat\x00', 0x275a, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_exit\x00', r1}, 0x10) sendmsg$IPVS_CMD_GET_INFO(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, 0x0, 0x4, 0x70bd26, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x3f}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40080}, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000013c0)=ANY=[@ANYBLOB="b702000026000000bfa300000000000007030000007effff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065060400010000050404000001007d60b7030000000000006a0a00fe000000008500000028000000b7000000000000009500000000000000496cf27fb6d2c643db7e2d5fb4b0936cdf827fb43a431ca711fcd0cdfa146ed3d09a6175037958e27106e225b7937f02008b5e5a076d83923dd29c034055b67dafe6c8dc525d78c07f34e4d5b3185b310efcfa89147a09000000f110026e6d2ef831ab7ea0c34f17e3ad6eecbb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b0a341a2d7cbdb9cd38bdb2ca8e050000003a14817ac61e4dd11183a13477bf7e060e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c214733a18c8b6619f28d9961b626c57c2691208173656d60a17e3c184b751c51160fbcbbdb5b1e7be6148ba532e60a0ac346dfebd31a08060000000200000000000000334d83239dd27080e71113610e10d858e8327ef01fb6c86acac12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e957bc73ddc4eabba08ab1e1ad828267d4eadd3964663e88535c133f7130856f756436303767d2e24f29e5dad9796edb697a6ea0183babc190ae2ebf8aad34732181feb215139f15ea7e8cb0bae7c34d5ac5e7c805210600000000000000c3dec04b25dfc17975238345d4f71ab158c36657b7218baa0700f781c0a99bd50499ccc421ace5e845885efb5b9964e4beba3da8223fe5308e4e65ee93e107000000f8ddebf70132a4d0175b989b8eccf707882042e716df9b57b290c661d4e85031086197bcc5cb0e221a0c34323c129102b6ff0100002e88a1940b3c02ed9c92d6f64b1282dc51bb0015982730711c599e1c72ffa11ed8be1a6830d7507005154c46bd3ca96318c570f0721fc7aa2a5836ba99fe1f86468694f22cdf550ef091a78098534f0d973059594119d06d5ea9a8d0857382ec6e2a071474cfc12346e47ad97f4ead7cf70a9d1cdac944779dc08a705414888700a30e2366c6a06b3367a389ca39059787790017b0689a173db9c24db65c1e00015c1d093dab18fd0699fe3304000000323e9c7080397bc49d70c060d57bc88fbe3bbaa058b040362ab926150363fb099408885afc2bf9a46a076b7babfcddeff8c35030669ea69f5e4be1b8e0d6697e97186f9ae97d5670dba6623279f73db9dec75070cd9ab0fda6b069ef6d2857ca3e4effcf7462710d133d541da86e0477e4a6cc999dc21c3ef408e6b178e7c9f274d7fafc8d757d33dfa35aa2000034837d365e63845f3c1092f8dde8af3904ea0f4b82649b83ed4fa0f873339c4cadecc13219ba7518aa4f7db34ead13484742067ab743c1d82a5687f2ed690000000000000000000000000000000000000000000099d4fa0000000000003f0ecdc7c82e72919c91d2039afe17e95edeeeba72205beff7771bcb293747b88486cacee403000000a2919a4bff2ed893f2c814679fa69fc7e0cf761f918725704a01c56009a9f748e5aaf30a10bd8c409b1870c1f75e26b45264e3d3f8e0048e55ae289ce2ad779ce71d4dc30cbb2cc4289d2f884d66cddc76eb7f601110ff39053c262279f4ef00fbdb8c328615a9ec84f27a9f3938ae736138b8c1ec220c1540bf3d162dc1c27fa30f0dc60b9f257db5d1c7ed2e152cb2cf06f8edb30177fead735a952ffce676a93110904d5ee2abdab2ef3ff84c4d61443f73552195c7ccfbf9f03c44432eaa3b7501d4239354da8de21eada75d3a3afb2c76ff0700007981699b6c0f0e946766f57544ff52cef0dd811bec4e3c0a30f2d7d19d26d2503a3ea376721b8eded3bc475958dd498ee2b2d6146e33fc0de1dc2e0516ac565ddb1d4ae89e6712824a85eb9ee0a3b68c9e209756623adf685dd715d68ed11e4b4d5502f5124948f8f98c615cac3666c58f785c3f758be352a71871d5c081197d37980e4f4e26b5476fb20407ff7098b7174bef66fa03a99b5c0c20b378065fac4ef9ac2d0d804b9400000060e5d3f1749f6aecf69ba83a71caa9bdddc679f1b826f54b6563a4be1fd82b73c8c2bc65f63982b951fb058fd3c7b6341c4580376b6c16bd94d2da66059de81abfa15eeeb88b6ae5882ad341032c73f1285e21fff5a1d138e061b1dc7bbda199b5fab8e0719e9cd69b47dcb52b0be6a3a73afdf328132e1d4f21065716be0c53a23940d07188b015fa341dbc92231c8b5e5717eac184f46c9f61b69f55cd2231bcf821052429a1f250e8b734be0605a15f25923d599544b319319ff0a32621019347df460a098119a6f47eb1bac47946d7a009cbc6ec74c19a93cc7c7138b28c95270116181fd5f553573c48104d2ad0e10d3663488e664401453f22f0d76d2162635365258af61ae1f46f4a7862f302d91e3f7c2781f602220522e84602a939a8d5e4137ae31ccd397404dc72e06715a6503d4d865182803ee6725da7293b23daeebefd6fce7411c9624a7e8d5ba5a13e1c32adc4f3274497c6882a72475e4280a4d9a47c003c6ed3071330c58145be813a10788a720a6b5a498ca2b42496c479a0a71e2f6f9bad8c84bc6be20281bde0b348cf2c60538a505ad4a0510eebb023e4954c9eb6cd70627f5c03d867dbf3ad5d1f1dc852064dd0efafc3df20ec8faf3d194db76127f88f284fa1b71ab964fdd2474471da76373e65e9a8bf844bdfdd348bc7d00c4c7e7afe8a1f8cde79b7a6c5aafe954b8ba37818e40c14b37c23f9f614576b689436fef2f27f8b1e756e00262e22bca49c43fd73e7e99b2fa44a8c1db99c2cf2735ad6c5fabf082e0df0f8ba7e24272165f2f5b28230c02b53d44bd84bf6770157e96bbb96b5e1f165c87e7ad68a3600b3d357fa9a7d53c281d88ebb175a4dbb82130e6870982947913110f091d21760d985afd3163f2e6880682432f9b3b97d57a9f980edfa1116a3d04d58872a07d6a7e12db673acd2f7b8988d833e71943fe2c1c65a3cf36b955c56b55bfd3ecf0af694c71a03f2996c15b1ba971de1cb9c7e6a0000000000000014783ef54c51199317413f98dca8ff3d0bda50f6c0af58dbd6c031b1a5a7512c5896514adfa17d31429c68db50a93d88199defd3b4625fea426ff9293a28a544a6a9e2a79b55daa1b3c6b14c4ec6d164e902ce4913843d65d841973468729ea12bf6d3499036dbb66718f3497855c3baa6cc07c0fa388ec9df0617c1a28ef5a595ee267a76175b8a057e6efaf4fefe46def451f2858fe71a53e77b1a44e98843bb3a40102da3703dfb9f61bdcea2fb810b32d52e2157a150a63ea6135d1cf6f864c2e68884d7245bc5d61dc5a114d10ffb22e76678bbfc1e3865d17d128306d1b81884a934cb00000000000000000098a4526e6468987dbc63bff7590eb388afaba43d811996333eef7e9f472bee293f0c40d434b8be07cbd52325296e22802493edb5c590ad208bac683a8b2d4c9d2d57ff846ae8c422e0b28546671f11d8157bb762c91f3fbcca8e21589c92446ae65d408c0637ffcc2d44d715ce003dd1e12b085e186d069a55c2e96efbe5024d61a56a36d988c0f51a973a6c238e545b28211a92000000001501aed8d72af0fcd540a9d4e293690c5e697b3a1480e46df5071bca1cfb28a57c1b3c956ec81397e81fbf870a67385fea04220423f52ad8178b9fd04bdc7e5fee4bd52db996e633792118efdb6b88023e80da74fdf723c7f0"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000900)={r2, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000380)="7c53310100f9ff61efd106939fc1", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) setsockopt$SO_J1939_PROMISC(r1, 0x6b, 0x2, &(0x7f0000000000), 0x4) syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="02c8000c00080002"], 0x11) 784.235247ms ago: executing program 2 (id=2900): bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000500000018230000", @ANYRES32, @ANYBLOB="0000000000000000b7050000080000008500000007000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000008500000073000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 746.838314ms ago: executing program 1 (id=2902): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f00000005c0)='contention_end\x00', r0}, 0x10) r1 = syz_open_dev$dri(&(0x7f00000000c0), 0x0, 0x0) r2 = syz_open_dev$dri(&(0x7f0000000040), 0x0, 0x0) ioctl$DRM_IOCTL_DROP_MASTER(r1, 0x641f) ioctl$DRM_IOCTL_SET_MASTER(r2, 0x641e) ioctl$DRM_IOCTL_SET_MASTER(r2, 0x641e) 745.454267ms ago: executing program 0 (id=2903): r0 = socket$l2tp6(0xa, 0x2, 0x73) bind$l2tp6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x20) r1 = openat$capi20(0xffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$CAPI_INSTALLED(r1, 0x80024322) 735.312872ms ago: executing program 2 (id=2904): r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="120100009ac0b620110f211066865578ac0109029c000100000400090400bf900b64ea00090587033b"], 0x0) syz_usb_disconnect(r0) syz_usb_connect$cdc_ecm(0x2, 0x4d, &(0x7f0000000440)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x525, 0xa4a1, 0x40, 0x0, 0x0, 0xffffffffffff8001, 0x1, [{{0x9, 0x2, 0x3b, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x2, 0x6, 0x0, 0x0, {{0x5}, {0x5}, {0xd}}}}]}}]}}, 0x0) syz_open_dev$char_usb(0xc, 0xb4, 0x0) 667.621472ms ago: executing program 1 (id=2906): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001dc0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}]}, @NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @meta={{0x9}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_META_KEY={0x8}, @NFTA_META_SREG={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xc4}}, 0x0) 604.285467ms ago: executing program 1 (id=2908): socket$inet6_udp(0xa, 0x2, 0x0) r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c) socket$netlink(0x10, 0x3, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/bus/input/devices\x00', 0x0, 0x0) pselect6(0x40, &(0x7f0000000600), 0x0, &(0x7f0000000680)={0xff}, 0x0, 0x0) 602.692499ms ago: executing program 0 (id=2909): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000000)='jbd2_handle_stats\x00', r1}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) 602.401499ms ago: executing program 0 (id=2910): bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={0x0, 0xec}}, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_SEND(0xffffffffffffffff, 0xc0182101, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000100)) r2 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0), 0x88602, 0x0) ioctl$SNDCTL_DSP_GETODELAY(r2, 0x80045017, 0x0) r3 = syz_open_dev$sndpcmp(0x0, 0x10000003, 0x1ff045) ioctl$SNDRV_PCM_IOCTL_CHANNEL_INFO(r3, 0x80104132, &(0x7f0000000080)) sendmsg$ETHTOOL_MSG_LINKINFO_GET(0xffffffffffffffff, 0x0, 0x0) syz_emit_vhci(&(0x7f0000007a80)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0x20, 0x8}, {0x0, 0x7f}}}}, 0x15) sendmsg$WG_CMD_GET_DEVICE(0xffffffffffffffff, 0x0, 0x0) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) writev(0xffffffffffffffff, 0x0, 0x0) fallocate(r4, 0x8, 0x0, 0xffffff4f) r5 = userfaultfd(0x1) ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) ioctl$UFFDIO_COPY(r5, 0xc028aa03, &(0x7f0000000040)={&(0x7f0000113000/0x2000)=nil, &(0x7f000063b000/0x3000)=nil, 0x2000, 0x2}) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r6 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r6, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102391, 0x18ff7}], 0x1, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) r7 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000280)="5500000020007fafb72d13b2a4a2719302000000030b43026c26236925000400fe7f0000bd2dca8a9848a3c728f1c46b7b31afdc1338d509000000000100005ae583de0dd7d8319f98af84fda542e718f94b929adee2fde9", 0x58}], 0x1}, 0x0) 283.119521ms ago: executing program 3 (id=2917): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001dc0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}]}, @NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @meta={{0x9}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_META_KEY={0x8}, @NFTA_META_SREG={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xc4}}, 0x0) 195.851565ms ago: executing program 3 (id=2918): r0 = socket$l2tp6(0xa, 0x2, 0x73) bind$l2tp6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x20) r1 = openat$capi20(0xffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$CAPI_INSTALLED(r1, 0x80024322) 195.632293ms ago: executing program 3 (id=2919): bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$ITER_CREATE(0xb, 0x0, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x3, &(0x7f0000000000)=@framed, &(0x7f0000000340)='GPL\x00'}, 0x78) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000540)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f00000000c0)="a0", 0x0, 0xa3cf05dada2710e3}, 0x50) 87.793511ms ago: executing program 3 (id=2920): r0 = syz_open_dev$video4linux(&(0x7f0000000000), 0x5, 0x0) ioctl$FS_IOC_ENABLE_VERITY(r0, 0x40806685, 0x0) 87.613351ms ago: executing program 3 (id=2921): syz_emit_ethernet(0x88, &(0x7f00000000c0)={@local, @broadcast, @val, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "ff690b", 0x4a, 0x2f, 0x0, @private0, @mcast2, {[], {{0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x1, 0x8100}, {0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x800, [0x0, 0x0, 0x0]}}}}}}}, 0x0) 0s ago: executing program 3 (id=2922): r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000004000000000000000000190095"], &(0x7f00000001c0)='syzkaller\x00'}, 0x90) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'syz_tun\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r0, r2}, 0x10) syz_emit_ethernet(0x1046, &(0x7f0000001540)=ANY=[], 0x0) kernel console output (not intermixed with test programs): 9906768.371:52): pid=8778 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1385" name="/syzkaller.ZYzeeW/119/bus" dev="sda1" ino=1954 res=1 errno=0 [ 157.008412][ T39] audit: type=1800 audit(1719906768.371:53): pid=8778 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1385" name="bus" dev="sda1" ino=1954 res=0 errno=0 [ 157.032785][ T8782] dlm: no locking on control device [ 157.329271][ T8800] netlink: 5296 bytes leftover after parsing attributes in process `syz.2.1396'. [ 157.434494][ T8812] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1400'. [ 157.587521][ T8820] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1404'. [ 157.596951][ T8820] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1404'. [ 157.653741][ T8828] netlink: 5296 bytes leftover after parsing attributes in process `syz.2.1408'. [ 158.846713][ T39] audit: type=1326 audit(1719906770.221:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8889 comm="syz.3.1433" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7460579 code=0x0 [ 159.413925][ T5202] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 159.420717][ T5202] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 159.438029][ T5202] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 159.443663][ T5202] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 159.448572][ T5202] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 159.454280][ T5202] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 159.645957][ T1094] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 159.767271][ T1094] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 159.877738][ T1094] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 159.882159][ T39] audit: type=1326 audit(1719906771.251:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8905 comm="syz.0.1437" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73c1579 code=0x0 [ 160.010257][ T1094] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 160.025843][ T8903] chnl_net:caif_netlink_parms(): no params data found [ 160.177894][ T8903] bridge0: port 1(bridge_slave_0) entered blocking state [ 160.180797][ T8903] bridge0: port 1(bridge_slave_0) entered disabled state [ 160.188926][ T8903] bridge_slave_0: entered allmulticast mode [ 160.193288][ T8903] bridge_slave_0: entered promiscuous mode [ 160.200432][ T8903] bridge0: port 2(bridge_slave_1) entered blocking state [ 160.207402][ T8903] bridge0: port 2(bridge_slave_1) entered disabled state [ 160.210746][ T8903] bridge_slave_1: entered allmulticast mode [ 160.222517][ T8903] bridge_slave_1: entered promiscuous mode [ 160.385511][ T8903] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 160.394266][ T8903] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 160.523430][ T8903] team0: Port device team_slave_0 added [ 160.528904][ T8903] team0: Port device team_slave_1 added [ 160.554014][ T8930] netlink: 5296 bytes leftover after parsing attributes in process `syz.0.1443'. [ 160.575587][ T1094] bridge_slave_1: left allmulticast mode [ 160.579211][ T1094] bridge_slave_1: left promiscuous mode [ 160.592955][ T1094] bridge0: port 2(bridge_slave_1) entered disabled state [ 160.614351][ T1094] bridge_slave_0: left allmulticast mode [ 160.617845][ T1094] bridge_slave_0: left promiscuous mode [ 160.621945][ T1094] bridge0: port 1(bridge_slave_0) entered disabled state [ 161.139301][ T1094] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 161.149953][ T1094] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 161.156727][ T1094] bond0 (unregistering): Released all slaves [ 161.363141][ T8903] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 161.366079][ T8903] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 161.392791][ T8903] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 161.397813][ T1094] tipc: Disabling bearer [ 161.402322][ T1094] tipc: Left network mode [ 161.407474][ T8903] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 161.411194][ T8903] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 161.422440][ T8903] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 161.498400][ T5202] Bluetooth: hci3: command tx timeout [ 161.563801][ T8903] hsr_slave_0: entered promiscuous mode [ 161.566923][ T8903] hsr_slave_1: entered promiscuous mode [ 161.968709][ T1094] hsr_slave_0: left promiscuous mode [ 161.973260][ T1094] hsr_slave_1: left promiscuous mode [ 161.976734][ T1094] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 161.980201][ T1094] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 161.989102][ T1094] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 161.992805][ T1094] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 162.039913][ T1094] veth1_macvtap: left promiscuous mode [ 162.043624][ T1094] veth0_macvtap: left promiscuous mode [ 162.046363][ T1094] veth1_vlan: left promiscuous mode [ 162.048893][ T1094] veth0_vlan: left promiscuous mode [ 162.079234][ T5205] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 162.088534][ T5205] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 162.094025][ T5205] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 162.099503][ T5205] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 162.108098][ T5205] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 162.121262][ T5205] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 163.174288][ T9] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 163.340111][ T1094] team0 (unregistering): Port device team_slave_1 removed [ 163.382485][ T9] usb 5-1: Using ep0 maxpacket: 32 [ 163.387365][ T9] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 36 [ 163.394349][ T9] usb 5-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 163.398431][ T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 163.406178][ T9] usb 5-1: Product: syz [ 163.408407][ T9] usb 5-1: Manufacturer: syz [ 163.410409][ T9] usb 5-1: SerialNumber: syz [ 163.414908][ T9] usb 5-1: config 0 descriptor?? [ 163.417808][ T8980] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 163.422040][ T9] hub 5-1:0.0: bad descriptor, ignoring hub [ 163.425047][ T9] hub 5-1:0.0: probe with driver hub failed with error -5 [ 163.443425][ T9] input: syz syz as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input14 [ 163.494830][ T1094] team0 (unregistering): Port device team_slave_0 removed [ 163.562101][ T5205] Bluetooth: hci3: command tx timeout [ 163.661531][ C0] usbtouchscreen 5-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19 [ 163.670127][ T9] usb 5-1: USB disconnect, device number 11 [ 164.202286][ T5205] Bluetooth: hci1: command tx timeout [ 164.870955][ T8967] chnl_net:caif_netlink_parms(): no params data found [ 164.981912][ T5246] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 165.121238][ T1094] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 165.176625][ T5246] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 0, changing to 7 [ 165.181535][ T5246] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xFF has invalid wMaxPacketSize 0 [ 165.186440][ T8967] bridge0: port 1(bridge_slave_0) entered blocking state [ 165.186547][ T5246] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 165.195121][ T8967] bridge0: port 1(bridge_slave_0) entered disabled state [ 165.195803][ T5246] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 165.199386][ T8967] bridge_slave_0: entered allmulticast mode [ 165.203615][ T5246] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 165.205517][ T5246] usb 5-1: config 0 descriptor?? [ 165.207553][ T8967] bridge_slave_0: entered promiscuous mode [ 165.219232][ T8967] bridge0: port 2(bridge_slave_1) entered blocking state [ 165.223032][ T8967] bridge0: port 2(bridge_slave_1) entered disabled state [ 165.226640][ T8967] bridge_slave_1: entered allmulticast mode [ 165.230576][ T8967] bridge_slave_1: entered promiscuous mode [ 165.279712][ T1094] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 165.376453][ T8903] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 165.406024][ T1094] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 165.426883][ T8967] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 165.431072][ T8903] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 165.446396][ T8967] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 165.483241][ T8903] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 165.504440][ T1094] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 165.542693][ T8903] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 165.566468][ T8967] team0: Port device team_slave_0 added [ 165.573095][ T8967] team0: Port device team_slave_1 added [ 165.642765][ T5205] Bluetooth: hci3: command tx timeout [ 165.668764][ T8967] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 165.672454][ T8967] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 165.674620][ T5246] plantronics 0003:047F:FFFF.0009: No inputs registered, leaving [ 165.686808][ T8967] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 165.688386][ T8967] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 165.700229][ T8967] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 165.714850][ T8967] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 165.743786][ T5246] plantronics 0003:047F:FFFF.0009: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 165.921792][ T8967] hsr_slave_0: entered promiscuous mode [ 165.925892][ T8967] hsr_slave_1: entered promiscuous mode [ 165.929418][ T8967] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 165.933545][ T8967] Cannot create hsr debugfs directory [ 165.942868][ T1094] bridge_slave_1: left allmulticast mode [ 165.945535][ T1094] bridge_slave_1: left promiscuous mode [ 165.948115][ T1094] bridge0: port 2(bridge_slave_1) entered disabled state [ 165.960671][ T1094] bridge_slave_0: left allmulticast mode [ 165.964799][ T1094] bridge_slave_0: left promiscuous mode [ 165.967529][ T1094] bridge0: port 1(bridge_slave_0) entered disabled state [ 166.282424][ T5205] Bluetooth: hci1: command tx timeout [ 166.521737][ T1094] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 166.546569][ T1094] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 166.553264][ T1094] bond0 (unregistering): Released all slaves [ 166.950795][ T1094] hsr_slave_0: left promiscuous mode [ 166.955736][ T1094] hsr_slave_1: left promiscuous mode [ 166.963124][ T1094] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 166.966232][ T1094] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 166.988396][ T1094] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 166.997177][ T1094] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 167.042481][ T1094] veth1_macvtap: left promiscuous mode [ 167.044956][ T1094] veth0_macvtap: left promiscuous mode [ 167.047549][ T1094] veth1_vlan: left promiscuous mode [ 167.050076][ T1094] veth0_vlan: left promiscuous mode [ 167.722839][ T5205] Bluetooth: hci3: command tx timeout [ 167.786019][ T63] usb 5-1: USB disconnect, device number 12 [ 168.099409][ T9074] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1481'. [ 168.362026][ T5205] Bluetooth: hci1: command tx timeout [ 168.366529][ T1094] team0 (unregistering): Port device team_slave_1 removed [ 168.472224][ T1094] team0 (unregistering): Port device team_slave_0 removed [ 168.572049][ T5241] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 168.769126][ T5241] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 0, changing to 7 [ 168.784357][ T5241] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xFF has invalid wMaxPacketSize 0 [ 168.788829][ T5241] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 168.795018][ T5241] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 168.799005][ T5241] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 168.804081][ T5241] usb 5-1: config 0 descriptor?? [ 169.232983][ T5241] plantronics 0003:047F:FFFF.000A: No inputs registered, leaving [ 169.248050][ T5241] plantronics 0003:047F:FFFF.000A: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 169.487637][ T8903] 8021q: adding VLAN 0 to HW filter on device bond0 [ 169.534456][ T8903] 8021q: adding VLAN 0 to HW filter on device team0 [ 169.569946][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 169.573251][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 169.606855][ T7895] bridge0: port 2(bridge_slave_1) entered blocking state [ 169.610704][ T7895] bridge0: port 2(bridge_slave_1) entered forwarding state [ 169.887541][ T8903] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 170.012689][ T8903] veth0_vlan: entered promiscuous mode [ 170.029930][ T8903] veth1_vlan: entered promiscuous mode [ 170.107834][ T8967] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 170.117902][ T8967] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 170.132748][ T8967] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 170.140199][ T8967] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 170.149447][ T8903] veth0_macvtap: entered promiscuous mode [ 170.164871][ T8903] veth1_macvtap: entered promiscuous mode [ 170.193634][ T8903] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 170.198309][ T8903] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 170.203475][ T8903] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 170.208471][ T8903] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 170.214977][ T8903] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 170.230580][ T8903] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 170.236079][ T8903] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 170.240266][ T8903] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 170.245253][ T8903] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 170.251322][ T8903] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 170.264919][ T8903] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 170.268555][ T8903] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 170.273006][ T8903] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 170.276901][ T8903] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 170.360301][ T1094] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 170.364033][ T1094] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 170.395248][ T98] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 170.398724][ T98] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 170.406287][ T8967] 8021q: adding VLAN 0 to HW filter on device bond0 [ 170.425047][ T8967] 8021q: adding VLAN 0 to HW filter on device team0 [ 170.434714][ T5246] bridge0: port 1(bridge_slave_0) entered blocking state [ 170.438452][ T5246] bridge0: port 1(bridge_slave_0) entered forwarding state [ 170.453022][ T5246] bridge0: port 2(bridge_slave_1) entered blocking state [ 170.456290][ T5246] bridge0: port 2(bridge_slave_1) entered forwarding state [ 170.462318][ T5205] Bluetooth: hci1: command tx timeout [ 170.575627][ T5205] Bluetooth: hci3: ACL packet for unknown connection handle 100 [ 170.619978][ T5205] Bluetooth: hci3: ACL packet for unknown connection handle 0 [ 170.725341][ T8967] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 170.783836][ T8967] veth0_vlan: entered promiscuous mode [ 170.794512][ T8967] veth1_vlan: entered promiscuous mode [ 170.824774][ T8967] veth0_macvtap: entered promiscuous mode [ 170.830965][ T8967] veth1_macvtap: entered promiscuous mode [ 170.846172][ T8967] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 170.850543][ T8967] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 170.856209][ T8967] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 170.860687][ T8967] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 170.865384][ T8967] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 170.870217][ T8967] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 170.877074][ T8967] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 170.896052][ T8967] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 170.900077][ T8967] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 170.905820][ T8967] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 170.911388][ T8967] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 170.917421][ T8967] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 170.922466][ T8967] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 170.928075][ T8967] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 170.935399][ T8967] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 170.939360][ T8967] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 170.943871][ T8967] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 170.947828][ T8967] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 171.025138][ T1094] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 171.029782][ T1094] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 171.056616][ T98] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 171.060177][ T98] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 171.128593][ T9128] dlm: no locking on control device [ 171.388240][ T5246] usb 5-1: USB disconnect, device number 13 [ 171.817275][ T5205] Bluetooth: hci1: unexpected cc 0x0402 length: 65 > 1 [ 171.972500][ T5246] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 172.013790][ T9178] syz.3.1508 (9178): drop_caches: 2 [ 172.039793][ T9178] syz.3.1508 (9178): drop_caches: 2 [ 172.161889][ T5246] usb 5-1: Using ep0 maxpacket: 32 [ 172.169420][ T5246] usb 5-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed [ 172.181913][ T5246] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 172.185378][ T5246] usb 5-1: Product: syz [ 172.187235][ T5246] usb 5-1: Manufacturer: syz [ 172.189276][ T5246] usb 5-1: SerialNumber: syz [ 172.193479][ T5246] usb 5-1: config 0 descriptor?? [ 172.831347][ T5246] (unnamed net_device) (uninitialized): Assigned a random MAC address: 92:b0:00:ee:07:d0 [ 172.870610][ T5246] rtl8150 5-1:0.0: eth2: rtl8150 is detected [ 172.879105][ T5246] usb 5-1: USB disconnect, device number 14 [ 173.030522][ T9186] syzkaller0: entered allmulticast mode [ 173.975267][ T9210] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 175.886915][ T5205] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 175.905248][ T5205] Bluetooth: hci1: Injecting HCI hardware error event [ 175.910715][ T5202] Bluetooth: hci1: hardware error 0x00 [ 176.110193][ T1094] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 176.305208][ T1094] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 176.430090][ T1094] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 176.500853][ T65] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 176.507781][ T65] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 176.521212][ T65] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 176.539143][ T1094] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 176.544181][ T65] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 176.553192][ T65] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 176.556523][ T65] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 176.745421][ T1094] bridge_slave_1: left allmulticast mode [ 176.747883][ T1094] bridge_slave_1: left promiscuous mode [ 176.750451][ T1094] bridge0: port 2(bridge_slave_1) entered disabled state [ 176.761316][ T1094] bridge_slave_0: left allmulticast mode [ 176.764894][ T1094] bridge_slave_0: left promiscuous mode [ 176.767984][ T1094] bridge0: port 1(bridge_slave_0) entered disabled state [ 177.267260][ T1094] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 177.276546][ T1094] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 177.283872][ T1094] bond0 (unregistering): Released all slaves [ 177.418796][ T9247] chnl_net:caif_netlink_parms(): no params data found [ 177.681477][ T9247] bridge0: port 1(bridge_slave_0) entered blocking state [ 177.686087][ T9247] bridge0: port 1(bridge_slave_0) entered disabled state [ 177.689426][ T9247] bridge_slave_0: entered allmulticast mode [ 177.695078][ T9247] bridge_slave_0: entered promiscuous mode [ 177.708940][ T9247] bridge0: port 2(bridge_slave_1) entered blocking state [ 177.713012][ T9247] bridge0: port 2(bridge_slave_1) entered disabled state [ 177.732412][ T9247] bridge_slave_1: entered allmulticast mode [ 177.737074][ T9247] bridge_slave_1: entered promiscuous mode [ 177.778865][ T1094] hsr_slave_0: left promiscuous mode [ 177.784312][ T1094] hsr_slave_1: left promiscuous mode [ 177.790304][ T1094] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 177.794382][ T1094] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 177.798386][ T1094] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 177.801681][ T1094] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 177.846101][ T1094] veth1_macvtap: left promiscuous mode [ 177.848717][ T1094] veth0_macvtap: left promiscuous mode [ 177.851550][ T1094] veth1_vlan: left promiscuous mode [ 177.855390][ T1094] veth0_vlan: left promiscuous mode [ 177.967252][ T5202] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 177.977241][ T9265] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1541'. [ 178.003106][ T9265] netlink: 341 bytes leftover after parsing attributes in process `syz.3.1541'. [ 178.025944][ T9268] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1540'. [ 178.026519][ T9265] netlink: 341 bytes leftover after parsing attributes in process `syz.3.1541'. [ 178.620961][ T5202] Bluetooth: hci0: command tx timeout [ 179.327772][ T1094] team0 (unregistering): Port device team_slave_1 removed [ 179.493475][ T1094] team0 (unregistering): Port device team_slave_0 removed [ 180.376652][ T9268] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1540'. [ 180.426952][ T9247] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 180.434083][ T9247] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 180.537925][ T9247] team0: Port device team_slave_0 added [ 180.547145][ T9247] team0: Port device team_slave_1 added [ 180.633847][ T9247] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 180.638101][ T9247] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 180.650739][ T9247] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 180.682070][ T5202] Bluetooth: hci0: command tx timeout [ 180.682143][ T9247] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 180.687167][ T9247] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 180.723036][ T9247] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 180.836972][ T9247] hsr_slave_0: entered promiscuous mode [ 180.846917][ T9247] hsr_slave_1: entered promiscuous mode [ 180.851660][ T9247] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 180.878271][ T9247] Cannot create hsr debugfs directory [ 181.143909][ T1094] IPVS: stop unused estimator thread 0... [ 181.370296][ T1094] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 181.489321][ T1094] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 181.683735][ T1094] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 181.690053][ T5205] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 181.703909][ T5205] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 181.710570][ T5205] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 181.717429][ T5205] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 181.721044][ T5205] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 181.729666][ T5205] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 181.829883][ T1094] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 181.934246][ T9247] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 181.943755][ T9247] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 181.971684][ T9247] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 181.990015][ T9247] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 182.197410][ T1094] bridge_slave_1: left allmulticast mode [ 182.199714][ T1094] bridge_slave_1: left promiscuous mode [ 182.204639][ T1094] bridge0: port 2(bridge_slave_1) entered disabled state [ 182.209725][ T1094] bridge_slave_0: left allmulticast mode [ 182.213792][ T1094] bridge_slave_0: left promiscuous mode [ 182.216498][ T1094] bridge0: port 1(bridge_slave_0) entered disabled state [ 182.762044][ T5205] Bluetooth: hci0: command tx timeout [ 182.795876][ T1094] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 182.815399][ T1094] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 182.831115][ T1094] bond0 (unregistering): Released all slaves [ 182.895905][ T9321] chnl_net:caif_netlink_parms(): no params data found [ 183.135776][ T9321] bridge0: port 1(bridge_slave_0) entered blocking state [ 183.141217][ T9321] bridge0: port 1(bridge_slave_0) entered disabled state [ 183.169233][ T9321] bridge_slave_0: entered allmulticast mode [ 183.173468][ T9321] bridge_slave_0: entered promiscuous mode [ 183.179049][ T9321] bridge0: port 2(bridge_slave_1) entered blocking state [ 183.184091][ T9321] bridge0: port 2(bridge_slave_1) entered disabled state [ 183.187495][ T9321] bridge_slave_1: entered allmulticast mode [ 183.191559][ T9321] bridge_slave_1: entered promiscuous mode [ 183.325279][ T9321] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 183.335568][ T9321] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 183.370559][ T9402] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1577'. [ 183.382390][ T9402] netlink: 341 bytes leftover after parsing attributes in process `syz.2.1577'. [ 183.391924][ T9402] netlink: 341 bytes leftover after parsing attributes in process `syz.2.1577'. [ 183.427236][ T9321] team0: Port device team_slave_0 added [ 183.442661][ T1094] hsr_slave_0: left promiscuous mode [ 183.458890][ T1094] hsr_slave_1: left promiscuous mode [ 183.465193][ T1094] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 183.468643][ T1094] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 183.477008][ T1094] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 183.482423][ T1094] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 183.533117][ T1094] veth1_macvtap: left promiscuous mode [ 183.535438][ T1094] veth0_macvtap: left promiscuous mode [ 183.537726][ T1094] veth1_vlan: left promiscuous mode [ 183.540130][ T1094] veth0_vlan: left promiscuous mode [ 183.812416][ T5205] Bluetooth: hci3: command tx timeout [ 184.853094][ T5205] Bluetooth: hci0: command tx timeout [ 185.037218][ T1094] team0 (unregistering): Port device team_slave_1 removed [ 185.197547][ T1094] team0 (unregistering): Port device team_slave_0 removed [ 185.572518][ T9421] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1584'. [ 185.594969][ T9421] netlink: 341 bytes leftover after parsing attributes in process `syz.2.1584'. [ 185.599014][ T9421] netlink: 341 bytes leftover after parsing attributes in process `syz.2.1584'. [ 185.892189][ T5205] Bluetooth: hci3: command tx timeout [ 186.414188][ T9321] team0: Port device team_slave_1 added [ 186.490390][ T9247] 8021q: adding VLAN 0 to HW filter on device bond0 [ 186.565375][ T9321] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 186.568695][ T9321] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 186.585983][ T9321] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 186.618122][ T9321] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 186.621505][ T9321] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 186.634498][ T9321] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 186.644550][ T9247] 8021q: adding VLAN 0 to HW filter on device team0 [ 186.713909][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 186.717647][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 186.725023][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 186.728511][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 186.789186][ T9321] hsr_slave_0: entered promiscuous mode [ 186.804300][ T9321] hsr_slave_1: entered promiscuous mode [ 187.024382][ T9442] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1591'. [ 187.036726][ T9442] netlink: 341 bytes leftover after parsing attributes in process `syz.3.1591'. [ 187.040746][ T9442] netlink: 341 bytes leftover after parsing attributes in process `syz.3.1591'. [ 187.377256][ T9247] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 187.604019][ T9247] veth0_vlan: entered promiscuous mode [ 187.627527][ T9247] veth1_vlan: entered promiscuous mode [ 187.669015][ T9247] veth0_macvtap: entered promiscuous mode [ 187.680889][ T9247] veth1_macvtap: entered promiscuous mode [ 187.739767][ T9247] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 187.752039][ T9247] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 187.756897][ T9247] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 187.761308][ T9247] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 187.767478][ T9247] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 187.777281][ T9497] veth0_to_hsr: entered promiscuous mode [ 187.807535][ T9247] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 187.812171][ T9247] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 187.816372][ T9247] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 187.820473][ T9247] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 187.828268][ T9247] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 187.838085][ T9321] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 187.857793][ T9321] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 187.895976][ T9247] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.899728][ T9247] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.904249][ T9247] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.907979][ T9247] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.934306][ T9321] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 187.951064][ T9321] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 187.962041][ T5205] Bluetooth: hci3: command tx timeout [ 187.991243][ T9496] veth0_to_hsr: left promiscuous mode [ 188.122535][ T1091] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 188.126320][ T1091] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 188.169461][ T1091] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 188.177700][ T1091] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 188.249412][ T9321] 8021q: adding VLAN 0 to HW filter on device bond0 [ 188.281641][ T9321] 8021q: adding VLAN 0 to HW filter on device team0 [ 188.305698][ T63] bridge0: port 1(bridge_slave_0) entered blocking state [ 188.309569][ T63] bridge0: port 1(bridge_slave_0) entered forwarding state [ 188.326997][ T63] bridge0: port 2(bridge_slave_1) entered blocking state [ 188.330308][ T63] bridge0: port 2(bridge_slave_1) entered forwarding state [ 188.388615][ T9321] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 188.626917][ T9321] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 188.638321][ T9549] veth0_to_hsr: entered promiscuous mode [ 188.734145][ T9321] veth0_vlan: entered promiscuous mode [ 188.750608][ T9321] veth1_vlan: entered promiscuous mode [ 188.809694][ T9547] veth0_to_hsr: left promiscuous mode [ 188.816260][ T9321] veth0_macvtap: entered promiscuous mode [ 188.828596][ T9321] veth1_macvtap: entered promiscuous mode [ 188.854224][ T9321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 188.859750][ T9321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 188.867154][ T9321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 188.871758][ T9321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 188.876604][ T9321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 188.883679][ T9321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 188.891018][ T9321] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 188.914948][ T9321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 188.919795][ T9321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 188.926952][ T9321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 188.932350][ T9321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 188.936863][ T9321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 188.941575][ T9321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 188.949306][ T9321] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 188.960098][ T9321] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 188.963829][ T9321] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 188.967548][ T9321] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 188.971239][ T9321] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 189.082441][ T76] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 189.089910][ T76] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 189.124359][ T1091] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 189.128133][ T1091] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 189.616153][ T9600] netlink: 168 bytes leftover after parsing attributes in process `syz.1.1640'. [ 189.826402][ T39] audit: type=1804 audit(1719906801.201:56): pid=9621 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1650" name="/syzkaller.wDFZ0l/392/file0" dev="sda1" ino=1969 res=1 errno=0 [ 189.942023][ T827] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 190.051993][ T5205] Bluetooth: hci3: command tx timeout [ 190.140218][ T5202] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 190.148809][ T5202] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 190.153535][ T827] usb 5-1: Using ep0 maxpacket: 8 [ 190.158369][ T5202] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 190.166734][ T5202] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 190.171682][ T5202] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 190.177756][ T5202] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 190.181057][ T827] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 190.187254][ T827] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 190.191693][ T827] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 190.211468][ T827] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 190.225493][ T827] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 190.229345][ T827] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 190.408158][ T9631] chnl_net:caif_netlink_parms(): no params data found [ 190.457235][ T827] usb 5-1: GET_CAPABILITIES returned 0 [ 190.459799][ T827] usbtmc 5-1:16.0: can't read capabilities [ 190.500566][ T98] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 190.516731][ T98] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 190.660536][ T9604] usbtmc 5-1:16.0: send_request_dev_dep_msg_in returned -90 [ 190.675259][ T98] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 190.676731][ T5278] usb 5-1: USB disconnect, device number 15 [ 190.690121][ T98] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 190.884485][ T98] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 190.889173][ T98] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 190.960640][ T9631] bridge0: port 1(bridge_slave_0) entered blocking state [ 190.964285][ T9631] bridge0: port 1(bridge_slave_0) entered disabled state [ 190.967459][ T9631] bridge_slave_0: entered allmulticast mode [ 190.981163][ T9631] bridge_slave_0: entered promiscuous mode [ 191.020936][ T98] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 191.025738][ T98] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 191.039578][ T9631] bridge0: port 2(bridge_slave_1) entered blocking state [ 191.044416][ T9631] bridge0: port 2(bridge_slave_1) entered disabled state [ 191.051135][ T9631] bridge_slave_1: entered allmulticast mode [ 191.059285][ T9631] bridge_slave_1: entered promiscuous mode [ 191.204950][ T9661] cgroup: No subsys list or none specified [ 191.207702][ T9631] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 191.245748][ T9631] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 191.338688][ T9666] netlink: 'syz.3.1666': attribute type 3 has an invalid length. [ 191.393203][ T9631] team0: Port device team_slave_0 added [ 191.404825][ T9631] team0: Port device team_slave_1 added [ 191.532708][ T9631] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 191.536027][ T9631] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 191.555734][ T9631] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 191.573686][ T9631] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 191.576616][ T9631] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 191.592085][ T9631] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 191.630700][ T98] gretap0: left allmulticast mode [ 191.672135][ T98] gretap0: left promiscuous mode [ 191.674580][ T98] bridge0: port 3(gretap0) entered disabled state [ 191.692820][ T98] bridge_slave_1: left allmulticast mode [ 191.695259][ T98] bridge_slave_1: left promiscuous mode [ 191.699448][ T98] bridge0: port 2(bridge_slave_1) entered disabled state [ 191.706935][ T98] bridge_slave_0: left allmulticast mode [ 191.712111][ T98] bridge_slave_0: left promiscuous mode [ 191.722200][ T98] bridge0: port 1(bridge_slave_0) entered disabled state [ 191.851379][ T9673] ALSA: mixer_oss: invalid OSS volume '' [ 191.854599][ T9673] ALSA: mixer_oss: invalid OSS volume '' [ 191.857293][ T9673] ALSA: mixer_oss: invalid OSS volume 'L' [ 192.292108][ T5205] Bluetooth: hci2: command tx timeout [ 192.295805][ T98] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 192.305873][ T98] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 192.315908][ T98] bond0 (unregistering): Released all slaves [ 192.584748][ T9631] hsr_slave_0: entered promiscuous mode [ 192.590028][ T9631] hsr_slave_1: entered promiscuous mode [ 192.598769][ T9631] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 192.603767][ T9631] Cannot create hsr debugfs directory [ 192.606265][ T98] tipc: Disabling bearer [ 192.609474][ T98] tipc: Left network mode [ 192.988873][ T98] hsr_slave_0: left promiscuous mode [ 192.993270][ T98] hsr_slave_1: left promiscuous mode [ 192.997048][ T98] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 193.000431][ T98] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 193.011464][ T98] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 193.014266][ T98] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 193.066550][ T98] veth1_macvtap: left promiscuous mode [ 193.069395][ T98] veth0_macvtap: left promiscuous mode [ 193.072266][ T98] veth1_vlan: left promiscuous mode [ 193.074929][ T98] veth0_vlan: left promiscuous mode [ 193.499978][ T9713] netlink: 'syz.3.1677': attribute type 1 has an invalid length. [ 193.503430][ T9713] netlink: 9352 bytes leftover after parsing attributes in process `syz.3.1677'. [ 193.507029][ T9713] netlink: 'syz.3.1677': attribute type 1 has an invalid length. [ 193.519866][ T9713] netlink: 'syz.3.1677': attribute type 2 has an invalid length. [ 193.972251][ T9726] netlink: 'syz.3.1681': attribute type 29 has an invalid length. [ 193.976321][ T9726] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1681'. [ 194.297622][ T98] team0 (unregistering): Port device team_slave_1 removed [ 194.363634][ T5205] Bluetooth: hci2: command tx timeout [ 194.405445][ T98] team0 (unregistering): Port device team_slave_0 removed [ 195.221273][ T9726] netlink: 'syz.3.1681': attribute type 29 has an invalid length. [ 195.224953][ T9726] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1681'. [ 195.228922][ T9728] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1682'. [ 195.242613][ T9728] netlink: 'syz.0.1682': attribute type 3 has an invalid length. [ 195.304417][ T9735] netlink: 'syz.0.1685': attribute type 1 has an invalid length. [ 195.307854][ T9735] netlink: 9352 bytes leftover after parsing attributes in process `syz.0.1685'. [ 195.312787][ T9735] netlink: 'syz.0.1685': attribute type 1 has an invalid length. [ 195.315504][ T9735] netlink: 'syz.0.1685': attribute type 2 has an invalid length. [ 195.543733][ T9748] sctp: [Deprecated]: syz.0.1687 (pid 9748) Use of int in maxseg socket option. [ 195.543733][ T9748] Use struct sctp_assoc_value instead [ 195.715786][ T55] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 195.728334][ T9631] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 195.743208][ T9631] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 195.755458][ T9631] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 195.763276][ T9631] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 195.841971][ T5278] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 195.914229][ T9631] 8021q: adding VLAN 0 to HW filter on device bond0 [ 195.921901][ T55] usb 8-1: Using ep0 maxpacket: 32 [ 195.934881][ T9631] 8021q: adding VLAN 0 to HW filter on device team0 [ 195.940065][ T55] usb 8-1: New USB device found, idVendor=0424, idProduct=9909, bcdDevice= 1.89 [ 195.944068][ T55] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 195.944328][ T5246] bridge0: port 1(bridge_slave_0) entered blocking state [ 195.947551][ T55] usb 8-1: Product: syz [ 195.950718][ T5246] bridge0: port 1(bridge_slave_0) entered forwarding state [ 195.959080][ T55] usb 8-1: Manufacturer: syz [ 195.961588][ T55] usb 8-1: SerialNumber: syz [ 195.967426][ T55] usb 8-1: config 0 descriptor?? [ 195.971753][ T55] smsc95xx v2.0.0 [ 195.976295][ T55] smsc95xx 8-1:0.0 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22 [ 195.978952][ T827] bridge0: port 2(bridge_slave_1) entered blocking state [ 195.980687][ T55] smsc95xx 8-1:0.0: probe with driver smsc95xx failed with error -22 [ 195.983707][ T827] bridge0: port 2(bridge_slave_1) entered forwarding state [ 196.014831][ T9767] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 196.044564][ T5278] usb 5-1: config 0 has an invalid interface number: 230 but max is 0 [ 196.047721][ T5278] usb 5-1: config 0 has an invalid interface number: 48 but max is 0 [ 196.051267][ T5278] usb 5-1: config 0 contains an unexpected descriptor of type 0x1, skipping [ 196.055373][ T5278] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 196.060471][ T5278] usb 5-1: config 0 has 2 interfaces, different from the descriptor's value: 1 [ 196.065105][ T5278] usb 5-1: config 0 has no interface number 0 [ 196.073252][ T5278] usb 5-1: config 0 has no interface number 1 [ 196.078430][ T5278] usb 5-1: config 0 interface 230 altsetting 0 endpoint 0x4 has invalid maxpacket 1023, setting to 64 [ 196.080128][ T9631] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 196.084240][ T5278] usb 5-1: config 0 interface 230 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 14 [ 196.094078][ T5278] usb 5-1: too many endpoints for config 0 interface 48 altsetting 31: 64, using maximum allowed: 30 [ 196.098642][ T5278] usb 5-1: config 0 interface 48 altsetting 31 bulk endpoint 0xB has invalid maxpacket 1024 [ 196.103322][ T5278] usb 5-1: config 0 interface 48 altsetting 31 has a duplicate endpoint with address 0x4, skipping [ 196.110071][ T5278] usb 5-1: config 0 interface 48 altsetting 31 has an invalid descriptor for endpoint zero, skipping [ 196.117381][ T9773] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1692'. [ 196.121460][ T5278] usb 5-1: config 0 interface 48 altsetting 31 has a duplicate endpoint with address 0x6, skipping [ 196.126940][ T5278] usb 5-1: config 0 interface 48 altsetting 31 has 8 endpoint descriptors, different from the interface descriptor's value: 64 [ 196.133035][ T9773] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1692'. [ 196.137122][ T5278] usb 5-1: config 0 interface 48 has no altsetting 0 [ 196.143090][ T5278] usb 5-1: New USB device found, idVendor=0c52, idProduct=2832, bcdDevice=fb.70 [ 196.147181][ T5278] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 196.150667][ T5278] usb 5-1: Product: syz [ 196.162089][ T5278] usb 5-1: Manufacturer: syz [ 196.164309][ T5278] usb 5-1: SerialNumber: syz [ 196.168001][ T5278] usb 5-1: config 0 descriptor?? [ 196.172144][ T5278] ftdi_sio 5-1:0.230: FTDI USB Serial Device converter detected [ 196.177148][ T5278] ftdi_sio ttyUSB0: unknown device type: 0xfb70 [ 196.183639][ T55] usb 8-1: USB disconnect, device number 5 [ 196.249711][ T9782] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1693'. [ 196.301538][ T9631] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 196.364105][ T9631] veth0_vlan: entered promiscuous mode [ 196.380727][ T9631] veth1_vlan: entered promiscuous mode [ 196.416771][ T9631] veth0_macvtap: entered promiscuous mode [ 196.427226][ T9631] veth1_macvtap: entered promiscuous mode [ 196.452125][ T5205] Bluetooth: hci2: command tx timeout [ 196.458743][ T9631] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 196.472466][ T9631] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 196.476878][ T9631] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 196.481509][ T9631] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 196.498269][ T9631] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 196.500288][ T5278] ftdi_sio 5-1:0.48: FTDI USB Serial Device converter detected [ 196.504217][ T9631] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 196.507456][ T5278] ftdi_sio ttyUSB1: unknown device type: 0xfb70 [ 196.514925][ T9631] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 196.528069][ T9631] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 196.530131][ T5278] usb 5-1: USB disconnect, device number 16 [ 196.532945][ T9631] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 196.538896][ T5278] ftdi_sio 5-1:0.230: device disconnected [ 196.539029][ T9631] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 196.545074][ T5278] ftdi_sio 5-1:0.48: device disconnected [ 196.549905][ T9631] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 196.555146][ T9631] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 196.563705][ T9631] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 196.570837][ T9631] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 196.580251][ T9631] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 196.585331][ T9631] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 196.588748][ T9631] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 196.593841][ T9631] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 196.841750][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 196.845837][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 196.872855][ T1091] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 196.876218][ T1091] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 197.443857][ T9843] overlayfs: workdir and upperdir must reside under the same mount [ 197.777461][ T9859] syzkaller0: entered promiscuous mode [ 197.779859][ T9859] syzkaller0: entered allmulticast mode [ 198.528786][ T5205] Bluetooth: hci2: command tx timeout [ 199.579922][ T1353] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.583022][ T1353] ieee802154 phy1 wpan1: encryption failed: -22 [ 200.108489][ T9873] syzkaller0: entered promiscuous mode [ 200.110853][ T9873] syzkaller0: entered allmulticast mode [ 200.146499][ T9892] IPv6: NLM_F_CREATE should be specified when creating new route [ 200.237156][ T9896] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1732'. [ 200.410485][ T9910] overlayfs: workdir and upperdir must reside under the same mount [ 200.436959][ T9912] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1739'. [ 200.490388][ C3] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 200.626192][ T9922] syzkaller0: entered promiscuous mode [ 200.629343][ T9922] syzkaller0: entered allmulticast mode [ 200.803890][ T9930] ALSA: mixer_oss: invalid OSS volume '' [ 200.807874][ T9930] ALSA: mixer_oss: invalid OSS volume '' [ 200.810609][ T9930] ALSA: mixer_oss: invalid OSS volume 'L' [ 201.252334][ T39] audit: type=1326 audit(1719906812.621:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9945 comm="syz.0.1752" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000 [ 201.262568][ T39] audit: type=1326 audit(1719906812.621:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9945 comm="syz.0.1752" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000 [ 201.271931][ T39] audit: type=1326 audit(1719906812.621:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9945 comm="syz.0.1752" exe="/syz-executor" sig=0 arch=40000003 syscall=27 compat=1 ip=0xf73fd579 code=0x7ffc0000 [ 201.282860][ T39] audit: type=1326 audit(1719906812.621:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9945 comm="syz.0.1752" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000 [ 201.690773][ T9962] syz.0.1758[9962] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 201.690932][ T9962] syz.0.1758[9962] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 201.710756][ T9962] : renamed from vlan0 (while UP) [ 201.779196][ T40] Bluetooth: hci4: Frame reassembly failed (-84) [ 202.977068][T10021] vivid-000: disconnect [ 202.987697][T10021] vivid-000: reconnect [ 203.345211][T10044] validate_nla: 3 callbacks suppressed [ 203.345227][T10044] netlink: 'syz.0.1788': attribute type 1 has an invalid length. [ 203.351233][T10044] netlink: 240 bytes leftover after parsing attributes in process `syz.0.1788'. [ 203.442757][T10053] vivid-000: disconnect [ 203.446247][T10053] vivid-000: reconnect [ 203.581082][T10058] syzkaller0: entered promiscuous mode [ 203.585217][T10058] syzkaller0: entered allmulticast mode [ 203.713085][ T39] audit: type=1326 audit(1719906815.081:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10061 comm="syz.0.1795" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000 [ 203.739987][ T39] audit: type=1326 audit(1719906815.081:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10061 comm="syz.0.1795" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000 [ 203.754590][ T39] audit: type=1326 audit(1719906815.111:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10061 comm="syz.0.1795" exe="/syz-executor" sig=0 arch=40000003 syscall=27 compat=1 ip=0xf73fd579 code=0x7ffc0000 [ 203.773908][ T39] audit: type=1326 audit(1719906815.111:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10061 comm="syz.0.1795" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000 [ 203.797926][ T39] audit: type=1326 audit(1719906815.111:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10061 comm="syz.0.1795" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000 [ 203.808456][ T5205] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 203.815349][ T5202] Bluetooth: hci4: command 0x1003 tx timeout [ 205.291223][T10085] netlink: 'syz.0.1803': attribute type 1 has an invalid length. [ 205.295374][T10085] netlink: 240 bytes leftover after parsing attributes in process `syz.0.1803'. [ 206.113833][ T98] Bluetooth: hci4: Frame reassembly failed (-84) [ 206.529968][T10129] Bluetooth: MGMT ver 1.22 [ 207.357454][ T39] audit: type=1800 audit(1719906818.731:66): pid=10171 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1833" name="file0" dev="sda1" ino=1980 res=0 errno=0 [ 207.932535][T10199] netlink: 'syz.1.1843': attribute type 29 has an invalid length. [ 207.936691][T10199] netlink: 'syz.1.1843': attribute type 29 has an invalid length. [ 207.943762][T10199] netlink: 'syz.1.1843': attribute type 29 has an invalid length. [ 207.948355][T10199] netlink: 'syz.1.1843': attribute type 29 has an invalid length. [ 207.954195][T10199] netlink: 'syz.1.1843': attribute type 29 has an invalid length. [ 207.958635][T10199] netlink: 'syz.1.1843': attribute type 29 has an invalid length. [ 207.964773][T10199] netlink: 'syz.1.1843': attribute type 29 has an invalid length. [ 208.109743][T10207] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1847'. [ 208.122279][ T5202] Bluetooth: hci4: command 0x1003 tx timeout [ 208.122325][ T5205] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 208.347175][T10225] netlink: 'syz.1.1852': attribute type 1 has an invalid length. [ 208.350653][T10225] netlink: 240 bytes leftover after parsing attributes in process `syz.1.1852'. [ 208.531395][ T39] audit: type=1800 audit(1719906819.901:67): pid=10239 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1856" name="/" dev="fuse" ino=1 res=0 errno=0 [ 209.082530][T10251] syzkaller0: entered allmulticast mode [ 209.531960][ T39] audit: type=1326 audit(1719906820.901:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10260 comm="syz.1.1869" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf743d579 code=0x0 [ 209.795026][ T5245] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 210.013851][ T5245] usb 8-1: Using ep0 maxpacket: 32 [ 210.029581][ T5245] usb 8-1: New USB device found, idVendor=0424, idProduct=9909, bcdDevice= 1.89 [ 210.034561][ T5245] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 210.039055][ T5245] usb 8-1: Product: syz [ 210.042021][ T5245] usb 8-1: Manufacturer: syz [ 210.044740][ T5245] usb 8-1: SerialNumber: syz [ 210.056460][ T5245] usb 8-1: config 0 descriptor?? [ 210.066645][ T5245] smsc95xx v2.0.0 [ 210.068623][ T5245] smsc95xx 8-1:0.0 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22 [ 210.074588][ T5245] smsc95xx 8-1:0.0: probe with driver smsc95xx failed with error -22 [ 211.883380][ T9804] usb 8-1: USB disconnect, device number 6 [ 211.999246][T10293] kernel read not supported for file /file0 (pid: 10293 comm: syz.2.1879) [ 212.014495][ T39] audit: type=1800 audit(1719906823.371:69): pid=10293 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1879" name="file0" dev="mqueue" ino=35855 res=0 errno=0 [ 212.092819][ T5251] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 212.180095][T10304] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1884'. [ 212.209213][T10304] bridge_slave_1: left allmulticast mode [ 212.211786][T10304] bridge_slave_1: left promiscuous mode [ 212.215147][T10304] bridge0: port 2(bridge_slave_1) entered disabled state [ 212.222713][T10304] bridge1: port 1(bridge_slave_1) entered blocking state [ 212.226054][T10304] bridge1: port 1(bridge_slave_1) entered disabled state [ 212.229248][T10304] bridge_slave_1: entered allmulticast mode [ 212.234286][T10304] bridge_slave_1: entered promiscuous mode [ 212.284988][ T5251] usb 5-1: Using ep0 maxpacket: 32 [ 212.294885][ T5251] usb 5-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed [ 212.299705][ T5251] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 212.303955][ T5251] usb 5-1: Product: syz [ 212.305941][ T5251] usb 5-1: Manufacturer: syz [ 212.307927][ T5251] usb 5-1: SerialNumber: syz [ 212.319512][ T5251] usb 5-1: config 0 descriptor?? [ 212.430381][ T39] audit: type=1326 audit(1719906823.801:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10310 comm="syz.1.1888" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf743d579 code=0x0 [ 213.164770][ T5251] rtl8150 5-1:0.0: couldn't reset the device [ 213.167238][ T5251] rtl8150 5-1:0.0: probe with driver rtl8150 failed with error -5 [ 213.182264][ T5251] usb 5-1: USB disconnect, device number 17 [ 213.408191][T10336] kvm: kvm [10335]: vcpu0, guest rIP: 0x1a3 Unhandled WRMSR(0x11e) = 0xbe70a111 [ 213.735235][ T39] audit: type=1326 audit(1719906825.111:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10359 comm="syz.1.1907" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf743d579 code=0x0 [ 213.754142][T10367] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1910'. [ 213.766773][T10370] program syz.2.1911 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 213.800405][T10367] bridge_slave_1: left allmulticast mode [ 213.804736][T10367] bridge_slave_1: left promiscuous mode [ 213.808481][T10367] bridge0: port 2(bridge_slave_1) entered disabled state [ 213.831606][T10367] bridge1: port 1(bridge_slave_1) entered blocking state [ 213.836476][T10367] bridge1: port 1(bridge_slave_1) entered disabled state [ 213.840403][T10367] bridge_slave_1: entered allmulticast mode [ 213.845696][T10367] bridge_slave_1: entered promiscuous mode [ 214.340965][T10397] binder: BC_ACQUIRE_RESULT not supported [ 214.344680][T10397] binder: 10396:10397 ioctl c0306201 20000100 returned -22 [ 214.425558][T10400] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1922'. [ 214.472319][T10400] bridge_slave_1: left allmulticast mode [ 214.474927][T10400] bridge_slave_1: left promiscuous mode [ 214.477895][T10400] bridge0: port 2(bridge_slave_1) entered disabled state [ 214.487335][T10400] bridge1: port 1(bridge_slave_1) entered blocking state [ 214.491476][T10400] bridge1: port 1(bridge_slave_1) entered disabled state [ 214.494597][T10400] bridge_slave_1: entered allmulticast mode [ 214.498185][T10400] bridge_slave_1: entered promiscuous mode [ 214.818386][T10420] binder: BC_ACQUIRE_RESULT not supported [ 214.821229][T10420] binder: 10418:10420 ioctl c0306201 20000100 returned -22 [ 214.875371][T10423] fscrypt: key with description 'fscrypt:e8dab99234bb312e' is too short (got 17 bytes, need 32+ bytes) [ 215.631030][T10454] binder: BC_ACQUIRE_RESULT not supported [ 215.633686][T10454] binder: 10453:10454 ioctl c0306201 20000100 returned -22 [ 216.140318][T10469] ALSA: mixer_oss: invalid OSS volume '' [ 216.143076][T10469] ALSA: mixer_oss: invalid OSS volume '' [ 216.145432][T10469] ALSA: mixer_oss: invalid OSS volume 'L' [ 216.554515][ T5245] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 216.762309][ T5245] usb 5-1: Using ep0 maxpacket: 32 [ 216.769926][ T5245] usb 5-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed [ 216.775722][ T5245] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 216.779046][ T5245] usb 5-1: Product: syz [ 216.780852][ T5245] usb 5-1: Manufacturer: syz [ 216.784372][ T5245] usb 5-1: SerialNumber: syz [ 216.794292][ T5245] usb 5-1: config 0 descriptor?? [ 216.947773][T10486] syz.2.1953 (10486) used greatest stack depth: 19696 bytes left [ 217.057135][T10488] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 217.194584][T10502] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1961'. [ 217.227089][T10502] bridge_slave_1: left allmulticast mode [ 217.229664][T10502] bridge_slave_1: left promiscuous mode [ 217.232614][T10502] bridge1: port 1(bridge_slave_1) entered disabled state [ 217.240591][T10502] bridge2: port 1(bridge_slave_1) entered blocking state [ 217.245202][T10502] bridge2: port 1(bridge_slave_1) entered disabled state [ 217.248069][T10502] bridge_slave_1: entered allmulticast mode [ 217.252147][T10502] bridge_slave_1: entered promiscuous mode [ 217.501910][ T5251] usb 8-1: new high-speed USB device number 7 using dummy_hcd [ 217.582968][T10521] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 217.629127][ T5245] rtl8150 5-1:0.0: couldn't reset the device [ 217.631690][ T5245] rtl8150 5-1:0.0: probe with driver rtl8150 failed with error -5 [ 217.639291][ T5245] usb 5-1: USB disconnect, device number 18 [ 217.688444][ T5251] usb 8-1: New USB device found, idVendor=05ac, idProduct=0290, bcdDevice=dc.1b [ 217.693358][ T5251] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 217.698872][ T5251] usb 8-1: config 0 descriptor?? [ 217.714189][T10531] netlink: 'syz.0.1975': attribute type 1 has an invalid length. [ 217.715414][ T5251] input: bcm5974 as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/input/input15 [ 217.717672][T10531] netlink: 'syz.0.1975': attribute type 2 has an invalid length. [ 217.808150][T10535] trusted_key: syz.1.1977 sent an empty control message without MSG_MORE. [ 217.933869][ T827] usb 8-1: USB disconnect, device number 7 [ 218.135991][T10552] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1982'. [ 218.368136][T10563] netlink: 277 bytes leftover after parsing attributes in process `syz.2.1987'. [ 218.372497][T10563] netlink: 277 bytes leftover after parsing attributes in process `syz.2.1987'. [ 218.380752][T10563] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1987'. [ 218.555055][T10574] binder: 10573:10574 ioctl c00c6211 0 returned -14 [ 218.791921][ T5241] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 218.982024][ T5241] usb 6-1: Using ep0 maxpacket: 8 [ 218.983395][T10590] netlink: 277 bytes leftover after parsing attributes in process `syz.0.1997'. [ 218.994082][T10590] netlink: 277 bytes leftover after parsing attributes in process `syz.0.1997'. [ 218.995960][ T5241] usb 6-1: config 0 has an invalid interface number: 1 but max is 0 [ 219.001313][ T5241] usb 6-1: config 0 has no interface number 0 [ 219.006632][ T5241] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0xFE has an invalid bInterval 0, changing to 7 [ 219.010767][ T5241] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 219.015276][T10590] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1997'. [ 219.020476][ T5241] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 219.027812][ T5241] usb 6-1: config 0 descriptor?? [ 219.035021][ T5241] iowarrior 6-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 219.200240][T10602] netlink: 'syz.0.2002': attribute type 1 has an invalid length. [ 219.204057][T10602] netlink: 'syz.0.2002': attribute type 2 has an invalid length. [ 219.263138][ T5241] usb 6-1: USB disconnect, device number 7 [ 219.263198][ C1] iowarrior 6-1:0.1: iowarrior_callback - usb_submit_urb failed with result -19 [ 219.284552][ T5241] iowarrior 6-1:0.1: I/O-Warror #0 now disconnected [ 219.304259][T10604] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2003'. [ 219.565032][ T5246] usb 7-1: new high-speed USB device number 8 using dummy_hcd [ 219.699665][T10635] ALSA: mixer_oss: invalid OSS volume '' [ 219.702337][T10635] ALSA: mixer_oss: invalid OSS volume '' [ 219.705109][T10635] ALSA: mixer_oss: invalid OSS volume 'L' [ 219.792288][ T5246] usb 7-1: Using ep0 maxpacket: 8 [ 219.796782][ T5246] usb 7-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 219.800899][ T5246] usb 7-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 219.805685][ T5246] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 219.814629][ T5246] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 219.819028][ T5246] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 219.822843][ T5246] usb 7-1: Product: syz [ 219.824702][ T5246] usb 7-1: Manufacturer: syz [ 219.826803][ T5246] usb 7-1: SerialNumber: syz [ 219.838413][T10637] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2015'. [ 220.149369][ T5246] usb 7-1: 0:2 : does not exist [ 220.182928][ T5246] usb 7-1: USB disconnect, device number 8 [ 220.433477][T10054] udevd[10054]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb7/7-1/7-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 220.496552][T10662] netlink: 'syz.0.2025': attribute type 1 has an invalid length. [ 220.500812][T10662] netlink: 'syz.0.2025': attribute type 2 has an invalid length. [ 221.585335][T10704] binder: 10703:10704 ioctl c00c6211 0 returned -14 [ 221.870298][T10715] netlink: 'syz.3.2048': attribute type 1 has an invalid length. [ 222.228108][T10722] serio: Serial port pts0 [ 222.492687][T10738] __nla_validate_parse: 1 callbacks suppressed [ 222.492703][T10738] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2054'. [ 223.195439][T10752] misc userio: Can't change port type on an already running userio instance [ 223.242874][ T63] usb 8-1: new high-speed USB device number 8 using dummy_hcd [ 223.451932][ T63] usb 8-1: Using ep0 maxpacket: 32 [ 223.457259][ T63] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 223.465177][ T63] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 223.469546][ T63] usb 8-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 223.487701][ T63] usb 8-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22 [ 223.492202][ T63] usb 8-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131 [ 223.497186][ T63] usb 8-1: Product: syz [ 223.504329][ T63] usb 8-1: Manufacturer: syz [ 223.506737][ T63] usb 8-1: SerialNumber: syz [ 223.515080][T10754] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 223.526064][ T63] input: appletouch as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:1.0/input/input17 [ 223.538324][ C3] appletouch 8-1:1.0: atp_complete: usb_submit_urb failed with result -1 [ 223.642015][ T5205] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 223.646635][ T5205] Bluetooth: hci0: Injecting HCI hardware error event [ 223.652539][ T5205] Bluetooth: hci0: hardware error 0x00 [ 223.861022][ T63] usb 8-1: USB disconnect, device number 8 [ 223.920641][ T63] appletouch 8-1:1.0: input: appletouch disconnected [ 223.961505][T10766] netlink: 'syz.0.2067': attribute type 2 has an invalid length. [ 224.128577][T10771] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(8) [ 224.131701][T10771] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 224.136371][T10771] vhci_hcd vhci_hcd.0: Device attached [ 224.333900][T10781] macsec0: entered promiscuous mode [ 224.465383][ T55] usb 14-1: SetAddress Request (2) to port 0 [ 224.470806][ T55] usb 14-1: new SuperSpeed USB device number 2 using vhci_hcd [ 224.585321][T10775] vhci_hcd: connection reset by peer [ 224.592348][ T40] vhci_hcd: stop threads [ 224.596024][ T40] vhci_hcd: release socket [ 224.600299][ T40] vhci_hcd: disconnect device [ 225.608802][T10815] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2087'. [ 225.722007][ T5205] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 225.783409][T10818] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2086'. [ 226.660821][T10830] netlink: 'syz.0.2090': attribute type 1 has an invalid length. [ 228.455459][T10884] tap0: tun_chr_ioctl cmd 1074025677 [ 228.458124][T10884] tap0: linktype set to 804 [ 229.495113][T10904] misc userio: Can't change port type on an already running userio instance [ 229.569666][ T55] usb 14-1: device descriptor read/8, error -110 [ 229.766104][T10924] netlink: 'syz.1.2125': attribute type 1 has an invalid length. [ 229.769984][T10924] netlink: 101600 bytes leftover after parsing attributes in process `syz.1.2125'. [ 229.776534][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 229.779984][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 229.992800][ T55] usb usb14-port1: attempt power cycle [ 230.295835][T10952] netlink: 'syz.3.2136': attribute type 1 has an invalid length. [ 230.298914][T10952] netlink: 101600 bytes leftover after parsing attributes in process `syz.3.2136'. [ 230.475891][T10957] overlayfs: failed to resolve './file1': -2 [ 230.642981][ T55] usb usb14-port1: unable to enumerate USB device [ 231.162888][T10968] misc userio: Can't change port type on an already running userio instance [ 231.431920][ T39] audit: type=1804 audit(1719906842.801:72): pid=11006 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.2150" name="/syzkaller.BYHpCa/186/bus" dev="sda1" ino=1976 res=1 errno=0 [ 231.577723][T11008] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2149'. [ 232.401683][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 232.407375][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 232.448315][T11035] netlink: 'syz.1.2162': attribute type 1 has an invalid length. [ 232.455386][T11035] netlink: 101600 bytes leftover after parsing attributes in process `syz.1.2162'. [ 232.880988][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 232.886779][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 233.173291][ T39] audit: type=1804 audit(1719906844.551:73): pid=11073 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.2179" name="/syzkaller.TOFbJT/152/bus" dev="sda1" ino=1980 res=1 errno=0 [ 234.442498][T11125] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8) [ 234.445266][T11125] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 234.452003][T11125] vhci_hcd vhci_hcd.0: Device attached [ 234.755660][ T39] audit: type=1804 audit(1719906846.131:74): pid=11136 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.2198" name="/syzkaller.E2p3pq/120/bus" dev="sda1" ino=1978 res=1 errno=0 [ 234.808761][ T5251] usb 20-1: SetAddress Request (2) to port 0 [ 234.811659][ T5251] usb 20-1: new SuperSpeed USB device number 2 using vhci_hcd [ 235.065826][T11152] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2204'. [ 235.179728][T11128] vhci_hcd: connection reset by peer [ 235.188312][ T1091] vhci_hcd: stop threads [ 235.190046][ T1091] vhci_hcd: release socket [ 235.192205][ T1091] vhci_hcd: disconnect device [ 237.962051][ T1940] usb 8-1: new high-speed USB device number 9 using dummy_hcd [ 238.082686][T11202] overlayfs: failed to resolve './file1': -2 [ 238.163591][ T1940] usb 8-1: config index 0 descriptor too short (expected 106, got 36) [ 238.168265][ T1940] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 238.175619][ T1940] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 238.186577][ T1940] usb 8-1: New USB device found, idVendor=1b1c, idProduct=1b3e, bcdDevice= 0.00 [ 238.191063][ T1940] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 238.202691][ T1940] usb 8-1: config 0 descriptor?? [ 238.672350][ T1940] corsair 0003:1B1C:1B3E.000B: unknown main item tag 0x0 [ 238.675883][ T1940] corsair 0003:1B1C:1B3E.000B: unknown main item tag 0x0 [ 238.678810][ T1940] corsair 0003:1B1C:1B3E.000B: unknown main item tag 0x0 [ 238.682428][ T1940] corsair 0003:1B1C:1B3E.000B: unknown main item tag 0x0 [ 238.686439][ T1940] corsair 0003:1B1C:1B3E.000B: unknown main item tag 0x0 [ 238.703149][ T1940] corsair 0003:1B1C:1B3E.000B: failed to start in urb: -90 [ 238.711062][ T1940] corsair 0003:1B1C:1B3E.000B: hidraw1: USB HID v0.00 Device [HID 1b1c:1b3e] on usb-dummy_hcd.3-1/input0 [ 238.968374][ T7895] usb 8-1: USB disconnect, device number 9 [ 239.019541][T11234] overlayfs: failed to resolve './file1': -2 [ 239.884854][ T5251] usb 20-1: device descriptor read/8, error -110 [ 240.333291][ T5251] usb usb20-port1: attempt power cycle [ 240.647521][T11305] misc userio: Can't change port type on an already running userio instance [ 241.016260][ T5251] usb usb20-port1: unable to enumerate USB device [ 241.927463][T11367] netlink: 7 bytes leftover after parsing attributes in process `syz.0.2283'. [ 242.124113][T11379] kernel read not supported for file /+\ (pid: 11379 comm: syz.2.2289) [ 242.127988][ T39] audit: type=1800 audit(1719906853.501:75): pid=11379 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2289" name="+\" dev="mqueue" ino=40256 res=0 errno=0 [ 242.460752][T11394] rtc_cmos 00:05: Alarms can be up to one day in the future [ 242.900809][T11412] kernel read not supported for file /+\ (pid: 11412 comm: syz.1.2301) [ 242.904869][ T39] audit: type=1800 audit(1719906854.271:76): pid=11412 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2301" name="+\" dev="mqueue" ino=38323 res=0 errno=0 [ 242.932932][ T5372] usb 7-1: new high-speed USB device number 9 using dummy_hcd [ 243.115277][ T5372] usb 7-1: config index 0 descriptor too short (expected 106, got 36) [ 243.119415][ T5372] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 243.124645][ T5372] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 243.128494][ T5372] usb 7-1: New USB device found, idVendor=1b1c, idProduct=1b3e, bcdDevice= 0.00 [ 243.132020][ T5372] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 243.136027][ T5372] usb 7-1: config 0 descriptor?? [ 243.239961][T11416] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2302'. [ 243.672245][ T5372] corsair 0003:1B1C:1B3E.000C: unknown main item tag 0x0 [ 243.678872][ T5372] corsair 0003:1B1C:1B3E.000C: unknown main item tag 0x0 [ 243.685463][ T5372] corsair 0003:1B1C:1B3E.000C: unknown main item tag 0x0 [ 243.691692][ T5372] corsair 0003:1B1C:1B3E.000C: unknown main item tag 0x0 [ 243.702284][ T5372] corsair 0003:1B1C:1B3E.000C: unknown main item tag 0x0 [ 243.709188][ T5372] corsair 0003:1B1C:1B3E.000C: failed to start in urb: -90 [ 243.746535][ T5372] corsair 0003:1B1C:1B3E.000C: hidraw1: USB HID v0.00 Device [HID 1b1c:1b3e] on usb-dummy_hcd.2-1/input0 [ 244.026433][ T5372] usb 7-1: USB disconnect, device number 9 [ 244.401695][T11435] netlink: 1053 bytes leftover after parsing attributes in process `syz.1.2309'. [ 244.618546][ T5205] Bluetooth: hci2: command tx timeout [ 244.619692][T11439] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 245.215782][T11464] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2316'. [ 245.545774][ T39] audit: type=1804 audit(1719906856.921:77): pid=11473 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.2325" name="/syzkaller.WHu1iT/191/file0/bus" dev="9p" ino=38273107 res=1 errno=0 [ 245.752875][T11484] binder: 11482:11484 ioctl c0306201 0 returned -14 [ 245.760855][T11484] binder: BINDER_SET_CONTEXT_MGR already set [ 245.770180][T11484] binder: 11482:11484 ioctl 4018620d 20000040 returned -16 [ 245.776588][T11484] binder: 11482:11484 ioctl c0306201 200003c0 returned -22 [ 246.353352][T11498] netdevsim netdevsim1 @: renamed from netdevsim0 (while UP) [ 246.519524][T11496] misc userio: Can't change port type on an already running userio instance [ 246.640479][T11510] binder: 11509:11510 ioctl c0306201 0 returned -14 [ 246.670039][T11510] binder: BINDER_SET_CONTEXT_MGR already set [ 246.673267][T11510] binder: 11509:11510 ioctl 4018620d 20000040 returned -16 [ 246.677320][T11510] binder: 11509:11510 ioctl c0306201 200003c0 returned -22 [ 246.753429][T11505] overlay: ./bus is not a directory [ 246.807009][ T39] audit: type=1804 audit(1719906858.181:78): pid=11505 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.2338" name="/syzkaller.BYHpCa/227/file0/bus" dev="9p" ino=38273107 res=1 errno=0 [ 247.248831][T11526] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2346'. [ 247.412965][T11529] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8) [ 247.415848][T11529] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 247.421146][T11529] vhci_hcd vhci_hcd.0: Device attached [ 247.784363][ T5246] usb 20-1: SetAddress Request (6) to port 0 [ 247.793265][ T5246] usb 20-1: new SuperSpeed USB device number 6 using vhci_hcd [ 248.010315][T11531] vhci_hcd: connection reset by peer [ 248.029458][ T1094] vhci_hcd: stop threads [ 248.032290][ T1094] vhci_hcd: release socket [ 248.034396][ T1094] vhci_hcd: disconnect device [ 248.240544][ T5205] Bluetooth: hci3: SCO packet for unknown connection handle 0 [ 248.241984][T11544] overlay: ./bus is not a directory [ 248.305698][ T39] audit: type=1804 audit(1719906859.681:79): pid=11544 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.2353" name="/syzkaller.E2p3pq/146/file0/bus" dev="9p" ino=38273107 res=1 errno=0 [ 248.904347][ T39] audit: type=1326 audit(1719906860.281:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11571 comm="syz.2.2364" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73ea579 code=0x0 [ 249.216986][T11576] overlay: ./bus is not a directory [ 249.281921][ T39] audit: type=1804 audit(1719906860.651:81): pid=11576 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.2366" name="/syzkaller.TOFbJT/212/file0/bus" dev="9p" ino=38273107 res=1 errno=0 [ 249.332577][T11584] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2369'. [ 249.354944][T11584] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2369'. [ 249.638417][ T39] audit: type=1804 audit(1719906861.011:82): pid=11598 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.2374" name="/syzkaller.TOFbJT/215/bus" dev="sda1" ino=1953 res=1 errno=0 [ 249.992766][T11617] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2382'. [ 249.999985][T11617] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2382'. [ 250.142706][ T1940] usb 7-1: new high-speed USB device number 10 using dummy_hcd [ 250.335017][ T1940] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 255, changing to 11 [ 250.341990][ T1940] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0xFF has invalid maxpacket 59391, setting to 1024 [ 250.348224][ T1940] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 250.359855][ T1940] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 250.366042][ T1940] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 250.380614][ T1940] usb 7-1: config 0 descriptor?? [ 250.384139][T11615] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 250.845088][ T1940] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0 [ 250.853653][ T1940] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0 [ 250.856979][ T1940] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0 [ 250.860138][ T1940] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0 [ 250.881912][ T1940] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0 [ 250.885544][ T1940] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0 [ 250.888712][ T1940] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0 [ 250.895693][ T1940] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0 [ 250.900151][ T1940] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0 [ 250.904637][ T1940] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0 [ 250.908040][ T1940] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0 [ 250.911335][ T1940] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0 [ 250.915529][ T1940] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0 [ 250.919132][ T1940] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0 [ 250.922595][ T1940] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0 [ 250.931712][ T1940] plantronics 0003:047F:FFFF.000D: No inputs registered, leaving [ 250.950309][ T1940] plantronics 0003:047F:FFFF.000D: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 251.040583][T11658] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2399'. [ 251.137086][ T69] usb 7-1: USB disconnect, device number 10 [ 251.767795][T11682] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2408'. [ 252.196725][T11702] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2417'. [ 252.710889][T11715] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 252.921961][ T5246] usb 20-1: device descriptor read/8, error -110 [ 253.217037][T11739] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8) [ 253.219944][T11739] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 253.230234][T11739] vhci_hcd vhci_hcd.0: Device attached [ 253.452420][ T5246] usb 20-1: SetAddress Request (7) to port 0 [ 253.455117][ T5246] usb 20-1: new SuperSpeed USB device number 7 using vhci_hcd [ 253.475262][T11749] misc userio: Can't change port type on an already running userio instance [ 253.893850][T11746] vhci_hcd: connection reset by peer [ 253.899643][ T13] vhci_hcd: stop threads [ 253.901489][ T13] vhci_hcd: release socket [ 253.928072][ T13] vhci_hcd: disconnect device [ 253.987789][T11761] netlink: 'syz.1.2439': attribute type 10 has an invalid length. [ 254.043761][T11761] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 254.061261][T11761] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 254.336229][ C2] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 254.414152][T11774] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2445'. [ 254.883529][T11784] netlink: 'syz.1.2449': attribute type 10 has an invalid length. [ 255.539174][T11793] misc userio: Can't change port type on an already running userio instance [ 255.842137][ T39] audit: type=1326 audit(1719906867.221:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11800 comm="syz.3.2455" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7439579 code=0x0 [ 255.990762][T11806] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2456'. [ 256.208243][T11813] netlink: 'syz.2.2459': attribute type 10 has an invalid length. [ 256.224583][T11813] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 256.232284][T11813] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 256.285625][ T5205] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 256.291410][ T5205] Bluetooth: hci2: Injecting HCI hardware error event [ 256.298953][ T5205] Bluetooth: hci2: hardware error 0x00 [ 256.352608][ T55] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 256.542025][ T55] usb 6-1: Using ep0 maxpacket: 8 [ 256.546973][ T55] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 256.551388][ T55] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 256.556721][ T55] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 256.561016][ T55] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 256.567266][ T55] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 256.571269][ T55] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 256.821372][ T55] usb 6-1: GET_CAPABILITIES returned 0 [ 256.824501][ T55] usbtmc 6-1:16.0: can't read capabilities [ 257.025890][ T5241] usb 6-1: USB disconnect, device number 8 [ 257.290481][ T39] audit: type=1804 audit(1719906868.661:84): pid=11840 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.2471" name="/syzkaller.E2p3pq/169/bus" dev="sda1" ino=1979 res=1 errno=0 [ 257.542349][T11854] syz.3.2475: attempt to access beyond end of device [ 257.542349][T11854] loop3: rw=0, sector=0, nr_sectors = 8 limit=0 [ 257.549555][T11854] F2FS-fs (loop3): Unable to read 1th superblock [ 257.558016][T11854] syz.3.2475: attempt to access beyond end of device [ 257.558016][T11854] loop3: rw=0, sector=8, nr_sectors = 8 limit=0 [ 257.563704][T11854] F2FS-fs (loop3): Unable to read 2th superblock [ 257.590554][T11858] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2479'. [ 258.362414][ T5205] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 258.430847][T11884] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2485'. [ 258.525545][ T5246] usb 20-1: device descriptor read/8, error -110 [ 258.642267][ T5246] usb usb20-port1: attempt power cycle [ 258.687322][T11899] syz.3.2495: attempt to access beyond end of device [ 258.687322][T11899] loop3: rw=0, sector=0, nr_sectors = 8 limit=0 [ 258.692754][T11899] F2FS-fs (loop3): Unable to read 1th superblock [ 258.699802][T11899] syz.3.2495: attempt to access beyond end of device [ 258.699802][T11899] loop3: rw=0, sector=8, nr_sectors = 8 limit=0 [ 258.705512][T11899] F2FS-fs (loop3): Unable to read 2th superblock [ 259.299727][ T5246] usb usb20-port1: unable to enumerate USB device [ 259.321700][T11926] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2504'. [ 259.694596][T11916] misc userio: Can't change port type on an already running userio instance [ 260.419241][T11955] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2512'. [ 261.025027][ T1353] ieee802154 phy1 wpan1: encryption failed: -22 [ 261.692545][T11973] misc userio: Can't change port type on an already running userio instance [ 261.955924][T11970] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 262.000974][T11984] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2527'. [ 262.482033][ T39] audit: type=1326 audit(1719906873.851:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12011 comm="syz.3.2539" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7439579 code=0x0 [ 262.739332][T12029] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 262.744526][T12029] overlayfs: missing 'lowerdir' [ 262.987326][ T39] audit: type=1326 audit(1719906874.361:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12038 comm="syz.0.2549" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x0 [ 263.152498][T12032] misc userio: Can't change port type on an already running userio instance [ 263.735524][T12058] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 263.740471][T12058] overlayfs: missing 'lowerdir' [ 263.908238][T12067] netlink: 48 bytes leftover after parsing attributes in process `syz.2.2557'. [ 264.325211][ T39] audit: type=1804 audit(1719906875.701:87): pid=12074 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.2563" name="/syzkaller.WHu1iT/237/cgroup.controllers" dev="sda1" ino=1981 res=1 errno=0 [ 264.408192][T12074] Unsupported ieee802154 address type: 0 [ 265.044743][ T39] audit: type=1804 audit(1719906876.421:88): pid=12106 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.2577" name="/syzkaller.WHu1iT/241/cgroup.controllers" dev="sda1" ino=1970 res=1 errno=0 [ 265.068166][T12106] Unsupported ieee802154 address type: 0 [ 265.226198][T12122] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2582'. [ 265.247259][ T39] audit: type=1800 audit(1719906876.611:89): pid=12121 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2584" name="file1" dev="sda1" ino=1973 res=0 errno=0 [ 265.399223][T12100] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 265.839748][T12136] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 265.900815][T12137] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 266.203762][ T39] audit: type=1800 audit(1719906877.581:90): pid=12154 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2596" name="file1" dev="sda1" ino=1978 res=0 errno=0 [ 266.233838][T12158] netlink: 'syz.0.2598': attribute type 29 has an invalid length. [ 266.237960][T12158] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2598'. [ 266.269730][T12158] netlink: 'syz.0.2598': attribute type 29 has an invalid length. [ 266.300799][T12158] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2598'. [ 266.312136][T12159] netlink: 'syz.0.2598': attribute type 29 has an invalid length. [ 266.329138][T12159] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2598'. [ 266.527989][T12166] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 266.587681][T12166] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 266.645141][T12172] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2601'. [ 266.901482][T12180] netlink: 'syz.2.2607': attribute type 10 has an invalid length. [ 266.939057][T12180] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 267.034788][T12183] netlink: 'syz.2.2609': attribute type 29 has an invalid length. [ 267.038869][T12183] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2609'. [ 267.044622][T12183] netlink: 'syz.2.2609': attribute type 29 has an invalid length. [ 267.047966][T12183] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2609'. [ 267.075132][T12183] netlink: 'syz.2.2609': attribute type 29 has an invalid length. [ 267.081038][T12183] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2609'. [ 267.378882][ T39] audit: type=1800 audit(1719906878.751:91): pid=12191 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2612" name="file1" dev="sda1" ino=1982 res=0 errno=0 [ 267.524462][T12193] input: syz1 as /devices/virtual/input/input27 [ 267.632030][T12196] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 267.637285][T12196] overlayfs: missing 'lowerdir' [ 267.799421][T12202] netlink: 'syz.2.2618': attribute type 29 has an invalid length. [ 267.804447][T12202] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2618'. [ 267.812307][T12202] netlink: 'syz.2.2618': attribute type 29 has an invalid length. [ 267.817308][T12202] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2618'. [ 267.835295][T12202] netlink: 'syz.2.2618': attribute type 29 has an invalid length. [ 267.838751][T12202] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2618'. [ 268.073515][T12216] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 268.087854][ T39] audit: type=1800 audit(1719906879.461:92): pid=12214 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2623" name="file1" dev="sda1" ino=1965 res=0 errno=0 [ 268.095958][T12216] overlayfs: missing 'lowerdir' [ 268.662056][ T63] usb 7-1: new high-speed USB device number 11 using dummy_hcd [ 268.845669][ T63] usb 7-1: Using ep0 maxpacket: 16 [ 268.850173][ T63] usb 7-1: config 0 has an invalid interface number: 8 but max is 0 [ 268.854030][ T63] usb 7-1: config 0 has no interface number 0 [ 268.865208][ T63] usb 7-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 268.870135][ T63] usb 7-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 268.876652][ T63] usb 7-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 268.881296][ T63] usb 7-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 268.887094][ T63] usb 7-1: Product: syz [ 268.889066][ T63] usb 7-1: SerialNumber: syz [ 268.893526][ T63] usb 7-1: config 0 descriptor?? [ 268.898819][ T63] cm109 7-1:0.8: invalid payload size 0, expected 4 [ 268.904002][ T63] input: CM109 USB driver as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.8/input/input28 [ 269.198652][ C3] cm109 7-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 269.198880][ T5251] usb 7-1: USB disconnect, device number 11 [ 269.201669][ C3] cm109 7-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 269.219320][ T5251] cm109 7-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 269.818071][T12248] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 270.278672][T12287] ALSA: mixer_oss: invalid OSS volume '00000000000000000000' [ 270.282324][T12287] ALSA: mixer_oss: invalid OSS volume 'OGAINW1' [ 270.287069][T12287] ALSA: mixer_oss: invalid OSS volume '' [ 270.376305][ T39] audit: type=1326 audit(1719906881.751:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12292 comm="syz.1.2658" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf743d579 code=0x0 [ 270.729619][T12314] ALSA: mixer_oss: invalid OSS volume '00000000000000000000' [ 270.733373][T12314] ALSA: mixer_oss: invalid OSS volume 'OGAINW1' [ 270.736389][T12314] ALSA: mixer_oss: invalid OSS volume '' [ 271.029383][T12327] openvswitch: netlink: IP tunnel attribute has 3056 unknown bytes. [ 271.130470][T12331] trusted_key: encrypted_key: key user:syz not found [ 271.253464][T12335] ALSA: mixer_oss: invalid OSS volume '00000000000000000000' [ 271.261652][T12335] ALSA: mixer_oss: invalid OSS volume 'OGAINW1' [ 271.265075][T12335] ALSA: mixer_oss: invalid OSS volume '' [ 272.114406][T12373] __nla_validate_parse: 3 callbacks suppressed [ 272.114430][T12373] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2691'. [ 272.704055][T12400] ptrace attach of "/syz-executor exec"[9321] was attempted by "                                                       \x07  \x09 \x0a \x0b \x0c \x0d              \x1b      ! \x22 # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \x5c ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~                                                           [ 273.483061][ T5251] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 273.706993][ T5251] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 273.714884][ T5251] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 273.719433][ T5251] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 273.725060][ T5251] usb 6-1: Product: syz [ 273.726650][ T5251] usb 6-1: Manufacturer: syz [ 273.728220][ T5251] usb 6-1: SerialNumber: syz [ 273.940028][T12434] ptrace attach of "/syz-executor exec"[9631] was attempted by "                                                       \x07  \x09 \x0a \x0b \x0c \x0d              \x1b      ! \x22 # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \x5c ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~                                                           [ 274.321905][ T63] usb 7-1: new high-speed USB device number 12 using dummy_hcd [ 274.559474][T12413] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 274.566149][T12413] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 274.574443][T12413] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 274.579612][T12413] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 274.592395][ T63] usb 7-1: Using ep0 maxpacket: 16 [ 274.620254][ T63] usb 7-1: config 0 has an invalid interface number: 8 but max is 0 [ 274.623386][ T63] usb 7-1: config 0 has no interface number 0 [ 274.625622][ T63] usb 7-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 274.628023][T12459] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.2724'. [ 274.629596][ T63] usb 7-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 274.637990][T12459] openvswitch: netlink: IP tunnel attribute has 3056 unknown bytes. [ 274.642265][ T63] usb 7-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 274.646060][ T63] usb 7-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 274.649398][ T63] usb 7-1: Product: syz [ 274.651103][ T63] usb 7-1: SerialNumber: syz [ 274.657009][ T63] usb 7-1: config 0 descriptor?? [ 274.667599][ T63] cm109 7-1:0.8: invalid payload size 0, expected 4 [ 274.671562][ T63] input: CM109 USB driver as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.8/input/input29 [ 274.845259][T12465] bond_slave_0: entered promiscuous mode [ 274.848761][T12465] bond_slave_1: entered promiscuous mode [ 274.920774][T12468] bond_slave_0: left promiscuous mode [ 274.924606][T12468] bond_slave_1: left promiscuous mode [ 274.938820][ C3] cm109 7-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 274.939456][ T8] usb 7-1: USB disconnect, device number 12 [ 274.941932][ C3] cm109 7-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 274.973989][ T5251] cdc_ncm 6-1:1.0: failed to get mac address [ 274.985475][ T8] cm109 7-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 274.991691][ T5251] cdc_ncm 6-1:1.0: bind() failure [ 275.008947][ T5251] cdc_ncm 6-1:1.1: probe with driver cdc_ncm failed with error -71 [ 275.018810][ T5251] cdc_mbim 6-1:1.1: probe with driver cdc_mbim failed with error -71 [ 275.024862][ T5251] usbtest 6-1:1.1: probe with driver usbtest failed with error -71 [ 275.035745][ T5251] usb 6-1: USB disconnect, device number 9 [ 275.131923][T12468] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 275.144323][T12468] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 275.154505][T12468] bond0 (unregistering): Released all slaves [ 275.239226][T12470] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2728'. [ 275.243990][T12470] netlink: 152 bytes leftover after parsing attributes in process `syz.0.2728'. [ 275.253472][T12470] netlink: 152 bytes leftover after parsing attributes in process `syz.0.2728'. [ 275.566415][T12481] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.2733'. [ 275.570731][T12481] openvswitch: netlink: IP tunnel attribute has 3056 unknown bytes. [ 275.679590][T12491] bond_slave_0: entered promiscuous mode [ 275.682530][T12491] bond_slave_1: entered promiscuous mode [ 275.744452][T12497] bond_slave_0: left promiscuous mode [ 275.750274][T12497] bond_slave_1: left promiscuous mode [ 275.908507][T12497] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 275.919728][T12497] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 275.928456][T12497] bond0 (unregistering): Released all slaves [ 276.082069][ T5251] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 276.294165][ T5251] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 276.303692][ T5251] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 276.308153][ T5251] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 276.313815][ T5251] usb 6-1: Product: syz [ 276.316107][ T5251] usb 6-1: Manufacturer: syz [ 276.319573][ T5251] usb 6-1: SerialNumber: syz [ 276.582866][T12523] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2749'. [ 277.122202][ T8] usb 7-1: new high-speed USB device number 13 using dummy_hcd [ 277.205595][T12502] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 277.213811][T12502] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 277.229374][T12502] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 277.233962][T12502] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 277.302156][ T8] usb 7-1: Using ep0 maxpacket: 8 [ 277.310760][ T8] usb 7-1: config index 0 descriptor too short (expected 5924, got 36) [ 277.315254][ T8] usb 7-1: config 250 has an invalid interface number: 228 but max is -1 [ 277.319266][ T8] usb 7-1: config 250 has 1 interface, different from the descriptor's value: 0 [ 277.323850][ T8] usb 7-1: config 250 has no interface number 0 [ 277.326905][ T8] usb 7-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024 [ 277.332714][ T8] usb 7-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024 [ 277.336622][ T8] usb 7-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0 [ 277.341044][ T8] usb 7-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0 [ 277.346431][ T8] usb 7-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17 [ 277.352984][ T8] usb 7-1: config 250 interface 228 has no altsetting 0 [ 277.358369][ T8] usb 7-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07 [ 277.364156][ T8] usb 7-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59 [ 277.368608][ T8] usb 7-1: Product: syz [ 277.370547][ T8] usb 7-1: SerialNumber: syz [ 277.378843][ T8] hub 7-1:250.228: bad descriptor, ignoring hub [ 277.381267][ T8] hub 7-1:250.228: probe with driver hub failed with error -5 [ 277.600360][ T5251] cdc_ncm 6-1:1.0: failed to get mac address [ 277.604063][ T8] usblp 7-1:250.228: usblp0: USB Bidirectional printer dev 13 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292 [ 277.612019][ T5251] cdc_ncm 6-1:1.0: bind() failure [ 277.618077][ T5251] cdc_ncm 6-1:1.1: probe with driver cdc_ncm failed with error -71 [ 277.626371][ T5251] cdc_mbim 6-1:1.1: probe with driver cdc_mbim failed with error -71 [ 277.638717][ T5251] usbtest 6-1:1.1: probe with driver usbtest failed with error -71 [ 277.650445][ T5251] usb 6-1: USB disconnect, device number 10 [ 278.082978][ T5241] usb 7-1: USB disconnect, device number 13 [ 278.088221][ T5241] usblp0: removed [ 278.608381][T12562] trusted_key: encrypted_key: key user:syz not found [ 279.381131][T12584] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2771'. [ 279.402401][T12584] netlink: 152 bytes leftover after parsing attributes in process `syz.0.2771'. [ 279.407004][T12584] netlink: 152 bytes leftover after parsing attributes in process `syz.0.2771'. [ 279.478722][T12591] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2774'. [ 279.554146][T12596] netlink: 'syz.3.2773': attribute type 4 has an invalid length. [ 279.557842][T12596] netlink: 17 bytes leftover after parsing attributes in process `syz.3.2773'. [ 279.721108][T12601] netlink: 'syz.0.2777': attribute type 16 has an invalid length. [ 279.728218][T12601] netlink: 'syz.0.2777': attribute type 3 has an invalid length. [ 279.731027][T12601] netlink: 64066 bytes leftover after parsing attributes in process `syz.0.2777'. [ 279.746198][ T39] audit: type=1800 audit(1719906891.121:94): pid=12601 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2777" name="bus" dev="sda1" ino=1984 res=0 errno=0 [ 279.772012][ T5245] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 279.844984][T12603] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2778'. [ 279.968672][ T5245] usb 6-1: Using ep0 maxpacket: 8 [ 279.983315][ T5245] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 279.986912][ T5245] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 279.991000][ T5245] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 279.995377][ T5245] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 279.999829][ T5245] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 280.005860][ T5245] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 280.009260][ T5245] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 280.277181][ T5245] usb 6-1: GET_CAPABILITIES returned 0 [ 280.282081][ T5245] usbtmc 6-1:16.0: can't read capabilities [ 280.303861][T12621] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2784'. [ 280.481682][ T8] usb 6-1: USB disconnect, device number 11 [ 280.525583][T12627] netlink: 'syz.2.2787': attribute type 16 has an invalid length. [ 280.528502][T12627] netlink: 'syz.2.2787': attribute type 3 has an invalid length. [ 280.531660][T12627] netlink: 64066 bytes leftover after parsing attributes in process `syz.2.2787'. [ 280.541105][ T39] audit: type=1800 audit(1719906891.911:95): pid=12627 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2787" name="bus" dev="sda1" ino=1985 res=0 errno=0 [ 280.851470][T12635] random: crng reseeded on system resumption [ 280.994335][T12639] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2792'. [ 281.285481][T12656] netlink: 'syz.0.2796': attribute type 4 has an invalid length. [ 281.363719][T12662] bond_slave_0: entered promiscuous mode [ 281.366735][T12662] bond_slave_1: entered promiscuous mode [ 281.430241][T12668] bond_slave_0: left promiscuous mode [ 281.433413][T12668] bond_slave_1: left promiscuous mode [ 281.478805][T12671] netlink: 'syz.0.2802': attribute type 16 has an invalid length. [ 281.484221][T12671] netlink: 'syz.0.2802': attribute type 3 has an invalid length. [ 281.493477][ T39] audit: type=1800 audit(1719906892.861:96): pid=12671 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2802" name="bus" dev="sda1" ino=1986 res=0 errno=0 [ 281.586865][T12668] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 281.594511][T12668] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 281.603391][T12668] bond0 (unregistering): (slave batadv0): Releasing backup interface [ 281.608443][T12668] bond0 (unregistering): Released all slaves [ 281.759120][T12679] netlink: 'syz.0.2807': attribute type 4 has an invalid length. [ 281.803576][T12683] program syz.0.2808 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 282.202099][ T5251] usb 5-1: new high-speed USB device number 19 using dummy_hcd [ 282.391766][ T5251] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 282.399461][ T5251] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 282.403564][ T5251] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 282.407032][ T5251] usb 5-1: Product: syz [ 282.408687][ T5251] usb 5-1: Manufacturer: syz [ 282.410811][ T5251] usb 5-1: SerialNumber: syz [ 282.562738][ T8] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 282.741933][ T8] usb 6-1: Using ep0 maxpacket: 32 [ 282.747242][ T8] usb 6-1: config index 0 descriptor too short (expected 156, got 27) [ 282.751327][ T8] usb 6-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 282.756344][ T8] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 282.761247][ T8] usb 6-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 282.767344][ T8] usb 6-1: config 0 interface 0 has no altsetting 0 [ 282.779555][ T8] usb 6-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 282.783746][ T8] usb 6-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 282.787446][ T8] usb 6-1: Product: syz [ 282.789370][ T8] usb 6-1: Manufacturer: syz [ 282.791418][ T8] usb 6-1: SerialNumber: syz [ 282.796788][ T8] usb 6-1: config 0 descriptor?? [ 282.805203][ T8] ldusb 6-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 282.812040][ T8] ldusb 6-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 283.012495][ T55] usb 6-1: USB disconnect, device number 12 [ 283.023194][ T55] ldusb 6-1:0.0: LD USB Device #0 now disconnected [ 283.282161][T12689] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 283.291109][T12689] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 283.320913][T12689] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 283.327527][T12689] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 283.612126][ T55] usb 6-1: new full-speed USB device number 13 using dummy_hcd [ 283.737091][ T5251] cdc_ncm 5-1:1.0: failed to get mac address [ 283.740106][ T5251] cdc_ncm 5-1:1.0: bind() failure [ 283.750504][ T5251] cdc_ncm 5-1:1.1: probe with driver cdc_ncm failed with error -71 [ 283.756008][ T5251] cdc_mbim 5-1:1.1: probe with driver cdc_mbim failed with error -71 [ 283.760524][ T5251] usbtest 5-1:1.1: probe with driver usbtest failed with error -71 [ 283.775679][ T5251] usb 5-1: USB disconnect, device number 19 [ 283.801944][ T9804] usb 7-1: new high-speed USB device number 14 using dummy_hcd [ 283.803933][ T55] usb 6-1: config index 0 descriptor too short (expected 156, got 27) [ 283.809489][ T55] usb 6-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 283.815378][ T55] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 10 [ 283.820374][ T55] usb 6-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 283.826486][ T55] usb 6-1: config 0 interface 0 has no altsetting 0 [ 283.833802][ T55] usb 6-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 283.838292][ T55] usb 6-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 283.842113][ T55] usb 6-1: Product: syz [ 283.843959][ T55] usb 6-1: Manufacturer: syz [ 283.846011][ T55] usb 6-1: SerialNumber: syz [ 283.850754][ T55] usb 6-1: config 0 descriptor?? [ 283.857312][ T55] ldusb 6-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 283.869083][ T55] ldusb 6-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 283.981931][ T9804] usb 7-1: Using ep0 maxpacket: 32 [ 283.986723][ T9804] usb 7-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92 [ 283.990918][ T9804] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 283.997247][ T9804] usb 7-1: config 0 descriptor?? [ 284.003418][ T9804] gspca_main: nw80x-2.14.0 probing 055f:d001 [ 284.069061][ T55] usb 6-1: USB disconnect, device number 13 [ 284.074073][ T55] ldusb 6-1:0.0: LD USB Device #0 now disconnected [ 284.436869][ T39] audit: type=1804 audit(1719906895.811:97): pid=12724 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.2824" name="/syzkaller.E2p3pq/269/file0" dev="sda1" ino=1984 res=1 errno=0 [ 284.458485][T12724] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 284.463335][T12724] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 284.478925][ T9804] gspca_nw80x: reg_r err -71 [ 284.483569][ T9804] nw80x 7-1:0.0: probe with driver nw80x failed with error -71 [ 284.492139][ T9804] usb 7-1: USB disconnect, device number 14 [ 285.265260][ T39] audit: type=1800 audit(1719906896.641:98): pid=12774 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2847" name="bus" dev="sda1" ino=1985 res=0 errno=0 [ 285.274505][T12776] binder: BINDER_SET_CONTEXT_MGR already set [ 285.276950][T12776] binder: 12768:12776 ioctl 4018620d 20000100 returned -16 [ 285.572009][ T8] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 285.771927][ T8] usb 5-1: Using ep0 maxpacket: 32 [ 285.776490][ T8] usb 5-1: config index 0 descriptor too short (expected 156, got 27) [ 285.780160][ T8] usb 5-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 285.789600][ T8] usb 5-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 285.794896][ T8] usb 5-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 285.800763][ T8] usb 5-1: config 0 interface 0 has no altsetting 0 [ 285.807650][ T8] usb 5-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 285.811691][ T8] usb 5-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 285.817623][ T8] usb 5-1: Product: syz [ 285.819556][ T8] usb 5-1: Manufacturer: syz [ 285.821642][ T8] usb 5-1: SerialNumber: syz [ 285.826185][ T8] usb 5-1: config 0 descriptor?? [ 285.831121][ T8] ldusb 5-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 285.838347][ T8] ldusb 5-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 286.056473][ T8] usb 5-1: USB disconnect, device number 20 [ 286.061098][ T8] ldusb 5-1:0.0: LD USB Device #0 now disconnected [ 286.276415][ T39] audit: type=1800 audit(1719906897.651:99): pid=12803 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2859" name="bus" dev="sda1" ino=1984 res=0 errno=0 [ 286.488004][ T39] audit: type=1800 audit(1719906897.861:100): pid=12813 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2864" name="bus" dev="sda1" ino=1984 res=0 errno=0 [ 286.655879][ T8] usb 5-1: new full-speed USB device number 21 using dummy_hcd [ 286.728743][ T39] audit: type=1800 audit(1719906898.101:101): pid=12826 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2869" name="bus" dev="sda1" ino=1984 res=0 errno=0 [ 286.844747][ T39] audit: type=1800 audit(1719906898.221:102): pid=12835 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2874" name="bus" dev="sda1" ino=1974 res=0 errno=0 [ 286.869109][ T8] usb 5-1: config index 0 descriptor too short (expected 156, got 27) [ 286.873135][ T8] usb 5-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 286.878905][ T8] usb 5-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 10 [ 286.885138][ T8] usb 5-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 286.890722][ T8] usb 5-1: config 0 interface 0 has no altsetting 0 [ 286.895679][ T8] usb 5-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 286.899867][ T8] usb 5-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 286.904031][ T8] usb 5-1: Product: syz [ 286.905881][ T8] usb 5-1: Manufacturer: syz [ 286.907603][ T8] usb 5-1: SerialNumber: syz [ 286.911279][ T8] usb 5-1: config 0 descriptor?? [ 286.916916][ T8] ldusb 5-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 286.923992][ T8] ldusb 5-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 286.931203][T12841] __nla_validate_parse: 4 callbacks suppressed [ 286.931221][T12841] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2876'. [ 286.943642][T12841] gtp0: entered promiscuous mode [ 286.945857][T12841] gtp0: entered allmulticast mode [ 287.130154][T12849] netlink: 'syz.1.2880': attribute type 4 has an invalid length. [ 287.139520][ T8] usb 5-1: USB disconnect, device number 21 [ 287.149420][ T8] ldusb 5-1:0.0: LD USB Device #0 now disconnected [ 287.419731][ T39] audit: type=1800 audit(1719906898.791:103): pid=12862 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2886" name="bus" dev="sda1" ino=1976 res=0 errno=0 [ 287.466856][T12865] team_slave_1: mtu greater than device maximum [ 287.470146][T12865] team0: Device team_slave_1 failed to change mtu [ 287.525444][T12870] netlink: 'syz.3.2889': attribute type 4 has an invalid length. [ 287.610897][ T39] audit: type=1800 audit(1719906898.981:104): pid=12874 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2891" name="bus" dev="sda1" ino=1984 res=0 errno=0 [ 287.816755][ T39] audit: type=1800 audit(1719906899.181:105): pid=12886 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2897" name="bus" dev="sda1" ino=1971 res=0 errno=0 [ 287.869473][T12889] team_slave_1: mtu greater than device maximum [ 287.874602][T12889] team0: Device team_slave_1 failed to change mtu [ 288.172486][T12919] netlink: 'syz.0.2910': attribute type 4 has an invalid length. [ 288.181910][T12919] netlink: 17 bytes leftover after parsing attributes in process `syz.0.2910'. [ 288.222092][ T5246] usb 7-1: new high-speed USB device number 15 using dummy_hcd [ 288.404662][ T5246] usb 7-1: Using ep0 maxpacket: 32 [ 288.412324][ T5246] usb 7-1: config index 0 descriptor too short (expected 156, got 27) [ 288.416068][ T5246] usb 7-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 288.420901][ T5246] usb 7-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 288.425871][ T5246] usb 7-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 288.435376][ T5246] usb 7-1: config 0 interface 0 has no altsetting 0 [ 288.440848][ T5246] usb 7-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 288.445220][ T5246] usb 7-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 288.449062][ T5246] usb 7-1: Product: syz [ 288.451073][ T5246] usb 7-1: Manufacturer: syz [ 288.458659][ T5246] usb 7-1: SerialNumber: syz [ 288.468829][ T5246] usb 7-1: config 0 descriptor?? [ 288.474091][ T5246] ldusb 7-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 288.479956][ T5246] ldusb 7-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 288.654871][T12939] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN NOPTI [ 288.660869][T12939] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] [ 288.666543][T12939] CPU: 3 PID: 12939 Comm: syz.3.2922 Not tainted 6.10.0-rc6-syzkaller-00051-g1dfe225e9af5 #0 [ 288.670994][T12939] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 288.676553][T12939] RIP: 0010:dev_map_generic_redirect+0xb9/0x5f0 SYZFAIL: failed to recv rpc fd=3 want=4 sent=0 n=0 (errno 9: Bad file descriptor) [ 288.681484][T12939] Code: 48 c1 e8 03 42 0f b6 04 20 84 c0 74 08 3c 03 0f 8e 50 04 00 00 48 89 ea 44 8b 73 70 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 <80> 3c 02 00 0f 85 89 04 00 00 48 b8 00 00 00 00 00 fc ff df 4c 8b [ 288.689907][T12939] RSP: 0018:ffffc9000cf57868 EFLAGS: 00010246 [ 288.692355][T12939] RAX: dffffc0000000000 RBX: ffff888000e712c0 RCX: ffffc9002bb4b000 [ 288.695638][T12939] RDX: 0000000000000000 RSI: ffffffff81b4a196 RDI: 0000000000000000 [ 288.698820][T12939] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000 [ 288.702054][T12939] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 288.705441][T12939] R13: 1ffff920019eaf13 R14: 0000000000001046 R15: 0000000000000000 [ 288.705442][ T5246] usb 7-1: USB disconnect, device number 15 [ 288.709349][ T5246] ldusb 7-1:0.0: LD USB Device #0 now disconnected [ 288.711560][T12939] FS: 0000000000000000(0000) GS:ffff88802c300000(0063) knlGS:00000000f5d51b40 [ 288.711605][T12939] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 288.711622][T12939] CR2: 0000000020002000 CR3: 0000000029b8e000 CR4: 0000000000350ef0 [ 288.711635][T12939] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 288.738391][T12939] DR3: 00000000be70000e DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 288.741823][T12939] Call Trace: [ 288.743368][T12939] [ 288.744694][T12939] ? show_regs+0x8c/0xa0 [ 288.746623][T12939] ? die_addr+0x4f/0xd0 [ 288.748632][T12939] ? exc_general_protection+0x155/0x230 [ 288.751234][T12939] ? asm_exc_general_protection+0x26/0x30 [ 288.753808][T12939] ? dev_map_generic_redirect+0x86/0x5f0 [ 288.756245][T12939] ? dev_map_generic_redirect+0xb9/0x5f0 [ 288.758766][T12939] ? dev_map_generic_redirect+0x86/0x5f0 [ 288.761205][T12939] ? skb_free_head+0x108/0x1d0 [ 288.763254][T12939] ? __pfx_dev_map_generic_redirect+0x10/0x10 [ 288.765606][T12939] ? __pfx___folio_put+0x10/0x10 [ 288.767548][T12939] ? __pfx___cant_migrate+0x10/0x10 [ 288.769592][T12939] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 288.771881][T12939] ? bpf_prog_run_generic_xdp+0xcca/0x14e0 [ 288.774179][T12939] xdp_do_generic_redirect+0x309/0x720 [ 288.776292][T12939] do_xdp_generic+0x77f/0xc30 [ 288.778467][T12939] ? __pfx_do_xdp_generic+0x10/0x10 [ 288.780835][T12939] tun_get_user+0x1d1b/0x3c20 [ 288.783429][T12939] ? __pfx_tun_get_user+0x10/0x10 [ 288.786214][T12939] ? find_held_lock+0x2d/0x110 [ 288.788857][T12939] ? __pfx_lock_release+0x10/0x10 [ 288.791613][T12939] tun_chr_write_iter+0xe8/0x210 [ 288.793854][T12939] vfs_write+0x6b6/0x1140 [ 288.795778][T12939] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 288.798228][T12939] ? __pfx_vfs_write+0x10/0x10 [ 288.800360][T12939] ? do_futex+0x123/0x350 [ 288.802340][T12939] ? __fget_files+0x256/0x400 [ 288.804533][T12939] ? __fget_light+0x173/0x210 [ 288.806712][T12939] ksys_write+0x12f/0x260 [ 288.808902][T12939] ? __pfx_ksys_write+0x10/0x10 [ 288.811140][T12939] __do_fast_syscall_32+0x73/0x120 [ 288.813692][T12939] do_fast_syscall_32+0x32/0x80 [ 288.816106][T12939] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 288.818781][T12939] RIP: 0023:0xf7439579 [ 288.820203][T12939] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 288.828295][T12939] RSP: 002b:00000000f5d51540 EFLAGS: 00000293 ORIG_RAX: 0000000000000004 [ 288.831935][T12939] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000020001540 [ 288.836231][T12939] RDX: 0000000000001046 RSI: 00000000f7425ff4 RDI: 0000000000000000 [ 288.839403][T12939] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 288.842824][T12939] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 288.846257][T12939] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 288.849619][T12939] [ 288.850987][T12939] Modules linked in: [ 288.853042][T12939] ---[ end trace 0000000000000000 ]--- [ 288.855249][T12939] RIP: 0010:dev_map_generic_redirect+0xb9/0x5f0 [ 288.857708][T12939] Code: 48 c1 e8 03 42 0f b6 04 20 84 c0 74 08 3c 03 0f 8e 50 04 00 00 48 89 ea 44 8b 73 70 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 <80> 3c 02 00 0f 85 89 04 00 00 48 b8 00 00 00 00 00 fc ff df 4c 8b [ 288.866216][T12939] RSP: 0018:ffffc9000cf57868 EFLAGS: 00010246 [ 288.868736][T12939] RAX: dffffc0000000000 RBX: ffff888000e712c0 RCX: ffffc9002bb4b000 [ 288.873091][T12939] RDX: 0000000000000000 RSI: ffffffff81b4a196 RDI: 0000000000000000 [ 288.877451][T12939] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000 [ 288.881143][T12939] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000 [ 288.884670][T12939] R13: 1ffff920019eaf13 R14: 0000000000001046 R15: 0000000000000000 [ 288.888576][T12939] FS: 0000000000000000(0000) GS:ffff88802c300000(0063) knlGS:00000000f5d51b40 [ 288.892909][T12939] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 288.896424][T12939] CR2: 0000000020002000 CR3: 0000000029b8e000 CR4: 0000000000350ef0 [ 288.900108][T12939] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 288.904123][T12939] DR3: 00000000be70000e DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 288.907555][T12939] Kernel panic - not syncing: Fatal exception in interrupt [ 288.911186][T12939] Kernel Offset: disabled [ 288.913061][T12939] Rebooting in 86400 seconds.. VM DIAGNOSIS: 07:50:44 Registers: info registers vcpu 0 CPU#0 RAX=00000000003b475c RBX=0000000000000000 RCX=ffffffff8adc1d09 RDX=ffffed1005806fde RSI=ffffffff8b8fb520 RDI=ffffffff816724fc RBP=fffffbfff1b12af8 RSP=ffffffff8d807e20 R8 =0000000000000000 R9 =ffffed1005806fdd R10=ffff88802c037eeb R11=0000000000000001 R12=0000000000000000 R13=ffffffff8d8957c0 R14=ffffffff8fe29e50 R15=0000000000000000 RIP=ffffffff8adc30ff RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c000000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000020011000 CR3=0000000026418000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=00000000e08e000e DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000000 RBX=0000000000000000 RCX=ffffffff81cb1ae6 RDX=ffff88801b46a440 RSI=0000000000000000 RDI=0000000000000007 RBP=000000000000002a RSP=ffffc90000e7f808 R8 =0000000000000007 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000 R12=ffff8880257fe720 R13=000000000000002a R14=0000000000000029 R15=ffffc90000e7f8c8 RIP=ffffffff818e87cd RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c100000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f73ca494 CR3=0000000026418000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=00000000e08e000e DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=dffffc0000000000 RBX=ffff88801e82e000 RCX=ffffffff81f562b1 RDX=0000000000160000 RSI=0000000000160000 RDI=0000000000160000 RBP=ffff888012a54480 RSP=ffffc9000362f5c0 R8 =0000000000000001 R9 =fffff520006c5eab R10=0000000000000003 R11=0000000000000000 R12=0000000000160000 R13=ffff88801c89d8f0 R14=ffff88801e82e870 R15=0000ad6900000005 RIP=ffffffff818e891a RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c200000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f72b9220 CR3=0000000012912000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000585858585858 2e7a797300000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000585858585858 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000000206e 61000074736f686c ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffff0000ffff00 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000070 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff84f94105 RDI=ffffffff94d5be00 RBP=ffffffff94d5bdc0 RSP=ffffc9000cf57228 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=313030203a504952 R12=0000000000000000 R13=0000000000000070 R14=ffffffff84f940a0 R15=0000000000000000 RIP=ffffffff84f9412f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802c300000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000020002000 CR3=0000000029b8e000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=00000000be70000e DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000004800000000 0000000100000008 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000004800000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000