last executing test programs: 4m47.628611713s ago: executing program 0 (id=51): bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r0, &(0x7f0000000000), 0xd) 4m47.56201688s ago: executing program 0 (id=53): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000000c0)={0x1, 0x0, [{0x40000108, 0x0, 0x1af}]}) 4m47.484829063s ago: executing program 0 (id=59): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) io_setup(0x222, &(0x7f0000000180)=0x0) r2 = eventfd2(0x1, 0x80800) io_submit(r1, 0x40000001, &(0x7f00000005c0)=[&(0x7f0000000540)={0x0, 0x0, 0x0, 0x1, 0xffff, r0, &(0x7f00000001c0)="1c73de19da4e24a4be5c3011d88efffbb251589a5bef61f451a747474f315938cc426a841b78d07b04cc6f2d276323ea48a6fd1c0ba66f5055239df5a21b234315694fd58fe32aeaa543e5fe08ccdf3e689caa8cedec8010f8bb8c59eaa1ecbf0f6f66afde88c010b3138095b6a0116af9c9011f03cc24e087286f2553198568c0aea639920383723c00002839b5dcb5ecf2eb92eeb24271354e1719e92347b792d0402fb04bbbf78fbebbf4b4832385561e1010dd612da55e8f738b13288b548d333c1d174ade527cafb3fc6576c16cd2e71f68286e28d5d8a17ef63d253bc56ce36b8d4aef6c0a34d8b9463ce4535f9c1700a5bf7b0f217ae63d3d377ddbcf7d4dd2f3f8f08de60c87b1e07487cae176e2f76ea307fa1693d84328c7f751d6d997555964813b103ea44b6e2e8bcc09609c25e5d1e0f174c44dfed19aa2fc6e6a60c589909709ff6b1a8e3c7462427d11469f81fa4d9a69ee39b8f3824889f3ee0c5838a22832193d9f42bfcff8f1990746da71c109c82f51aaffbc9b33b03fe4993f4bfb59461c5a2e13514072283677447793cfe1e7bf5b48416b80a7e18e22cb13e0370f7bb9bf952c4c5355dbb8fe0d912f88d743c536db4b306075c2dcd59d602e75bb159f71e4f11192631fc338203c136c9efc5f05bf94d2fee1a6ad20f2c7e834e5be49ebedde2d9735f46eb08c6537d24f3f06589a4597f2d9378f", 0x200, 0x200, 0x0, 0x1, r2}]) 4m47.375729577s ago: executing program 0 (id=64): mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(&(0x7f0000000080)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0xb101e, 0x0) umount2(&(0x7f0000000180)='./file0/../file0\x00', 0x4) 4m47.291792618s ago: executing program 0 (id=67): r0 = socket$inet_sctp(0x2, 0x1, 0x84) r1 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xc, &(0x7f0000000040)=@assoc_value={0x0}, &(0x7f0000000000)=0x8) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000000)={r2, 0x352}, &(0x7f0000000040)=0x8) 4m46.064435693s ago: executing program 0 (id=97): r0 = socket$inet6(0xa, 0x2, 0x3a) connect$inet6(r0, &(0x7f00000004c0)={0xa, 0x4e23, 0x430, @dev={0xfe, 0x80, '\x00', 0x31}, 0x9}, 0x1c) setsockopt$inet6_int(r0, 0x29, 0x3e, &(0x7f0000000140)=0x1008, 0x4) sendto$inet6(r0, &(0x7f0000000080)="800037bbfa9ba1ce", 0xffd8, 0x0, 0x0, 0x0) 4m45.979418378s ago: executing program 32 (id=97): r0 = socket$inet6(0xa, 0x2, 0x3a) connect$inet6(r0, &(0x7f00000004c0)={0xa, 0x4e23, 0x430, @dev={0xfe, 0x80, '\x00', 0x31}, 0x9}, 0x1c) setsockopt$inet6_int(r0, 0x29, 0x3e, &(0x7f0000000140)=0x1008, 0x4) sendto$inet6(r0, &(0x7f0000000080)="800037bbfa9ba1ce", 0xffd8, 0x0, 0x0, 0x0) 3m26.610466786s ago: executing program 4 (id=2560): r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2842, 0x0) read$FUSE(r0, &(0x7f0000005140)={0x2020}, 0x2020) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) splice(r0, 0x0, r1, 0x0, 0x7c1c, 0x8) 3m26.608886272s ago: executing program 4 (id=2563): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x3, 0x5, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) fsetxattr$trusted_overlay_opaque(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1) 3m26.398480565s ago: executing program 4 (id=2571): pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f0000000140)="6d527cd53870164a3a0d4b64fb0d7bebad2dce076e7768215970e33adf15173c9e665cff10727f6273ef2aace367c13b8e834788d7da2d60077ebc24a796b221a2f39fd294dc01861206b499138d02ebf3cfc3b11f0e18858568476bac483df9c4d0a61da2d2f9b7c4cb601c0141f209fc9e06d9457920a9a749a23ccd52eb91db50189627774719cf91bd6e63a2b8a3b657c0e438ffc3e275b03ef0f384a0c1f20143b7b87f2e34729b000000805e0ad338423d4200f349c545516c46bb9f104a3816b12950faa20fab5827bc62a8d4cc12c4c8954308a933d63aa66cdb3646a37626de7361b5338c197dd3e6844dafcb4338dce0b79ee41da150eca12fbd36b4873ce8e4747b63e8830ee6c32f254d37792053e2b77cc86279ea843600"/297, 0x3accf8d5) vmsplice(r1, &(0x7f0000001a40)=[{&(0x7f00000000c0)='7', 0x1}], 0x1, 0x0) close(r0) 3m26.262343096s ago: executing program 4 (id=2574): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262) 3m26.192561318s ago: executing program 4 (id=2575): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r0, 0x0, 0xd}, 0x18) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)={0x14, 0x3a, 0x301, 0x270bd24, 0x24dfdbfa, {0x8}}, 0x14}}, 0x4000000) 3m26.032440111s ago: executing program 4 (id=2576): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x0, 0x0, 0x4000811}, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000740)=@newtaction={0x60, 0x30, 0x103, 0x0, 0x2000000, {}, [{0x4c, 0x1, [@m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x6, 0x4, 0xffffffffffffffff, 0x12, 0xe}, 0x1}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x3}}}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000014}, 0x0) sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0) 3m25.996831757s ago: executing program 33 (id=2576): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x0, 0x0, 0x4000811}, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000740)=@newtaction={0x60, 0x30, 0x103, 0x0, 0x2000000, {}, [{0x4c, 0x1, [@m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x6, 0x4, 0xffffffffffffffff, 0x12, 0xe}, 0x1}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x3}}}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000014}, 0x0) sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0) 2m46.08220098s ago: executing program 3 (id=3621): syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0x402) r0 = syz_io_uring_setup(0x110, &(0x7f00000003c0)={0x0, 0xfad6, 0x100, 0x1}, &(0x7f0000000040)=0x0, &(0x7f0000002a00)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x40, 0x0, @fd_index=0x3}) io_uring_enter(r0, 0xdb4, 0x0, 0x0, 0x0, 0x0) 2m46.001957056s ago: executing program 3 (id=3624): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) fchdir(r0) fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffed3) mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./bus\x00', 0x0) 2m45.918387214s ago: executing program 3 (id=3625): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000015c0), r1) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000001600)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000001640)={0x54, r2, 0x1, 0x70bd2c, 0x25dfdbff, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_CSA_C_OFFSETS_TX={0x8, 0xcd, [0x8, 0xad29]}, @NL80211_ATTR_FRAME={0x30, 0x33, @reassoc_req={{{0x0, 0x0, 0x2, 0x0, 0x0, 0x1}, {0x9}, @device_a, @device_a, @random="8a0173916713", {0x9, 0x200}}, 0x3240, 0x8c, @broadcast, {0x0, 0x6, @default_ibss_ssid}, @val, @void}}]}, 0x54}, 0x1, 0x0, 0x0, 0x8010}, 0x50) 2m45.91818272s ago: executing program 3 (id=3626): mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0) chroot(&(0x7f0000000100)='./file0\x00') mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0) pivot_root(&(0x7f0000000280)='./file0/../file0\x00', &(0x7f0000000000)='./file0\x00') 2m45.852076254s ago: executing program 3 (id=3628): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000500)=ANY=[@ANYBLOB="12010000000000207d1e5a2d00000000000109022400010000000009040000010300000009210000000122080009058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000940)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="002208000000a20100c3"], 0x0}, 0x0) r1 = syz_open_dev$hiddev(&(0x7f0000000080), 0x0, 0x0) ioctl$sock_inet_tcp_SIOCINQ(r1, 0x541b, 0x0) 2m45.661255884s ago: executing program 3 (id=3632): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0xa, 0x4, 0x8, 0x1}, 0x50) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="0b00000008000000020000000900000001"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r1}, 0xc) 2m45.620762327s ago: executing program 34 (id=3632): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0xa, 0x4, 0x8, 0x1}, 0x50) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="0b00000008000000020000000900000001"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r1}, 0xc) 1m54.491132851s ago: executing program 2 (id=4961): r0 = socket(0x2000000000000021, 0x2, 0x10000000000002) r1 = syz_io_uring_setup(0x231, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r2, r3, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, 0x18}) io_uring_enter(r1, 0x2b9c, 0x2, 0x0, 0x0, 0xffffffffffffff11) connect$rxrpc(r0, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10}, 0x24) 1m54.413010616s ago: executing program 2 (id=4963): r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16) connect$inet(r0, &(0x7f0000000480)={0x2, 0x4, @multicast2}, 0x10) setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@mcast2, @in6=@private2, 0x0, 0x0, 0x4e21, 0xfffc, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x6, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x100000000000}, {}, 0x0, 0x0, 0x1, 0x0, 0x3}, {{@in6=@mcast2, 0x0, 0x33}, 0x0, @in=@loopback, 0x0, 0x0, 0x0, 0xb7, 0xfffffffe}}, 0xe4) sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0) 1m54.330998003s ago: executing program 2 (id=4966): r0 = socket$inet6_sctp(0xa, 0x801, 0x84) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000140)={0x1, [0x0]}, &(0x7f0000000240)=0x8) setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000080)={0x8efd, 0x0, 0x4, 0x800, 0xc0, 0x1, 0x67, 0x401, r2}, 0x20) 1m53.439914336s ago: executing program 2 (id=4991): mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0) chroot(&(0x7f0000000100)='./file0\x00') mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x3) 1m53.40544215s ago: executing program 2 (id=4994): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) mlock2(&(0x7f000000e000/0x1000)=nil, 0x1000, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) 1m53.076612985s ago: executing program 2 (id=4995): r0 = syz_io_uring_setup(0x497, &(0x7f00000000c0)={0x0, 0x707c, 0x800, 0x3, 0x288}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) r3 = socket$tipc(0x1e, 0x5, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0x40, 0x0, r3, 0x0, 0x0}) io_uring_enter(r0, 0x12a8f, 0xf264, 0x40, 0x0, 0x0) 1m53.037206606s ago: executing program 35 (id=4995): r0 = syz_io_uring_setup(0x497, &(0x7f00000000c0)={0x0, 0x707c, 0x800, 0x3, 0x288}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) r3 = socket$tipc(0x1e, 0x5, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0x40, 0x0, r3, 0x0, 0x0}) io_uring_enter(r0, 0x12a8f, 0xf264, 0x40, 0x0, 0x0) 50.299783323s ago: executing program 5 (id=6735): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) r2 = epoll_create1(0x0) epoll_wait(r2, &(0x7f0000000240)=[{}], 0x1, 0x80000001) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f00000000c0)={0x90000005}) connect$unix(r0, &(0x7f0000000140)=@abs={0x0, 0x0, 0x4e20}, 0x6e) 50.130327874s ago: executing program 5 (id=6736): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2003, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CAP_DIRTY_LOG_RING(r1, 0x4068aea3, &(0x7f00000002c0)={0xc0, 0x0, 0x4000}) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$KVM_RESET_DIRTY_RINGS(r1, 0xaec7) 50.050139763s ago: executing program 5 (id=6737): r0 = getpid() r1 = syz_pidfd_open(r0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_wait_time\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000004, 0x28011, r2, 0x0) ftruncate(r2, 0x796c) ioctl$VIDIOC_QBUF(r1, 0xc058ff0b, &(0x7f0000000200)=@mmap={0x1, 0x1, 0x4, 0x10, 0x200, {}, {0x3, 0x8, 0xe, 0x9f, 0x0, 0x7b, "c16599e2"}, 0xabdb, 0x1, {}, 0xbaa, 0x0, r2}) 49.982480908s ago: executing program 5 (id=6738): syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000080)={'batadv_slave_1\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f0000000240)={@mcast2, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}, @dev={0xfe, 0x80, '\x00', 0x36}, 0x1, 0x6, 0x0, 0x100, 0x4, 0x86020086, r2}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000800)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private2, @private0, 0x1, 0x6, 0x0, 0x100, 0x6, 0x180107, r2}) 49.909715681s ago: executing program 5 (id=6740): r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x0, 0x83) sendmmsg$inet(0xffffffffffffffff, &(0x7f00000001c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB=' '], 0x40}}], 0x1, 0x40000) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r0, 0x40086602, &(0x7f0000000000)) r1 = syz_create_resource$binfmt(&(0x7f0000000400)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') openat$binfmt(0xffffffffffffff9c, r1, 0x41, 0x1ff) renameat2(0xffffffffffffff9c, &(0x7f0000000280)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0) 49.909264051s ago: executing program 5 (id=6741): syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x400) syz_open_dev$sndctrl(&(0x7f0000000440), 0x0, 0x240881) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x14, &(0x7f00000000c0)=0x100000001, 0x4) r0 = add_key$user(&(0x7f0000000380), &(0x7f0000000000)={'syz', 0x0}, &(0x7f0000000140)='_', 0x1, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f00000000c0), 0x390, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000100)={r0, r1, r1}, 0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={'sha3-512-generic\x00'}}) 34.821810116s ago: executing program 36 (id=6741): syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x400) syz_open_dev$sndctrl(&(0x7f0000000440), 0x0, 0x240881) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x14, &(0x7f00000000c0)=0x100000001, 0x4) r0 = add_key$user(&(0x7f0000000380), &(0x7f0000000000)={'syz', 0x0}, &(0x7f0000000140)='_', 0x1, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f00000000c0), 0x390, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000100)={r0, r1, r1}, 0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={'sha3-512-generic\x00'}}) 2.01007725s ago: executing program 7 (id=7372): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000026c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34665c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbccbddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e712a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd13f4cec49669e443dcb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ef8dba2f23b01a9ae44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af40000000000000005f58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef07000000000000006da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405a07feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09c0e5a3bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea10d3cfb41b92ecbb422a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f74562adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b4412331d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd100fcffff007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711c6529ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a22c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29008000000000000005ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc030ea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efd936b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800001f00000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351b9332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a138d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fce43d8c53a8031e64026e0d36b6401064c49a729f11ab377f7132c5232bb80195dd5d43d29646a9378eea0761b7ed9d2172e33ed87c7413c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828b07f1dc7df9c8e5da22dfb9dacbf5529e4e994128d835f85465173ea7bbcc519a0c9798ce8b1b07567e3e07169c8c3e4da8bf725c050000000000000000000000000000000000000000004775abdf0c62728eb55a9e2849a1ce05bed60dfe4cc9fa43f9684297c02382c0a35829be7a86305792a9d2e80ca9e8fc50f31f6e0fa810303da03d8b74b42c1ebaf16bb343256405a3a07229a54de09a97b269cd29e8b2f0b0d46c51a6a93eec37f4bc6e29a8e19120ae050ab682662e9b2cc3263a4aba62b63ca9123a53c0f4bf3c4463b8144c89bf058a0af0ae9fc2b7cdfc4817703e267cddc193637d7fd97646090da37093657643daae3840c7f5c10f93524f7ae4791ec6e9d9722e5f670ccb358e051a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x5a}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a8000000850000000500000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1f, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f0000003880)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c9f4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75055df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83766b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b556381768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225c380fac12f8205d182f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42ddd5f393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05bea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d96ee1b84bb64b14aebc6b5194c55dd6890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b07838a3ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8dc0d472672286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8455029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a82a6ef09d0ed9829dec16ab67a4f59a504e09f55ab82bbd405087a17a229a149c53ee9145500db213cb36489a10957739e481a756e65bde579bbbfb404213f661eeaaffacbcfbfd60b1a715c366da2b37ac7e9e3033f8ec04db1c2412e02ccd0617d9fb646c4897750d068c936c3558a94b05d7c65c0d458c0d70d0aa864bc1e324d3f69b1b4061627da875a4b5c2668ab0990623fe6f3b54cd1c79da4baf256f88750c18486330589473e267fa44e220cf40db662b570c2a2fbba9a34a3dd7bbd8368fe506daa62b45797d4b397905a69e58eb436c08cc78963197adb1b16ad83a1a9b420e74c6bcdf1ed0b306141a83bf1268e954ad069257fbfaa1a7ea582badc1a7f2a5b0965f3535872d85c0bc3a233a3ea85df6a8ed76f0f803d54b7bef77d8ea71621f8a78dd17c3b58c5c7476ed6191acbb949e77f7cac81c543f7751e5e1000"/4545], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48) bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000a40)={@fallback=r0, r0, 0x2f}, 0x20) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000540)={@cgroup=r0, r2, 0x2f, 0x18, 0x4, @void, @value=r1}, 0x20) 2.009003664s ago: executing program 7 (id=7374): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(arc4)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad", 0x1) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmsg$NL80211_CMD_TESTMODE(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={0x0}, 0x1, 0x0, 0x0, 0x4}, 0x80) recvmsg$unix(r1, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000100)=""/30, 0x1e}], 0x1}, 0x0) 1.929308197s ago: executing program 7 (id=7380): r0 = syz_clone(0x200000, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0) ptrace(0x4206, r0) ptrace(0x18, r0) ptrace(0x4208, r0) 1.610261748s ago: executing program 1 (id=7392): r0 = getpid() r1 = syz_pidfd_open(r0, 0x0) r2 = pidfd_getfd(r1, r1, 0x0) madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) setns(r2, 0x66020000) syz_clone(0x498144ee5f62e149, 0x0, 0x17, 0x0, 0x0, 0x0) 1.179585182s ago: executing program 1 (id=7398): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000c"], 0x48) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0a00000004000000040000000a"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x18) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x15, 0x3, &(0x7f0000000000)=@framed={{0x5e, 0xa, 0xa, 0x0, 0x0, 0x71, 0x10, 0x10}}, &(0x7f0000000480)='syzkaller\x00'}, 0x80) 1.17944368s ago: executing program 6 (id=7399): r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000001180)=0x2000000) mmap$dsp(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x3, 0x12, r0, 0x0) r1 = epoll_create1(0x0) ppoll(&(0x7f0000000040)=[{r0}], 0x1, 0x0, 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000340)={0xc0000008}) 1.179279904s ago: executing program 1 (id=7400): sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x141) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x850, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"]) chdir(&(0x7f0000000300)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100), 0x4) 1.029362378s ago: executing program 7 (id=7401): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr-aes-aesni\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r1 = accept4(r0, 0x0, 0x0, 0x800) sendmmsg$alg(r1, &(0x7f0000003800)=[{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000002600)="f2479823179f00d311d54df36a510195078bec41f8d6472e868ab337b1f450ff609a67c424ebea8fb2e27b41690d0f755387505a3e0185fdbb03a6bea544658f0a490ed112a6e5a2add829449f299feec26e7eea8397f793545cea168b", 0x5d}], 0x1, 0x0, 0x0, 0x44040}], 0x1, 0x40800) recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000f40)=""/92, 0x5c}], 0x1}, 0x0) 1.029128627s ago: executing program 7 (id=7402): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x1, 0x4, 0x8, 0x8, 0x40, 0xffffffffffffffff, 0x20}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r1}, 0x10) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300), &(0x7f00000005c0), 0xfffffbff, r0}, 0x38) syz_open_procfs$namespace(0x0, 0xfffffffffffffffe) 960.780061ms ago: executing program 7 (id=7403): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000105509147200ed0000000109022400010000000009040000030300000009210000000122050009058103"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x3f, 0x0) syz_usb_control_io$hid(r0, &(0x7f00000005c0)={0x24, 0x0, 0x0, &(0x7f0000000380)={0x0, 0x22, 0x5, {[@main=@item_4={0x3, 0x0, 0x8, "48b603de"}]}}, 0x0}, 0x0) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) close_range(r1, 0xffffffffffffffff, 0x0) 310.793812ms ago: executing program 6 (id=7415): sendmsg$IPCTNL_MSG_CT_GET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)={0x1c, 0x1, 0x1, 0x301, 0x0, 0x0, {0xa}, [@CTA_STATUS={0x8, 0x3, 0x1, 0x0, 0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x28048015}, 0x24000800) r0 = syz_io_uring_setup(0x10d2, &(0x7f0000000480)={0x0, 0x7734, 0x80, 0x0, 0x34f}, &(0x7f00000000c0)=0x0, &(0x7f0000000000)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x15523ea56aa22bc8, 0x0, 0x0, 0x0, 0x12345, 0x0, 0x0, 0x1}) io_uring_enter(r0, 0x47bc, 0xff00, 0x0, 0x0, 0x0) 310.602138ms ago: executing program 8 (id=7416): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x51}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10) r2 = socket$packet(0x11, 0x3, 0x300) bind$packet(r2, &(0x7f0000000080)={0x11, 0x1a, 0x0, 0x1, 0x8, 0x6, @broadcast}, 0x14) 310.518258ms ago: executing program 1 (id=7417): syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="040e4404021005"], 0x47) r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454d9, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, 0x0, 0x1a01, 0x0) socket(0x10, 0x803, 0x0) 310.426764ms ago: executing program 8 (id=7418): r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = dup(r1) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000100)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}) write$tun(r0, &(0x7f0000000140)={@val={0x0, 0x1b}, @void, @eth={@remote, @remote, @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x1, 0x2, 0x1c, 0x68, 0x0, 0xf, 0x32, 0x0, @empty, @multicast2}, "315a4642a1ffeb78"}}}}}, 0x2e) 170.707786ms ago: executing program 6 (id=7419): mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$inet_udp_int(r0, 0x11, 0xb, &(0x7f0000000200)=0x6, 0x4) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffffffffe, 0x4031, 0xffffffffffffffff, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x4e24, @empty}, 0x10) syz_emit_ethernet(0xbe, &(0x7f0000000300)={@local, @broadcast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x68, 0x0, 0x0, 0x88, 0x0, @remote, @local}, {0xfffe, 0x4e24, 0x4d, 0x0, @wg=@initiation={0x1, 0x4, "497a1d08fd3d0ee007022798bb6374ed840b4f36f41fc4d035e9ebe414aa958d", "4bbef5e4007898221aa606d083cd59745493938f1e2de8fdadd3823fedd2c01b2aff03050a4ca5d10fd1b6b06f47ea42", "ef7c9d6a98e3943f6892078bb952854743fe4dddd2e7c0ce70a4ac7d", {"a851525b16af17fe87acbae2ab0b233d", "01422d01cd53c3abe94331d0b7918724"}}}}}}}, 0x0) 170.505567ms ago: executing program 6 (id=7420): mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x180) open(&(0x7f0000000580)='./file1\x00', 0x80242, 0x1df2a23c5997fa5f) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000040)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) r0 = openat2$dir(0xffffff9c, &(0x7f00000000c0)='./file0/file1\x00', &(0x7f0000000140)={0x40, 0x110, 0x2}, 0x18) ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f00000002c0)={0x8000000000000001, 0x1, 0x1, 0xfffffffb}) 110.890676ms ago: executing program 8 (id=7421): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x35}}, 0x6}, 0x1c) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0xd}, 0x1c) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)='i', 0x1, 0x44010, 0x0, 0x0) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000080)={&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, &(0x7f00000008c0)=""/256, 0x100, 0x0, 0x0}, &(0x7f00000002c0)=0x40) 110.635657ms ago: executing program 1 (id=7422): r0 = socket(0x11, 0x2, 0x0) close(0x3) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(r1, &(0x7f0000000100)=[{{&(0x7f00000000c0)={0xa, 0x4e22, 0xff, @mcast2, 0x4}, 0x1c, &(0x7f0000000000)=[{&(0x7f00000001c0)="a5688f24cf0a8a3c3a25fd7d26eea3675ad9aada4789b221f90e220c662222f5c04a74dfeb90eab94b4bd59afbd738972467b0e66fa2a031309d74259289877ceb4c368e2212730e200dcfd3e306f150fd5421a0a7248b8a72765268e981fac35fcb31a03ea38c956d17e657d08e0b6e6f5a1ccdbc27b3bc1fb7604e8bef7ba7927b4e2dd2d02a6a2a63df28c139954fbff7e0ebd7ef47a24a7f759131f807d04f83074945cdfe74b5d28ef73755719e7df121f72feee99b352a91b3eb47dac7a90825522ce43a7518436a2dbd29ff9749e2b9b4cb49dc152366019d4630e8b5c6a211aa61a22883f4d4334d6a5d0fc0611f74e3527a9dfe471b16f63f", 0xfd}, {&(0x7f0000000400)="6aa60452331d0e2b888bc05e6c53716db5f4382dc59ee027169e78a7a80316ea0000000000", 0x25}, {&(0x7f0000002500)="71bccfec021ddd5641d7ba7147bf2540af5bcceb2db6898b91e53d8f8a43b6f9337c6fd9978a87a5233da53910fa1e79486b3ec56bb9aa657c4eddff51825637fa58b736e01392c832341b56fdebf155518deef17850da963a108e3066bbf365cb852d297f0f42e9986bdb19895557bab6461086813fdd63daa936e6f3be157e36b7d1423c375043085b9d62f72074aa0fe228803cee095a6c8b2f461d74c1dd227731d9b24b7d8ac2df11349997e3b079b2b69da7667ee5d170b1a9fb9771f8136ed7620599031f462b1a0bb9463b487e4d0f9fc0b0f7f644b97618fd2aee6f5a9f8c194f63d7922c063f5659b687258afc78b0b5626270725757e8ba8a9bfd1a44d3414fdf81a6dd019e97480d5b49254ee14c49f09c3954e6404a9616caaf7cea81ca6953a42df3ebbee769d1cd681b2d8b92e6feada99be4871a18fc8a093294b614606791e2fda0b58ee5c024f7682af62c5c739d1a441e8151e520fe6563719bbdc45b56cbe73865afc50de07ff03dfc809268913dadf7360dbac8f8e44f245df7dd8dae4cbef677f30da77b353696065d32b7dfe2be57886f33228a9f0eef0ae9bad13ec8524d76073665170b5c970963d2b91bcc0dca295701970b988308a9eef21905fcd7f367e097e532a622a422c3a9df61ad276c7d46f0f3bb548ce97accc9bf4841d9fe6e4262da3f11d65b3cd24a38199d353db1a1f9813a7cf9bd4ae20ec4225c58e63ba9625788e319303b1238c7ce10ea47a7a3e97c2b6975aedaa2aab5430da709db78785bb5aad69389323ac61e0def5dd261a38d968f9f99a5fd8ee91498495e84c835ec2b284df59a058fa7a21ea43e7eb6ace1e695b33817f84939c9dff1ff90c8100a60aec1305dc8734ee7e8b124c7f0f27b0714fb5f17940b190eb57a52304707d841414f8eeac9b087f32a9b9bf5c97564df758eedcce670c57f1216d9ad865b2577dc2dfde08339946878d9e07dddc329cbe3918ac1887314a3b437e9e4b3ac5852c2de938e2a2ecf7cdfa60ed95b9fad63695ef4e75efbfa236908c4cf7567659ecb36b46ab6bbd21ab4cc08458bb723b762890835ee1dc7c2db7d47724b38dd32b32fb05af1498da9f3cd09903641d34f9b52f19340ac3ce7143b045360e925c5aab6844e9a52a2ac88c71d22d9a366cb104963acd89511594a142fb42c182ab3218c17495a5ff15a86f0a1473e52d1ea456d2036eae5104e801f42d6c7c4082b0ce4958460e9e5731ec5324a26dfdab9dd9843fac61c187bdad4700c30c2c0e4234186f1fd92b9c3a99a026d494392e174d506a34b30426af0cb5129db899a5b48a0841a29590edfc430972a93a65a8bdb4ec8bba4de906050b13f9043eba4a9bb208d0b53f1055250ab6ef69e7ca53da2e73b8b6cb7dc1c3ad51e01e7021be399ff64511915dbdce1c091340297f204acba419e2488fa9b6c02430f7bf1ce2f14f9926b07a83994cfa5a69e73e34475b5bbd89f4d0a4e8a81e734ea281c747a724074b53c200de90e80b94b4354a57951943051175a9be38586356084b3e278a16b8535f710afae", 0x457}], 0x3}}], 0x1, 0x24008040) r2 = dup(r0) write$RDMA_USER_CM_CMD_ACCEPT(r2, &(0x7f0000000500)={0x8, 0x120, 0xfa00, {0x4, {0x3, 0x2, "edcc4aac0ff2a62566e2f3e111ba63f133056c76ff4e6acfb6668d1f60627b7d986f052f1e63aa86e76171ef40e9bc288164504cd8b9e824be2c48b858b0ec7d2458b014dbd45330c9c55a251a70955ac3f3bb8d757e35daac248eb665c1073ebbb1983a65f6e701487826306cdd2680aa1ab4bad959abf2b5ea692481c34ec2321ad1fe452c7e83fd3f989bff1f1b06886389a7e1a470a03540f48d4397faa3f6126058acf355cf9f3e436eb5ee1a8c80441612b6872af26f221325d3d3d21aea846d491c656fe5024dfd51642c576586308be18e6972ebed9b6e552030f2799cb3abfd6929fe7d37ceb0166c1c16a57ddb760d118e05ac0b734d1b32165cf0", 0xda, 0x0, 0x9, 0x7, 0x6, 0x0, 0xfe, 0x1}}}, 0x128) 110.480376ms ago: executing program 6 (id=7423): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000040)={0x0, 0x6, 0xc, 0x0, 0x3, 0x3}) r1 = syz_io_uring_setup(0x235, &(0x7f0000000200)={0x0, 0xc2d2, 0x10100, 0x2, 0x3}, &(0x7f0000000180)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r1, 0x79a5, 0x2, 0x46, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000400)=0x11) 110.241907ms ago: executing program 8 (id=7424): r0 = syz_open_dev$dri(&(0x7f0000000040), 0xd21, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000000)={0x0, &(0x7f00000000c0)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r0, 0xc06864a1, &(0x7f0000000100)={0x0, 0x0, r1}) r2 = socket$inet_smc(0x2b, 0x1, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) setsockopt$EBT_SO_SET_COUNTERS(r2, 0x0, 0x81, &(0x7f00000000c0)={'filter\x00', 0x0, 0x0, 0x0, [0x6, 0x8, 0x1, 0xa, 0xffffffffffff8005, 0x3], 0x1, 0x0, 0x0, [{}]}, 0x88) 50.759514ms ago: executing program 1 (id=7425): r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) clock_gettime(0x0, &(0x7f0000000140)) ppoll(&(0x7f0000000100)=[{r0, 0x80}], 0x1, 0x0, 0x0, 0x0) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x13) ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000001c0)={0xffbfff41, 0x4000403, 0xfffffffe, 0x13, 0x8, "ffffff7f87680000000000001000007fcb3678", 0x4, 0x200}) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000080)=0xa) 50.59649ms ago: executing program 6 (id=7426): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0) syz_open_dev$hiddev(0x0, 0x0, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r2, {0x6}, {0x10, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x10000000, 0x0, 0x0, 0x0, 0x0, 0x104}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x11}, 0x0) 199.278µs ago: executing program 8 (id=7427): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-serpent-sse2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept4(r0, 0x0, 0x0, 0x800) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=[@op={0x10, 0x117, 0x3, 0x1}], 0x10}], 0x1, 0x40800) recvmsg(r1, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000600)=""/66, 0x42}], 0x1}, 0x10041) 0s ago: executing program 8 (id=7428): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000340)={0xa, 0x5, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0xfffffffe}, 0x1c) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, 0x0, 0x0) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000480)=@gcm_256={{0x303}, "000200", "e123c5876ff425b1ebe250a8486be34705f4f827ae60ecb65e528248d5552bff", "7e25837b", "15d0db2c77179e1a"}, 0x38) kernel console output (not intermixed with test programs): 01.156816][ T5999] usb 10-1: USB disconnect, device number 10 [ 201.706212][T15709] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4308'. [ 201.734405][T15713] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 201.754733][T15715] loop6: detected capacity change from 0 to 91 [ 201.778481][T15715] Buffer I/O error on dev loop6, logical block 11, async page read [ 201.787038][T15713] batman_adv: batadv0: Interface deactivated: ipvlan2 [ 201.800985][T15713] batman_adv: batadv0: Removing interface: ipvlan2 [ 201.813477][T15713] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 201.870370][T15731] sch_tbf: burst 19920 is lower than device lo mtu (65550) ! [ 201.904844][T15721] PF_CAN: dropped non conform CAN FD skbuff: dev type 65534, len 40 [ 202.529182][ T5999] usb 7-1: new high-speed USB device number 11 using dummy_hcd [ 202.538296][T15772] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4334'. [ 202.693718][ T5999] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 202.698299][ T5999] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 202.703031][ T5999] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 202.706935][ T5999] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 202.711724][ T5999] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 202.715521][ T5999] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 202.723406][ T5999] usb 7-1: config 0 descriptor?? [ 202.888487][T15797] netdevsim netdevsim5 netdevsim0: entered promiscuous mode [ 202.892063][T15797] macsec1: entered promiscuous mode [ 202.893927][T15797] macsec1: entered allmulticast mode [ 202.895751][T15797] netdevsim netdevsim5 netdevsim0: entered allmulticast mode [ 202.899999][T15797] netdevsim netdevsim5 netdevsim0: left allmulticast mode [ 202.902386][T15797] netdevsim netdevsim5 netdevsim0: left promiscuous mode [ 203.135568][ T5999] plantronics 0003:047F:FFFF.0011: ignoring exceeding usage max [ 203.142530][ T5999] plantronics 0003:047F:FFFF.0011: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 203.269237][ T2299] usb 10-1: new high-speed USB device number 11 using dummy_hcd [ 203.419232][ T2299] usb 10-1: Using ep0 maxpacket: 8 [ 203.422338][ T2299] usb 10-1: config index 0 descriptor too short (expected 301, got 45) [ 203.425082][ T2299] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 203.428377][ T2299] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 203.431582][ T2299] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 203.435968][ T2299] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 203.440498][ T2299] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 203.443374][ T2299] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 203.629729][T15801] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4348'. [ 203.653827][ T2299] usb 10-1: usb_control_msg returned -32 [ 203.655707][ T2299] usbtmc 10-1:16.0: can't read capabilities [ 205.238635][ T6020] usb 7-1: USB disconnect, device number 11 [ 205.419242][T15836] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 206.048267][ T1326] usb 10-1: USB disconnect, device number 11 [ 206.128452][T15884] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4384'. [ 206.132039][T15884] netlink: 5 bytes leftover after parsing attributes in process `syz.5.4384'. [ 206.307041][T15900] syz_tun: left allmulticast mode [ 206.308778][T15900] syz_tun: left promiscuous mode [ 206.311740][T15900] bridge0: port 3(syz_tun) entered disabled state [ 206.318980][T15900] bridge_slave_0: left allmulticast mode [ 206.320890][T15900] bridge_slave_0: left promiscuous mode [ 206.323314][T15900] bridge0: port 1(bridge_slave_0) entered disabled state [ 206.330315][T15900] bridge_slave_1: left allmulticast mode [ 206.332619][T15900] bridge_slave_1: left promiscuous mode [ 206.334817][T15900] bridge0: port 2(bridge_slave_1) entered disabled state [ 206.342599][T15900] bond0: (slave bond_slave_1): Releasing backup interface [ 206.350176][T15900] team0: Port device team_slave_0 removed [ 206.354912][T15900] team0: Port device team_slave_1 removed [ 206.357030][T15900] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 206.359580][T15900] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 206.363966][T15900] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 206.570190][T15942] batman_adv: batadv0: Removing interface: dummy0 [ 206.572773][T15942] bridge_slave_0: left allmulticast mode [ 206.574593][T15942] bridge_slave_0: left promiscuous mode [ 206.576512][T15942] bridge0: port 1(bridge_slave_0) entered disabled state [ 206.583004][T15942] bridge_slave_1: left allmulticast mode [ 206.584801][T15942] bridge_slave_1: left promiscuous mode [ 206.586728][T15942] bridge0: port 2(bridge_slave_1) entered disabled state [ 206.592087][T15942] bond0: (slave bond_slave_0): Releasing backup interface [ 206.595215][T15942] bond0: (slave bond_slave_1): Releasing backup interface [ 206.601476][T15942] team0: Port device team_slave_0 removed [ 206.604258][T15942] team0: Port device team_slave_1 removed [ 206.606470][T15942] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 206.609766][T15942] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 206.612330][T15942] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 206.853462][T15969] syzkaller1: entered promiscuous mode [ 206.855254][T15969] syzkaller1: entered allmulticast mode [ 208.149600][T16052] netlink: 212368 bytes leftover after parsing attributes in process `syz.5.4458'. [ 208.715020][T16080] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4470'. [ 208.725975][T16080] hsr0 (unregistering): left allmulticast mode [ 208.868897][T16082] netlink: 96 bytes leftover after parsing attributes in process `syz.2.4471'. [ 209.633991][T16129] netlink: 44 bytes leftover after parsing attributes in process `syz.2.4490'. [ 210.047346][T16164] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4506'. [ 210.443345][T16186] 9pnet_fd: Insufficient options for proto=fd [ 210.702063][T16207] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 210.704512][T16207] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 210.707758][T16207] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 210.710274][T16207] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 210.958122][T16232] netlink: 'syz.1.4536': attribute type 63 has an invalid length. [ 210.961124][T16232] netlink: 'syz.1.4536': attribute type 63 has an invalid length. [ 211.583886][ T40] audit: type=1326 audit(2000000893.125:2299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16298 comm="syz.1.4567" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fe7579 code=0x0 [ 211.774642][T16307] netlink: 'syz.5.4570': attribute type 11 has an invalid length. [ 212.055861][T16316] af_packet: tpacket_rcv: packet too big, clamped from 36 to 4294967272. macoff=96 [ 212.171347][T16332] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4582'. [ 212.174108][T16332] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4582'. [ 212.208117][T16337] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4584'. [ 212.305457][T16350] netlink: 48 bytes leftover after parsing attributes in process `syz.6.4589'. [ 212.361303][T16357] sit0: entered promiscuous mode [ 212.366172][T16357] netlink: 'syz.5.4592': attribute type 1 has an invalid length. [ 212.368479][T16357] netlink: 1 bytes leftover after parsing attributes in process `syz.5.4592'. [ 212.409436][T16363] netlink: 20 bytes leftover after parsing attributes in process `syz.6.4594'. [ 212.549457][ T29] usb 7-1: new high-speed USB device number 12 using dummy_hcd [ 212.699359][ T29] usb 7-1: Using ep0 maxpacket: 8 [ 212.704449][ T29] usb 7-1: New USB device found, idVendor=12d1, idProduct=fae2, bcdDevice=70.8b [ 212.707929][ T29] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 212.712040][ T29] usb 7-1: Product: syz [ 212.713727][ T29] usb 7-1: Manufacturer: syz [ 212.715625][ T29] usb 7-1: SerialNumber: syz [ 212.718565][ T29] usb 7-1: config 0 descriptor?? [ 212.722227][ T29] option 7-1:0.0: GSM modem (1-port) converter detected [ 212.728755][T16395] netlink: 16402 bytes leftover after parsing attributes in process `syz.5.4607'. [ 212.733090][T16391] netlink: 16402 bytes leftover after parsing attributes in process `syz.5.4607'. [ 212.796925][T16406] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4615'. [ 212.807532][T16406] bond1: Invalid ad_actor_system MAC address. [ 212.809589][T16406] bond1: option ad_actor_system: invalid value (68719607821) [ 212.813228][T16406] bond1 (unregistering): Released all slaves [ 212.928055][ T5999] usb 7-1: USB disconnect, device number 12 [ 212.932408][ T5999] option 7-1:0.0: device disconnected [ 214.171764][T16469] veth0: entered promiscuous mode [ 214.174415][T16468] veth0: left promiscuous mode [ 214.445130][ T40] audit: type=1326 audit(2000000895.985:2300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16500 comm="syz.1.4657" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fe7579 code=0x0 [ 214.619410][T16517] syzkaller1: entered promiscuous mode [ 214.621170][T16517] syzkaller1: entered allmulticast mode [ 214.654380][T16520] overlayfs: failed to clone lowerpath [ 214.720177][T16525] overlayfs: failed to clone upperpath [ 214.757942][ T40] audit: type=1326 audit(2000000896.295:2301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16529 comm="syz.6.4669" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 214.765009][ T40] audit: type=1326 audit(2000000896.295:2302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16529 comm="syz.6.4669" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 214.772430][ T40] audit: type=1326 audit(2000000896.305:2303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16529 comm="syz.6.4669" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 214.779286][ T40] audit: type=1326 audit(2000000896.305:2304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16529 comm=77DEA305FF07 exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 214.785873][ T40] audit: type=1326 audit(2000000896.305:2305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16529 comm=77DEA305FF07 exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 214.793467][ T40] audit: type=1326 audit(2000000896.305:2306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16529 comm=77DEA305FF07 exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 214.802972][ T40] audit: type=1326 audit(2000000896.305:2307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16529 comm=77DEA305FF07 exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 214.811397][T16535] loop7: detected capacity change from 0 to 7 [ 214.812636][ T40] audit: type=1326 audit(2000000896.305:2308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16529 comm=77DEA305FF07 exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 214.823608][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 214.826657][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 214.829509][ C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 214.832708][ C3] Buffer I/O error on dev loop7, logical block 0, async page read [ 214.835630][ C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 214.839039][ C3] Buffer I/O error on dev loop7, logical block 0, async page read [ 214.842000][ C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 214.844935][ C3] Buffer I/O error on dev loop7, logical block 0, async page read [ 214.847962][ C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 214.851016][ C3] Buffer I/O error on dev loop7, logical block 0, async page read [ 214.854898][ C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 214.858042][ C3] Buffer I/O error on dev loop7, logical block 0, async page read [ 214.860871][ C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 214.863852][ C3] Buffer I/O error on dev loop7, logical block 0, async page read [ 214.866633][T16535] ldm_validate_partition_table(): Disk read failed. [ 214.868459][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 214.873027][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 214.875895][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 214.878732][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 214.881669][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 214.884834][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 214.887530][T16535] Dev loop7: unable to read RDB block 0 [ 214.889838][T16535] loop7: unable to read partition table [ 214.891868][T16535] loop7: partition table beyond EOD, truncated [ 214.893889][T16535] loop_reread_partitions: partition scan of loop7 (Cj̖P=ý?}X %`ր{֐ȵ4FLQk݊5) failed (rc=-5) [ 215.702290][ T5943] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201' [ 215.705839][ T5943] CPU: 0 UID: 0 PID: 5943 Comm: kworker/u33:4 Not tainted syzkaller #0 PREEMPT(full) [ 215.705862][ T5943] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 215.705874][ T5943] Workqueue: hci2 hci_rx_work [ 215.705909][ T5943] Call Trace: [ 215.705916][ T5943] [ 215.705924][ T5943] dump_stack_lvl+0x16c/0x1f0 [ 215.705949][ T5943] sysfs_warn_dup+0x7f/0xa0 [ 215.705972][ T5943] sysfs_create_dir_ns+0x24b/0x2b0 [ 215.705994][ T5943] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 215.706014][ T5943] ? find_held_lock+0x2b/0x80 [ 215.706038][ T5943] ? do_raw_spin_unlock+0x172/0x230 [ 215.706056][ T5943] kobject_add_internal+0x2c4/0x9b0 [ 215.706083][ T5943] kobject_add+0x16e/0x240 [ 215.706106][ T5943] ? __pfx_kobject_add+0x10/0x10 [ 215.706130][ T5943] ? do_raw_spin_unlock+0x172/0x230 [ 215.706155][ T5943] ? kobject_put+0xab/0x5a0 [ 215.706185][ T5943] device_add+0x288/0x1aa0 [ 215.706218][ T5943] ? __pfx_dev_set_name+0x10/0x10 [ 215.706237][ T5943] ? __pfx_device_add+0x10/0x10 [ 215.706264][ T5943] ? mgmt_send_event_skb+0x2fb/0x460 [ 215.706290][ T5943] hci_conn_add_sysfs+0x17e/0x230 [ 215.706313][ T5943] le_conn_complete_evt+0x1260/0x2150 [ 215.706338][ T5943] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 215.706356][ T5943] ? hci_event_packet+0x459/0x11c0 [ 215.706381][ T5943] hci_le_conn_complete_evt+0x23c/0x370 [ 215.706406][ T5943] hci_le_meta_evt+0x357/0x5e0 [ 215.706426][ T5943] ? __pfx_hci_le_conn_complete_evt+0x10/0x10 [ 215.706447][ T5943] hci_event_packet+0x685/0x11c0 [ 215.706465][ T5943] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 215.706486][ T5943] ? __pfx_hci_event_packet+0x10/0x10 [ 215.706508][ T5943] ? kcov_remote_start+0x3c9/0x6d0 [ 215.706524][ T5943] ? lockdep_hardirqs_on+0x7c/0x110 [ 215.706551][ T5943] hci_rx_work+0x2c5/0x16b0 [ 215.706571][ T5943] ? rcu_is_watching+0x12/0xc0 [ 215.706594][ T5943] process_one_work+0x9cf/0x1b70 [ 215.706636][ T5943] ? __pfx_process_one_work+0x10/0x10 [ 215.706672][ T5943] ? assign_work+0x1a0/0x250 [ 215.706702][ T5943] worker_thread+0x6c8/0xf10 [ 215.706744][ T5943] ? __kthread_parkme+0x19e/0x250 [ 215.706770][ T5943] ? __pfx_worker_thread+0x10/0x10 [ 215.706788][ T5943] kthread+0x3c5/0x780 [ 215.706814][ T5943] ? __pfx_kthread+0x10/0x10 [ 215.706842][ T5943] ? rcu_is_watching+0x12/0xc0 [ 215.706861][ T5943] ? __pfx_kthread+0x10/0x10 [ 215.706886][ T5943] ret_from_fork+0x675/0x7d0 [ 215.706909][ T5943] ? __pfx_kthread+0x10/0x10 [ 215.706933][ T5943] ret_from_fork_asm+0x1a/0x30 [ 215.706969][ T5943] [ 215.708748][ T5943] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 215.795048][ T5943] Bluetooth: hci2: failed to register connection device [ 215.852670][T16600] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4698'. [ 217.189993][T16653] __nla_validate_parse: 1 callbacks suppressed [ 217.190010][T16653] netlink: 16 bytes leftover after parsing attributes in process `syz.5.4722'. [ 217.301641][T16661] netlink: 360 bytes leftover after parsing attributes in process `syz.5.4724'. [ 217.571275][ T40] kauditd_printk_skb: 6 callbacks suppressed [ 217.571285][ T40] audit: type=1326 audit(2000000899.115:2315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16684 comm="syz.6.4737" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf701d579 code=0x0 [ 217.718082][T16695] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4741'. [ 217.785062][T16703] netlink: 'syz.5.4745': attribute type 1 has an invalid length. [ 217.787778][T16703] netlink: 'syz.5.4745': attribute type 6 has an invalid length. [ 217.790401][T16703] netlink: 52 bytes leftover after parsing attributes in process `syz.5.4745'. [ 218.399221][ T2299] usb 7-1: new high-speed USB device number 13 using dummy_hcd [ 218.559209][ T2299] usb 7-1: Using ep0 maxpacket: 8 [ 218.562936][ T2299] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 218.566888][ T2299] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 218.571320][ T2299] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 255 [ 218.575176][ T2299] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 218.580617][ T2299] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 218.584438][ T2299] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 218.717152][T16744] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 218.792020][ T2299] usb 7-1: GET_CAPABILITIES returned 0 [ 218.793891][ T2299] usbtmc 7-1:16.0: can't read capabilities [ 218.992702][ T2299] usb 7-1: USB disconnect, device number 13 [ 219.119346][ T1326] usb 10-1: new high-speed USB device number 12 using dummy_hcd [ 219.281850][ T1326] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 219.285422][ T1326] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 219.288756][ T1326] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 219.294012][ T1326] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 219.297031][ T1326] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 219.302540][ T1326] usb 10-1: config 0 descriptor?? [ 219.424935][ T40] audit: type=1326 audit(2000000900.965:2316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16770 comm="syz.1.4773" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 219.432020][ T40] audit: type=1326 audit(2000000900.965:2317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16770 comm="syz.1.4773" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 219.439308][ T40] audit: type=1326 audit(2000000900.965:2318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16770 comm="syz.1.4773" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 219.446215][ T40] audit: type=1326 audit(2000000900.965:2319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16770 comm="syz.1.4773" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fe7598 code=0x7ffc0000 [ 219.453436][ T40] audit: type=1326 audit(2000000900.965:2320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16770 comm="syz.1.4773" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 219.459948][ T40] audit: type=1326 audit(2000000900.965:2321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16770 comm="syz.1.4773" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fe7598 code=0x7ffc0000 [ 219.466480][ T40] audit: type=1326 audit(2000000900.965:2322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16770 comm="syz.1.4773" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 219.473264][ T40] audit: type=1326 audit(2000000900.965:2323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16770 comm="syz.1.4773" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 219.479930][ T40] audit: type=1326 audit(2000000900.965:2324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16770 comm="syz.1.4773" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fe7598 code=0x7ffc0000 [ 219.711717][ T1326] plantronics 0003:047F:FFFF.0012: unknown main item tag 0x0 [ 219.714075][ T1326] plantronics 0003:047F:FFFF.0012: unknown main item tag 0x0 [ 219.716405][ T1326] plantronics 0003:047F:FFFF.0012: unknown main item tag 0x0 [ 219.718740][ T1326] plantronics 0003:047F:FFFF.0012: unknown main item tag 0x0 [ 219.721290][ T1326] plantronics 0003:047F:FFFF.0012: unknown main item tag 0x0 [ 219.723711][ T1326] plantronics 0003:047F:FFFF.0012: unknown main item tag 0x0 [ 219.726115][ T1326] plantronics 0003:047F:FFFF.0012: unknown main item tag 0x0 [ 219.728502][ T1326] plantronics 0003:047F:FFFF.0012: unknown main item tag 0x0 [ 219.735796][ T1326] plantronics 0003:047F:FFFF.0012: unknown main item tag 0x0 [ 219.738338][ T1326] plantronics 0003:047F:FFFF.0012: unknown main item tag 0x0 [ 219.744107][ T1326] plantronics 0003:047F:FFFF.0012: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0 [ 219.970494][ T1326] usb 10-1: USB disconnect, device number 12 [ 220.369627][T16831] syzkaller1: entered promiscuous mode [ 220.371298][T16831] syzkaller1: entered allmulticast mode [ 220.384474][T16833] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4800'. [ 220.603130][ T5938] Bluetooth: hci0: unexpected event for opcode 0x080f [ 221.017252][T16917] binder: 16915:16917 ioctl c0046209 0 returned -22 [ 221.054638][T16924] syzkaller1: entered allmulticast mode [ 221.078249][T16928] loop2: detected capacity change from 0 to 7 [ 221.083202][ T5939] Dev loop2: unable to read RDB block 7 [ 221.085689][ T5939] loop2: AHDI p1 p2 p3 [ 221.087544][ T5939] loop2: partition table partially beyond EOD, truncated [ 221.090142][ T5939] loop2: p1 start 1601398130 is beyond EOD, truncated [ 221.092327][ T5939] loop2: p2 start 1702059890 is beyond EOD, truncated [ 221.095418][T16928] Dev loop2: unable to read RDB block 7 [ 221.097252][T16928] loop2: AHDI p1 p2 p3 [ 221.098590][T16928] loop2: partition table partially beyond EOD, truncated [ 221.100889][T16928] loop2: p1 start 1601398130 is beyond EOD, truncated [ 221.103001][T16928] loop2: p2 start 1702059890 is beyond EOD, truncated [ 221.689660][ T5943] Bluetooth: hci0: Opcode 0x1407 failed: -110 [ 221.954669][T16985] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4869'. [ 221.958559][T16985] netlink: 'syz.6.4869': attribute type 21 has an invalid length. [ 222.558757][T17035] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4893'. [ 223.174305][ T6007] IPVS: starting estimator thread 0... [ 223.269248][T17122] IPVS: using max 45 ests per chain, 108000 per kthread [ 223.526742][T17137] syzkaller1: entered promiscuous mode [ 223.528589][T17137] syzkaller1: entered allmulticast mode [ 223.865234][T17161] netlink: 212368 bytes leftover after parsing attributes in process `syz.5.4922'. [ 223.903475][T17169] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4926'. [ 224.018412][ T40] kauditd_printk_skb: 132 callbacks suppressed [ 224.018425][ T40] audit: type=1326 audit(2000000905.555:2457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17177 comm="syz.2.4930" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf702d598 code=0x7ffc0000 [ 224.027314][ T40] audit: type=1326 audit(2000000905.555:2458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17177 comm="syz.2.4930" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf702d598 code=0x7ffc0000 [ 224.040525][ T40] audit: type=1326 audit(2000000905.555:2459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17177 comm="syz.2.4930" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf702d598 code=0x7ffc0000 [ 224.050218][ T40] audit: type=1326 audit(2000000905.555:2460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17177 comm="syz.2.4930" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf702d598 code=0x7ffc0000 [ 224.053481][T17182] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4932'. [ 224.058628][ T40] audit: type=1326 audit(2000000905.555:2461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17177 comm="syz.2.4930" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf702d598 code=0x7ffc0000 [ 224.058665][ T40] audit: type=1326 audit(2000000905.565:2462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17177 comm="syz.2.4930" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf702d598 code=0x7ffc0000 [ 224.082712][ T40] audit: type=1326 audit(2000000905.565:2463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17177 comm="syz.2.4930" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf702d598 code=0x7ffc0000 [ 224.092317][ T40] audit: type=1326 audit(2000000905.565:2464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17177 comm="syz.2.4930" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf702d598 code=0x7ffc0000 [ 224.102145][ T40] audit: type=1326 audit(2000000905.565:2465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17177 comm="syz.2.4930" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf702d598 code=0x7ffc0000 [ 224.111541][ T40] audit: type=1326 audit(2000000905.565:2466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17177 comm="syz.2.4930" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf702d598 code=0x7ffc0000 [ 224.529497][ T1464] usb 10-1: new high-speed USB device number 13 using dummy_hcd [ 224.660035][ T5943] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 224.662710][ T5943] Bluetooth: hci0: Injecting HCI hardware error event [ 224.668718][ T5943] Bluetooth: hci0: hardware error 0x00 [ 224.679409][ T1464] usb 10-1: Using ep0 maxpacket: 8 [ 224.683233][ T1464] usb 10-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 224.687461][ T1464] usb 10-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0 [ 224.692466][ T1464] usb 10-1: config 0 interface 0 has no altsetting 0 [ 224.695354][ T1464] usb 10-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 224.699258][ T1464] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 224.705516][ T1464] usb 10-1: config 0 descriptor?? [ 225.117065][ T1464] mcp2221 0003:04D8:00DD.0013: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.5-1/input0 [ 225.221639][T17283] fuse: Bad value for 'fd' [ 225.245365][T17285] syzkaller1: entered promiscuous mode [ 225.247703][T17285] syzkaller1: entered allmulticast mode [ 225.320541][ T6007] usb 10-1: USB disconnect, device number 13 [ 226.372336][ T5941] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 226.375611][ T5941] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 226.380691][ T5941] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 226.383403][ T5941] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 226.385990][ T5941] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 226.482275][T17327] chnl_net:caif_netlink_parms(): no params data found [ 226.555388][T17327] bridge0: port 1(bridge_slave_0) entered blocking state [ 226.557837][T17327] bridge0: port 1(bridge_slave_0) entered disabled state [ 226.561071][T17327] bridge_slave_0: entered allmulticast mode [ 226.564094][T17327] bridge_slave_0: entered promiscuous mode [ 226.567194][T17327] bridge0: port 2(bridge_slave_1) entered blocking state [ 226.570510][T17327] bridge0: port 2(bridge_slave_1) entered disabled state [ 226.573579][T17327] bridge_slave_1: entered allmulticast mode [ 226.577115][T17327] bridge_slave_1: entered promiscuous mode [ 226.618367][T17327] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 226.623568][T17327] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 226.658889][T17327] team0: Port device team_slave_0 added [ 226.662205][T17327] team0: Port device team_slave_1 added [ 226.696987][T17327] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 226.699407][T17327] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 226.707419][T17327] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 226.711756][T17327] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 226.713943][T17327] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 226.722326][T17327] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 226.729235][ T5943] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 226.760726][T17327] hsr_slave_0: entered promiscuous mode [ 226.763028][T17327] hsr_slave_1: entered promiscuous mode [ 226.765241][T17327] debugfs: 'hsr0' already exists in 'hsr' [ 226.767022][T17327] Cannot create hsr debugfs directory [ 226.881660][T17327] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 226.886764][T17327] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 226.892112][T17327] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 226.895943][T17327] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 226.935705][T17327] 8021q: adding VLAN 0 to HW filter on device bond0 [ 226.950148][T17327] 8021q: adding VLAN 0 to HW filter on device team0 [ 226.955828][T17104] bridge0: port 1(bridge_slave_0) entered blocking state [ 226.958077][T17104] bridge0: port 1(bridge_slave_0) entered forwarding state [ 226.965373][T17053] bridge0: port 2(bridge_slave_1) entered blocking state [ 226.967620][T17053] bridge0: port 2(bridge_slave_1) entered forwarding state [ 227.078380][T17327] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 227.212795][T17327] veth0_vlan: entered promiscuous mode [ 227.220338][T17327] veth1_vlan: entered promiscuous mode [ 227.241447][T17327] veth0_macvtap: entered promiscuous mode [ 227.249368][T17327] veth1_macvtap: entered promiscuous mode [ 227.265387][T17327] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 227.277316][T17327] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 227.285928][T17077] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 227.288746][T17077] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 227.293959][T17077] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 227.297713][T17077] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 227.344800][T17111] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 227.349454][T17111] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 227.365004][T17104] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 227.368293][T17104] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 227.384468][T17366] overlayfs: failed to clone upperpath [ 227.646514][T17395] overlayfs: failed to clone upperpath [ 227.651737][T17395] overlayfs: failed to clone upperpath [ 227.929266][ T5938] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 228.056255][T17414] tmpfs: Bad value for 'mpol' [ 228.409318][ T5938] Bluetooth: hci1: command tx timeout [ 228.509014][T17440] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5038'. [ 228.512088][T17440] netlink: 'syz.7.5038': attribute type 30 has an invalid length. [ 228.521055][T17096] netdevsim netdevsim7 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 228.523028][T17440] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5038'. [ 228.523880][T17096] netdevsim netdevsim7 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 228.526817][T17440] netlink: 'syz.7.5038': attribute type 30 has an invalid length. [ 228.531121][T17053] netdevsim netdevsim7 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 228.536181][T17053] netdevsim netdevsim7 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 228.589708][T17445] 9pnet_fd: Insufficient options for proto=fd [ 228.829541][T15424] usb 12-1: new high-speed USB device number 2 using dummy_hcd [ 228.979222][T15424] usb 12-1: Using ep0 maxpacket: 16 [ 228.982328][T15424] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 228.985777][T15424] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 228.988795][T15424] usb 12-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 228.992984][T15424] usb 12-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 228.995907][T15424] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 229.000733][T15424] usb 12-1: config 0 descriptor?? [ 229.055100][T17478] netlink: 'syz.5.5056': attribute type 19 has an invalid length. [ 229.118419][T17480] netlink: 14528 bytes leftover after parsing attributes in process `syz.5.5057'. [ 229.412342][T15424] input: HID 0955:7214 Haptics as /devices/virtual/input/input36 [ 229.425553][T15424] shield 0003:0955:7214.0014: Registered Thunderstrike controller [ 229.428121][T15424] shield 0003:0955:7214.0014: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.7-1/input0 [ 229.618125][ T6001] shield 0003:0955:7214.0014: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO [ 229.618289][ T6007] usb 12-1: USB disconnect, device number 2 [ 229.621674][ T6001] shield 0003:0955:7214.0014: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 229.634878][ T6001] shield 0003:0955:7214.0014: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 229.638408][ T6001] shield 0003:0955:7214.0014: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 230.059008][T17518] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2 [ 230.171556][ T2299] Process accounting resumed [ 230.358513][T17542] batadv_slave_1: entered promiscuous mode [ 230.361891][T17541] batadv_slave_1: left promiscuous mode [ 230.499331][ T5938] Bluetooth: hci1: command tx timeout [ 230.593253][T17555] netlink: 76 bytes leftover after parsing attributes in process `syz.5.5089'. [ 230.915398][T17569] dummy0: entered promiscuous mode [ 230.918611][T17569] bond_slave_0: entered promiscuous mode [ 230.921438][T17569] bond_slave_0: left promiscuous mode [ 230.923958][T17569] dummy0: left promiscuous mode [ 231.034954][T17571] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5096'. [ 231.037841][T17571] netlink: 'syz.6.5096': attribute type 6 has an invalid length. [ 231.040887][T17571] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5096'. [ 231.719375][T17613] syzkaller1: entered promiscuous mode [ 231.721277][T17613] syzkaller1: entered allmulticast mode [ 231.868907][T17626] netlink: 4 bytes leftover after parsing attributes in process `syz.7.5121'. [ 231.874407][T17626] netlink: 72 bytes leftover after parsing attributes in process `syz.7.5121'. [ 231.905502][T17628] input: syz0 as /devices/virtual/input/input37 [ 232.106245][T17643] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5129'. [ 232.109058][T17643] netlink: 'syz.5.5129': attribute type 5 has an invalid length. [ 232.368576][T17656] netlink: 212368 bytes leftover after parsing attributes in process `syz.1.5135'. [ 232.569456][ T5938] Bluetooth: hci1: command tx timeout [ 232.964052][T17705] netlink: 'syz.1.5158': attribute type 13 has an invalid length. [ 232.967026][T17705] netlink: 'syz.1.5158': attribute type 12 has an invalid length. [ 233.002532][T17707] loop6: detected capacity change from 0 to 2560 [ 233.005617][T17707] buffer_io_error: 5 callbacks suppressed [ 233.005630][T17707] Buffer I/O error on dev loop6, logical block 0, async page read [ 233.011676][T17707] Buffer I/O error on dev loop6, logical block 0, async page read [ 233.014877][T17707] Buffer I/O error on dev loop6, logical block 0, async page read [ 233.018242][T17707] Buffer I/O error on dev loop6, logical block 0, async page read [ 233.021636][T17707] Buffer I/O error on dev loop6, logical block 0, async page read [ 233.024807][T17707] Buffer I/O error on dev loop6, logical block 0, async page read [ 233.027415][T17707] Buffer I/O error on dev loop6, logical block 0, async page read [ 233.031608][T17707] Buffer I/O error on dev loop6, logical block 0, async page read [ 233.034663][T17707] ldm_validate_partition_table(): Disk read failed. [ 233.037760][T17707] Buffer I/O error on dev loop6, logical block 0, async page read [ 233.041202][T17707] Buffer I/O error on dev loop6, logical block 0, async page read [ 233.044670][T17707] Dev loop6: unable to read RDB block 0 [ 233.047331][T17707] loop6: unable to read partition table [ 233.050082][T17707] loop_reread_partitions: partition scan of loop6 (3 ) failed (rc=-5) [ 233.142103][T17717] [U] [ 233.737228][T17751] atomic_op ffff888058c8b198 conn xmit_atomic 0000000000000000 [ 234.493350][T17798] overlayfs: missing 'lowerdir' [ 234.603771][T17802] bridge0: port 2(bridge_slave_1) entered disabled state [ 234.606411][T17802] bridge0: port 1(bridge_slave_0) entered disabled state [ 234.649429][ T5938] Bluetooth: hci1: command tx timeout [ 235.272318][T17802] veth1_to_hsr: left allmulticast mode [ 235.275100][T17802] macvtap1: left promiscuous mode [ 235.284868][T17096] netdevsim netdevsim6 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 235.287893][T17096] netdevsim netdevsim6 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 235.292023][T17096] netdevsim netdevsim6 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 235.296124][T17096] netdevsim netdevsim6 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 235.368947][ T6020] IPVS: starting estimator thread 0... [ 235.371815][T17819] tipc: Started in network mode [ 235.373880][T17819] tipc: Node identity ac1414aa, cluster identity 4711 [ 235.376272][T17819] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 235.378772][T17819] tipc: Enabled bearer , priority 10 [ 235.479832][T17820] IPVS: using max 45 ests per chain, 108000 per kthread [ 235.519554][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 235.669273][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 235.764003][T17833] __nla_validate_parse: 2 callbacks suppressed [ 235.764014][T17833] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5219'. [ 235.819204][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 235.959165][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 236.099343][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 236.211515][ T40] kauditd_printk_skb: 200 callbacks suppressed [ 236.211527][ T40] audit: type=1326 audit(2000000917.755:2667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17884 comm="syz.5.5242" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d579 code=0x7ffc0000 [ 236.223431][ T40] audit: type=1326 audit(2000000917.755:2668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17884 comm="syz.5.5242" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d579 code=0x7ffc0000 [ 236.230107][ T40] audit: type=1326 audit(2000000917.755:2669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17884 comm="syz.5.5242" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf700d579 code=0x7ffc0000 [ 236.237466][ T40] audit: type=1326 audit(2000000917.755:2670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17884 comm="syz.5.5242" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d579 code=0x7ffc0000 [ 236.246407][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 236.249365][ T40] audit: type=1326 audit(2000000917.755:2671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17884 comm="syz.5.5242" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d579 code=0x7ffc0000 [ 236.258079][ T40] audit: type=1326 audit(2000000917.755:2672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17884 comm="syz.5.5242" exe="/syz-executor" sig=0 arch=40000003 syscall=260 compat=1 ip=0xf700d579 code=0x7ffc0000 [ 236.265217][ T40] audit: type=1326 audit(2000000917.755:2673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17884 comm="syz.5.5242" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf700d598 code=0x7ffc0000 [ 236.272311][ T40] audit: type=1326 audit(2000000917.755:2674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17884 comm="syz.5.5242" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf700d598 code=0x7ffc0000 [ 236.278922][ T40] audit: type=1326 audit(2000000917.755:2675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17884 comm="syz.5.5242" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d579 code=0x7ffc0000 [ 236.289511][ T40] audit: type=1326 audit(2000000917.755:2676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17884 comm="syz.5.5242" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d579 code=0x7ffc0000 [ 236.379271][ T1464] tipc: Node number set to 2886997162 [ 236.416392][T17909] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5255'. [ 236.445771][T17914] netlink: 28 bytes leftover after parsing attributes in process `syz.6.5257'. [ 236.448678][T17914] netlink: 32 bytes leftover after parsing attributes in process `syz.6.5257'. [ 236.451897][T17914] netlink: 28 bytes leftover after parsing attributes in process `syz.6.5257'. [ 236.465015][T17916] netlink: 212368 bytes leftover after parsing attributes in process `syz.1.5258'. [ 236.529404][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 236.742660][T17944] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5269'. [ 236.799408][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 237.339607][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 238.653686][T18012] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5297'. [ 238.945603][T18041] bridge0: port 4(syz_tun) entered blocking state [ 238.947686][T18041] bridge0: port 4(syz_tun) entered disabled state [ 238.950912][T18041] syz_tun: entered allmulticast mode [ 238.953367][T18041] syz_tun: entered promiscuous mode [ 238.955159][T18041] bridge0: port 4(syz_tun) entered blocking state [ 238.957627][T18041] bridge0: port 4(syz_tun) entered listening state [ 238.996698][T18045] syzkaller1: entered promiscuous mode [ 238.998536][T18045] syzkaller1: entered allmulticast mode [ 239.021724][T18049] overlayfs: failed to clone upperpath [ 239.066120][T18052] netlink: 156 bytes leftover after parsing attributes in process `syz.6.5315'. [ 239.913472][T18107] loop7: detected capacity change from 0 to 1 [ 240.051424][T18107] Dev loop7: unable to read RDB block 1 [ 240.053968][T18107] loop7: unable to read partition table [ 240.056560][T18107] loop7: partition table beyond EOD, truncated [ 240.059320][T18107] loop_reread_partitions: partition scan of loop7 (ݷU@:B${W) failed (rc=-5) [ 240.489172][ C1] net_ratelimit: 2 callbacks suppressed [ 240.489184][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 240.524614][T18173] bond1 (unregistering): Released all slaves [ 240.768280][T18187] Invalid ELF header magic: != ELF [ 240.829641][T18201] netlink: 9275 bytes leftover after parsing attributes in process `syz.6.5377'. [ 241.311941][T18242] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5405'. [ 241.539203][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 242.139240][ T6001] usb 12-1: new high-speed USB device number 3 using dummy_hcd [ 242.183925][T18269] netlink: 20 bytes leftover after parsing attributes in process `syz.6.5411'. [ 242.290584][ T6001] usb 12-1: config index 0 descriptor too short (expected 23569, got 27) [ 242.293765][ T6001] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 242.298332][ T6001] usb 12-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 242.301263][ T6001] usb 12-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 242.303694][ T6001] usb 12-1: Manufacturer: syz [ 242.306338][ T6001] usb 12-1: config 0 descriptor?? [ 242.349222][ T6001] rc_core: IR keymap rc-hauppauge not found [ 242.351168][ T6001] Registered IR keymap rc-empty [ 242.353550][ T6001] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.7/usb12/12-1/12-1:0.0/rc/rc0 [ 242.357734][ T6001] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.7/usb12/12-1/12-1:0.0/rc/rc0/input39 [ 242.517074][ T2299] usb 12-1: USB disconnect, device number 3 [ 242.569226][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 242.762540][T18305] netlink: 7 bytes leftover after parsing attributes in process `syz.5.5426'. [ 242.794762][ T40] kauditd_printk_skb: 235 callbacks suppressed [ 242.794778][ T40] audit: type=1326 audit(2000000924.335:2912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18306 comm="syz.6.5428" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 242.807357][ T40] audit: type=1326 audit(2000000924.335:2913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18306 comm="syz.6.5428" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 242.816772][ T40] audit: type=1326 audit(2000000924.345:2914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18306 comm="syz.6.5428" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 242.827505][ T40] audit: type=1326 audit(2000000924.345:2915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18306 comm="syz.6.5428" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 242.834915][ T40] audit: type=1326 audit(2000000924.345:2916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18306 comm="syz.6.5428" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 242.844872][ T40] audit: type=1326 audit(2000000924.345:2917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18306 comm="syz.6.5428" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 242.851929][ T40] audit: type=1326 audit(2000000924.345:2918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18306 comm="syz.6.5428" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 242.862137][ T40] audit: type=1326 audit(2000000924.355:2919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18306 comm="syz.6.5428" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 242.871309][ T40] audit: type=1326 audit(2000000924.355:2920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18306 comm="syz.6.5428" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 242.881446][ T40] audit: type=1326 audit(2000000924.355:2921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18306 comm="syz.6.5428" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 242.882873][T18314] gfs2: not a GFS2 filesystem [ 243.367657][T18367] netlink: 44 bytes leftover after parsing attributes in process `syz.6.5452'. [ 243.373047][T18367] netlink: 43 bytes leftover after parsing attributes in process `syz.6.5452'. [ 243.377313][T18367] netlink: 'syz.6.5452': attribute type 6 has an invalid length. [ 243.383244][T18367] netlink: 'syz.6.5452': attribute type 5 has an invalid length. [ 243.386383][T18367] netlink: 43 bytes leftover after parsing attributes in process `syz.6.5452'. [ 243.559498][ T6020] usb 12-1: new high-speed USB device number 4 using dummy_hcd [ 243.581960][T18387] 9pnet_fd: Insufficient options for proto=fd [ 243.609304][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 243.721734][ T6020] usb 12-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 243.726515][ T6020] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 243.730920][ T6020] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 243.734673][ T6020] usb 12-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 243.740253][ T6020] usb 12-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 243.744204][ T6020] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 243.749462][ T6020] usb 12-1: config 0 descriptor?? [ 243.907397][T18416] 9pnet_fd: Insufficient options for proto=fd [ 243.973777][T18420] tipc: Enabling of bearer rejected, failed to enable media [ 244.160340][ T6020] hid_parser_main: 5 callbacks suppressed [ 244.160358][ T6020] plantronics 0003:047F:FFFF.0015: unknown main item tag 0x0 [ 244.165904][ T6020] plantronics 0003:047F:FFFF.0015: unknown main item tag 0x0 [ 244.168871][ T6020] plantronics 0003:047F:FFFF.0015: unknown main item tag 0x0 [ 244.172822][ T6020] plantronics 0003:047F:FFFF.0015: unknown main item tag 0x0 [ 244.175867][ T6020] plantronics 0003:047F:FFFF.0015: unknown main item tag 0x0 [ 244.178969][ T6020] plantronics 0003:047F:FFFF.0015: unknown main item tag 0x0 [ 244.182875][ T6020] plantronics 0003:047F:FFFF.0015: unknown main item tag 0x0 [ 244.185969][ T6020] plantronics 0003:047F:FFFF.0015: unknown main item tag 0x0 [ 244.189154][ T6020] plantronics 0003:047F:FFFF.0015: unknown main item tag 0x0 [ 244.192143][ T6020] plantronics 0003:047F:FFFF.0015: unknown main item tag 0x0 [ 244.198150][ T6020] plantronics 0003:047F:FFFF.0015: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.7-1/input0 [ 244.421802][ T6001] usb 12-1: USB disconnect, device number 4 [ 244.649302][ C2] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 245.452468][T18490] netlink: 20 bytes leftover after parsing attributes in process `syz.7.5506'. [ 245.690844][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 245.708796][T18512] overlayfs: failed to clone upperpath [ 245.807362][T18528] netlink: 36 bytes leftover after parsing attributes in process `syz.5.5528'. [ 245.867141][T18534] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5531'. [ 245.870314][T18534] netlink: 'syz.7.5531': attribute type 1 has an invalid length. [ 245.916382][T18540] 9pnet_fd: Insufficient options for proto=fd [ 246.453658][T18588] netlink: 20 bytes leftover after parsing attributes in process `syz.6.5556'. [ 246.457055][T18588] netlink: 36 bytes leftover after parsing attributes in process `syz.6.5556'. [ 246.729290][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 247.228479][T18651] syz.5.5580 (18651) used greatest stack depth: 19528 bytes left [ 247.409161][T18667] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5590'. [ 247.519179][ T5999] usb 12-1: new high-speed USB device number 5 using dummy_hcd [ 247.681617][ T5999] usb 12-1: too many endpoints for config 32 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 247.685032][ T5999] usb 12-1: config 32 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 247.688556][ T5999] usb 12-1: config 32 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 247.691774][ T5999] usb 12-1: config 32 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 247.696718][ T5999] usb 12-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 247.699685][ T5999] usb 12-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 247.702184][ T5999] usb 12-1: Manufacturer: syz [ 247.779225][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 248.117606][ T5999] appleir 0003:05AC:8243.0016: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.7-1/input0 [ 248.371138][ T6001] usb 12-1: USB disconnect, device number 5 [ 248.489646][T18743] netlink: 212368 bytes leftover after parsing attributes in process `syz.6.5627'. [ 248.546449][T18741] netlink: 20 bytes leftover after parsing attributes in process `syz.5.5626'. [ 248.549366][T18741] netlink: 36 bytes leftover after parsing attributes in process `syz.5.5626'. [ 248.560942][T18748] netlink: 212368 bytes leftover after parsing attributes in process `syz.6.5629'. [ 248.809215][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 248.911778][T18770] netlink: 4 bytes leftover after parsing attributes in process `syz.7.5639'. [ 248.943648][T18775] vcan0: tx drop: invalid da for name 0xfffffffffffffffd [ 249.071179][T18791] syzkaller1: entered promiscuous mode [ 249.073006][T18791] syzkaller1: entered allmulticast mode [ 249.076753][T18793] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5649'. [ 249.290318][ T6020] kernel write not supported for file [eventfd] (pid: 6020 comm: kworker/0:4) [ 249.859190][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 249.906312][T18887] netlink: zone id is out of range [ 250.795050][T18933] macsec1: entered promiscuous mode [ 250.796783][T18933] team0: entered promiscuous mode [ 250.798543][T18933] team_slave_0: entered promiscuous mode [ 250.801510][T18933] team_slave_1: entered promiscuous mode [ 250.803802][T18933] geneve0: entered promiscuous mode [ 250.805645][T18933] macsec1: entered allmulticast mode [ 250.807347][ T40] kauditd_printk_skb: 3 callbacks suppressed [ 250.807356][ T40] audit: type=1326 audit(2000000933.343:2925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18936 comm="syz.7.5711" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad579 code=0x7ffc0000 [ 250.809241][T18933] team0: entered allmulticast mode [ 250.809441][ T40] audit: type=1326 audit(2000000933.343:2926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18936 comm="syz.7.5711" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad579 code=0x7ffc0000 [ 250.816183][T18933] team_slave_0: entered allmulticast mode [ 250.817802][ T40] audit: type=1326 audit(2000000933.343:2927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18936 comm="syz.7.5711" exe="/syz-executor" sig=0 arch=40000003 syscall=331 compat=1 ip=0xf70ad579 code=0x7ffc0000 [ 250.825621][T18933] team_slave_1: entered allmulticast mode [ 250.825669][T18933] geneve0: entered allmulticast mode [ 250.827895][ T40] audit: type=1326 audit(2000000933.343:2928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18936 comm="syz.7.5711" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad579 code=0x7ffc0000 [ 250.837432][T18933] team0: Device macsec1 is already an upper device of the team interface [ 250.839528][ T40] audit: type=1326 audit(2000000933.343:2929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18936 comm="syz.7.5711" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad579 code=0x7ffc0000 [ 250.863226][T18933] team0: left allmulticast mode [ 250.865335][T18933] team_slave_0: left allmulticast mode [ 250.867062][T18933] team_slave_1: left allmulticast mode [ 250.868783][T18933] geneve0: left allmulticast mode [ 250.870443][T18933] team0: left promiscuous mode [ 250.871926][T18933] team_slave_0: left promiscuous mode [ 250.873724][T18933] team_slave_1: left promiscuous mode [ 250.875497][T18933] geneve0: left promiscuous mode [ 250.891952][T18942] kvm: kvm [18941]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010058) = 0x80000200 [ 250.899182][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 250.921767][T18944] sp0: Synchronizing with TNC [ 251.064737][T18956] IPVS: Error connecting to the multicast addr [ 251.094441][T18961] io-wq is not configured for unbound workers [ 251.107624][T18964] 8021q: VLANs not supported on ipvlan1 [ 251.165456][T18974] __nla_validate_parse: 5 callbacks suppressed [ 251.165467][T18974] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5729'. [ 251.525302][ T40] audit: type=1326 audit(2000000934.063:2930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18990 comm="syz.6.5738" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 251.535181][ T40] audit: type=1326 audit(2000000934.063:2931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18990 comm="syz.6.5738" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 251.542827][ T40] audit: type=1326 audit(2000000934.063:2932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18990 comm="syz.6.5738" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 251.549621][ T40] audit: type=1326 audit(2000000934.063:2933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18990 comm="syz.6.5738" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 251.555806][ T40] audit: type=1326 audit(2000000934.063:2934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18990 comm="syz.6.5738" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 251.787802][T19010] input: syz1 as /devices/virtual/input/input40 [ 251.929249][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 252.597347][T19079] : renamed from wg2 [ 252.880718][T19096] autofs: Invalid uid '0x00000000ffffffff' [ 252.969234][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 253.523284][T19130] Bluetooth: ERR: HCILL_GO_TO_SLEEP_IND in state 0 [ 253.526080][T17077] Bluetooth: hci4: received HCILL_GO_TO_SLEEP_ACK in state 1 [ 253.531286][T17077] Bluetooth: hci4: received HCILL_GO_TO_SLEEP_ACK in state 1 [ 254.009188][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 254.169557][T19162] netlink: 20 bytes leftover after parsing attributes in process `syz.6.5814'. [ 254.224747][T19166] raw_sendmsg: syz.6.5816 forgot to set AF_INET. Fix it! [ 254.527469][T19178] netlink: 4 bytes leftover after parsing attributes in process `syz.7.5822'. [ 254.710011][T19191] geneve2: entered promiscuous mode [ 255.049216][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 255.219309][T15424] usb 12-1: new high-speed USB device number 6 using dummy_hcd [ 255.369333][T15424] usb 12-1: Using ep0 maxpacket: 8 [ 255.372571][T15424] usb 12-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 255.376126][T15424] usb 12-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0 [ 255.380685][T15424] usb 12-1: config 0 interface 0 has no altsetting 0 [ 255.382924][T15424] usb 12-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 255.385866][T15424] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 255.390283][T15424] usb 12-1: config 0 descriptor?? [ 255.529228][ T5943] Bluetooth: hci4: command 0x1003 tx timeout [ 255.529463][ T5938] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 255.575512][T19230] loop4: detected capacity change from 0 to 7 [ 255.581613][T19230] Dev loop4: unable to read RDB block 7 [ 255.584080][T19230] loop4: unable to read partition table [ 255.586329][T19230] loop4: partition table beyond EOD, truncated [ 255.588531][T19230] loop_reread_partitions: partition scan of loop4 (被x ) failed (rc=-5) [ 255.801808][T15424] hid_parser_main: 6 callbacks suppressed [ 255.801820][T15424] mcp2221 0003:04D8:00DD.0017: unknown main item tag 0x0 [ 255.805881][T15424] mcp2221 0003:04D8:00DD.0017: unknown main item tag 0x0 [ 255.808118][T15424] mcp2221 0003:04D8:00DD.0017: unknown main item tag 0x0 [ 255.810690][T15424] mcp2221 0003:04D8:00DD.0017: unknown main item tag 0x0 [ 255.812839][T15424] mcp2221 0003:04D8:00DD.0017: unknown main item tag 0x0 [ 255.815361][T15424] mcp2221 0003:04D8:00DD.0017: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.7-1/input0 [ 256.002047][ T911] usb 12-1: USB disconnect, device number 6 [ 256.089176][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 256.493671][T19282] netlink: 7064 bytes leftover after parsing attributes in process `syz.6.5869'. [ 256.623633][T19309] binder: 19307:19309 ioctl 0 0 returned -22 [ 256.721668][T19324] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5889'. [ 256.776803][T19332] syzkaller1: entered promiscuous mode [ 256.778666][T19332] syzkaller1: entered allmulticast mode [ 257.129175][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 257.164539][T19360] loop2: detected capacity change from 0 to 7 [ 257.167151][T19360] Dev loop2: unable to read RDB block 7 [ 257.168983][T19360] loop2: unable to read partition table [ 257.171076][T19360] loop2: partition table beyond EOD, truncated [ 257.173126][T19360] loop_reread_partitions: partition scan of loop2 (被x ) failed (rc=-5) [ 257.860045][ T2299] page_pool_release_retry() stalled pool shutdown: id 83, 1 inflight 60 sec [ 257.991419][T17111] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 257.994746][T17111] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 258.096020][ T40] kauditd_printk_skb: 10 callbacks suppressed [ 258.096030][ T40] audit: type=1326 audit(2000000940.633:2945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19409 comm="syz.6.5928" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf701d579 code=0x0 [ 258.169197][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 258.444803][T19426] loop7: detected capacity change from 0 to 1 [ 258.480258][T19426] Dev loop7: unable to read RDB block 1 [ 258.480296][T19426] loop7: unable to read partition table [ 258.480417][T19426] loop7: partition table beyond EOD, truncated [ 258.480427][T19426] loop_reread_partitions: partition scan of loop7 (ݷU@:B${W) failed (rc=-5) [ 258.923113][T19446] netlink: 'syz.1.5943': attribute type 1 has an invalid length. [ 258.923126][T19446] netlink: 'syz.1.5943': attribute type 2 has an invalid length. [ 258.998972][T19452] overlayfs: failed to clone upperpath [ 259.044856][T19458] input: syz0 as /devices/virtual/input/input41 [ 259.209193][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 259.278515][T19476] 8021q: adding VLAN 0 to HW filter on device bond1 [ 259.592875][ T40] audit: type=1326 audit(2000000942.133:2946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19495 comm="syz.6.5965" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x0 [ 259.643190][T19505] netlink: 116 bytes leftover after parsing attributes in process `syz.5.5969'. [ 259.951983][T19542] ebtables: wrong size: *len 264, entries_size 144, replsz 144 [ 260.250978][ T1417] ieee802154 phy0 wpan0: encryption failed: -22 [ 260.251021][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 260.606046][T19585] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6004'. [ 260.608962][T19585] netlink: 12 bytes leftover after parsing attributes in process `syz.5.6004'. [ 260.613302][T19580] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6002'. [ 260.643666][ T40] audit: type=1326 audit(2000000943.183:2947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19588 comm="syz.5.6006" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf700d579 code=0x0 [ 260.665474][T19592] netlink: 'syz.6.6005': attribute type 13 has an invalid length. [ 260.668103][T19592] netlink: 'syz.6.6005': attribute type 17 has an invalid length. [ 260.760181][T19592] 8021q: adding VLAN 0 to HW filter on device bond0 [ 260.763229][T19592] 8021q: adding VLAN 0 to HW filter on device team0 [ 260.768703][T19592] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 260.958359][ T40] audit: type=1326 audit(2000000943.493:2948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19604 comm="syz.1.6012" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fe7579 code=0x0 [ 261.289179][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 261.801376][T19654] syzkaller1: entered promiscuous mode [ 261.803889][T19654] syzkaller1: entered allmulticast mode [ 261.937988][T19671] netlink: 212368 bytes leftover after parsing attributes in process `syz.5.6041'. [ 262.329235][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 262.676003][T19691] openvswitch: netlink: Missing key (keys=40, expected=10000000) [ 262.713574][T19694] loop5: detected capacity change from 0 to 7 [ 262.717223][T19694] Dev loop5: unable to read RDB block 7 [ 262.719807][T19694] loop5: AHDI p1 p2 [ 262.721313][T19694] loop5: partition table partially beyond EOD, truncated [ 262.723883][T19694] loop5: p1 start 1702000233 is beyond EOD, truncated [ 263.141304][T19757] netlink: 63 bytes leftover after parsing attributes in process `syz.6.6080'. [ 263.285068][ T6020] hid-generic 0007:FFFFFFFF:0000.0018: unknown main item tag 0x0 [ 263.287968][ T6020] hid-generic 0007:FFFFFFFF:0000.0018: unknown main item tag 0x0 [ 263.291055][ T6020] hid-generic 0007:FFFFFFFF:0000.0018: unknown main item tag 0x0 [ 263.294232][ T6020] hid-generic 0007:FFFFFFFF:0000.0018: unknown main item tag 0x0 [ 263.296893][ T6020] hid-generic 0007:FFFFFFFF:0000.0018: unknown main item tag 0x0 [ 263.300796][ T6020] hid-generic 0007:FFFFFFFF:0000.0018: unknown main item tag 0x0 [ 263.303912][ T6020] hid-generic 0007:FFFFFFFF:0000.0018: unknown main item tag 0x0 [ 263.306402][ T6020] hid-generic 0007:FFFFFFFF:0000.0018: unknown main item tag 0x0 [ 263.308843][ T6020] hid-generic 0007:FFFFFFFF:0000.0018: unknown main item tag 0x0 [ 263.312510][ T6020] hid-generic 0007:FFFFFFFF:0000.0018: unknown main item tag 0x0 [ 263.312920][T19789] netlink: 24 bytes leftover after parsing attributes in process `syz.5.6096'. [ 263.315965][ T6020] hid-generic 0007:FFFFFFFF:0000.0018: hidraw0: HID v0.00 Device [syz1] on syz1 [ 263.369207][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 263.549209][ T5999] usb 12-1: new high-speed USB device number 7 using dummy_hcd [ 263.730591][ T5999] usb 12-1: config 1 interface 0 altsetting 127 bulk endpoint 0x81 has invalid maxpacket 64 [ 263.733827][ T5999] usb 12-1: config 1 interface 0 altsetting 127 bulk endpoint 0x2 has invalid maxpacket 32 [ 263.737215][ T5999] usb 12-1: config 1 interface 0 has no altsetting 0 [ 263.740942][ T5999] usb 12-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.40 [ 263.743873][ T5999] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 263.746418][ T5999] usb 12-1: Product: syz [ 263.747785][ T5999] usb 12-1: Manufacturer: syz [ 263.749372][ T5999] usb 12-1: SerialNumber: syz [ 263.753033][T19787] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22 [ 263.755578][T19787] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22 [ 263.829245][ T1326] usb 10-1: new high-speed USB device number 14 using dummy_hcd [ 263.979314][ T1326] usb 10-1: Using ep0 maxpacket: 16 [ 263.983816][ T1326] usb 10-1: config 0 has an invalid interface number: 132 but max is 0 [ 263.986411][ T1326] usb 10-1: config 0 has no interface number 0 [ 263.990059][ T1326] usb 10-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25 [ 263.993001][ T1326] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 263.995599][ T1326] usb 10-1: Product: syz [ 263.996985][ T1326] usb 10-1: Manufacturer: syz [ 263.998471][ T1326] usb 10-1: SerialNumber: syz [ 264.003305][ T1326] usb 10-1: config 0 descriptor?? [ 264.005945][ T1326] hub 10-1:0.132: bad descriptor, ignoring hub [ 264.007981][ T1326] hub 10-1:0.132: probe with driver hub failed with error -5 [ 264.012374][ T1326] input: bcm5974 as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.132/input/input42 [ 264.409499][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 264.631181][T19811] usb 10-1: reset high-speed USB device number 14 using dummy_hcd [ 264.765276][ T5999] (unnamed net_device) (uninitialized): Assigned a random MAC address: 5e:fa:a6:80:99:e4 [ 264.776256][ T5999] rtl8150 12-1:1.0: eth10: rtl8150 is detected [ 264.779874][T19811] usb 10-1: device firmware changed [ 264.779968][ T5999] usb 12-1: USB disconnect, device number 7 [ 264.782791][ T29] usb 10-1: USB disconnect, device number 14 [ 264.919200][ T29] usb 10-1: new high-speed USB device number 15 using dummy_hcd [ 265.079361][ T29] usb 10-1: Using ep0 maxpacket: 16 [ 265.082405][ T29] usb 10-1: config 0 has no interfaces? [ 265.085783][ T29] usb 10-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89 [ 265.089469][ T29] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 265.092802][ T29] usb 10-1: Product: syz [ 265.094165][ T29] usb 10-1: Manufacturer: syz [ 265.095611][ T29] usb 10-1: SerialNumber: syz [ 265.098229][ T29] usb 10-1: config 0 descriptor?? [ 265.314024][ T29] usb 10-1: USB disconnect, device number 15 [ 265.459234][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 266.018198][T19857] netlink: 'syz.6.6125': attribute type 12 has an invalid length. [ 266.021750][T19857] netlink: 'syz.6.6125': attribute type 29 has an invalid length. [ 266.024257][T19857] netlink: 148 bytes leftover after parsing attributes in process `syz.6.6125'. [ 266.027106][T19857] netlink: 43 bytes leftover after parsing attributes in process `syz.6.6125'. [ 266.151264][T19866] netlink: 'syz.6.6129': attribute type 4 has an invalid length. [ 266.159352][T19866] netlink: 'syz.6.6129': attribute type 4 has an invalid length. [ 266.194483][T19868] 9pnet_fd: Insufficient options for proto=fd [ 266.489239][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 266.769412][ T29] usb 10-1: new high-speed USB device number 16 using dummy_hcd [ 266.930443][ T29] usb 10-1: config index 0 descriptor too short (expected 45, got 36) [ 266.933104][ T29] usb 10-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 266.936734][ T29] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 266.940909][ T29] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 266.945451][ T29] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 266.950566][ T29] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 266.954227][ T29] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 266.959463][ T29] usb 10-1: config 0 descriptor?? [ 266.962310][T19893] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22 [ 267.377826][ T29] plantronics 0003:047F:FFFF.0019: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0 [ 267.539201][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 267.637561][ T6988] usb 10-1: USB disconnect, device number 16 [ 268.579204][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 268.805345][T19966] netlink: 4 bytes leftover after parsing attributes in process `syz.6.6171'. [ 268.809452][T19966] netlink: 4 bytes leftover after parsing attributes in process `syz.6.6171'. [ 269.142084][ T40] audit: type=1326 audit(2000000951.683:2949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19984 comm="syz.6.6178" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf701d579 code=0x0 [ 269.210787][ C3] bridge0: port 4(syz_tun) entered learning state [ 269.619207][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 269.969412][ T29] usb 10-1: new high-speed USB device number 17 using dummy_hcd [ 270.129201][ T29] usb 10-1: Using ep0 maxpacket: 8 [ 270.132044][ T29] usb 10-1: config 0 interface 0 has no altsetting 0 [ 270.134231][ T29] usb 10-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 270.137663][ T29] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 270.141817][ T29] usb 10-1: config 0 descriptor?? [ 270.233321][T20050] fuse: Bad value for 'fd' [ 270.553630][ T29] mcp2221 0003:04D8:00DD.001A: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.5-1/input0 [ 270.588849][T20066] macvlan2: entered promiscuous mode [ 270.591082][T20066] macvlan2: entered allmulticast mode [ 270.593002][T20066] gretap0: entered allmulticast mode [ 270.649246][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 270.757267][ T29] usb 10-1: USB disconnect, device number 17 [ 271.466564][T20127] netlink: 212368 bytes leftover after parsing attributes in process `syz.6.6241'. [ 271.699242][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 272.729229][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 273.769210][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 273.939224][ T5938] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 273.939420][ T5941] Bluetooth: hci4: command 0x1003 tx timeout [ 273.972120][T20229] loop3: detected capacity change from 0 to 7 [ 273.977383][T20229] Dev loop3: unable to read RDB block 7 [ 273.979892][T20229] loop3: AHDI p1 [ 273.981188][T20229] loop3: partition table partially beyond EOD, truncated [ 274.596292][ T2299] libceph: connect (1)[c::]:6789 error -101 [ 274.599586][ T2299] libceph: mon0 (1)[c::]:6789 connect error [ 274.685044][T20274] ceph: No mds server is up or the cluster is laggy [ 274.819205][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 274.833468][T20292] input: syz0 as /devices/virtual/input/input43 [ 274.931141][ T1326] libceph: connect (1)[c::]:6789 error -101 [ 274.933247][ T1326] libceph: mon0 (1)[c::]:6789 connect error [ 274.982272][ T2299] libceph: connect (1)[c::]:6789 error -101 [ 274.984241][ T2299] libceph: mon0 (1)[c::]:6789 connect error [ 275.090461][T20315] netlink: 240 bytes leftover after parsing attributes in process `syz.7.6315'. [ 275.191740][ T1326] libceph: connect (1)[c::]:6789 error -101 [ 275.194415][ T1326] libceph: mon0 (1)[c::]:6789 connect error [ 275.239443][ T2299] libceph: connect (1)[c::]:6789 error -101 [ 275.242067][ T2299] libceph: mon0 (1)[c::]:6789 connect error [ 275.449341][ T5943] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 275.449396][ T5938] Bluetooth: hci5: command 0x1003 tx timeout [ 275.699868][T15424] libceph: connect (1)[c::]:6789 error -101 [ 275.704271][T15424] libceph: mon0 (1)[c::]:6789 connect error [ 275.760625][T20305] ceph: No mds server is up or the cluster is laggy [ 275.760779][ T2299] libceph: connect (1)[c::]:6789 error -101 [ 275.763716][T20309] ceph: No mds server is up or the cluster is laggy [ 275.764820][ T2299] libceph: mon0 (1)[c::]:6789 connect error [ 275.849207][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 275.974764][T20356] netlink: 8 bytes leftover after parsing attributes in process `syz.7.6332'. [ 275.978793][T20356] netlink: 8 bytes leftover after parsing attributes in process `syz.7.6332'. [ 276.038529][T20360] syzkaller1: entered promiscuous mode [ 276.041187][T20360] syzkaller1: entered allmulticast mode [ 276.650582][T20409] netlink: 212368 bytes leftover after parsing attributes in process `syz.6.6355'. [ 276.821236][ T40] audit: type=1326 audit(2000000967.362:2950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20418 comm="syz.6.6359" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x0 [ 276.899275][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 277.001764][T20429] loop7: detected capacity change from 0 to 16384 [ 277.384764][T20450] 9pnet_fd: Insufficient options for proto=fd [ 277.623126][T20467] ALSA: seq fatal error: cannot create timer (-16) [ 277.868959][T20484] netlink: 12 bytes leftover after parsing attributes in process `syz.7.6385'. [ 277.929196][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 278.524991][T20545] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6412'. [ 278.969416][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 279.683892][ T40] audit: type=1326 audit(2000000970.222:2951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20591 comm="syz.7.6433" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad579 code=0x7fc00000 [ 280.009321][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 280.305350][ T40] audit: type=1326 audit(2000000970.842:2952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20591 comm="syz.7.6433" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf70ad579 code=0x7fc00000 [ 280.503876][T20675] loop3: detected capacity change from 0 to 7 [ 280.506341][T20675] Dev loop3: unable to read RDB block 7 [ 280.508816][T20675] loop3: unable to read partition table [ 280.511744][T20675] loop3: partition table beyond EOD, truncated [ 280.513705][T20675] loop_reread_partitions: partition scan of loop3 (被x ) failed (rc=-5) [ 280.784439][T20697] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6476'. [ 281.049177][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 281.406011][T20684] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 282.099233][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 282.763059][T20812] netlink: 96 bytes leftover after parsing attributes in process `syz.6.6528'. [ 282.897516][T20823] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6533'. [ 283.129232][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 283.612472][T20879] netlink: 'syz.5.6556': attribute type 2 has an invalid length. [ 283.617470][T20879] netlink: 532 bytes leftover after parsing attributes in process `syz.5.6556'. [ 283.803542][T20885] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6559'. [ 283.807332][T20885] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6559'. [ 283.980343][T20889] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 284.169219][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 284.327888][T20915] netlink: 'syz.6.6573': attribute type 4 has an invalid length. [ 284.336921][T20915] netlink: 'syz.6.6573': attribute type 4 has an invalid length. [ 284.646037][T20943] netlink: 8 bytes leftover after parsing attributes in process `syz.7.6586'. [ 285.033257][T20966] netlink: 12 bytes leftover after parsing attributes in process `syz.7.6594'. [ 285.036173][T20966] bridge_slave_0: default FDB implementation only supports local addresses [ 285.040269][T20966] netlink: 12 bytes leftover after parsing attributes in process `syz.7.6594'. [ 285.043072][T20966] bridge_slave_0: default FDB implementation only supports local addresses [ 285.219209][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 285.346634][T20990] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6605'. [ 285.509787][T21007] netlink: 'syz.6.6613': attribute type 12 has an invalid length. [ 285.512191][T21007] netlink: 'syz.6.6613': attribute type 29 has an invalid length. [ 285.514658][T21007] netlink: 'syz.6.6613': attribute type 2 has an invalid length. [ 285.517823][T21007] netlink: 'syz.6.6613': attribute type 3 has an invalid length. [ 285.571463][T21013] netlink: 'syz.1.6615': attribute type 4 has an invalid length. [ 285.575860][T21013] netlink: 'syz.1.6615': attribute type 4 has an invalid length. [ 285.681424][T21025] input: syz1 as /devices/virtual/input/input44 [ 285.739228][ T6020] usb 12-1: new high-speed USB device number 8 using dummy_hcd [ 285.890108][ T6020] usb 12-1: Using ep0 maxpacket: 8 [ 285.894085][ T6020] usb 12-1: config index 0 descriptor too short (expected 301, got 45) [ 285.898201][ T6020] usb 12-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 285.902786][ T6020] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 285.907155][ T6020] usb 12-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12336, setting to 1024 [ 285.911527][ T6020] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 285.914698][ T6020] usb 12-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 285.918694][ T6020] usb 12-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 285.922299][ T6020] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 285.940346][T21045] __nla_validate_parse: 7 callbacks suppressed [ 285.940357][T21045] netlink: 51 bytes leftover after parsing attributes in process `syz.1.6631'. [ 285.943189][T21047] netlink: 'syz.5.6633': attribute type 12 has an invalid length. [ 285.947646][T21047] netlink: 148 bytes leftover after parsing attributes in process `syz.5.6633'. [ 286.006191][T21057] overlayfs: failed to clone upperpath [ 286.050273][T21062] input: syz0 as /devices/virtual/input/input45 [ 286.136953][ T6020] usb 12-1: GET_CAPABILITIES returned 0 [ 286.151170][ T6020] usbtmc 12-1:16.0: can't read capabilities [ 286.259210][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 286.341846][T15424] usb 12-1: USB disconnect, device number 8 [ 286.655670][T21119] input: syz0 as /devices/virtual/input/input46 [ 286.703443][T21122] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6665'. [ 286.712084][T21122] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6665'. [ 286.715126][T21122] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6665'. [ 286.718706][T21122] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6665'. [ 286.722145][T21122] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6665'. [ 287.003124][T21145] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6675'. [ 287.299205][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 287.664711][T21194] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6698'. [ 287.852770][ T40] audit: type=1326 audit(2000000978.392:2953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21205 comm="syz.1.6703" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 287.864553][ T40] audit: type=1326 audit(2000000978.392:2954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21205 comm="syz.1.6703" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 287.874659][ T40] audit: type=1326 audit(2000000978.402:2955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21205 comm="syz.1.6703" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 287.884710][ T40] audit: type=1326 audit(2000000978.402:2956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21205 comm="syz.1.6703" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 287.894319][ T40] audit: type=1326 audit(2000000978.402:2957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21205 comm="syz.1.6703" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 287.904496][ T40] audit: type=1326 audit(2000000978.412:2958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21205 comm="syz.1.6703" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 287.913615][ T40] audit: type=1326 audit(2000000978.442:2959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21205 comm="syz.1.6703" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 287.923499][ T40] audit: type=1326 audit(2000000978.442:2960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21205 comm="syz.1.6703" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 287.933226][ T40] audit: type=1326 audit(2000000978.442:2961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21205 comm="syz.1.6703" exe="/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 287.942840][ T40] audit: type=1326 audit(2000000978.462:2962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21205 comm="syz.1.6703" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 288.149519][T21229] netlink: 64 bytes leftover after parsing attributes in process `syz.6.6714'. [ 288.329335][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 289.369168][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 290.409222][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 291.459219][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 292.489406][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 293.529467][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 294.579298][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 295.619207][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 296.649339][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 297.699192][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 298.739191][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 299.289250][ C3] bridge0: port 4(syz_tun) entered forwarding state [ 299.291894][ C3] bridge0: topology change detected, propagating [ 299.769252][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 300.809195][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 301.849332][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 302.889258][ C3] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 303.929221][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 304.553888][T21313] validate_nla: 1 callbacks suppressed [ 304.553900][T21313] netlink: 'syz.6.6751': attribute type 16 has an invalid length. [ 304.558490][T21313] netlink: 'syz.6.6751': attribute type 17 has an invalid length. [ 304.564295][T21313] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 304.614827][ T5938] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 304.622188][ T5938] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 304.627986][ T5938] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 304.631737][ T5938] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 304.636164][ T5938] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 304.664982][T12011] bridge0: port 4(syz_tun) entered disabled state [ 304.673807][T12011] syz_tun (unregistering): left allmulticast mode [ 304.675865][T12011] syz_tun (unregistering): left promiscuous mode [ 304.677908][T12011] bridge0: port 4(syz_tun) entered disabled state [ 304.685331][T21332] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 304.707293][T21333] netlink: 'syz.6.6755': attribute type 4 has an invalid length. [ 304.730004][T21328] netlink: 'syz.6.6755': attribute type 4 has an invalid length. [ 304.828156][T21321] chnl_net:caif_netlink_parms(): no params data found [ 304.888533][ T40] kauditd_printk_skb: 23 callbacks suppressed [ 304.888544][ T40] audit: type=1326 audit(2000000995.422:2986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21351 comm="syz.1.6764" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fe7579 code=0x0 [ 304.965314][T21321] bridge0: port 1(bridge_slave_0) entered blocking state [ 304.968381][T21321] bridge0: port 1(bridge_slave_0) entered disabled state [ 304.971522][T21321] bridge_slave_0: entered allmulticast mode [ 304.975573][T21321] bridge_slave_0: entered promiscuous mode [ 304.979332][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 304.980465][T21321] bridge0: port 2(bridge_slave_1) entered blocking state [ 304.984681][T21321] bridge0: port 2(bridge_slave_1) entered disabled state [ 304.985316][T21359] __nla_validate_parse: 1 callbacks suppressed [ 304.985328][T21359] netlink: 4 bytes leftover after parsing attributes in process `syz.6.6766'. [ 304.987516][T21321] bridge_slave_1: entered allmulticast mode [ 304.995279][T21359] netlink: 4 bytes leftover after parsing attributes in process `syz.6.6766'. [ 304.996969][T21321] bridge_slave_1: entered promiscuous mode [ 305.046548][T21321] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 305.051105][T21321] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 305.088039][T21321] team0: Port device team_slave_0 added [ 305.091425][T21321] team0: Port device team_slave_1 added [ 305.126099][T21321] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 305.128737][T21321] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 305.138213][T21321] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 305.144049][T21321] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 305.146684][T21321] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 305.155490][T21321] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 305.205485][T21321] hsr_slave_0: entered promiscuous mode [ 305.208126][T21321] hsr_slave_1: entered promiscuous mode [ 305.210444][T21321] debugfs: 'hsr0' already exists in 'hsr' [ 305.212318][T21321] Cannot create hsr debugfs directory [ 305.317281][T17077] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 305.400581][T17077] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 305.475502][T17077] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 305.503033][T21321] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 305.508030][T21321] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 305.512332][T21321] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 305.517102][T21321] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 305.550143][T17077] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 305.559998][T21321] bridge0: port 2(bridge_slave_1) entered blocking state [ 305.562291][T21321] bridge0: port 2(bridge_slave_1) entered forwarding state [ 305.564630][T21321] bridge0: port 1(bridge_slave_0) entered blocking state [ 305.566945][T21321] bridge0: port 1(bridge_slave_0) entered forwarding state [ 305.598030][T21321] 8021q: adding VLAN 0 to HW filter on device bond0 [ 305.607843][T21321] 8021q: adding VLAN 0 to HW filter on device team0 [ 305.614038][T17096] bridge0: port 1(bridge_slave_0) entered disabled state [ 305.618116][T17096] bridge0: port 2(bridge_slave_1) entered disabled state [ 305.648545][T17111] bridge0: port 1(bridge_slave_0) entered blocking state [ 305.650846][T17111] bridge0: port 1(bridge_slave_0) entered forwarding state [ 305.665373][T17096] bridge0: port 2(bridge_slave_1) entered blocking state [ 305.668294][T17096] bridge0: port 2(bridge_slave_1) entered forwarding state [ 305.676322][T17077] erspan0: left allmulticast mode [ 305.678498][T17077] erspan0: left promiscuous mode [ 305.680731][T17077] bridge0: port 3(erspan0) entered disabled state [ 305.683713][T17077] bridge_slave_1: left allmulticast mode [ 305.685487][T17077] bridge_slave_1: left promiscuous mode [ 305.687567][T17077] bridge0: port 2(bridge_slave_1) entered disabled state [ 305.692034][T17077] bridge_slave_0: left allmulticast mode [ 305.693834][T17077] bridge_slave_0: left promiscuous mode [ 305.695710][T17077] bridge0: port 1(bridge_slave_0) entered disabled state [ 305.703863][T17077] batman_adv: batadv0: Interface deactivated: gretap1 [ 305.833771][T21397] xt_hashlimit: size too large, truncated to 1048576 [ 305.874000][T21397] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 305.878385][T17077] batman_adv: batadv0: Removing interface: gretap1 [ 306.019257][ C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 306.206401][T17077] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 306.213341][T17077] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 306.217193][T17077] bond0 (unregistering): Released all slaves [ 306.223491][T17077] bond1 (unregistering): Released all slaves [ 306.338964][T17077] tipc: Disabling bearer [ 306.347582][T17077] tipc: Left network mode [ 306.375839][T21321] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 306.508125][T21321] veth0_vlan: entered promiscuous mode [ 306.513591][T21321] veth1_vlan: entered promiscuous mode [ 306.533753][T21321] veth0_macvtap: entered promiscuous mode [ 306.551869][T17077] hsr_slave_0: left promiscuous mode [ 306.554075][T17077] hsr_slave_1: left promiscuous mode [ 306.556059][T17077] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 306.558445][T17077] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 306.561421][T17077] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 306.563807][T17077] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 306.587275][T17077] veth1_macvtap: left promiscuous mode [ 306.589498][T17077] veth1_vlan: left promiscuous mode [ 306.591157][T17077] veth0_vlan: left promiscuous mode [ 306.649446][ T5938] Bluetooth: hci4: command tx timeout [ 306.840906][T21460] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 306.843921][T21460] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 306.848362][T21460] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 306.852494][T21460] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 307.264038][T17077] team0 (unregistering): Port device team_slave_1 removed [ 307.783820][T21321] veth1_macvtap: entered promiscuous mode [ 307.796874][T21321] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 307.803966][T21321] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 307.811532][T17081] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 307.820206][T17081] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 307.823584][T17081] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 307.828336][T17081] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 307.872263][T17081] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 307.874731][T17081] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 307.897994][T17081] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 307.901704][T17081] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 308.155688][T17077] IPVS: stop unused estimator thread 0... [ 308.349220][ T5999] usb 12-1: new high-speed USB device number 9 using dummy_hcd [ 308.499249][ T5999] usb 12-1: Using ep0 maxpacket: 32 [ 308.502942][ T5999] usb 12-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 308.509578][ T5999] usb 12-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 308.512439][ T5999] usb 12-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 308.515141][ T5999] usb 12-1: Product: syz [ 308.516812][ T5999] usb 12-1: Manufacturer: syz [ 308.518790][ T5999] usb 12-1: SerialNumber: syz [ 308.521881][ T5999] usb 12-1: config 0 descriptor?? [ 308.524313][T21511] raw-gadget.1 gadget.7: fail, usb_ep_enable returned -22 [ 308.527748][ T5999] hub 12-1:0.0: bad descriptor, ignoring hub [ 308.530260][ T5999] hub 12-1:0.0: probe with driver hub failed with error -5 [ 308.729265][ T5938] Bluetooth: hci4: command tx timeout [ 308.839374][ T5999] usb 12-1: USB disconnect, device number 9 [ 308.889342][ C1] net_ratelimit: 1 callbacks suppressed [ 308.889354][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 308.894631][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 309.801635][T21543] netlink: 4 bytes leftover after parsing attributes in process `syz.6.6838'. [ 309.805641][T21543] netlink: 4 bytes leftover after parsing attributes in process `syz.6.6838'. [ 309.842062][T21545] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6839'. [ 309.972918][T21554] netlink: 'syz.6.6843': attribute type 16 has an invalid length. [ 309.975330][T21554] netlink: 'syz.6.6843': attribute type 17 has an invalid length. [ 309.981686][T21554] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 310.302483][T21568] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6849'. [ 310.589875][T21584] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 310.592990][T21584] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 310.595807][T21584] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 310.599896][T21584] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 310.607883][T21584] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 310.732807][T21600] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6861'. [ 310.809595][ T5938] Bluetooth: hci4: command tx timeout [ 310.931446][ T6988] libceph: connect (1)[c::]:6789 error -101 [ 310.934043][ T6988] libceph: mon0 (1)[c::]:6789 connect error [ 311.133938][T21624] syzkaller1: tun_chr_ioctl cmd 1074025677 [ 311.135846][T21624] syzkaller1: Refused to change device type [ 311.194283][ T6988] libceph: connect (1)[c::]:6789 error -101 [ 311.197319][ T6988] libceph: mon0 (1)[c::]:6789 connect error [ 311.552968][T21634] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 311.555830][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 311.712097][ T6988] libceph: connect (1)[c::]:6789 error -101 [ 311.715076][ T6988] libceph: mon0 (1)[c::]:6789 connect error [ 311.759878][T21614] ceph: No mds server is up or the cluster is laggy [ 311.819785][T21660] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6882'. [ 311.836569][T21660] vxlan2: entered promiscuous mode [ 311.989334][T21670] netlink: 'syz.6.6889': attribute type 12 has an invalid length. [ 312.028187][T21675] netlink: 'syz.6.6891': attribute type 1 has an invalid length. [ 312.042848][T21675] bond2: entered promiscuous mode [ 312.044515][T21675] bond2: entered allmulticast mode [ 312.095316][T21675] bond2: (slave erspan1): making interface the new active one [ 312.097659][T21675] erspan1: entered promiscuous mode [ 312.099501][T21675] erspan1: entered allmulticast mode [ 312.101631][T21675] bond2: (slave erspan1): Enslaving as an active interface with an up link [ 312.849319][ T1464] psmouse serio8: Failed to reset mouse on : -5 [ 312.889251][ T5938] Bluetooth: hci4: command tx timeout [ 314.984190][ T40] audit: type=1326 audit(2000001005.522:2987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21802 comm="syz.8.6946" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fd7579 code=0x0 [ 315.624220][ T40] audit: type=1326 audit(2000001006.162:2988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21847 comm="syz.1.6964" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 315.633620][ T40] audit: type=1326 audit(2000001006.162:2989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21847 comm="syz.1.6964" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 315.640165][ T40] audit: type=1326 audit(2000001006.162:2990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21847 comm="syz.1.6964" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fe7598 code=0x7ffc0000 [ 315.647690][ T40] audit: type=1326 audit(2000001006.162:2991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21847 comm="syz.1.6964" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 315.654255][ T40] audit: type=1326 audit(2000001006.162:2992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21847 comm="syz.1.6964" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 315.661028][ T40] audit: type=1326 audit(2000001006.162:2993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21847 comm="syz.1.6964" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fe7598 code=0x7ffc0000 [ 315.667381][ T40] audit: type=1326 audit(2000001006.162:2994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21847 comm="syz.1.6964" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fe7598 code=0x7ffc0000 [ 315.673803][ T40] audit: type=1326 audit(2000001006.162:2995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21847 comm="syz.1.6964" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 315.680187][ T40] audit: type=1326 audit(2000001006.162:2996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21847 comm="syz.1.6964" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fe7598 code=0x7ffc0000 [ 316.719223][ T1464] misc userio: Buffer overflowed, userio client isn't keeping up [ 317.780946][ T1464] input: PS/2 Generic Mouse as /devices/serio8/input/input47 [ 317.999621][ T1464] psmouse serio8: Failed to enable mouse on [ 318.617826][T21955] overlayfs: failed to clone upperpath [ 319.657084][T22006] netlink: 212368 bytes leftover after parsing attributes in process `syz.6.7029'. [ 320.553706][T22028] netlink: 'syz.7.7039': attribute type 1 has an invalid length. [ 320.565793][T22028] bond2: entered promiscuous mode [ 320.567758][T22028] 8021q: adding VLAN 0 to HW filter on device bond2 [ 320.586210][T22028] 8021q: adding VLAN 0 to HW filter on device bond3 [ 320.590363][T22028] bond2: (slave bond3): making interface the new active one [ 320.593161][T22028] bond3: entered promiscuous mode [ 320.595662][T22028] bond2: (slave bond3): Enslaving as an active interface with an up link [ 321.023987][T22040] netlink: 4 bytes leftover after parsing attributes in process `syz.8.7043'. [ 321.692610][ T1417] ieee802154 phy0 wpan0: encryption failed: -22 [ 323.283217][T22129] overlayfs: failed to clone upperpath [ 323.287351][T22129] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 323.297017][T22129] overlayfs: missing 'lowerdir' [ 323.549432][ T29] usb 12-1: new high-speed USB device number 10 using dummy_hcd [ 323.572349][T22156] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7096'. [ 323.577858][T22156] tipc: New replicast peer: 255.255.255.255 [ 323.581931][T22156] tipc: Enabled bearer , priority 10 [ 323.611420][T22159] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 323.614502][T22159] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 323.617222][T22159] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 323.620194][T22159] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 323.623136][T22159] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 323.626855][T22159] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 323.629557][T22159] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 323.632922][T22158] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 323.720587][ T29] usb 12-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x11, changing to 0x1 [ 323.724141][ T29] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 323.728906][ T29] usb 12-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 323.732269][ T29] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 323.735578][ T29] usb 12-1: Product: syz [ 323.737756][ T29] usb 12-1: Manufacturer: syz [ 323.741206][ T29] usb 12-1: SerialNumber: syz [ 323.745044][ T29] usb 12-1: config 0 descriptor?? [ 324.161519][ T29] usb 12-1: USB disconnect, device number 10 [ 324.501414][ T5938] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201' [ 324.504695][ T5938] CPU: 0 UID: 0 PID: 5938 Comm: kworker/u33:2 Not tainted syzkaller #0 PREEMPT(full) [ 324.504712][ T5938] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 324.504719][ T5938] Workqueue: hci4 hci_rx_work [ 324.504737][ T5938] Call Trace: [ 324.504741][ T5938] [ 324.504746][ T5938] dump_stack_lvl+0x16c/0x1f0 [ 324.504761][ T5938] sysfs_warn_dup+0x7f/0xa0 [ 324.504776][ T5938] sysfs_create_dir_ns+0x24b/0x2b0 [ 324.504791][ T5938] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 324.504805][ T5938] ? find_held_lock+0x2b/0x80 [ 324.504820][ T5938] ? do_raw_spin_unlock+0x172/0x230 [ 324.504832][ T5938] kobject_add_internal+0x2c4/0x9b0 [ 324.504855][ T5938] kobject_add+0x16e/0x240 [ 324.504870][ T5938] ? __pfx_kobject_add+0x10/0x10 [ 324.504886][ T5938] ? do_raw_spin_unlock+0x172/0x230 [ 324.504905][ T5938] ? kobject_put+0xab/0x5a0 [ 324.504924][ T5938] device_add+0x288/0x1aa0 [ 324.504943][ T5938] ? __pfx_dev_set_name+0x10/0x10 [ 324.504955][ T5938] ? __pfx_device_add+0x10/0x10 [ 324.504973][ T5938] ? mgmt_send_event_skb+0x2fb/0x460 [ 324.504992][ T5938] hci_conn_add_sysfs+0x17e/0x230 [ 324.505007][ T5938] le_conn_complete_evt+0x1260/0x2150 [ 324.505023][ T5938] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 324.505034][ T5938] ? hci_event_packet+0x459/0x11c0 [ 324.505049][ T5938] hci_le_enh_conn_complete_evt+0x23d/0x380 [ 324.505061][ T5938] ? skb_pull_data+0x166/0x210 [ 324.505081][ T5938] hci_le_meta_evt+0x357/0x5e0 [ 324.505093][ T5938] ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10 [ 324.505107][ T5938] hci_event_packet+0x685/0x11c0 [ 324.505119][ T5938] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 324.505132][ T5938] ? __pfx_hci_event_packet+0x10/0x10 [ 324.505145][ T5938] ? kcov_remote_start+0x3c9/0x6d0 [ 324.505155][ T5938] ? lockdep_hardirqs_on+0x7c/0x110 [ 324.505173][ T5938] hci_rx_work+0x2c5/0x16b0 [ 324.505186][ T5938] ? rcu_is_watching+0x12/0xc0 [ 324.505200][ T5938] process_one_work+0x9cf/0x1b70 [ 324.505224][ T5938] ? __pfx_process_one_work+0x10/0x10 [ 324.505245][ T5938] ? assign_work+0x1a0/0x250 [ 324.505264][ T5938] worker_thread+0x6c8/0xf10 [ 324.505285][ T5938] ? __kthread_parkme+0x19e/0x250 [ 324.505305][ T5938] ? __pfx_worker_thread+0x10/0x10 [ 324.505322][ T5938] kthread+0x3c5/0x780 [ 324.505345][ T5938] ? __pfx_kthread+0x10/0x10 [ 324.505371][ T5938] ? rcu_is_watching+0x12/0xc0 [ 324.505387][ T5938] ? __pfx_kthread+0x10/0x10 [ 324.505412][ T5938] ret_from_fork+0x675/0x7d0 [ 324.505435][ T5938] ? __pfx_kthread+0x10/0x10 [ 324.505458][ T5938] ret_from_fork_asm+0x1a/0x30 [ 324.505493][ T5938] [ 324.505518][ T5938] kobject: kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 324.592221][ T5938] Bluetooth: hci4: failed to register connection device [ 325.282084][T22178] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 325.284080][T22178] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 325.286002][T22178] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 325.288304][T22178] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 325.292495][T22178] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 325.294360][T22178] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 325.296875][T22178] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 325.300068][T22178] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 325.494509][T22214] vhci_hcd vhci_hcd.0: pdev(8) rhport(0) sockfd(4) [ 325.496550][T22214] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 325.499220][T22214] vhci_hcd vhci_hcd.0: Device attached [ 325.502802][T22215] vhci_hcd: connection closed [ 325.503871][T17053] vhci_hcd: stop threads [ 325.506923][T17053] vhci_hcd: release socket [ 325.508286][T17053] vhci_hcd: disconnect device [ 325.515431][T22219] netlink: 'syz.7.7123': attribute type 21 has an invalid length. [ 325.517820][T22219] netlink: 'syz.7.7123': attribute type 22 has an invalid length. [ 325.520312][T22219] netlink: 'syz.7.7123': attribute type 23 has an invalid length. [ 325.522718][T22219] netlink: 'syz.7.7123': attribute type 25 has an invalid length. [ 325.525057][T22219] netlink: 'syz.7.7123': attribute type 26 has an invalid length. [ 325.527348][T22219] netlink: 16 bytes leftover after parsing attributes in process `syz.7.7123'. [ 325.561533][T22221] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7124'. [ 326.307809][T22246] netlink: 'syz.6.7134': attribute type 12 has an invalid length. [ 326.312186][T22246] netlink: 'syz.6.7134': attribute type 29 has an invalid length. [ 326.314763][T22246] netlink: 148 bytes leftover after parsing attributes in process `syz.6.7134'. [ 326.317907][T22246] netlink: 'syz.6.7134': attribute type 2 has an invalid length. [ 326.320417][T22246] netlink: 23 bytes leftover after parsing attributes in process `syz.6.7134'. [ 326.359243][ T6007] usb 12-1: new high-speed USB device number 11 using dummy_hcd [ 326.569292][ T5938] Bluetooth: hci3: command 0x0c1a tx timeout [ 326.691962][ T6007] usb 12-1: unable to get BOS descriptor or descriptor too short [ 326.694903][ T6007] usb 12-1: unable to read config index 0 descriptor/start: -71 [ 326.697201][ T6007] usb 12-1: can't read configurations, error -71 [ 326.839480][ T59] usb 13-1: new high-speed USB device number 2 using dummy_hcd [ 326.990913][ T59] usb 13-1: config 0 has no interfaces? [ 326.994262][ T59] usb 13-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b [ 326.997429][ T59] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 327.000011][ T59] usb 13-1: Product: syz [ 327.001530][ T59] usb 13-1: Manufacturer: syz [ 327.002968][ T59] usb 13-1: SerialNumber: syz [ 327.005632][ T59] usb 13-1: config 0 descriptor?? [ 327.254316][ T59] usb 13-1: USB disconnect, device number 2 [ 327.289406][ T5938] Bluetooth: hci1: command 0x0c1a tx timeout [ 327.369256][ T5938] Bluetooth: hci4: command 0x0c1a tx timeout [ 328.143622][T22308] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null. [ 328.151865][T22308] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 328.248318][T22314] netlink: 25 bytes leftover after parsing attributes in process `syz.7.7160'. [ 328.292231][T22318] batadv_slave_1: entered promiscuous mode [ 328.295516][T22318] batadv_slave_1: left promiscuous mode [ 328.999456][ T5999] usb 13-1: new high-speed USB device number 3 using dummy_hcd [ 329.169323][ T5999] usb 13-1: Using ep0 maxpacket: 16 [ 329.173514][ T5999] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 329.180933][ T5999] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 329.189987][ T5999] usb 13-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 329.200864][ T5999] usb 13-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 329.208004][ T5999] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 329.218929][ T5999] usb 13-1: config 0 descriptor?? [ 329.369536][ T5938] Bluetooth: hci1: command 0x0c1a tx timeout [ 329.449441][ T5938] Bluetooth: hci4: command 0x0c1a tx timeout [ 329.728005][ T5999] hid_parser_main: 23 callbacks suppressed [ 329.728017][ T5999] shield 0003:0955:7214.001B: unknown main item tag 0x0 [ 329.732179][ T5999] shield 0003:0955:7214.001B: unknown main item tag 0x0 [ 329.734592][ T5999] shield 0003:0955:7214.001B: unknown main item tag 0x0 [ 329.736725][ T5999] shield 0003:0955:7214.001B: unknown main item tag 0x0 [ 329.738793][ T5999] shield 0003:0955:7214.001B: unknown main item tag 0x0 [ 329.742054][ T5999] input: HID 0955:7214 Haptics as /devices/virtual/input/input48 [ 329.751634][ T5999] shield 0003:0955:7214.001B: Registered Thunderstrike controller [ 329.754313][ T5999] shield 0003:0955:7214.001B: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.8-1/input0 [ 329.772315][T22350] syz.7.7174 (22350) used greatest stack depth: 19368 bytes left [ 329.942634][T22352] netlink: 'syz.8.7175': attribute type 2 has an invalid length. [ 329.945256][T22352] netlink: 244 bytes leftover after parsing attributes in process `syz.8.7175'. [ 329.948874][ T5999] shield 0003:0955:7214.001B: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO [ 329.954340][ T6988] usb 13-1: USB disconnect, device number 3 [ 329.958661][ T5999] shield 0003:0955:7214.001B: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO [ 329.964595][ T5999] shield 0003:0955:7214.001B: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 329.967926][ T5999] shield 0003:0955:7214.001B: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 330.579509][ T40] kauditd_printk_skb: 360 callbacks suppressed [ 330.579520][ T40] audit: type=1326 audit(2000001021.122:3357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22402 comm="syz.1.7197" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7fc00000 [ 330.971599][ T40] audit: type=1326 audit(2000001021.512:3358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22433 comm="syz.6.7210" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 330.978003][ T40] audit: type=1326 audit(2000001021.512:3359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22433 comm="syz.6.7210" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 330.985293][ T40] audit: type=1326 audit(2000001021.512:3360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22433 comm="syz.6.7210" exe="/syz-executor" sig=0 arch=40000003 syscall=430 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 330.991891][ T40] audit: type=1326 audit(2000001021.512:3361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22433 comm="syz.6.7210" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 330.998565][ T40] audit: type=1326 audit(2000001021.512:3362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22433 comm="syz.6.7210" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 331.005143][ T40] audit: type=1326 audit(2000001021.512:3363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22433 comm="syz.6.7210" exe="/syz-executor" sig=0 arch=40000003 syscall=431 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 331.008666][T15424] libceph: connect (1)[c::]:6789 error -101 [ 331.011966][ T40] audit: type=1326 audit(2000001021.512:3364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22433 comm="syz.6.7210" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 331.013759][T15424] libceph: mon0 (1)[c::]:6789 connect error [ 331.020156][ T40] audit: type=1326 audit(2000001021.512:3365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22433 comm="syz.6.7210" exe="/syz-executor" sig=0 arch=40000003 syscall=432 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 331.020180][ T40] audit: type=1326 audit(2000001021.512:3366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22433 comm="syz.6.7210" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 331.060197][ T29] libceph: connect (1)[b::]:6789 error -101 [ 331.062288][ T29] libceph: mon0 (1)[b::]:6789 connect error [ 331.279875][T15424] libceph: connect (1)[c::]:6789 error -101 [ 331.281844][T15424] libceph: mon0 (1)[c::]:6789 connect error [ 331.330123][ T29] libceph: connect (1)[b::]:6789 error -101 [ 331.332086][ T29] libceph: mon0 (1)[b::]:6789 connect error [ 331.425504][T22443] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 331.428343][T22443] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 331.431149][T22443] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 331.433848][T22443] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 331.436636][T22443] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 331.439944][T22443] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 331.442700][T22442] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 331.449297][ T5938] Bluetooth: hci1: command 0x0c1a tx timeout [ 331.529247][ T5938] Bluetooth: hci4: command 0x0c1a tx timeout [ 331.552153][T22452] syzkaller1: entered promiscuous mode [ 331.554540][T22452] syzkaller1: entered allmulticast mode [ 331.799603][T15424] libceph: connect (1)[c::]:6789 error -101 [ 331.801515][T15424] libceph: mon0 (1)[c::]:6789 connect error [ 331.840213][T22439] ceph: No mds server is up or the cluster is laggy [ 331.840220][T22436] ceph: No mds server is up or the cluster is laggy [ 331.849512][ T29] libceph: connect (1)[b::]:6789 error -101 [ 331.851439][ T29] libceph: mon0 (1)[b::]:6789 connect error [ 332.610699][T22513] netlink: 80 bytes leftover after parsing attributes in process `syz.8.7243'. [ 332.666751][T22517] loop3: detected capacity change from 0 to 7 [ 332.669883][T22517] Dev loop3: unable to read RDB block 7 [ 332.671769][T22517] loop3: unable to read partition table [ 332.673597][T22517] loop3: partition table beyond EOD, truncated [ 332.675465][T22517] loop_reread_partitions: partition scan of loop3 (被x ) failed (rc=-5) [ 332.808054][T22527] netlink: 28 bytes leftover after parsing attributes in process `syz.1.7249'. [ 333.365744][T22552] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 333.475969][T22554] netlink: 'syz.1.7260': attribute type 3 has an invalid length. [ 333.619296][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 333.621011][ T5938] Bluetooth: hci4: command 0x0c1a tx timeout [ 333.624378][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 333.726198][T22574] netlink: 96 bytes leftover after parsing attributes in process `syz.1.7269'. [ 333.915001][T22586] netlink: 4 bytes leftover after parsing attributes in process `syz.8.7274'. [ 333.926708][T22586] bond1: entered promiscuous mode [ 333.968633][T22589] binder: 22588:22589 ioctl c0306201 800003c0 returned -14 [ 334.140668][T22602] netlink: 4 bytes leftover after parsing attributes in process `syz.8.7281'. [ 334.419629][T22617] 8021q: adding VLAN 0 to HW filter on device bond2 [ 334.422740][T22617] bridge0: port 1(bond2) entered blocking state [ 334.425345][T22617] bridge0: port 1(bond2) entered disabled state [ 334.427979][T22617] bond2: entered allmulticast mode [ 334.431767][T22617] bond2: entered promiscuous mode [ 334.835357][T22657] comedi comedi2: rti800: I/O port conflict (0x4f27,16) [ 335.040738][T22683] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 335.043358][T22683] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 335.638647][ T40] kauditd_printk_skb: 7 callbacks suppressed [ 335.638659][ T40] audit: type=1326 audit(2000001026.172:3374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22652 comm="syz.6.7305" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7fc00000 [ 336.642418][T22762] overlayfs: overlapping lowerdir path [ 336.650139][T22762] overlayfs: failed to verify upper (159/file0, ino=841, err=-116) [ 336.653903][T22762] overlayfs: failed to verify index dir 'upper' xattr [ 336.656720][T22762] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index. [ 336.695463][T22766] syzkaller1: entered promiscuous mode [ 336.697301][T22766] syzkaller1: entered allmulticast mode [ 336.827874][T22727] net_ratelimit: 26 callbacks suppressed [ 336.827893][T22727] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 336.832864][T22727] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 337.067209][T22787] loop9: detected capacity change from 0 to 7 [ 337.071142][T22787] buffer_io_error: 6 callbacks suppressed [ 337.071151][T22787] Buffer I/O error on dev loop9, logical block 0, async page read [ 337.076997][T22787] Buffer I/O error on dev loop9, logical block 0, async page read [ 337.079946][T22787] Buffer I/O error on dev loop9, logical block 0, async page read [ 337.082390][T22787] Buffer I/O error on dev loop9, logical block 0, async page read [ 337.089777][T22787] Buffer I/O error on dev loop9, logical block 0, async page read [ 337.092674][T22787] Buffer I/O error on dev loop9, logical block 0, async page read [ 337.095282][T22787] Buffer I/O error on dev loop9, logical block 0, async page read [ 337.097917][T22787] ldm_validate_partition_table(): Disk read failed. [ 337.100778][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 337.109221][T22787] Buffer I/O error on dev loop9, logical block 0, async page read [ 337.111872][T22787] Buffer I/O error on dev loop9, logical block 0, async page read [ 337.115640][T22787] Buffer I/O error on dev loop9, logical block 0, async page read [ 337.118977][T22787] Dev loop9: unable to read RDB block 0 [ 337.121265][T22787] loop9: unable to read partition table [ 337.123448][T22787] loop9: partition table beyond EOD, truncated [ 337.125525][T22787] loop_reread_partitions: partition scan of loop9 (被xڬdGݡ [ 337.125525][T22787] ) failed (rc=-5) [ 337.284683][T22812] binder: 22811:22812 ioctl c0306201 800001c0 returned -14 [ 337.317754][T22809] "syz.7.7374" (22809) uses obsolete ecb(arc4) skcipher [ 337.397001][ T40] audit: type=1326 audit(2000001027.932:3375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22824 comm="syz.7.7380" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf70ad579 code=0x0 [ 338.516725][T22896] netlink: 830 bytes leftover after parsing attributes in process `syz.8.7409'. [ 338.521008][ T6007] usb 12-1: new high-speed USB device number 13 using dummy_hcd [ 338.669226][ T6007] usb 12-1: Using ep0 maxpacket: 16 [ 338.672236][ T6007] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 338.676464][ T6007] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 338.680605][ T6007] usb 12-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 338.689340][ T6007] usb 12-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 338.692242][ T6007] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 338.695917][ T6007] usb 12-1: config 0 descriptor?? [ 338.717561][T22901] syz.8.7411 (22901): drop_caches: 2 [ 338.852060][T22907] netlink: 'syz.8.7414': attribute type 21 has an invalid length. [ 338.854644][T22907] netlink: 'syz.8.7414': attribute type 6 has an invalid length. [ 338.857270][T22907] netlink: 132 bytes leftover after parsing attributes in process `syz.8.7414'. [ 339.106410][T22884] random: crng reseeded on system resumption [ 339.114699][ T5938] Bluetooth: hci3: unexpected event for opcode 0x1002 [ 339.128068][T22920] overlayfs: failed to clone upperpath [ 339.128925][ T6007] input: HID 0955:7214 Haptics as /devices/virtual/input/input49 [ 339.145245][ T6007] shield 0003:0955:7214.001C: Registered Thunderstrike controller [ 339.148526][ T6007] shield 0003:0955:7214.001C: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.7-1/input0 [ 339.278988][T22937] tls_set_device_offload: netdev not found [ 339.323645][ T6007] shield 0003:0955:7214.001C: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO [ 339.328156][ T10] usb 12-1: USB disconnect, device number 13 [ 339.334196][ T10] ------------[ cut here ]------------ [ 339.336342][ T10] workqueue: work disable count underflowed [ 339.338742][ T10] WARNING: CPU: 0 PID: 10 at kernel/workqueue.c:4355 enable_work+0x2f8/0x340 [ 339.342161][ T10] Modules linked in: [ 339.343949][ T10] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Not tainted syzkaller #0 PREEMPT(full) [ 339.349014][ T10] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 339.353163][ T10] Workqueue: usb_hub_wq hub_event [ 339.355116][ T10] RIP: 0010:enable_work+0x2f8/0x340 [ 339.357178][ T10] Code: 89 ee e8 9b 96 38 00 45 84 ed 0f 85 29 fe ff ff e8 ad 9b 38 00 c6 05 35 04 e7 0e 01 90 48 c7 c7 20 29 8c 8b e8 c9 1d f7 ff 90 <0f> 0b 90 90 e9 06 fe ff ff 48 89 ef e8 27 46 a0 00 e9 aa fe ff ff [ 339.364666][ T10] RSP: 0018:ffffc900001c73b0 EFLAGS: 00010086 [ 339.367053][ T10] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817adc48 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 339.370254][ T10] RDX: ffff88801d6c8000 RSI: ffffffff817adc55 RDI: 0000000000000001 [ 339.373533][ T10] RBP: ffff88802532f738 R08: 0000000000000001 R09: 0000000000000000 [ 339.376635][ T10] R10: 0000000000000000 R11: 0000000000000001 R12: 1ffff92000038e77 [ 339.379714][ T10] R13: 0000000000000000 R14: ffff88802532f698 R15: ffff88802532f730 [ 339.382791][ T10] FS: 0000000000000000(0000) GS:ffff88809780d000(0000) knlGS:0000000000000000 [ 339.386257][ T10] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 339.388822][ T10] CR2: 00000000f73545d8 CR3: 000000005f0fd000 CR4: 0000000000352ef0 [ 339.391917][ T10] Call Trace: [ 339.393275][ T10] [ 339.394446][ T10] ? __pfx_enable_work+0x10/0x10 [ 339.396398][ T10] ? __thermal_zone_cdev_unbind+0x6c/0x6c0 [ 339.398716][ T10] __cancel_work_sync+0xe7/0x130 [ 339.400682][ T10] thermal_zone_device_unregister+0x28e/0x4d0 [ 339.403058][ T10] ? __pfx_shield_remove+0x10/0x10 [ 339.405090][ T10] power_supply_unregister+0x10a/0x150 [ 339.407219][ T10] shield_remove+0x75/0x130 [ 339.409037][ T10] ? __pfx_shield_remove+0x10/0x10 [ 339.411049][ T10] hid_device_remove+0xd1/0x260 [ 339.412986][ T10] ? __pfx_hid_device_remove+0x10/0x10 [ 339.415126][ T10] device_remove+0xcb/0x170 [ 339.416899][ T10] device_release_driver_internal+0x44b/0x620 [ 339.419268][ T10] bus_remove_device+0x22f/0x420 [ 339.421226][ T10] device_del+0x396/0x9f0 [ 339.422936][ T10] ? __pfx_device_del+0x10/0x10 [ 339.424846][ T10] ? do_raw_spin_lock+0x12c/0x2b0 [ 339.426823][ T10] hid_destroy_device+0x19c/0x240 [ 339.428823][ T10] usbhid_disconnect+0xa0/0xe0 [ 339.430720][ T10] usb_unbind_interface+0x1dd/0x9e0 [ 339.432767][ T10] ? kernfs_remove_by_name_ns+0xbe/0x110 [ 339.434969][ T10] ? __pfx_usb_unbind_interface+0x10/0x10 [ 339.437206][ T10] device_remove+0x125/0x170 [ 339.439025][ T10] device_release_driver_internal+0x44b/0x620 [ 339.441424][ T10] bus_remove_device+0x22f/0x420 [ 339.443366][ T10] device_del+0x396/0x9f0 [ 339.445089][ T10] ? __pfx_device_del+0x10/0x10 [ 339.447004][ T10] ? kobject_put+0x210/0x5a0 [ 339.448852][ T10] usb_disable_device+0x355/0x7d0 [ 339.450834][ T10] usb_disconnect+0x2e1/0x9c0 [ 339.452712][ T10] hub_event+0x1c81/0x4fe0 [ 339.454493][ T10] ? __lock_acquire+0xb8a/0x1c90 [ 339.456455][ T10] ? __pfx_hub_event+0x10/0x10 [ 339.458355][ T10] ? interval_tree_span_iter_first+0x3c0/0x3c0 [ 339.460728][ T10] ? rcu_is_watching+0x12/0xc0 [ 339.462607][ T10] process_one_work+0x9cf/0x1b70 [ 339.464540][ T10] ? __pfx_process_one_work+0x10/0x10 [ 339.466642][ T10] ? assign_work+0x1a0/0x250 [ 339.468449][ T10] worker_thread+0x6c8/0xf10 [ 339.470314][ T10] ? __pfx_worker_thread+0x10/0x10 [ 339.472310][ T10] kthread+0x3c5/0x780 [ 339.473963][ T10] ? __pfx_kthread+0x10/0x10 [ 339.475796][ T10] ? rcu_is_watching+0x12/0xc0 [ 339.477674][ T10] ? __pfx_kthread+0x10/0x10 [ 339.479492][ T10] ret_from_fork+0x675/0x7d0 [ 339.481332][ T10] ? __pfx_kthread+0x10/0x10 [ 339.483173][ T10] ret_from_fork_asm+0x1a/0x30 [ 339.485073][ T10] [ 339.486320][ T10] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 339.489146][ T10] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Not tainted syzkaller #0 PREEMPT(full) [ 339.492699][ T10] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 339.496866][ T10] Workqueue: usb_hub_wq hub_event [ 339.498837][ T10] Call Trace: [ 339.500154][ T10] [ 339.501336][ T10] dump_stack_lvl+0x3d/0x1f0 [ 339.503167][ T10] vpanic+0x640/0x6f0 [ 339.504753][ T10] ? enable_work+0x2f8/0x340 [ 339.506574][ T10] panic+0xca/0xd0 [ 339.508081][ T10] ? __pfx_panic+0x10/0x10 [ 339.509851][ T10] ? check_panic_on_warn+0x1f/0xb0 [ 339.511855][ T10] check_panic_on_warn+0xab/0xb0 [ 339.513819][ T10] __warn+0xf6/0x3c0 [ 339.515366][ T10] ? __pfx_vprintk_emit+0x10/0x10 [ 339.517407][ T10] ? enable_work+0x2f8/0x340 [ 339.519232][ T10] report_bug+0x3c3/0x580 [ 339.520995][ T10] ? enable_work+0x2f8/0x340 [ 339.522817][ T10] handle_bug+0x184/0x210 [ 339.524542][ T10] exc_invalid_op+0x17/0x50 [ 339.526320][ T10] asm_exc_invalid_op+0x1a/0x20 [ 339.528226][ T10] RIP: 0010:enable_work+0x2f8/0x340 [ 339.530267][ T10] Code: 89 ee e8 9b 96 38 00 45 84 ed 0f 85 29 fe ff ff e8 ad 9b 38 00 c6 05 35 04 e7 0e 01 90 48 c7 c7 20 29 8c 8b e8 c9 1d f7 ff 90 <0f> 0b 90 90 e9 06 fe ff ff 48 89 ef e8 27 46 a0 00 e9 aa fe ff ff [ 339.537679][ T10] RSP: 0018:ffffc900001c73b0 EFLAGS: 00010086 [ 339.539786][ T10] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817adc48 [ 339.542868][ T10] RDX: ffff88801d6c8000 RSI: ffffffff817adc55 RDI: 0000000000000001 [ 339.545942][ T10] RBP: ffff88802532f738 R08: 0000000000000001 R09: 0000000000000000 [ 339.549033][ T10] R10: 0000000000000000 R11: 0000000000000001 R12: 1ffff92000038e77 [ 339.552096][ T10] R13: 0000000000000000 R14: ffff88802532f698 R15: ffff88802532f730 [ 339.555220][ T10] ? __warn_printk+0x198/0x350 [ 339.557120][ T10] ? __warn_printk+0x1a5/0x350 [ 339.559019][ T10] ? __pfx_enable_work+0x10/0x10 [ 339.560976][ T10] ? __thermal_zone_cdev_unbind+0x6c/0x6c0 [ 339.563255][ T10] __cancel_work_sync+0xe7/0x130 [ 339.565187][ T10] thermal_zone_device_unregister+0x28e/0x4d0 [ 339.567547][ T10] ? __pfx_shield_remove+0x10/0x10 [ 339.569559][ T10] power_supply_unregister+0x10a/0x150 [ 339.571668][ T10] shield_remove+0x75/0x130 [ 339.573474][ T10] ? __pfx_shield_remove+0x10/0x10 [ 339.575471][ T10] hid_device_remove+0xd1/0x260 [ 339.577350][ T10] ? __pfx_hid_device_remove+0x10/0x10 [ 339.579403][ T10] device_remove+0xcb/0x170 [ 339.581216][ T10] device_release_driver_internal+0x44b/0x620 [ 339.583599][ T10] bus_remove_device+0x22f/0x420 [ 339.585575][ T10] device_del+0x396/0x9f0 [ 339.587238][ T10] ? __pfx_device_del+0x10/0x10 [ 339.588812][ T10] ? do_raw_spin_lock+0x12c/0x2b0 [ 339.590587][ T10] hid_destroy_device+0x19c/0x240 [ 339.592569][ T10] usbhid_disconnect+0xa0/0xe0 [ 339.594421][ T10] usb_unbind_interface+0x1dd/0x9e0 [ 339.596476][ T10] ? kernfs_remove_by_name_ns+0xbe/0x110 [ 339.598705][ T10] ? __pfx_usb_unbind_interface+0x10/0x10 [ 339.600853][ T10] device_remove+0x125/0x170 [ 339.602679][ T10] device_release_driver_internal+0x44b/0x620 [ 339.605063][ T10] bus_remove_device+0x22f/0x420 [ 339.607000][ T10] device_del+0x396/0x9f0 [ 339.608694][ T10] ? __pfx_device_del+0x10/0x10 [ 339.610581][ T10] ? kobject_put+0x210/0x5a0 [ 339.612398][ T10] usb_disable_device+0x355/0x7d0 [ 339.614406][ T10] usb_disconnect+0x2e1/0x9c0 [ 339.616269][ T10] hub_event+0x1c81/0x4fe0 [ 339.618081][ T10] ? __lock_acquire+0xb8a/0x1c90 [ 339.620018][ T10] ? __pfx_hub_event+0x10/0x10 [ 339.621912][ T10] ? interval_tree_span_iter_first+0x3c0/0x3c0 [ 339.624316][ T10] ? rcu_is_watching+0x12/0xc0 [ 339.626210][ T10] process_one_work+0x9cf/0x1b70 [ 339.628156][ T10] ? __pfx_process_one_work+0x10/0x10 [ 339.630278][ T10] ? assign_work+0x1a0/0x250 [ 339.632043][ T10] worker_thread+0x6c8/0xf10 [ 339.633842][ T10] ? __pfx_worker_thread+0x10/0x10 [ 339.635832][ T10] kthread+0x3c5/0x780 [ 339.637456][ T10] ? __pfx_kthread+0x10/0x10 [ 339.639282][ T10] ? rcu_is_watching+0x12/0xc0 [ 339.641167][ T10] ? __pfx_kthread+0x10/0x10 [ 339.642987][ T10] ret_from_fork+0x675/0x7d0 [ 339.644828][ T10] ? __pfx_kthread+0x10/0x10 [ 339.646678][ T10] ret_from_fork_asm+0x1a/0x30 [ 339.648598][ T10] [ 339.650485][ T10] Kernel Offset: disabled [ 339.652043][ T10] Rebooting in 86400 seconds.. VM DIAGNOSIS: 03:39:36 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000039 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff85268e75 RDI=ffffffff9adc5de0 RBP=ffffffff9adc5da0 RSP=ffffc900001c6d20 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000001 R12=0000000000000000 R13=0000000000000039 R14=ffffffff9adc5da0 R15=ffffffff85268e10 RIP=ffffffff85268e9f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88809780d000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f73545d8 CR3=000000005f0fd000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000000 RBX=ffff88802b242520 RCX=ffffffff81b05431 RDX=ffff88802390c900 RSI=ffffffff81b0540b RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc900224df298 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001 R12=dffffc0000000000 R13=ffffed10056484a5 R14=0000000000000001 R15=0000000000000000 RIP=ffffffff81b0540d RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88809790d000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f73f772c CR3=000000000e182000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=0000000000000005 RCX=ffffffff84aa95c0 RDX=ffff88802108c900 RSI=0000000000000040 RDI=0000000000000007 RBP=ffffc9000372f320 RSP=ffffc9000372f188 R8 =0000000000000007 R9 =0000000000000040 R10=000000000000003b R11=0000000000000001 R12=000000000000003b R13=ffffc9000372f260 R14=ffff88807ee991e7 R15=00000000000000a9 RIP=ffffffff81bc5880 RFL=00000283 [--S---C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f5479748300 ffffffff 00c00000 GS =0000 ffff888097a0d000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00005588bc737000 CR3=000000004f14b000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000003bf12 0000002c00000012 0004000000080024 0000000000280030 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000001d0b 0000001000000000 0000000000000000 0000000000000015 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 80820800020077a0 1c08000880808008 000002060140820c 000000dc00000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000806060128ac 00100002b0030410 0002a0030c808080 1000029003718080 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0402800301800218 81c5a8fe08000100 00000806060128a2 00100001a00316d0 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 100001900302d410 0001800318080005 8abfe80201080006 0101c85ffffffffe ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0800058abff80300 0800058abff00300 0400058abfec0320 0400058abfe80340 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff89f23a44 ffffffff89f2ea62 ffffffff89f2e509 ffffffff89f2e1ae ZMM25=8666b8f68666b8f6 8666b8f68666b8f6 8666b8f68666b8f6 8666b8f68666b8f6 8666b8f68666b8f6 8666b8f68666b8f6 8666b8f68666b8f6 8666b8f68666b8f6 ZMM26=44a6c99844a6c998 44a6c99844a6c998 44a6c99844a6c998 44a6c99844a6c998 44a6c99844a6c998 44a6c99844a6c998 44a6c99844a6c998 44a6c99844a6c998 ZMM27=615adb06615adb06 615adb06615adb06 615adb06615adb06 615adb06615adb06 615adb06615adb06 615adb06615adb06 615adb06615adb06 615adb06615adb06 ZMM28=000000200000001f 0000001e0000001d 0000001c0000001b 0000001a00000019 0000001800000017 0000001600000015 0000001400000013 0000001200000011 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=c8290000c8290000 c8290000c8290000 c8290000c8290000 c8290000c8290000 c8290000c8290000 c8290000c8290000 c8290000c8290000 c8290000c8290000 info registers vcpu 3 CPU#3 RAX=00000000002d4f1f RBX=0000000000000003 RCX=ffffffff8b5d72a9 RDX=0000000000000000 RSI=ffffffff8da28539 RDI=ffffffff8bf075c0 RBP=ffffed10037e1000 RSP=ffffc9000048fde8 R8 =0000000000000001 R9 =ffffed10056a6655 R10=ffff88802b5332ab R11=0000000000000001 R12=0000000000000003 R13=ffff88801bf08000 R14=ffffffff908242d0 R15=0000000000000000 RIP=ffffffff8b5d5d5f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff888097b0d000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000000c300c6c CR3=000000000e182000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000