last executing test programs: 5.197314909s ago: executing program 3 (id=7675): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x0, 0xb, &(0x7f0000000080)=ANY=[], 0x0}, 0x90) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id', @ANYRESDEC=0x0]) read$FUSE(r0, &(0x7f0000006140)={0x2020, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x2020) creat(&(0x7f0000000440)='./file0/file0\x00', 0x0) syz_fuse_handle_req(r0, &(0x7f0000004140)="c4cbdcb161144db21d240ce493c386117138ab789dc80e4157081dddbebf2fa9cf5a218707cf9f40c33cd811c5aee19e05c5697b2c5c538dd8691aa6ed60b2daf8a25db53f03d9ac183f53ce49488913b0fa326c4922137bdc9d87ededdf17a7eca426a1dfba925f4b49b7768d5d997244ff460cf9623602324fa7a3b1e61856df902832bfca938bbec09e63f845d110cc88e11002f41e4bc7d0004e4afd086d784f89f4b84dfce621b845db8590ccc04358f72ccdeee7d0926999d4eea2d18170f156a39b6cfa72968114f29ff156555c14815e53ff1663a062513d470b374ddc70bea32a37723d7f0abd324820561c2904375319f2e25ca3659f9754aced8b4940afafde6a62e3e4dcd61837a9aa47e4c5ce14ca3f54f46fc4726dcc4eecc47cc68099cda31a9cfcfe77585b2cc783c96d7ebd5b3335fb12eee05fe117497c13a361dfa0a5588340d28ae52f8e35b1a5c8f56b1d49a0f857f267bef12da134787ad03ff4db32b7c21e409c65becbc2feafbe06ac1426340b6b1385c753ad902099c6fd8bdac4170daa9729535661197e7a960cbe0bb36bef2a954a7b20306dca5582d3500bb9cf8322a447c2b1e886ef92748a4d7674ed598438764f376858da9ec9eb13e7691b080a01ee9d6065d39a9cc5b9dbb6dac04408be74866c5dbf411eac41dbdf5a47c9dbf68284aed34812834007e489569ce1f9c81e59cd6f96eef38ca847eee428d0d61c762a3ed2cd601814d110c24edd7295d3efb192685dd4260a3dd04ef44566b455a180d433d0d0966a440803c15aafff16482b3dfb1333564276310da8f67d58715f6216bbf340df7f1341b4f30aa165de6f78f3154722dd746e09e557e1505f0f457db05d4a04d29b5746c47b737bfff7516113a069c8c31839320968b30d7486b97327058888c3f77c3d8eb4702f4dfd66729bdf74c978ac0255e01f2e478cb182385a37d8596f7b23b30a9d191bccd91ad41f4a5acaeed98083b0ac7720a82cdc50008ff9b6982fb3febd9a61d25dfcb2d4b5b74463c3ce85846f419980e36bb7b9577d2947222faf36fa2b2218c929407f8d1c4c979b77f854e170775526d44daf268db2eee5205a972ebe76916aaa0a18fbbf43bfb7bbaf3e0b35e45e878872e108e7c47255845e3ce7b294a8b8f29dacb8210f408e3a947c7a4041656d325e68815a24176aa95c68146a4c5c1cf0c50c4fa10534ef8e5d7da498d8e7777e1618223bf90cf1f13ead5ed9c6a6c2cddb946974d910846b69fa60607871f258537d29976ad64781746d68047ba1edd367d1bca3192ceaa397229512f543b9322df5a74d853dbfe4ca4cf5d97621af4ba3b0d98faf522aaf70ffe5c260385b683fd9a0e2490a89f58594aae4b8e3332ef330fe90b0927d96ba8ec3d4a80c6a86500936ce35bff9cf8d9138da31c3152ee6d7eac5477fc9f67fbbf0c9ae45bc10ebf168140bde0b26c56fc9cfc9fb8d9c2384177e6751b8d03441014ac7819258486a7dce5adf8571976619cb79ec1cfb0edf3fc728e31f975f3d972e7b6f9e3a774c8001339381961e1ed216213a2d8c8b2bd7174917a413f14a4c3c3b2278921a04de1d021d48c19f20cb810a6eba672fa980800f20172ec18da1a3407bfc634eafc73945707ac9736cbcba1077883b8391783dcbc019bdb282165e81d3134c367e8db0e4f9abfde44c15a0b35b2228ab210aee6f62b22deeafa3d72ad530f4c8540d239382ee81f5357a583d602facca537a09aa0c23c3288ffd5df12d69eda21b3586197389f9d349423404f60ad0f8ece9aa98ae6cfc246eb06622be759866410ec31eb7fbeda98a5809e47a1fd7e50b3cc2dffab78baa751b40ef72276aec2314103400816ccff1dc631c257e452dfd22c2321dae0af606a8b24b5d58d4b5665c680f4b12cfcd5968b9464599deba0468cc98cf0a7aeaff8e496b480f7b3bb2b88a062e38ffab1f09c3cea5cd82aa15c321dcbad9f800aa55b0df92f62d48389045f264a4756aa83f364cf86d991006d0d77ad3aa0f45eeacfd1f7ea9e6a404ec9c55366a7626c7ec62ba9ec3d858851f92e4d488097b88e5ed882bd93941cd5c04fa6054f1db4c896a7deca30c8831c9e73318ee577c5695f3ca30b8832af4ebe4e0f28e9730909378ffde01d1bf5ebe4fb20316211b695b3877be2838c6a0396ee8589336481a482688d209184840d1be1548676cec8e4db94140e35eb185ee86cc68f03d20545ad32323a11b9aeab4c4a2b2963cfa92c6846f87abce4e63cc57822ced3c9b2ee1d976608c3eaba02ba4e8d941928abe2216fe035685d0221974aaa4f5d0e9b3cf5845f9e432ff523020dbbfff6c41ad69d04460fe15ed28e41d01622b705e1a75cf9dfc8e050c87ffb92812fb03b302d7bba5eb33e4e59007046afb69c92d1705ce384d0a35127c1c35b4f94a5bc0730328843331dedd36a321b02d952829470af05b439308e2c14e6c25128f157e7df0c9e57950f1bc506b0e58aee162c43911a66a526c3c14a232b6a5faaf411946ef154c122b374f4c0fa3495e01fb6e31090f9399e6d459d18ea8d19a8681e6ecf172fcb8c6d26c5663654104ca5ca167e68b1971edaeb22b8f9993f02c18cc1eb24c018d114336d071cd372cab69853dc6ca7a7958a4ba380e6506ee2912ab4b950397ecf9f280ba634a5ce4c6eb1de3c707911ddb3c910de5f86f62309f4505f4beca6d63d156146265205c2cce5e1d1086f6c2a62b130feb173bb06c217706cdc02cf5d0436b69f00f043be1c95d1bbb1e013fcaede94d5ca0d3757654c8bc60701747c845e7cb062364ecf9f57bc936d1cd52b5dcf4a05780db892596d27ef7e9825270db40720741d0c987fabebeb33cc2521261f88c27e6e102be27507136312413391040013f87ed0f70d50806a8aab310eb83bd6edf8909258b62cd6f566f5f9fc54f04353e977d2f5c46b3375ab1bcd2f417a39d0f708b21875ca86096b12b025ed1a2f41f24d14e4ec7d3e0753e88a3b21e44f3a6f6bd9924722cf4721dd5a104423351787993c350b3796b9c0848757c8cc17f93b2615f9f50f3a0d918e26b88fdbc0ad90517b799266124a2800ea191f58fe0676d4328ec085058e04321b8347be4970ed9e846ce6b877f32ba2257c49a1002c20744c8455f089714a66afb7ac89818ece2e363583aa3e59a7b32cc67a204d8be59e207fa83b0474e95e510577d63402b2f53cccd3bfc967a5927f537f8f1009192e24bcbec3e553f6f7e2e494b8d5d36f481376b31480b2e2ddde4eec8b960908f200dfa92c48d437ad5ce75b4e9f022fb9b993a0adfbd393ce8b09181a06f4397455f92207fc4ddc503280e08bad554b56b3b62a0a29875e3c45639ad1db1986983d349bdf8ddef08d76f780cf0d39c7791441a0a5e1d676ed59c73719996b6ba7d5d20f21a60f6b67935242eb8511926a28d776c6fa5ecdaa5f3afbecd2dd81132c3201e6328ef1dfa66464c2d9d456d5b6d3a9854e55c77301babb43547e16abdae31ec4e4f87c4d8fd9355a8f6fa316974688b64fd56df13cecdd0dcfa7d0d3f0f32b657b46c903ed9f77bb1f0f0f9094f29728a7e087a8ab554c3e7534f306b35962a57b8b47b98f1e320464ea0640858a094a89fc657b64774301794819ae07a2de7fb7fddfc7f92c0e26911e16c1945a3cc11bc77c6cd46a9b627f132f3c42393f9c892f9fc8ffb11890ec856259a0486e391b6f601d93c394f09fa5c41c5db116aa64b4229f3afd9f61cfda50f3ceb50cd10176f2a75a9971ac2c65ca69c1da6e77ab58dc60e9aec77a7d72e34ead9a4d3297511b2886e4dc7ccc8c2a44829e920cc055717dc03c551b3ed52aa5f818af4ffd96677c1ac848b40d494030680df668dc6023118345dde06aec1752d0d62ab57eb58cf3a558a55d53ca85c9009c55b2b3e15394a9bcb89dbb60095c4d83693dbfa347a32cfce875c195d3421f65779cb6ac22a33be31395af52c38763aa01daa8973d7d25c8cf4230855e52d4db8a82cbd453052300f0c49037665fe39b4d0cc95fb10c8e735c5bb276bc37414c954145f515dd624c30cf6522186c0925f909042eb21f2c6f403899f5a387166f0c539d12675302288c6ac40eede78300d5a76d5781f0ee2789357ac8dc51c367d145b549245f9ea5e810ae5c1f840d72785a5b4f176769f1c8ce6eb6f74947cf92498073a15db9677079d207d2ddfaaca8cb842e91b6d16b1e2034b57d57da83e82d1efe13ee739b8755edc4b2548218b3e84f435d8ce8ca6f675bd693ed34eff7c0b4da2d1055e8442a7ee634ae9087634011718ba2dfa5999b7b4c73358e5f699bcca172fe0791bfc24a286b9a15c8eab5e27e2f245de7367803c60eae7a726ef6d314e4bd466b235ea1e39bf5995d91da6839c59fe2001ec07c610b57530f00c84392639e9c062e6b6ac2074129d8754d21dd9dc132be8ab6046828cbb56bcb64845bd8313d6e73a512903639111fb9964ff28dcbca5539f5a2edbcf58a61808d954d1f7b2cfc4e1a53819a60bc0038ed1d21a5f8ba2a085723dd9861cd4d1f0189fb0817287282a553d1009781a608bdb8f09135114e58102f9614209f01571d8fb6bdccb460dcde0a85a93c0cd764e99401a57e77f537b3bbb83e843ef0905f311ba4373ba034dcea3f25318772129f11c002a405226500a6993ab73d328433a592ff4bef24b0d87095e26b4e2d9f5722242d9dc65045bd0b8a58d3a80c31b726159fb26a3bd7a1642b18ef749527ddbc50188a15fbb8771927acac91ff1055bbbbce7f4caaadda2075cd58eabc4cc06b9b35909b847beff14e0426a691652be94480c9b446442a08d7ff9c65c74663fbb1c90e0a0ca0a42a70e30b14aba2756aa307b0dccb19ca3d193d9090d76e49ed46599dee794800810fc8dbbd51418ed2330f1844faf97d894c39a187b64613304c0a247668ab2c9b076826f68e0995c01043935dadb92c1f1d7da73164a8c46501b79be43da647a6d6e76c93ee2d1a32b85134146015e61fdb4c4c06b74aeb9e58831e38f47ea383d1786d0129cba302c32dbc1b75ac370889673563e60e18523749c0a70d54f58dfdfdbcff265aae45460291294da62381cdeeeafc5be470fa7392787cd9932377f8085dcf7c55ecb7d9706e725a26375d4dd64d23f54f31c7376e9e14e646191693ab4ba844580961ee893d225b56b6086cd819ff9157579a1878deb0eace57f007866a1ec4be1988e07f1f692d5b5287c6668c68a6761abf2032f9b0fb8b863b487090afa19fb1ec50e4f5a41ce4a2c29840e2a4229e735c7ff431c6cfa10de5a207ef1d531aca6f188d4782fa0dcdccd1307946a01449885dec0de887a36c09dc130808b1e24e11748cd4883247f9d93147936cdccb3a4bd8a10b5e2cb749b3b84d098915b8d4d6966fab80bb99c2749468fa1309d7749393f83f0a6385dbdd2ca9f646baf38dcf00040e3183db5f7b2729fa94541feebfeab48a96610161dbc0521ddb8cab259caebade28a1a68d62ad399fcfe20b77bcca8d7590d75accc097f5138fb828e4c4c6835db2d5bec6bef90ee97937ab8a3d8f8c4f9d680852406140802621588d6d39dae30a889c227318e6faff46a27a69917a850b21a4647a3463088b78fc21c68daf8fa46ec5bc0bf8915b4cec620b4d11e1707a100ce5f0d6cef784195e87c7dd39a8781af9b9e5d54e7da653b7168c38268744339e383ebfec4524f9258eec901ec8c90251d075476ca3df770bdf946b127b5dd042c909920cf4f4be5b9d7d4ae0f606579a3085ed59c4cfcf38f910e0cae6043be834c9dcbb6f881c9fa794d73755ecb39f94e95ac3eb5aff8f689f76abf83bd7cb82265293cdd8b17e42a7011ed8faac47213d180c58c52668498e1fbce3d297552a6edb0a3ab99b851e4ada7698eb3d1e534637cd58f98dc07b2c1e873a5b07cb3cb4acb5fe1fc3e5f0d04020a59d439b9a202f5c3cdc1aa243010fa247bcadbc141a8b66b67755236a53da0fecdf215901b2507196fdcabac359251bb475ea77ec5fb74449afa4e5c3f9d65f03cbc0d61542c8f0be88eb70e8a030bbfa934672e9c16c3f5d42647d3006fb478fb49f8625fea53c44fb9b03d4af2f99dfb454888d28e5e81c457f38e8207950c698328315614a84b1279331a81d617cb7b5a7658fe28dcc6717ea9998019e284dd01209a505fa55f20fac56280580e51fed801fa970fc52dc9d4d3d90dd2c5b242a73d1a4b37df6009aa3fbba1b581c7cf5a1e60ad97a21956e8dfb4eeffdbb4daf6c69c9ced7d52d44911028a23319810c6108eb8ff02e0413fd1b8f8b201cb8be36674663dea74a522fb295eb94dab716aea5776a724d27b987404ef1bbeddaf9533b1eb1541b369882dcd024d15f90b429fe2999a763f14f26bf7f89ec72de9a24b136e55ea0bd714b2f23537625ec7bd4232676834916efd168de127b13c6832f68f602a8672e93e4dee6c1718052b16904005a61adb7cde7bcca525eaf3e3e8a009475ba3124f8b77a760a01e9dad6951873ec203208da761b09854719f4d2af514b55210b72cadef125d028257c717e4a4854e24f7afb252b42c81449be223f6084f0eda03253a91cd20bff97a9047d4cdb46c072eacee64169050c4e12d49fe26be8234ee164a7771c2faad3cf8987a123a67a376d39e448a50fd998f6349c05f24653db88f39355bb063728489089b89d98f7ac800bc06259a70a6dc5635dcfd29f76cb024e21c0ce6ebeafb0624e8d99f9bb8ed4c21d9117baab7a3addd28d445157005d8f0fa1db9e1116dde6656165d39b5cb081674bff73842bb330077e4345d2b02531822479edc4b2d0743f338381796ede83b75f22c0d15e5f840a6ab650cbf8ab8278bb15ff7e131528a676504bb9f3d0c9ee8b645c5915b5abbcaa6b4cdceecaf44b6ecb3a3141ad3b559922b7948e4dd7380ef82117b7ea1bf79448fd81273b15ff09da6251e40e02aabc897ad8f9e5a18c913d4b6cb63fdb8782ae25cb819a7df09e5eda71c403ca3a2fd4f9b48a66cbfe4f88ba57f8b3d1932ca72e0c7c4709900c4e25e4f97676544576ee992078d6213422d7515b52cc722e7c0b8f084723f78a8db1b37763774958995cb10c39804960a0cc29fc4f2ccc084c61ded8d375d246435ac42c76abe6be1d448f5b144a9a9f2d0baad9c5044dabd5447ae5aed033fd27844e4b3251d57ed8b582fa79ac71d11635cb9fbc23af5df4d7acaff76150977404106212897224046db4cd37c231f844f2724cad49d9dd5bbeec77752bf901deea72458189ded320fe95f3ce9c6d1981365e07c4dca44babcb1ec31232b62ed079a16a6942c96c2911901298134f2233bbfde2ad1c029b4f35379cc4f3fb7ede67d45c1098fa23a5e476a6a32b757505f5274535cd241fb0dfd46a222bdb71896d87676c34e2d4627f931ba5e6e936648edb8411f2f340227efa5fc0095d653c7e79c73d65608f99ffd64c0369a540bc9ba270d10765905b9fe985d6cdffbec6993c12b7be87462ce3ba5112b1d8f46110184eb7a055a55423f37a4ebcdb44dce0fae17f429d9421f203ae9011b80e5f8095489b7d403fc4d57c01fab13957a0667172150268421f7e5b4fe516c6855b6e124c47641d866609403312bb4fb0f70bacf8dc77f8756306357598f81228f3aebb2550b0d70755f92e7c040027cd1529fd46d981e8efb1c800ee73bdd658ba9346db6dedd8b8da3c36c8c90e738aec379cc7c128806ee454eae3597f5f385bbd22c8977f543454e781b1fc4c4e2d198442fe8d44c5452778c9e061b664c902b0a89d66760f5526467da5c65260540f5e747d10a3204eace8aed5e752b78330ce08f7b7cbb43b016e03a076233eaef546f27e6f10801fe84453cb1903652dbb32d045a2c40cbd2b266a30a56838c79d9198ee7ffbd32cf6bf76bfec7d28e6d3d5282ee909c04f57a9658ae7f8bb04cf6bba2591fc2e0c59c12498de02fd9b268939e7445b45c3163bf4f726a3241b04b6726cd6d69119213fde4480be90843bdcba7d2cc99f8cc3ae48875b17d0d7bbfe2867a721d70cd2e5a5521b62050f69b5215e977105ed0013ea8a60a7b2340d77db090d5622db2b26e98092a65a227753bcc8c0d2f76ad139e674b23ca05dce4f8bcf25b0f08a926cbc5e5637e8194bdca685a4ac253ee691d20d0069a50f645ba5cb502fe23866c66905b90584a4000d311199134e7f73e47573d9e2c185fb051a2980b1ef5a2f8804a6cbfba834941c8c384b832030ffccbe75e6f484ee9b32aa4c7a85986f2cce3200178e9e9d566915bad1733bf5abf11f46c949e265554d9c658459995a4f3de568e49d39679071dc9b2cf78c79ac3356fb56ddc1b42462abe1a5db9162b6d09d17a90f97853b1d053a0d2c7bf54d14aa2d015bf36d7536ce29bfca6dc18ed74cd8a9032630685146b3d4f751abd24ef7a00344b9b565eb2736610fc3156b5b63cfa1372d1da21fc4127d1adc98e47b69fc3be257412e144c8930c9586a7106af8f7cd455a3fc8974dc7ffcb85683c0d8b06e7e050d43491370178d9bd706e77055cae6b26fa2bb2713a938d8bc749d8f22042c9060eb9cd5023a197222d46ec7cef3291b1d331ddda198e4e64441b13a00f31a28b1c8e71b197d00d857a9b9ad203c4bbd97af33c000b289daceb59a64086287e2adebdad6266e01c1d8de5ac6f69970dd13236e45542148949ac842ee6b9c133c3ebe92e04babad0774be000e600ecbfb7cf704b85eb5a288bc991111327fd1c73526c40b8525d05972a4c3d4969a2a32d742ad55b7338019c56ae45234d16407f59c1276d8aff303bb6d06e7c5b300efe03eafc27b81a6d2d95150428a62c54221d4148c9af90e340dc8b2bfeabacc66932dd8917952d0461c08b99e0a974dac119214e12c0e46f98b3c2912f412637d7eb26497baf11d7a9bfae171e0fd7d2acfe78dc43479dc0403e35e1e21d86e4f17c49855a5e53184536ccae379fb9376e96cbedcf362997f88b0fe0f8048eb23749e7f7ccfb5a24fbee98bc6bd99e15b21e3450f2020a4b241852ea02d1df72be2bb2cfc7f49ac8145bd53de90d96af6c8284d87c61610a2b422ccf9aa674457d05b4acb3bdedbedf7317c75e55483ba86bf914132e44e11a58acb2138c10e6f2d9e3c7eecf851c60563c40a9de08c9f9814ef02ea00ccea68f3504d36c21adba86778bd93d03c6cbffeb4024e9374c50452ea917847131989a9ee67fb8a0a5a7d4ed95e89c77503812272dfb146be39ebc9ec025133c091c4e35592470dbd7e0462e8d8b6135fe2dbda23d92648dc18e359e99b08cab432d5f75eb113282a9accefab90315f4674f87f5d5a5a043faf7d3c0111866f3d9c055a1c4a504e51477362d19b5cf01aeff34999be7e0e4de876bdb1ef845d5189469669e181a45c410ddd1a68b868f95126ef1440b459be68078f903f3688cbdf55a48512c1c9f48839e605ef20bafc64f4655ccdfcc4900620b76654484ca72397b0ee9cb231121b59ca8fa203cccf0cc74ffed393b0a3bc5af87462dcfeca3aa4503acaa41ebdafb2f65a333422a567a2bbd1cbe95a0e498a3b57b46940e7b12abffd24010a9ee1cc090b39471adfdfa29abb10d7dd513f71314a6e745a20e7a854f71979eb79857c892f9335d14d860cb9458a73ab15a31a26e9c188b9171b5fd2c1f98c3728bc57832c552caf9d8d842649e913e86a4c6ee16c36994f83543dab2f3815267ac2cd45dd7a7456b559a4cef816d19dfa62e99853fd99a3f9a62c1c5c8dc0e18bbcaaeb556ce0a1c7ed7438185adf0ecf1c288b914ed2846d0d44850d362912a8d62c9fd53614681d1f3c10880f1e6540ede4f8c2f941ba2a7515e274ed06e7f8049490342609ea8c561d2377ac26939c340eaec9afc2a88f0091e5f02be18aec967787e4f3bc79700ff7f82edba40f1575c7f07e204944d5598a7fb58c232db1de94c4f68383353eeef2a735d28884b515a16d5a4e1d853c756a7dbbe3e1e63c8eddbdb03766d620265b7c5f94f9f67b11aa5b8c09a3f2bba6895cf68c5c8e76be1a82d48d91b525d70a13d5009cf0fc3d1f421494ac3fc91737629e35732e42e79b483ff60e0e431476b07ae07ec350569cb9482ebe34f88a4cfa613f149f1c0ed5c2710a00f996d5805ff582d6ad0a6f0684765e3794e4add4d2e92b72f9998c0bc42bd2ae28f9657c91ef573a58c216023db16ba552041279485ad85d7facc450b6841ff96caa1dcebf90f2eb54c06eb2468fc8735b63d2fc7705094072e49a1119077208cc09a5efa636a475aff2f41607b71b7c7848c5b47d1af0a5a8875f6bcdef9eeb45b9c9cee74da250c323d2960b194ed03a68d69fd133e813aaa01ee0210f5e0adc91f3c559415fa485a2977752208d262100d486863703b3b7963e08049eb03c496a5e625b18efd65ad7f0f962373dce79765086f747e61b2be2c8461a7b5bbf7c1f7bb1f2837602d46db428e5a6b4403ef5fb697dc9f4cbf858dcdfbc5c7df00bbaf5338274d4ea3a422635bf83f9b32804e6a8425971ba0f5961e232e9a30dc51278d41ecc0d13dd46087d680ab522217d3700abd9f48db51b9f5bdfb825c26aabb8e1615f3c7647e2966ca4a42dc3f312c63a1b4d61e467017b4a07b3607a4b48e81b14d1e4080f9f1d25b267da0675c95e3afcdc5fb71e762f93eb4dcb83999784e63c7c3965e6867c482ec7315905cadfbc43c4448a48c7b872ca3123295c8075fa078d6a8bafdeaebda9c0c20689ed23e9b57532ea811c1a1f6c45dd06962108ccb561eb12c93d6e3e8634e80511a2e4ce17e74c0d98297cc5fff5ca730d5868f7bcd9c06ad0418425906898d0ebf179e96de6655c4f534b71d91d0d8a70654177c912c3eb470a03386bc60070abb234523a0ed16350e86cb91a3d25aee8ff0f0a8d52e662b64c68a3f6c795e2c6ec59eb62543f2b56c4e140ad6e18c36535f3e78b9c48c7de0bb848a40e665abae4e8a342a073db9256b858ddbeb5275ac893262f9e140efed6180fc065eaf55ee92dbaf43044dda19b9ae1518505f30fdb45e02a4416b87924885d4556e32d97bc00cd4114c9a912bad722dc4ec0ae0313898f4d36afa95ab78a0f0282b48e8d3f8cfd0f00cded7049ffc7c52bd99e003fdcca2059eae2dd752211c677c2455f6bd575e7a60783aa18993c1e25103dcedb61cc0bba480f217abf87df3ec5f4dbe3e83a3b94ed6b1aef21a524fe736572efb6d33acd8afafed6ca9d9266432e9b44fbd7aeccc67b71750207c72c0249db0a149f7b19e52c4b51e1cee0480b9f1539860642636e02557e82832f527701f2329e4c6ed85703991aedc6f751be57b960af61b170584120baeb74a521fe7215b0287b28178aae2db88c77ecc761ed2c4170e57f9158236850b84ae96363b017d7bd4c86f1442223ba0902ec16a7377046dbe1ca1ec1cbd4088068057b295dc9409d722c8d9b119ba9177bd70a02b3c0c00", 0x2000, &(0x7f0000000d80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)={0x90, 0x0, 0x0, {0x4, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc000}}}, 0x0, 0x0, 0x0, 0x0}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sched_getparam(r1, &(0x7f0000000300)) setsockopt$sock_int(r5, 0x1, 0x24, &(0x7f0000000200)=0x7, 0x4) dup(0xffffffffffffffff) syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r6, 0xc0105303, &(0x7f0000000500)={{0x0, 0x2}}) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) lsetxattr$security_capability(&(0x7f0000000100)='./file1\x00', &(0x7f0000000180), &(0x7f0000000240)=@v1={0x1000000, [{0x2, 0x7}]}, 0xc, 0x1) geteuid() 4.01831115s ago: executing program 3 (id=7684): r0 = socket$rds(0x15, 0x5, 0x0) syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e74000905"], 0x0) syz_open_dev$midi(&(0x7f0000000000), 0x3, 0x88c02) close_range(r0, 0xffffffffffffffff, 0x0) 3.489737815s ago: executing program 1 (id=7690): socket$kcm(0x10, 0x2, 0x0) r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)}], 0x1, 0x0, 0x0, 0x7400}, 0x0) 3.489466756s ago: executing program 1 (id=7691): bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x0, 0x4, &(0x7f0000000580)=ANY=[@ANYBLOB="8500000011000000350000000000000085000000070000009500000000000000f4670880271e3503200ffa95b2c8c037c5e96a21a755752f475b6da142c9a8d76287066c51adde96fcc309926fa397fabd5f9810e81ae03737136ea6f7be39cd34d5ae35de38fd5a1173a35c79949c00a7c09cc28d7673294f42a5f0a8321313822c45c0f8612c10b100000000b0d3712c7e93363af3c075ff1e23166a32d95433bb755a2dd576090c4877a7b6393e366c6386d5ec72f1d031f40f3012e9176e51a7f578602f5807785b92a544fc5cc037102124d85cec074c6949e1298901ebb395000000000000977e82c4c90d33ceb7807e116d5c16f5fe47fe5f17f9ab800f4104dbffff0000000000005c6d5d224b64be6c4d04009809000046f9aa4a9779f8555eaea768c1f2c221c410ef4b253d110ee282ab94de930a060000846be6277c04b4c5324812696a261be1d0b76f9aad1b62ffffffffdc8dcba00bfbffffffc45b0c52887b5efabf84960ba0e3c4c00356ffebfb19a34268335648e1f822de328c10742a42dca52fb98c1452b6518a6ef7297f7b2744706d27ed0b05b1b9555f2a19850a21419a2f238f173d0cd46dafc7ac5500f53e7309ec91d83cf4080000000029b34b9ff5087b7fa4f0000000000000008b00000000449c810d3174c87ee545867a3126af7a8b20744ea9875b9cba735b9594aa904e5a000000004a2147c1128c697d9966b3c9f0e9e203911a3fac929a4fc6e625247510bc24e20ad88d4fe6a3ae6c4aae83352106057ab9cd4b3442a5d10451b95e22f30a85f5681ca3000000008e100000000000000396e7b6e1aa007018f6d93e79fce95d405b809238cca421c800800000fa978bee51f581d124216e8bd9de040014a223fc991fb08f65f0db98c068be4c6155ec00005410866059475714844a3ea4cbe37e0000000000ef6d00bd63bb928ff58b3bd2a646a89d172a884dcdb8b9f905e72ce1a66f08c9b385a8cf37c496a8d2dab79d4242a353917ebdf2dc7926d80260898d4e1cd57f7b912d31a36f5d2a666537f920a9588a712be006c85db574e951fb65c103024d3c169e3b791e12b3c9905e0810f7ce80fa133c8af5ea4edbcd54e5a01b74f9dc015f5b7811cd7627993dd965a56b2d666f722bc26e3f6fb2163756d68ef7318d3abf910000bd9145909eaf139a2dcb2867a2979efe0b61627dd96f8e698fc5b9ed35bcf2fb9b190c3cf040549a1bbe7ca6adce2dec7c40c628e90b30cc8d8c0b3c6c95e21c7ff037166302e6"], 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x5, &(0x7f0000000000)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x61}, @call={0x85, 0x0, 0x0, 0x7d}]}, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x46) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0xe80, 0x0, &(0x7f0000000900)="e02742e8680d85ff9782762f86dd", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) 3.421347831s ago: executing program 1 (id=7694): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000940)={0x0, 0x3e1, &(0x7f0000000180)=[{&(0x7f0000000000)="d8000000180081064e81f782db44b904021d080006007c09e8fe55a10a0015400100142603600e120800060000000401a80016000800014003e00200036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0xa102, 0x0) ioctl$SNDCTL_DSP_NONBLOCK(r1, 0x500e, 0x0) write$dsp(r1, &(0x7f00000001c0)="5cba91a4", 0xffffffd9) write$dsp(r1, &(0x7f0000000080)="cd", 0x1) write$dsp(r1, &(0x7f0000000200)="22592b083424f7155b3ec9332b605795f21eb76cb16edd9b184cdfd5982a461696451f3d83a2e2405272aee06b1e77ba8a57e5f59e09be8afdbc490354a73b4d1921589ba144aad875ba3684ce57478591784f398bf2062cce2d6c585536fd3c9fa05c4fe9ba19bd1794604faf5767ba6f5e6a050909cd6cc64d53340e32b7760ffdac7eeac277098b813a1df0ba8cda2a4c259d63927c96159a7a3f0afdd4ddb29f74a7f7f1c438d5e7f6746c77e5929a79db03e8f9183502e865a7df9d3fc66615cf2f333d9ebbf5dc907cf9867ceefc1ae7a4216975908bb6626e6e0e184f78a7fae084b0faa9113d52bfabc4f419fa70147c1f38f38d9f7e06f1b18dacf9996e6c3be992faef551632c0c48d6b0ecc984b5f5103441a8f03d51fc27f9940bac0bae36b4da9b68be808a3bc8baa8fd34570408b7969e49a9335964510063d70802f4482bc67dd2e67387ed203bb4028e9d2758d932162e05e91ffccdf6f99093b789c81433be7f9e8ead0d1509daa50d4decc2be3ba69b5c8b69a5b1e3fbcfcdbda6580fd4bbf0a191c6a653214eec6c62d96e98a407b0696e33ae11357b0a1cb6878d975153c75c9c8cd4843ddc5294f750c73f3482abcfbd541d4476756d34f0487c6d19243a0fa211b453fd10651d6c6f3e6df2420a9989a7b67553cc98cc50c6afc0af93dc522ed38cd11623bf450c289851618d4e42eaac2a7e88c20398faae03c29bfc4495861815899aa618192bbe85a43fc0922745cdbf7397921f3de933d7cab1e8cb9fd478a5bc74412015fb6e12b1e1b2e9bf61807295af225727f89f8ce32c8838e27fde53c4b0382dacfaf917b9cebf3589c7fbee19710de9a53f1079a85a97da1aa91bc60247461b8c0a72a0a5edf5333d9be82fa176734f07012626f0e240ddb64a921b9d3d8c914e1d0786e3e87487b531c7012a1802e101e62cfdb9463b5363c1ab2922998e929f004f36be0a1e469e1211e0445807d66859f5ec78db160bf1c4a84993c01d7b43d540e90943e5991f32e2f4efdb6e104fd54b0b65de8b0a1e4b68a35f3306716b1636ffd79a10ed83f61f836a2ef14da68f7b97b494feebcdaa2163a8c7b269a149392d9545ec1acaeff411f9760107650c1ee25f8fff1e6b2f055627328763cda83b4a7f13caa421b6bb6987316bcbafb3f3b9225c82c6cedb5c4cc1d73ed9586fba931c2bf67029519af72e9449cf0470b9823768b41098b5d444b4ca5dd76e5b3420adf9f388176c9533cfa642f2172a41378b4146a3c3c7c7a0ea5a63a7960b19ddbd8f3bfa010faef32bf11494943265335d51cb6afb4d2ee73cde1a817e294ef63fdf74414c73ce79201c2a124a28c8637a6c79bcc53b1f26ea1f0d0514552cb4181f6672876b7a6a2d8f9feb28ea2d40cdc534872ad5d936263eb7ca832943e3bf6d8ef46851e979d8ca4d2337e2a3ce413b516d7a10da93b136718644f756badc3730ce9911c775ea1e34e769f9c5a636c98febbcdca4580f09eb2e73c44a7ce4a18a889802d57ab9f3db43b48457fbfa02f01cc305439c7fbaf0b0c7c85c452aafaac5b17b05cad583ead7d3f6737d2f08608bf641771491c4ac62eac2f65db207fadb56667547ec56e99bb09222fee286b5836c801241b800c658ed854cf3193e3af605443a6d401ca19b9035980cfa35c82e69ef6373a3541eb19f8d5a1f020c975532f72b38684ab7bfc09ea2e740c7a98eea5849d0c06637b61cbcc97e416f9fb748ad6ac0ad5d5e04164a7c1da668ed2cbd29870797ba20de0830711129324cf9c8f1e6f34e291fc9a0a016fd39fac0e2c6137b1c13676cdc23872951d86f71ff7f9bf11efbb90cd9e03ae3cf85e2432283316b6b46078978ccaae2deea2c52af2eafd184236d2a2af3bedfa04b7faba8c400b624bdc0753669fb843f960ae08412e288bdbb61089730435000da199b687fe2deae9297fd8c210d2408c31b233b7bfa53608a92dc116f09b545eda126660a5bcc9c8a63bab733fbec9212ad3ad74a27f9a98323dc661ce13e6f5f9c0509d16190fc348ee5f9fb4ad8a428f0b5e18004e68207ed232322490f8177b61d200b173be002c612261b04cf40d1345fc0fb7f9c098703685ed06de444cf9813537f105e451b0104f41f3018299cd252fe3c5c1ca2f8ac4eb5006d63ce72f4ad3836e7d923d168ba9de2ef9646ccae3c0d66949c9b384d89a6f4fbfa93be421c472a9eb2eb3df8ce212f0ceefbdefc54ca9e0d9b98fad5e2b262f9fba0941ea37d84f7e5f7c2eb27ad4447a29f0dda64140abd8a8efefae3ad290dc9d56ae7686a94fd8639e43cf74d9e86fe3c481ad8248a3758b8bcc78f5775e6a36ac24306d0081042527a65b14fd5b97699f76829be68efd6769055b77f4b9bf7e6a512c9fdec9db4795473d4a42e6936591efa51b674d73c76801f56b9f07ec7f7bc998cbc22f7197856a4500df628a6c19972916396806f1836fc51d2b84df3a1d796c7cc410dc1441a4d6c55d42d510d830a9e28a7b97dae61bcac9539b74d126f5500ccdd9fcfbff7176dde425a7c65cb0a49e03f6220416e89288b3c85d6e71e763d2655a0655d016ff3a663ce7a3bf34e0964f4955f50388c0cd46bab1a9564cc1911f4150533431bb3eae2e40b24e2d1186c6f6bfb3420d2a4d84d6b44dc89cecd2a2775c99df65bc71734426f9234ecd6e806860c71e2f116d7887246842e8b4d6b65e5929eb046404c0268c58d8724e2258fe9a465cf9490b50eb559c2099310fdcf1f148447059c116acfcb8de18596dcd0654b7fda6d1b04e78e6a1072aa52c1995375df0e7dab77c714779b12dfc4f8a67667a40b32b5bf17ab7e8462bfd8abcf531ce98be1b385dea4e0164f027e11e44ab74467e6b37947029ca09988047f8a48b5b22d47b6a7e0026b7613253680c1b421c7ad1a4a902751ebf42be83a54f77b42330780af338ffbd6b82b7e372895e1b9ec6079bed404581339d416a1788542da7a614d802c1483c4b767b7ca456e00b80ddf91d0c44856a28e1980194f54488fcc9cdb7097c7e3b2117ac5dc23bec410f1db7002cc132ed61dd451240186b9613a6aa12245d4677e25708355db78f18e8d74a2f8b3360e0959ac3a92772d65e16750f731e4fca154679c6da71bab49ae138f3ab2b52f2495267559f03bda66af3facd1aaa99be5caa22b5adedd08f21c32968dc5216e6a7f49de29bfdd08e8d8e219cc729b688e3565fc9c7e418ba5d9ad4f4350ff21c68b853909005abfa8b41bb84c8ae1d27d6bbb9afb4e7956c6bf35c17401b716b80a180f9fd16977eb2c787bfd2830b8ce238576bd5bc0d55683793f59636781839dbe4ee33a88366735c439dccf82f155559634723f4931f2e13c371dd2b9d351a6341c688497e53db0bf254d70131ec4bc7d88536058b18489fe45c566ad2daecac087b7ec31d424112261cf26668a8d6ad96bddc61896d619a9c677859de0fefce2f1999549e07e34d1a9288deb974122ec3ab49701d3189a0249f5cf8f40318dde365997de9174d7a46f5641f7079eb6da035c41f6c1d6d88230b3a9232be269e92d78c634c29b90dc88e6d9d78a23f8066ec04f3fb6ad5e9876ba717150c2404ef91d9a3d50903a10b2eb64cbceed447d1acfe5e0cffb189e78c35172604c9dde65fdbce7dcdc95bda36cfbc8cb8e431cf7c49887efef9f37ab31bc3fec275286354f691b13e2301f6ae2ef321c6199ecc0cd052ed2edabadaaed4616959e05ef2e48e1c981e7b51e83edb5c2bc4ec7b95952e9465c07056dd97fdd97750ac8d855c2b857c403b7918ef508e698f456e64eced082238e10819c10932abeadc74ee01d564b6b71508af746939a21a5b6649abbef034aa88c146379ecd63249cf4c7c5403fb5a62d536edba8d9763024308a4028d5692a276b31472126515ddac9b2b376dc8b03311433352f98d9aaa17ea6c83443f364129057f719a1fd5837d943101376c959814af8fb89f7e22a529ecaca02945770eb3b94b65a083e05403c9c71b0bb0476f3ac560237ced582aeec92934cab5d9e90f3c4b788e5a334ad82136a791a170b8c1a8f42dcd14ce119d5f22a390e4b0fd9f8f52cbd2010897e6d2f5c117b4d7870963ea35cf2893f15990da6cc24890411d76929594cc7ab666c7592abc6131888f715b01b0966598803f95a1838dbe578ce6fae26c8a6a36a2a5d9895716e959524a5e6ba3948014340bb12f66984e5cbd8798ca0076fbc7d9c2dd1f53c4310b57b151d39d0b9aeeb757afecacb57fd4511afc4457ab362dd2dab08034518aa3d4d8723ad8ace280b71878e15ff4aed9ece7bac8e0da7c978d197401cd34ad6b12c23dfd6d3161087fb858d8131a752faa5ea55f47efafa0835036447ebaba5ea3230f9d5ca812a73e17160901cd971ff16b790946a8dfc2141c31ef799d516ab588232540187e2b4146e185e7585ecf51485375af1dd71e50866cccd0e184fb0e427ab78790fe5d0501a2dbb1d7bfe01572273bb83f6521dfbf9e97449f1525fec0e38e5e605acdd35e9bf1b29c50c0b02aa307419ccdc82ec58efecca76ffe66e7d9da2478fc04137362eea82a0494f70d379472393285f36254a2f8e87ff37b41754e9cccb5b3813315c665afcb366931213f7b021653c70d1a584460c93765d010053af0af9d1411a9911257df9b2570f91565974ab9cfa725df3ccb75ff64d43e5e63028022fc27c5630507ed397f863c2ad39f7b2054fc0c5cc36d7d4a66980932e6aae1f2b92762b3ab016d3101c79511f27285cf32595e73c1c200b86334be7286e142e7ac809f862eafde7a603509cd3525abfbcf724828f27cf0637ed100f2e3c1c300fb0d36860257f038a459b81b4b77f4f216dc1cae9bf946faa58595a429005a53eb08f4595d2e8824624a3971d881ab22ef1a063d9323551279b458702c0fbe5b1751691fe38d950f7dc9b3abeb2d00d2d709348aa37fb10df8e132f6cd063a8c26dddf16fb89399d7a0dd70a1b07731c8aea6dc23797285ab7c432d1c5e0aaa6836cbe9dd5f2b8462e60c27c8f95375232ed9b00a80bb121e583dcacb9e5bb8ec580c69c677b183376fdae3ec55eda69f5d9472927461344eac169d9266e8e2287f4d8a9124341de6552dc60ee2cc8b4dd69b7971525b5421984027dcee4f33ce7ab4aae78709bed901dfdaf4d0378dff120826ccadc0af14cae3266fe963e1ba4285a5b4367ac9ab2142048d2937246513151a540cca6935ba3e714b36e2f33193cd51e7c331938562e9eec4cf8d27e602cf86df6ae894dbc856f898a56bcfc69c09fed85e1e2a66add29f79e031e0ee1741e49f16878a351e8714b4cd97a15e479e4f652536fc680202ceb2622380a3bb57523b600bf385e5d8c257a65c5467b16dc106e8867e8855acb746e83a8c96c125b7b4545e12f2df83ae6f57ba94ac5a5cc432aac90b83f1d285ee5ec7bbef11a33bf84e77e9374ec4c3afb8b026b9d0b9facc8f27c7c761c00d4eb4cc2553f925d1d09db7ab7ae855807618db9dcd6870ad9fef4c0dab31299681519aec2e41d8a7769fe6000b1de6c50b1dd3674f7c6838764a8058a7788c9060679c68317b0751dc8c0b20322cb4716e3c4862b7dc3f4fca6bdfdb85ae0c5e987493d518c67b0a6e07cfb7c6d149125cd9fe08eff0fb3171dc528f972b642a4bf36427c7ea1f9825a765561776bc00dc95104191c180a20a1e1a11cfd1a03ccb341db80e1f12880efa94e155c15c445fb80762303301ec2423e25117297df64b", 0xfff) socket$nl_netfilter(0x10, 0x3, 0xc) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/address_bits', 0x0, 0x0) r2 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000040)={0x20a0}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r3, 0x8923, &(0x7f0000000100)={'wlan1\x00', @broadcast}) 1.676560275s ago: executing program 0 (id=7703): bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x0, 0x4, &(0x7f0000000580)=ANY=[@ANYBLOB="8500000011000000350000000000000085000000070000009500000000000000f4670880271e3503200ffa95b2c8c037c5e96a21a755752f475b6da142c9a8d76287066c51adde96fcc309926fa397fabd5f9810e81ae03737136ea6f7be39cd34d5ae35de38fd5a1173a35c79949c00a7c09cc28d7673294f42a5f0a8321313822c45c0f8612c10b100000000b0d3712c7e93363af3c075ff1e23166a32d95433bb755a2dd576090c4877a7b6393e366c6386d5ec72f1d031f40f3012e9176e51a7f578602f5807785b92a544fc5cc037102124d85cec074c6949e1298901ebb395000000000000977e82c4c90d33ceb7807e116d5c16f5fe47fe5f17f9ab800f4104dbffff0000000000005c6d5d224b64be6c4d04009809000046f9aa4a9779f8555eaea768c1f2c221c410ef4b253d110ee282ab94de930a060000846be6277c04b4c5324812696a261be1d0b76f9aad1b62ffffffffdc8dcba00bfbffffffc45b0c52887b5efabf84960ba0e3c4c00356ffebfb19a34268335648e1f822de328c10742a42dca52fb98c1452b6518a6ef7297f7b2744706d27ed0b05b1b9555f2a19850a21419a2f238f173d0cd46dafc7ac5500f53e7309ec91d83cf4080000000029b34b9ff5087b7fa4f0000000000000008b00000000449c810d3174c87ee545867a3126af7a8b20744ea9875b9cba735b9594aa904e5a000000004a2147c1128c697d9966b3c9f0e9e203911a3fac929a4fc6e625247510bc24e20ad88d4fe6a3ae6c4aae83352106057ab9cd4b3442a5d10451b95e22f30a85f5681ca3000000008e100000000000000396e7b6e1aa007018f6d93e79fce95d405b809238cca421c800800000fa978bee51f581d124216e8bd9de040014a223fc991fb08f65f0db98c068be4c6155ec00005410866059475714844a3ea4cbe37e0000000000ef6d00bd63bb928ff58b3bd2a646a89d172a884dcdb8b9f905e72ce1a66f08c9b385a8cf37c496a8d2dab79d4242a353917ebdf2dc7926d80260898d4e1cd57f7b912d31a36f5d2a666537f920a9588a712be006c85db574e951fb65c103024d3c169e3b791e12b3c9905e0810f7ce80fa133c8af5ea4edbcd54e5a01b74f9dc015f5b7811cd7627993dd965a56b2d666f722bc26e3f6fb2163756d68ef7318d3abf910000bd9145909eaf139a2dcb2867a2979efe0b61627dd96f8e698fc5b9ed35bcf2fb9b190c3cf040549a1bbe7ca6adce2dec7c40c628e90b30cc8d8c0b3c6c95e21c7ff037166302e6"], 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x5, &(0x7f0000000000)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x61}, @call={0x85, 0x0, 0x0, 0x7d}]}, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x46) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0xe80, 0x0, &(0x7f0000000900)="e02742e8680d85ff9782762f86dd", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) 1.624837967s ago: executing program 0 (id=7704): r0 = getpid() prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0) process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}, {0x0}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r3 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000040)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000014040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="030300000000000000000700000008000300", @ANYRES32=r4], 0x1c}}, 0x0) 1.624523595s ago: executing program 0 (id=7705): openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) ioctl$BLKSECTGET(0xffffffffffffffff, 0x1267, 0x0) syz_emit_vhci(&(0x7f0000001fc0)=@HCI_EVENT_PKT={0x4, @hci_ev_encrypt_change={{0x8, 0x4}, {0x6, 0xc9}}}, 0x7) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) openat$uhid(0xffffffffffffff9c, 0x0, 0x2, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f000047b000)={0xa, 0x0, 0x0, @empty}, 0x1c) mremap(&(0x7f00002d7000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f0000476000/0x3000)=nil) get_mempolicy(0x0, 0x0, 0x0, &(0x7f0000a88000/0x2000)=nil, 0x0) madvise(&(0x7f000042f000/0x800000)=nil, 0x800000, 0x15) 1.473584455s ago: executing program 0 (id=7708): socket(0x2, 0x3, 0x6) mkdirat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0) r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/stat\x00', 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r3 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4f) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10) sendfile(r1, r2, 0x0, 0xdc) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_i', @ANYRESDEC=0x0]) read$FUSE(r0, &(0x7f0000004200)={0x2020}, 0x2020) 1.353662493s ago: executing program 2 (id=7711): mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) connect$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe) sendmmsg(r0, &(0x7f0000001f40)=[{{0x0, 0x0, &(0x7f00000017c0)=[{&(0x7f0000000380)="74e68d42ed24fa079d1cbf5fb49c1591fa5c21a2828b199c7132b8b1e37879cf0568fedd457c537b3a3b9331b8e60c96d2dc79dc5f0a77a4f94347dee5b2fe52a97b3f9d8058f84564914f39f8449603a935e0b59fe37ae686597167b1cdb09da9850ce6e79823df0572cdcfe58c4f5cb72808759359e25408d74b119fe539d145d3b8553cc6ce7e910ff92a", 0x8c}, {&(0x7f0000000fc0)="9842854d66eb111cd7723997a81b3c025b782a281e46b5b56fcf1e1f6c6a347ad20e665d96d731e3fccec42be2b737dbb1e3c6aa8fe47ddf7bf6b564a80f9fe77342d40000b7cae6b8ba80431ed310a1c330c6865fcbc61fd45efc261cef659d8abe331aac0294abe802512c4e7fcbce2651c5ee024f55c6659d6e3e0b055d8cb2f6212df6ca0e2a4d729316d972bb678edfd0273802752ffc13b3df7d1957cc9f4117f8b6078bc1975ab119e4e12e578497b9da7cd0430f4cb84f081e23f139e460dc06cb7b2474bd4a9100c896b1bc81bb949a5ee785a4c71815974075339d24cb4c48b0d1929456a006aaac620613a892d818532369ef10e2ac6285a5426f3f6d2e1b49e13053c1f2c2c9b277cfb8517ac6b6b705dd333c6962ee215ad845cf5a8d9192840d49ccb496b77285f4b7ffa2d1d3f8651015d122fc7945761ecf292443a9d1c7eac88ebf844b42452904960acf9819bc2873044b225725f7c80515f3fe6bb602c91cdc90322f052ab0810cd498318e868f05194e86c55dfca16e0bcaaa8f2413d6b4fe176b09a676f15303fd924105636e945aba1c3d8951a386358852e33065e1752201dc04210f3d1e54f32aab0615c419934ea496a4d0e2cb6c7c78883d1bd0335d50a51797586433787eaecbee1ff3ef762c12d90af1b564cb37f26d340eb8ab42b7dddd361cea012116bc9d254db9ef02a38cca2a8d2c240dce92343762936e9ce6850cb4785e9b0de854298b4837a49518baaccb9ba2da75b75242fbc2f60dd261865b7b569a80c4b996dac9a0ef0a7aef556773782ba8ed4f3e81659cfed4506e28aa46665247651da86d0d182bb0ef15fcdc98e69795695a9db8af6ff5cdc2471b5736842bd900e63ee2cb7261f9247d401b1db26bb738ecfbaf9e9939a4839073312e09bf6a8cd3de79687d95d85351d2743973a2f252abb47b1318455d6595d7b667f9cf49274f9d81a724b428f8b9186a8f30a795f660d82a3efea3bcdeb15dc5b31759c57b51f5c3f24fad9992cd3d773f6a25fac3ed1356a25dc1bf2a74d0f8e5ea0119c39ea5efe46471cc3a22870516399119fe34c99b1b3fa5858e438384813118edbc6880ac191991eaf2339f5f8804bc6de7c6375d48ae397189f5f5c17747bf1797bf49530a9273b38e8ef520b962db3f0aa92d001b3fd38d2e463b9e18440abfff8e56e92ec7a3117ce34741fe69d0415847ca0bf2b35b9af05c4317", 0x36c}, {&(0x7f0000004200)="96", 0x1}], 0x3}}], 0x1, 0x0) 1.277441154s ago: executing program 2 (id=7712): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4) sendmmsg$inet(r0, &(0x7f0000001040)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000b80)="0036d551863e1902129da79f5986e05288f50e5398660c1a29b0f45c0cc36902e0251c8d34197b357b32b161f9ad72d55a0eab976aae24ed805271b43f0ce2fea5e764494873e0d82a172b3bb54f59b458fd35039c7d81e9ab07f2fb4dad4dace0f5119b54c74a12e4569e47b69a95f92c6380af2bd003fa56f06a23bbd1c78e7756bf4fcaff0c2337b60e0c762561c605428e9682e7c55c8e6c229ec1d7650e6a0f069de73afad349f50f11e9ee4f0a030e0671a3f9ef7e26cf4bcdf8c13c6f7da9b138c9401f2632b7b36ddfdd0006f5c59eae5a366dc2679e430ce556bb5fa1df39adb6a5e94625781f6aacfe0a9adfed8414480361453a151fc0d3b7ef3567ab9ad6ad7c", 0x106}, {&(0x7f0000000700)="f5e022a4d2ed0cf5f8b2e9857cb9af98da7aa60f7a1582aadeaef336", 0x1c}, {&(0x7f0000000380)="b7e4c84c12f2ec398a7c6a1f6be9de130578cdbffd74752b2f6133071864bac0717147af20e6e13af7b7100d1a6736a8e03334b7cdd90757248589134b71c162fc7e17fbcffa8487caa0469ea6ad8ab919c383554859e254c4046f5a0a494810a015491393eff01813fc6069c86f8995caaf2adf3edac3", 0x77}, {&(0x7f0000000980)="034415e3adef4aed31158fafa269802ea23350b4ccb5b090c1c78a321572bfde0afbd422fb950790671dacccd6e01d31ec52594c4dacd14ded6fee80769eebee46e58d09407b5a87af1859e393d4790600c24b4b76517d4ff50f9643b57d9cd0fc44f39fa2798258f61316d4b305ac3c2a935b1f116f637169690f5127862b7b6685ae3fae0c4d45875168d25a4b212a111c3c2bdd1d42a9364e402a7de0393a644c63cded1ed4e9e43971c75d3284781533381d0846fddf3b354003d21d0ed48516d2c79eca23c2630af269e3fe7e00a4a3ccf2b8476b8626b5b960d28c908314bda28ba92e1398607e40b1136873ab61dcf1049cb0b0a14750087d223c7db17cd456048fb1eb9e98c1943bfe3762e0f61326f12fc588ab3a9f986e96f44a4d8025b55d4c72de543d353235095a28f7bd299099fe523a0e240c6e391c762f06e8aa2c43b4cfa9e876a90b6896124fb37f2735e2f62eae4b4c9ec325", 0x15c}], 0x4}}, {{0x0, 0x0, &(0x7f0000000dc0)=[{&(0x7f00000001c0)="cba3c7a43c4cf7989ec2aa6316626e6feabc77d9cedecc05d15b6848559c1a87078de3d109f37a0d6d140144ac91f746a3d2f75c1e4ebf256dff9e04", 0x3c}, {&(0x7f0000000cc0)="91fc324a883d40dd8ea39ed9172f3dde360ce7e8a1bf6f72e7b7fd77a56eab188121df7dc411b41377dd66d158ac7f988ee80c1edb18931fff7a2c87b5f2a0bfc9e905757a7dc8b633677f9bc0f626ebcced33e3b0bceda3adbfd365afe7269a23058ca6764ae3f3bb6db0161de96044278ae16290e5dbd415bb97d91cccf19072730f30ad6948126a3340", 0x8b}], 0x2}}], 0x2, 0x0) sendto$inet(r0, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0xfffff, 0x0, 0x27) 1.277168134s ago: executing program 2 (id=7713): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x0, &(0x7f0000000200)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(0xffffffffffffffff, 0x0, 0x0) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb70200"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = socket$igmp6(0xa, 0x3, 0x2) r4 = socket$igmp6(0xa, 0x3, 0x2) sendmmsg$inet6(r4, &(0x7f0000005180)=[{{&(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1}, 0x1c, 0x0}}], 0x1, 0x0) r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps\x00') dup3(r5, r3, 0x0) 726.249822ms ago: executing program 3 (id=7714): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000440)={0xa, 0x4e22}, 0x1c) listen(r0, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000500)=[{0x0}, {&(0x7f0000000280)="fe112162c63e6da8bc8432294ef18af53cc330a62a2c7035246635093ba4d30fcf19a90804f04a10939db8f4e13069cda6d167bf1b68c94d8d694d6ad1a4d51a715975560ad48770706eb1", 0x4b}], 0x2}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="620af8"], 0x0}, 0x90) syz_emit_ethernet(0x17b, &(0x7f0000000280)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa0086dd6000000001450600fe8000000000000000000000000000bbff02000000000000000000000000000100004e22"], 0x0) 717.388148ms ago: executing program 3 (id=7715): bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x0, 0x0, 0x0, 0xbf25}, 0x48) io_uring_setup(0x0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0xb}) r0 = io_uring_setup(0x2c49, &(0x7f0000002240)) io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r0, 0x18, &(0x7f0000000000), 0x1) 608.656406ms ago: executing program 3 (id=7716): openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) ioctl$BLKSECTGET(0xffffffffffffffff, 0x1267, 0x0) syz_emit_vhci(&(0x7f0000001fc0)=@HCI_EVENT_PKT={0x4, @hci_ev_encrypt_change={{0x8, 0x4}, {0x6, 0xc9}}}, 0x7) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) openat$uhid(0xffffffffffffff9c, 0x0, 0x2, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f000047b000)={0xa, 0x0, 0x0, @empty}, 0x1c) mremap(&(0x7f00002d7000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f0000476000/0x3000)=nil) get_mempolicy(0x0, 0x0, 0x0, &(0x7f0000a88000/0x2000)=nil, 0x0) madvise(&(0x7f000042f000/0x800000)=nil, 0x800000, 0x15) 597.200862ms ago: executing program 2 (id=7717): r0 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="85000000070000006a0a00ff000000000c00000000000000950000000000000018100000", @ANYRES32, @ANYBLOB="00000024007b560000000000400000ac8fa3"], &(0x7f0000000140)='GPL\x00', 0x2, 0xffa0, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x1e, 0x10, 0x0, 0x1e}, 0x2d) bpf$BPF_PROG_DETACH(0x8, &(0x7f00000002c0)={@ifindex, r0, 0x11, 0x0, 0x0, @prog_id}, 0x20) bpf$BPF_PROG_DETACH(0x8, &(0x7f00000002c0)={@ifindex, r0, 0x11, 0x0, 0x0, @prog_id}, 0x20) 488.569392ms ago: executing program 2 (id=7718): socket$inet6_tcp(0xa, 0x1, 0x0) r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_TDLS_OPER(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000003000000008000300", @ANYRES32=r2], 0x30}}, 0x0) 488.339287ms ago: executing program 3 (id=7719): sendmsg$ETHTOOL_MSG_PAUSE_GET(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000000)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16], 0x34}}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0x5}, 0x48) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x100, 0x100, 0x9, 0x1, 0x1}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000000), 0xcff5, r0}, 0x38) bpf$MAP_LOOKUP_BATCH(0x1b, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000500), 0x0, 0x2, r0}, 0x38) 401.824913ms ago: executing program 2 (id=7720): syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0) mkdirat(0xffffffffffffff9c, 0x0, 0x0) mkdir(0x0, 0x0) pipe2$9p(&(0x7f0000000240), 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x5411, 0xffffffffffffffff) bpf$PROG_LOAD(0x5, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNDCTL_DSP_CHANNELS(r5, 0xc0045006, &(0x7f0000000080)=0x7f) ioctl$SNDCTL_DSP_SPEED(r5, 0xc0045002, &(0x7f00000000c0)) read$dsp(r5, &(0x7f00000011c0)=""/4117, 0x200021d5) 401.571525ms ago: executing program 0 (id=7721): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4) sendmmsg$inet(r0, &(0x7f0000001040)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000b80)="0036d551863e1902129da79f5986e05288f50e5398660c1a29b0f45c0cc36902e0251c8d34197b357b32b161f9ad72d55a0eab976aae24ed805271b43f0ce2fea5e764494873e0d82a172b3bb54f59b458fd35039c7d81e9ab07f2fb4dad4dace0f5119b54c74a12e4569e47b69a95f92c6380af2bd003fa56f06a23bbd1c78e7756bf4fcaff0c2337b60e0c762561c605428e9682e7c55c8e6c229ec1d7650e6a0f069de73afad349f50f11e9ee4f0a030e0671a3f9ef7e26cf4bcdf8c13c6f7da9b138c9401f2632b7b36ddfdd0006f5c59eae5a366dc2679e430ce556bb5fa1df39adb6a5e94625781f6aacfe0a9adfed8414480361453a151fc0d3b7ef3567ab9ad6ad7c", 0x106}, {&(0x7f0000000700)="f5e022a4d2ed0cf5f8b2e9857cb9af98da7aa60f7a1582aadeaef336", 0x1c}, {&(0x7f0000000380)="b7e4c84c12f2ec398a7c6a1f6be9de130578cdbffd74752b2f6133071864bac0717147af20e6e13af7b7100d1a6736a8e03334b7cdd90757248589134b71c162fc7e17fbcffa8487caa0469ea6ad8ab919c383554859e254c4046f5a0a494810a015491393eff01813fc6069c86f8995caaf2adf3edac3", 0x77}, {&(0x7f0000000980)="034415e3adef4aed31158fafa269802ea23350b4ccb5b090c1c78a321572bfde0afbd422fb950790671dacccd6e01d31ec52594c4dacd14ded6fee80769eebee46e58d09407b5a87af1859e393d4790600c24b4b76517d4ff50f9643b57d9cd0fc44f39fa2798258f61316d4b305ac3c2a935b1f116f637169690f5127862b7b6685ae3fae0c4d45875168d25a4b212a111c3c2bdd1d42a9364e402a7de0393a644c63cded1ed4e9e43971c75d3284781533381d0846fddf3b354003d21d0ed48516d2c79eca23c2630af269e3fe7e00a4a3ccf2b8476b8626b5b960d28c908314bda28ba92e1398607e40b1136873ab61dcf1049cb0b0a14750087d223c7db17cd456048fb1eb9e98c1943bfe3762e0f61326f12fc588ab3a9f986e96f44a4d8025b55d4c72de543d353235095a28f7bd299099fe523a0e240c6e391c762f06e8aa2c43b4cfa9e876a90b6896124fb37f2735e2f62eae4b4c9ec325", 0x15c}], 0x4}}, {{0x0, 0x0, &(0x7f0000000dc0)=[{&(0x7f00000001c0)="cba3c7a43c4cf7989ec2aa6316626e6feabc77d9cedecc05d15b6848559c1a87078de3d109f37a0d6d140144ac91f746a3d2f75c1e4ebf256dff9e04", 0x3c}, {&(0x7f0000000cc0)="91fc324a883d40dd8ea39ed9172f3dde360ce7e8a1bf6f72e7b7fd77a56eab188121df7dc411b41377dd66d158ac7f988ee80c1edb18931fff7a2c87b5f2a0bfc9e905757a7dc8b633677f9bc0f626ebcced33e3b0bceda3adbfd365afe7269a23058ca6764ae3f3bb6db0161de96044278ae16290e5dbd415bb97d91cccf19072730f30ad6948126a3340", 0x8b}], 0x2}}], 0x2, 0x0) sendto$inet(r0, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0xfffff, 0x0, 0x27) 346.466643ms ago: executing program 0 (id=7722): r0 = socket$rds(0x15, 0x5, 0x0) syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e74000905"], 0x0) syz_open_dev$midi(&(0x7f0000000000), 0x3, 0x88c02) close_range(r0, 0xffffffffffffffff, 0x0) 108.931692ms ago: executing program 1 (id=7723): r0 = syz_open_dev$dri(&(0x7f0000000040), 0xd21, 0x0) ioperm(0x0, 0x8000, 0xffff) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000000)={0x0, &(0x7f00000000c0)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r0, 0xc06864a1, &(0x7f0000000100)={0x0, 0xffffffffffffff3d, r1}) ioctl$DRM_IOCTL_MODE_GETFB2(r0, 0xc06864ce, 0x0) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000080)={0x0, 0x0, 0xffffffffffffffff}) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1000004, 0x13, r2, 0x0) syz_clone3(&(0x7f0000001980)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 497.906µs ago: executing program 1 (id=7724): r0 = getpid() prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0) process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000006180)=""/152, 0x98}], 0x1, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r3 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000040)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000014040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="030300000000000000000700000008000300", @ANYRES32=r4], 0x1c}}, 0x0) 0s ago: executing program 1 (id=7725): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x66b3}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000f3ff000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f00000000c0)={0x0, 0x1000}, 0x4) r5 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r5, 0x107, 0x12, &(0x7f00000000c0)={0x0, 0x1000}, 0x4) close(r5) kernel console output (not intermixed with test programs): rcing a failure. [ 663.777255][T20828] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 663.783599][T20828] CPU: 3 PID: 20828 Comm: syz.2.5606 Not tainted 6.10.0-rc7-syzkaller-00025-ga19ea421490d #0 [ 663.788816][T20828] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 663.793157][T20828] Call Trace: [ 663.794611][T20828] [ 663.795898][T20828] dump_stack_lvl+0x16c/0x1f0 [ 663.798019][T20828] should_fail_ex+0x497/0x5b0 [ 663.800264][T20828] _copy_to_user+0x30/0xc0 [ 663.802606][T20828] simple_read_from_buffer+0xd0/0x160 [ 663.805404][T20828] proc_fail_nth_read+0x1b0/0x290 [ 663.806692][ T6690] usb 6-1: USB disconnect, device number 48 [ 663.807775][T20828] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 663.813038][T20828] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 663.815685][T20828] vfs_read+0x1d4/0xbd0 [ 663.817516][T20828] ? __fdget_pos+0xeb/0x180 [ 663.819381][T20828] ? __pfx_vfs_read+0x10/0x10 [ 663.821314][T20828] ? __pfx___mutex_lock+0x10/0x10 [ 663.823751][T20828] ? __fget_files+0x256/0x400 [ 663.826200][T20828] ksys_read+0x12f/0x260 [ 663.828046][T20828] ? __pfx_ksys_read+0x10/0x10 [ 663.830370][T20828] __do_fast_syscall_32+0x73/0x120 [ 663.832499][T20828] do_fast_syscall_32+0x32/0x80 [ 663.834493][T20828] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 663.837258][T20828] RIP: 0023:0xf740d579 [ 663.839003][T20828] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 663.847562][T20828] RSP: 002b:00000000f5d255b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 663.850765][T20828] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5d25630 [ 663.853485][T20828] RDX: 000000000000000f RSI: 00000000f73f8ff4 RDI: 0000000000000000 [ 663.856364][T20828] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 663.859182][T20828] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 663.862316][T20828] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 663.865517][T20828] [ 664.162441][T20839] overlay: Unknown parameter 'fscontext' [ 664.299083][T20842] 9pnet_fd: Insufficient options for proto=fd [ 664.897595][T10356] usb 5-1: USB disconnect, device number 45 [ 665.533236][T20874] overlay: Unknown parameter 'fscontext' [ 665.550502][T20872] input: syz1 as /devices/virtual/input/input75 [ 665.650113][T20876] pim6reg1: entered promiscuous mode [ 665.656098][T20876] pim6reg1: entered allmulticast mode [ 665.731592][T20879] 9pnet_fd: Insufficient options for proto=fd [ 665.918651][T20889] xt_NFQUEUE: number of total queues is 0 [ 666.006299][T20895] FAULT_INJECTION: forcing a failure. [ 666.006299][T20895] name failslab, interval 1, probability 0, space 0, times 0 [ 666.014287][T20895] CPU: 3 PID: 20895 Comm: syz.0.5627 Not tainted 6.10.0-rc7-syzkaller-00025-ga19ea421490d #0 [ 666.018588][T20895] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 666.023088][T20895] Call Trace: [ 666.024453][T20895] [ 666.025633][T20895] dump_stack_lvl+0x16c/0x1f0 [ 666.028633][T20895] should_fail_ex+0x497/0x5b0 [ 666.031237][T20895] should_failslab+0x9/0x20 [ 666.033908][T20895] kmalloc_trace_noprof+0x6b/0x310 [ 666.036589][T20895] ? vcs_poll_data_get.part.0+0x43/0x280 [ 666.039248][T20895] vcs_poll_data_get.part.0+0x43/0x280 [ 666.041734][T20895] vcs_poll+0x123/0x150 [ 666.043614][T20895] do_select+0xca0/0x17b0 [ 666.045737][T20895] ? __pfx_vcs_poll+0x10/0x10 [ 666.047954][T20895] ? __pfx_do_select+0x10/0x10 [ 666.050172][T20895] ? mark_lock+0xb5/0xc60 [ 666.052486][T20895] ? __pfx___pollwait+0x10/0x10 [ 666.055054][T20895] ? __pfx_pollwake+0x10/0x10 [ 666.057308][T20895] ? __pfx_pollwake+0x10/0x10 [ 666.059496][T20895] ? __pfx_pollwake+0x10/0x10 [ 666.061824][T20895] ? __pfx_pollwake+0x10/0x10 [ 666.063998][T20895] ? __pfx_pollwake+0x10/0x10 [ 666.066612][T20895] ? __pfx_pollwake+0x10/0x10 [ 666.069312][T20895] ? compat_core_sys_select+0x1de/0x880 [ 666.071845][T20895] ? __pfx_lock_release+0x10/0x10 [ 666.074117][T20895] ? compat_core_sys_select+0x687/0x880 [ 666.076971][T20895] compat_core_sys_select+0x687/0x880 [ 666.079893][T20895] ? __pfx_compat_core_sys_select+0x10/0x10 [ 666.083051][T20895] ? ksys_write+0x12f/0x260 [ 666.084939][T20895] ? set_compat_user_sigmask+0x20f/0x2a0 [ 666.087069][T20895] ? __pfx_set_compat_user_sigmask+0x10/0x10 [ 666.089648][T20895] do_compat_pselect+0x202/0x240 [ 666.091757][T20895] ? __pfx_do_compat_pselect+0x10/0x10 [ 666.094238][T20895] ? ksys_write+0x1ab/0x260 [ 666.096408][T20895] __ia32_compat_sys_pselect6_time32+0x141/0x1c0 [ 666.099228][T20895] __do_fast_syscall_32+0x73/0x120 [ 666.101680][T20895] do_fast_syscall_32+0x32/0x80 [ 666.104225][T20895] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 666.107050][T20895] RIP: 0023:0xf73b4579 [ 666.108818][T20895] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 666.116886][T20895] RSP: 002b:00000000f5ccc57c EFLAGS: 00000292 ORIG_RAX: 0000000000000134 [ 666.121125][T20895] RAX: ffffffffffffffda RBX: 0000000000000040 RCX: 00000000200001c0 [ 666.126038][T20895] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 0000000000000000 [ 666.129719][T20895] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 666.133216][T20895] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 666.136344][T20895] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 666.139482][T20895] [ 666.240631][ T5264] usb 6-1: new high-speed USB device number 49 using dummy_hcd [ 666.455687][ T5264] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 666.475793][ T5264] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 666.488886][ T5264] usb 6-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 666.497052][ T5264] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 666.512236][ T5264] usb 6-1: config 0 descriptor?? [ 666.969939][T20912] 9pnet_fd: Insufficient options for proto=fd [ 667.080765][ T5264] cm6533_jd 0003:0D8C:0022.0022: unknown main item tag 0x0 [ 667.084349][ T5264] cm6533_jd 0003:0D8C:0022.0022: unknown main item tag 0x0 [ 667.088861][ T5264] cm6533_jd 0003:0D8C:0022.0022: unknown main item tag 0x0 [ 667.092322][ T5264] cm6533_jd 0003:0D8C:0022.0022: unknown main item tag 0x0 [ 667.095997][ T5264] cm6533_jd 0003:0D8C:0022.0022: unknown main item tag 0x0 [ 667.100851][ T5264] cm6533_jd 0003:0D8C:0022.0022: No inputs registered, leaving [ 667.107824][ T5264] cm6533_jd 0003:0D8C:0022.0022: hiddev0,hidraw1: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.1-1/input0 [ 667.396222][ T6690] usb 6-1: USB disconnect, device number 49 [ 668.466659][T20936] 9pnet_fd: Insufficient options for proto=fd [ 668.598802][T20945] 9pnet_fd: Insufficient options for proto=fd [ 668.786681][ T55] usb 7-1: new high-speed USB device number 54 using dummy_hcd [ 668.992799][ T55] usb 7-1: Using ep0 maxpacket: 16 [ 669.006340][ T55] usb 7-1: config 0 has an invalid interface number: 61 but max is 0 [ 669.010398][ T55] usb 7-1: config 0 has no interface number 0 [ 669.019704][ T55] usb 7-1: New USB device found, idVendor=102c, idProduct=6151, bcdDevice=2c.ae [ 669.027446][ T55] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 669.034416][ T55] usb 7-1: Product: syz [ 669.036812][ T55] usb 7-1: Manufacturer: syz [ 669.039004][ T55] usb 7-1: SerialNumber: syz [ 669.043781][ T55] usb 7-1: config 0 descriptor?? [ 669.049427][ T55] gspca_main: etoms-2.14.0 probing 102c:6151 [ 669.536396][T20972] netlink: 1752 bytes leftover after parsing attributes in process `syz.2.5637'. [ 670.118832][ T55] usb 7-1: USB disconnect, device number 54 [ 670.456522][T20995] 9pnet_fd: Insufficient options for proto=fd [ 670.460625][T21001] bio_check_eod: 26 callbacks suppressed [ 670.460643][T21001] syz.3.5658: attempt to access beyond end of device [ 670.460643][T21001] md0: rw=0, sector=2, nr_sectors = 2 limit=0 [ 670.483086][T21001] syz.3.5658: attempt to access beyond end of device [ 670.483086][T21001] md0: rw=0, sector=0, nr_sectors = 2 limit=0 [ 670.488748][T21001] syz.3.5658: attempt to access beyond end of device [ 670.488748][T21001] md0: rw=0, sector=0, nr_sectors = 2 limit=0 [ 670.493991][T21001] syz.3.5658: attempt to access beyond end of device [ 670.493991][T21001] md0: rw=0, sector=18, nr_sectors = 2 limit=0 [ 670.499672][T21001] syz.3.5658: attempt to access beyond end of device [ 670.499672][T21001] md0: rw=0, sector=30, nr_sectors = 2 limit=0 [ 670.505130][T21001] syz.3.5658: attempt to access beyond end of device [ 670.505130][T21001] md0: rw=0, sector=36, nr_sectors = 2 limit=0 [ 670.505549][T20999] netlink: 40 bytes leftover after parsing attributes in process `syz.2.5657'. [ 670.510239][T21001] VFS: unable to find oldfs superblock on device md0 [ 671.500677][ T6690] usb 6-1: new high-speed USB device number 50 using dummy_hcd [ 671.781261][ T6690] usb 6-1: Using ep0 maxpacket: 16 [ 671.788233][ T6690] usb 6-1: config 0 has an invalid interface number: 61 but max is 0 [ 671.831217][ T6690] usb 6-1: config 0 has no interface number 0 [ 671.859553][ T6690] usb 6-1: New USB device found, idVendor=102c, idProduct=6151, bcdDevice=2c.ae [ 671.865342][ T6690] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 671.868718][ T6690] usb 6-1: Product: syz [ 671.870461][ T6690] usb 6-1: Manufacturer: syz [ 671.872597][ T6690] usb 6-1: SerialNumber: syz [ 671.885648][ T6690] usb 6-1: config 0 descriptor?? [ 671.897489][ T6690] gspca_main: etoms-2.14.0 probing 102c:6151 [ 672.128557][ T65] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 672.129000][T21050] program syz.2.5673 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 672.150151][ T65] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 672.158554][ T65] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 672.168350][ T65] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 672.173942][ T65] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 672.178221][ T65] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 672.228067][T16589] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 672.275299][T16589] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 672.283340][T16589] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 672.309661][T16589] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 672.317396][T16589] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 672.321089][T16589] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 672.335097][T21026] netlink: 1752 bytes leftover after parsing attributes in process `syz.1.5665'. [ 672.593306][T21061] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5675'. [ 672.635893][ T6690] usb 6-1: USB disconnect, device number 50 [ 672.711850][T19293] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 672.919942][T19293] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 673.140527][T19293] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 673.170362][T21052] chnl_net:caif_netlink_parms(): no params data found [ 673.305215][T19293] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 673.429689][T21052] bridge0: port 1(bridge_slave_0) entered blocking state [ 673.433290][T21052] bridge0: port 1(bridge_slave_0) entered disabled state [ 673.439877][T21052] bridge_slave_0: entered allmulticast mode [ 673.444910][T21052] bridge_slave_0: entered promiscuous mode [ 673.450950][T21052] bridge0: port 2(bridge_slave_1) entered blocking state [ 673.454546][T21052] bridge0: port 2(bridge_slave_1) entered disabled state [ 673.463232][T21052] bridge_slave_1: entered allmulticast mode [ 673.469943][T21052] bridge_slave_1: entered promiscuous mode [ 673.586414][T18310] usb 6-1: new high-speed USB device number 51 using dummy_hcd [ 673.614251][T21052] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 673.626634][T21052] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 673.804133][T18310] usb 6-1: Using ep0 maxpacket: 8 [ 673.808573][T18310] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 673.812242][T18310] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 673.818050][T18310] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 673.823155][T18310] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 673.836692][T18310] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 673.840835][T18310] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 673.858226][T21052] team0: Port device team_slave_0 added [ 673.902506][T21052] team0: Port device team_slave_1 added [ 673.961085][T19293] bridge_slave_1: left allmulticast mode [ 673.963422][T19293] bridge_slave_1: left promiscuous mode [ 673.971199][T19293] bridge0: port 2(bridge_slave_1) entered disabled state [ 673.980441][T19293] bridge_slave_0: left allmulticast mode [ 673.982398][T19293] bridge_slave_0: left promiscuous mode [ 673.986006][T19293] bridge0: port 1(bridge_slave_0) entered disabled state [ 674.094396][T18310] usb 6-1: usb_control_msg returned -32 [ 674.098220][T18310] usbtmc 6-1:16.0: can't read capabilities [ 674.107239][T18310] usb 6-1: USB disconnect, device number 51 [ 674.585967][ T65] Bluetooth: hci4: command tx timeout [ 674.772400][T19293] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 674.780219][T19293] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 674.786533][T19293] bond0 (unregistering): Released all slaves [ 674.795917][T19293] bond1 (unregistering): Released all slaves [ 674.965174][T21052] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 674.973131][T21052] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 675.001331][T21052] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 675.011301][T21052] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 675.016047][T21052] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 675.059942][T21052] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 675.575474][T21052] hsr_slave_0: entered promiscuous mode [ 675.582233][T21052] hsr_slave_1: entered promiscuous mode [ 675.586179][T21052] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 675.589338][T21052] Cannot create hsr debugfs directory [ 676.116975][T19293] hsr_slave_0: left promiscuous mode [ 676.121844][T19293] hsr_slave_1: left promiscuous mode [ 676.136942][T19293] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 676.140256][T19293] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 676.166687][T19293] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 676.170071][T19293] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 676.345790][T19293] veth1_macvtap: left promiscuous mode [ 676.348239][T19293] veth0_macvtap: left promiscuous mode [ 676.371666][T19293] veth1_vlan: left promiscuous mode [ 676.376734][T19293] veth0_vlan: left promiscuous mode [ 676.754321][T19293] pimreg (unregistering): left allmulticast mode [ 676.830121][ T65] Bluetooth: hci4: command tx timeout [ 678.552155][T19293] team0 (unregistering): Port device team_slave_1 removed [ 678.796873][T19293] team0 (unregistering): Port device team_slave_0 removed [ 679.084618][ T65] Bluetooth: hci4: command tx timeout [ 680.142265][T19293] lo (unregistering): left allmulticast mode [ 680.220069][T21161] fuse: Bad value for 'fd' [ 680.505778][T21173] pim6reg: entered allmulticast mode [ 680.532226][T21169] pim6reg: left allmulticast mode [ 681.339807][T21052] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 681.343076][ T65] Bluetooth: hci4: command tx timeout [ 681.382073][T21052] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 681.394184][T21052] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 681.415384][T21052] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 681.651292][T21052] 8021q: adding VLAN 0 to HW filter on device bond0 [ 681.673889][T21052] 8021q: adding VLAN 0 to HW filter on device team0 [ 681.686377][ T5253] bridge0: port 1(bridge_slave_0) entered blocking state [ 681.689576][ T5253] bridge0: port 1(bridge_slave_0) entered forwarding state [ 681.707722][ T5253] bridge0: port 2(bridge_slave_1) entered blocking state [ 681.711452][ T5253] bridge0: port 2(bridge_slave_1) entered forwarding state [ 681.821225][T21209] 9pnet_fd: Insufficient options for proto=fd [ 681.999602][T21052] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 682.216531][T21052] veth0_vlan: entered promiscuous mode [ 682.225542][T21052] veth1_vlan: entered promiscuous mode [ 682.326583][T21231] tc_dump_action: action bad kind [ 682.492950][T21052] veth0_macvtap: entered promiscuous mode [ 682.511895][T21052] veth1_macvtap: entered promiscuous mode [ 682.537159][T21052] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 682.542049][T21052] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 682.546784][T21052] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 682.551495][T21052] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 682.555970][T21052] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 682.567494][T21052] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 682.578930][T21052] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 682.588092][T21052] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 682.594941][T21052] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 682.607369][T21052] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 682.612916][T21052] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 682.617806][T21052] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 682.624970][T21052] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 682.630450][T21052] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 682.636763][T21052] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 682.641442][T21052] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 682.646712][T21052] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 682.653263][T21052] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 682.703086][T21052] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 682.707990][T21052] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 682.715120][T21052] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 682.719797][T21052] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 683.003881][T21247] 9pnet_fd: Insufficient options for proto=fd [ 683.035250][ T1090] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 683.038921][ T1090] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 683.149523][T19293] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 683.153731][T19293] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 683.537861][T18081] hid-generic 0000:0000:0000.0023: hidraw1: HID v0.00 Device [syz0] on syz1 [ 683.724751][T21271] syz.2.5721: attempt to access beyond end of device [ 683.724751][T21271] md0: rw=0, sector=2, nr_sectors = 2 limit=0 [ 683.735796][T21271] syz.2.5721: attempt to access beyond end of device [ 683.735796][T21271] md0: rw=0, sector=0, nr_sectors = 2 limit=0 [ 683.755196][T21271] syz.2.5721: attempt to access beyond end of device [ 683.755196][T21271] md0: rw=0, sector=0, nr_sectors = 2 limit=0 [ 683.772309][T21273] 9pnet_fd: Insufficient options for proto=fd [ 683.780153][T21271] syz.2.5721: attempt to access beyond end of device [ 683.780153][T21271] md0: rw=0, sector=18, nr_sectors = 2 limit=0 [ 683.811785][T21271] syz.2.5721: attempt to access beyond end of device [ 683.811785][T21271] md0: rw=0, sector=30, nr_sectors = 2 limit=0 [ 683.835567][T21271] syz.2.5721: attempt to access beyond end of device [ 683.835567][T21271] md0: rw=0, sector=36, nr_sectors = 2 limit=0 [ 683.868258][T21271] VFS: unable to find oldfs superblock on device md0 [ 684.080312][T21282] FAULT_INJECTION: forcing a failure. [ 684.080312][T21282] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 684.087002][T21282] CPU: 0 PID: 21282 Comm: syz.1.5726 Not tainted 6.10.0-rc7-syzkaller-00025-ga19ea421490d #0 [ 684.092283][T21282] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 684.097459][T21282] Call Trace: [ 684.099005][T21282] [ 684.100331][T21282] dump_stack_lvl+0x16c/0x1f0 [ 684.102429][T21282] should_fail_ex+0x497/0x5b0 [ 684.104481][T21282] _copy_from_user+0x30/0xf0 [ 684.106612][T21282] memdup_user+0x71/0xd0 [ 684.108573][T21282] strndup_user+0x78/0xe0 [ 684.110797][T21282] __ia32_sys_mount+0x181/0x320 [ 684.113309][T21282] ? __pfx___ia32_sys_mount+0x10/0x10 [ 684.115822][T21282] __do_fast_syscall_32+0x73/0x120 [ 684.118636][T21282] do_fast_syscall_32+0x32/0x80 [ 684.121027][T21282] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 684.123869][T21282] RIP: 0023:0xf73f8579 [ 684.125553][T21282] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 684.133744][T21282] RSP: 002b:00000000f5d1057c EFLAGS: 00000292 ORIG_RAX: 0000000000000015 [ 684.137179][T21282] RAX: ffffffffffffffda RBX: 0000000020000540 RCX: 0000000020003480 [ 684.140245][T21282] RDX: 00000000200003c0 RSI: 0000000000000000 RDI: 0000000000000000 [ 684.143157][T21282] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 684.146418][T21282] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 684.149818][T21282] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 684.153693][T21282] [ 684.349723][T21278] serio: Serial port ttynull [ 685.120782][ T39] audit: type=1326 audit(1720653254.149:3482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21276 comm="syz.2.5724" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740d579 code=0x7ffc0000 [ 685.131770][ T39] audit: type=1326 audit(1720653254.149:3483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21276 comm="syz.2.5724" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740d579 code=0x7ffc0000 [ 685.156644][ T39] audit: type=1326 audit(1720653254.149:3484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21276 comm="syz.2.5724" exe="/syz-executor" sig=0 arch=40000003 syscall=164 compat=1 ip=0xf740d579 code=0x7ffc0000 [ 685.178872][ T39] audit: type=1326 audit(1720653254.149:3485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21276 comm="syz.2.5724" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740d579 code=0x7ffc0000 [ 685.216165][ T39] audit: type=1326 audit(1720653254.149:3486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21276 comm="syz.2.5724" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740d579 code=0x7ffc0000 [ 685.276421][ T39] audit: type=1326 audit(1720653254.149:3487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21276 comm="syz.2.5724" exe="/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf740d579 code=0x7ffc0000 [ 685.482628][ T39] audit: type=1326 audit(1720653254.482:3488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21298 comm="syz.0.5729" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745c579 code=0x7ffc0000 [ 685.506770][ T39] audit: type=1326 audit(1720653254.482:3489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21298 comm="syz.0.5729" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745c579 code=0x7ffc0000 [ 685.525695][ T39] audit: type=1326 audit(1720653254.482:3490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21298 comm="syz.0.5729" exe="/syz-executor" sig=0 arch=40000003 syscall=164 compat=1 ip=0xf745c579 code=0x7ffc0000 [ 685.535131][ T39] audit: type=1326 audit(1720653254.482:3491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21298 comm="syz.0.5729" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745c579 code=0x7ffc0000 [ 686.069874][T21331] input: syz1 as /devices/virtual/input/input76 [ 686.246519][T21336] 9pnet_fd: Insufficient options for proto=fd [ 687.009579][T21355] FAULT_INJECTION: forcing a failure. [ 687.009579][T21355] name failslab, interval 1, probability 0, space 0, times 0 [ 687.018683][T21355] CPU: 2 PID: 21355 Comm: syz.1.5746 Not tainted 6.10.0-rc7-syzkaller-00025-ga19ea421490d #0 [ 687.023398][T21355] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 687.027888][T21355] Call Trace: [ 687.029706][T21355] [ 687.031288][T21355] dump_stack_lvl+0x16c/0x1f0 [ 687.033639][T21355] should_fail_ex+0x497/0x5b0 [ 687.035748][T21355] should_failslab+0x9/0x20 [ 687.037844][T21355] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 687.040249][T21355] ? getname_flags.part.0+0x50/0x4f0 [ 687.042735][T21355] getname_flags.part.0+0x50/0x4f0 [ 687.045315][T21355] getname_flags+0x9b/0xf0 [ 687.047376][T21355] user_path_at_empty+0x2c/0x60 [ 687.049311][T21355] do_sys_truncate+0xb6/0x190 [ 687.050976][T21355] ? __pfx_do_sys_truncate+0x10/0x10 [ 687.052986][T21355] __do_fast_syscall_32+0x73/0x120 [ 687.055251][T21355] do_fast_syscall_32+0x32/0x80 [ 687.057466][T21355] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 687.060196][T21355] RIP: 0023:0xf73f8579 [ 687.061989][T21355] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 687.071511][T21355] RSP: 002b:00000000f5d1057c EFLAGS: 00000292 ORIG_RAX: 000000000000005c [ 687.075139][T21355] RAX: ffffffffffffffda RBX: 0000000020000080 RCX: 0000000000000000 [ 687.078442][T21355] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 687.081515][T21355] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 687.084530][T21355] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 687.087636][T21355] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 687.091144][T21355] [ 687.154891][T21367] FAULT_INJECTION: forcing a failure. [ 687.154891][T21367] name failslab, interval 1, probability 0, space 0, times 0 [ 687.160439][T21367] CPU: 2 PID: 21367 Comm: syz.1.5749 Not tainted 6.10.0-rc7-syzkaller-00025-ga19ea421490d #0 [ 687.165108][T21367] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 687.169889][T21367] Call Trace: [ 687.171351][T21367] [ 687.172577][T21367] dump_stack_lvl+0x16c/0x1f0 [ 687.174703][T21367] should_fail_ex+0x497/0x5b0 [ 687.176844][T21367] should_failslab+0x9/0x20 [ 687.179031][T21367] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 687.181644][T21367] ? getname_flags.part.0+0x50/0x4f0 [ 687.184270][T21367] getname_flags.part.0+0x50/0x4f0 [ 687.186972][T21367] getname_flags+0x9b/0xf0 [ 687.189116][T21367] user_path_at_empty+0x2c/0x60 [ 687.191477][T21367] __ia32_sys_mount+0x1fe/0x320 [ 687.193733][T21367] ? __pfx___ia32_sys_mount+0x10/0x10 [ 687.196149][T21367] __do_fast_syscall_32+0x73/0x120 [ 687.198450][T21367] do_fast_syscall_32+0x32/0x80 [ 687.200662][T21367] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 687.203495][T21367] RIP: 0023:0xf73f8579 [ 687.205228][T21367] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 687.214059][T21367] RSP: 002b:00000000f5d1057c EFLAGS: 00000292 ORIG_RAX: 0000000000000015 [ 687.217994][T21367] RAX: ffffffffffffffda RBX: 0000000020000540 RCX: 0000000020003480 [ 687.221568][T21367] RDX: 00000000200003c0 RSI: 0000000000000000 RDI: 0000000000000000 [ 687.224940][T21367] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 687.228353][T21367] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 687.232408][T21367] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 687.236322][T21367] [ 687.281881][T21333] fuse: Bad value for 'fd' [ 688.019286][T21378] input: syz1 as /devices/virtual/input/input77 [ 688.069345][T21055] udevd[21055]: setting owner of /dev/input/event4 to uid=0, gid=104 failed: No such file or directory [ 688.277519][ T65] Bluetooth: hci4: command 0x0c1a tx timeout [ 688.278008][ T57] Bluetooth: hci4: Opcode 0x0c1a failed: -110 [ 688.288649][ T57] Bluetooth: hci4: Error when powering off device on rfkill (-110) [ 688.298330][T21385] FAULT_INJECTION: forcing a failure. [ 688.298330][T21385] name failslab, interval 1, probability 0, space 0, times 0 [ 688.320541][T21385] CPU: 1 PID: 21385 Comm: syz.0.5753 Not tainted 6.10.0-rc7-syzkaller-00025-ga19ea421490d #0 [ 688.325668][T21385] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 688.330624][T21385] Call Trace: [ 688.332128][T21385] [ 688.333558][T21385] dump_stack_lvl+0x16c/0x1f0 [ 688.335666][T21385] should_fail_ex+0x497/0x5b0 [ 688.337793][T21385] should_failslab+0x9/0x20 [ 688.339713][T21385] kmalloc_trace_noprof+0x6b/0x310 [ 688.341964][T21385] ? cgroup_show_path+0xb2/0x6c0 [ 688.344110][T21385] ? __pfx_cgroup_show_path+0x10/0x10 [ 688.346373][T21385] cgroup_show_path+0xb2/0x6c0 [ 688.348426][T21385] ? __pfx_cgroup_show_path+0x10/0x10 [ 688.350829][T21385] kernfs_sop_show_path+0x12b/0x1b0 [ 688.353475][T21385] ? __pfx_kernfs_sop_show_path+0x10/0x10 [ 688.356278][T21385] show_path+0x9b/0x100 [ 688.357707][T21385] show_mountinfo+0x1d5/0x840 [ 688.359337][T21385] ? __pfx_show_mountinfo+0x10/0x10 [ 688.361316][T21385] seq_read_iter+0xb1f/0x12c0 [ 688.362922][T21385] vfs_read+0x869/0xbd0 [ 688.364317][T21385] ? __pfx_vfs_read+0x10/0x10 [ 688.365720][T21385] ? __pfx___mutex_lock+0x10/0x10 [ 688.367323][T21385] ? __fget_files+0x256/0x400 [ 688.368955][T21385] ksys_read+0x12f/0x260 [ 688.370503][T21385] ? __pfx_ksys_read+0x10/0x10 [ 688.372189][T21385] __do_fast_syscall_32+0x73/0x120 [ 688.374281][T21385] do_fast_syscall_32+0x32/0x80 [ 688.376236][T21385] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 688.379167][T21385] RIP: 0023:0xf745c579 [ 688.380929][T21385] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 688.389173][T21385] RSP: 002b:00000000f5d7457c EFLAGS: 00000292 ORIG_RAX: 0000000000000003 [ 688.392699][T21385] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000340 [ 688.395886][T21385] RDX: 0000000000002020 RSI: 0000000000000000 RDI: 0000000000000000 [ 688.398921][T21385] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 688.401881][T21385] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 688.405055][T21385] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 688.407852][T21385] [ 688.695353][T18081] hid-generic 0000:0000:0000.0024: hidraw1: HID v0.00 Device [syz0] on syz1 [ 688.796928][T21403] input: syz1 as /devices/virtual/input/input78 [ 688.873685][T21407] FAULT_INJECTION: forcing a failure. [ 688.873685][T21407] name failslab, interval 1, probability 0, space 0, times 0 [ 688.879476][T21407] CPU: 3 PID: 21407 Comm: syz.1.5762 Not tainted 6.10.0-rc7-syzkaller-00025-ga19ea421490d #0 [ 688.883832][T21407] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 688.888635][T21407] Call Trace: [ 688.890144][T21407] [ 688.891497][T21407] dump_stack_lvl+0x16c/0x1f0 [ 688.893645][T21407] should_fail_ex+0x497/0x5b0 [ 688.895691][T21407] should_failslab+0x9/0x20 [ 688.897813][T21407] __kmalloc_noprof+0xcf/0x420 [ 688.899999][T21407] ? __pfx_lock_acquire+0x10/0x10 [ 688.902118][T21407] tomoyo_realpath_from_path+0xbf/0x710 [ 688.904249][T21407] ? tomoyo_profile+0x47/0x60 [ 688.905877][T21407] tomoyo_path_number_perm+0x245/0x5b0 [ 688.907884][T21407] ? tomoyo_path_number_perm+0x232/0x5b0 [ 688.909861][T21407] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 688.911907][T21407] ? __pfx_lock_release+0x10/0x10 [ 688.913624][T21407] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 688.915571][T21407] ? __fget_files+0x256/0x400 [ 688.917468][T21407] security_file_ioctl_compat+0x75/0xc0 [ 688.919812][T21407] __do_compat_sys_ioctl+0x5d/0x330 [ 688.921881][T21407] __do_fast_syscall_32+0x73/0x120 [ 688.924071][T21407] do_fast_syscall_32+0x32/0x80 [ 688.925986][T21407] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 688.928696][T21407] RIP: 0023:0xf73f8579 [ 688.930543][T21407] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 688.937852][T21407] RSP: 002b:00000000f5d1057c EFLAGS: 00000292 ORIG_RAX: 0000000000000036 [ 688.940842][T21407] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000008905 [ 688.944158][T21407] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 688.947686][T21407] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 688.951198][T21407] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 688.954546][T21407] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 688.957843][T21407] [ 688.968756][T21407] ERROR: Out of memory at tomoyo_realpath_from_path. [ 690.354017][ T5244] hid-generic 0000:0000:0000.0025: hidraw1: HID v0.00 Device [syz0] on syz1 [ 691.433928][T21438] input: syz1 as /devices/virtual/input/input79 [ 692.358761][T21456] syzkaller0: entered promiscuous mode [ 692.361464][T21456] syzkaller0: entered allmulticast mode [ 693.135571][T21470] netlink: 'syz.1.5782': attribute type 11 has an invalid length. [ 693.192418][T19284] hid-generic 0000:0000:0000.0026: hidraw1: HID v0.00 Device [syz0] on syz1 [ 694.431608][ T1353] ieee802154 phy0 wpan0: encryption failed: -22 [ 694.434529][ T1353] ieee802154 phy1 wpan1: encryption failed: -22 [ 697.025612][T21510] FAULT_INJECTION: forcing a failure. [ 697.025612][T21510] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 697.036207][T21510] CPU: 3 PID: 21510 Comm: syz.2.5793 Not tainted 6.10.0-rc7-syzkaller-00025-ga19ea421490d #0 [ 697.044949][T21510] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 697.049440][T21510] Call Trace: [ 697.050858][T21510] [ 697.052086][T21510] dump_stack_lvl+0x16c/0x1f0 [ 697.054402][T21510] should_fail_ex+0x497/0x5b0 [ 697.056684][T21510] strncpy_from_user+0x38/0x300 [ 697.058721][T21510] getname_flags.part.0+0x93/0x4f0 [ 697.060852][T21510] getname_flags+0x9b/0xf0 [ 697.062912][T21510] user_path_at_empty+0x2c/0x60 [ 697.065148][T21510] do_sys_truncate+0xb6/0x190 [ 697.067275][T21510] ? __pfx_do_sys_truncate+0x10/0x10 [ 697.070059][T21510] __do_fast_syscall_32+0x73/0x120 [ 697.072711][T21510] do_fast_syscall_32+0x32/0x80 [ 697.075419][T21510] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 697.078007][T21510] RIP: 0023:0xf740d579 [ 697.079839][T21510] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 697.088118][T21510] RSP: 002b:00000000f5d2557c EFLAGS: 00000292 ORIG_RAX: 000000000000005c [ 697.091288][T21510] RAX: ffffffffffffffda RBX: 0000000020000080 RCX: 0000000000000000 [ 697.094720][T21510] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 697.098257][T21510] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 697.101642][T21510] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 697.104981][T21510] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 697.108384][T21510] [ 697.252840][ T6690] hid-generic 0000:0000:0000.0027: hidraw1: HID v0.00 Device [syz0] on syz1 [ 697.700256][T21520] syzkaller0: entered promiscuous mode [ 697.702748][T21520] syzkaller0: entered allmulticast mode [ 698.655158][ T39] kauditd_printk_skb: 2 callbacks suppressed [ 698.655174][ T39] audit: type=1326 audit(1720653266.628:3494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21524 comm="syz.0.5798" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745c579 code=0x7ffc0000 [ 698.721748][ T39] audit: type=1326 audit(1720653266.628:3495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21524 comm="syz.0.5798" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745c579 code=0x7ffc0000 [ 698.758903][ T39] audit: type=1326 audit(1720653266.628:3496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21524 comm="syz.0.5798" exe="/syz-executor" sig=0 arch=40000003 syscall=164 compat=1 ip=0xf745c579 code=0x7ffc0000 [ 698.813763][ T39] audit: type=1326 audit(1720653266.628:3497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21524 comm="syz.0.5798" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745c579 code=0x7ffc0000 [ 698.868878][ T39] audit: type=1326 audit(1720653266.628:3498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21524 comm="syz.0.5798" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745c579 code=0x7ffc0000 [ 698.926954][ T39] audit: type=1326 audit(1720653266.628:3499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21524 comm="syz.0.5798" exe="/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf745c579 code=0x7ffc0000 [ 701.592052][T21536] syzkaller0: entered promiscuous mode [ 701.594554][T21536] syzkaller0: entered allmulticast mode [ 701.725810][T21549] 9pnet_fd: Insufficient options for proto=fd [ 701.810345][T21552] FAULT_INJECTION: forcing a failure. [ 701.810345][T21552] name failslab, interval 1, probability 0, space 0, times 0 [ 701.815854][T21552] CPU: 2 PID: 21552 Comm: syz.2.5803 Not tainted 6.10.0-rc7-syzkaller-00025-ga19ea421490d #0 [ 701.820503][T21552] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 701.825234][T21552] Call Trace: [ 701.826757][T21552] [ 701.828118][T21552] dump_stack_lvl+0x16c/0x1f0 [ 701.830215][T21552] should_fail_ex+0x497/0x5b0 [ 701.832348][T21552] should_failslab+0x9/0x20 [ 701.834270][T21552] kmalloc_trace_noprof+0x6b/0x310 [ 701.836269][T21552] ? cgroup_show_path+0xb2/0x6c0 [ 701.838535][T21552] ? __pfx_cgroup_show_path+0x10/0x10 [ 701.841126][T21552] cgroup_show_path+0xb2/0x6c0 [ 701.843089][T21552] ? __pfx_cgroup_show_path+0x10/0x10 [ 701.844705][T21552] kernfs_sop_show_path+0x12b/0x1b0 [ 701.846290][T21552] ? __pfx_kernfs_sop_show_path+0x10/0x10 [ 701.848393][T21552] show_path+0x9b/0x100 [ 701.849962][T21552] show_mountinfo+0x1d5/0x840 [ 701.851744][T21552] ? __pfx_show_mountinfo+0x10/0x10 [ 701.853764][T21552] seq_read_iter+0xb1f/0x12c0 [ 701.855492][T21552] vfs_read+0x869/0xbd0 [ 701.857273][T21552] ? __pfx_vfs_read+0x10/0x10 [ 701.859181][T21552] ? __pfx___mutex_lock+0x10/0x10 [ 701.861370][T21552] ? __fget_files+0x256/0x400 [ 701.863414][T21552] ksys_read+0x12f/0x260 [ 701.865322][T21552] ? __pfx_ksys_read+0x10/0x10 [ 701.867678][T21552] __do_fast_syscall_32+0x73/0x120 [ 701.869919][T21552] do_fast_syscall_32+0x32/0x80 [ 701.871821][T21552] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 701.874466][T21552] RIP: 0023:0xf740d579 [ 701.876155][T21552] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 701.884191][T21552] RSP: 002b:00000000f5d2557c EFLAGS: 00000292 ORIG_RAX: 0000000000000003 [ 701.888053][T21552] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000340 [ 701.891408][T21552] RDX: 0000000000002020 RSI: 0000000000000000 RDI: 0000000000000000 [ 701.895044][T21552] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 701.898731][T21552] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 701.902388][T21552] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 701.906529][T21552] [ 702.233649][ T5237] usb 6-1: new high-speed USB device number 52 using dummy_hcd [ 702.532263][ T5237] usb 6-1: Using ep0 maxpacket: 8 [ 702.579686][ T5237] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 702.606497][ T5237] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 702.619866][ T5237] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 702.636168][ T5237] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 702.655546][ T5237] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 702.665420][ T5237] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 702.929579][ T5237] usb 6-1: usb_control_msg returned -32 [ 702.929809][T21556] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5804'. [ 702.932516][ T5237] usbtmc 6-1:16.0: can't read capabilities [ 705.077886][T18081] usb 6-1: USB disconnect, device number 52 [ 706.149903][T21589] 9pnet_fd: Insufficient options for proto=fd [ 706.458915][T21590] syzkaller0: entered promiscuous mode [ 706.465111][T21590] syzkaller0: entered allmulticast mode [ 706.474626][ T39] audit: type=1326 audit(1720653273.855:3500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21585 comm="syz.3.5809" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7441579 code=0x7ffc0000 [ 706.508323][ T39] audit: type=1326 audit(1720653273.855:3501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21585 comm="syz.3.5809" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7441579 code=0x7ffc0000 [ 706.519155][ T39] audit: type=1326 audit(1720653273.855:3502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21585 comm="syz.3.5809" exe="/syz-executor" sig=0 arch=40000003 syscall=164 compat=1 ip=0xf7441579 code=0x7ffc0000 [ 707.162723][ T39] audit: type=1326 audit(1720653273.855:3503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21585 comm="syz.3.5809" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7441579 code=0x7ffc0000 [ 707.177248][ T39] audit: type=1326 audit(1720653273.855:3504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21585 comm="syz.3.5809" exe="/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf7441579 code=0x7ffc0000 [ 710.281378][T21611] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5814'. [ 710.424352][T21634] syz.3.5821: attempt to access beyond end of device [ 710.424352][T21634] md0: rw=0, sector=2, nr_sectors = 2 limit=0 [ 710.429743][T21634] syz.3.5821: attempt to access beyond end of device [ 710.429743][T21634] md0: rw=0, sector=0, nr_sectors = 2 limit=0 [ 710.520975][T21634] syz.3.5821: attempt to access beyond end of device [ 710.520975][T21634] md0: rw=0, sector=0, nr_sectors = 2 limit=0 [ 710.526622][T21634] syz.3.5821: attempt to access beyond end of device [ 710.526622][T21634] md0: rw=0, sector=18, nr_sectors = 2 limit=0 [ 710.532541][T21634] syz.3.5821: attempt to access beyond end of device [ 710.532541][T21634] md0: rw=0, sector=30, nr_sectors = 2 limit=0 [ 710.539079][T21634] syz.3.5821: attempt to access beyond end of device [ 710.539079][T21634] md0: rw=0, sector=36, nr_sectors = 2 limit=0 [ 710.545197][T21634] VFS: unable to find oldfs superblock on device md0 [ 711.107633][ T39] audit: type=1326 audit(1720653278.138:3505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21635 comm="syz.2.5822" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740d579 code=0x7ffc0000 [ 711.116918][ T39] audit: type=1326 audit(1720653278.138:3506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21635 comm="syz.2.5822" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740d579 code=0x7ffc0000 [ 711.126451][ T39] audit: type=1326 audit(1720653278.138:3507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21635 comm="syz.2.5822" exe="/syz-executor" sig=0 arch=40000003 syscall=164 compat=1 ip=0xf740d579 code=0x7ffc0000 [ 711.148834][ T39] audit: type=1326 audit(1720653278.138:3508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21635 comm="syz.2.5822" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740d579 code=0x7ffc0000 [ 711.158165][ T39] audit: type=1326 audit(1720653278.138:3509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21635 comm="syz.2.5822" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740d579 code=0x7ffc0000 [ 711.569204][T21659] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5827'. [ 712.171143][ T5237] hid-generic 0000:0000:0000.0028: hidraw1: HID v0.00 Device [syz0] on syz1 [ 713.447895][ T39] kauditd_printk_skb: 1 callbacks suppressed [ 713.447910][ T39] audit: type=1326 audit(1720653280.298:3511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21696 comm="syz.0.5838" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745c579 code=0x7ffc0000 [ 713.469616][ T39] audit: type=1326 audit(1720653280.298:3512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21696 comm="syz.0.5838" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745c579 code=0x7ffc0000 [ 713.488769][ T39] audit: type=1326 audit(1720653280.316:3513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21696 comm="syz.0.5838" exe="/syz-executor" sig=0 arch=40000003 syscall=164 compat=1 ip=0xf745c579 code=0x7ffc0000 [ 713.498254][ T39] audit: type=1326 audit(1720653280.316:3514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21696 comm="syz.0.5838" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745c579 code=0x7ffc0000 [ 713.528876][ T39] audit: type=1326 audit(1720653280.316:3515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21696 comm="syz.0.5838" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745c579 code=0x7ffc0000 [ 713.546908][ T39] audit: type=1326 audit(1720653280.316:3516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21696 comm="syz.0.5838" exe="/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf745c579 code=0x7ffc0000 [ 713.696587][T21709] input: syz1 as /devices/virtual/input/input80 [ 713.834218][T21713] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5842'. [ 714.743411][T21737] input: syz1 as /devices/virtual/input/input81 [ 715.605646][T21758] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5856'. [ 716.418135][ T39] audit: type=1326 audit(1720653283.039:3517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21775 comm="syz.0.5860" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf745c579 code=0x0 [ 716.493898][T10356] hid-generic 0000:0000:0000.0029: hidraw1: HID v0.00 Device [syz0] on syz1 [ 716.652483][T21783] input: syz1 as /devices/virtual/input/input82 [ 717.233106][ T6690] hid-generic 0000:0000:0000.002A: hidraw1: HID v0.00 Device [syz0] on syz1 [ 717.314117][T21809] input: syz1 as /devices/virtual/input/input83 [ 717.432193][ T824] hid-generic 0000:0000:0000.002B: hidraw1: HID v0.00 Device [syz0] on syz1 [ 718.713530][T21840] input: syz1 as /devices/virtual/input/input84 [ 719.143619][ T39] audit: type=1326 audit(1720653285.550:3518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21844 comm="syz.1.5882" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73f8579 code=0x7ffc0000 [ 719.166763][ T39] audit: type=1326 audit(1720653285.550:3519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21844 comm="syz.1.5882" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73f8579 code=0x7ffc0000 [ 719.177311][ T39] audit: type=1326 audit(1720653285.550:3520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21844 comm="syz.1.5882" exe="/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf73f8579 code=0x7ffc0000 [ 720.156069][T21871] input: syz1 as /devices/virtual/input/input85 [ 721.367635][T21885] fuse: Bad value for 'fd' [ 721.507945][T21907] input: syz1 as /devices/virtual/input/input86 [ 722.362750][ T55] usb 7-1: new high-speed USB device number 55 using dummy_hcd [ 722.568408][ T55] usb 7-1: Using ep0 maxpacket: 8 [ 722.586675][ T55] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 722.598474][ T55] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 722.613459][ T55] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 722.626574][ T55] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 722.643454][ T55] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 722.655174][ T55] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 722.935113][ T55] usb 7-1: usb_control_msg returned -32 [ 722.938648][T21916] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5902'. [ 722.946075][ T55] usbtmc 7-1:16.0: can't read capabilities [ 723.211036][ T39] audit: type=1326 audit(1720653289.306:3521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21929 comm="syz.0.5906" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf745c579 code=0x0 [ 723.567086][T21944] input: syz1 as /devices/virtual/input/input87 [ 724.810526][T21950] fuse: Bad value for 'fd' [ 725.112163][T18310] usb 7-1: USB disconnect, device number 55 [ 728.733358][ T39] audit: type=1326 audit(1720653294.411:3522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21962 comm="syz.3.5918" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7441579 code=0x7ffc0000 [ 728.751692][ T39] audit: type=1326 audit(1720653294.411:3523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21962 comm="syz.3.5918" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7441579 code=0x7ffc0000 [ 728.834750][ T39] audit: type=1326 audit(1720653294.420:3524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21962 comm="syz.3.5918" exe="/syz-executor" sig=0 arch=40000003 syscall=164 compat=1 ip=0xf7441579 code=0x7ffc0000 [ 728.843238][ T39] audit: type=1326 audit(1720653294.420:3525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21962 comm="syz.3.5918" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7441579 code=0x7ffc0000 [ 728.851991][ T39] audit: type=1326 audit(1720653294.420:3526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21962 comm="syz.3.5918" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7441579 code=0x7ffc0000 [ 728.860045][ T39] audit: type=1326 audit(1720653294.420:3527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21962 comm="syz.3.5918" exe="/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf7441579 code=0x7ffc0000 [ 728.946099][T21985] input: syz1 as /devices/virtual/input/input88 [ 729.306943][ T5264] hid-generic 0000:0000:0000.002C: hidraw1: HID v0.00 Device [syz0] on syz1 [ 729.447779][ T39] audit: type=1326 audit(1720653295.057:3528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21988 comm="syz.0.5921" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745c579 code=0x7ffc0000 [ 729.467787][ T39] audit: type=1326 audit(1720653295.057:3529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21988 comm="syz.0.5921" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745c579 code=0x7ffc0000 [ 729.577734][ T39] audit: type=1326 audit(1720653295.057:3530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21988 comm="syz.0.5921" exe="/syz-executor" sig=0 arch=40000003 syscall=164 compat=1 ip=0xf745c579 code=0x7ffc0000 [ 729.587144][ T39] audit: type=1326 audit(1720653295.057:3531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21988 comm="syz.0.5921" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745c579 code=0x7ffc0000 [ 731.018625][T22014] input: syz1 as /devices/virtual/input/input89 [ 731.280798][T22026] fuse: Bad value for 'fd' [ 731.505242][T22038] input: syz1 as /devices/virtual/input/input90 [ 733.479036][T22078] fuse: Bad value for 'fd' [ 734.442121][ T55] hid-generic 0000:0000:0000.002D: hidraw1: HID v0.00 Device [syz0] on syz1 [ 734.934299][T22116] fuse: Bad value for 'fd' [ 735.937334][ T55] usb 7-1: new high-speed USB device number 56 using dummy_hcd [ 736.132263][ T55] usb 7-1: Using ep0 maxpacket: 8 [ 736.136942][ T55] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 736.141262][ T55] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 736.164756][ T55] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 736.169045][ T55] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 736.177050][ T55] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 736.188309][ T55] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 736.455348][ T55] usb 7-1: usb_control_msg returned -32 [ 736.463608][ T55] usbtmc 7-1:16.0: can't read capabilities [ 736.475179][ T39] kauditd_printk_skb: 30 callbacks suppressed [ 736.475195][ T39] audit: type=1326 audit(1720653301.545:3562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22138 comm="syz.0.5967" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745c579 code=0x7ffc0000 [ 736.500664][ T39] audit: type=1326 audit(1720653301.545:3563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22138 comm="syz.0.5967" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745c579 code=0x7ffc0000 [ 736.510291][ T39] audit: type=1326 audit(1720653301.564:3564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22138 comm="syz.0.5967" exe="/syz-executor" sig=0 arch=40000003 syscall=164 compat=1 ip=0xf745c579 code=0x7ffc0000 [ 736.520813][ T39] audit: type=1326 audit(1720653301.564:3565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22138 comm="syz.0.5967" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745c579 code=0x7ffc0000 [ 736.530853][ T39] audit: type=1326 audit(1720653301.564:3566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22138 comm="syz.0.5967" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745c579 code=0x7ffc0000 [ 736.540886][ T39] audit: type=1326 audit(1720653301.582:3567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22138 comm="syz.0.5967" exe="/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf745c579 code=0x7ffc0000 [ 736.979517][T22158] input: syz1 as /devices/virtual/input/input91 [ 737.668544][T22180] input: syz1 as /devices/virtual/input/input92 [ 737.902863][ T5264] hid-generic 0000:0000:0000.002E: hidraw1: HID v0.00 Device [syz0] on syz1 [ 738.028268][ T39] audit: type=1326 audit(1720653302.976:3568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22185 comm="syz.3.5983" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7441579 code=0x7ffc0000 [ 738.040019][ T39] audit: type=1326 audit(1720653302.976:3569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22185 comm="syz.3.5983" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7441579 code=0x7ffc0000 [ 738.049320][ T39] audit: type=1326 audit(1720653302.976:3570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22185 comm="syz.3.5983" exe="/syz-executor" sig=0 arch=40000003 syscall=164 compat=1 ip=0xf7441579 code=0x7ffc0000 [ 738.058878][ T39] audit: type=1326 audit(1720653302.976:3571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22185 comm="syz.3.5983" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7441579 code=0x7ffc0000 [ 738.883876][ T5237] usb 7-1: USB disconnect, device number 56 [ 740.488191][T22242] 9pnet_fd: Insufficient options for proto=fd [ 740.681371][T22254] input: syz1 as /devices/virtual/input/input93 [ 740.869998][T22267] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 740.873675][T22267] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 740.878233][T22267] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 740.881772][T22267] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 740.899945][T22267] vxlan0: entered promiscuous mode [ 740.902407][T22267] vxlan0: entered allmulticast mode [ 741.725222][T22285] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 742.275386][T18081] usb 7-1: new high-speed USB device number 57 using dummy_hcd [ 742.481732][T22306] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 742.492158][T18081] usb 7-1: Using ep0 maxpacket: 8 [ 742.496923][T18081] usb 7-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 742.503639][T18081] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 742.514468][T18081] usb 7-1: config 0 descriptor?? [ 743.149115][T22315] netlink: 'syz.1.6028': attribute type 20 has an invalid length. [ 743.770875][ T39] kauditd_printk_skb: 6 callbacks suppressed [ 743.770891][ T39] audit: type=1107 audit(1720653308.283:3578): pid=22329 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 744.316486][T18081] asix 7-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 744.320193][T18081] asix 7-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9 [ 744.338415][T18081] asix 7-1:0.0: probe with driver asix failed with error -71 [ 744.351254][T18081] usb 7-1: USB disconnect, device number 57 [ 745.052013][ T39] audit: type=1107 audit(1720653309.474:3579): pid=22369 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 745.102069][ T39] audit: type=1326 audit(1720653309.511:3580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22373 comm="syz.0.6056" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745c579 code=0x7ffc0000 [ 745.121913][ T39] audit: type=1326 audit(1720653309.511:3581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22373 comm="syz.0.6056" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745c579 code=0x7ffc0000 [ 745.135601][ T39] audit: type=1326 audit(1720653309.520:3582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22373 comm="syz.0.6056" exe="/syz-executor" sig=0 arch=40000003 syscall=426 compat=1 ip=0xf745c579 code=0x7ffc0000 [ 745.146954][ T39] audit: type=1326 audit(1720653309.520:3583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22373 comm="syz.0.6056" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745c579 code=0x7ffc0000 [ 745.159869][ T39] audit: type=1326 audit(1720653309.520:3584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22373 comm="syz.0.6056" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745c579 code=0x7ffc0000 [ 745.176397][ T39] audit: type=1326 audit(1720653309.529:3585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22373 comm="syz.0.6056" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf745c579 code=0x7ffc0000 [ 745.187115][ T39] audit: type=1326 audit(1720653309.529:3586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22373 comm="syz.0.6056" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745c579 code=0x7ffc0000 [ 745.196912][ T39] audit: type=1326 audit(1720653309.529:3587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22373 comm="syz.0.6056" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf745c579 code=0x7ffc0000 [ 747.200024][T22514] TCP: Unexpected MD5 Hash found for 10.1.1.2.0->255.255.255.255.20002 [] [ 747.211318][T22514] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 747.832995][T22529] fuse: Bad value for 'fd' [ 748.129906][T22542] TCP: Unexpected MD5 Hash found for 10.1.1.2.0->255.255.255.255.20002 [] [ 748.137095][T22542] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 749.280820][T22578] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.6143'. [ 750.132126][T22592] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6148'. [ 750.177849][T22594] netlink: 'syz.1.6150': attribute type 10 has an invalid length. [ 750.181053][T22594] netlink: 55 bytes leftover after parsing attributes in process `syz.1.6150'. [ 750.369925][T22601] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 750.615929][T22612] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.6156'. [ 751.524582][T22638] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer. [ 751.582949][T22644] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.6167'. [ 752.079237][T22666] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 752.986228][T22701] fuse: Bad value for 'fd' [ 753.361613][T22705] netlink: 4112 bytes leftover after parsing attributes in process `syz.1.6188'. [ 753.478318][T22710] netlink: 60 bytes leftover after parsing attributes in process `syz.1.6190'. [ 753.632693][T22720] netlink: 'syz.1.6194': attribute type 10 has an invalid length. [ 753.636938][T22720] netlink: 55 bytes leftover after parsing attributes in process `syz.1.6194'. [ 754.729767][T22742] netlink: 'syz.1.6204': attribute type 10 has an invalid length. [ 754.733080][T22742] netlink: 55 bytes leftover after parsing attributes in process `syz.1.6204'. [ 754.867656][T22748] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 755.291706][T22769] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 755.477840][T22787] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 755.519296][T22791] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 756.634021][T22833] netlink: 'syz.1.6244': attribute type 10 has an invalid length. [ 756.639259][T22833] netlink: 55 bytes leftover after parsing attributes in process `syz.1.6244'. [ 756.677236][T22834] ax25_connect(): syz.0.6240 uses autobind, please contact jreuter@yaina.de [ 757.876636][ T6690] usb 5-1: new high-speed USB device number 46 using dummy_hcd [ 758.082627][ T6690] usb 5-1: Using ep0 maxpacket: 32 [ 758.089352][ T6690] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 758.094791][ T6690] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 758.099954][ T6690] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 758.104934][ T6690] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0 [ 758.108690][ T6690] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 8 [ 758.118993][ T6690] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 758.122666][ T6690] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 758.126541][ T6690] usb 5-1: Product: syz [ 758.128313][ T6690] usb 5-1: Manufacturer: syz [ 758.130058][ T6690] usb 5-1: SerialNumber: syz [ 758.341489][T22858] fuse: Bad value for 'fd' [ 758.372633][ T6690] cdc_ncm 5-1:1.0: bind() failure [ 758.402981][ T6690] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found [ 758.415337][ T6690] cdc_ncm 5-1:1.1: bind() failure [ 758.423557][ T6690] usb 5-1: USB disconnect, device number 46 [ 758.644462][T22860] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 759.281118][T22881] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 759.948013][T22907] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 760.327399][T22927] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 760.997901][ T1353] ieee802154 phy0 wpan0: encryption failed: -22 [ 761.000784][ T1353] ieee802154 phy1 wpan1: encryption failed: -22 [ 761.312391][T22965] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 762.230605][T22996] netlink: 20 bytes leftover after parsing attributes in process `syz.2.6313'. [ 762.279916][T22998] netlink: 40 bytes leftover after parsing attributes in process `syz.0.6314'. [ 762.377470][T23004] netlink: 72 bytes leftover after parsing attributes in process `syz.0.6317'. [ 763.248600][T23031] netlink: 72 bytes leftover after parsing attributes in process `syz.3.6330'. [ 763.307668][T23033] netlink: 'syz.3.6331': attribute type 10 has an invalid length. [ 763.311266][T23033] netlink: 2 bytes leftover after parsing attributes in process `syz.3.6331'. [ 763.321445][T23033] dummy0: entered promiscuous mode [ 763.324312][T23033] bridge0: port 3(dummy0) entered blocking state [ 763.331479][T23033] bridge0: port 3(dummy0) entered disabled state [ 763.334554][T23033] dummy0: entered allmulticast mode [ 763.340501][T23033] bridge0: port 3(dummy0) entered blocking state [ 763.343701][T23033] bridge0: port 3(dummy0) entered forwarding state [ 763.500200][T23049] netlink: 40 bytes leftover after parsing attributes in process `syz.1.6338'. [ 763.580271][T23055] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 763.604157][T23057] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 763.785765][T23081] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 764.017521][T23111] netlink: 'syz.2.6369': attribute type 10 has an invalid length. [ 764.021503][T23111] netlink: 2 bytes leftover after parsing attributes in process `syz.2.6369'. [ 764.025535][T23111] dummy0: entered promiscuous mode [ 764.208468][T23099] tipc: Started in network mode [ 764.210880][T23099] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711 [ 764.227048][T23099] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb [ 764.231676][T23099] tipc: Enabled bearer , priority 10 [ 764.864729][ T5244] usb 6-1: new high-speed USB device number 53 using dummy_hcd [ 765.072906][ T5244] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 765.077542][ T5244] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 765.082924][ T5244] usb 6-1: config 1 interface 1 altsetting 1 has an invalid descriptor for endpoint zero, skipping [ 765.087669][ T5244] usb 6-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 765.105595][ T5244] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 765.110663][ T5244] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 765.114552][ T5244] usb 6-1: Product: syz [ 765.116430][ T5244] usb 6-1: Manufacturer: syz [ 765.118486][ T5244] usb 6-1: SerialNumber: syz [ 765.449823][T10356] tipc: Node number set to 1 [ 765.591408][ T5244] cdc_ncm 6-1:1.0: bind() failure [ 765.601085][ T5244] cdc_ncm 6-1:1.1: probe with driver cdc_ncm failed with error -71 [ 765.604827][ T5244] cdc_mbim 6-1:1.1: probe with driver cdc_mbim failed with error -71 [ 765.608615][ T5244] usbtest 6-1:1.1: probe with driver usbtest failed with error -71 [ 765.620366][ T5244] usb 6-1: USB disconnect, device number 53 [ 766.136860][T16589] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 766.145406][T16589] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 766.150634][T16589] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 766.156031][T16589] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 766.162199][T16589] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 766.168912][T16589] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 766.179925][ T65] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 766.183291][ T65] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 766.186596][ T65] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 766.190500][ T65] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 766.194432][ T65] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 766.198048][ T65] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 766.390273][T19293] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 766.529841][T19293] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 766.557146][T23141] chnl_net:caif_netlink_parms(): no params data found [ 766.648394][T19293] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 766.731701][T23141] bridge0: port 1(bridge_slave_0) entered blocking state [ 766.735155][T23141] bridge0: port 1(bridge_slave_0) entered disabled state [ 766.738354][T23141] bridge_slave_0: entered allmulticast mode [ 766.744873][T23141] bridge_slave_0: entered promiscuous mode [ 766.750450][T23141] bridge0: port 2(bridge_slave_1) entered blocking state [ 766.753655][T23141] bridge0: port 2(bridge_slave_1) entered disabled state [ 766.756813][T23141] bridge_slave_1: entered allmulticast mode [ 766.761703][T23141] bridge_slave_1: entered promiscuous mode [ 766.795096][T19293] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 766.848715][T23141] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 766.855016][T23141] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 766.931052][T23141] team0: Port device team_slave_0 added [ 766.937920][T23141] team0: Port device team_slave_1 added [ 766.993555][T23141] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 766.996570][T23141] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 767.006990][T23141] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 767.013373][T23141] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 767.016183][T23141] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 767.026386][T23141] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 767.031637][ T5244] usb 6-1: new high-speed USB device number 54 using dummy_hcd [ 767.121406][T19293] bridge_slave_1: left allmulticast mode [ 767.123959][T19293] bridge_slave_1: left promiscuous mode [ 767.126732][T19293] bridge0: port 2(bridge_slave_1) entered disabled state [ 767.134501][T19293] bridge_slave_0: left allmulticast mode [ 767.137125][T19293] bridge_slave_0: left promiscuous mode [ 767.140649][T19293] bridge0: port 1(bridge_slave_0) entered disabled state [ 767.243951][ T5244] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 767.252535][ T5244] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 767.257643][ T5244] usb 6-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00 [ 767.269995][ T5244] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 767.275678][ T5244] usb 6-1: config 0 descriptor?? [ 767.330731][T23181] syz.2.6396[23181] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 767.331012][T23181] syz.2.6396[23181] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 767.696490][T19293] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 767.731704][ T5244] lg-g15 0003:046D:C222.002F: unknown main item tag 0x0 [ 767.735279][ T5244] lg-g15 0003:046D:C222.002F: unbalanced collection at end of report description [ 767.745143][ T5244] lg-g15 0003:046D:C222.002F: probe with driver lg-g15 failed with error -22 [ 767.748791][T19293] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 767.755934][T19293] bond0 (unregistering): Released all slaves [ 767.933146][T23141] hsr_slave_0: entered promiscuous mode [ 767.937744][T23141] hsr_slave_1: entered promiscuous mode [ 767.940204][T10356] usb 6-1: USB disconnect, device number 54 [ 767.943183][T23141] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 767.946431][T23141] Cannot create hsr debugfs directory [ 768.236915][T19293] hsr_slave_0: left promiscuous mode [ 768.240229][T19293] hsr_slave_1: left promiscuous mode [ 768.243489][T19293] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 768.246878][T19293] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 768.251432][T19293] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 768.254449][T19293] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 768.303601][T19293] veth1_macvtap: left promiscuous mode [ 768.306035][T19293] veth0_macvtap: left promiscuous mode [ 768.308079][T19293] veth1_vlan: left promiscuous mode [ 768.310963][T19293] veth0_vlan: left promiscuous mode [ 768.444842][T16589] Bluetooth: hci0: command tx timeout [ 768.531922][T23230] syz.2.6415[23230] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 768.532078][T23230] syz.2.6415[23230] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 770.316444][T19293] team0 (unregistering): Port device team_slave_1 removed [ 770.513649][T19293] team0 (unregistering): Port device team_slave_0 removed [ 770.693842][T16589] Bluetooth: hci0: command tx timeout [ 771.771059][T23229] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 772.387694][ T39] kauditd_printk_skb: 25 callbacks suppressed [ 772.387705][ T39] audit: type=1326 audit(1720653334.700:3613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23317 comm="syz.1.6435" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73f8579 code=0x7ffc0000 [ 772.417296][ T39] audit: type=1326 audit(1720653334.700:3614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23317 comm="syz.1.6435" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73f8579 code=0x7ffc0000 [ 772.437935][ T39] audit: type=1326 audit(1720653334.709:3615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23317 comm="syz.1.6435" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73f8579 code=0x7ffc0000 [ 772.456951][ T39] audit: type=1326 audit(1720653334.709:3616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23317 comm="syz.1.6435" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73f8579 code=0x7ffc0000 [ 772.481842][ T39] audit: type=1326 audit(1720653334.709:3617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23317 comm="syz.1.6435" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73f8579 code=0x7ffc0000 [ 772.490712][ T39] audit: type=1326 audit(1720653334.709:3618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23317 comm="syz.1.6435" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73f8579 code=0x7ffc0000 [ 772.503060][ T39] audit: type=1326 audit(1720653334.709:3619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23317 comm="syz.1.6435" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73f8579 code=0x7ffc0000 [ 772.513270][ T39] audit: type=1326 audit(1720653334.709:3620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23317 comm="syz.1.6435" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73f8579 code=0x7ffc0000 [ 772.525087][ T39] audit: type=1326 audit(1720653334.709:3621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23317 comm="syz.1.6435" exe="/syz-executor" sig=0 arch=40000003 syscall=176 compat=1 ip=0xf73f8579 code=0x7ffc0000 [ 772.535062][ T39] audit: type=1326 audit(1720653334.709:3622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23317 comm="syz.1.6435" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73f8579 code=0x7ffc0000 [ 772.566416][T23141] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 772.577359][T23141] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 772.592871][T23141] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 772.606362][T23141] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 772.791989][T23141] 8021q: adding VLAN 0 to HW filter on device bond0 [ 772.827002][T23141] 8021q: adding VLAN 0 to HW filter on device team0 [ 772.834243][T18081] bridge0: port 1(bridge_slave_0) entered blocking state [ 772.837159][T18081] bridge0: port 1(bridge_slave_0) entered forwarding state [ 772.863563][T18081] bridge0: port 2(bridge_slave_1) entered blocking state [ 772.866395][T18081] bridge0: port 2(bridge_slave_1) entered forwarding state [ 772.957905][T16589] Bluetooth: hci0: command tx timeout [ 773.000882][T23141] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 773.030626][T23141] veth0_vlan: entered promiscuous mode [ 773.040311][T23141] veth1_vlan: entered promiscuous mode [ 773.073365][T23141] veth0_macvtap: entered promiscuous mode [ 773.078805][T23141] veth1_macvtap: entered promiscuous mode [ 773.092982][T23141] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 773.097201][T23141] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 773.101558][T23141] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 773.105400][T23141] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 773.108804][T23141] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 773.112774][T23141] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 773.116230][T23141] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 773.119994][T23141] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 773.124656][T23141] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 773.133852][T23141] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 773.138259][T23141] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 773.141703][T23141] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 773.146187][T23141] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 773.149682][T23141] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 773.154156][T23141] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 773.158228][T23141] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 773.162577][T23141] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 773.168103][T23141] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 773.177133][T23141] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 773.180926][T23141] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 773.184481][T23141] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 773.188591][T23141] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 773.259073][T19671] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 773.262545][T19671] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 773.290958][ T1088] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 773.299940][ T1088] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 773.366464][T23350] netlink: 'syz.0.6379': attribute type 10 has an invalid length. [ 773.370513][T23350] netlink: 2 bytes leftover after parsing attributes in process `syz.0.6379'. [ 773.374408][T23350] dummy0: entered promiscuous mode [ 773.376976][T23350] bridge0: port 3(dummy0) entered blocking state [ 773.380000][T23350] bridge0: port 3(dummy0) entered disabled state [ 773.384429][T23350] dummy0: entered allmulticast mode [ 773.387630][T23350] bridge0: port 3(dummy0) entered blocking state [ 773.390238][T23350] bridge0: port 3(dummy0) entered forwarding state [ 773.732303][T23370] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 774.219312][T23401] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 774.481801][T23422] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 774.761403][T23447] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 775.067188][T23472] netlink: 'syz.1.6495': attribute type 29 has an invalid length. [ 775.077493][T23472] netlink: 'syz.1.6495': attribute type 29 has an invalid length. [ 775.087347][T23472] netlink: 'syz.1.6495': attribute type 29 has an invalid length. [ 775.091868][T23472] netlink: 'syz.1.6495': attribute type 29 has an invalid length. [ 775.097043][T23472] netlink: 'syz.1.6495': attribute type 29 has an invalid length. [ 775.105120][T23474] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 775.200879][T16589] Bluetooth: hci0: command tx timeout [ 775.345852][T23495] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6505'. [ 775.357796][T23497] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 775.482655][T23508] netem: incorrect gi model size [ 775.486043][T23508] netem: change failed [ 775.627874][T23522] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 777.466620][T23619] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6562'. [ 777.499578][T23619] bridge0: port 2(bridge_slave_1) entered disabled state [ 777.503987][T23619] bridge0: port 1(bridge_slave_0) entered disabled state [ 777.696692][T23635] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6570'. [ 777.785861][T23644] usb usb8: usbfs: process 23644 (syz.0.6573) did not claim interface 0 before use [ 777.888052][T16589] Bluetooth: hci0: command tx timeout [ 778.337452][T23673] veth1_macvtap: left promiscuous mode [ 778.668687][T23692] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 779.326281][T23728] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 779.625741][T23752] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 779.727171][T23757] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 780.000855][T10356] kernel write not supported for file /virtual_nci (pid: 10356 comm: kworker/1:5) [ 780.169669][T23780] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 780.420410][T23795] can0: slcan on ptm0. [ 781.105219][ T6690] usb 5-1: new high-speed USB device number 47 using dummy_hcd [ 781.280518][T23788] can0 (unregistered): slcan off ptm0. [ 781.314000][ T6690] usb 5-1: Using ep0 maxpacket: 8 [ 781.322820][ T6690] usb 5-1: unable to get BOS descriptor or descriptor too short [ 781.328211][ T6690] usb 5-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 781.333825][ T6690] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 781.339622][ T6690] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 781.344828][ T6690] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 781.359470][ T6690] usb 5-1: string descriptor 0 read error: -22 [ 781.363734][ T6690] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 781.370992][ T6690] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 781.390109][ T6690] cdc_ncm 5-1:1.0: skipping garbage [ 781.392576][ T6690] cdc_ncm 5-1:1.0: invalid descriptor buffer length [ 781.396487][ T6690] cdc_ncm 5-1:1.0: CDC Union missing and no IAD found [ 781.408782][ T6690] cdc_ncm 5-1:1.0: bind() failure [ 781.681829][ T6690] usb 5-1: USB disconnect, device number 47 [ 782.591262][T23927] 9pnet_fd: Insufficient options for proto=fd [ 782.721246][T23937] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 782.814963][T23941] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 782.881482][T23944] dvmrp0: entered allmulticast mode [ 782.992058][T23955] 9pnet_fd: Insufficient options for proto=fd [ 783.063406][T23960] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 783.124594][T23951] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 783.225509][T23966] syzkaller1: entered promiscuous mode [ 783.227998][T23966] syzkaller1: entered allmulticast mode [ 783.559213][T23973] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 783.574040][T23970] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 783.608233][T16589] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 783.614949][T16589] Bluetooth: hci0: Injecting HCI hardware error event [ 783.656484][T16589] Bluetooth: hci0: hardware error 0x00 [ 783.773230][T23981] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 783.906110][T23982] hsr0: entered promiscuous mode [ 783.914033][T23982] netlink: 10 bytes leftover after parsing attributes in process `syz.0.6704'. [ 784.129095][T23993] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6710'. [ 784.241212][T24001] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6710'. [ 784.570591][T24003] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 784.745893][T24036] netlink: 'syz.1.6725': attribute type 9 has an invalid length. [ 784.749675][T24036] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.6725'. [ 785.236473][T24075] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 785.251869][T24070] can0: slcan on pts0. [ 785.691225][ T65] Bluetooth: hci0: Malformed LE Event: 0x0d [ 785.743865][T24097] 9pnet_fd: Insufficient options for proto=fd [ 785.960290][T16589] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 786.179844][T24060] can0 (unregistered): slcan off pts0. [ 786.474298][T24114] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 786.878750][T24144] 9pnet_fd: Insufficient options for proto=fd [ 787.420744][T24179] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6779'. [ 787.537380][T24186] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 787.658605][T24192] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 787.876685][ T6690] usb 7-1: new high-speed USB device number 58 using dummy_hcd [ 788.080743][ T6690] usb 7-1: New USB device found, idVendor=1d50, idProduct=606f, bcdDevice=14.d4 [ 788.091207][ T6690] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 788.099646][ T6690] usb 7-1: config 0 descriptor?? [ 788.503876][T24235] 9pnet_fd: Insufficient options for proto=fd [ 788.564150][ T6690] gs_usb 7-1:0.0: Couldn't get device config: (err=-71) [ 788.568411][ T6690] gs_usb 7-1:0.0: probe with driver gs_usb failed with error -71 [ 788.583653][ T6690] usb 7-1: USB disconnect, device number 58 [ 790.825267][T24278] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 790.978295][T16589] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 790.993252][ T65] Bluetooth: hci4: command 0x1003 tx timeout [ 791.267731][T10356] usb 5-1: new high-speed USB device number 48 using dummy_hcd [ 791.479023][T10356] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 791.483972][T10356] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 791.488707][T10356] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 791.492788][T10356] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 791.499131][T10356] usb 5-1: config 0 descriptor?? [ 791.975635][T10356] hid (null): bogus close delimiter [ 792.437916][T10356] usb 5-1: string descriptor 0 read error: -71 [ 792.440849][T10356] uclogic 0003:256C:006D.0030: failed retrieving string descriptor #200: -71 [ 792.444191][T10356] uclogic 0003:256C:006D.0030: failed retrieving pen parameters: -71 [ 792.446945][T10356] uclogic 0003:256C:006D.0030: failed probing pen v2 parameters: -71 [ 792.455526][T10356] uclogic 0003:256C:006D.0030: failed probing parameters: -71 [ 792.458870][T10356] uclogic 0003:256C:006D.0030: probe with driver uclogic failed with error -71 [ 792.463920][T10356] usb 5-1: USB disconnect, device number 48 [ 793.095546][T24308] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 794.085165][T24339] netlink: 'syz.2.6848': attribute type 10 has an invalid length. [ 796.268911][T24375] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6864'. [ 799.604359][T24412] 9pnet_fd: Insufficient options for proto=fd [ 799.653912][T24416] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 799.829319][T24429] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6879'. [ 800.012845][T24438] 9pnet_fd: Insufficient options for proto=fd [ 800.034577][T24440] netlink: 'syz.0.6887': attribute type 4 has an invalid length. [ 800.042661][T24441] binder: 24413:24441 ioctl c0306201 20000080 returned -14 [ 800.095152][T24443] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6888'. [ 800.139573][ C3] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 800.729498][T24473] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22 [ 800.739399][T24473] netdevsim netdevsim1: Direct firmware load for . failed with error -22 [ 800.747383][T24473] netdevsim netdevsim1: Falling back to sysfs fallback for: . [ 801.028981][T24491] tipc: Started in network mode [ 801.031046][T24491] tipc: Node identity , cluster identity 4711 [ 801.130755][T24493] syzkaller0: entered promiscuous mode [ 801.133310][T24493] syzkaller0: entered allmulticast mode [ 801.194482][T24497] 9pnet_fd: Insufficient options for proto=fd [ 801.239914][T24500] netlink: 24 bytes leftover after parsing attributes in process `syz.3.6912'. [ 804.460263][T24524] netlink: 'syz.2.6921': attribute type 9 has an invalid length. [ 804.464024][T24524] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.6921'. [ 805.991465][T18081] usb 7-1: new high-speed USB device number 59 using dummy_hcd [ 806.187132][T18081] usb 7-1: Using ep0 maxpacket: 8 [ 806.192772][T18081] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 806.198473][T18081] usb 7-1: config 0 has no interfaces? [ 806.201164][T18081] usb 7-1: New USB device found, idVendor=1608, idProduct=0215, bcdDevice=e5.2b [ 806.205052][T18081] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 806.210755][T18081] usb 7-1: config 0 descriptor?? [ 806.475104][ T55] usb 7-1: USB disconnect, device number 59 [ 806.740349][T24600] 9pnet_fd: Insufficient options for proto=fd [ 807.492904][T24631] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 807.822976][T19859] usb 5-1: new high-speed USB device number 49 using dummy_hcd [ 807.904253][T24658] netlink: 104 bytes leftover after parsing attributes in process `syz.2.6975'. [ 807.908562][T24658] netlink: 104 bytes leftover after parsing attributes in process `syz.2.6975'. [ 808.017428][T19859] usb 5-1: Using ep0 maxpacket: 8 [ 808.024050][T19859] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 808.030814][T19859] usb 5-1: config 0 has no interfaces? [ 808.033242][T19859] usb 5-1: New USB device found, idVendor=1608, idProduct=0215, bcdDevice=e5.2b [ 808.037233][T19859] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 808.043724][T19859] usb 5-1: config 0 descriptor?? [ 808.294095][T18081] usb 5-1: USB disconnect, device number 49 [ 808.986214][T24706] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6995'. [ 809.438398][T24729] fuse: Bad value for 'fd' [ 810.222140][T24746] syzkaller0: entered promiscuous mode [ 810.224774][T24746] syzkaller0: entered allmulticast mode [ 810.246315][T24746] syz.1.7011[24746] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 810.246429][T24746] syz.1.7011[24746] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 810.639352][T18081] usb 5-1: new high-speed USB device number 50 using dummy_hcd [ 810.836950][T18081] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 810.841510][T18081] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 810.846115][T18081] usb 5-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 810.858511][T18081] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 810.864331][T18081] usb 5-1: config 0 descriptor?? [ 814.075775][T24751] netlink: 12 bytes leftover after parsing attributes in process `syz.3.7013'. [ 814.091359][T10356] usb 5-1: USB disconnect, device number 50 [ 814.215970][T24764] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 815.399990][T24792] 9pnet_fd: Insufficient options for proto=fd [ 816.048472][T24800] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7032'. [ 817.005042][T24818] fuse: Unknown parameter '0xffffffffffffffff' [ 817.573410][T24820] netlink: 12 bytes leftover after parsing attributes in process `syz.3.7041'. [ 817.887517][ T5264] usb 7-1: new high-speed USB device number 60 using dummy_hcd [ 817.938914][T24845] netlink: 24 bytes leftover after parsing attributes in process `syz.0.7045'. [ 818.093345][ T5264] usb 7-1: Using ep0 maxpacket: 16 [ 818.100238][ T5264] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 818.106216][ T5264] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 818.111885][ T5264] usb 7-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 818.116280][ T5264] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 818.123997][ T5264] usb 7-1: config 0 descriptor?? [ 818.437586][T24867] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 818.545996][T24871] netlink: 'syz.3.7062': attribute type 17 has an invalid length. [ 818.604375][ T5264] input: HID 045e:07da as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/0003:045E:07DA.0031/input/input94 [ 818.689974][ T5264] microsoft 0003:045E:07DA.0031: input,hidraw1: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0 [ 819.046747][T10356] usb 7-1: USB disconnect, device number 60 [ 820.139398][T24911] netlink: 'syz.2.7077': attribute type 10 has an invalid length. [ 820.488090][T24929] 9pnet_fd: Insufficient options for proto=fd [ 820.632829][T24939] netlink: 20 bytes leftover after parsing attributes in process `syz.0.7089'. [ 820.951699][T24954] 9pnet_fd: Insufficient options for proto=fd [ 821.126234][T24963] netlink: 20 bytes leftover after parsing attributes in process `syz.3.7101'. [ 821.148154][T24964] syz.0.7093[24964] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 821.148269][T24964] syz.0.7093[24964] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 821.328101][T24972] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 821.725290][T24995] 9pnet_fd: Insufficient options for proto=fd [ 822.248937][T25020] netlink: 'syz.0.7126': attribute type 29 has an invalid length. [ 822.255789][T25020] netlink: 'syz.0.7126': attribute type 29 has an invalid length. [ 822.266620][T25020] netlink: 'syz.0.7126': attribute type 29 has an invalid length. [ 822.438087][ T25] usb 7-1: new high-speed USB device number 61 using dummy_hcd [ 822.666975][ T25] usb 7-1: Using ep0 maxpacket: 16 [ 822.675117][ T25] usb 7-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00 [ 822.680109][ T25] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 822.685731][ T25] usb 7-1: Product: syz [ 822.688090][ T25] usb 7-1: Manufacturer: syz [ 822.690721][ T25] usb 7-1: SerialNumber: syz [ 822.697563][ T25] usb 7-1: config 0 descriptor?? [ 822.708131][ T25] ftdi_sio 7-1:0.0: FTDI USB Serial Device converter detected [ 822.714169][ T25] usb 7-1: Detected FT232H [ 822.943075][ T25] ftdi_sio ttyUSB0: Unable to read latency timer: -32 [ 822.963808][ T39] kauditd_printk_skb: 1 callbacks suppressed [ 822.963826][ T39] audit: type=1326 audit(1720653381.376:3624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25039 comm="syz.3.7135" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7441579 code=0x0 [ 823.172534][ T25] ftdi_sio 7-1:0.0: GPIO initialisation failed: -71 [ 823.188480][ T25] usb 7-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 823.197096][ T25] usb 7-1: USB disconnect, device number 61 [ 823.207863][ T25] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 823.214179][ T25] ftdi_sio 7-1:0.0: device disconnected [ 823.854458][T25083] dccp_invalid_packet: P.Data Offset(0) too small [ 824.054309][ T39] audit: type=1326 audit(1720653382.391:3625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25088 comm="syz.3.7155" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7441579 code=0x0 [ 824.377165][ T824] usb 7-1: new high-speed USB device number 62 using dummy_hcd [ 824.597420][ T824] usb 7-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36 [ 824.602296][ T824] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 824.615154][ T824] usb 7-1: Product: syz [ 824.622150][ T824] usb 7-1: Manufacturer: syz [ 824.626504][ T824] usb 7-1: SerialNumber: syz [ 824.631304][ T824] usb 7-1: config 0 descriptor?? [ 824.636248][ T824] ch341 7-1:0.0: ch341-uart converter detected [ 825.160645][ T824] usb 7-1: failed to send control message: -71 [ 825.173748][ T824] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71 [ 825.192354][ T824] usb 7-1: USB disconnect, device number 62 [ 825.200394][ T824] ch341 7-1:0.0: device disconnected [ 825.553670][T25131] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7168'. [ 825.856768][ T39] audit: type=1326 audit(1720653384.052:3626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25141 comm="syz.1.7172" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf73f8579 code=0x0 [ 826.796301][T25152] (unnamed net_device) (uninitialized): Unable to set down delay as MII monitoring is disabled [ 827.583440][ T1353] ieee802154 phy0 wpan0: encryption failed: -22 [ 827.586118][ T1353] ieee802154 phy1 wpan1: encryption failed: -22 [ 828.102346][T25188] 9pnet_fd: Insufficient options for proto=fd [ 829.252247][T25227] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7205'. [ 829.703170][T25236] fuse: Bad value for 'fd' [ 829.832465][ T39] audit: type=1326 audit(1720653387.717:3627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25240 comm="syz.0.7210" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf746b579 code=0x0 [ 830.172857][T25253] 9pnet_fd: Insufficient options for proto=fd [ 830.334379][ T39] audit: type=1800 audit(1720653388.178:3628): pid=25239 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.7207" name="/" dev="fuse" ino=1 res=0 errno=0 [ 830.342036][T25265] netlink: 20 bytes leftover after parsing attributes in process `syz.3.7221'. [ 830.787785][T25277] 9pnet_fd: Insufficient options for proto=fd [ 831.226957][T25295] netlink: 104 bytes leftover after parsing attributes in process `syz.2.7233'. [ 831.235165][T25295] netlink: 104 bytes leftover after parsing attributes in process `syz.2.7233'. [ 831.322470][T25303] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.7236'. [ 831.326841][T25303] openvswitch: netlink: VXLAN extension message has 13 unknown bytes. [ 831.491780][T25309] netlink: 288 bytes leftover after parsing attributes in process `syz.2.7238'. [ 832.284936][T25345] 9pnet_fd: Insufficient options for proto=fd [ 833.153250][T25363] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7259'. [ 833.995752][T25376] 9pnet_fd: Insufficient options for proto=fd [ 834.862516][T25404] netlink: 12 bytes leftover after parsing attributes in process `syz.2.7277'. [ 835.253568][T25425] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.7286'. [ 835.258297][T25425] openvswitch: netlink: VXLAN extension message has 13 unknown bytes. [ 836.343683][T25466] netlink: 132 bytes leftover after parsing attributes in process `syz.3.7304'. [ 837.846700][T25502] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.7320'. [ 837.851031][T25502] openvswitch: netlink: VXLAN extension message has 13 unknown bytes. [ 838.022357][T25508] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7314'. [ 838.625789][ T5237] usb 5-1: new high-speed USB device number 51 using dummy_hcd [ 838.846002][ T5237] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 838.864701][ T5237] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 838.876248][ T5237] usb 5-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 838.884591][ T5237] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 838.899706][ T5237] usb 5-1: config 0 descriptor?? [ 839.148456][ T57] usb 5-1: USB disconnect, device number 51 [ 839.279216][T25548] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.7339'. [ 839.283447][T25548] openvswitch: netlink: VXLAN extension message has 13 unknown bytes. [ 839.314655][T25550] 9pnet_fd: Insufficient options for proto=fd [ 839.504056][T25566] netlink: 'syz.2.7347': attribute type 27 has an invalid length. [ 839.645413][T25569] 9pnet_fd: Insufficient options for proto=fd [ 839.661995][T25566] bond0: left allmulticast mode [ 839.664480][T25566] bond_slave_0: left allmulticast mode [ 839.668241][T25566] bond_slave_1: left allmulticast mode [ 839.687198][T25566] tipc: Resetting bearer [ 839.723620][T25566] dummy0: left promiscuous mode [ 839.953096][T25573] 9pnet_fd: Insufficient options for proto=fd [ 840.012459][T25577] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.7351'. [ 840.016442][T25577] openvswitch: netlink: VXLAN extension message has 13 unknown bytes. [ 840.086519][T25566] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 840.118505][T25566] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 840.384600][T25566] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 840.388543][T25566] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 840.392761][T25566] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 840.408399][T25566] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 840.508733][T25566] netdevsim netdevsim2 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 840.513079][T25566] netdevsim netdevsim2 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 840.517414][T25566] netdevsim netdevsim2 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 840.521994][T25566] netdevsim netdevsim2 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 841.194640][T25612] netlink: 132 bytes leftover after parsing attributes in process `syz.0.7366'. [ 841.913556][T25635] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.7375'. [ 841.918005][T25635] openvswitch: netlink: Tunnel attr 0 has unexpected len 13 expected 8 [ 841.982175][T25639] syz.2.7377[25639] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 841.982503][T25639] syz.2.7377[25639] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 843.055872][T25656] netlink: 132 bytes leftover after parsing attributes in process `syz.0.7383'. [ 843.198387][T25662] syz.2.7386[25662] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 843.198553][T25662] syz.2.7386[25662] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 843.778566][T25687] syz.3.7397[25687] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 843.784562][T25687] syz.3.7397[25687] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 843.802718][ T39] audit: type=1326 audit(1720653400.611:3629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25686 comm="syz.3.7397" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7441579 code=0x0 [ 844.995719][T25717] syz.1.7401[25717] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 844.995899][T25717] syz.1.7401[25717] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 845.104298][ T824] usb 5-1: new high-speed USB device number 52 using dummy_hcd [ 845.321669][ T824] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 845.326062][ T824] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 845.330058][ T824] usb 5-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 845.353146][ T824] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 845.358837][ T824] usb 5-1: config 0 descriptor?? [ 845.591034][ T5244] usb 5-1: USB disconnect, device number 52 [ 845.989052][T25733] netlink: 132 bytes leftover after parsing attributes in process `syz.2.7412'. [ 846.227167][T25746] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.7418'. [ 846.236257][T25746] openvswitch: netlink: Tunnel attr 0 has unexpected len 13 expected 8 [ 846.368582][T25755] netlink: 132 bytes leftover after parsing attributes in process `syz.0.7422'. [ 846.737709][T25780] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 847.127985][T25795] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.7438'. [ 847.132448][T25795] openvswitch: netlink: Tunnel attr 0 has unexpected len 13 expected 8 [ 847.896417][T25819] netlink: 132 bytes leftover after parsing attributes in process `syz.3.7449'. [ 847.984038][T25824] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.7452'. [ 847.990968][T25824] openvswitch: netlink: Tunnel attr 0 has unexpected len 13 expected 8 [ 848.220489][T25845] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.7462'. [ 848.226508][T25845] openvswitch: netlink: Tunnel attr 0 has unexpected len 13 expected 8 [ 848.526776][T19859] usb 5-1: new high-speed USB device number 53 using dummy_hcd [ 848.580843][ T57] usb 7-1: new high-speed USB device number 63 using dummy_hcd [ 848.734539][T19859] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 848.739085][T19859] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b [ 848.744011][T19859] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 848.750005][T19859] usb 5-1: config 0 descriptor?? [ 848.780937][ T57] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 848.785528][ T57] usb 7-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b [ 848.793872][ T57] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 848.800036][ T57] usb 7-1: config 0 descriptor?? [ 848.978729][T19859] ath6kl: Failed to submit usb control message: -71 [ 848.981945][T19859] ath6kl: unable to send the bmi data to the device: -71 [ 848.985243][T19859] ath6kl: Unable to send get target info: -71 [ 848.991821][T19859] ath6kl: Failed to init ath6kl core: -71 [ 849.007726][T19859] ath6kl_usb 5-1:0.0: probe with driver ath6kl_usb failed with error -71 [ 849.014619][T19859] usb 5-1: USB disconnect, device number 53 [ 849.031309][ T57] ath6kl: Failed to submit usb control message: -71 [ 849.034408][ T57] ath6kl: unable to send the bmi data to the device: -71 [ 849.040626][ T57] ath6kl: Unable to send get target info: -71 [ 849.044328][ T57] ath6kl: Failed to init ath6kl core: -71 [ 849.047527][ T57] ath6kl_usb 7-1:0.0: probe with driver ath6kl_usb failed with error -71 [ 849.063223][ T57] usb 7-1: USB disconnect, device number 63 [ 849.555618][T25869] netlink: 12 bytes leftover after parsing attributes in process `syz.0.7470'. [ 849.639578][T25876] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.7473'. [ 849.643796][T25876] openvswitch: netlink: Tunnel attr 0 has unexpected len 13 expected 8 [ 849.897235][T25890] netlink: 12 bytes leftover after parsing attributes in process `syz.0.7479'. [ 850.020226][ T39] audit: type=1326 audit(1720653406.352:3630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25896 comm="syz.0.7482" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746b579 code=0x7ffc0000 [ 850.028421][ T39] audit: type=1326 audit(1720653406.352:3631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25896 comm="syz.0.7482" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746b579 code=0x7ffc0000 [ 850.037118][ T39] audit: type=1326 audit(1720653406.352:3632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25896 comm="syz.0.7482" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf746b579 code=0x7ffc0000 [ 850.047415][ T39] audit: type=1326 audit(1720653406.371:3633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25896 comm="syz.0.7482" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746b579 code=0x7ffc0000 [ 850.057097][ T39] audit: type=1326 audit(1720653406.371:3634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25896 comm="syz.0.7482" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746b579 code=0x7ffc0000 [ 850.072727][ T39] audit: type=1326 audit(1720653406.371:3635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25896 comm="syz.0.7482" exe="/syz-executor" sig=0 arch=40000003 syscall=286 compat=1 ip=0xf746b579 code=0x7ffc0000 [ 850.084311][ T39] audit: type=1326 audit(1720653406.371:3636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25896 comm="syz.0.7482" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746b579 code=0x7ffc0000 [ 850.095759][ T39] audit: type=1326 audit(1720653406.371:3637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25896 comm="syz.0.7482" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746b579 code=0x7ffc0000 [ 850.105841][ T39] audit: type=1326 audit(1720653406.371:3638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25896 comm="syz.0.7482" exe="/syz-executor" sig=0 arch=40000003 syscall=286 compat=1 ip=0xf746b579 code=0x7ffc0000 [ 850.115857][ T39] audit: type=1326 audit(1720653406.371:3639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25896 comm="syz.0.7482" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746b579 code=0x7ffc0000 [ 850.253610][T25902] veth1_virt_wifi: entered promiscuous mode [ 850.256384][T25902] veth1_virt_wifi: entered allmulticast mode [ 850.655004][T25912] netlink: 12 bytes leftover after parsing attributes in process `syz.0.7489'. [ 851.694840][T25931] netlink: 132 bytes leftover after parsing attributes in process `syz.2.7496'. [ 852.524516][ T57] usb 5-1: new high-speed USB device number 54 using dummy_hcd [ 852.724356][ T57] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 852.729264][ T57] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 852.734221][ T57] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 852.738140][ T57] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 852.744089][ T57] usb 5-1: config 0 descriptor?? [ 852.820691][T25954] netlink: 'syz.3.7505': attribute type 26 has an invalid length. [ 853.167972][T25964] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.7510'. [ 853.171915][T25964] openvswitch: netlink: Tunnel attr 0 has unexpected len 13 expected 8 [ 853.217088][ T57] hid (null): bogus close delimiter [ 853.236011][T25968] 9pnet_fd: Insufficient options for proto=fd [ 853.280678][T25972] netlink: 'syz.2.7514': attribute type 26 has an invalid length. [ 853.443859][ T57] usb 5-1: language id specifier not provided by device, defaulting to English [ 854.114366][ T57] uclogic 0003:256C:006D.0032: failed retrieving string descriptor #100: -71 [ 854.124150][ T57] uclogic 0003:256C:006D.0032: failed retrieving pen parameters: -71 [ 854.129806][ T57] uclogic 0003:256C:006D.0032: failed probing pen v1 parameters: -71 [ 854.134321][ T57] uclogic 0003:256C:006D.0032: failed probing parameters: -71 [ 854.137728][ T57] uclogic 0003:256C:006D.0032: probe with driver uclogic failed with error -71 [ 854.163851][ T57] usb 5-1: USB disconnect, device number 54 [ 854.352077][T25993] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.7521'. [ 854.352110][T25993] openvswitch: netlink: Tunnel attr 0 has unexpected len 13 expected 8 [ 854.470336][T25995] 9pnet_fd: Insufficient options for proto=fd [ 854.893717][T26017] pim6reg1: entered promiscuous mode [ 854.895712][T26017] pim6reg1: entered allmulticast mode [ 855.059656][T26019] 9pnet_fd: Insufficient options for proto=fd [ 855.092456][ T6690] usb 5-1: new high-speed USB device number 55 using dummy_hcd [ 855.301908][ T6690] usb 5-1: Using ep0 maxpacket: 16 [ 855.307211][ T6690] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 855.313512][ T6690] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 855.318418][ T6690] usb 5-1: New USB device found, idVendor=17ef, idProduct=6009, bcdDevice= 0.00 [ 855.322358][ T6690] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 855.328671][ T6690] usb 5-1: config 0 descriptor?? [ 855.593463][T26034] sit0: entered allmulticast mode [ 855.610196][T26036] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.7540'. [ 855.615619][T26036] openvswitch: netlink: Tunnel attr 0 has unexpected len 13 expected 8 [ 855.654001][T26034] sit0: entered promiscuous mode [ 855.799498][ T6690] lenovo 0003:17EF:6009.0033: item fetching failed at offset 1/5 [ 855.816422][ T6690] lenovo 0003:17EF:6009.0033: hid_parse failed [ 855.850751][ T6690] lenovo 0003:17EF:6009.0033: probe with driver lenovo failed with error -22 [ 855.940461][T26055] 9pnet_fd: Insufficient options for proto=fd [ 856.026939][ T5264] usb 5-1: USB disconnect, device number 55 [ 856.229925][T26067] sit0: entered allmulticast mode [ 856.248165][T26067] sit0: entered promiscuous mode [ 857.285608][T26107] 9pnet_fd: Insufficient options for proto=fd [ 857.886608][T26121] syz.2.7576[26121] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 857.886764][T26121] syz.2.7576[26121] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 857.900714][ T39] kauditd_printk_skb: 58 callbacks suppressed [ 857.900732][ T39] audit: type=1326 audit(1720653413.625:3698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26120 comm="syz.2.7576" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf740d579 code=0x0 [ 858.289318][T26132] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 858.837922][T26151] Bluetooth: MGMT ver 1.22 [ 858.896349][T26153] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.7591'. [ 858.900590][T26153] openvswitch: netlink: Tunnel attr 0 has unexpected len 13 expected 8 [ 858.912121][T26155] netlink: 20 bytes leftover after parsing attributes in process `syz.2.7590'. [ 859.057551][ T824] usb 5-1: new high-speed USB device number 56 using dummy_hcd [ 859.263418][ T824] usb 5-1: Using ep0 maxpacket: 8 [ 859.268163][ T824] usb 5-1: config 0 has an invalid interface number: 209 but max is 1 [ 859.271819][ T824] usb 5-1: config 0 has no interface number 1 [ 859.278334][ T824] usb 5-1: New USB device found, idVendor=046d, idProduct=092d, bcdDevice=32.48 [ 859.283490][ T824] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 859.288444][ T824] usb 5-1: Product: syz [ 859.290731][ T824] usb 5-1: Manufacturer: syz [ 859.292850][ T824] usb 5-1: SerialNumber: syz [ 859.298720][ T824] usb 5-1: config 0 descriptor?? [ 859.313882][ T824] gspca_main: spca561-2.14.0 probing 046d:092d [ 859.524407][ T824] spca561 5-1:0.0: probe with driver spca561 failed with error -22 [ 859.529789][ T824] usb 5-1: USB disconnect, device number 56 [ 859.536156][T25859] udevd[25859]: setting mode of /dev/bus/usb/005/056 to 020664 failed: No such file or directory [ 859.540923][T25859] udevd[25859]: setting owner of /dev/bus/usb/005/056 to uid=0, gid=0 failed: No such file or directory [ 860.131393][T26191] netlink: 'syz.0.7605': attribute type 26 has an invalid length. [ 860.150909][T26192] veth1_virt_wifi: entered promiscuous mode [ 860.154723][T26192] veth1_virt_wifi: entered allmulticast mode [ 860.248092][T26198] 9pnet_fd: Insufficient options for proto=fd [ 862.630038][ C1] vkms_vblank_simulate: vblank timer overrun [ 863.048460][T26280] syz.0.7639[26280] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 863.048628][T26280] syz.0.7639[26280] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 863.075110][ T39] audit: type=1326 audit(1720653418.397:3699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26279 comm="syz.0.7639" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf746b579 code=0x0 [ 863.179115][T26285] netlink: 20 bytes leftover after parsing attributes in process `syz.2.7640'. [ 865.136929][ C1] vkms_vblank_simulate: vblank timer overrun [ 867.120721][T26317] syz.3.7653[26317] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 867.120816][T26317] syz.3.7653[26317] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 867.132559][T26319] syz.1.7654[26319] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 867.138314][T26319] syz.1.7654[26319] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 867.311938][T26330] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.7659'. [ 867.320838][T26330] openvswitch: netlink: Tunnel attr 0 has unexpected len 13 expected 8 [ 867.414323][T26339] netlink: 20 bytes leftover after parsing attributes in process `syz.1.7660'. [ 867.512412][T26343] syz.1.7663[26343] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 867.512570][T26343] syz.1.7663[26343] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 867.562608][ T5264] usb 5-1: new high-speed USB device number 57 using dummy_hcd [ 867.743748][T26349] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7664'. [ 867.826765][ T5264] usb 5-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config [ 867.832175][ T5264] usb 5-1: config 27 has 0 interfaces, different from the descriptor's value: 1 [ 867.840285][ T5264] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 867.845596][ T5264] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 867.991686][T26365] syz.2.7670[26365] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 867.991828][T26365] syz.2.7670[26365] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 868.060745][ C1] vkms_vblank_simulate: vblank timer overrun [ 868.087084][ T25] usb 5-1: USB disconnect, device number 57 [ 868.312453][T26375] netlink: 20 bytes leftover after parsing attributes in process `syz.2.7672'. [ 868.322750][T26374] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7673'. [ 868.379995][T26378] fuse: Bad value for 'fd' [ 868.661972][T26381] fuse: Unknown parameter 'group_id00000000000000000000' [ 869.224971][T26388] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7678'. [ 869.719702][T26403] syz.0.7683[26403] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 869.719865][T26403] syz.0.7683[26403] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 870.109930][T26418] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7687'. [ 870.441067][T26433] netlink: 'syz.1.7694': attribute type 21 has an invalid length. [ 870.454497][T26433] netlink: 156 bytes leftover after parsing attributes in process `syz.1.7694'. [ 870.480202][T26433] mac80211_hwsim hwsim59 ÿÿÿÿÿÿts: renamed from wlan1 [ 870.726169][ T824] usb 7-1: new high-speed USB device number 64 using dummy_hcd [ 870.921152][ T824] usb 7-1: Using ep0 maxpacket: 32 [ 870.932282][ T824] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 870.937131][ T824] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 870.940942][ T824] usb 7-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 870.945688][ T824] usb 7-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0 [ 870.950187][ T824] usb 7-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 8 [ 870.958782][ T824] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 870.962629][ T824] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 870.965451][ T824] usb 7-1: Product: syz [ 870.966845][ T824] usb 7-1: Manufacturer: syz [ 870.968350][ T824] usb 7-1: SerialNumber: syz [ 871.255135][ T824] cdc_ncm 7-1:1.0: bind() failure [ 871.261865][ T824] cdc_ncm 7-1:1.1: CDC Union missing and no IAD found [ 871.264957][ T824] cdc_ncm 7-1:1.1: bind() failure [ 871.270819][ T824] usb 7-1: USB disconnect, device number 64 [ 871.870395][T26452] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 872.317844][T26468] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.7706'. [ 872.322696][T26468] openvswitch: netlink: Tunnel attr 0 has unexpected len 13 expected 8 [ 872.668661][T26485] fuse: Unknown parameter 'group_i00000000000000000000' [ 873.365013][T26496] netlink: 20 bytes leftover after parsing attributes in process `syz.2.7718'. [ 873.792221][ T5264] usb 5-1: new high-speed USB device number 58 using dummy_hcd [ 874.033675][ T5264] usb 5-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config [ 874.040471][ T5264] usb 5-1: config 27 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 874.052113][ T5264] usb 5-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 874.068851][ T5264] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 874.073418][ T5264] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 874.165670][ T5264] snd-usb-audio 5-1:27.0: probe with driver snd-usb-audio failed with error -2 [ 874.227382][T25859] udevd[25859]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb5/5-1/5-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 874.244604][T26498] [ 874.245769][T26498] ====================================================== [ 874.248985][T26498] WARNING: possible circular locking dependency detected [ 874.252133][T26498] 6.10.0-rc7-syzkaller-00025-ga19ea421490d #0 Not tainted [ 874.256976][T26498] ------------------------------------------------------ [ 874.260470][T26498] syz.3.7719/26498 is trying to acquire lock: [ 874.263446][T26498] ffff88803fffece0 (&pgdat->kswapd_wait){..-.}-{2:2}, at: __wake_up+0x1c/0x60 [ 874.267623][T26498] [ 874.267623][T26498] but task is already holding lock: [ 874.270560][T26498] ffff8880286769f8 (&trie->lock){-.-.}-{2:2}, at: trie_update_elem+0xc7/0xdb0 [ 874.274056][T26498] [ 874.274056][T26498] which lock already depends on the new lock. [ 874.274056][T26498] [ 874.278071][T26498] [ 874.278071][T26498] the existing dependency chain (in reverse order) is: [ 874.282066][T26498] [ 874.282066][T26498] -> #3 (&trie->lock){-.-.}-{2:2}: [ 874.284878][T26498] _raw_spin_lock_irqsave+0x3a/0x60 [ 874.286899][T26498] trie_delete_elem+0xb0/0x820 [ 874.289000][T26498] 0xffffffffa0001daf [ 874.290604][T26498] bpf_trace_run2+0x231/0x590 [ 874.292711][T26498] trace_tlb_flush+0xf3/0x170 [ 874.294962][T26498] switch_mm_irqs_off+0x68b/0xbc0 [ 874.297213][T26498] __schedule+0xd2b/0x5d00 [ 874.301458][T26498] preempt_schedule_common+0x44/0xc0 [ 874.304015][T26498] preempt_schedule_thunk+0x1a/0x30 [ 874.306292][T26498] __local_bh_enable_ip+0x107/0x120 [ 874.308180][T26498] netif_napi_add_weight+0x538/0xab0 [ 874.310422][T26498] wg_peer_create+0x5bb/0x9c0 [ 874.312394][T26498] set_peer+0x906/0x13c0 [ 874.314235][T26498] wg_set_device+0x8e3/0x13e0 [ 874.316441][T26498] genl_family_rcv_msg_doit+0x202/0x2f0 [ 874.319231][T26498] genl_rcv_msg+0x565/0x800 [ 874.321816][T26498] netlink_rcv_skb+0x165/0x410 [ 874.324431][T26498] genl_rcv+0x28/0x40 [ 874.325382][ T57] usb 5-1: USB disconnect, device number 58 [ 874.326392][T26498] netlink_unicast+0x542/0x820 [ 874.331229][T26498] netlink_sendmsg+0x8b8/0xd70 [ 874.333342][T26498] __sys_sendto+0x47f/0x4e0 [ 874.335380][T26498] __do_compat_sys_socketcall+0x5e2/0x700 [ 874.337848][T26498] __do_fast_syscall_32+0x73/0x120 [ 874.340003][T26498] do_fast_syscall_32+0x32/0x80 [ 874.342204][T26498] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 874.345283][T26498] [ 874.345283][T26498] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 874.348194][T26498] _raw_spin_lock_nested+0x31/0x40 [ 874.350169][T26498] raw_spin_rq_lock_nested+0x29/0x130 [ 874.352399][T26498] task_fork_fair+0x73/0x250 [ 874.354175][T26498] sched_cgroup_fork+0x3cf/0x510 [ 874.356298][T26498] copy_process+0x4710/0x6f50 [ 874.358315][T26498] kernel_clone+0xfd/0x980 [ 874.360334][T26498] user_mode_thread+0xb4/0xf0 [ 874.362316][T26498] rest_init+0x23/0x2b0 [ 874.364189][T26498] start_kernel+0x3df/0x4c0 [ 874.366359][T26498] x86_64_start_reservations+0x18/0x30 [ 874.369352][T26498] x86_64_start_kernel+0xb2/0xc0 [ 874.371886][T26498] common_startup_64+0x13e/0x148 [ 874.374131][T26498] [ 874.374131][T26498] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 874.376869][T26498] _raw_spin_lock_irqsave+0x3a/0x60 [ 874.379330][T26498] try_to_wake_up+0x9a/0x13e0 [ 874.381370][T26498] autoremove_wake_function+0x16/0x150 [ 874.383844][T26498] __wake_up_common+0x131/0x1e0 [ 874.385981][T26498] __wake_up+0x31/0x60 [ 874.387909][T26498] wakeup_kswapd+0x45e/0x640 [ 874.390235][T26498] get_page_from_freelist+0x9bc/0x2e50 [ 874.393268][T26498] __alloc_pages_noprof+0x22b/0x2460 [ 874.395884][T26498] __page_frag_alloc_align+0x24b/0x910 [ 874.398353][T26498] __netdev_alloc_frag_align+0x123/0x190 [ 874.400774][T26498] e1000_alloc_rx_buffers+0x27c/0xd30 [ 874.403075][T26498] e1000_clean_rx_irq+0xb78/0x1040 [ 874.405294][T26498] e1000_clean+0x960/0x26f0 [ 874.407372][T26498] __napi_poll.constprop.0+0xb7/0x550 [ 874.409730][T26498] net_rx_action+0x9b6/0xf10 [ 874.411854][T26498] handle_softirqs+0x216/0x8f0 [ 874.414097][T26498] irq_exit_rcu+0xbb/0x120 [ 874.416222][T26498] common_interrupt+0xb0/0xd0 [ 874.418388][T26498] asm_common_interrupt+0x26/0x40 [ 874.420418][T26498] default_idle+0xf/0x20 [ 874.422079][T26498] default_idle_call+0x6d/0xb0 [ 874.423951][T26498] do_idle+0x32c/0x3f0 [ 874.425410][T26498] cpu_startup_entry+0x4f/0x60 [ 874.427099][T26498] start_secondary+0x220/0x2b0 [ 874.428816][T26498] common_startup_64+0x13e/0x148 [ 874.430840][T26498] [ 874.430840][T26498] -> #0 (&pgdat->kswapd_wait){..-.}-{2:2}: [ 874.433651][T26498] __lock_acquire+0x2478/0x3b30 [ 874.435504][T26498] lock_acquire+0x1b1/0x560 [ 874.437065][T26498] _raw_spin_lock_irqsave+0x3a/0x60 [ 874.438744][T26498] __wake_up+0x1c/0x60 [ 874.440473][T26498] wakeup_kswapd+0x45e/0x640 [ 874.442537][T26498] get_page_from_freelist+0x9bc/0x2e50 [ 874.444849][T26498] __alloc_pages_noprof+0x22b/0x2460 [ 874.446846][T26498] alloc_slab_page+0x56/0x110 [ 874.448622][T26498] new_slab+0x84/0x260 [ 874.450166][T26498] ___slab_alloc+0xdac/0x1870 [ 874.451833][T26498] __slab_alloc.constprop.0+0x56/0xb0 [ 874.453761][T26498] __kmalloc_node_noprof+0x36c/0x450 [ 874.455827][T26498] bpf_map_kmalloc_node+0x98/0x4a0 [ 874.457940][T26498] trie_update_elem+0x1ef/0xdb0 [ 874.459864][T26498] bpf_map_update_value+0x2c1/0x6c0 [ 874.462055][T26498] generic_map_update_batch+0x454/0x5f0 [ 874.464508][T26498] bpf_map_do_batch+0x615/0x6e0 [ 874.466631][T26498] __sys_bpf+0x18cb/0x5830 [ 874.468565][T26498] __ia32_sys_bpf+0x76/0xe0 [ 874.470557][T26498] __do_fast_syscall_32+0x73/0x120 [ 874.472605][T26498] do_fast_syscall_32+0x32/0x80 [ 874.474395][T26498] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 874.476656][T26498] [ 874.476656][T26498] other info that might help us debug this: [ 874.476656][T26498] [ 874.480524][T26498] Chain exists of: [ 874.480524][T26498] &pgdat->kswapd_wait --> &rq->__lock --> &trie->lock [ 874.480524][T26498] [ 874.484953][T26498] Possible unsafe locking scenario: [ 874.484953][T26498] [ 874.487628][T26498] CPU0 CPU1 [ 874.489466][T26498] ---- ---- [ 874.491237][T26498] lock(&trie->lock); [ 874.492632][T26498] lock(&rq->__lock); [ 874.494847][T26498] lock(&trie->lock); [ 874.496724][T26498] lock(&pgdat->kswapd_wait); [ 874.499227][T26498] [ 874.499227][T26498] *** DEADLOCK *** [ 874.499227][T26498] [ 874.502898][T26498] 2 locks held by syz.3.7719/26498: [ 874.505117][T26498] #0: ffffffff8dbb4ea0 (rcu_read_lock){....}-{1:2}, at: bpf_map_update_value+0x24b/0x6c0 [ 874.509410][T26498] #1: ffff8880286769f8 (&trie->lock){-.-.}-{2:2}, at: trie_update_elem+0xc7/0xdb0 [ 874.512680][T26498] [ 874.512680][T26498] stack backtrace: [ 874.514794][T26498] CPU: 1 PID: 26498 Comm: syz.3.7719 Not tainted 6.10.0-rc7-syzkaller-00025-ga19ea421490d #0 [ 874.517914][T26498] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 874.521678][T26498] Call Trace: [ 874.522946][T26498] [ 874.524132][T26498] dump_stack_lvl+0x116/0x1f0 [ 874.525895][T26498] check_noncircular+0x31a/0x400 [ 874.527854][T26498] ? __pfx_check_noncircular+0x10/0x10 [ 874.529903][T26498] ? find_held_lock+0x2d/0x110 [ 874.531799][T26498] ? lockdep_lock+0xc6/0x200 [ 874.533618][T26498] ? __pfx_lockdep_lock+0x10/0x10 [ 874.535566][T26498] __lock_acquire+0x2478/0x3b30 [ 874.537164][T26498] ? __pfx___lock_acquire+0x10/0x10 [ 874.539069][T26498] ? __rmqueue_pcplist+0xc62/0x1550 [ 874.540875][T26498] lock_acquire+0x1b1/0x560 [ 874.542341][T26498] ? __wake_up+0x1c/0x60 [ 874.543828][T26498] ? __pfx_lock_acquire+0x10/0x10 [ 874.545581][T26498] ? __rmqueue_pcplist+0x248/0x1550 [ 874.547632][T26498] ? find_held_lock+0x2d/0x110 [ 874.549304][T26498] ? __zone_watermark_ok+0x252/0x4d0 [ 874.551498][T26498] _raw_spin_lock_irqsave+0x3a/0x60 [ 874.553594][T26498] ? __wake_up+0x1c/0x60 [ 874.555396][T26498] __wake_up+0x1c/0x60 [ 874.557027][T26498] wakeup_kswapd+0x45e/0x640 [ 874.558549][T26498] get_page_from_freelist+0x9bc/0x2e50 [ 874.560648][T26498] ? __pfx_get_page_from_freelist+0x10/0x10 [ 874.562979][T26498] ? prepare_alloc_pages.constprop.0+0x412/0x560 [ 874.565306][T26498] __alloc_pages_noprof+0x22b/0x2460 [ 874.566983][T26498] ? __lock_acquire+0x14f4/0x3b30 [ 874.568860][T26498] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 874.570953][T26498] ? __pfx___lock_acquire+0x10/0x10 [ 874.572900][T26498] ? __pfx_mark_lock+0x10/0x10 [ 874.574514][T26498] ? stack_trace_save+0x95/0xd0 [ 874.576124][T26498] ? lock_acquire+0x1b1/0x560 [ 874.577710][T26498] ? find_held_lock+0x2d/0x110 [ 874.579350][T26498] ? __slab_alloc.constprop.0+0x56/0xb0 [ 874.581262][T26498] ? __pfx_lock_release+0x10/0x10 [ 874.583568][T26498] ? __pfx_lock_release+0x10/0x10 [ 874.585164][T26498] alloc_slab_page+0x56/0x110 [ 874.586636][T26498] new_slab+0x84/0x260 [ 874.588114][T26498] ___slab_alloc+0xdac/0x1870 [ 874.589924][T26498] ? bpf_map_kmalloc_node+0x98/0x4a0 [ 874.592041][T26498] ? bpf_map_get_memcg.isra.0+0x143/0x5a0 [ 874.594558][T26498] ? bpf_map_kmalloc_node+0x98/0x4a0 [ 874.596970][T26498] ? __slab_alloc.constprop.0+0x56/0xb0 [ 874.598982][T26498] __slab_alloc.constprop.0+0x56/0xb0 [ 874.601003][T26498] __kmalloc_node_noprof+0x36c/0x450 [ 874.602890][T26498] ? bpf_map_kmalloc_node+0x98/0x4a0 [ 874.605187][T26498] bpf_map_kmalloc_node+0x98/0x4a0 [ 874.607062][T26498] trie_update_elem+0x1ef/0xdb0 [ 874.608922][T26498] ? __pfx___might_resched+0x10/0x10 [ 874.610891][T26498] bpf_map_update_value+0x2c1/0x6c0 [ 874.612836][T26498] generic_map_update_batch+0x454/0x5f0 [ 874.614821][T26498] ? __pfx_generic_map_update_batch+0x10/0x10 [ 874.617185][T26498] ? __pfx_generic_map_update_batch+0x10/0x10 [ 874.619676][T26498] bpf_map_do_batch+0x615/0x6e0 [ 874.621681][T26498] __sys_bpf+0x18cb/0x5830 [ 874.623752][T26498] ? __pfx___sys_bpf+0x10/0x10 [ 874.625756][T26498] ? __pfx_futex_wait+0x10/0x10 [ 874.627631][T26498] ? do_futex+0x123/0x350 [ 874.629315][T26498] ? __pfx_do_futex+0x10/0x10 [ 874.631041][T26498] ? __pfx___ia32_sys_futex_time32+0x10/0x10 [ 874.633304][T26498] __ia32_sys_bpf+0x76/0xe0 [ 874.635129][T26498] __do_fast_syscall_32+0x73/0x120 [ 874.637260][T26498] do_fast_syscall_32+0x32/0x80 [ 874.639230][T26498] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 874.641750][T26498] RIP: 0023:0xf7441579 [ 874.643386][T26498] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 874.651920][T26498] RSP: 002b:00000000f5d5957c EFLAGS: 00000292 ORIG_RAX: 0000000000000165 [ 874.655168][T26498] RAX: ffffffffffffffda RBX: 000000000000001a RCX: 0000000020000640 [ 874.658063][T26498] RDX: 0000000000000038 RSI: 0000000000000000 RDI: 0000000000000000 [ 874.661076][T26498] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 874.664133][T26498] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 874.667426][T26498] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 874.670629][T26498] VM DIAGNOSIS: 23:08:59 Registers: info registers vcpu 0 CPU#0 RAX=0000000000b9dcfc RBX=0000000000000000 RCX=ffffffff8adc1c19 RDX=ffffed1005806fde RSI=ffffffff8b8fb560 RDI=ffffffff8167257c RBP=fffffbfff1b12af8 RSP=ffffffff8d807e20 R8 =0000000000000000 R9 =ffffed1005806fdd R10=ffff88802c037eeb R11=0000000000000000 R12=0000000000000000 R13=ffffffff8d8957c0 R14=ffffffff8fe29410 R15=0000000000000000 RIP=ffffffff8adc300f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c000000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000203b4000 CR3=000000002af12000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000064 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff84f94295 RDI=ffffffff94d59e00 RBP=ffffffff94d59dc0 RSP=ffffc90006d8ebb8 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=722d302e30312e36 R12=0000000000000000 R13=0000000000000064 R14=ffffffff84f94230 R15=0000000000000000 RIP=ffffffff84f942bf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802c100000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000203c3000 CR3=0000000029ae6000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4a065b785d4c00f9 8f9c387f9a736651 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a961d6e513de34ae e6478e8f6635f867 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 d4fb2db6de5b507b e5efb499858a985b ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 df69a6dd75458985 71cb4f1a074d663b ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000ffffffff 00000000000000b4 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000034 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 515f37841a36e938 fb2bdb49d9d503bd ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 754e4b29d292dd4e 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 be728c0fa63c5061 cb096ee0316094ee ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 24cc7f0400000000 4aa2e501992fec94 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 897dc00712d5387e 40d661625ea542e7 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 9be9e662e13112d7 ed9496b4b8629c01 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=ffffc90002dcf020 RCX=ffffc90002dcf054 RDX=ffff88801f430000 RSI=ffffffff813ca1c2 RDI=ffffc90002dcff00 RBP=0000000000000001 RSP=ffffc90002dcef98 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=dffffc0000000000 R12=ffffc90002dcff00 R13=0000000000000001 R14=0000000000000001 R15=0000000000000001 RIP=ffffffff813c7a40 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fbdd569bd00 ffffffff 00c00000 GS =0000 ffff88802c200000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000055ac7829d000 CR3=000000001c208000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 0054454955510029 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 005445495551000c ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 ZMM21=beb2158cbeb2158c beb2158cbeb2158c beb2158cbeb2158c beb2158cbeb2158c beb2158cbeb2158c beb2158cbeb2158c beb2158cbeb2158c beb2158cbeb2158c ZMM22=82a69f1a82a69f1a 82a69f1a82a69f1a 82a69f1a82a69f1a 82a69f1a82a69f1a 82a69f1a82a69f1a 82a69f1a82a69f1a 82a69f1a82a69f1a 82a69f1a82a69f1a ZMM23=771b67ed771b67ed 771b67ed771b67ed 771b67ed771b67ed 771b67ed771b67ed 771b67ed771b67ed 771b67ed771b67ed 771b67ed771b67ed 771b67ed771b67ed ZMM24=581528a2581528a2 581528a2581528a2 581528a2581528a2 581528a2581528a2 581528a2581528a2 581528a2581528a2 581528a2581528a2 581528a2581528a2 ZMM25=9b89148e9b89148e 9b89148e9b89148e 9b89148e9b89148e 9b89148e9b89148e 9b89148e9b89148e 9b89148e9b89148e 9b89148e9b89148e 9b89148e9b89148e ZMM26=89dee8c289dee8c2 89dee8c289dee8c2 89dee8c289dee8c2 89dee8c289dee8c2 89dee8c289dee8c2 89dee8c289dee8c2 89dee8c289dee8c2 89dee8c289dee8c2 ZMM27=c3f501eac3f501ea c3f501eac3f501ea c3f501eac3f501ea c3f501eac3f501ea c3f501eac3f501ea c3f501eac3f501ea c3f501eac3f501ea c3f501eac3f501ea ZMM28=000000300000002f 0000002e0000002d 0000002c0000002b 0000002a00000029 0000002800000027 0000002600000025 0000002400000023 0000002200000021 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=232f0000232f0000 232f0000232f0000 232f0000232f0000 232f0000232f0000 232f0000232f0000 232f0000232f0000 232f0000232f0000 232f0000232f0000 info registers vcpu 3 CPU#3 RAX=00000000006588f4 RBX=0000000000000003 RCX=ffffffff8adc1c19 RDX=ffffed1005866fde RSI=ffffffff8b8fb560 RDI=ffffffff8167257c RBP=ffffed1002c6d488 RSP=ffffc90000497e08 R8 =0000000000000000 R9 =ffffed1005866fdd R10=ffff88802c337eeb R11=0000000000000000 R12=0000000000000003 R13=ffff88801636a440 R14=ffffffff8fe29410 R15=0000000000000000 RIP=ffffffff8adc300f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c300000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000055976ca71da8 CR3=0000000051880000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000400 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000