last executing test programs: 2m4.203297954s ago: executing program 32 (id=325): r0 = socket(0x25, 0x1, 0x0) r1 = syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0xfad6, 0x10000, 0x1000000}, &(0x7f0000000240)=0x0, &(0x7f0000000280)=0x0) syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x40, 0x0, @fd=r0, 0x0, 0x0, 0x0, {0x81}}) io_uring_enter(r1, 0xdb4, 0x0, 0x0, 0x0, 0x0) io_uring_register$IORING_REGISTER_SYNC_CANCEL(r1, 0x18, &(0x7f0000000000)={0x0, r0, 0x23, {0x3b4, 0x6d3}, 0x6}, 0x1) 1m48.474471958s ago: executing program 0 (id=682): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r2) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, 0x0, 0x10) 1m48.47414887s ago: executing program 0 (id=684): r0 = socket$inet6(0xa, 0x2, 0x0) r1 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r1, &(0x7f0000000000)=@pppol2tpv3in6={0x18, 0x1, {0x0, r0, 0x4, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, 0x3a) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c) sendmmsg(r1, &(0x7f00000036c0)=[{{0x0, 0x0, 0x0}}], 0x400000000000113, 0x0) 1m48.412335604s ago: executing program 0 (id=687): socket$packet(0x11, 0xa, 0x300) r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_udp_encap(r0, 0x11, 0x64, &(0x7f0000000040)=0x2, 0x4) bind$inet6(r0, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c) syz_emit_ethernet(0x47, &(0x7f0000000300)={@link_local, @local, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010700", 0x11, 0x11, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, @mcast2, {[], {0x0, 0xe22, 0x11, 0x0, @gue={{0x1, 0x1, 0x3, 0x8, 0x0, @void}, "2216ad1c91"}}}}}}}, 0x0) 1m48.412166117s ago: executing program 0 (id=689): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount$bind(&(0x7f0000000c40)='.\x00', &(0x7f0000000640)='./file0\x00', 0x0, 0x2901090, 0x0) chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00') mount(0x0, &(0x7f0000000d40)='./file0/../file0/../file0\x00', &(0x7f00000002c0)='sysfs\x00', 0x0, 0x0) pivot_root(&(0x7f0000000340)='.\x00', &(0x7f0000000180)='./file0/../file0/../file0\x00') 1m48.352147589s ago: executing program 0 (id=691): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c) mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r0, 0x0) r1 = syz_open_procfs$pagemap(0x0, &(0x7f0000001080)) ioctl$PAGEMAP_SCAN(r1, 0xc0606610, &(0x7f00000001c0)={0x60, 0x0, &(0x7f0000001000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x42, 0x5c}) 1m48.152150937s ago: executing program 0 (id=699): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000240)=ANY=[@ANYBLOB="01000000000000000100000000000000000000e80000000000000000ff"]) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000008c04"]) 1m48.123598497s ago: executing program 33 (id=699): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000240)=ANY=[@ANYBLOB="01000000000000000100000000000000000000e80000000000000000ff"]) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000008c04"]) 1m45.722384984s ago: executing program 5 (id=748): openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x4, &(0x7f0000000500)=@framed={{}, [@call={0x85, 0x0, 0x0, 0xf}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b00)={&(0x7f0000000040)='mm_lru_insertion\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) write$cgroup_type(r1, &(0x7f0000000180), 0x40010) 1m45.72218415s ago: executing program 5 (id=749): r0 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000001c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000500)='9p_client_req\x00', r2}, 0x10) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000700)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[], [], 0x6b}}) 1m44.832467416s ago: executing program 5 (id=764): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000080)={0x2}) ioctl$KVM_REINJECT_CONTROL(r1, 0xae71, &(0x7f0000000000)) 1m44.728724014s ago: executing program 5 (id=766): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) umount2(&(0x7f0000000400)='./file0/../file0\x00', 0x1) 1m44.728288339s ago: executing program 5 (id=768): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000140)={0xa, 0xffff, 0xa000, @dev={0xfe, 0x80, '\x00', 0xff}, 0xf}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000200), 0x3) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000380)=@gcm_128={{0x303, 0x38}, "faffffff0000003c", "82d7773879241628cb2d7129d5a01853", '\x00', "614db5b3ffffffff"}, 0x28) 1m43.33252313s ago: executing program 5 (id=805): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="000086dd0500560008005400000060ec970001983a00fc000018c6ba35000000000000000700ff02000000000000000000000000000100000000000000000000000000ff88000000000000000000860090780000000000000000000000000000ee3f000000002b036f8c006e75021d"], 0xfdef) 1m43.327905894s ago: executing program 34 (id=805): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="000086dd0500560008005400000060ec970001983a00fc000018c6ba35000000000000000700ff02000000000000000000000000000100000000000000000000000000ff88000000000000000000860090780000000000000000000000000000ee3f000000002b036f8c006e75021d"], 0xfdef) 1m40.581784525s ago: executing program 6 (id=851): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x7, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f00000000c0)=r3, 0x4) sendmsg$inet(r2, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) 1m40.581582013s ago: executing program 6 (id=852): bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='&\x00\x00\x00\a'], 0x50) write(0xffffffffffffffff, &(0x7f0000000000)='\"', 0x1) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r0, &(0x7f0000000000), 0xd) 1m40.581501084s ago: executing program 6 (id=853): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = landlock_create_ruleset(&(0x7f00000000c0)={0x100}, 0x10, 0x0) landlock_restrict_self(r1, 0x0) landlock_restrict_self(r1, 0x0) sendmmsg$unix(r0, &(0x7f0000000040)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) 1m40.512128053s ago: executing program 6 (id=854): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000440)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x28a101e, 0x0) mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x18d811, 0x0) 1m40.511773984s ago: executing program 6 (id=856): r0 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000200)=0x632a, 0x4) setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000040)=0xaf2, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x24000800, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @local}, 0x1c) recvmmsg(r0, &(0x7f0000001f80)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000003340)=""/152, 0x98}, 0xba93}], 0x1, 0x2000, 0x0) 1m39.752385904s ago: executing program 6 (id=864): bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1700000007"], 0x50) sendto$packet(0xffffffffffffffff, &(0x7f0000000000)='O', 0x1, 0x0, 0x0, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r0, &(0x7f0000000000), 0xd) 1m39.735623972s ago: executing program 35 (id=864): bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1700000007"], 0x50) sendto$packet(0xffffffffffffffff, &(0x7f0000000000)='O', 0x1, 0x0, 0x0, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r0, &(0x7f0000000000), 0xd) 1m3.728361734s ago: executing program 1 (id=1648): r0 = io_uring_setup(0x5824, &(0x7f0000000280)={0x0, 0x5, 0x10000, 0x1, 0x3bd}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba7a32}) readv(r1, &(0x7f0000000100)=[{&(0x7f00000001c0)=""/227, 0xe3}], 0x1) close_range(r0, 0xffffffffffffffff, 0x0) 1m3.525114636s ago: executing program 1 (id=1660): bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0xfffffffffffffe8b, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0x2000002, 0xe, 0x0, &(0x7f0000000200)="df33c9f7b9a60000000000000000", 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) 1m3.467747733s ago: executing program 1 (id=1663): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setreuid(0x0, 0xee00) bind$bt_hci(r0, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6) io_setup(0x5, &(0x7f00000002c0)=0x0) io_submit(r1, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2000000000, 0x4, 0x0, 0x1, 0x0, r0, &(0x7f0000000040)="0200ffff0000", 0x6, 0x0, 0x0, 0x2}]) 1m3.312835294s ago: executing program 1 (id=1669): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x30109d, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262) 1m3.312368622s ago: executing program 1 (id=1670): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x3) munlockall() 1m2.991020948s ago: executing program 1 (id=1680): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040)) ioctl$KVM_GET_PIT2(r1, 0x8070ae9f, &(0x7f0000000100)) 1m2.967069096s ago: executing program 36 (id=1680): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040)) ioctl$KVM_GET_PIT2(r1, 0x8070ae9f, &(0x7f0000000100)) 24.72844453s ago: executing program 4 (id=2188): bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='&\x00\x00\x00\a'], 0x50) write(0xffffffffffffffff, &(0x7f0000000000)='\"', 0x1) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r0, &(0x7f0000000000), 0xd) 24.660525848s ago: executing program 4 (id=2189): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = landlock_create_ruleset(&(0x7f00000000c0)={0x100}, 0x10, 0x0) landlock_restrict_self(r1, 0x0) landlock_restrict_self(r1, 0x0) sendmmsg$unix(r0, &(0x7f0000000040)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) 24.655504043s ago: executing program 4 (id=2192): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x396, @empty}, 0x1c) recvmsg(r0, &(0x7f0000002c00)={0x0, 0x0, &(0x7f0000001b40)=[{&(0x7f00000017c0)=""/134, 0x86}], 0x1}, 0x2) shutdown(r0, 0x1) 23.425700793s ago: executing program 8 (id=2201): r0 = socket$inet_udp(0x2, 0x2, 0x0) recvmmsg(r0, &(0x7f0000000080)=[{{0x0, 0x0, 0x0}}], 0x40000000000012d, 0x2, 0x0) setsockopt$inet_int(r0, 0x0, 0x7, &(0x7f0000000180)=0x6, 0x4) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) syz_emit_ethernet(0x42, &(0x7f0000000380)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0xa, 0x4, 0x0, 0x0, 0x34, 0x0, 0x0, 0x0, 0x11, 0x0, @private, @broadcast, {[@timestamp_addr={0x44, 0x14, 0x9, 0x1, 0x0, [{@loopback}, {@remote}]}]}}, {0x0, 0x4e20, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}, 0x0) 23.42557502s ago: executing program 4 (id=2202): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000440)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x28a101e, 0x0) mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x18d811, 0x0) 23.31068633s ago: executing program 8 (id=2206): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="580000000206050000000000000000000000000005000400000000000900020073797a32000000001400078005001400000000000800084000000020050005000200"], 0x58}}, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_VCPU_EVENTS(r2, 0xc048aeca, &(0x7f00000001c0)) 23.308344513s ago: executing program 4 (id=2216): r0 = socket$inet_udp(0x2, 0x2, 0x0) recvmmsg(r0, &(0x7f0000000080)=[{{0x0, 0x0, 0x0}}], 0x40000000000012d, 0x2, 0x0) setsockopt$inet_int(r0, 0x0, 0x7, &(0x7f0000000180)=0x6, 0x4) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) syz_emit_ethernet(0x42, &(0x7f0000000380)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0xa, 0x4, 0x0, 0x0, 0x34, 0x0, 0x0, 0x0, 0x11, 0x0, @private, @broadcast, {[@timestamp_addr={0x44, 0x14, 0x9, 0x1, 0x0, [{@loopback}, {@remote}]}]}}, {0x0, 0x4e20, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}, 0x0) 23.219121691s ago: executing program 8 (id=2211): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f00000001c0)={0x40, r1, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r3}, @val={0xc}}}, [@chandef_params=[@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x9ee}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0xd}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x40}, 0x1, 0x0, 0x0, 0xc804}, 0x0) 23.179476422s ago: executing program 8 (id=2213): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000440)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x28a101e, 0x0) mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x18d811, 0x0) 23.178342124s ago: executing program 8 (id=2217): r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000800)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x42}}, 0x10) setsockopt$sock_int(r0, 0x1, 0xb, &(0x7f0000000080)=0x25f, 0x4) sendmmsg$inet(r0, &(0x7f0000000600)=[{{&(0x7f0000000c00)={0x2, 0x4e20, @multicast2}, 0x10, 0x0}}], 0x1, 0x2000c044) sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 22.971087146s ago: executing program 4 (id=2224): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f00000001c0)={0x40, r1, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r3}, @val={0xc}}}, [@chandef_params=[@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x9ee}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0xd}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x40}, 0x1, 0x0, 0x0, 0xc804}, 0x0) 22.953359313s ago: executing program 37 (id=2224): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f00000001c0)={0x40, r1, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r3}, @val={0xc}}}, [@chandef_params=[@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x9ee}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0xd}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x40}, 0x1, 0x0, 0x0, 0xc804}, 0x0) 22.771283147s ago: executing program 8 (id=2229): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r0, 0x0) recvfrom(r0, 0x0, 0x0, 0x40000002, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000240)=0x10) setsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f00000000c0)={r1, 0xa}, 0x8) 22.738197371s ago: executing program 38 (id=2229): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r0, 0x0) recvfrom(r0, 0x0, 0x0, 0x40000002, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000240)=0x10) setsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f00000000c0)={r1, 0xa}, 0x8) 3.031369771s ago: executing program 2 (id=2656): r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bind$802154_dgram(r0, &(0x7f0000000180)={0x24, @long={0x3, 0xffff, {0xaaaaaaaaaaaa0002}}}, 0x14) r1 = dup(r0) connect$802154_dgram(r1, &(0x7f0000000040)={0x24, @short={0x2, 0x2, 0x2}}, 0x14) write$binfmt_script(r1, 0x0, 0x0) 2.981659684s ago: executing program 2 (id=2657): r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x6, 0x0, "30af0128ffffb70800000000000000ff7800"}) r1 = dup(r0) ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000100)=0xff) read$msr(r1, &(0x7f00000003c0)=""/140, 0x8c) 2.981504207s ago: executing program 2 (id=2658): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$UI_SET_LEDBIT(r0, 0x40045569, 0x7) write$uinput_user_dev(r0, &(0x7f0000000080)={'syz0\x00', {0x0, 0x2}, 0x35, [0x4346, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff, 0xfffffff9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xa0000000, 0x0, 0x80000001, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0xfffffffc, 0x0, 0x5, 0x0, 0x2], [0x0, 0x0, 0x3, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x3, 0x0, 0x2, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x7, 0x0, 0x4], [0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x2, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x4, 0x0, 0x8000000]}, 0x45c) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x11) ioctl$UI_DEV_CREATE(r0, 0x5501) 2.931408627s ago: executing program 2 (id=2659): r0 = fsopen(&(0x7f0000000100)='mqueue\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) fsmount(r0, 0x0, 0xf) fsconfig$FSCONFIG_SET_FLAG(r0, 0x0, &(0x7f0000000000)='ro\x00', 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) 2.931145961s ago: executing program 2 (id=2660): mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002280)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x1000}}) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x181942, 0x0) ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000040)=0x20) 2.923291322s ago: executing program 2 (id=2661): r0 = syz_usb_connect(0x2, 0x3f, &(0x7f00000007c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$FS_IOC_GETVERSION(r1, 0x5b02, 0x0) 537.861543ms ago: executing program 9 (id=2731): bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0x4, 0x8000009, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x1) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000300)={0x0, 0x0, 0x0, 'queue1\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f00000000c0)={0x32b, @tick=0x6, 0x0, {}, 0x0, 0x2, 0x1}) 479.684113ms ago: executing program 3 (id=2732): syz_emit_vhci(&(0x7f00000000c0)=@HCI_SCODATA_PKT={0x3, {0xc8, 0x74}, "c847e934af1f206677ac1b0d320b76362c98d0d70cb4eb438b77d80a20fff14403b3e11b28f2d5e3c9a553ba63672dd5522914720f8287669bedd9604a8bb7a0a739d06a3202c34014dc465a767b553cd4fbad928f9dc0f19738cfdd921f8d0465cc340f036f36774e9a2cc6557275a2917cf318"}, 0x78) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0xf}, @NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x2}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x78}}, 0x0) syz_emit_ethernet(0x3a, &(0x7f0000000100)={@local, @random="cf3cccaf382f", @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0xfe, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x6, 0xc2, 0x0, 0x0, 0x0, {[@nop]}}}}}}}, 0x0) 478.890801ms ago: executing program 3 (id=2733): r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0) ioctl$SNDCTL_SEQ_NRSYNTHS(r0, 0x8004510a, &(0x7f00000000c0)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x0, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2) 430.612469ms ago: executing program 9 (id=2734): r0 = add_key$keyring(&(0x7f0000001080), &(0x7f00000010c0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd) r1 = add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000080)='Q', 0x1, r0) pipe2$watch_queue(&(0x7f0000001100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) keyctl$KEYCTL_WATCH_KEY(0x20, r0, r2, 0xc2) keyctl$unlink(0x9, r1, r0) 430.35575ms ago: executing program 9 (id=2735): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r1}, 0x10) r2 = socket$can_raw(0x1d, 0x3, 0x1) fstatfs(r2, &(0x7f00000000c0)=""/120) 358.896674ms ago: executing program 9 (id=2736): r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) mknodat$loop(r0, &(0x7f0000000080)='./file1\x00', 0xc000, 0x1) renameat2(r0, &(0x7f0000000540)='./file1\x00', r0, &(0x7f0000000040)='./file0\x00', 0x5) unlinkat(r0, &(0x7f00000000c0)='./file1\x00', 0x0) getdents64(r0, &(0x7f0000000040)=""/131, 0x83) 357.337483ms ago: executing program 9 (id=2737): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x16, 0x0, 0x4, 0xffff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000012c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280)=[r0], 0x0, 0x10, 0x0, @void, @value}, 0x80) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x4, 0x4, 0x7, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000024c0), &(0x7f0000001280), 0x2, r1}, 0x38) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x5, r1}, 0x38) 290.993031ms ago: executing program 9 (id=2738): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x110) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000240)='./file0\x00', &(0x7f00000004c0), 0x410, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"]) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='freezer.state\x00', 0x275a, 0x0) write$cgroup_int(r0, &(0x7f0000000180)=0x10000000000000, 0x12) 290.857056ms ago: executing program 7 (id=2739): r0 = socket$inet6(0xa, 0x80002, 0x88) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0) syz_emit_ethernet(0x83, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030086dd601b8b97004d88c19edace00000000000000002100000002ff02000000000000000000000000000104004e20004d13"], 0x0) ppoll(&(0x7f0000000d40)=[{r0}], 0x25, &(0x7f0000000300)={0x0, 0x3938700}, 0x0, 0x0) 201.525573ms ago: executing program 3 (id=2740): openat$dlm_plock(0xffffffffffffff9c, &(0x7f00000000c0), 0x101000, 0x0) r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000080)=0x4) 201.34359ms ago: executing program 7 (id=2741): r0 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) r2 = openat$cgroup_subtree(r1, &(0x7f0000000100), 0x2, 0x0) write$cgroup_subtree(r2, &(0x7f0000000080)=ANY=[@ANYBLOB="2bbf"], 0x6) 161.381407ms ago: executing program 7 (id=2742): r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f00000000c0)=[{{0x0, 0x1, 0x0, 0x1}, {0x2, 0x1, 0x1, 0x1}}, {{0x2, 0x0, 0x0, 0x1}, {0x1, 0x1, 0x0, 0x1}}], 0x10) bind$can_raw(r0, &(0x7f0000000240), 0x8) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vcan0\x00', 0x0}) bind$can_raw(r0, &(0x7f0000000040)={0x1d, r1}, 0x10) 161.108108ms ago: executing program 7 (id=2743): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeee, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) mlock2(&(0x7f0000018000/0x2000)=nil, 0x2000, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) 160.057275ms ago: executing program 3 (id=2744): r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x3, 0x2, 0x1}) r1 = dup(r0) mmap(&(0x7f0000fed000/0x12000)=nil, 0x12000, 0x2, 0x11, r1, 0x0) mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x2000, 0x3, &(0x7f0000ffd000/0x1000)=nil) 71.532656ms ago: executing program 3 (id=2745): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$ETHTOOL_MSG_PAUSE_GET(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000000100)={0x20, r1, 0x1, 0x70bd2a, 0x0, {0x1a}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x40880}, 0xd0) 71.343816ms ago: executing program 3 (id=2746): r0 = syz_open_dev$loop(&(0x7f00000005c0), 0xffff, 0x109041) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events.local\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000040), 0x208e24b) ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x1000, {0x2a00, 0x80010000, 0x0, 0x52, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d09000000000000008dd4992861ac1000", "90be6c09306003d8006000", [0x0, 0x2]}}) ioctl$LOOP_SET_CAPACITY(r0, 0x4c07) 1.878151ms ago: executing program 7 (id=2747): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00') r1 = open(&(0x7f0000000a40)='./bus\x00', 0x141a42, 0x0) mount(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000040)='proc\x00', 0x0, &(0x7f0000000000)='gid=1\x00nk]e') sendfile(r1, r0, 0x0, 0x100801700) 0s ago: executing program 7 (id=2748): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0) r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/compact_memory\x00', 0x1, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) sendfile(r1, r0, &(0x7f00000000c0)=0x58, 0x5) kernel console output (not intermixed with test programs): e=0x7ffc0000 [ 84.310792][ T40] audit: type=1326 audit(1742994344.352:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8164 comm="syz.1.903" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x7ffc0000 [ 84.321231][ T40] audit: type=1326 audit(1742994344.352:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8164 comm="syz.1.903" exe="/syz-executor" sig=0 arch=40000003 syscall=386 compat=1 ip=0xf73fe579 code=0x7ffc0000 [ 84.326192][ T8168] loop2: detected capacity change from 0 to 7 [ 84.335491][ T40] audit: type=1326 audit(1742994344.352:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8164 comm="syz.1.903" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x7ffc0000 [ 84.341294][ T40] audit: type=1326 audit(1742994344.352:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8164 comm="syz.1.903" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x7ffc0000 [ 84.347187][ T40] audit: type=1326 audit(1742994344.352:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8164 comm="syz.1.903" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x7ffc0000 [ 84.347327][ T8168] Dev loop2: unable to read RDB block 7 [ 84.353060][ T40] audit: type=1326 audit(1742994344.352:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8164 comm="syz.1.903" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x7ffc0000 [ 84.355078][ T8168] loop2: unable to read partition table [ 84.362326][ T8168] loop2: partition table beyond EOD, truncated [ 84.364117][ T8168] loop_reread_partitions: partition scan of loop2 (被x ) failed (rc=-5) [ 84.366549][ T7745] usb 9-1: GET_CAPABILITIES returned 0 [ 84.368600][ T7745] usbtmc 9-1:16.0: can't read capabilities [ 84.522382][ T46] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 84.526058][ T46] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 84.530086][ T46] bond0 (unregistering): Released all slaves [ 84.808911][ T8223] netlink: 'syz.1.928': attribute type 29 has an invalid length. [ 84.814911][ T8223] netlink: 'syz.1.928': attribute type 29 has an invalid length. [ 84.830211][ T46] hsr_slave_0: left promiscuous mode [ 84.832089][ T46] hsr_slave_1: left promiscuous mode [ 84.833787][ T46] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 84.836407][ T46] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 84.838592][ T46] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 84.841058][ T46] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 84.856248][ T46] veth1_macvtap: left promiscuous mode [ 84.858466][ T46] veth0_macvtap: left promiscuous mode [ 84.860715][ T46] veth1_vlan: left promiscuous mode [ 84.862821][ T46] veth0_vlan: left promiscuous mode [ 85.125183][ T5314] Bluetooth: hci0: command tx timeout [ 85.413278][ T46] team0 (unregistering): Port device team_slave_1 removed [ 85.472707][ T46] team0 (unregistering): Port device team_slave_0 removed [ 85.953387][ T8251] capability: warning: `syz.3.940' uses deprecated v2 capabilities in a way that may be insecure [ 86.046102][ T1323] hid-generic 00A0:0006:0003.000D: unknown main item tag 0x0 [ 86.046359][ T8262] overlayfs: workdir and upperdir must reside under the same mount [ 86.048220][ T1323] hid-generic 00A0:0006:0003.000D: unknown main item tag 0x0 [ 86.052637][ T1323] hid-generic 00A0:0006:0003.000D: unknown main item tag 0x0 [ 86.056293][ T1323] hid-generic 00A0:0006:0003.000D: unknown main item tag 0x0 [ 86.058436][ T1323] hid-generic 00A0:0006:0003.000D: unknown main item tag 0x0 [ 86.060544][ T1323] hid-generic 00A0:0006:0003.000D: unknown main item tag 0x0 [ 86.062618][ T1323] hid-generic 00A0:0006:0003.000D: unknown main item tag 0x0 [ 86.065209][ T1323] hid-generic 00A0:0006:0003.000D: unknown main item tag 0x0 [ 86.067879][ T1323] hid-generic 00A0:0006:0003.000D: unknown main item tag 0x0 [ 86.070052][ T1323] hid-generic 00A0:0006:0003.000D: unknown main item tag 0x0 [ 86.072123][ T1323] hid-generic 00A0:0006:0003.000D: unknown main item tag 0x0 [ 86.074142][ T1323] hid-generic 00A0:0006:0003.000D: unknown main item tag 0x0 [ 86.080555][ T1323] hid-generic 00A0:0006:0003.000D: hidraw1: HID v0.05 Device [syz1] on syz0 [ 86.197506][ T8281] GUP no longer grows the stack in syz.1.952 (8281): 80004000-8000a000 (80002000) [ 86.200261][ T8281] CPU: 1 UID: 0 PID: 8281 Comm: syz.1.952 Not tainted 6.14.0-syzkaller-02665-g1e26c5e28ca5 #0 PREEMPT(full) [ 86.200279][ T8281] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 86.200286][ T8281] Call Trace: [ 86.200290][ T8281] [ 86.200295][ T8281] dump_stack_lvl+0x16c/0x1f0 [ 86.200314][ T8281] gup_vma_lookup+0x1d2/0x220 [ 86.200328][ T8281] __get_user_pages+0x234/0x36f0 [ 86.200346][ T8281] ? __pfx___get_user_pages+0x10/0x10 [ 86.200363][ T8281] get_user_pages_remote+0x258/0xb20 [ 86.200379][ T8281] ? __pfx_mtree_load+0x10/0x10 [ 86.200393][ T8281] ? __pfx_get_user_pages_remote+0x10/0x10 [ 86.200411][ T8281] __access_remote_vm+0x233/0x7b0 [ 86.200423][ T8281] ? __pfx___access_remote_vm+0x10/0x10 [ 86.200438][ T8281] proc_pid_cmdline_read+0x4de/0x8f0 [ 86.200453][ T8281] ? __pfx_proc_pid_cmdline_read+0x10/0x10 [ 86.200467][ T8281] ? rw_verify_area+0xcf/0x680 [ 86.200479][ T8281] ? __pfx_proc_pid_cmdline_read+0x10/0x10 [ 86.200492][ T8281] vfs_readv+0x6bc/0x8a0 [ 86.200507][ T8281] ? __pfx_vfs_readv+0x10/0x10 [ 86.200520][ T8281] ? kmem_cache_free+0x2d4/0x4d0 [ 86.200539][ T8281] ? __fget_files+0x20e/0x3c0 [ 86.200555][ T8281] ? do_preadv+0x1af/0x270 [ 86.200567][ T8281] do_preadv+0x1af/0x270 [ 86.200579][ T8281] ? __pfx_do_preadv+0x10/0x10 [ 86.200591][ T8281] ? rcu_is_watching+0x12/0xc0 [ 86.200603][ T8281] __do_fast_syscall_32+0x73/0x120 [ 86.200618][ T8281] do_fast_syscall_32+0x32/0x80 [ 86.200632][ T8281] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 86.200644][ T8281] RIP: 0023:0xf73fe579 [ 86.200652][ T8281] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 86.200662][ T8281] RSP: 002b:00000000f508655c EFLAGS: 00000296 ORIG_RAX: 000000000000014d [ 86.200672][ T8281] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040 [ 86.200679][ T8281] RDX: 0000000000000001 RSI: 0000000000000300 RDI: 0000000000000000 [ 86.200684][ T8281] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 86.200690][ T8281] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 86.200695][ T8281] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 86.200705][ T8281] [ 86.245514][ T8283] io-wq is not configured for unbound workers [ 86.246274][ C1] vkms_vblank_simulate: vblank timer overrun [ 86.273500][ C1] vkms_vblank_simulate: vblank timer overrun [ 86.275436][ C1] hrtimer: interrupt took 70809606 ns [ 86.346322][ C1] vkms_vblank_simulate: vblank timer overrun [ 86.696031][ T1969] usb 9-1: USB disconnect, device number 6 [ 86.835971][ T1323] hid-generic 00A0:0006:0003.000E: unknown main item tag 0x0 [ 86.838336][ T1323] hid-generic 00A0:0006:0003.000E: unknown main item tag 0x0 [ 86.840472][ T1323] hid-generic 00A0:0006:0003.000E: unknown main item tag 0x0 [ 86.842542][ T1323] hid-generic 00A0:0006:0003.000E: unknown main item tag 0x0 [ 86.855855][ T1323] hid-generic 00A0:0006:0003.000E: unknown main item tag 0x0 [ 86.859097][ T1323] hid-generic 00A0:0006:0003.000E: unknown main item tag 0x0 [ 86.861719][ T1323] hid-generic 00A0:0006:0003.000E: unknown main item tag 0x0 [ 86.864016][ T1323] hid-generic 00A0:0006:0003.000E: unknown main item tag 0x0 [ 86.866464][ T1323] hid-generic 00A0:0006:0003.000E: unknown main item tag 0x0 [ 86.868534][ T1323] hid-generic 00A0:0006:0003.000E: unknown main item tag 0x0 [ 86.870602][ T1323] hid-generic 00A0:0006:0003.000E: unknown main item tag 0x0 [ 86.872680][ T1323] hid-generic 00A0:0006:0003.000E: unknown main item tag 0x0 [ 86.876422][ T1323] hid-generic 00A0:0006:0003.000E: hidraw1: HID v0.05 Device [syz1] on syz0 [ 87.210446][ T5962] Bluetooth: hci0: command tx timeout [ 87.310647][ T10] hid-generic 00A0:0006:0003.000F: unknown main item tag 0x0 [ 87.312740][ T10] hid-generic 00A0:0006:0003.000F: unknown main item tag 0x0 [ 87.315643][ T10] hid-generic 00A0:0006:0003.000F: unknown main item tag 0x0 [ 87.317721][ T10] hid-generic 00A0:0006:0003.000F: unknown main item tag 0x0 [ 87.319790][ T10] hid-generic 00A0:0006:0003.000F: unknown main item tag 0x0 [ 87.321836][ T10] hid-generic 00A0:0006:0003.000F: unknown main item tag 0x0 [ 87.323883][ T10] hid-generic 00A0:0006:0003.000F: unknown main item tag 0x0 [ 87.326873][ T10] hid-generic 00A0:0006:0003.000F: unknown main item tag 0x0 [ 87.329034][ T10] hid-generic 00A0:0006:0003.000F: unknown main item tag 0x0 [ 87.331072][ T10] hid-generic 00A0:0006:0003.000F: unknown main item tag 0x0 [ 87.333129][ T10] hid-generic 00A0:0006:0003.000F: unknown main item tag 0x0 [ 87.336052][ T10] hid-generic 00A0:0006:0003.000F: unknown main item tag 0x0 [ 87.338591][ T10] hid-generic 00A0:0006:0003.000F: hidraw1: HID v0.05 Device [syz1] on syz0 [ 88.074782][ T10] usb 12-1: new high-speed USB device number 2 using dummy_hcd [ 88.226939][ T8460] netlink: 'syz.3.1025': attribute type 29 has an invalid length. [ 88.235642][ T8460] netlink: 'syz.3.1025': attribute type 29 has an invalid length. [ 88.235884][ T10] usb 12-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 88.240719][ T10] usb 12-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 88.243431][ T10] usb 12-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 88.246009][ T10] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 88.250095][ T8422] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22 [ 88.254486][ T10] usb 12-1: Quirk or no altset; falling back to MIDI 1.0 [ 88.384176][ T8467] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 88.458106][ T70] usb 12-1: USB disconnect, device number 2 [ 88.943369][ T8495] netlink: 'syz.4.1032': attribute type 29 has an invalid length. [ 88.954206][ T8495] netlink: 'syz.4.1032': attribute type 29 has an invalid length. [ 89.002597][ T8497] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 89.285525][ T5962] Bluetooth: hci0: command 0x040f tx timeout [ 89.484456][ T8539] bio_check_eod: 2 callbacks suppressed [ 89.484466][ T8539] syz.1.1050: attempt to access beyond end of device [ 89.484466][ T8539] nbd1: rw=0, sector=64, nr_sectors = 1 limit=0 [ 89.489995][ T8539] syz.1.1050: attempt to access beyond end of device [ 89.489995][ T8539] nbd1: rw=0, sector=256, nr_sectors = 1 limit=0 [ 89.490513][ T8541] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1051'. [ 89.493683][ T8539] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256 [ 89.497222][ T8541] bridge_slave_1: left allmulticast mode [ 89.499596][ T8539] syz.1.1050: attempt to access beyond end of device [ 89.499596][ T8539] nbd1: rw=0, sector=512, nr_sectors = 1 limit=0 [ 89.501140][ T8541] bridge_slave_1: left promiscuous mode [ 89.505534][ T8539] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512 [ 89.506790][ T8541] bridge0: port 2(bridge_slave_1) entered disabled state [ 89.508936][ T8539] UDF-fs: warning (device nbd1): udf_load_vrs: No anchor found [ 89.513007][ T8539] UDF-fs: Scanning with blocksize 512 failed [ 89.516301][ T8539] syz.1.1050: attempt to access beyond end of device [ 89.516301][ T8539] nbd1: rw=0, sector=64, nr_sectors = 2 limit=0 [ 89.517168][ T8541] bridge_slave_0: left allmulticast mode [ 89.519905][ T8539] syz.1.1050: attempt to access beyond end of device [ 89.519905][ T8539] nbd1: rw=0, sector=512, nr_sectors = 2 limit=0 [ 89.521495][ T8541] bridge_slave_0: left promiscuous mode [ 89.525543][ T8539] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256 [ 89.527220][ T8541] bridge0: port 1(bridge_slave_0) entered disabled state [ 89.530584][ T8539] syz.1.1050: attempt to access beyond end of device [ 89.530584][ T8539] nbd1: rw=0, sector=1024, nr_sectors = 2 limit=0 [ 89.535469][ T8539] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512 [ 89.538209][ T8539] UDF-fs: warning (device nbd1): udf_load_vrs: No anchor found [ 89.541174][ T8539] UDF-fs: Scanning with blocksize 1024 failed [ 89.543194][ T8539] syz.1.1050: attempt to access beyond end of device [ 89.543194][ T8539] nbd1: rw=0, sector=64, nr_sectors = 4 limit=0 [ 89.548190][ T8539] syz.1.1050: attempt to access beyond end of device [ 89.548190][ T8539] nbd1: rw=0, sector=1024, nr_sectors = 4 limit=0 [ 89.551805][ T8539] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256 [ 89.554528][ T8539] syz.1.1050: attempt to access beyond end of device [ 89.554528][ T8539] nbd1: rw=0, sector=2048, nr_sectors = 4 limit=0 [ 89.558343][ T8539] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512 [ 89.560963][ T8539] UDF-fs: warning (device nbd1): udf_load_vrs: No anchor found [ 89.563053][ T8539] UDF-fs: Scanning with blocksize 2048 failed [ 89.565044][ T8539] syz.1.1050: attempt to access beyond end of device [ 89.565044][ T8539] nbd1: rw=0, sector=64, nr_sectors = 8 limit=0 [ 89.568708][ T8539] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256 [ 89.571369][ T8539] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512 [ 89.573965][ T8539] UDF-fs: warning (device nbd1): udf_load_vrs: No anchor found [ 89.576321][ T8539] UDF-fs: Scanning with blocksize 4096 failed [ 89.578026][ T8539] UDF-fs: warning (device nbd1): udf_fill_super: No partition found (1) [ 89.644726][ T34] usb 9-1: new high-speed USB device number 7 using dummy_hcd [ 89.826244][ T34] usb 9-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 89.830668][ T34] usb 9-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 89.834805][ T34] usb 9-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 89.838229][ T34] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 89.843080][ T8531] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 89.849029][ T34] usb 9-1: Quirk or no altset; falling back to MIDI 1.0 [ 90.051628][ T1323] usb 9-1: USB disconnect, device number 7 [ 90.089870][ T8576] Bluetooth: MGMT ver 1.23 [ 90.125603][ T8578] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check. [ 90.171449][ T8578] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check. [ 90.199808][ T40] kauditd_printk_skb: 7 callbacks suppressed [ 90.199822][ T40] audit: type=1326 audit(1742994351.246:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8583 comm="syz.7.1072" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f44579 code=0x0 [ 90.376001][ T12] Bluetooth: hci4: Frame reassembly failed (-84) [ 91.304809][ T34] usb 12-1: new high-speed USB device number 3 using dummy_hcd [ 91.354739][ T5962] Bluetooth: hci0: command 0x040f tx timeout [ 91.476096][ T34] usb 12-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 91.480219][ T34] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 91.484275][ T34] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 91.488368][ T34] usb 12-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 91.492970][ T34] usb 12-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 91.496360][ T34] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 91.500022][ T34] usb 12-1: config 0 descriptor?? [ 91.502283][ T8631] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22 [ 91.913184][ T34] plantronics 0003:047F:FFFF.0010: unknown main item tag 0xd [ 91.916881][ T34] plantronics 0003:047F:FFFF.0010: No inputs registered, leaving [ 91.920880][ T34] plantronics 0003:047F:FFFF.0010: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.7-1/input0 [ 92.176770][ T70] usb 12-1: USB disconnect, device number 3 [ 92.394804][ T5962] Bluetooth: hci4: command 0xfc11 tx timeout [ 92.394831][ T5314] Bluetooth: hci4: Entering manufacturer mode failed (-110) [ 92.565490][ T8689] Invalid option length (1025206) for dns_resolver key [ 92.637287][ T8703] 9pnet: p9_errstr2errno: server reported unknown error @ [ 92.750293][ T8712] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1132'. [ 93.090833][ T40] audit: type=1800 audit(1742994354.136:45): pid=8739 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1144" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 93.434894][ T5314] Bluetooth: hci0: command 0x040f tx timeout [ 93.464709][ T34] usb 12-1: new high-speed USB device number 4 using dummy_hcd [ 93.490407][ T8767] Bluetooth: hci0: load_link_keys: too big key_count value 3072 [ 93.586730][ T8779] Bluetooth: hci0: service_discovery: expected 4 bytes, got 7 bytes [ 93.637223][ T34] usb 12-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 93.639659][ T34] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 93.641786][ T34] usb 12-1: Product: syz [ 93.642918][ T34] usb 12-1: Manufacturer: syz [ 93.644234][ T34] usb 12-1: SerialNumber: syz [ 93.646642][ T34] usb 12-1: config 0 descriptor?? [ 93.855862][ T1323] usb 12-1: USB disconnect, device number 4 [ 93.875432][ T8801] block nbd3: NBD_DISCONNECT [ 93.877154][ T8801] block nbd3: Send disconnect failed -22 [ 93.879706][ T8800] block nbd3: Disconnected due to user request. [ 93.881925][ T8800] block nbd3: shutting down sockets [ 94.297877][ T8826] vivid-003: disconnect [ 94.300369][ T8826] vivid-003: reconnect [ 94.352253][ T10] libceph: connect (1)[c::]:6789 error -101 [ 94.354261][ T10] libceph: mon0 (1)[c::]:6789 connect error [ 94.424765][ T8830] ceph: No mds server is up or the cluster is laggy [ 94.605464][ T5989] usb 8-1: new high-speed USB device number 10 using dummy_hcd [ 94.663916][ T8857] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1198'. [ 94.665638][ T8861] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1199'. [ 94.755191][ T5989] usb 8-1: Using ep0 maxpacket: 8 [ 94.760541][ T5989] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 94.763435][ T5989] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 94.766044][ T5989] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 94.770324][ T5989] usb 8-1: config 0 descriptor?? [ 94.822555][ T8878] pim6reg1: entered promiscuous mode [ 94.823987][ T8878] pim6reg1: entered allmulticast mode [ 94.886815][ T8885] input: syz1 as /devices/virtual/input/input22 [ 95.180647][ T5989] iowarrior 8-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 95.185299][ T5989] usb 8-1: USB disconnect, device number 10 [ 95.419189][ T8911] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1222'. [ 95.458166][ T8913] netlink: 3 bytes leftover after parsing attributes in process `syz.7.1223'. [ 95.460787][ T8913] 0X: renamed from caif0 [ 95.463109][ T8913] 0X: entered allmulticast mode [ 95.465173][ T8913] A link change request failed with some changes committed already. Interface 60X may have been left with an inconsistent configuration, please check. [ 95.790645][ T46] Bluetooth: hci4: Frame reassembly failed (-84) [ 95.795492][ T8931] Bluetooth: hci4: Frame reassembly failed (-84) [ 95.891784][ T8941] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1237'. [ 95.897717][ T8943] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1238'. [ 95.900241][ T8943] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 95.902318][ T8943] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 95.906237][ T8943] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 95.908330][ T8943] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 96.033123][ T8959] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1252'. [ 96.202664][ T8970] syzkaller1: entered promiscuous mode [ 96.204294][ T8970] syzkaller1: entered allmulticast mode [ 96.278158][ T8972] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 96.554738][ T5989] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 96.684691][ T70] usb 9-1: new high-speed USB device number 8 using dummy_hcd [ 96.705909][ T5989] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 96.708947][ T5989] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 96.711604][ T5989] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 96.715511][ T5989] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 96.718017][ T5989] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 96.720955][ T5989] usb 6-1: config 0 descriptor?? [ 96.836070][ T70] usb 9-1: config index 0 descriptor too short (expected 45, got 36) [ 96.838392][ T70] usb 9-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 96.841670][ T70] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 96.844756][ T70] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 96.847822][ T70] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 96.851366][ T70] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 96.853857][ T70] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 96.856790][ T70] usb 9-1: config 0 descriptor?? [ 96.859399][ T8986] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 97.129414][ T5989] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0 [ 97.131500][ T5989] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0 [ 97.133534][ T5989] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0 [ 97.135643][ T5989] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0 [ 97.137676][ T5989] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0 [ 97.139720][ T5989] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0 [ 97.141750][ T5989] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0 [ 97.143790][ T5989] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0 [ 97.145883][ T5989] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0 [ 97.147963][ T5989] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0 [ 97.150000][ T5989] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0 [ 97.152053][ T5989] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0 [ 97.154090][ T5989] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0 [ 97.156186][ T5989] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0 [ 97.158189][ T5989] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0 [ 97.160426][ T5989] plantronics 0003:047F:FFFF.0011: No inputs registered, leaving [ 97.163415][ T5989] plantronics 0003:047F:FFFF.0011: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 97.269507][ T70] plantronics 0003:047F:FFFF.0012: unknown main item tag 0xe [ 97.271898][ T70] plantronics 0003:047F:FFFF.0012: No inputs registered, leaving [ 97.275943][ T70] plantronics 0003:047F:FFFF.0012: hiddev1,hidraw2: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 97.416405][ T5989] usb 6-1: USB disconnect, device number 9 [ 97.473048][ T70] usb 9-1: USB disconnect, device number 8 [ 97.773691][ T5989] hid-generic 0004:FFFFFFFF:0000.0013: unknown main item tag 0x0 [ 97.784674][ T5989] hid-generic 0004:FFFFFFFF:0000.0013: unknown main item tag 0x0 [ 97.786882][ T5989] hid-generic 0004:FFFFFFFF:0000.0013: unknown main item tag 0x0 [ 97.789508][ T5989] hid-generic 0004:FFFFFFFF:0000.0013: unknown main item tag 0x0 [ 97.791664][ T5989] hid-generic 0004:FFFFFFFF:0000.0013: unknown main item tag 0x0 [ 97.794034][ T5989] hid-generic 0004:FFFFFFFF:0000.0013: unknown main item tag 0x0 [ 97.804735][ T5989] hid-generic 0004:FFFFFFFF:0000.0013: unknown main item tag 0x0 [ 97.806871][ T5989] hid-generic 0004:FFFFFFFF:0000.0013: unknown main item tag 0x0 [ 97.811334][ T5989] hid-generic 0004:FFFFFFFF:0000.0013: unknown main item tag 0x0 [ 97.813484][ T5989] hid-generic 0004:FFFFFFFF:0000.0013: unknown main item tag 0x0 [ 97.816333][ T5989] hid-generic 0004:FFFFFFFF:0000.0013: unknown main item tag 0x0 [ 97.819020][ T5989] hid-generic 0004:FFFFFFFF:0000.0013: unknown main item tag 0x0 [ 97.821220][ T5989] hid-generic 0004:FFFFFFFF:0000.0013: unknown main item tag 0x0 [ 97.823359][ T5989] hid-generic 0004:FFFFFFFF:0000.0013: unknown main item tag 0x0 [ 97.825691][ T5989] hid-generic 0004:FFFFFFFF:0000.0013: unknown main item tag 0x0 [ 97.827857][ T5989] hid-generic 0004:FFFFFFFF:0000.0013: unknown main item tag 0x0 [ 97.829976][ T5989] hid-generic 0004:FFFFFFFF:0000.0013: unknown main item tag 0x0 [ 97.832104][ T5989] hid-generic 0004:FFFFFFFF:0000.0013: unknown main item tag 0x0 [ 97.834389][ T5989] hid-generic 0004:FFFFFFFF:0000.0013: unknown main item tag 0x0 [ 97.834752][ T5962] Bluetooth: hci4: command 0xfc11 tx timeout [ 97.834787][ T5314] Bluetooth: hci4: Entering manufacturer mode failed (-110) [ 97.837190][ T5989] hid-generic 0004:FFFFFFFF:0000.0013: unknown main item tag 0x0 [ 97.846833][ T5989] hid-generic 0004:FFFFFFFF:0000.0013: unknown main item tag 0x0 [ 97.849023][ T5989] hid-generic 0004:FFFFFFFF:0000.0013: unknown main item tag 0x0 [ 97.854232][ T5989] hid-generic 0004:FFFFFFFF:0000.0013: unknown main item tag 0x0 [ 97.856663][ T5989] hid-generic 0004:FFFFFFFF:0000.0013: unknown main item tag 0x0 [ 97.858772][ T5989] hid-generic 0004:FFFFFFFF:0000.0013: unknown main item tag 0x0 [ 97.860922][ T5989] hid-generic 0004:FFFFFFFF:0000.0013: unknown main item tag 0x0 [ 97.863041][ T5989] hid-generic 0004:FFFFFFFF:0000.0013: unknown main item tag 0x0 [ 97.865380][ T5989] hid-generic 0004:FFFFFFFF:0000.0013: unknown main item tag 0x0 [ 97.867526][ T5989] hid-generic 0004:FFFFFFFF:0000.0013: unknown main item tag 0x0 [ 97.869667][ T5989] hid-generic 0004:FFFFFFFF:0000.0013: unknown main item tag 0x0 [ 97.871737][ T5989] hid-generic 0004:FFFFFFFF:0000.0013: unknown main item tag 0x0 [ 97.873831][ T5989] hid-generic 0004:FFFFFFFF:0000.0013: unknown main item tag 0x0 [ 97.877493][ T5989] hid-generic 0004:FFFFFFFF:0000.0013: hidraw1: HID v0.00 Device [syz0] on syz0 [ 98.054830][ T1323] usb 12-1: new high-speed USB device number 5 using dummy_hcd [ 98.218518][ T1323] usb 12-1: config 0 has no interfaces? [ 98.220330][ T1323] usb 12-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 98.222872][ T1323] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 98.227517][ T1323] usb 12-1: config 0 descriptor?? [ 98.239690][ T9040] syzkaller1: entered promiscuous mode [ 98.241288][ T9040] syzkaller1: entered allmulticast mode [ 98.435687][ T1969] usb 12-1: USB disconnect, device number 5 [ 98.462125][ T9064] syzkaller1: entered promiscuous mode [ 98.463713][ T9064] syzkaller1: entered allmulticast mode [ 98.596603][ T9069] netlink: 'syz.1.1297': attribute type 3 has an invalid length. [ 100.284848][ T1323] usb 12-1: new high-speed USB device number 6 using dummy_hcd [ 100.438476][ T9160] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1339'. [ 100.455598][ T1323] usb 12-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 100.458321][ T1323] usb 12-1: config 0 interface 0 has no altsetting 0 [ 100.461628][ T1323] usb 12-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 100.464193][ T1323] usb 12-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 100.466663][ T1323] usb 12-1: Product: syz [ 100.467897][ T1323] usb 12-1: Manufacturer: syz [ 100.469218][ T1323] usb 12-1: SerialNumber: syz [ 100.471775][ T1323] usb 12-1: config 0 descriptor?? [ 100.475048][ T1323] usb 12-1: selecting invalid altsetting 0 [ 100.677206][ T9167] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 100.680527][ T1323] usb 12-1: USB disconnect, device number 6 [ 100.888075][ T1969] kernel write not supported for file /snd/seq (pid: 1969 comm: kworker/0:3) [ 101.401963][ T9201] pim6reg1: entered promiscuous mode [ 101.403563][ T9201] pim6reg1: entered allmulticast mode [ 101.467901][ T9203] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1359'. [ 101.719021][ T9218] netlink: 'syz.7.1366': attribute type 1 has an invalid length. [ 101.721210][ T9218] netlink: 40 bytes leftover after parsing attributes in process `syz.7.1366'. [ 101.723781][ T9218] nbd: illegal input index 7388461 [ 101.776646][ T6474] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 101.778691][ T6474] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 101.780728][ T6474] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 101.782728][ T6474] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 101.786275][ T6474] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 101.788342][ T6474] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 101.790343][ T6474] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 101.792451][ T6474] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 101.794594][ T6474] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 101.797471][ T6474] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 101.800106][ T6474] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 101.803169][ T6474] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 101.805776][ T6474] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 101.808188][ T6474] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 101.810421][ T6474] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 101.812620][ T6474] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 101.815327][ T6474] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 101.817424][ T6474] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 101.819534][ T6474] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 101.821543][ T6474] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 101.823629][ T6474] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 101.826258][ T6474] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 101.828549][ T6474] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 101.830721][ T6474] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 101.833198][ T6474] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 101.837517][ T6474] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 101.840329][ T6474] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 101.843090][ T6474] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 101.845968][ T6474] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 101.849104][ T6474] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 101.852829][ T6474] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 101.857533][ T6474] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 101.860906][ T6474] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 101.863727][ T6474] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 101.866631][ T6474] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 101.869478][ T6474] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 101.871942][ T6474] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 101.873919][ T6474] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 101.876100][ T6474] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 101.878143][ T6474] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 101.880149][ T6474] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 101.882190][ T6474] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 101.884266][ T6474] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 101.886882][ T6474] hid-generic 0000:0000:0000.0014: hidraw1: HID v0.00 Device [syz0] on syz1 [ 101.924483][ T9228] overlayfs: failed to create directory ./bus/work (errno: 22); mounting read-only [ 102.124710][ T34] usb 9-1: new high-speed USB device number 9 using dummy_hcd [ 102.214781][ T3234] usb 8-1: new high-speed USB device number 11 using dummy_hcd [ 102.284851][ T34] usb 9-1: Using ep0 maxpacket: 8 [ 102.287517][ T34] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 102.290823][ T34] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 102.293642][ T34] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10 [ 102.298083][ T34] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024 [ 102.301161][ T34] usb 9-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 102.303698][ T34] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 102.307675][ T34] hub 9-1:1.0: bad descriptor, ignoring hub [ 102.309369][ T34] hub 9-1:1.0: probe with driver hub failed with error -5 [ 102.311506][ T34] cdc_wdm 9-1:1.0: skipping garbage [ 102.312958][ T34] cdc_wdm 9-1:1.0: skipping garbage [ 102.315040][ T34] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device [ 102.316760][ T34] cdc_wdm 9-1:1.0: Unknown control protocol [ 102.365159][ T3234] usb 8-1: Using ep0 maxpacket: 32 [ 102.367809][ T3234] usb 8-1: config index 0 descriptor too short (expected 29220, got 36) [ 102.370224][ T3234] usb 8-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 102.372618][ T3234] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 102.375564][ T3234] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 102.378323][ T3234] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 102.381061][ T3234] usb 8-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 102.384760][ T3234] usb 8-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 102.387801][ T3234] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 102.390966][ T3234] usb 8-1: config 0 descriptor?? [ 102.592626][ T9274] loop8: detected capacity change from 0 to 2 [ 102.596471][ T9274] Dev loop8: unable to read RDB block 2 [ 102.598071][ T9274] loop8: unable to read partition table [ 102.600308][ T9274] loop8: partition table beyond EOD, truncated [ 102.602399][ T9274] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5) [ 102.605228][ T3234] usblp 8-1:0.0: usblp1: USB Bidirectional printer dev 11 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 102.614946][ T34] usb 9-1: USB disconnect, device number 9 [ 102.802495][ T1323] usb 8-1: USB disconnect, device number 11 [ 102.805655][ T1323] usblp1: removed [ 102.944770][ T34] usb 9-1: new high-speed USB device number 10 using dummy_hcd [ 103.034735][ T3234] usb 12-1: new high-speed USB device number 7 using dummy_hcd [ 103.114918][ T34] usb 9-1: Using ep0 maxpacket: 8 [ 103.117951][ T34] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 103.120785][ T34] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 103.123245][ T34] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10 [ 103.126755][ T34] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024 [ 103.130108][ T34] usb 9-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 103.132713][ T34] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 103.136671][ T34] hub 9-1:1.0: bad descriptor, ignoring hub [ 103.138339][ T34] hub 9-1:1.0: probe with driver hub failed with error -5 [ 103.140450][ T34] cdc_wdm 9-1:1.0: skipping garbage [ 103.141896][ T34] cdc_wdm 9-1:1.0: skipping garbage [ 103.143723][ T34] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device [ 103.145456][ T34] cdc_wdm 9-1:1.0: Unknown control protocol [ 103.204704][ T3234] usb 12-1: Using ep0 maxpacket: 32 [ 103.207698][ T3234] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 103.210648][ T3234] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 103.213311][ T3234] usb 12-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 103.217017][ T3234] usb 12-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00 [ 103.219491][ T3234] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 103.222347][ T3234] usb 12-1: config 0 descriptor?? [ 103.328509][ T9292] input: syz1 as /devices/virtual/input/input23 [ 103.367995][ T9295] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1403'. [ 103.465122][ T34] usb 9-1: USB disconnect, device number 10 [ 103.641357][ T3234] input: HID 0458:5011 as /devices/platform/dummy_hcd.7/usb12/12-1/12-1:0.0/0003:0458:5011.0015/input/input24 [ 103.707497][ T3234] input: HID 0458:5011 as /devices/platform/dummy_hcd.7/usb12/12-1/12-1:0.0/0003:0458:5011.0015/input/input25 [ 103.724487][ T3234] kye 0003:0458:5011.0015: input,hiddev0,hidraw1: USB HID v0.00 Mouse [HID 0458:5011] on usb-dummy_hcd.7-1/input0 [ 103.888972][ T1969] usb 12-1: USB disconnect, device number 7 [ 104.457890][ T9327] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1415'. [ 104.667836][ T9335] overlayfs: statfs failed on './file1' [ 105.090061][ T9368] sctp: [Deprecated]: syz.4.1437 (pid 9368) Use of struct sctp_assoc_value in delayed_ack socket option. [ 105.090061][ T9368] Use struct sctp_sack_info instead [ 105.235505][ T6474] usb 12-1: new high-speed USB device number 8 using dummy_hcd [ 105.305026][ T70] usb 6-1: new full-speed USB device number 10 using dummy_hcd [ 105.394689][ T6474] usb 12-1: Using ep0 maxpacket: 16 [ 105.399407][ T6474] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 105.402333][ T6474] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 105.405094][ T6474] usb 12-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 105.408777][ T6474] usb 12-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 105.411212][ T6474] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 105.415276][ T6474] usb 12-1: config 0 descriptor?? [ 105.469814][ T70] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 105.473671][ T70] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 105.477725][ T70] usb 6-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8 [ 105.481177][ T70] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 105.487103][ T70] usb 6-1: config 0 descriptor?? [ 105.491935][ T70] dvb-usb: found a 'Artec T1 USB2.0' in warm state. [ 105.494543][ T70] dvb-usb: bulk message failed: -22 (3/0) [ 105.499654][ T70] dvb-usb: will use the device's hardware PID filter (table count: 16). [ 105.502825][ T70] dvbdev: DVB: registering new adapter (Artec T1 USB2.0) [ 105.504868][ T70] usb 6-1: media controller created [ 105.509198][ T70] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 105.513838][ T70] dvb-usb: bulk message failed: -22 (6/0) [ 105.515612][ T70] dvb-usb: no frontend was attached by 'Artec T1 USB2.0' [ 105.518597][ T70] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb6/6-1/input/input26 [ 105.523089][ T70] dvb-usb: schedule remote query interval to 150 msecs. [ 105.525099][ T70] dvb-usb: Artec T1 USB2.0 successfully initialized and connected. [ 105.694130][ T1969] usb 6-1: USB disconnect, device number 10 [ 105.696562][ T70] dvb-usb: bulk message failed: -22 (1/0) [ 105.696603][ T70] dvb-usb: error while querying for an remote control event. [ 105.701458][ T9407] netlink: 'syz.4.1455': attribute type 3 has an invalid length. [ 105.703703][ T9407] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1455'. [ 105.716362][ T1969] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected. [ 105.823892][ T6474] microsoft 0003:045E:07DA.0016: unknown main item tag 0x1 [ 105.830101][ T6474] input: HID 045e:07da as /devices/platform/dummy_hcd.7/usb12/12-1/12-1:0.0/0003:045E:07DA.0016/input/input27 [ 105.886606][ T6474] microsoft 0003:045E:07DA.0016: input,hidraw1: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.7-1/input0 [ 106.026737][ T7745] usb 12-1: USB disconnect, device number 8 [ 106.225067][ T9436] netlink: 'syz.1.1459': attribute type 3 has an invalid length. [ 106.227344][ T9436] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1459'. [ 106.511061][ T9448] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1473'. [ 106.870237][ T40] audit: type=1326 audit(1742994367.916:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9480 comm="syz.4.1481" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x0 [ 108.137691][ T9518] pim6reg1: entered promiscuous mode [ 108.140463][ T9518] pim6reg1: entered allmulticast mode [ 108.571843][ T40] audit: type=1326 audit(1742994369.616:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9527 comm="syz.3.1500" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f94579 code=0x0 [ 108.776141][ T9537] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1503'. [ 109.120263][ T9546] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 109.450365][ T9552] overlayfs: failed to create directory ./bus/work (errno: 22); mounting read-only [ 109.915204][ T3234] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 109.917338][ T3234] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 109.919432][ T3234] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 109.921482][ T3234] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 109.923927][ T3234] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 109.926907][ T3234] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 109.929223][ T3234] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 109.931508][ T3234] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 109.933798][ T3234] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 109.936023][ T3234] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 109.938096][ T3234] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 109.940189][ T3234] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 109.940332][ T9608] netlink: 'syz.1.1534': attribute type 1 has an invalid length. [ 109.942242][ T3234] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 109.942259][ T3234] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 109.944492][ T9608] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1534'. [ 109.946686][ T3234] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 109.948796][ T9608] nbd: illegal input index 7388461 [ 109.951234][ T3234] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 109.957063][ T3234] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 109.959127][ T3234] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 109.961186][ T3234] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 109.963227][ T3234] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 109.965657][ T3234] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 109.967942][ T3234] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 109.970196][ T3234] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 109.972254][ T3234] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 109.974291][ T3234] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 109.977113][ T3234] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 109.979255][ T3234] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 109.981302][ T3234] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 109.983344][ T3234] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 109.985535][ T3234] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 109.987610][ T3234] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 109.989653][ T3234] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 109.991669][ T3234] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 109.993814][ T3234] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 109.996299][ T3234] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 109.998329][ T3234] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 110.000349][ T3234] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 110.002368][ T3234] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 110.004416][ T3234] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 110.006540][ T3234] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 110.008566][ T3234] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 110.010587][ T3234] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 110.012619][ T3234] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 110.017989][ T3234] hid-generic 0000:0000:0000.0017: hidraw1: HID v0.00 Device [syz0] on syz1 [ 110.098600][ T9617] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1541'. [ 110.484700][ T6474] usb 12-1: new high-speed USB device number 9 using dummy_hcd [ 110.634785][ T6474] usb 12-1: Using ep0 maxpacket: 32 [ 110.638011][ T6474] usb 12-1: config index 0 descriptor too short (expected 29220, got 36) [ 110.640488][ T6474] usb 12-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 110.642921][ T6474] usb 12-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 110.645584][ T6474] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 110.648282][ T6474] usb 12-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 110.650987][ T6474] usb 12-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 110.654960][ T6474] usb 12-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 110.658426][ T6474] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 110.662626][ T6474] usb 12-1: config 0 descriptor?? [ 110.870534][ T6474] usblp 12-1:0.0: usblp0: USB Bidirectional printer dev 9 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 111.071444][ T5921] usb 12-1: USB disconnect, device number 9 [ 111.077810][ T5921] usblp0: removed [ 111.292979][ T9667] syz.1.1559 (9667) used greatest stack depth: 19080 bytes left [ 111.673264][ T9683] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1569'. [ 111.700537][ T9689] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1570'. [ 111.704178][ T9689] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 111.706965][ T9689] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 111.709739][ T9689] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 111.711835][ T9689] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 111.917944][ T1323] libceph: connect (1)[c::]:6789 error -101 [ 111.920194][ T1323] libceph: mon0 (1)[c::]:6789 connect error [ 112.024733][ T9693] ceph: No mds server is up or the cluster is laggy [ 112.126182][ T9707] netlink: 20 bytes leftover after parsing attributes in process `syz.7.1577'. [ 112.404753][ T6474] usb 9-1: new high-speed USB device number 11 using dummy_hcd [ 112.554681][ T6474] usb 9-1: Using ep0 maxpacket: 32 [ 112.557929][ T6474] usb 9-1: config index 0 descriptor too short (expected 29220, got 36) [ 112.560320][ T6474] usb 9-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 112.562663][ T6474] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 112.565604][ T6474] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 112.568417][ T6474] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 112.571150][ T6474] usb 9-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 112.575041][ T6474] usb 9-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 112.577672][ T6474] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 112.580663][ T6474] usb 9-1: config 0 descriptor?? [ 112.787424][ T6474] usblp 9-1:0.0: usblp0: USB Bidirectional printer dev 11 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 112.989912][ T7745] usb 9-1: USB disconnect, device number 11 [ 112.992515][ T7745] usblp0: removed [ 114.401767][ T9729] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1583'. [ 115.314696][ T7745] usb 9-1: new high-speed USB device number 12 using dummy_hcd [ 115.467286][ T7745] usb 9-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 115.469627][ T7745] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 115.471683][ T7745] usb 9-1: Product: syz [ 115.472779][ T7745] usb 9-1: Manufacturer: syz [ 115.473962][ T7745] usb 9-1: SerialNumber: syz [ 115.476125][ T7745] usb 9-1: config 0 descriptor?? [ 115.701563][ T7745] usb 9-1: USB disconnect, device number 12 [ 115.755560][ T9765] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1601'. [ 115.924756][ T6474] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 116.074713][ T6474] usb 6-1: Using ep0 maxpacket: 8 [ 116.077891][ T6474] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 116.080855][ T6474] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 116.083307][ T6474] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10 [ 116.087757][ T6474] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024 [ 116.092009][ T6474] usb 6-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 116.096136][ T6474] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 116.101361][ T6474] hub 6-1:1.0: bad descriptor, ignoring hub [ 116.103874][ T6474] hub 6-1:1.0: probe with driver hub failed with error -5 [ 116.107219][ T6474] cdc_wdm 6-1:1.0: skipping garbage [ 116.109201][ T6474] cdc_wdm 6-1:1.0: skipping garbage [ 116.111798][ T6474] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device [ 116.114046][ T6474] cdc_wdm 6-1:1.0: Unknown control protocol [ 116.414847][ T7745] usb 6-1: USB disconnect, device number 11 [ 116.646175][ T9788] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1614'. [ 116.745430][ T7745] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 116.810332][ T3234] kernel write not supported for file /snd/seq (pid: 3234 comm: kworker/3:2) [ 116.852033][ T9809] Bluetooth: hci4: Frame reassembly failed (-84) [ 116.904751][ T7745] usb 6-1: Using ep0 maxpacket: 8 [ 116.909641][ T7745] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 116.912500][ T7745] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 116.915062][ T7745] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10 [ 116.918108][ T7745] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024 [ 116.921179][ T7745] usb 6-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 116.923677][ T7745] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 116.927593][ T7745] hub 6-1:1.0: bad descriptor, ignoring hub [ 116.929632][ T7745] hub 6-1:1.0: probe with driver hub failed with error -5 [ 116.932285][ T7745] cdc_wdm 6-1:1.0: skipping garbage [ 116.934174][ T7745] cdc_wdm 6-1:1.0: skipping garbage [ 116.936066][ T7745] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device [ 116.937937][ T7745] cdc_wdm 6-1:1.0: Unknown control protocol [ 117.235470][ T7745] usb 6-1: USB disconnect, device number 12 [ 117.660281][ T9822] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 117.850117][ T9845] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1637'. [ 118.874941][ T5962] Bluetooth: hci4: command 0xfc11 tx timeout [ 118.874961][ T5314] Bluetooth: hci4: Entering manufacturer mode failed (-110) [ 118.915479][ T9861] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 119.712406][ T46] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 119.828358][ T46] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 119.850377][ T5962] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 119.854379][ T5962] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 119.858059][ T5962] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 119.862102][ T5962] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 119.864586][ T5962] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 119.866898][ T5962] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 119.936880][ T9946] chnl_net:caif_netlink_parms(): no params data found [ 119.985199][ T46] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 120.004986][ T9946] bridge0: port 1(bridge_slave_0) entered blocking state [ 120.007103][ T9946] bridge0: port 1(bridge_slave_0) entered disabled state [ 120.009123][ T9946] bridge_slave_0: entered allmulticast mode [ 120.011230][ T9946] bridge_slave_0: entered promiscuous mode [ 120.013764][ T9946] bridge0: port 2(bridge_slave_1) entered blocking state [ 120.016031][ T9946] bridge0: port 2(bridge_slave_1) entered disabled state [ 120.018130][ T9946] bridge_slave_1: entered allmulticast mode [ 120.020186][ T9946] bridge_slave_1: entered promiscuous mode [ 120.045632][ T46] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 120.051131][ T9946] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 120.055701][ T9946] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 120.077416][ T9946] team0: Port device team_slave_0 added [ 120.080109][ T9946] team0: Port device team_slave_1 added [ 120.095191][ T9946] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 120.097160][ T9946] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 120.104013][ T9946] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 120.108155][ T9946] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 120.110093][ T9946] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 120.117000][ T9946] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 120.139281][ T9946] hsr_slave_0: entered promiscuous mode [ 120.141123][ T9946] hsr_slave_1: entered promiscuous mode [ 120.198683][ T46] bridge_slave_1: left allmulticast mode [ 120.200364][ T46] bridge_slave_1: left promiscuous mode [ 120.201997][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 120.204837][ T46] bridge_slave_0: left allmulticast mode [ 120.206452][ T46] bridge_slave_0: left promiscuous mode [ 120.208083][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 120.487191][ T46] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 120.491339][ T46] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 120.494548][ T46] bond0 (unregistering): Released all slaves [ 120.512630][ T9973] syzkaller1: entered promiscuous mode [ 120.516706][ T9973] syzkaller1: entered allmulticast mode [ 120.544461][ T9946] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 120.547795][ T9946] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 120.550968][ T9946] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 120.554473][ T9946] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 120.591755][ T9946] 8021q: adding VLAN 0 to HW filter on device bond0 [ 120.598151][ T9946] 8021q: adding VLAN 0 to HW filter on device team0 [ 120.602013][ T68] bridge0: port 1(bridge_slave_0) entered blocking state [ 120.604246][ T68] bridge0: port 1(bridge_slave_0) entered forwarding state [ 120.608480][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 120.610436][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 120.704503][ T9946] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 120.724858][ T5950] usb 8-1: new high-speed USB device number 12 using dummy_hcd [ 120.820923][ T9946] veth0_vlan: entered promiscuous mode [ 120.824743][ T9946] veth1_vlan: entered promiscuous mode [ 120.833418][ T9946] veth0_macvtap: entered promiscuous mode [ 120.836773][ T9946] veth1_macvtap: entered promiscuous mode [ 120.842126][ T9946] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 120.845431][ T9946] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 120.849534][ T9946] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 120.854204][ T9946] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 120.857153][ T9946] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 120.860243][ T9946] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 120.868349][ T9946] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 120.870774][ T9946] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 120.873703][ T9946] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 120.877292][ T9946] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 120.881704][ T46] hsr_slave_0: left promiscuous mode [ 120.883574][ T46] hsr_slave_1: left promiscuous mode [ 120.895242][ T5950] usb 8-1: Using ep0 maxpacket: 32 [ 120.896160][ T46] veth1_macvtap: left promiscuous mode [ 120.897911][ T5950] usb 8-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 120.898402][ T46] veth0_macvtap: left promiscuous mode [ 120.901812][ T5950] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 120.912228][ T5950] usb 8-1: config 0 descriptor?? [ 121.118414][ T5950] dvb-usb: found a 'Elgato EyeTV Sat' in cold state, will try to load a firmware [ 121.144994][ T5950] usb 8-1: Direct firmware load for dvb-usb-az6027-03.fw failed with error -2 [ 121.147549][ T5950] usb 8-1: Falling back to sysfs fallback for: dvb-usb-az6027-03.fw [ 121.354136][ T46] team0 (unregistering): Port device team_slave_1 removed [ 121.415347][ T46] team0 (unregistering): Port device team_slave_0 removed [ 121.905512][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 121.907774][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 121.918297][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 121.920973][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 121.925107][ T5314] Bluetooth: hci2: command tx timeout [ 122.419779][T10039] netlink: 28 bytes leftover after parsing attributes in process `syz.8.1718'. [ 123.995255][ T5314] Bluetooth: hci2: command tx timeout [ 125.034829][ T24] usb 9-1: new high-speed USB device number 13 using dummy_hcd [ 125.186009][ T24] usb 9-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 125.189047][ T24] usb 9-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 125.191739][ T24] usb 9-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 125.194190][ T24] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 125.197948][T10054] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 125.202084][ T24] usb 9-1: Quirk or no altset; falling back to MIDI 1.0 [ 125.405667][ T34] usb 9-1: USB disconnect, device number 13 [ 125.963658][T10099] syzkaller1: entered promiscuous mode [ 125.966262][T10099] syzkaller1: entered allmulticast mode [ 126.084712][ T5314] Bluetooth: hci2: command tx timeout [ 126.166325][ T40] audit: type=1326 audit(1742994387.216:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10111 comm="syz.4.1750" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 126.172578][ T40] audit: type=1326 audit(1742994387.216:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10111 comm="syz.4.1750" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 126.178983][ T40] audit: type=1326 audit(1742994387.216:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10111 comm="syz.4.1750" exe="/syz-executor" sig=0 arch=40000003 syscall=245 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 126.185164][ T40] audit: type=1326 audit(1742994387.216:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10111 comm="syz.4.1750" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 126.191491][ T40] audit: type=1326 audit(1742994387.216:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10111 comm="syz.4.1750" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 126.204662][ T40] audit: type=1326 audit(1742994387.226:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10111 comm="syz.4.1750" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 126.210475][ T40] audit: type=1326 audit(1742994387.226:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10111 comm="syz.4.1750" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 126.216699][ T40] audit: type=1326 audit(1742994387.226:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10111 comm="syz.4.1750" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 126.222530][ T40] audit: type=1326 audit(1742994387.236:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10111 comm="syz.4.1750" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 126.228685][ T40] audit: type=1326 audit(1742994387.236:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10111 comm="syz.4.1750" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 127.003814][T10138] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only [ 127.007112][T10138] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 127.010495][T10138] overlayfs: failed to set uuid (23/file1, err=-13); falling back to uuid=null. [ 127.048286][T10141] block nbd4: shutting down sockets [ 127.251134][T10159] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only [ 127.253723][T10159] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 127.257310][T10159] overlayfs: failed to set uuid (198/file1, err=-13); falling back to uuid=null. [ 128.154826][ T5314] Bluetooth: hci2: command tx timeout [ 129.397325][T10249] vlan0: entered allmulticast mode [ 129.399231][T10249] bond0: entered allmulticast mode [ 129.400660][T10249] bond_slave_0: entered allmulticast mode [ 129.402366][T10249] bond_slave_1: entered allmulticast mode [ 129.405643][T10249] bond0: left allmulticast mode [ 129.407029][T10249] bond_slave_0: left allmulticast mode [ 129.408501][T10249] bond_slave_1: left allmulticast mode [ 129.604988][ T1969] usb 13-1: new high-speed USB device number 2 using dummy_hcd [ 129.754878][ T1969] usb 13-1: Using ep0 maxpacket: 8 [ 129.757756][ T1969] usb 13-1: config index 0 descriptor too short (expected 301, got 45) [ 129.759817][ T1969] usb 13-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 129.762492][ T1969] usb 13-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 129.765060][ T1969] usb 13-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 129.767586][ T1969] usb 13-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 129.770927][ T1969] usb 13-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 129.773289][ T1969] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 129.982568][ T1969] usb 13-1: usb_control_msg returned -32 [ 129.984064][ T1969] usbtmc 13-1:16.0: can't read capabilities [ 132.168215][ T1415] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.375632][ T58] usb 13-1: USB disconnect, device number 2 [ 132.459481][T10276] netlink: 28 bytes leftover after parsing attributes in process `syz.7.1821'. [ 132.462614][T10276] netlink: 'syz.7.1821': attribute type 7 has an invalid length. [ 132.465561][T10276] netlink: 'syz.7.1821': attribute type 8 has an invalid length. [ 132.468266][T10276] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1821'. [ 132.474240][T10276] gretap0: entered promiscuous mode [ 132.477175][T10276] batadv_slave_1: entered promiscuous mode [ 132.480304][T10276] gretap0: left promiscuous mode [ 132.482766][T10276] batadv_slave_1: left promiscuous mode [ 132.644760][ T29] usb 9-1: new high-speed USB device number 14 using dummy_hcd [ 132.795915][ T29] usb 9-1: Using ep0 maxpacket: 8 [ 132.798475][ T29] usb 9-1: config index 0 descriptor too short (expected 301, got 45) [ 132.800647][ T29] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 132.803282][ T29] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 132.805914][ T29] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 132.808547][ T29] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 132.811950][ T29] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 132.814531][ T29] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 133.023071][ T29] usb 9-1: usb_control_msg returned -32 [ 133.024736][ T29] usbtmc 9-1:16.0: can't read capabilities [ 133.494754][ T29] usb 13-1: new high-speed USB device number 3 using dummy_hcd [ 133.664769][ T29] usb 13-1: Using ep0 maxpacket: 8 [ 133.667482][ T29] usb 13-1: config 0 has no interfaces? [ 133.669287][ T29] usb 13-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 133.672575][ T29] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 133.677221][ T29] usb 13-1: config 0 descriptor?? [ 134.084054][T10298] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 134.086623][T10298] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 134.091060][ T6474] usb 13-1: USB disconnect, device number 3 [ 135.384758][ T58] usb 12-1: new high-speed USB device number 10 using dummy_hcd [ 135.407162][ T1969] usb 9-1: USB disconnect, device number 14 [ 135.564683][ T58] usb 12-1: Using ep0 maxpacket: 8 [ 135.567295][ T58] usb 12-1: config 0 has no interfaces? [ 135.568781][ T58] usb 12-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 135.571116][ T58] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 135.573969][ T58] usb 12-1: config 0 descriptor?? [ 135.854727][ T1969] usb 9-1: new high-speed USB device number 15 using dummy_hcd [ 135.984154][T10340] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 135.987296][T10340] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 135.991961][ T58] usb 12-1: USB disconnect, device number 10 [ 136.016925][ T1969] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 136.020549][ T1969] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 136.023911][ T1969] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 136.028344][ T1969] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 136.031423][ T1969] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 136.035396][ T1969] usb 9-1: config 0 descriptor?? [ 136.443551][ T1969] plantronics 0003:047F:FFFF.0018: unknown main item tag 0x0 [ 136.446287][ T1969] plantronics 0003:047F:FFFF.0018: unknown main item tag 0x0 [ 136.448353][ T1969] plantronics 0003:047F:FFFF.0018: unknown main item tag 0x0 [ 136.450404][ T1969] plantronics 0003:047F:FFFF.0018: unknown main item tag 0x0 [ 136.452360][ T1969] plantronics 0003:047F:FFFF.0018: unknown main item tag 0x0 [ 136.454293][ T1969] plantronics 0003:047F:FFFF.0018: unknown main item tag 0x0 [ 136.456369][ T1969] plantronics 0003:047F:FFFF.0018: unknown main item tag 0x0 [ 136.458357][ T1969] plantronics 0003:047F:FFFF.0018: unknown main item tag 0x0 [ 136.460328][ T1969] plantronics 0003:047F:FFFF.0018: unknown main item tag 0x0 [ 136.462347][ T1969] plantronics 0003:047F:FFFF.0018: unknown main item tag 0x0 [ 136.464298][ T1969] plantronics 0003:047F:FFFF.0018: unknown main item tag 0x0 [ 136.466456][ T1969] plantronics 0003:047F:FFFF.0018: unknown main item tag 0x0 [ 136.468422][ T1969] plantronics 0003:047F:FFFF.0018: unknown main item tag 0x0 [ 136.470369][ T1969] plantronics 0003:047F:FFFF.0018: unknown main item tag 0x0 [ 136.472290][ T1969] plantronics 0003:047F:FFFF.0018: unknown main item tag 0x0 [ 136.474496][ T1969] plantronics 0003:047F:FFFF.0018: No inputs registered, leaving [ 136.477470][ T1969] plantronics 0003:047F:FFFF.0018: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 136.705824][ T6474] usb 9-1: USB disconnect, device number 15 [ 136.894698][ T29] usb 13-1: new high-speed USB device number 4 using dummy_hcd [ 137.054694][ T29] usb 13-1: Using ep0 maxpacket: 8 [ 137.059605][ T29] usb 13-1: config 0 has no interfaces? [ 137.060984][ T29] usb 13-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 137.063172][ T29] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 137.065959][ T29] usb 13-1: config 0 descriptor?? [ 137.269878][T10393] syzkaller1: entered promiscuous mode [ 137.271860][T10393] syzkaller1: entered allmulticast mode [ 137.477345][T10388] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 137.479916][T10388] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 137.483810][ T1969] usb 13-1: USB disconnect, device number 4 [ 137.832623][T10418] syzkaller1: entered promiscuous mode [ 137.834471][T10418] syzkaller1: entered allmulticast mode [ 138.284740][ T1969] usb 13-1: new high-speed USB device number 5 using dummy_hcd [ 138.444768][ T1969] usb 13-1: Using ep0 maxpacket: 32 [ 138.447499][ T1969] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 138.450581][ T1969] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 138.453261][ T1969] usb 13-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 138.457105][ T1969] usb 13-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00 [ 138.459635][ T1969] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 138.462520][ T1969] usb 13-1: config 0 descriptor?? [ 138.875638][ T1969] input: HID 0458:5011 as /devices/platform/dummy_hcd.8/usb13/13-1/13-1:0.0/0003:0458:5011.0019/input/input28 [ 138.881063][ T1969] input: HID 0458:5011 as /devices/platform/dummy_hcd.8/usb13/13-1/13-1:0.0/0003:0458:5011.0019/input/input29 [ 138.888450][ T1969] kye 0003:0458:5011.0019: input,hiddev0,hidraw1: USB HID v0.00 Mouse [HID 0458:5011] on usb-dummy_hcd.8-1/input0 [ 139.115747][ T29] usb 13-1: USB disconnect, device number 5 [ 139.254734][ T34] usb 9-1: new high-speed USB device number 16 using dummy_hcd [ 139.414705][ T34] usb 9-1: Using ep0 maxpacket: 8 [ 139.417365][ T34] usb 9-1: config 0 has no interfaces? [ 139.418943][ T34] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 139.421411][ T34] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 139.424436][ T34] usb 9-1: config 0 descriptor?? [ 139.709320][T10472] netdevsim netdevsim8 netdevsim0: entered promiscuous mode [ 139.831231][T10457] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 139.833607][T10457] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 139.837779][ T5989] usb 9-1: USB disconnect, device number 16 [ 140.170892][T10477] netlink: 'syz.7.1913': attribute type 1 has an invalid length. [ 140.173099][T10477] netlink: 134708 bytes leftover after parsing attributes in process `syz.7.1913'. [ 140.422088][ T40] kauditd_printk_skb: 28 callbacks suppressed [ 140.422099][ T40] audit: type=1326 audit(1742994401.466:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10486 comm="syz.7.1925" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000 [ 140.430472][ T40] audit: type=1326 audit(1742994401.476:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10486 comm="syz.7.1925" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000 [ 140.436724][ T40] audit: type=1326 audit(1742994401.476:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10486 comm="syz.7.1925" exe="/syz-executor" sig=0 arch=40000003 syscall=343 compat=1 ip=0xf7f44579 code=0x7ffc0000 [ 140.442368][ T40] audit: type=1326 audit(1742994401.480:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10486 comm="syz.7.1925" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000 [ 140.449041][ T40] audit: type=1326 audit(1742994401.480:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10486 comm="syz.7.1925" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000 [ 143.539632][T10502] netlink: 'syz.3.1923': attribute type 1 has an invalid length. [ 143.541798][T10502] netlink: 134708 bytes leftover after parsing attributes in process `syz.3.1923'. [ 143.665897][T10519] vimc link validate: Sensor B:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 1:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 143.818420][T10539] vimc link validate: Sensor B:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 1:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 145.385477][T10634] netfs: Couldn't get user pages (rc=-14) [ 146.382025][T10660] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2002'. [ 146.386187][T10660] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2002'. [ 146.388552][T10660] netlink: 'syz.3.2002': attribute type 1 has an invalid length. [ 146.391117][T10660] nbd: error processing sock list [ 146.650083][T10686] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2014'. [ 146.652444][T10686] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2014'. [ 146.655198][T10686] netlink: 'syz.7.2014': attribute type 1 has an invalid length. [ 146.657265][T10686] nbd: error processing sock list [ 146.813258][T10696] netlink: 32 bytes leftover after parsing attributes in process `syz.7.2019'. [ 146.817199][T10696] netlink: 32 bytes leftover after parsing attributes in process `syz.7.2019'. [ 147.426470][T10723] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2028'. [ 147.456962][T10726] netlink: 32 bytes leftover after parsing attributes in process `syz.8.2029'. [ 147.463190][T10726] netlink: 32 bytes leftover after parsing attributes in process `syz.8.2029'. [ 147.553737][T10737] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 147.647424][T10748] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2042'. [ 147.776344][T10770] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 147.801072][T10774] overlayfs: statfs failed on './file1' [ 148.045376][T10800] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 148.060869][T10804] overlayfs: statfs failed on './file1' [ 148.303579][T10822] netlink: 'syz.7.2076': attribute type 19 has an invalid length. [ 148.354898][ T1969] usb 13-1: new low-speed USB device number 6 using dummy_hcd [ 148.537118][ T1969] usb 13-1: config index 0 descriptor too short (expected 1307, got 27) [ 148.539351][ T1969] usb 13-1: config 0 has an invalid interface number: 0 but max is -1 [ 148.541639][ T1969] usb 13-1: config 0 has 1 interface, different from the descriptor's value: 0 [ 148.543960][ T1969] usb 13-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30 [ 148.546874][ T1969] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt [ 148.549500][ T1969] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 148.552117][ T1969] usb 13-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246 [ 148.557561][ T1969] usb 13-1: string descriptor 0 read error: -22 [ 148.559259][ T1969] usb 13-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de [ 148.561685][ T1969] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 148.564744][ T1969] usb 13-1: config 0 descriptor?? [ 148.566897][ T1969] hub 13-1:0.0: bad descriptor, ignoring hub [ 148.568471][ T1969] hub 13-1:0.0: probe with driver hub failed with error -5 [ 148.571447][ T1969] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.8/usb13/13-1/13-1:0.0/input/input30 [ 148.779110][ T29] usb 13-1: USB disconnect, device number 6 [ 148.840354][T10831] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 148.869606][T10834] overlayfs: statfs failed on './file1' [ 149.482165][T10864] pim6reg1: entered promiscuous mode [ 149.484151][T10864] pim6reg1: entered allmulticast mode [ 149.832433][T10880] loop2: detected capacity change from 0 to 7 [ 149.836600][T10880] Dev loop2: unable to read RDB block 7 [ 149.838127][T10880] loop2: AHDI p1 p2 [ 149.839283][T10880] loop2: partition table partially beyond EOD, truncated [ 149.841292][T10880] loop2: p1 size 4227858431 extends beyond EOD, truncated [ 150.164747][ T1969] usb 9-1: new low-speed USB device number 17 using dummy_hcd [ 150.336460][ T1969] usb 9-1: config index 0 descriptor too short (expected 1307, got 27) [ 150.338832][ T1969] usb 9-1: config 0 has an invalid interface number: 0 but max is -1 [ 150.341067][ T1969] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 0 [ 150.343553][ T1969] usb 9-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30 [ 150.346778][ T1969] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt [ 150.349530][ T1969] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 150.352260][ T1969] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246 [ 150.358146][ T1969] usb 9-1: string descriptor 0 read error: -22 [ 150.360419][ T1969] usb 9-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de [ 150.363766][ T1969] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 150.367305][ T1969] usb 9-1: config 0 descriptor?? [ 150.369549][ T1969] hub 9-1:0.0: bad descriptor, ignoring hub [ 150.371252][ T1969] hub 9-1:0.0: probe with driver hub failed with error -5 [ 150.374030][ T1969] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.0/input/input31 [ 150.376922][T10906] pim6reg1: entered promiscuous mode [ 150.379165][T10906] pim6reg1: entered allmulticast mode [ 150.574145][ T3234] usb 9-1: USB disconnect, device number 17 [ 150.576594][ T34] usb 13-1: new high-speed USB device number 7 using dummy_hcd [ 150.726456][ T34] usb 13-1: config index 0 descriptor too short (expected 45, got 36) [ 150.728758][ T34] usb 13-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 150.731952][ T34] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 150.734991][ T34] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 150.738164][ T34] usb 13-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 150.741713][ T34] usb 13-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 150.744285][ T34] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 150.747558][ T34] usb 13-1: config 0 descriptor?? [ 150.749557][T10902] raw-gadget.1 gadget.8: fail, usb_ep_enable returned -22 [ 151.129022][T10913] loop2: detected capacity change from 0 to 7 [ 151.131059][T10913] Dev loop2: unable to read RDB block 7 [ 151.132652][T10913] loop2: AHDI p1 p2 [ 151.133760][T10913] loop2: partition table partially beyond EOD, truncated [ 151.136427][T10913] loop2: p1 size 4227858431 extends beyond EOD, truncated [ 151.171534][ T34] plantronics 0003:047F:FFFF.001A: unknown main item tag 0xd [ 151.174276][ T34] plantronics 0003:047F:FFFF.001A: No inputs registered, leaving [ 151.177992][ T34] plantronics 0003:047F:FFFF.001A: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.8-1/input0 [ 151.249897][T10924] mkiss: ax0: crc mode is auto. [ 151.425902][ T834] usb 13-1: USB disconnect, device number 7 [ 151.981460][T10949] mkiss: ax0: crc mode is auto. [ 152.047920][T10956] sctp: [Deprecated]: syz.4.2133 (pid 10956) Use of int in max_burst socket option deprecated. [ 152.047920][T10956] Use struct sctp_assoc_value instead [ 152.097462][T10964] overlayfs: upper fs does not support file handles, falling back to index=off. [ 152.099995][T10964] overlayfs: NFS export requires "index=on", falling back to nfs_export=off. [ 152.374733][ T834] usb 12-1: new high-speed USB device number 11 using dummy_hcd [ 152.384864][ T29] usb 9-1: new high-speed USB device number 18 using dummy_hcd [ 152.536505][ T29] usb 9-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 152.539058][ T29] usb 9-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 152.541939][ T29] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 152.544465][ T834] usb 12-1: config index 0 descriptor too short (expected 45, got 36) [ 152.546939][ T29] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 152.549946][ T29] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 152.554136][ T834] usb 12-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 152.557509][ T834] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 152.560505][ T834] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 152.564369][ T834] usb 12-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 152.569229][ T834] usb 12-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 152.572107][ T834] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 152.574928][ T29] usb 9-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 152.578040][ T29] usb 9-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 152.580197][ T29] usb 9-1: Product: syz [ 152.581321][ T29] usb 9-1: Manufacturer: syz [ 152.583242][ T834] usb 12-1: config 0 descriptor?? [ 152.585642][T10970] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22 [ 152.587268][ T29] cdc_wdm 9-1:1.0: skipping garbage [ 152.590739][ T29] cdc_wdm 9-1:1.0: skipping garbage [ 152.594496][ T29] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device [ 152.596625][ T29] cdc_wdm 9-1:1.0: Unknown control protocol [ 152.995779][ T834] plantronics 0003:047F:FFFF.001B: unknown main item tag 0xd [ 152.998701][ T834] plantronics 0003:047F:FFFF.001B: No inputs registered, leaving [ 153.001634][ T834] plantronics 0003:047F:FFFF.001B: hiddev1,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.7-1/input0 [ 153.024550][T10979] sctp: [Deprecated]: syz.8.2145 (pid 10979) Use of int in max_burst socket option deprecated. [ 153.024550][T10979] Use struct sctp_assoc_value instead [ 153.199007][ T834] usb 12-1: USB disconnect, device number 11 [ 153.298809][ T58] usb 9-1: USB disconnect, device number 18 [ 153.327380][ T1970] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0 [ 153.330000][ T1970] hid-generic 0000:0000:0000.001C: hidraw1: HID v0.00 Device [syz1] on syz0 [ 153.476371][T10993] hid-generic 0003:0627:0001.0001: pid 10993 passed too large report [ 154.095389][ T1970] usb 12-1: new high-speed USB device number 12 using dummy_hcd [ 154.144212][ T1969] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 154.147875][ T1969] hid-generic 0000:0000:0000.001D: hidraw1: HID v0.00 Device [syz1] on syz0 [ 154.275995][ T1970] usb 12-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 154.278588][ T1970] usb 12-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 154.281566][ T1970] usb 12-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 154.284311][ T1970] usb 12-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 154.287965][ T1970] usb 12-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 154.292673][ T1970] usb 12-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 154.294766][T11017] hid-generic 0003:0627:0001.0001: pid 11017 passed too large report [ 154.296063][ T1970] usb 12-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 154.300963][ T1970] usb 12-1: Product: syz [ 154.302195][ T1970] usb 12-1: Manufacturer: syz [ 154.305388][ T1970] cdc_wdm 12-1:1.0: skipping garbage [ 154.306992][ T1970] cdc_wdm 12-1:1.0: skipping garbage [ 154.308965][ T1970] cdc_wdm 12-1:1.0: cdc-wdm0: USB WDM device [ 154.310654][ T1970] cdc_wdm 12-1:1.0: Unknown control protocol [ 154.445834][ T40] audit: type=1326 audit(1742994415.490:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10998 comm="syz.3.2154" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f94579 code=0x7fc00000 [ 155.013225][ T1970] usb 12-1: USB disconnect, device number 12 [ 155.871220][ T40] audit: type=1326 audit(1742994416.910:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11023 comm="syz.4.2171" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7fc00000 [ 156.385197][ T3234] usb 13-1: new high-speed USB device number 8 using dummy_hcd [ 156.534785][ T3234] usb 13-1: Using ep0 maxpacket: 32 [ 156.538377][ T3234] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 156.542675][ T3234] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 156.546559][ T3234] usb 13-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 156.550118][ T3234] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 156.554684][ T3234] usb 13-1: config 0 descriptor?? [ 156.965688][ T3234] savu 0003:1E7D:2D5A.001E: hiddev0,hidraw1: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.8-1/input0 [ 157.226036][ T834] usb 13-1: USB disconnect, device number 8 [ 157.995487][ T834] usb 13-1: new high-speed USB device number 9 using dummy_hcd [ 158.000051][T11079] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 158.001827][T11079] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 158.145335][ T834] usb 13-1: Using ep0 maxpacket: 16 [ 158.148011][ T834] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 158.151009][ T834] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 158.153682][ T834] usb 13-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 158.158796][ T834] usb 13-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 158.161306][ T834] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 158.164664][ T834] usb 13-1: config 0 descriptor?? [ 158.332784][T11105] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 158.334768][T11105] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 158.573012][ T834] microsoft 0003:045E:07DA.001F: unknown main item tag 0x1 [ 158.577260][ T834] input: HID 045e:07da as /devices/platform/dummy_hcd.8/usb13/13-1/13-1:0.0/0003:045E:07DA.001F/input/input34 [ 158.637254][ T834] microsoft 0003:045E:07DA.001F: input,hidraw1: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.8-1/input0 [ 158.776956][ T834] usb 13-1: USB disconnect, device number 9 [ 159.480523][T11128] input: syz1 as /devices/virtual/input/input35 [ 159.710273][T11148] input: syz1 as /devices/virtual/input/input36 [ 159.865373][ T5962] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 159.868876][ T5962] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 159.871298][ T5962] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 159.874383][ T5962] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 159.877202][ T5962] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 159.880338][ T5962] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 159.938190][ T1253] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 159.986473][T11167] chnl_net:caif_netlink_parms(): no params data found [ 160.058696][ T1253] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 160.064145][ T5314] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 160.067983][ T5314] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 160.070968][ T5314] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 160.073194][ T5314] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 160.076229][ T5314] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 160.078278][ T5314] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 160.089057][T11167] bridge0: port 1(bridge_slave_0) entered blocking state [ 160.096098][T11167] bridge0: port 1(bridge_slave_0) entered disabled state [ 160.098206][T11167] bridge_slave_0: entered allmulticast mode [ 160.100265][T11167] bridge_slave_0: entered promiscuous mode [ 160.105212][T11167] bridge0: port 2(bridge_slave_1) entered blocking state [ 160.107989][T11167] bridge0: port 2(bridge_slave_1) entered disabled state [ 160.110178][T11167] bridge_slave_1: entered allmulticast mode [ 160.124914][T11167] bridge_slave_1: entered promiscuous mode [ 160.160373][T11167] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 160.164001][T11167] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 160.175072][ T1253] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 160.209260][T11167] team0: Port device team_slave_0 added [ 160.214264][T11167] team0: Port device team_slave_1 added [ 160.248479][T11167] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 160.250420][T11167] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 160.259147][T11167] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 160.263735][T11167] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 160.274764][T11167] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 160.281762][T11167] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 160.291090][ T1253] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 160.317952][T11167] hsr_slave_0: entered promiscuous mode [ 160.319895][T11167] hsr_slave_1: entered promiscuous mode [ 160.322210][T11167] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 160.324353][T11167] Cannot create hsr debugfs directory [ 160.376249][T11182] chnl_net:caif_netlink_parms(): no params data found [ 160.459947][T11182] bridge0: port 1(bridge_slave_0) entered blocking state [ 160.462066][T11182] bridge0: port 1(bridge_slave_0) entered disabled state [ 160.464080][T11182] bridge_slave_0: entered allmulticast mode [ 160.466893][T11182] bridge_slave_0: entered promiscuous mode [ 160.472303][ T1253] bridge_slave_1: left allmulticast mode [ 160.473924][ T1253] bridge_slave_1: left promiscuous mode [ 160.476289][ T1253] bridge0: port 2(bridge_slave_1) entered disabled state [ 160.479181][ T1253] bridge_slave_0: left allmulticast mode [ 160.480783][ T1253] bridge_slave_0: left promiscuous mode [ 160.482378][ T1253] bridge0: port 1(bridge_slave_0) entered disabled state [ 160.679698][ T1253] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 160.683712][ T1253] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 160.686957][ T1253] bond0 (unregistering): Released all slaves [ 160.690343][T11182] bridge0: port 2(bridge_slave_1) entered blocking state [ 160.692391][T11182] bridge0: port 2(bridge_slave_1) entered disabled state [ 160.694402][T11182] bridge_slave_1: entered allmulticast mode [ 160.696677][T11182] bridge_slave_1: entered promiscuous mode [ 160.719023][T11182] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 160.724267][T11182] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 160.760465][T11167] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 160.765605][T11182] team0: Port device team_slave_0 added [ 160.767554][T11167] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 160.772129][T11182] team0: Port device team_slave_1 added [ 160.773903][T11167] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 160.783602][T11167] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 160.793347][T11182] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 160.795889][T11182] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 160.803004][T11182] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 160.816487][T11182] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 160.818443][T11182] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 160.825975][T11182] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 160.849479][T11182] hsr_slave_0: entered promiscuous mode [ 160.851375][T11182] hsr_slave_1: entered promiscuous mode [ 160.853132][T11182] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 160.855386][T11182] Cannot create hsr debugfs directory [ 160.951115][T11167] 8021q: adding VLAN 0 to HW filter on device bond0 [ 160.972271][ T1253] hsr_slave_0: left promiscuous mode [ 160.974510][ T1253] hsr_slave_1: left promiscuous mode [ 160.977171][ T1253] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 160.979250][ T1253] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 160.981689][ T1253] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 160.983773][ T1253] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 160.999758][ T1253] veth1_macvtap: left promiscuous mode [ 161.001344][ T1253] veth0_macvtap: left promiscuous mode [ 161.002908][ T1253] veth1_vlan: left promiscuous mode [ 161.004319][ T1253] veth0_vlan: left promiscuous mode [ 161.521585][ T1253] team0 (unregistering): Port device team_slave_1 removed [ 161.590283][ T1253] team0 (unregistering): Port device team_slave_0 removed [ 161.925953][ T5314] Bluetooth: hci1: command tx timeout [ 162.039130][T11167] 8021q: adding VLAN 0 to HW filter on device team0 [ 162.065170][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 162.067196][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 162.070850][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 162.072804][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 162.165274][ T5314] Bluetooth: hci2: command tx timeout [ 162.167875][T11167] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 162.277429][T11167] veth0_vlan: entered promiscuous mode [ 162.282074][T11167] veth1_vlan: entered promiscuous mode [ 162.293796][T11167] veth0_macvtap: entered promiscuous mode [ 162.298157][T11167] veth1_macvtap: entered promiscuous mode [ 162.304268][T11167] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 162.308182][T11167] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 162.311415][T11167] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 162.317153][T11167] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 162.320671][T11167] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 162.323853][T11167] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 162.327772][T11167] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 162.330191][T11167] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 162.332831][T11167] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 162.336035][T11167] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 162.374076][ T1136] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 162.376441][ T1136] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 162.388258][T11182] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 162.391482][T11182] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 162.394393][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 162.394442][T11182] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 162.397177][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 162.402677][T11182] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 162.427183][T11182] 8021q: adding VLAN 0 to HW filter on device bond0 [ 162.433451][T11182] 8021q: adding VLAN 0 to HW filter on device team0 [ 162.442808][ T106] bridge0: port 1(bridge_slave_0) entered blocking state [ 162.445617][ T106] bridge0: port 1(bridge_slave_0) entered forwarding state [ 162.454333][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 162.455788][T11207] loop2: detected capacity change from 0 to 7 [ 162.457081][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 162.459196][T11207] Dev loop2: unable to read RDB block 7 [ 162.463069][T11207] loop2: unable to read partition table [ 162.465264][T11207] loop2: partition table beyond EOD, truncated [ 162.467030][T11207] loop_reread_partitions: partition scan of loop2 (被x ) failed (rc=-5) [ 162.499726][T11213] input: syz1 as /devices/virtual/input/input37 [ 162.551312][T11182] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 162.564473][T11182] veth0_vlan: entered promiscuous mode [ 162.569764][T11182] veth1_vlan: entered promiscuous mode [ 162.581696][T11182] veth0_macvtap: entered promiscuous mode [ 162.584546][T11182] veth1_macvtap: entered promiscuous mode [ 162.591295][T11182] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 162.595102][T11182] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 162.598130][T11182] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 162.601255][T11182] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 162.604482][T11182] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 162.609631][T11182] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 162.612502][T11182] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 162.615549][T11182] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 162.618378][T11182] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 162.621565][T11182] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 162.625639][T11182] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 162.628132][T11182] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 162.630413][T11182] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 162.632680][T11182] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 162.662967][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 162.668054][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 162.671165][ T40] audit: type=1326 audit(1742994423.710:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11228 comm="syz.7.2247" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000 [ 162.678993][ T40] audit: type=1326 audit(1742994423.710:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11228 comm="syz.7.2247" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000 [ 162.681542][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 162.684953][ T40] audit: type=1326 audit(1742994423.710:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11228 comm="syz.7.2247" exe="/syz-executor" sig=0 arch=40000003 syscall=386 compat=1 ip=0xf7f44579 code=0x7ffc0000 [ 162.689789][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 162.692873][ T40] audit: type=1326 audit(1742994423.710:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11228 comm="syz.7.2247" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000 [ 162.692895][ T40] audit: type=1326 audit(1742994423.710:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11228 comm="syz.7.2247" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000 [ 162.692912][ T40] audit: type=1326 audit(1742994423.710:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11228 comm="syz.7.2247" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000 [ 162.715899][ T40] audit: type=1326 audit(1742994423.710:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11228 comm="syz.7.2247" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000 [ 162.722185][ T40] audit: type=1326 audit(1742994423.710:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11228 comm="syz.7.2247" exe="/syz-executor" sig=0 arch=40000003 syscall=260 compat=1 ip=0xf7f44579 code=0x7ffc0000 [ 162.729379][ T40] audit: type=1326 audit(1742994423.710:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11228 comm="syz.7.2247" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000 [ 162.736465][ T40] audit: type=1326 audit(1742994423.710:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11228 comm="syz.7.2247" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000 [ 162.762277][T11242] loop2: detected capacity change from 0 to 7 [ 162.764412][T11242] Dev loop2: unable to read RDB block 7 [ 162.766696][T11242] loop2: unable to read partition table [ 162.768438][T11242] loop2: partition table beyond EOD, truncated [ 162.770241][T11242] loop_reread_partitions: partition scan of loop2 (被x ) failed (rc=-5) [ 163.209946][T11310] bio_check_eod: 2 callbacks suppressed [ 163.209957][T11310] syz.7.2275: attempt to access beyond end of device [ 163.209957][T11310] nbd7: rw=0, sector=64, nr_sectors = 1 limit=0 [ 163.215844][T11310] syz.7.2275: attempt to access beyond end of device [ 163.215844][T11310] nbd7: rw=0, sector=256, nr_sectors = 1 limit=0 [ 163.219477][T11310] UDF-fs: error (device nbd7): udf_read_tagged: read failed, block=256, location=256 [ 163.222236][T11310] syz.7.2275: attempt to access beyond end of device [ 163.222236][T11310] nbd7: rw=0, sector=512, nr_sectors = 1 limit=0 [ 163.226563][T11310] UDF-fs: error (device nbd7): udf_read_tagged: read failed, block=512, location=512 [ 163.229444][T11310] UDF-fs: warning (device nbd7): udf_load_vrs: No anchor found [ 163.231757][T11310] UDF-fs: Scanning with blocksize 512 failed [ 163.233795][T11310] syz.7.2275: attempt to access beyond end of device [ 163.233795][T11310] nbd7: rw=0, sector=64, nr_sectors = 2 limit=0 [ 163.237853][T11310] syz.7.2275: attempt to access beyond end of device [ 163.237853][T11310] nbd7: rw=0, sector=512, nr_sectors = 2 limit=0 [ 163.241562][T11310] UDF-fs: error (device nbd7): udf_read_tagged: read failed, block=256, location=256 [ 163.244429][T11310] syz.7.2275: attempt to access beyond end of device [ 163.244429][T11310] nbd7: rw=0, sector=1024, nr_sectors = 2 limit=0 [ 163.249027][T11310] UDF-fs: error (device nbd7): udf_read_tagged: read failed, block=512, location=512 [ 163.251687][T11310] UDF-fs: warning (device nbd7): udf_load_vrs: No anchor found [ 163.253768][T11310] UDF-fs: Scanning with blocksize 1024 failed [ 163.256224][T11310] syz.7.2275: attempt to access beyond end of device [ 163.256224][T11310] nbd7: rw=0, sector=64, nr_sectors = 4 limit=0 [ 163.259781][T11310] syz.7.2275: attempt to access beyond end of device [ 163.259781][T11310] nbd7: rw=0, sector=1024, nr_sectors = 4 limit=0 [ 163.263318][T11310] UDF-fs: error (device nbd7): udf_read_tagged: read failed, block=256, location=256 [ 163.266357][T11310] syz.7.2275: attempt to access beyond end of device [ 163.266357][T11310] nbd7: rw=0, sector=2048, nr_sectors = 4 limit=0 [ 163.269935][T11310] UDF-fs: error (device nbd7): udf_read_tagged: read failed, block=512, location=512 [ 163.272429][T11310] UDF-fs: warning (device nbd7): udf_load_vrs: No anchor found [ 163.274512][T11310] UDF-fs: Scanning with blocksize 2048 failed [ 163.276912][T11310] syz.7.2275: attempt to access beyond end of device [ 163.276912][T11310] nbd7: rw=0, sector=64, nr_sectors = 8 limit=0 [ 163.280653][T11310] UDF-fs: error (device nbd7): udf_read_tagged: read failed, block=256, location=256 [ 163.283276][T11310] UDF-fs: error (device nbd7): udf_read_tagged: read failed, block=512, location=512 [ 163.286480][T11310] UDF-fs: warning (device nbd7): udf_load_vrs: No anchor found [ 163.288969][T11310] UDF-fs: Scanning with blocksize 4096 failed [ 163.290673][T11310] UDF-fs: warning (device nbd7): udf_fill_super: No partition found (1) [ 163.426891][T11337] input: syz1 as /devices/virtual/input/input38 [ 163.995752][ T5314] Bluetooth: hci1: command tx timeout [ 164.234675][ T5314] Bluetooth: hci2: command tx timeout [ 164.278459][T11369] ax25_connect(): syz.3.2304 uses autobind, please contact jreuter@yaina.de [ 164.515943][T11392] syzkaller1: entered promiscuous mode [ 164.517576][T11392] syzkaller1: entered allmulticast mode [ 164.585612][T11400] Bluetooth: hci0: expected 2 bytes, got 7 bytes [ 164.775689][T11437] netlink: 'syz.2.2335': attribute type 29 has an invalid length. [ 164.780004][T11437] netlink: 'syz.2.2335': attribute type 29 has an invalid length. [ 164.913689][T11465] kvm: kvm [11463]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010058) = 0xc00000008 [ 165.147986][T11482] input: syz0 as /devices/virtual/input/input40 [ 166.075054][ T5314] Bluetooth: hci1: command tx timeout [ 166.314737][ T5314] Bluetooth: hci2: command tx timeout [ 167.055762][T11523] usb 2-1: USB disconnect, device number 2 [ 167.195064][ T5314] Bluetooth: hci3: command 0x0401 tx timeout [ 167.197136][ T74] Bluetooth: hci3: Opcode 0x0c1a failed: -110 [ 167.199050][ T74] Bluetooth: hci3: Error when powering off device on rfkill (-110) [ 167.864941][ T24] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 168.015839][ T24] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 168.019195][ T24] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 168.021846][ T24] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 168.028952][ T24] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 168.031572][ T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 168.036824][ T24] usb 7-1: config 0 descriptor?? [ 168.154754][ T5314] Bluetooth: hci1: command tx timeout [ 168.394686][ T5314] Bluetooth: hci2: command tx timeout [ 168.447871][ T24] plantronics 0003:047F:FFFF.0020: No inputs registered, leaving [ 168.451026][ T24] plantronics 0003:047F:FFFF.0020: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 168.705793][ T1970] usb 7-1: USB disconnect, device number 4 [ 169.278562][ T74] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 169.280403][ T74] Bluetooth: hci0: Error when powering off device on rfkill (-110) [ 169.285206][ T5314] Bluetooth: hci0: command 0x040f tx timeout [ 169.385188][T11634] input: syz0 as /devices/virtual/input/input42 [ 170.377788][T11712] bridge_slave_0: left allmulticast mode [ 170.379647][T11712] bridge_slave_0: left promiscuous mode [ 170.381343][T11712] bridge0: port 1(bridge_slave_0) entered disabled state [ 170.385755][T11712] bridge_slave_1: left allmulticast mode [ 170.387453][T11712] bridge_slave_1: left promiscuous mode [ 170.389135][T11712] bridge0: port 2(bridge_slave_1) entered disabled state [ 170.394560][T11712] bond0: (slave bond_slave_0): Releasing backup interface [ 170.399782][T11712] bond0: (slave bond_slave_1): Releasing backup interface [ 170.413967][T11712] team0: Port device team_slave_0 removed [ 170.423763][T11712] team0: Port device team_slave_1 removed [ 170.427094][T11712] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 170.430491][T11712] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 170.435440][T11712] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 170.438283][T11712] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 170.467043][T11715] syzkaller1: entered promiscuous mode [ 170.468593][T11715] syzkaller1: entered allmulticast mode [ 170.954846][T11737] syzkaller1: entered promiscuous mode [ 170.956605][T11737] syzkaller1: entered allmulticast mode [ 171.434684][ T74] Bluetooth: hci1: Opcode 0x0c1a failed: -110 [ 171.434718][ T5314] Bluetooth: hci1: command 0x0c1a tx timeout [ 171.436474][ T74] Bluetooth: hci1: Error when powering off device on rfkill (-110) [ 172.029425][T11771] process 'syz.2.2463' launched './file2' with NULL argv: empty string added [ 172.255183][T11779] syzkaller1: entered promiscuous mode [ 172.257101][T11779] syzkaller1: entered allmulticast mode [ 172.451178][T11787] sctp: [Deprecated]: syz.2.2473 (pid 11787) Use of struct sctp_assoc_value in delayed_ack socket option. [ 172.451178][T11787] Use struct sctp_sack_info instead [ 172.982713][T11821] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only [ 172.986311][T11821] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 172.990430][T11821] overlayfs: failed to get uuid (69/file1, err=-13); falling back to uuid=null. [ 173.130978][T11828] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2492'. [ 173.215510][T11834] syzkaller1: entered promiscuous mode [ 173.217617][T11834] syzkaller1: entered allmulticast mode [ 173.320901][T11836] overlayfs: invalid origin (0000) [ 173.514734][ T74] Bluetooth: hci2: Opcode 0x0c1a failed: -110 [ 173.516646][ T74] Bluetooth: hci2: Error when powering off device on rfkill (-110) [ 173.538775][ T5962] Bluetooth: hci4: sending frame failed (-49) [ 173.541880][ T5314] Bluetooth: hci4: Opcode 0x1003 failed: -49 [ 173.713703][T11858] input: syz0 as /devices/virtual/input/input44 [ 173.961947][T11872] syzkaller1: entered promiscuous mode [ 173.963929][T11872] syzkaller1: entered allmulticast mode [ 173.981493][T11876] netlink: 11 bytes leftover after parsing attributes in process `syz.2.2513'. [ 174.001536][T11880] input: syz0 as /devices/virtual/input/input45 [ 174.340703][T11922] syz.2.2535 (11922): drop_caches: 2 [ 174.343710][T11922] syz.2.2535 (11922): drop_caches: 2 [ 174.834736][ T1970] usb 14-1: new high-speed USB device number 2 using dummy_hcd [ 174.922816][T11964] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2554'. [ 174.930027][T11964] team1: entered promiscuous mode [ 174.931805][T11964] 8021q: adding VLAN 0 to HW filter on device team1 [ 174.996484][ T1970] usb 14-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 174.999580][ T1970] usb 14-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 175.002423][ T1970] usb 14-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 175.006561][ T1970] usb 14-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 175.009095][ T1970] usb 14-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 175.011976][ T1970] usb 14-1: config 0 descriptor?? [ 175.066561][T11982] input: syz1 as /devices/virtual/input/input46 [ 175.229593][ T40] kauditd_printk_skb: 29 callbacks suppressed [ 175.229603][ T40] audit: type=1326 audit(1742994436.270:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11993 comm="syz.2.2569" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 175.237637][ T40] audit: type=1326 audit(1742994436.270:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11993 comm="syz.2.2569" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 175.243730][ T40] audit: type=1326 audit(1742994436.270:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11993 comm="syz.2.2569" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 175.249900][ T40] audit: type=1326 audit(1742994436.270:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11993 comm="syz.2.2569" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 175.256757][ T40] audit: type=1326 audit(1742994436.270:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11993 comm="syz.2.2569" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 175.262659][ T40] audit: type=1326 audit(1742994436.270:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11993 comm="syz.2.2569" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 175.271537][ T40] audit: type=1326 audit(1742994436.310:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11993 comm="syz.2.2569" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 175.272720][ T834] IPVS: starting estimator thread 0... [ 175.277596][ T40] audit: type=1326 audit(1742994436.310:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11993 comm="syz.2.2569" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 175.277619][ T40] audit: type=1326 audit(1742994436.310:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11993 comm="syz.2.2569" exe="/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 175.277636][ T40] audit: type=1326 audit(1742994436.310:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11993 comm="syz.2.2569" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 175.384865][T11999] IPVS: using max 43 ests per chain, 103200 per kthread [ 175.422225][ T1970] plantronics 0003:047F:FFFF.0021: No inputs registered, leaving [ 175.425356][ T1970] plantronics 0003:047F:FFFF.0021: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.9-1/input0 [ 175.726296][ T74] usb 12-1: new high-speed USB device number 13 using dummy_hcd [ 175.904825][ T74] usb 12-1: Using ep0 maxpacket: 8 [ 175.907806][ T74] usb 12-1: config 168 descriptor has 1 excess byte, ignoring [ 175.910333][ T74] usb 12-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 175.913877][ T74] usb 12-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 175.924667][ T74] usb 12-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 175.928144][ T74] usb 12-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 175.933173][ T74] usb 12-1: config 168 descriptor has 1 excess byte, ignoring [ 175.935798][ T74] usb 12-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 175.939485][ T74] usb 12-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 175.943348][ T74] usb 12-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 175.946936][ T74] usb 12-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 175.952096][ T74] usb 12-1: config 168 descriptor has 1 excess byte, ignoring [ 175.954253][ T74] usb 12-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 175.957407][ T74] usb 12-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 175.960691][ T74] usb 12-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 175.963754][ T74] usb 12-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 175.969545][ T74] usb 12-1: string descriptor 0 read error: -22 [ 175.971355][ T74] usb 12-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 175.973836][ T74] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 175.979476][ T74] adutux 12-1:168.0: ADU100 now attached to /dev/usb/adutux1 [ 176.097994][T12038] bridge_slave_0: left allmulticast mode [ 176.099665][T12038] bridge_slave_0: left promiscuous mode [ 176.101246][T12038] bridge0: port 1(bridge_slave_0) entered disabled state [ 176.105637][T12038] bridge_slave_1: left allmulticast mode [ 176.107345][T12038] bridge_slave_1: left promiscuous mode [ 176.109062][T12038] bridge0: port 2(bridge_slave_1) entered disabled state [ 176.113473][T12038] bond0: (slave bond_slave_0): Releasing backup interface [ 176.118151][T12038] bond0: (slave bond_slave_1): Releasing backup interface [ 176.129893][T12038] team0: Port device team_slave_0 removed [ 176.136471][T12038] team0: Port device team_slave_1 removed [ 176.138511][T12038] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 176.140593][T12038] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 176.143473][T12038] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 176.146379][T12038] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 176.181077][ T24] usb 12-1: USB disconnect, device number 13 [ 176.951827][T12053] vxcan3: entered promiscuous mode [ 176.953316][T12053] vxcan3: entered allmulticast mode [ 177.370164][ T834] kernel write not supported for file /bluetooth/6lowpan_control (pid: 834 comm: kworker/1:2) [ 177.411682][T12097] netlink: 48 bytes leftover after parsing attributes in process `syz.7.2617'. [ 177.519338][ T1969] usb 14-1: USB disconnect, device number 2 [ 177.524762][ T24] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 177.675914][ T24] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 177.679212][ T24] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 177.681787][ T24] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 177.685583][ T24] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 177.688112][ T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 177.691116][ T24] usb 7-1: config 0 descriptor?? [ 178.102475][ T24] plantronics 0003:047F:FFFF.0022: No inputs registered, leaving [ 178.105491][ T24] plantronics 0003:047F:FFFF.0022: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 178.188622][T12121] vlan2: entered allmulticast mode [ 178.366253][ T74] usb 7-1: USB disconnect, device number 5 [ 178.366254][T12129] could not open pipe file descriptor [ 178.878563][T12148] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2638'. [ 179.648069][T12184] overlayfs: lowerdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 179.652286][T12184] overlayfs: overlapping lowerdir path [ 179.725557][T12190] input: syz0 as /devices/virtual/input/input49 [ 180.044701][ T834] usb 7-1: new full-speed USB device number 6 using dummy_hcd [ 180.190464][T12218] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2670'. [ 180.193957][T12218] netlink: 32 bytes leftover after parsing attributes in process `syz.7.2670'. [ 180.211171][ T834] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 180.214008][ T834] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 180.217886][ T834] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 180.220376][ T834] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 180.407926][T12234] program syz.9.2678 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 180.429798][ T834] usb 7-1: usb_control_msg returned -32 [ 180.431435][ T834] usbtmc 7-1:16.0: can't read capabilities [ 180.432063][T12236] netlink: 48 bytes leftover after parsing attributes in process `syz.9.2679'. [ 180.586919][T12251] netdevsim netdevsim7 netdevsim0: entered promiscuous mode [ 180.766156][T12264] batadv_slave_1: entered promiscuous mode [ 180.769423][T12263] batadv_slave_1: left promiscuous mode [ 181.005627][T12286] could not open pipe file descriptor [ 181.652147][T12335] input: syz0 as /devices/virtual/input/input50 [ 181.744276][T12338] 8021q: adding VLAN 0 to HW filter on device bond0 [ 181.751080][T12338] bond0: (slave rose0): Enslaving as an active interface with an up link [ 182.031362][ T40] kauditd_printk_skb: 14 callbacks suppressed [ 182.031374][ T40] audit: type=1326 audit(1742994444.077:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12308 comm="syz.7.2710" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7fc00000 [ 182.540175][ T1969] kernel read not supported for file /dsp (pid: 1969 comm: kworker/0:3) [ 182.773642][T12398] ================================================================== [ 182.776023][T12398] BUG: KASAN: slab-use-after-free in isolate_migratepages_block+0x3eb3/0x56f0 [ 182.778816][T12398] Read of size 8 at addr ffff888023a76d48 by task syz.7.2748/12398 [ 182.781992][T12398] [ 182.783408][T12398] CPU: 3 UID: 0 PID: 12398 Comm: syz.7.2748 Not tainted 6.14.0-syzkaller-02665-g1e26c5e28ca5 #0 PREEMPT(full) [ 182.783424][T12398] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 182.783430][T12398] Call Trace: [ 182.783436][T12398] [ 182.783442][T12398] dump_stack_lvl+0x116/0x1f0 [ 182.783461][T12398] print_report+0xc3/0x670 [ 182.783478][T12398] ? __virt_addr_valid+0x5e/0x590 [ 182.783492][T12398] ? __phys_addr+0xc6/0x150 [ 182.783506][T12398] ? isolate_migratepages_block+0x3eb3/0x56f0 [ 182.783521][T12398] kasan_report+0xe0/0x110 [ 182.783537][T12398] ? isolate_migratepages_block+0x3eb3/0x56f0 [ 182.783553][T12398] kasan_check_range+0xef/0x1a0 [ 182.783565][T12398] isolate_migratepages_block+0x3eb3/0x56f0 [ 182.783582][T12398] ? __folio_batch_add_and_move+0x621/0xc90 [ 182.783596][T12398] ? __pfx_lru_add+0x10/0x10 [ 182.783607][T12398] ? __pfx_isolate_migratepages_block+0x10/0x10 [ 182.783622][T12398] ? folio_putback_lru+0x85/0xd0 [ 182.783633][T12398] ? putback_movable_pages+0x2a0/0x700 [ 182.783643][T12398] compact_zone+0x1a5e/0x4220 [ 182.783662][T12398] ? __pfx_compact_zone+0x10/0x10 [ 182.783676][T12398] ? find_held_lock+0x2b/0x80 [ 182.783687][T12398] ? __flush_work+0xa48/0xcc0 [ 182.783699][T12398] compact_node+0x1a4/0x2d0 [ 182.783714][T12398] ? __pfx_compact_node+0x10/0x10 [ 182.783735][T12398] ? __lru_add_drain_all+0xe7/0x6f0 [ 182.783747][T12398] sysctl_compaction_handler+0x141/0x210 [ 182.783763][T12398] proc_sys_call_handler+0x3d0/0x5b0 [ 182.783775][T12398] ? __pfx_proc_sys_call_handler+0x10/0x10 [ 182.783785][T12398] ? rcu_is_watching+0x12/0xc0 [ 182.783795][T12398] ? splice_from_pipe_next+0x1f8/0x5d0 [ 182.783811][T12398] iter_file_splice_write+0x91c/0x1150 [ 182.783828][T12398] ? __pfx_iter_file_splice_write+0x10/0x10 [ 182.783843][T12398] ? __pfx_copy_splice_read+0x10/0x10 [ 182.783859][T12398] ? __pfx_iter_file_splice_write+0x10/0x10 [ 182.783873][T12398] direct_splice_actor+0x18f/0x6c0 [ 182.783887][T12398] splice_direct_to_actor+0x342/0xa30 [ 182.783902][T12398] ? __pfx_direct_splice_actor+0x10/0x10 [ 182.783916][T12398] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 182.783931][T12398] do_splice_direct+0x174/0x240 [ 182.783945][T12398] ? __pfx_do_splice_direct+0x10/0x10 [ 182.783958][T12398] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 182.783972][T12398] ? rw_verify_area+0xcf/0x680 [ 182.783985][T12398] do_sendfile+0xafd/0xe50 [ 182.783999][T12398] ? __pfx_do_sendfile+0x10/0x10 [ 182.784011][T12398] ? __might_fault+0xe3/0x190 [ 182.784020][T12398] ? __might_fault+0x13b/0x190 [ 182.784030][T12398] __ia32_compat_sys_sendfile+0x162/0x220 [ 182.784040][T12398] ? __pfx___ia32_compat_sys_sendfile+0x10/0x10 [ 182.784049][T12398] ? __pfx___do_compat_sys_rt_sigreturn+0x10/0x10 [ 182.784062][T12398] do_int80_emulation+0x104/0x200 [ 182.784078][T12398] asm_int80_emulation+0x1a/0x20 [ 182.784089][T12398] RIP: 0023:0xf7f44579 [ 182.784097][T12398] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 182.784107][T12398] RSP: 002b:00000000f506655c EFLAGS: 00000296 ORIG_RAX: 00000000000000bb [ 182.784118][T12398] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000000003 [ 182.784124][T12398] RDX: 00000000800000c0 RSI: 0000000000000005 RDI: 0000000000000000 [ 182.784130][T12398] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 182.784136][T12398] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 182.784142][T12398] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 182.784151][T12398] [ 182.784154][T12398] [ 182.892894][T12398] Allocated by task 12395: [ 182.894127][T12398] kasan_save_stack+0x33/0x60 [ 182.895469][T12398] kasan_save_track+0x14/0x30 [ 182.896805][T12398] __kasan_slab_alloc+0x89/0x90 [ 182.898280][T12398] kmem_cache_alloc_lru_noprof+0x1d0/0x3b0 [ 182.899903][T12398] shmem_alloc_inode+0x25/0x50 [ 182.901192][T12398] alloc_inode+0x61/0x240 [ 182.902410][T12398] new_inode+0x22/0x1c0 [ 182.903574][T12398] shmem_get_inode+0x19a/0xfb0 [ 182.904908][T12398] shmem_symlink+0xf7/0x780 [ 182.906200][T12398] vfs_symlink+0x400/0x680 [ 182.907668][T12398] do_symlinkat+0x261/0x310 [ 182.908939][T12398] __ia32_sys_symlinkat+0x93/0xc0 [ 182.910343][T12398] __do_fast_syscall_32+0x73/0x120 [ 182.911778][T12398] do_fast_syscall_32+0x32/0x80 [ 182.913138][T12398] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 182.914893][T12398] [ 182.915607][T12398] Freed by task 15: [ 182.916698][T12398] kasan_save_stack+0x33/0x60 [ 182.918003][T12398] kasan_save_track+0x14/0x30 [ 182.919276][T12398] kasan_save_free_info+0x3b/0x60 [ 182.920666][T12398] __kasan_slab_free+0x51/0x70 [ 182.921989][T12398] kmem_cache_free+0x2d4/0x4d0 [ 182.923327][T12398] i_callback+0x43/0x70 [ 182.924485][T12398] rcu_core+0x799/0x14e0 [ 182.925684][T12398] handle_softirqs+0x216/0x8e0 [ 182.927268][T12398] run_ksoftirqd+0x3a/0x60 [ 182.928798][T12398] smpboot_thread_fn+0x678/0xa70 [ 182.930165][T12398] kthread+0x3a4/0x760 [ 182.931312][T12398] ret_from_fork+0x45/0x80 [ 182.932549][T12398] ret_from_fork_asm+0x1a/0x30 [ 182.933827][T12398] [ 182.934453][T12398] Last potentially related work creation: [ 182.936024][T12398] kasan_save_stack+0x33/0x60 [ 182.937345][T12398] kasan_record_aux_stack+0xb8/0xd0 [ 182.938791][T12398] __call_rcu_common.constprop.0+0x9a/0x9f0 [ 182.940416][T12398] destroy_inode+0x12c/0x1b0 [ 182.941694][T12398] evict+0x5b4/0x920 [ 182.942786][T12398] iput+0x521/0x880 [ 182.943864][T12398] do_unlinkat+0x518/0x6a0 [ 182.945103][T12398] __ia32_sys_unlink+0xc4/0x110 [ 182.946521][T12398] __do_fast_syscall_32+0x73/0x120 [ 182.947988][T12398] do_fast_syscall_32+0x32/0x80 [ 182.949337][T12398] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 182.951073][T12398] [ 182.951752][T12398] The buggy address belongs to the object at ffff888023a76880 [ 182.951752][T12398] which belongs to the cache shmem_inode_cache of size 1544 [ 182.955696][T12398] The buggy address is located 1224 bytes inside of [ 182.955696][T12398] freed 1544-byte region [ffff888023a76880, ffff888023a76e88) [ 182.959462][T12398] [ 182.960131][T12398] The buggy address belongs to the physical page: [ 182.961862][T12398] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x23a70 [ 182.964202][T12398] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 182.966557][T12398] memcg:ffff8880251ee101 [ 182.967855][T12398] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 182.970006][T12398] page_type: f5(slab) [ 182.971097][T12398] raw: 00fff00000000040 ffff88801c2bdcc0 0000000000000000 0000000000000001 [ 182.973407][T12398] raw: 0000000000000000 0000000000130013 00000000f5000000 ffff8880251ee101 [ 182.975697][T12398] head: 00fff00000000040 ffff88801c2bdcc0 0000000000000000 0000000000000001 [ 182.978114][T12398] head: 0000000000000000 0000000000130013 00000000f5000000 ffff8880251ee101 [ 182.980435][T12398] head: 00fff00000000003 ffffea00008e9c01 ffffffffffffffff 0000000000000000 [ 182.982778][T12398] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 182.985108][T12398] page dumped because: kasan: bad access detected [ 182.986914][T12398] page_owner tracks the page as allocated [ 182.988473][T12398] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 36, tgid 36 (kdevtmpfs), ts 6567016539, free_ts 0 [ 182.993612][T12398] post_alloc_hook+0x181/0x1b0 [ 182.994947][T12398] get_page_from_freelist+0x10c4/0x34c0 [ 182.996526][T12398] __alloc_frozen_pages_noprof+0x223/0x24d0 [ 182.998265][T12398] alloc_pages_mpol+0x1fb/0x540 [ 182.999632][T12398] new_slab+0x23c/0x330 [ 183.000789][T12398] ___slab_alloc+0xd9c/0x1940 [ 183.002099][T12398] __slab_alloc.constprop.0+0x56/0xb0 [ 183.003588][T12398] kmem_cache_alloc_lru_noprof+0xf4/0x3b0 [ 183.005157][T12398] shmem_alloc_inode+0x25/0x50 [ 183.006537][T12398] alloc_inode+0x61/0x240 [ 183.007744][T12398] new_inode+0x22/0x1c0 [ 183.008891][T12398] shmem_get_inode+0x19a/0xfb0 [ 183.010218][T12398] shmem_mknod+0x1a8/0x450 [ 183.011463][T12398] vfs_mknod+0x5d7/0x8e0 [ 183.012599][T12398] devtmpfs_work_loop+0x1c8/0x8e0 [ 183.013928][T12398] devtmpfsd+0x4c/0x50 [ 183.015060][T12398] page_owner free stack trace missing [ 183.016614][T12398] [ 183.017286][T12398] Memory state around the buggy address: [ 183.018848][T12398] ffff888023a76c00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 183.021062][T12398] ffff888023a76c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 183.023400][T12398] >ffff888023a76d00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 183.025569][T12398] ^ [ 183.027540][T12398] ffff888023a76d80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 183.029719][T12398] ffff888023a76e00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 183.031904][T12398] ================================================================== [ 183.034072][T12398] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 183.036035][T12398] CPU: 3 UID: 0 PID: 12398 Comm: syz.7.2748 Not tainted 6.14.0-syzkaller-02665-g1e26c5e28ca5 #0 PREEMPT(full) [ 183.039244][T12398] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 183.042147][T12398] Call Trace: [ 183.043094][T12398] [ 183.043933][T12398] dump_stack_lvl+0x3d/0x1f0 [ 183.045223][T12398] panic+0x71c/0x800 [ 183.046365][T12398] ? __pfx_panic+0x10/0x10 [ 183.047742][T12398] ? __pfx__printk+0x10/0x10 [ 183.049015][T12398] ? end_report+0x4c/0x170 [ 183.050249][T12398] ? isolate_migratepages_block+0x3eb3/0x56f0 [ 183.051863][T12398] check_panic_on_warn+0xab/0xb0 [ 183.053160][T12398] end_report+0x107/0x170 [ 183.054362][T12398] kasan_report+0xee/0x110 [ 183.055635][T12398] ? isolate_migratepages_block+0x3eb3/0x56f0 [ 183.057658][T12398] kasan_check_range+0xef/0x1a0 [ 183.059273][T12398] isolate_migratepages_block+0x3eb3/0x56f0 [ 183.060895][T12398] ? __folio_batch_add_and_move+0x621/0xc90 [ 183.062534][T12398] ? __pfx_lru_add+0x10/0x10 [ 183.063812][T12398] ? __pfx_isolate_migratepages_block+0x10/0x10 [ 183.065452][T12398] ? folio_putback_lru+0x85/0xd0 [ 183.066919][T12398] ? putback_movable_pages+0x2a0/0x700 [ 183.068341][T12398] compact_zone+0x1a5e/0x4220 [ 183.069649][T12398] ? __pfx_compact_zone+0x10/0x10 [ 183.071018][T12398] ? find_held_lock+0x2b/0x80 [ 183.072322][T12398] ? __flush_work+0xa48/0xcc0 [ 183.073620][T12398] compact_node+0x1a4/0x2d0 [ 183.074899][T12398] ? __pfx_compact_node+0x10/0x10 [ 183.076366][T12398] ? __lru_add_drain_all+0xe7/0x6f0 [ 183.078341][T12398] sysctl_compaction_handler+0x141/0x210 [ 183.080028][T12398] proc_sys_call_handler+0x3d0/0x5b0 [ 183.081489][T12398] ? __pfx_proc_sys_call_handler+0x10/0x10 [ 183.083101][T12398] ? rcu_is_watching+0x12/0xc0 [ 183.084434][T12398] ? splice_from_pipe_next+0x1f8/0x5d0 [ 183.085962][T12398] iter_file_splice_write+0x91c/0x1150 [ 183.087891][T12398] ? __pfx_iter_file_splice_write+0x10/0x10 [ 183.090108][T12398] ? __pfx_copy_splice_read+0x10/0x10 [ 183.092151][T12398] ? __pfx_iter_file_splice_write+0x10/0x10 [ 183.094072][T12398] direct_splice_actor+0x18f/0x6c0 [ 183.096113][T12398] splice_direct_to_actor+0x342/0xa30 [ 183.098202][T12398] ? __pfx_direct_splice_actor+0x10/0x10 [ 183.100357][T12398] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 183.102665][T12398] do_splice_direct+0x174/0x240 [ 183.104565][T12398] ? __pfx_do_splice_direct+0x10/0x10 [ 183.106606][T12398] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 183.108780][T12398] ? rw_verify_area+0xcf/0x680 [ 183.110668][T12398] do_sendfile+0xafd/0xe50 [ 183.112422][T12398] ? __pfx_do_sendfile+0x10/0x10 [ 183.114348][T12398] ? __might_fault+0xe3/0x190 [ 183.116139][T12398] ? __might_fault+0x13b/0x190 [ 183.118006][T12398] __ia32_compat_sys_sendfile+0x162/0x220 [ 183.120334][T12398] ? __pfx___ia32_compat_sys_sendfile+0x10/0x10 [ 183.122916][T12398] ? __pfx___do_compat_sys_rt_sigreturn+0x10/0x10 [ 183.125444][T12398] do_int80_emulation+0x104/0x200 [ 183.127590][T12398] asm_int80_emulation+0x1a/0x20 [ 183.129481][T12398] RIP: 0023:0xf7f44579 [ 183.131110][T12398] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 183.138435][T12398] RSP: 002b:00000000f506655c EFLAGS: 00000296 ORIG_RAX: 00000000000000bb [ 183.141644][T12398] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000000003 [ 183.144685][T12398] RDX: 00000000800000c0 RSI: 0000000000000005 RDI: 0000000000000000 [ 183.147729][T12398] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 183.150714][T12398] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 183.153756][T12398] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 183.156424][T12398] [ 183.157845][T12398] Kernel Offset: disabled [ 183.159159][T12398] Rebooting in 86400 seconds.. VM DIAGNOSIS: 13:07:22 Registers: info registers vcpu 0 CPU#0 EAX=00000000 EBX=ffffffff ECX=84c3f222 EDX=00000000 ESI=f6cbf000 EDI=f68c0dc8 EBP=f6bd28c0 ESP=ffc17be0 EIP=f70fed03 EFL=00000287 [--S--PC] CPL=3 II=0 A20=1 SMM=0 HLT=0 ES =002b 00000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0023 00000000 ffffffff 00c0fb00 DPL=3 CS32 [-RA] SS =002b 00000000 ffffffff 00c0f300 DPL=3 DS [-WA] DS =002b 00000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 00000000 ffffffff 00c00000 GS =0063 56dfd440 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 00000000 ffffffff 00c00000 TR =0040 00003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000002fc15ff8 CR3=0000000070934000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000006fd0889754 RBX=ffff88802b5235c0 RCX=00000000000006e0 RDX=000000000000006f RSI=ffff88802b5235c0 RDI=00000000000f557b RBP=00000000000f557b RSP=ffffc90000590ec8 R8 =0000000000000005 R9 =000000000000003f R10=0000000000000019 R11=0000000000000000 R12=0000000000000000 R13=0000000000000000 R14=0000000000000019 R15=ffff88802b527840 RIP=ffffffff816723e5 RFL=00000007 [-----PC] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff888097d5a000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000081000000 CR3=00000000795f0000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=ffff88802b741220 RCX=ffffffff81aeee49 RDX=ffff88801d284880 RSI=ffffffff81aeee23 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc900001e7938 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000 R12=ffffed10056e8245 R13=0000000000000001 R14=dffffc0000000000 R15=ffff88802b63b140 RIP=ffffffff81aeee25 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff888097e5a000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000002c318ffc CR3=000000000df82000 CR4=00352ef0 DR0=0000000000000680 DR1=0000000000000003 DR2=0000000000000007 DR3=0000000000000004 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000032 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff854179d5 RDI=ffffffff9ab71d20 RBP=ffffffff9ab71ce0 RSP=ffffc9000e726d00 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3230383838666666 R12=0000000000000000 R13=0000000000000032 R14=ffffffff9ab71ce0 R15=ffffffff85417970 RIP=ffffffff854179ff RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff888097f5a000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f5065cc0 CR3=00000000795f0000 CR4=00352ef0 DR0=0000000000000680 DR1=0000000000000003 DR2=0000000000000007 DR3=0000000000000004 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000