last executing test programs: 3.094450559s ago: executing program 2 (id=443): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @broadcast}, 0x10) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0) shutdown(r0, 0x1) recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25) 2.941715179s ago: executing program 2 (id=445): r0 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000040)=0x13) r1 = syz_open_procfs(0x0, &(0x7f0000000240)='mountinfo\x00') r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mount$9p_fd(0x0, &(0x7f0000000380)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r1}}) ioctl$TCXONC(r0, 0x540a, 0x3) 2.711579152s ago: executing program 3 (id=450): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}) write$tun(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="000086dd000411000400000000006eec00be10a42f01fe8000000000000000000000000000aaff020000000000000000000000000001330022eb"], 0x10da) 2.585397809s ago: executing program 3 (id=452): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='bbr\x00', 0x4) sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0) recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25) 2.085763251s ago: executing program 2 (id=454): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x1, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x2], 0x0, 0x200}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 1.97169315s ago: executing program 2 (id=456): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000000)=0x1, 0x4) write$binfmt_script(r0, &(0x7f00000000c0)={'#! ', './file0'}, 0xb) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000180)={&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, &(0x7f0000000440)=""/247, 0xf7, 0x1, 0x0}, &(0x7f0000000280)=0x40) 1.971453411s ago: executing program 1 (id=457): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000300)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cipher_null\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x800) io_setup(0x7, &(0x7f0000000000)=0x0) io_submit(r2, 0x1, &(0x7f00000002c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}]) recvfrom$inet6(r1, 0x0, 0x0, 0x2060, 0x0, 0x0) 1.971341452s ago: executing program 2 (id=458): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f00000001c0)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_NEW_SEC_KEY(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000000)=ANY=[@ANYBLOB='|\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="3f9d00000000000000001700000008000300", @ANYRES32=r3, @ANYBLOB="60003080050002000000000014000400403a050c5bae9c544ef2b6d713459a7a1c00018005000200000000000800040005000000080001000200"], 0x7c}}, 0x0) 1.870707219s ago: executing program 1 (id=459): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100}) mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0) mmap$binder(&(0x7f00000c0000)=nil, 0x2000, 0x1, 0x11, r1, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x58, 0x18, &(0x7f00000001c0)={@flat, @fd={0x66642a85, 0x0, r0}, @ptr={0x70742a85, 0x0, &(0x7f0000000240)=""/10, 0xa}}, &(0x7f0000000280)={0x0, 0x18, 0x30}}, 0x10}], 0x0, 0x0, &(0x7f00000002c0)}) 1.870496717s ago: executing program 1 (id=460): r0 = syz_io_uring_setup(0xf00, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) syz_memcpy_off$IO_URING_METADATA_FLAGS(r1, 0x114, &(0x7f0000000180)=0x1, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000200)={0x42}, &(0x7f0000000240)='./file1\x00', 0x18, 0x0, 0x12345}) io_uring_enter(r0, 0x1, 0x1, 0x1, 0x0, 0x0) r3 = syz_io_uring_complete(r1) close(r3) 1.811464376s ago: executing program 2 (id=461): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da07000000000001090224000100000000090400000903000000092100000001222200090581030800000000"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x22, 0x22, {[@global=@item_012={0x2, 0x1, 0x9, "2313"}, @global=@item_012={0x2, 0x1, 0x0, "e53f"}, @global=@item_4={0x3, 0x1, 0x0, '\f\x00'}, @local=@item_012={0x2, 0x2, 0x2, "9000"}, @global=@item_4={0x3, 0x1, 0x0, "0900be00"}, @main=@item_4={0x3, 0x0, 0x8}, @local=@item_4={0x3, 0x2, 0x0, "09007a15"}, @local=@item_4={0x3, 0x2, 0x0, "5d8c3dda"}]}}, 0x0}, 0x0) syz_usb_ep_write(r0, 0x81, 0x7, &(0x7f0000000000)='BBBBBBB') syz_usb_ep_write(r0, 0x81, 0x7, &(0x7f0000000000)='BBBBBBB') syz_usb_ep_write(r0, 0x81, 0x7, &(0x7f0000000000)='BBBBBBB') 1.811248986s ago: executing program 1 (id=462): r0 = syz_usb_connect(0x2, 0x3f, &(0x7f00000007c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0x3, &(0x7f0000000000)=ANY=[], 0x0, 0x62, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) creat(&(0x7f0000000040)='./file0\x00', 0x4b) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$FS_IOC_GETVERSION(r1, 0xc0105b08, &(0x7f0000000040)) 1.749525487s ago: executing program 3 (id=463): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000540)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=[@assoc={0x18, 0x117, 0x4, 0x7f}], 0x18, 0x800}, 0x14000012) sendmsg$nl_route_sched_retired(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000012100), 0xe078}}, 0x0) recvmmsg$unix(r1, &(0x7f00000004c0)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000180)=""/92, 0x5c}, {&(0x7f00000005c0)=""/166, 0xa6}], 0x2}}], 0x1, 0x0, 0x0) 1.641639814s ago: executing program 3 (id=464): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0900000004000000060000000a"], 0x48) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x8, 0x1014, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000500)='workqueue_queue_work\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000080)='GPL\x00', 0x5, 0x1f6, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x18, &(0x7f0000000200), 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x6d) 1.641354095s ago: executing program 3 (id=465): openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000500)={0xa00, 0x18, 0xfa00, {0x100000000000000, 0x0}}, 0xfc36) r1 = syz_io_uring_setup(0x497, &(0x7f00000000c0)={0x0, 0x7079, 0x400, 0x3, 0x1b0}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x1, 0x0}) io_uring_enter(r1, 0x3516, 0x0, 0x0, 0x0, 0x0) 1.18073778s ago: executing program 0 (id=472): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='bbr\x00', 0x4) sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0) recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25) 761.581393ms ago: executing program 3 (id=473): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(camellia)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c90c200", 0x18) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000003540)={0x0, 0x0, 0x0, 0x0, &(0x7f0000003500)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x34000041) syz_genetlink_get_family_id$ethtool(&(0x7f00000004c0), r1) sendto(r1, &(0x7f00000007c0)="a3af74f3fa7995abe19ec97049065863776a6a5bec989bcfaa7f0f7503c53c68e335e03aa1980b28b855597dc9469b6ac096806af2d94a0b1e236f830a1a66e627471b93c00758b8263954a16d85bc01a848f6eae3827f6519a84d62fcfc0fb2b9e42baeda5d5612239d9b933489370c31685a49118589b805bed9d699ce4c65f9bae31c184feef01aa1c3dae7d3373ceb834d8ab048f2b46e7e0d6a9fc773b191067bcb209c0d50405c60daf91a69e390e5a2b8e71d4446c97784df1751ee48045b156cfc003782f175538751338b63780b1352856d421fc557f8fb3e09ee34fc9ff67f9004ef84b0d75a5b962653d2dd968bf2fb7f7e0d3ef4084de9bec04a6780774f62d49b2241412e592cd6b0cead4ade3ca55b73e063e68e3fa919a3441bdbee107a0ab6cfa290982e6f7ac8d3c9a39dcfefff5ac8acccc8d1ce97f49ab27b20506722d469b0553bba10f141880f5192b550c97e7312da078860cd999121abf768715b39ac0b2d62a9cfa0f36d3f35cd3cf020c7ba7ab4c623c69c107423db14967e675c3da34477dfccbea4fe3d3d9fd7e5157b2eba669cd2c2267905016f48e9efb4e53e7c903222a0beb42f08b2df2c4c57d4b58d4f29e6c9aea4ef11596304067d0e5c34ff3d0903d2c49d6f78185976a548d38bacdb48f50ce8863e9f09361388e7148e7ea4f5af37ae547f83d40831cb0fa9c88d38eabb8e99de", 0x200, 0x4000800, 0x0, 0x0) 322.761163ms ago: executing program 0 (id=474): r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0) r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) write$binfmt_script(r0, &(0x7f00000003c0)={'#! ', './file0', [{0x20, '^{'}, {0x20, '&/^'}], 0xa, "8450ffda46dfa26441744a07a93e274b889f817840ebeccb40bc645da2f3a4490d77feba14090961f60deb39ad6657eaf10479c03d24ff0f91"}, 0x4b) mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) write$UHID_INPUT(r0, &(0x7f0000001300)={0x8, {"af0014920c989bde943127351c7e048fe805d44569c987d51286ac5e80b0961cfe3629729c82e28c53b31e3ecbb8722bff9c0906027d5cb6fbd929cb4b5e657cc88a443809e6a720828c27b6519e7c18904d67528373733934aa5240afd60544d489e1ec3779ac45095c12c6c5f13c086306dfbbd31926b74150ff2c87db2be1d995e9b3a16fb7360de12618b05d94c291acfcdab84c919de60133f54a0a18d2517c1d0de417ae39fec1c9fa306573205051a9880da1f213b9a27c22b72d42d92b7b260b41bcc1868a0404936774ea5209f02929ec3eef4298818ddb708de6c0e1fda05436037d7d4042d2de3adebc8a62f58ec6ccb4160435c4393ba913250b56ec2fce544a01a5a3ce4363fd497fb256910f31e9416f5b719d64f931bd6d71b54787841b3e49e01fe6ac9598ddb5ef1aeb3d1cabb75845d46806a494b6cf89ec9c8203b92dd0dadc5a3c02545cd005b5f26b7d2b848cb684cb58245d591472d5109e7fbe1175656d729fdd689af57802b33d7d53d427aa57eb0af7a63d9f73be83cd9c12bd06463083b4cc853aad416e9faf484fa069d3b7599b6fc6d94152811403201b91da2547ff6721b0ea237c37464b47b3b4f37384e50ba5773a63356991a5abef659e089cc95e5c3b6d8428115efcf9e89e2743b167d7b9824392d868c159fd1264bea8b9b8b26769d15a27df3af350e2a6e9e37b35c153bf980e8ad15de3b0f3add5f98eb2cbc03eeb2b04e6fb032991d7a88b14c7d2cf2959fc4ed27c4c93c13f5760d0803f10afb91effb45967b4793c58e4bc2e4348c93b4e59f1544a01e89530f6056cda3f972050ae79d9297af71cce0d82c764db2422967f05c9847715c66321e8ab0075a361e8fd78a956074945e687ec1ad01f8dfeb7f3ae2c25daff35617a5d752ad5b019689f10c789d0196f73011f5a4e002aebb676ccb2d8b92ff6c1eb60de10ed0d42f2d19fe96786938eca0fd09a3f16f7b52ef806183282c05ff9fccf96abd096b442c73c494c78c4161ce0599bf6e637664f5dbefa129e69a0d53525d77f871716052385649c1249a402a4a9ecadfd7182a4aba3fc48d76890dfe8a5442ff1b833b95fdb7ae5f052e5c18e9b0ad482ed80c4567f0d0645e6525e3390195b3a4314ab063ffca639d2b181efe15d5bb09e967900fd55ad9db7f6ba99268e0d7e2785c5b14f801b16b6fe9966bb3fa88352bc2ca79aa9a77ec5f9c271dcc62b6124a4d5ed1014fa6eb98521d4be4ca4323311d39e44002e71469326056d98af69fd42eed1dfec48d191587b35e2641abe8c80a2553b92cb43feea49505b5b5ca35dfaf06c693730033ebcad45b6b8026d4722b5c7e13d69269808f438816f77a7b1ed2d31ab44968657e70a51e8d98e520e3628014a09e55f36ca5c4c630d687b20e5a7bdfd6d43613fd3738c8ec1464561586987388885b7a424c949a3110e5de795ffdcf1ef43fb8b5b0364cdb0e9a62c1c6922f08125d456f0ee5d58fa670ff071a8d5b57c06efe30d960f9a67d3dd7dd6ec13c799f9b89d90593ba794c5c582f8bd583af0a59043a1da36cee8e2cc173610960e33300ec48cf7281887ffe66e7ec113a29ed339556d84d638ae9554bb20f2a7695da8bcad10e5f155fe5d54eb511087f7abb4a8ae9e78e233b1e079a44c9cdf2529ed3166c24f80a2bda3b2dfdd2e1c2f650cc35fccf8cb17c03681c6f379f535eeaf46caa1dd95f0b72ea6cf301f2d713844b36c7e90e052528f04a668e1dc5ed11e95bbb86268c712af3f6c77d538c9d3dafeceaacc7ba6b20d9266d75c7470d627725700bfd36a9faf5488532a0871a00e18466f3499e3e3270513168d05f52472045b8558d3fb7880805b6fe3a56b3df9eaea72d147f94ee09e763fcf66d0c71b708fb842bbe619eeeaf483fa717864ab435ca03503285591364727a3615582c80d2023897f7bfdda9b00d095ec11f42482f3851a9232ed09ec6733d54020a9e3b98cb3a014f094e9d968672632a30f967a6d2f00c64fb0aefbeb64510edca5496c9f69379f71412f08fe6afeeb604040a42f00290bc04a40f66f0b84c9c6d7e4d1bc213ed49142215b259be08a0a305c68cbec769ce195ea62b7a2ce632da0a98b469284fd7802bb8c47943ac1c8a7a2b0ee36ed45cde2d13cc00ecc11ca9516d9e917fa28d703566b8d5743c5aba0da662f0446768c6d0df6773d1b0c46dac6a6213aa7b5095a8bd9f34048394a8baac9ec65d740ad8acb8eb683702eaf509c30b547bf355561ca00841efdccd413295a430344d17d2d5f4f435d0a33fafe1b4f6826e9d91436b379cc46039551997e54692487562f65a406b769f2856d37c87a73e2e3738c9afdfa5e0f088bbd2799c7c722c23a7cc37266af557beecb9cc8340bc76ba85a147530f3a9bd8cfe82358c0d799f0687540d463e0f010d1e914f043027284292bf31af75301e27689910393e41f877832797dd7c184249e7b2ec0a79b0decb9a3eead5b3c82ac60fe1485829bf75b8af597b5fd9e47460ebb6d809733eb790027094b019ef2bfb76d75876a5e1e312e80e841c5e074c78b35be6a4070c99372dbb13dc27966a8d448b8e3225b11af907985f3142d41da70a682166814fce9e535cca37058bbb3a02894f6ada82c266e763f431d7e1926da2fc86805b02d6af712c82e7a36e667bd3091661be9cc0cdbd3b3cc690594cf8bac39dd9dac1f883cfb0e500759b0e5dc36721b3ed452addc26d39733a2d76d852d897298009dea9546bae66e9aac7f35277e025d440ca93fdec4bbd58970a130fc79056af96f81b0461ef0e16d4fb12014313438a4bb95b2f9cac98e24a713ed14b539ceddf55e90b6c000044a24be6597e2c5a397a772d7c493ad53a05d6076b584ee7c1615ee7f9de627ac9d7d0d4a12b5a080a9c4977da436704bc9eb9f1d25ba91498e4b575550a69aab83e9157a910c4b2907ea97bcc171dcb7ff6fa982dee16d5c5aaaf93fcc225a6c67c96e54ead190f9c6f949b8025988a46d29c86cf18623882d5aa996a3ece81881ba63e0e7d62b585a179631c7e22f924be7aad5699af389c6651c92848153007d9929683648c8a3fb102a50d9a3e9c83e6cabeae5f97d7faad7a803f8c6dbd9237fa4bec7b33db2cc4db5cd7b3baf1c4f4ddc1f16ec6484cbd1adecab06617045b2d5bac8d1bf97a37ed2780a967a678095a6849cabd87256dbe46f52c960ba8ead52e666a131abfb019d2ac7dd2b055bf91168322b23821a522d241f27a2e7ef892d589a0e55b606167e53b0725a089cae5ef65f02f8a2f32dedb370bf2dc34dac5218be294e755915b399cece7e5c3fa887909961a3d626e4a43bab7edd193a9bc0a7a764640943a635fec7722ff8b3add819b26b78c4e54ff970c15d6b27971cd135d288f081a66e792a8ee5b2d89d5945a99f4216ac21fd9a61e305b4a908f4cbe38e5ccd5eab65f5962877a570524809dffa4ca0ed90d505601d7d244273f20cc47feca7259bd1362e334be459e25a59d4873fc8ede03744c88599a5e5f2a6fb0ca08d085e40c8bd71a0777f7715153e71f4a67f6bb73bbbcd766a9dd4287671dcf6b7daacc4f4b81b32ea0d0381fc32807fe9393249e596d3d5ae4bc5a1cb3e48d63478679eb381fbe8cafd2c6890ba29c1af695f2597c6b472a163b7584dde7327933b9d5e88e0d77e3a3d526a619966dde7f82c7ab7a67a59ded2c880ee0e2f736f054b7d99cc68df48c28d76ab12762c85d07a1f3215d3d4ef2ebd65b0f7eacf62ec12997ccdada731992513263a06e063c27eccfdb3c9d1199136c1a2c3d6b5ea6b2e96c9aa6be3bfbda408b2779ad4eba91809a495c1b872e40d49b0acf4b19b4677e6ea8d07b9a621816c4c5f0e5aa364d4803567da0b2b646604563b31aaa298130576690cbab52bf1ddad7c64a7a416ceb36d6b3202f377ed003e8d74cabd4a6a7be18c95716022cc30c45157d6743785746cf8b0e21ec3208336ab0a43ad9c058fffa3021f84ca8b037dea55254ab944493ca03d025a4b42df3e5b830b81471cddf81fd14aed18e45cfed27b1ef015827942f833a0eee4cc0fcd57f0180f83f32e17d27e4784e42eb1a256404aa6e12f9daabddb907230b20693f3bc74723be6808d95c6463ef7bb6bc4a756fdc805ef4077303e5cd504e6c1754ee8303ee92b94808782984f75c0df49436d3859c092133b0545dac0d8f84fc95a1f0f38e4ecbe3f935d33e86b97bb11ca6f502a602bc7e05b4e6514ddc8ae4d8231874b350b32f96ff6cfbe03f1bf5a0fda73c15eca00afe85c026f5e34e699910ab16502b224b8f383a9a863ca351a1e87c17baadb3f7141aa1295a2a6be4d88d1347da9c356ba9b3bfcc678b58add1b224a0c9b7c3cc4c828abc56acd320e8a8ad22da90a0cf6ae40a471c150581da040297aed0e4889c5963bd8c1415acecbd932f9acda87315e3b2dade276b8324dc7d95141cdd8c4fba82c834a95f9efeb2c74c31e7fd32f96a6a68d9e9942c0bdc55bedd1617e47420877b9f640094a37ceea39656468215ebe789a277f585adc1cc0285b53e33afae1616b0806aeed78b6cc4da54e3bdfa3d49ead4e4fa3623f86a4dfa3042ed403684c62a5d148a30c99c24c3cf9a8858e02800e49e0eed84472a559c9f208f6c3310050e4c5948320b5b4eeefe583bb0bcc0bc01356e76e3465f66a7d0c56ca7abc069db5bd7ad20ec01307f391b5bc890b5034271ee31d5bd374a9422a08ce949667512c8d0bb60eb5d4d22fa0e2a5d172edc7b7386abe63222ef8fc5c676828a1441c5ed19ed5827b0d73d568efc51f46f65ea4f205ac26924d6a7f11477fe23049e0de65bd534c81756556c1cd8bc70b3ce71e4e13d44500773e0767bc735c98f0e1d06dc79e43b946a2faaf698e188cf5909e433edbc546beffcbdea76064ff9d5d56273ca05af42c541b896bc5a942665599c9a8f52db36dbd6d42e8f9bb3446df5f44e3971eb408d0c63381b4aa5997441e01a5eff9fa51d82b7d60d8c3ead784e50b562db074b19e855e8290896b808611c40ed7e0691f758103208900d69cd4c86310318d339eeb473b4bea27be94622560cf35416eea7333bb72110afe202dfcc55c755ed32ea9b4851378b554546b52ebd71b90828733ac3040daf1e3d23bfcadd20bb9248731ab11155aebd259b7e693ebad5d43e6a85f14ea317f31eca905634f9e8d5b1ff73dc5dbd2bbeef6c2965932c885969e00e1939685b472c097b4504c9e6f273e1038045e5ac4010ac232288b77de7d3433a143292f145465b6d1f9020aa4f8405bda4310059b82ad8fd41e698a7824456e11f44e577dc5d5a0eb93b98421a2867c3d40627f9061c1d5689205915c7a91da42348ad3bd12038d84175bddaee423b73c93aebf873c850ef44d66324a80ad0cf268998d71fac6988cb0b1879ebcb6c4c3bce2c45daf73db246bc55fb8221341ef760f5f5264113a437e03cbcf03bb276cdc4100138afc6a1eeb9d90e7f43ce8abbd8be6b9c5b54920f76f07d1557167292feb4c970da3f582d40c0661af8f043e01db8016e2600f655175fa7d705bda3a14d1733ccf6603b7f8709b71f2046211468460791330234fa21f417e6a68cdb1d4496808923a87d02f0ebfb09e102a7c9f7c870c082d6993d10e0de2dbe119ac811848661ab30ab8d7a528acf262bf7d21c2f235e5638be58171b61bed99ac3fef801562aabcf3feff77fe9498d09de3e9c3cf18914392433030595aa31d9c79abc29350a2a2a1d0c2f311246", 0x1000}}, 0x1006) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000007c0)={r2, 0x0, 0x30, 0xe1515f8735398eb, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000540)=[0xff], 0x0, 0x0, 0x1, 0x1}}, 0x40) 187.925827ms ago: executing program 0 (id=475): mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x9) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000180)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) chdir(&(0x7f00000003c0)='./bus\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000002180)='./file0\x00', 0x300, 0x30) 121.586516ms ago: executing program 0 (id=476): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000000000000000002000000851000000600000018020000", @ANYRES32, @ANYBLOB="00000000000000006600020000000000180000000000000000000000000000009500040000000000360a020000000000180100002020782500000000002020207b1a00fe00000000bfa100000000000007010000f8ffffffb702000008000000b50a00000000000085000000060000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x2, 0xff5c, &(0x7f0000000340)=""/222, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0a00000004000000fd0f000007000000000000003d65571c65970b4445270d0d7606ba6d828d377bb6bb18e7465bcdc48e615d0349866b15ea8f2e4d0742fa286306735d2926a17096208a3d5ad8389c11a934a1b9fa36f4a5c74e37ecad7cf137d09f7dcad56d0fe6fce3763a0e9362b561a4078c4246918a89cc3f9c3bdd3d8b17cdd3d5ac8741b59f5a5cc459a10937249c82344d9d3efbac0b1672d043d2426f9a39f653effd85aa649c02bce2bb6cd8da550113d86e95521a494ffd02a05fbb34a1076fde5672b74b073a9cb9cc2586d0c4d9a22a7ea89f5e04c903471aeb4e", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/23], 0x48) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r0}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x4, 0x6, 0x80, 0x42, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000540), &(0x7f0000000080), 0x619, r1}, 0x38) 84.568773ms ago: executing program 1 (id=477): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@lu, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r1, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@lld, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r2}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r0}, 0x10) setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r1, 0x28, 0x1, &(0x7f0000000100)=0xfffffffffffffffe, 0x112) 84.341797ms ago: executing program 1 (id=478): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000300)=@newtfilter={0x3c, 0x2c, 0xd27, 0x70bd25, 0x8000, {0x0, 0x0, 0x0, r3, {0x0, 0x7}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_ENC_UDP_SRC_PORT={0x6}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x80}, 0x800) 196.626µs ago: executing program 0 (id=479): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/bus/input/devices\x00', 0x0, 0x0) r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$uinput_user_dev(r1, &(0x7f0000000080)={'syz0\x00', {0x0, 0x3}, 0x0, [0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x10000000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa0000000, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0xfffffffc, 0x5, 0x5, 0x0, 0x2, 0x0, 0xffffffff], [0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x80000000, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x3], [0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xfffffffc, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x2, 0x0, 0x0, 0x2, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9]}, 0x45c) ioctl$KVM_SET_GUEST_DEBUG(0xffffffffffffffff, 0x4048ae9b, 0x0) ioctl$UI_SET_EVBIT(r1, 0x40045564, 0x4) ioctl$UI_DEV_CREATE(r1, 0x5501) read$FUSE(r0, &(0x7f00000028c0)={0x2020}, 0x2020) 0s ago: executing program 0 (id=480): r0 = landlock_create_ruleset(&(0x7f00000001c0)={0xa019, 0x1, 0x3}, 0x18, 0x0) landlock_restrict_self(r0, 0x1) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r3 = getpgrp(0x0) fcntl$setownex(r2, 0xf, &(0x7f0000000100)={0x2, r3}) sendmsg$unix(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)="b5", 0x1}], 0x1}, 0x240408c1) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:32859' (ED25519) to the list of known hosts. [ 40.720914][ T5906] cgroup: Unknown subsys name 'net' [ 40.859244][ T5906] cgroup: Unknown subsys name 'cpuset' [ 40.863585][ T5906] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 41.738526][ T5906] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 44.685617][ T5940] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 44.686945][ T5943] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 44.698054][ T5944] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 44.698298][ T5948] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 44.701155][ T5944] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 44.704623][ T5948] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 44.706486][ T5944] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 44.709696][ T5948] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 44.712101][ T5944] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 44.715388][ T5948] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 44.716821][ T5944] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 44.719411][ T5948] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 44.722899][ T5952] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 44.724740][ T5948] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 44.727839][ T5952] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 44.730969][ T5950] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 44.737017][ T5952] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 44.739862][ T5951] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 44.742648][ T5951] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 44.744893][ T5951] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 45.005340][ T5936] chnl_net:caif_netlink_parms(): no params data found [ 45.034043][ T5937] chnl_net:caif_netlink_parms(): no params data found [ 45.057539][ T5947] chnl_net:caif_netlink_parms(): no params data found [ 45.276505][ T5937] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.278718][ T5937] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.280999][ T5937] bridge_slave_0: entered allmulticast mode [ 45.283922][ T5937] bridge_slave_0: entered promiscuous mode [ 45.287902][ T5945] chnl_net:caif_netlink_parms(): no params data found [ 45.295355][ T5936] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.298006][ T5936] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.300143][ T5936] bridge_slave_0: entered allmulticast mode [ 45.302650][ T5936] bridge_slave_0: entered promiscuous mode [ 45.305716][ T5936] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.308436][ T5936] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.311089][ T5936] bridge_slave_1: entered allmulticast mode [ 45.314227][ T5936] bridge_slave_1: entered promiscuous mode [ 45.317405][ T5937] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.319898][ T5937] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.322699][ T5937] bridge_slave_1: entered allmulticast mode [ 45.325806][ T5937] bridge_slave_1: entered promiscuous mode [ 45.448276][ T5937] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 45.467563][ T5936] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 45.476569][ T5937] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 45.479893][ T5947] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.482160][ T5947] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.484428][ T5947] bridge_slave_0: entered allmulticast mode [ 45.487115][ T5947] bridge_slave_0: entered promiscuous mode [ 45.491196][ T5947] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.493447][ T5947] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.495750][ T5947] bridge_slave_1: entered allmulticast mode [ 45.498650][ T5947] bridge_slave_1: entered promiscuous mode [ 45.502409][ T5936] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 45.572369][ T5937] team0: Port device team_slave_0 added [ 45.589373][ T5947] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 45.609984][ T5936] team0: Port device team_slave_0 added [ 45.642141][ T5937] team0: Port device team_slave_1 added [ 45.645630][ T5947] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 45.664738][ T5936] team0: Port device team_slave_1 added [ 45.681559][ T5945] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.684010][ T5945] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.686945][ T5945] bridge_slave_0: entered allmulticast mode [ 45.690790][ T5945] bridge_slave_0: entered promiscuous mode [ 45.694889][ T5945] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.698380][ T5945] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.701305][ T5945] bridge_slave_1: entered allmulticast mode [ 45.704921][ T5945] bridge_slave_1: entered promiscuous mode [ 45.792649][ T5937] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 45.794871][ T5937] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 45.802601][ T5937] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 45.808608][ T5947] team0: Port device team_slave_0 added [ 45.811830][ T5936] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 45.814244][ T5936] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 45.824646][ T5936] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 45.848002][ T5937] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 45.850604][ T5937] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 45.859461][ T5937] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 45.864020][ T5947] team0: Port device team_slave_1 added [ 45.866576][ T5936] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 45.869518][ T5936] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 45.880285][ T5936] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 45.887518][ T5945] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 45.896452][ T5945] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 45.945522][ T5947] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 45.947807][ T5947] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 45.955467][ T5947] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 45.961577][ T5947] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 45.963663][ T5947] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 45.971551][ T5947] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 45.998163][ T5945] team0: Port device team_slave_0 added [ 46.063684][ T5945] team0: Port device team_slave_1 added [ 46.068948][ T5937] hsr_slave_0: entered promiscuous mode [ 46.071184][ T5937] hsr_slave_1: entered promiscuous mode [ 46.155955][ T5947] hsr_slave_0: entered promiscuous mode [ 46.158473][ T5947] hsr_slave_1: entered promiscuous mode [ 46.160511][ T5947] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 46.162928][ T5947] Cannot create hsr debugfs directory [ 46.168029][ T5936] hsr_slave_0: entered promiscuous mode [ 46.170956][ T5936] hsr_slave_1: entered promiscuous mode [ 46.173583][ T5936] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 46.178374][ T5936] Cannot create hsr debugfs directory [ 46.217523][ T5945] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 46.219753][ T5945] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.228045][ T5945] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 46.232237][ T5945] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 46.234379][ T5945] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.242663][ T5945] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 46.391100][ T5945] hsr_slave_0: entered promiscuous mode [ 46.393370][ T5945] hsr_slave_1: entered promiscuous mode [ 46.395421][ T5945] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 46.397879][ T5945] Cannot create hsr debugfs directory [ 46.583119][ T5937] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 46.592003][ T5937] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 46.597385][ T5937] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 46.604445][ T5937] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 46.650521][ T5947] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 46.656945][ T5947] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 46.661889][ T5947] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 46.668699][ T5947] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 46.708052][ T5936] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 46.713118][ T5936] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 46.718962][ T5936] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 46.723272][ T5936] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 46.757735][ T5940] Bluetooth: hci0: command tx timeout [ 46.758422][ T5951] Bluetooth: hci2: command tx timeout [ 46.759748][ T5940] Bluetooth: hci3: command tx timeout [ 46.762078][ T5951] Bluetooth: hci1: command tx timeout [ 46.782682][ T5945] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 46.787379][ T5945] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 46.799310][ T5945] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 46.803793][ T5945] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 46.824052][ T5937] 8021q: adding VLAN 0 to HW filter on device bond0 [ 46.838581][ T5947] 8021q: adding VLAN 0 to HW filter on device bond0 [ 46.854617][ T5937] 8021q: adding VLAN 0 to HW filter on device team0 [ 46.865767][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.868782][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 46.883064][ T5947] 8021q: adding VLAN 0 to HW filter on device team0 [ 46.895345][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.898483][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 46.918179][ T87] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.921167][ T87] bridge0: port 1(bridge_slave_0) entered forwarding state [ 46.931989][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.934419][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 46.942318][ T5936] 8021q: adding VLAN 0 to HW filter on device bond0 [ 46.995104][ T5936] 8021q: adding VLAN 0 to HW filter on device team0 [ 47.008473][ T5945] 8021q: adding VLAN 0 to HW filter on device bond0 [ 47.016804][ T1173] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.019056][ T1173] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.033097][ T1173] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.036070][ T1173] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.051918][ T5945] 8021q: adding VLAN 0 to HW filter on device team0 [ 47.069972][ T1173] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.072209][ T1173] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.077501][ T1173] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.079745][ T1173] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.141993][ T5937] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.171269][ T5947] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.185612][ T5937] veth0_vlan: entered promiscuous mode [ 47.194880][ T5937] veth1_vlan: entered promiscuous mode [ 47.217297][ T5937] veth0_macvtap: entered promiscuous mode [ 47.221220][ T5936] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.224204][ T5947] veth0_vlan: entered promiscuous mode [ 47.228434][ T5937] veth1_macvtap: entered promiscuous mode [ 47.240322][ T5947] veth1_vlan: entered promiscuous mode [ 47.258170][ T5937] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 47.264802][ T5945] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.271593][ T5937] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.275783][ T5937] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.279276][ T5937] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.282008][ T5937] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.284705][ T5937] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.310917][ T5936] veth0_vlan: entered promiscuous mode [ 47.323312][ T5947] veth0_macvtap: entered promiscuous mode [ 47.330316][ T5936] veth1_vlan: entered promiscuous mode [ 47.339132][ T5947] veth1_macvtap: entered promiscuous mode [ 47.364330][ T5945] veth0_vlan: entered promiscuous mode [ 47.365269][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.369739][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.376284][ T5947] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.381010][ T5947] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.384982][ T5947] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 47.392967][ T5947] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.396687][ T5947] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.400458][ T5947] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.414850][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.416346][ T5945] veth1_vlan: entered promiscuous mode [ 47.420987][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.421721][ T5947] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.427356][ T5947] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.430097][ T5947] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.432794][ T5947] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.451471][ T5936] veth0_macvtap: entered promiscuous mode [ 47.455525][ T5936] veth1_macvtap: entered promiscuous mode [ 47.481569][ T5937] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 47.481846][ T5936] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.489921][ T5936] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.492986][ T5936] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.496227][ T5936] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.500485][ T5936] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 47.503704][ T87] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.506175][ T87] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.515968][ T5936] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.519699][ T5936] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.522747][ T5936] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.526005][ T5936] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.530507][ T5936] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.535618][ T5945] veth0_macvtap: entered promiscuous mode [ 47.549771][ T1137] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.552256][ T1137] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.556026][ T5936] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.560093][ T5936] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.563305][ T5936] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.566182][ T5936] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.574577][ T5945] veth1_macvtap: entered promiscuous mode [ 47.582749][ T5945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.586615][ T5945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.589692][ T5945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.593029][ T5945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.596222][ T5945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.600211][ T5945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.604682][ T5945] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 47.612148][ T5945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.616220][ T5945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.620796][ T5945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.624640][ T5945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.628708][ T5945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.632377][ T5945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.636630][ T5945] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.648953][ T5945] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.652733][ T5945] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.655748][ T5945] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.658846][ T5945] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.684645][ T6007] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1'. [ 47.688746][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.688763][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.738913][ T1137] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.741522][ T1137] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.743297][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.753086][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.777383][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.779866][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.819536][ T6017] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3'. [ 47.918541][ T6027] IPVS: sync thread started: state = MASTER, mcast_ifn = sit0, syncid = 0, id = 0 [ 48.371987][ T6041] netlink: 96 bytes leftover after parsing attributes in process `syz.1.17'. [ 48.620561][ T834] libceph: connect (1)[c::]:6789 error -101 [ 48.622761][ T834] libceph: mon0 (1)[c::]:6789 connect error [ 48.733159][ T40] audit: type=1326 audit(1746480177.797:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6060 comm="syz.1.22" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f02579 code=0x0 [ 48.791267][ T6064] Zero length message leads to an empty skb [ 48.837999][ T5951] Bluetooth: hci1: command tx timeout [ 48.838045][ T5292] Bluetooth: hci3: command tx timeout [ 48.840044][ T5951] Bluetooth: hci2: command tx timeout [ 48.842899][ T5292] Bluetooth: hci0: command tx timeout [ 48.880489][ T834] libceph: connect (1)[c::]:6789 error -101 [ 48.883165][ T834] libceph: mon0 (1)[c::]:6789 connect error [ 49.014556][ T6073] netlink: 'syz.3.27': attribute type 13 has an invalid length. [ 49.052048][ T6073] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 49.397468][ T834] libceph: connect (1)[c::]:6789 error -101 [ 49.400184][ T834] libceph: mon0 (1)[c::]:6789 connect error [ 49.443138][ T6053] ceph: No mds server is up or the cluster is laggy [ 49.693244][ T6093] binder: 6092:6093 ioctl c018620c 0 returned -14 [ 49.836753][ T6062] usb 6-1: new full-speed USB device number 2 using dummy_hcd [ 49.999069][ T6062] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 50.003195][ T6062] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 50.008451][ T6062] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 50.012204][ T6062] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 50.016510][ T5993] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 50.166817][ T5993] usb 8-1: Using ep0 maxpacket: 8 [ 50.169665][ T5993] usb 8-1: config index 0 descriptor too short (expected 5924, got 36) [ 50.172314][ T5993] usb 8-1: config 250 has an invalid interface number: 228 but max is -1 [ 50.174948][ T5993] usb 8-1: config 250 has 1 interface, different from the descriptor's value: 0 [ 50.177932][ T5993] usb 8-1: config 250 has no interface number 0 [ 50.179915][ T5993] usb 8-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024 [ 50.183473][ T5993] usb 8-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024 [ 50.186877][ T5993] usb 8-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0 [ 50.190068][ T5993] usb 8-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0 [ 50.193243][ T5993] usb 8-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17 [ 50.197563][ T5993] usb 8-1: config 250 interface 228 has no altsetting 0 [ 50.201049][ T5993] usb 8-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07 [ 50.203854][ T5993] usb 8-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59 [ 50.206775][ T5993] usb 8-1: Product: syz [ 50.208099][ T5993] usb 8-1: SerialNumber: syz [ 50.213394][ T5993] hub 8-1:250.228: bad descriptor, ignoring hub [ 50.215665][ T5993] hub 8-1:250.228: probe with driver hub failed with error -5 [ 50.230046][ T6062] usb 6-1: usb_control_msg returned -32 [ 50.232666][ T6062] usbtmc 6-1:16.0: can't read capabilities [ 50.425535][ T5993] usblp 8-1:250.228: usblp1: USB Bidirectional printer dev 2 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292 [ 50.457248][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 50.513333][ T40] audit: type=1326 audit(1746480179.577:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6102 comm="syz.0.40" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x0 [ 50.737149][ T5993] usb 8-1: USB disconnect, device number 2 [ 50.741170][ T5993] usblp1: removed [ 50.916897][ T5292] Bluetooth: hci2: command tx timeout [ 50.919275][ T5292] Bluetooth: hci0: command tx timeout [ 50.920291][ T5940] Bluetooth: hci3: command tx timeout [ 50.922312][ T5951] Bluetooth: hci1: command tx timeout [ 51.103510][ T10] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 51.152890][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 51.159653][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 51.162707][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 51.206832][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 51.266539][ T10] usb 8-1: Using ep0 maxpacket: 8 [ 51.278088][ T10] usb 8-1: config 0 has an invalid interface number: 101 but max is 0 [ 51.281428][ T10] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 51.285494][ T10] usb 8-1: config 0 has no interface number 0 [ 51.295801][ T10] usb 8-1: too many endpoints for config 0 interface 101 altsetting 192: 166, using maximum allowed: 30 [ 51.296475][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 51.309899][ T10] usb 8-1: config 0 interface 101 altsetting 192 has 0 endpoint descriptors, different from the interface descriptor's value: 166 [ 51.315418][ T10] usb 8-1: config 0 interface 101 has no altsetting 0 [ 51.327383][ T0] NOHZ tick-stop error: local softirq work is pending, handler #2c8!!! [ 51.332442][ T10] usb 8-1: New USB device found, idVendor=0757, idProduct=0a00, bcdDevice= 0.00 [ 51.340037][ T10] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 51.348590][ T10] usb 8-1: config 0 descriptor?? [ 51.360627][ T6109] serio: Serial port ptm0 [ 51.363942][ T6104] syz.2.39 (6104): drop_caches: 3 [ 51.449493][ T40] audit: type=1326 audit(1746480180.517:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6113 comm="syz.0.43" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x0 [ 51.464671][ T6115] netlink: 'syz.2.42': attribute type 13 has an invalid length. [ 51.491714][ T6115] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 51.556542][ T10] usb 8-1: USB disconnect, device number 3 [ 51.896453][ T1329] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 52.059813][ T1329] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 52.063368][ T1329] usb 7-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 52.067979][ T1329] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 52.071634][ T1329] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 52.078149][ T1329] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 52.084353][ T1329] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 52.088452][ T1329] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 52.091867][ T1329] usb 7-1: Product: syz [ 52.093511][ T1329] usb 7-1: Manufacturer: syz [ 52.098436][ T1329] cdc_wdm 7-1:1.0: skipping garbage [ 52.100226][ T1329] cdc_wdm 7-1:1.0: skipping garbage [ 52.103539][ T1329] cdc_wdm 7-1:1.0: cdc-wdm1: USB WDM device [ 52.105541][ T1329] cdc_wdm 7-1:1.0: Unknown control protocol [ 52.153013][ T6130] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 52.337789][ T6139] nbd: device at index 3 is going down [ 52.388011][ T6145] Bluetooth: MGMT ver 1.23 [ 52.602963][ T10] usb 6-1: USB disconnect, device number 2 [ 52.642884][ T6165] netlink: 'syz.0.60': attribute type 13 has an invalid length. [ 52.672024][ T6165] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 52.868736][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 52.886818][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 52.891749][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 52.997001][ T5951] Bluetooth: hci3: command tx timeout [ 53.008141][ T5951] Bluetooth: hci1: command tx timeout [ 53.008214][ T5940] Bluetooth: hci2: command tx timeout [ 53.373476][ T6171] syz.3.62 (6171): drop_caches: 3 [ 53.536988][ T40] audit: type=1326 audit(1746480182.607:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6172 comm="syz.3.63" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fd3579 code=0x0 [ 53.572686][ T6176] serio: Serial port ptm0 [ 53.667767][ T6182] netlink: 156 bytes leftover after parsing attributes in process `syz.1.65'. [ 54.638545][ T6198] netlink: 'syz.1.71': attribute type 13 has an invalid length. [ 54.669117][ T10] usb 7-1: USB disconnect, device number 2 [ 54.681817][ T6198] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 54.785613][ T6201] serio: Serial port ptm0 [ 54.937192][ T6210] syz.1.73 (6210): drop_caches: 3 [ 55.401704][ T6228] netlink: 'syz.1.84': attribute type 13 has an invalid length. [ 55.406609][ T834] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 55.410760][ T6228] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 55.498321][ T6230] syz.1.85 uses obsolete (PF_INET,SOCK_PACKET) [ 55.501101][ T6230] syzkaller1: entered promiscuous mode [ 55.502844][ T6230] syzkaller1: entered allmulticast mode [ 55.585178][ T834] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 55.588341][ T834] usb 8-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 55.591646][ T834] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 55.594550][ T834] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 55.599191][ T834] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 55.604363][ T834] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 55.607592][ T834] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 55.610703][ T834] usb 8-1: Product: syz [ 55.612363][ T834] usb 8-1: Manufacturer: syz [ 55.618915][ T834] cdc_wdm 8-1:1.0: skipping garbage [ 55.620574][ T834] cdc_wdm 8-1:1.0: skipping garbage [ 55.623735][ T834] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device [ 55.626161][ T834] cdc_wdm 8-1:1.0: Unknown control protocol [ 56.028977][ T6233] serio: Serial port ptm0 [ 56.122176][ T6236] netlink: 'syz.0.94': attribute type 13 has an invalid length. [ 56.131328][ T6236] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 56.379203][ T834] usb 8-1: USB disconnect, device number 4 [ 56.388079][ T6261] serio: Serial port ptm0 [ 56.836800][ T5940] Bluetooth: hci3: command tx timeout [ 57.008441][ T6278] netlink: 4 bytes leftover after parsing attributes in process `syz.3.105'. [ 57.303518][ T6297] input: syz0 as /devices/virtual/input/input6 [ 57.559017][ T40] audit: type=1326 audit(1746480186.627:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6305 comm="syz.1.114" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02579 code=0x7fc00000 [ 58.219148][ T40] audit: type=1326 audit(1746480187.287:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6305 comm="syz.1.114" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02579 code=0x7fc00000 [ 58.663098][ T6341] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 58.665317][ T6341] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 58.680488][ T6341] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 58.690600][ T6341] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 58.692685][ T6341] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 58.697740][ T6341] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 58.707982][ T6341] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 58.709969][ T6341] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 58.717871][ T6341] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 58.720996][ T6341] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 58.722964][ T6341] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 58.730081][ T6341] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 59.165336][ T6374] ip6tnl1: entered promiscuous mode [ 59.684560][ T40] audit: type=1326 audit(1746480188.747:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6400 comm="syz.3.154" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd3579 code=0x7ffc0000 [ 59.692347][ T40] audit: type=1326 audit(1746480188.747:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6400 comm="syz.3.154" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd3579 code=0x7ffc0000 [ 59.700816][ T40] audit: type=1326 audit(1746480188.767:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6400 comm="syz.3.154" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fd3579 code=0x7ffc0000 [ 59.709445][ T40] audit: type=1326 audit(1746480188.767:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6400 comm="syz.3.154" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd3579 code=0x7ffc0000 [ 59.716208][ T40] audit: type=1326 audit(1746480188.767:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6400 comm="syz.3.154" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd3579 code=0x7ffc0000 [ 59.724354][ T40] audit: type=1326 audit(1746480188.777:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6400 comm="syz.3.154" exe="/syz-executor" sig=0 arch=40000003 syscall=365 compat=1 ip=0xf7fd3579 code=0x7ffc0000 [ 60.256118][ T6447] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 60.676404][ T5940] Bluetooth: hci0: command 0x0c1a tx timeout [ 60.756599][ T5951] Bluetooth: hci2: command 0x0c1a tx timeout [ 60.758622][ T5951] Bluetooth: hci1: command 0x0c1a tx timeout [ 60.758859][ T5940] Bluetooth: hci3: command 0x0c1a tx timeout [ 60.944154][ T6462] 9pnet: p9_errstr2errno: server reported unknown error í HID v0.05 Device [syz1] on syz0 [ 71.918104][ T1329] kernel write not supported for file /dsp (pid: 1329 comm: kworker/0:2) [ 71.918212][ T5314] kernel read not supported for file /dsp (pid: 5314 comm: kworker/3:2) [ 72.205085][ T6929] netlink: 136 bytes leftover after parsing attributes in process `syz.3.361'. [ 72.896428][ T834] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 73.080073][ T834] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 73.083680][ T834] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 73.087599][ T834] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 73.091022][ T834] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 73.094972][ T834] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 73.097838][ T834] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 73.101870][ T834] usb 7-1: config 0 descriptor?? [ 73.103868][ T6946] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 73.204063][ T6963] netlink: 'syz.3.378': attribute type 4 has an invalid length. [ 73.218499][ T6963] netlink: 'syz.3.378': attribute type 4 has an invalid length. [ 73.251347][ T40] audit: type=1326 audit(1746480202.317:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6964 comm="syz.0.379" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000 [ 73.258009][ T40] audit: type=1326 audit(1746480202.317:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6964 comm="syz.0.379" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000 [ 73.264521][ T40] audit: type=1326 audit(1746480202.327:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6964 comm="syz.0.379" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf7f95579 code=0x7ffc0000 [ 73.271582][ T40] audit: type=1326 audit(1746480202.327:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6964 comm="syz.0.379" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000 [ 73.278981][ T40] audit: type=1326 audit(1746480202.327:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6964 comm="syz.0.379" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000 [ 73.285404][ T40] audit: type=1326 audit(1746480202.327:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6964 comm="syz.0.379" exe="/syz-executor" sig=0 arch=40000003 syscall=217 compat=1 ip=0xf7f95579 code=0x7ffc0000 [ 73.292370][ T40] audit: type=1326 audit(1746480202.327:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6964 comm="syz.0.379" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000 [ 73.516686][ T834] plantronics 0003:047F:FFFF.0005: reserved main item tag 0xd [ 73.518277][ T6978] warning: `syz.0.385' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 73.519971][ T834] plantronics 0003:047F:FFFF.0005: No inputs registered, leaving [ 73.531321][ T834] plantronics 0003:047F:FFFF.0005: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 74.067250][ T7008] team0: No ports can be present during mode change [ 74.069799][ T7008] netlink: 4 bytes leftover after parsing attributes in process `syz.1.396'. [ 74.154935][ T7008] team0 (unregistering): Port device team_slave_0 removed [ 74.162847][ T7008] team0 (unregistering): Port device team_slave_1 removed [ 74.214088][ T7014] usb usb8: usbfs: process 7014 (syz.3.399) did not claim interface 0 before use [ 75.510100][ T1329] usb 7-1: USB disconnect, device number 4 [ 76.036832][ T1329] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 76.206474][ T1329] usb 6-1: Using ep0 maxpacket: 16 [ 76.212398][ T1329] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD7, changing to 0x87 [ 76.219384][ T1329] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 76.228152][ T1329] usb 6-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89 [ 76.230934][ T1329] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 76.233523][ T1329] usb 6-1: Product: syz [ 76.234782][ T1329] usb 6-1: Manufacturer: syz [ 76.236175][ T1329] usb 6-1: SerialNumber: syz [ 76.239331][ T1329] usb 6-1: config 0 descriptor?? [ 76.516503][ T1329] appledisplay 6-1:0.0: Error while getting initial brightness: -110 [ 76.519301][ T1329] appledisplay 6-1:0.0: probe with driver appledisplay failed with error -110 [ 76.530515][ T1329] usb 6-1: USB disconnect, device number 3 [ 76.534678][ T6632] udevd[6632]: setting mode of /dev/bus/usb/006/003 to 020664 failed: No such file or directory [ 76.539024][ T6632] udevd[6632]: setting owner of /dev/bus/usb/006/003 to uid=0, gid=0 failed: No such file or directory [ 76.675345][ T7102] netlink: 40 bytes leftover after parsing attributes in process `syz.0.433'. [ 76.681434][ T7102] netlink: 40 bytes leftover after parsing attributes in process `syz.0.433'. [ 76.946466][ T834] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 77.117228][ T834] usb 5-1: Using ep0 maxpacket: 8 [ 77.120221][ T834] usb 5-1: config index 0 descriptor too short (expected 5924, got 36) [ 77.122969][ T834] usb 5-1: config 250 has an invalid interface number: 228 but max is -1 [ 77.125652][ T834] usb 5-1: config 250 has 1 interface, different from the descriptor's value: 0 [ 77.129702][ T834] usb 5-1: config 250 has no interface number 0 [ 77.131895][ T834] usb 5-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024 [ 77.135905][ T834] usb 5-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024 [ 77.139129][ T834] usb 5-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0 [ 77.142172][ T834] usb 5-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0 [ 77.145252][ T834] usb 5-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17 [ 77.150204][ T834] usb 5-1: config 250 interface 228 has no altsetting 0 [ 77.153989][ T834] usb 5-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07 [ 77.157467][ T834] usb 5-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59 [ 77.159967][ T834] usb 5-1: Product: syz [ 77.161295][ T834] usb 5-1: SerialNumber: syz [ 77.172332][ T834] hub 5-1:250.228: bad descriptor, ignoring hub [ 77.174321][ T834] hub 5-1:250.228: probe with driver hub failed with error -5 [ 77.378101][ T834] usblp 5-1:250.228: usblp0: USB Bidirectional printer dev 2 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292 [ 77.985649][ T7104] usb 5-1: reset high-speed USB device number 2 using dummy_hcd [ 78.346458][ T7104] usb 5-1: failed to restore interface 228 altsetting 255 (error=-71) [ 78.352073][ T1322] usb 5-1: USB disconnect, device number 2 [ 78.355690][ T1322] usblp0: removed [ 78.568005][ T7167] netlink: 36 bytes leftover after parsing attributes in process `syz.2.458'. [ 78.926379][ T1322] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 78.936466][ T5314] usb 6-1: new full-speed USB device number 4 using dummy_hcd [ 79.096362][ T1322] usb 7-1: Using ep0 maxpacket: 16 [ 79.097607][ T5314] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 79.099301][ T1322] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 79.101106][ T5314] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 79.104455][ T1322] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 79.109178][ T5314] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 79.112512][ T1322] usb 7-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 79.115455][ T5314] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 79.118669][ T1322] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 79.119902][ T1322] usb 7-1: config 0 descriptor?? [ 79.328911][ T5314] usb 6-1: usb_control_msg returned -32 [ 79.330685][ T5314] usbtmc 6-1:16.0: can't read capabilities [ 79.531599][ T1322] HID 045e:07da: Invalid code 65791 type 1 [ 79.536151][ T1322] input: HID 045e:07da as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/0003:045E:07DA.0006/input/input10 [ 79.546925][ T1322] microsoft 0003:045E:07DA.0006: input,hidraw1: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0 [ 79.885815][ T63] usb 6-1: USB disconnect, device number 4 [ 80.306004][ T7214] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 80.324314][ T40] audit: type=1800 audit(1746480209.387:22): pid=7214 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.475" name="file0" dev="overlay" ino=35913852 res=0 errno=0 [ 80.324625][ T7214] evm: overlay not supported [ 80.332608][ T1322] usb 7-1: USB disconnect, device number 5 [ 80.485474][ T7222] input: syz0 as /devices/virtual/input/input11 [ 80.532981][ T7224] [ 80.533827][ T7224] ===================================================== [ 80.535975][ T7224] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected [ 80.538363][ T7224] 6.15.0-rc5-syzkaller-00022-g01f95500a162 #0 Not tainted [ 80.540745][ T7227] capability: warning: `syz.1.481' uses deprecated v2 capabilities in a way that may be insecure [ 80.541661][ T7224] ----------------------------------------------------- [ 80.541670][ T7224] syz.0.480/7224 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire: [ 80.541689][ T7224] ffffffff8e00c098 (tasklist_lock){.+.+}-{3:3}, at: send_sigurg+0xed/0xc80 [ 80.541734][ T7224] [ 80.541734][ T7224] and this task is already holding: [ 80.541739][ T7224] ffff8880215efda0 (&f_owner->lock){....}-{3:3}, at: send_sigurg+0x5f/0xc80 [ 80.541779][ T7224] which would create a new lock dependency: [ 80.560823][ T7224] (&f_owner->lock){....}-{3:3} -> (tasklist_lock){.+.+}-{3:3} [ 80.563522][ T7224] [ 80.563522][ T7224] but this new dependency connects a SOFTIRQ-irq-safe lock: [ 80.566524][ T7224] (&dev->event_lock#2){..-.}-{3:3} [ 80.566545][ T7224] [ 80.566545][ T7224] ... which became SOFTIRQ-irq-safe at: [ 80.570743][ T7224] lock_acquire+0x179/0x350 [ 80.572257][ T7224] _raw_spin_lock_irqsave+0x3a/0x60 [ 80.573986][ T7224] input_event+0x70/0xb0 [ 80.575352][ T7224] hidinput_report_event+0xb2/0x100 [ 80.577133][ T7224] hid_report_raw_event+0x268/0x1290 [ 80.578928][ T7224] __hid_input_report.constprop.0+0x33f/0x450 [ 80.580978][ T7224] hid_irq_in+0x35e/0x870 [ 80.582540][ T7224] __usb_hcd_giveback_urb+0x38a/0x6e0 [ 80.584317][ T7224] usb_hcd_giveback_urb+0x39b/0x450 [ 80.586048][ T7224] dummy_timer+0x180e/0x3a20 [ 80.587590][ T7224] __hrtimer_run_queues+0x1ff/0xad0 [ 80.589365][ T7224] hrtimer_run_softirq+0x17d/0x350 [ 80.591088][ T7224] handle_softirqs+0x216/0x8e0 [ 80.593037][ T7224] __irq_exit_rcu+0x109/0x170 [ 80.595109][ T7224] irq_exit_rcu+0x9/0x30 [ 80.596976][ T7224] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 80.599373][ T7224] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 80.601914][ T7224] pv_native_safe_halt+0xf/0x20 [ 80.603913][ T7224] default_idle+0x13/0x20 [ 80.605611][ T7224] default_idle_call+0x6d/0xb0 [ 80.607512][ T7224] do_idle+0x391/0x510 [ 80.608867][ T7224] cpu_startup_entry+0x4f/0x60 [ 80.610817][ T7224] start_secondary+0x21d/0x2b0 [ 80.612474][ T7224] common_startup_64+0x13e/0x148 [ 80.614089][ T7224] [ 80.614089][ T7224] to a SOFTIRQ-irq-unsafe lock: [ 80.616332][ T7224] (tasklist_lock){.+.+}-{3:3} [ 80.616349][ T7224] [ 80.616349][ T7224] ... which became SOFTIRQ-irq-unsafe at: [ 80.620348][ T7224] ... [ 80.620353][ T7224] lock_acquire+0x179/0x350 [ 80.623040][ T7224] _raw_read_lock+0x5f/0x70 [ 80.624965][ T7224] __do_wait+0x105/0x890 [ 80.626691][ T7224] do_wait+0x21e/0x5a0 [ 80.628223][ T7224] kernel_wait+0x9f/0x160 [ 80.629914][ T7224] call_usermodehelper_exec_work+0xf1/0x170 [ 80.632056][ T7224] process_one_work+0x9cc/0x1b70 [ 80.633869][ T7224] worker_thread+0x6c8/0xf10 [ 80.635374][ T7224] kthread+0x3c2/0x780 [ 80.636973][ T7224] ret_from_fork+0x45/0x80 [ 80.638412][ T7224] ret_from_fork_asm+0x1a/0x30 [ 80.639990][ T7224] [ 80.639990][ T7224] other info that might help us debug this: [ 80.639990][ T7224] [ 80.643022][ T7224] Chain exists of: [ 80.643022][ T7224] &dev->event_lock#2 --> &f_owner->lock --> tasklist_lock [ 80.643022][ T7224] [ 80.647053][ T7224] Possible interrupt unsafe locking scenario: [ 80.647053][ T7224] [ 80.649627][ T7224] CPU0 CPU1 [ 80.651442][ T7224] ---- ---- [ 80.653699][ T7224] lock(tasklist_lock); [ 80.655243][ T7224] local_irq_disable(); [ 80.657614][ T7224] lock(&dev->event_lock#2); [ 80.659943][ T7224] lock(&f_owner->lock); [ 80.662243][ T7224] [ 80.663391][ T7224] lock(&dev->event_lock#2); [ 80.664931][ T7224] [ 80.664931][ T7224] *** DEADLOCK *** [ 80.664931][ T7224] [ 80.667436][ T7224] 2 locks held by syz.0.480/7224: [ 80.669022][ T7224] #0: ffff88804b5e48c0 (&u->lock){+.+.}-{3:3}, at: unix_stream_sendmsg+0xc74/0x1160 [ 80.672378][ T7224] #1: ffff8880215efda0 (&f_owner->lock){....}-{3:3}, at: send_sigurg+0x5f/0xc80 [ 80.675512][ T7224] [ 80.675512][ T7224] the dependencies between SOFTIRQ-irq-safe lock and the holding lock: [ 80.678722][ T7224] -> (&dev->event_lock#2){..-.}-{3:3} { [ 80.680575][ T7224] IN-SOFTIRQ-W at: [ 80.681979][ T7224] lock_acquire+0x179/0x350 [ 80.684025][ T7224] _raw_spin_lock_irqsave+0x3a/0x60 [ 80.686275][ T7224] input_event+0x70/0xb0 [ 80.688338][ T7224] hidinput_report_event+0xb2/0x100 [ 80.690651][ T7224] hid_report_raw_event+0x268/0x1290 [ 80.693519][ T7224] __hid_input_report.constprop.0+0x33f/0x450 [ 80.696108][ T7224] hid_irq_in+0x35e/0x870 [ 80.698165][ T7224] __usb_hcd_giveback_urb+0x38a/0x6e0 [ 80.700502][ T7224] usb_hcd_giveback_urb+0x39b/0x450 [ 80.703191][ T7224] dummy_timer+0x180e/0x3a20 [ 80.705306][ T7224] __hrtimer_run_queues+0x1ff/0xad0 [ 80.707985][ T7224] hrtimer_run_softirq+0x17d/0x350 [ 80.710278][ T7224] handle_softirqs+0x216/0x8e0 [ 80.712435][ T7224] __irq_exit_rcu+0x109/0x170 [ 80.714609][ T7224] irq_exit_rcu+0x9/0x30 [ 80.716672][ T7224] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 80.719114][ T7224] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 80.721803][ T7224] pv_native_safe_halt+0xf/0x20 [ 80.724364][ T7224] default_idle+0x13/0x20 [ 80.726436][ T7224] default_idle_call+0x6d/0xb0 [ 80.728602][ T7224] do_idle+0x391/0x510 [ 80.730581][ T7224] cpu_startup_entry+0x4f/0x60 [ 80.732951][ T7224] start_secondary+0x21d/0x2b0 [ 80.735111][ T7224] common_startup_64+0x13e/0x148 [ 80.737401][ T7224] INITIAL USE at: [ 80.738744][ T7224] lock_acquire+0x179/0x350 [ 80.740814][ T7224] _raw_spin_lock_irqsave+0x3a/0x60 [ 80.743418][ T7224] input_inject_event+0x9f/0x390 [ 80.745580][ T7224] led_set_brightness+0x214/0x290 [ 80.747785][ T7224] kbd_led_trigger_activate+0xcb/0x110 [ 80.750135][ T7224] led_trigger_set+0x597/0xc50 [ 80.752385][ T7224] led_trigger_set_default+0x1bd/0x2a0 [ 80.754747][ T7224] led_classdev_register_ext+0x7b8/0xa10 [ 80.757152][ T7224] input_leds_connect+0x552/0x8e0 [ 80.759427][ T7224] input_attach_handler.isra.0+0x181/0x260 [ 80.761904][ T7224] input_register_device+0xa84/0x1130 [ 80.764340][ T7224] atkbd_connect+0x5da/0xa20 [ 80.766425][ T7224] serio_driver_probe+0x74/0xb0 [ 80.768601][ T7224] really_probe+0x23e/0xa90 [ 80.770669][ T7224] __driver_probe_device+0x1de/0x440 [ 80.773394][ T7224] driver_probe_device+0x4c/0x1b0 [ 80.775558][ T7224] __driver_attach+0x283/0x580 [ 80.777666][ T7224] bus_for_each_dev+0x13b/0x1d0 [ 80.779805][ T7224] serio_handle_event+0x247/0xa50 [ 80.782021][ T7224] process_one_work+0x9cc/0x1b70 [ 80.784832][ T7224] worker_thread+0x6c8/0xf10 [ 80.787255][ T7224] kthread+0x3c2/0x780 [ 80.789266][ T7224] ret_from_fork+0x45/0x80 [ 80.791378][ T7224] ret_from_fork_asm+0x1a/0x30 [ 80.793545][ T7224] } [ 80.794457][ T7224] ... key at: [] __key.7+0x0/0x40 [ 80.796775][ T7224] -> (&client->buffer_lock){....}-{3:3} { [ 80.798637][ T7224] INITIAL USE at: [ 80.799921][ T7224] lock_acquire+0x179/0x350 [ 80.802004][ T7224] _raw_spin_lock+0x2e/0x40 [ 80.804031][ T7224] evdev_pass_values+0x10e/0x9b0 [ 80.806167][ T7224] evdev_events+0x1bb/0x390 [ 80.808193][ T7224] input_pass_values+0x6c4/0x890 [ 80.810324][ T7224] input_handle_event+0xf00/0x14d0 [ 80.812477][ T7224] input_inject_event+0x1cd/0x390 [ 80.814653][ T7224] evdev_write+0x2e1/0x440 [ 80.816667][ T7224] vfs_write+0x25c/0x1180 [ 80.818613][ T7224] ksys_write+0x205/0x240 [ 80.820596][ T7224] __do_fast_syscall_32+0x73/0x120 [ 80.822833][ T7224] do_fast_syscall_32+0x32/0x80 [ 80.824953][ T7224] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 80.827548][ T7224] } [ 80.828421][ T7224] ... key at: [] __key.1+0x0/0x40 [ 80.830709][ T7224] ... acquired at: [ 80.832080][ T7224] _raw_spin_lock+0x2e/0x40 [ 80.833586][ T7224] evdev_pass_values+0x10e/0x9b0 [ 80.835214][ T7224] evdev_events+0x1bb/0x390 [ 80.836724][ T7224] input_pass_values+0x6c4/0x890 [ 80.838345][ T7224] input_handle_event+0xf00/0x14d0 [ 80.840013][ T7224] input_inject_event+0x1cd/0x390 [ 80.841722][ T7224] evdev_write+0x2e1/0x440 [ 80.843184][ T7224] vfs_write+0x25c/0x1180 [ 80.844704][ T7224] ksys_write+0x205/0x240 [ 80.846155][ T7224] __do_fast_syscall_32+0x73/0x120 [ 80.847825][ T7224] do_fast_syscall_32+0x32/0x80 [ 80.849424][ T7224] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 80.851569][ T7224] [ 80.852349][ T7224] -> (&new->fa_lock){....}-{3:3} { [ 80.854018][ T7224] INITIAL USE at: [ 80.855337][ T7224] lock_acquire+0x179/0x350 [ 80.857331][ T7224] _raw_write_lock_irq+0x36/0x50 [ 80.859449][ T7224] fasync_remove_entry+0xb2/0x1e0 [ 80.861890][ T7224] fasync_helper+0xaf/0xd0 [ 80.863915][ T7224] lease_modify+0x232/0x500 [ 80.865888][ T7224] locks_remove_file+0x29e/0x5b0 [ 80.867994][ T7224] __fput+0x351/0xb70 [ 80.869859][ T7224] task_work_run+0x14d/0x240 [ 80.871895][ T7224] syscall_exit_to_user_mode+0x27b/0x2a0 [ 80.874217][ T7224] __do_fast_syscall_32+0x80/0x120 [ 80.876502][ T7224] do_fast_syscall_32+0x32/0x80 [ 80.878594][ T7224] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 80.881198][ T7224] INITIAL READ USE at: [ 80.882611][ T7224] lock_acquire+0x179/0x350 [ 80.884683][ T7224] _raw_read_lock_irqsave+0x74/0x90 [ 80.886998][ T7224] kill_fasync+0x138/0x510 [ 80.889046][ T7224] lease_break_callback+0x23/0x30 [ 80.891308][ T7224] __break_lease+0x671/0x1810 [ 80.893987][ T7224] do_dentry_open+0x6e1/0x1c10 [ 80.896161][ T7224] vfs_open+0x82/0x3f0 [ 80.898119][ T7224] path_openat+0x1e5e/0x2d40 [ 80.900201][ T7224] do_filp_open+0x20b/0x470 [ 80.902303][ T7224] do_sys_openat2+0x11b/0x1d0 [ 80.904419][ T7224] __ia32_compat_sys_openat+0x16d/0x210 [ 80.906805][ T7224] __do_fast_syscall_32+0x73/0x120 [ 80.909143][ T7224] do_fast_syscall_32+0x32/0x80 [ 80.911375][ T7224] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 80.914411][ T7224] } [ 80.915230][ T7224] ... key at: [] __key.0+0x0/0x40 [ 80.917407][ T7224] ... acquired at: [ 80.918591][ T7224] _raw_read_lock_irqsave+0x74/0x90 [ 80.920219][ T7224] kill_fasync+0x138/0x510 [ 80.921657][ T7224] evdev_pass_values+0x619/0x9b0 [ 80.923220][ T7224] evdev_events+0x1bb/0x390 [ 80.924680][ T7224] input_pass_values+0x6c4/0x890 [ 80.926248][ T7224] input_handle_event+0xf00/0x14d0 [ 80.927849][ T7224] input_inject_event+0x1cd/0x390 [ 80.929408][ T7224] evdev_write+0x2e1/0x440 [ 80.930835][ T7224] vfs_write+0x25c/0x1180 [ 80.932296][ T7224] ksys_write+0x205/0x240 [ 80.933790][ T7224] __do_fast_syscall_32+0x73/0x120 [ 80.935429][ T7224] do_fast_syscall_32+0x32/0x80 [ 80.937023][ T7224] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 80.939023][ T7224] [ 80.939881][ T7224] -> (&f_owner->lock){....}-{3:3} { [ 80.941659][ T7224] INITIAL USE at: [ 80.942936][ T7224] lock_acquire+0x179/0x350 [ 80.944736][ T7224] _raw_write_lock_irq+0x36/0x50 [ 80.946767][ T7224] __f_setown+0x61/0x3c0 [ 80.948599][ T7224] generic_setlease+0xeef/0x1300 [ 80.950620][ T7224] kernel_setlease+0x106/0x140 [ 80.952900][ T7224] vfs_setlease+0x258/0x2d0 [ 80.955387][ T7224] fcntl_setlease+0x3ed/0x5a0 [ 80.957975][ T7224] do_fcntl+0x75a/0x1590 [ 80.960353][ T7224] do_compat_fcntl64+0x370/0x700 [ 80.963005][ T7224] __do_fast_syscall_32+0x73/0x120 [ 80.965722][ T7224] do_fast_syscall_32+0x32/0x80 [ 80.968351][ T7224] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 80.971540][ T7224] INITIAL READ USE at: [ 80.973421][ T7224] lock_acquire+0x179/0x350 [ 80.976074][ T7224] _raw_read_lock_irq+0x67/0x80 [ 80.978875][ T7224] f_getown+0x57/0x300 [ 80.981316][ T7224] sock_ioctl+0x1f2/0x6b0 [ 80.983912][ T7224] compat_sock_ioctl+0x4e3/0x730 [ 80.986756][ T7224] __ia32_compat_sys_ioctl+0x24c/0x360 [ 80.989792][ T7224] __do_fast_syscall_32+0x73/0x120 [ 80.992692][ T7224] do_fast_syscall_32+0x32/0x80 [ 80.995473][ T7224] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 80.998890][ T7224] } [ 80.999990][ T7224] ... key at: [] __key.1+0x0/0x40 [ 81.002972][ T7224] ... acquired at: [ 81.004581][ T7224] _raw_read_lock_irqsave+0x74/0x90 [ 81.006795][ T7224] send_sigio+0x31/0x3e0 [ 81.008641][ T7224] kill_fasync+0x214/0x510 [ 81.010548][ T7224] lease_break_callback+0x23/0x30 [ 81.012692][ T7224] __break_lease+0x671/0x1810 [ 81.014738][ T7224] do_dentry_open+0x6e1/0x1c10 [ 81.016302][ T7224] vfs_open+0x82/0x3f0 [ 81.017654][ T7224] path_openat+0x1e5e/0x2d40 [ 81.019211][ T7224] do_filp_open+0x20b/0x470 [ 81.020775][ T7224] do_sys_openat2+0x11b/0x1d0 [ 81.022507][ T7224] __ia32_compat_sys_openat+0x16d/0x210 [ 81.024752][ T7224] __do_fast_syscall_32+0x73/0x120 [ 81.026406][ T7224] do_fast_syscall_32+0x32/0x80 [ 81.027972][ T7224] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 81.030064][ T7224] [ 81.030848][ T7224] [ 81.030848][ T7224] the dependencies between the lock to be acquired [ 81.030853][ T7224] and SOFTIRQ-irq-unsafe lock: [ 81.035054][ T7224] -> (tasklist_lock){.+.+}-{3:3} { [ 81.036759][ T7224] HARDIRQ-ON-R at: [ 81.038019][ T7224] lock_acquire+0x179/0x350 [ 81.039937][ T7224] _raw_read_lock+0x5f/0x70 [ 81.042082][ T7224] __do_wait+0x105/0x890 [ 81.044144][ T7224] do_wait+0x21e/0x5a0 [ 81.045901][ T7224] kernel_wait+0x9f/0x160 [ 81.047717][ T7224] call_usermodehelper_exec_work+0xf1/0x170 [ 81.050067][ T7224] process_one_work+0x9cc/0x1b70 [ 81.052177][ T7224] worker_thread+0x6c8/0xf10 [ 81.054137][ T7224] kthread+0x3c2/0x780 [ 81.055903][ T7224] ret_from_fork+0x45/0x80 [ 81.057798][ T7224] ret_from_fork_asm+0x1a/0x30 [ 81.059777][ T7224] SOFTIRQ-ON-R at: [ 81.061091][ T7224] lock_acquire+0x179/0x350 [ 81.063553][ T7224] _raw_read_lock+0x5f/0x70 [ 81.065675][ T7224] __do_wait+0x105/0x890 [ 81.067572][ T7224] do_wait+0x21e/0x5a0 [ 81.069374][ T7224] kernel_wait+0x9f/0x160 [ 81.071293][ T7224] call_usermodehelper_exec_work+0xf1/0x170 [ 81.073637][ T7224] process_one_work+0x9cc/0x1b70 [ 81.075951][ T7224] worker_thread+0x6c8/0xf10 [ 81.077917][ T7224] kthread+0x3c2/0x780 [ 81.079671][ T7224] ret_from_fork+0x45/0x80 [ 81.081675][ T7224] ret_from_fork_asm+0x1a/0x30 [ 81.083661][ T7224] INITIAL USE at: [ 81.084900][ T7224] lock_acquire+0x179/0x350 [ 81.086814][ T7224] _raw_write_lock_irq+0x36/0x50 [ 81.088833][ T7224] copy_process+0x3f09/0x91a0 [ 81.090837][ T7224] kernel_clone+0xfc/0x960 [ 81.092736][ T7224] user_mode_thread+0xc7/0x110 [ 81.094737][ T7224] rest_init+0x23/0x2b0 [ 81.096537][ T7224] start_kernel+0x3e9/0x4d0 [ 81.098433][ T7224] x86_64_start_reservations+0x18/0x30 [ 81.100590][ T7224] x86_64_start_kernel+0xb0/0xc0 [ 81.102791][ T7224] common_startup_64+0x13e/0x148 [ 81.104804][ T7224] INITIAL READ USE at: [ 81.106180][ T7224] lock_acquire+0x179/0x350 [ 81.108205][ T7224] _raw_read_lock+0x5f/0x70 [ 81.110254][ T7224] __do_wait+0x105/0x890 [ 81.112235][ T7224] do_wait+0x21e/0x5a0 [ 81.114197][ T7224] kernel_wait+0x9f/0x160 [ 81.116192][ T7224] call_usermodehelper_exec_work+0xf1/0x170 [ 81.118685][ T7224] process_one_work+0x9cc/0x1b70 [ 81.120856][ T7224] worker_thread+0x6c8/0xf10 [ 81.122964][ T7224] kthread+0x3c2/0x780 [ 81.124949][ T7224] ret_from_fork+0x45/0x80 [ 81.126979][ T7224] ret_from_fork_asm+0x1a/0x30 [ 81.129117][ T7224] } [ 81.129931][ T7224] ... key at: [] tasklist_lock+0x18/0x40 [ 81.132443][ T7224] ... acquired at: [ 81.133665][ T7224] lock_acquire+0x179/0x350 [ 81.135189][ T7224] _raw_read_lock+0x5f/0x70 [ 81.136709][ T7224] send_sigurg+0xed/0xc80 [ 81.138161][ T7224] sk_send_sigurg+0x76/0x360 [ 81.139654][ T7224] unix_stream_sendmsg+0xe77/0x1160 [ 81.141405][ T7224] ____sys_sendmsg+0xa95/0xc70 [ 81.143465][ T7224] ___sys_sendmsg+0x134/0x1d0 [ 81.145241][ T7224] __sys_sendmsg+0x16d/0x220 [ 81.146877][ T7224] __do_fast_syscall_32+0x73/0x120 [ 81.148517][ T7224] do_fast_syscall_32+0x32/0x80 [ 81.150137][ T7224] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 81.152116][ T7224] [ 81.152971][ T7224] [ 81.152971][ T7224] stack backtrace: [ 81.154816][ T7224] CPU: 0 UID: 0 PID: 7224 Comm: syz.0.480 Not tainted 6.15.0-rc5-syzkaller-00022-g01f95500a162 #0 PREEMPT(full) [ 81.154829][ T7224] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 81.154835][ T7224] Call Trace: [ 81.154839][ T7224] [ 81.154844][ T7224] dump_stack_lvl+0x116/0x1f0 [ 81.154858][ T7224] check_irq_usage+0x7dc/0x920 [ 81.154873][ T7224] ? check_path.constprop.0+0x24/0x50 [ 81.154885][ T7224] ? __lock_acquire+0x1189/0x1ba0 [ 81.154897][ T7224] __lock_acquire+0x1189/0x1ba0 [ 81.154910][ T7224] lock_acquire+0x179/0x350 [ 81.154922][ T7224] ? send_sigurg+0xed/0xc80 [ 81.154934][ T7224] ? lockdep_hardirqs_on+0x7c/0x110 [ 81.154947][ T7224] _raw_read_lock+0x5f/0x70 [ 81.154958][ T7224] ? send_sigurg+0xed/0xc80 [ 81.154969][ T7224] send_sigurg+0xed/0xc80 [ 81.154979][ T7224] ? find_held_lock+0x2b/0x80 [ 81.154989][ T7224] sk_send_sigurg+0x76/0x360 [ 81.154999][ T7224] unix_stream_sendmsg+0xe77/0x1160 [ 81.155014][ T7224] ? aa_sk_perm+0x2f4/0xb10 [ 81.155025][ T7224] ? __pfx_unix_stream_sendmsg+0x10/0x10 [ 81.155040][ T7224] ? __pfx_aa_sk_perm+0x10/0x10 [ 81.155051][ T7224] ? __import_iovec+0x1c8/0x660 [ 81.155066][ T7224] ____sys_sendmsg+0xa95/0xc70 [ 81.155080][ T7224] ? __pfx_____sys_sendmsg+0x10/0x10 [ 81.155093][ T7224] ? get_compat_msghdr+0x11a/0x170 [ 81.155105][ T7224] ___sys_sendmsg+0x134/0x1d0 [ 81.155115][ T7224] ? __pfx____sys_sendmsg+0x10/0x10 [ 81.155132][ T7224] __sys_sendmsg+0x16d/0x220 [ 81.155142][ T7224] ? __pfx___sys_sendmsg+0x10/0x10 [ 81.155152][ T7224] ? __ia32_sys_futex_time32+0x1d9/0x460 [ 81.155165][ T7224] ? rcu_is_watching+0x12/0xc0 [ 81.155175][ T7224] ? rcu_is_watching+0x12/0xc0 [ 81.155183][ T7224] __do_fast_syscall_32+0x73/0x120 [ 81.155197][ T7224] do_fast_syscall_32+0x32/0x80 [ 81.155211][ T7224] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 81.155222][ T7224] RIP: 0023:0xf7f95579 [ 81.155230][ T7224] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 81.155239][ T7224] RSP: 002b:00000000f50b655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 81.155249][ T7224] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000080 [ 81.155255][ T7224] RDX: 00000000240408c1 RSI: 0000000000000000 RDI: 0000000000000000 [ 81.155260][ T7224] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 81.155265][ T7224] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 81.155271][ T7224] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 81.155279][ T7224] [ 81.156900][ T65] cfg80211: failed to load regulatory.db VM DIAGNOSIS: 21:23:29 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff854c26b5 RDI=ffffffff9addfbc0 RBP=ffffffff9addfb80 RSP=ffffc9000d7cf1f0 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=722d302e35312e36 R12=0000000000000000 R13=0000000000000020 R14=ffffffff9addfb80 R15=ffffffff854c2650 RIP=ffffffff854c26df RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff8880977ec000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f73fbbf0 CR3=000000001b351000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=00000000000651ec RBX=0000000000000001 RCX=ffffffff8b6953e9 RDX=ffffed10056665be RSI=ffffffff8bf46c20 RDI=ffffffff81913241 RBP=ffffed1003b52488 RSP=ffffc9000046fdf8 R8 =0000000000000000 R9 =ffffed10056665bd R10=ffff88802b332deb R11=0000000000000000 R12=0000000000000001 R13=ffff88801da92440 R14=ffffffff90852310 R15=0000000000000000 RIP=ffffffff8b693c7f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880978ec000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f7249e80 CR3=00000000201a3000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000e000000000 0000000400000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=ffff88804f5200cc RBX=0000000000000002 RCX=ffffffff84d42d00 RDX=0000000000000000 RSI=0000000000000002 RDI=ffff88804f5200ca RBP=ffff88804f5200ca RSP=ffffc900038a70e0 R8 =0000000000000000 R9 =0000000000000008 R10=0000000000000002 R11=0000000000000012 R12=ffff88804f520242 R13=0000000000000002 R14=00000000000000ca R15=0000000000000240 RIP=ffffffff821f272b RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fc73aeb9d00 ffffffff 00c00000 GS =0000 ffff8880979ec000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000055d462ceb000 CR3=0000000047bc2000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 0054454955510029 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 005445495551000c ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 ZMM21=267aaec0267aaec0 267aaec0267aaec0 267aaec0267aaec0 267aaec0267aaec0 267aaec0267aaec0 267aaec0267aaec0 267aaec0267aaec0 267aaec0267aaec0 ZMM22=f774e9eef774e9ee f774e9eef774e9ee f774e9eef774e9ee f774e9eef774e9ee f774e9eef774e9ee f774e9eef774e9ee f774e9eef774e9ee f774e9eef774e9ee ZMM23=6d33c1d56d33c1d5 6d33c1d56d33c1d5 6d33c1d56d33c1d5 6d33c1d56d33c1d5 6d33c1d56d33c1d5 6d33c1d56d33c1d5 6d33c1d56d33c1d5 6d33c1d56d33c1d5 ZMM24=3107d02d3107d02d 3107d02d3107d02d 3107d02d3107d02d 3107d02d3107d02d 3107d02d3107d02d 3107d02d3107d02d 3107d02d3107d02d 3107d02d3107d02d ZMM25=60f50e2260f50e22 60f50e2260f50e22 60f50e2260f50e22 60f50e2260f50e22 60f50e2260f50e22 60f50e2260f50e22 60f50e2260f50e22 60f50e2260f50e22 ZMM26=7009a5547009a554 7009a5547009a554 7009a5547009a554 7009a5547009a554 7009a5547009a554 7009a5547009a554 7009a5547009a554 7009a5547009a554 ZMM27=4466515f4466515f 4466515f4466515f 4466515f4466515f 4466515f4466515f 4466515f4466515f 4466515f4466515f 4466515f4466515f 4466515f4466515f ZMM28=000000300000002f 0000002e0000002d 0000002c0000002b 0000002a00000029 0000002800000027 0000002600000025 0000002400000023 0000002200000021 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=9207000092070000 9207000092070000 9207000092070000 9207000092070000 9207000092070000 9207000092070000 9207000092070000 9207000092070000 info registers vcpu 3 CPU#3 RAX=0000000000000030 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff854c26b5 RDI=ffffffff9addfbc0 RBP=ffffffff9addfb80 RSP=ffffc9000da1f938 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=696c696261706163 R12=0000000000000000 R13=0000000000000030 R14=ffffffff9addfb80 R15=ffffffff854c2650 RIP=ffffffff854c26df RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff888097aec000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f72cfaac CR3=000000006a09b000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000003800000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000