last executing test programs: 4m54.104056235s ago: executing program 0 (id=8149): r0 = syz_io_uring_setup(0xe43, &(0x7f0000000380)={0x0, 0x5f39, 0x0, 0x3, 0xfffffffd}, &(0x7f0000000340)=0x0, &(0x7f0000000280)) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) r2 = eventfd2(0x5, 0x1) io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r0, 0x7, &(0x7f0000000000)=r2, 0x1) io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0x0) 4m54.101221165s ago: executing program 1 (id=8156): r0 = socket$inet_udplite(0x2, 0x2, 0x88) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3400000011000100000000000000000007000000", @ANYRES32, @ANYBLOB="000000000000000014001a80100005800c000880080001"], 0x34}}, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', 0x0}) r2 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="340000001300290a000000000000000007000000", @ANYRES32=r1], 0x34}}, 0x0) 4m53.135257325s ago: executing program 0 (id=8159): pipe2(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) vmsplice(r0, 0x0, 0x0, 0x0) 4m53.134237666s ago: executing program 1 (id=8151): r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000100)={0x0, 0x4}, 0x8) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000180)=[@in={0x2, 0x4e21, @empty}], 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000140)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f0000000000)=[{&(0x7f00000001c0)='N', 0x1}], 0x1, 0x0, 0x0, 0x804c040}, 0x4000891) setsockopt$inet_sctp_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000280)={0x0, 0x6}, 0x8) 4m52.890164669s ago: executing program 0 (id=8154): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000040)=0x90000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000240)={@hyper}) ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, &(0x7f0000000000)={{@my=0x1}, @my=0x1, 0x0, 0x0, 0x421}) ioctl$IOCTL_VMCI_QUEUEPAIR_SETPF(r0, 0x7a9, &(0x7f00000003c0)={{@my=0x1}, 0xfff, 0xffffffffffffffff, 0x0, 0x0, 0x80000, 0x2, 0x1000000000ff6, 0x58df}) 4m52.752806168s ago: executing program 0 (id=8165): r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) mkdir(&(0x7f0000000100)='./file0\x00', 0x48) mount$fuse(0x0, &(0x7f00000042c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x227) 4m52.693451613s ago: executing program 0 (id=8167): ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000040)={0x82, 0x3, 0x0, 0x717e387b, 0x40, "1ae34e0626788a22b2fb12dab240794233a5bd", 0x4, 0x2}) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x60081, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x15) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0x75, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x9c}, [@initr0]}, 0x0}, 0x94) ioctl$TCSETS(r0, 0x404c4701, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x400000, 0x14, "3eccd8000000000000000010000000040100"}) 4m52.512960781s ago: executing program 0 (id=8163): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TCFLSH(r0, 0x400455c8, 0x4) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r1, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6) 4m52.451492384s ago: executing program 32 (id=8163): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TCFLSH(r0, 0x400455c8, 0x4) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r1, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6) 4m52.2746932s ago: executing program 1 (id=8166): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f0000000440)={@val={0x70}, @void, @eth={@broadcast, @remote, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x452c, 0x0, 0x6000, 0x0, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, {0x4000, 0x6558, 0x18, 0x0, @wg=@data={0x4, 0x0, 0xffffdd86}}}}}}}, 0xfdef) 4m52.171105362s ago: executing program 1 (id=8168): r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) mkdir(&(0x7f0000000100)='./file0\x00', 0x48) mount$fuse(0x0, &(0x7f00000042c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x227) 4m52.084334638s ago: executing program 1 (id=8169): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/110, 0x14b}, {&(0x7f0000000280)=""/85, 0x53}, {&(0x7f0000000fc0)=""/4096, 0x564}, {&(0x7f0000000400)=""/106, 0x14}, {&(0x7f0000000740)=""/73, 0x60}, {&(0x7f0000000200)=""/77, 0x630}, {&(0x7f00000007c0)=""/154, 0x4a}, {&(0x7f0000000100)=""/16, 0x158}], 0x8, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x2, &(0x7f0000003700)={0x77359400}) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x3a}) 4m51.784616623s ago: executing program 1 (id=8171): r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80) r1 = bpf$ITER_CREATE(0xb, &(0x7f00000004c0)={r0}, 0x8) close(r1) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r0, 0x8, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) bpf$BPF_LINK_UPDATE(0x1d, &(0x7f00000005c0)={r1, r0, 0x4, r0}, 0x10) 4m51.749024268s ago: executing program 33 (id=8171): r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80) r1 = bpf$ITER_CREATE(0xb, &(0x7f00000004c0)={r0}, 0x8) close(r1) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r0, 0x8, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) bpf$BPF_LINK_UPDATE(0x1d, &(0x7f00000005c0)={r1, r0, 0x4, r0}, 0x10) 4m22.752896016s ago: executing program 4 (id=8744): r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = dup(r0) io_setup(0x19, &(0x7f00000009c0)=0x0) io_submit(r2, 0x1, &(0x7f0000000500)=[&(0x7f0000000200)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0, r1}]) ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000000)=0x7ff) 4m22.465496407s ago: executing program 4 (id=8758): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000000300)={0x4376ea830d54549b, 0x0, [0x4, 0x0, 0x0, 0x0, 0x0, 0x6]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 4m22.359106064s ago: executing program 4 (id=8754): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) lsetxattr$security_capability(&(0x7f0000000080)='./cgroup/cgroup.procs\x00', &(0x7f0000000140), 0x0, 0x0, 0x0) 4m22.301452918s ago: executing program 4 (id=8759): mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x3) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000000)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1edc01, 0x0) mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000180)='./file0/../file0\x00', 0x0, 0x887008, 0x0) 4m22.220594589s ago: executing program 4 (id=8761): r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'gretap0\x00', 0x0}) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000180)=0x19ca, 0x4) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4) sendto$packet(r0, &(0x7f00000000c0)="3f03fe7feee8140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c153cfdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0xc9, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14) 4m22.02591293s ago: executing program 4 (id=8765): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x4c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x7}, @NFTA_SET_EXPR={0x10, 0x11, 0x0, 0x1, @counter={{0xc}, @void}}]}, @NFT_MSG_NEWSETELEM={0x3c, 0xc, 0xa, 0x101, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x10, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xd0}, 0x1, 0x0, 0x0, 0x8000}, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000100)={'batadv_slave_1\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="9000000010000305000000000000000000000700", @ANYRES32=0x0, @ANYBLOB="996e06004d4c0700540012800800010068737200480002800500030008000000050003000500000005000300fd00000008000200", @ANYRES32=r1, @ANYBLOB="08000100", @ANYRES32=r2], 0x90}}, 0x0) 4m21.928360925s ago: executing program 34 (id=8765): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x4c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x7}, @NFTA_SET_EXPR={0x10, 0x11, 0x0, 0x1, @counter={{0xc}, @void}}]}, @NFT_MSG_NEWSETELEM={0x3c, 0xc, 0xa, 0x101, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x10, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xd0}, 0x1, 0x0, 0x0, 0x8000}, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000100)={'batadv_slave_1\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="9000000010000305000000000000000000000700", @ANYRES32=0x0, @ANYBLOB="996e06004d4c0700540012800800010068737200480002800500030008000000050003000500000005000300fd00000008000200", @ANYRES32=r1, @ANYBLOB="08000100", @ANYRES32=r2], 0x90}}, 0x0) 4m20.954195582s ago: executing program 2 (id=8793): r0 = socket$kcm(0xa, 0x1, 0x106) sendmsg$kcm(r0, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @dev, 0x3}, 0x80, 0x0}, 0xe07e872420dfefca) r1 = socket$kcm(0x10, 0x2, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, &(0x7f0000001580)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000afcd48d6494d614dcc6fab5335ec470db2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f21caf5adcf960569c00cc1199684fa7c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c987d669f381faca0f9d9924be41a9169bdfaf16da915b2e249ee1c6eee84309e7a23c19a39484809539fcb4e0b6eab1aa7d55545a34effa077faa55c59e88254f54077f799bf168301000000bf2255d6a0244d35b213bda84cc172afd8cc2e47a7d8b85a5e3d77ac463920e231b7ae0da8616d2b7958f91f5da6c025d060ab186d94af98af1da2b5952eb15855933a212304e035f7a35dfc72c81256a55a25f8fe3b28d7e53c78fbfe5ab0255f347160ec83070000000000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab8b4b380a00d72bc0480f949c479757306720399379d9271cf555c14d56b51c2298237bebfc08e0d5976a942b846970cfd98b9d4139f1111f2dc5e46ac1c60a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d570ecb5e8cddbed65ff702000000a3ff4f8a4cf796b07a6ff61c5552417fd703f7f14d8b78a602ca3cdf6a662d8bc9c89c9120072a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e558d17879570c8ad943e392955f4f979ea13201bafe4f0f6ea508000000a0c548552b571bed5647323c78a996810000000571cbb17d9f37282462f0e9c147c0d497c61433c6ccc35601eef97ee611be8c97f4151fcda6cb799c6e924966a7f90bf8fd1e75ee76bd72346cfbb526890aa7fe5e68949a3b30567e54d3504723177d356c4604bca492ecec37e83efceefd7ca2000000000000000585451c6a145074343caea5c4bf690441974b155f5adc681a03c0bbb8358856175e2ce8b0cbbbe3c033e54ffcebde1d9d3d350000000000000000e0f209150a07682c4e14e3a83558df6f3fc97f1730a136bdee07e98cb984b2e2304a1b63afefdb636e56bbaae4e62136574bc6371a0bb2be1a962aae9c1258da6ef590e1d85ea9e12b3025f43e7e08ccffc5064dea4c39cf4b98e1fc6efb5978f51e16b678eca0b658a56008948e561a9845e4fffae2bdb1d0b923b272341c5e093fd66a2946501559335781092cf8ce987c56cd31121624d7455f2a3666276c3c0e812b28e2f30d035cee5d0e77a3c72208ec651cc0ae637fa474816bc59d2e2a00092419304b338a987e9d3044d856ce24f370030be3b5f79f030b8d3ebce68663ef5af469abe753314fae31a0445859a5ece8fb11a4ee8e46354c9c3a041a1e7b55c4e81dba1e12289ee34463aaf28345bde0c195bc9f022ca8ce37ed85464c31679053e7f9d04bb5cb51da0b7958989fd70f241262d0af3246eb4fc4bda345360200000001fbddeacd3adaa4d2715e21c772ccd44341f7fd53df58ae791ee8b489a7c9efe3625a9d971b5997485d6a063dc6f7359e2eccc2fb39d419de1a7b5c9dc22c96295a4601adf59d44e58eb1c60b3475be31a9b7cf42b6402312d2725b8d9fa700a86407e79ae29d2c117ca65fc86c2dce97aa03279a66ec87122219b0f796ab92b1adecae50fdb408c8a80f7f02f750d6c977a1919f9f69a6cfefdf879d447df53f3b9b70d10355b07466d1ef0056b5af553d18a6cc50feeb7bfad9b7be3283b6450d264e7712d2f1d7004548b19162cef04d18d4f5987baab97a9bfbd8f185b5631820420b00a13e3f0e21c882c66f4f05ffb6d95e07de02205fca4f18a2eb5b63e45d01"], 0x0, 0xffff934c, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xbdc}, 0x94) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e020023000b02d25a806f8c6394f90224fc602f1a99000a740100053582c137153e370248018000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 4m20.88051243s ago: executing program 2 (id=8794): setrlimit(0x1e3d50de03aa3d1, 0x0) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='tmpfs\x00', 0x0, &(0x7f00000001c0)='grpquota') r0 = creat(&(0x7f0000000440)='./file0/file0\x00', 0x188) quotactl_fd$Q_SETINFO(r0, 0xffffffff80000601, 0x0, &(0x7f0000000300)={0x8, 0x8, 0x1, 0x5}) 4m20.8800479s ago: executing program 2 (id=8795): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1, 0x1, 0x4, 0x8, 0x0, 0xffffffffffffffff, 0x6}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xd, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = socket$packet(0x11, 0x2, 0x300) setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000280)=r1, 0x4) syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff) 4m20.840891571s ago: executing program 2 (id=8797): mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x3) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000000)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1edc01, 0x0) mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000180)='./file0/../file0\x00', 0x0, 0x887008, 0x0) 4m20.774993605s ago: executing program 2 (id=8798): r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a300000000048000000030a05020000000000000000010000000900030073797a320000000014000480080002400000000008000140000000000900010073797a3000000000080007006e6174003c000000060a01040000000000000000010000001400048010000180090001006d6173710000000008000b4000000000090001"], 0xcc}, 0x1, 0x0, 0x0, 0x20000044}, 0x0) sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="3400000013000100000000000000000007000000", @ANYRES32=r1, @ANYBLOB="000000000000000014001a80100004800c00058008"], 0x34}}, 0x0) 4m20.505269387s ago: executing program 2 (id=8802): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$inet_sctp(0x2, 0x5, 0x84) r2 = syz_genetlink_get_family_id$batadv(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000800)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000006c0)={0x24, r2, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r3}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x8040}, 0x40) 4m20.469649879s ago: executing program 35 (id=8802): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$inet_sctp(0x2, 0x5, 0x84) r2 = syz_genetlink_get_family_id$batadv(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000800)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000006c0)={0x24, r2, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r3}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x8040}, 0x40) 2m50.334956441s ago: executing program 7 (id=10599): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0) mount$fuse(0x0, 0x0, &(0x7f0000000380), 0x0, 0x0) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x0, {0x7, 0x1f, 0x0, 0x202, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000}}, 0xffffffffffffff8d) write$FUSE_ENTRY(r0, 0x0, 0x0) write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b) 2m50.046135398s ago: executing program 7 (id=10609): syz_open_dev$hidraw(&(0x7f0000000940), 0x0, 0x4a141) eventfd2(0x0, 0x0) r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x2, 0x7fffff7f}]}) openat$mice(0xffffff9c, &(0x7f0000000080), 0x8000) close_range(r0, 0xffffffffffffffff, 0x0) 2m49.90293552s ago: executing program 7 (id=10620): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00'}, 0x10) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) r0 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x84, &(0x7f00000003c0)={0x0, @in6={{0xa, 0x4e21, 0xffffffff, @mcast2, 0x6}}, 0x100}, &(0x7f0000000340)=0x90) 2m49.717632395s ago: executing program 7 (id=10633): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$nfs4(&(0x7f0000000040)='/', &(0x7f0000000080)='./file0\x00', 0x0, 0x197841, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) 2m49.717515689s ago: executing program 7 (id=10634): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000400)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581", @ANYRES8], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000b00)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="00000f00"], 0x0, 0x0, 0x0, 0x0}, 0x0) r1 = syz_open_dev$hiddev(&(0x7f0000000080), 0x0, 0x180) ioctl$HIDIOCGUSAGE(r1, 0xd01c4813, &(0x7f00000000c0)={0x2, 0xffffffff, 0x0, 0x2, 0xfffffffd, 0x2}) 2m49.438449636s ago: executing program 7 (id=10646): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000008000)={0x1, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="b70000000000000007000000000000009500000000000000a9171809f8dcf159569d5475991f7de1a0d0c119cfcf6b98741c23fb7f8d3002ec85db75af955427e91496087a51a0a78f269a9e216a0d0177c4fe3552396a180330807a5b6e8c79aa92038c78d1f16c1323f0e0c8d45c641a21757847cb22230e4321cc3581e40c62c4defee8cffe359cfeef7f58fffdb48647d28ae810f6d22d20271e9e88e94aa6982bf48356652b08e2fbd404e41e0058aae0478fbe542b648421d1b4486a542a7d478fbe6b5e000000293853f9c68e235184b7ad5b6c4fe70ec8320500db0db7fda3da6171a05509ffecef2cb9802d4f36c9a1ce46d3b355fec188ccfc2f0fc89e164561fb06ee9a0153981a47b5de9edd3536d5534f9a699f73b2c9341d2d05043748ce1f4577ed76cdf5b3c697089daa4abda69a8c0c992404610a6be9e103c972459065dec0488e85a6a0418fc87dd8019ef7bb4ef4fa6ee08d81797570578f2e8198e687012f25a69a90e7515e35f8abbddfa96c3f0485f01f0e9e144a2bd31c1b594c50de7c9efd826f1e19b7bd89ca4052b1985287bd13957a48467e0eeddf564d175bf4340885b63976df609806c3b2a3667539dfd66a7400000000003be6026e60205f761ce85cdf75cdb95ca5d32b5bf87eed4184d49f8f48181ef2419efe82ebb18ee55772d562b3b49551714e805a5211a3f4e8e703c03e23b2074bc573dbb66d59e269b722637c4a2efb5241cae2f14774609ad91d66724c438455dc4fcf0b4c8fc235f6c190b4c82bb2556d1fbcd4468369e98e900c743162ce2c7e60610acf0c8e4ba94a7e7127c7de0e6c35acecee1b8434fdca4579f9ebc6a515f7d910b466eb583fb0a7e65fbecb2b8ee0e9da33afb88aa5da8da3a5e0e58fcb48de6f165826b046a8951a47e040bd419d0efa0f54e8e3694085a7bde6f6494968d8200000000000"], &(0x7f0000003ff6)='syzkaller\x00', 0x1, 0xc3, &(0x7f00000002c0)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff37}, 0x48) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_int(r1, 0x1, 0x1000000000000f, &(0x7f0000000080)=0x7fffffff, 0x4) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) setsockopt$sock_attach_bpf(r1, 0x1, 0x34, &(0x7f0000000040)=r0, 0x4) 2m49.396777323s ago: executing program 36 (id=10646): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000008000)={0x1, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="b70000000000000007000000000000009500000000000000a9171809f8dcf159569d5475991f7de1a0d0c119cfcf6b98741c23fb7f8d3002ec85db75af955427e91496087a51a0a78f269a9e216a0d0177c4fe3552396a180330807a5b6e8c79aa92038c78d1f16c1323f0e0c8d45c641a21757847cb22230e4321cc3581e40c62c4defee8cffe359cfeef7f58fffdb48647d28ae810f6d22d20271e9e88e94aa6982bf48356652b08e2fbd404e41e0058aae0478fbe542b648421d1b4486a542a7d478fbe6b5e000000293853f9c68e235184b7ad5b6c4fe70ec8320500db0db7fda3da6171a05509ffecef2cb9802d4f36c9a1ce46d3b355fec188ccfc2f0fc89e164561fb06ee9a0153981a47b5de9edd3536d5534f9a699f73b2c9341d2d05043748ce1f4577ed76cdf5b3c697089daa4abda69a8c0c992404610a6be9e103c972459065dec0488e85a6a0418fc87dd8019ef7bb4ef4fa6ee08d81797570578f2e8198e687012f25a69a90e7515e35f8abbddfa96c3f0485f01f0e9e144a2bd31c1b594c50de7c9efd826f1e19b7bd89ca4052b1985287bd13957a48467e0eeddf564d175bf4340885b63976df609806c3b2a3667539dfd66a7400000000003be6026e60205f761ce85cdf75cdb95ca5d32b5bf87eed4184d49f8f48181ef2419efe82ebb18ee55772d562b3b49551714e805a5211a3f4e8e703c03e23b2074bc573dbb66d59e269b722637c4a2efb5241cae2f14774609ad91d66724c438455dc4fcf0b4c8fc235f6c190b4c82bb2556d1fbcd4468369e98e900c743162ce2c7e60610acf0c8e4ba94a7e7127c7de0e6c35acecee1b8434fdca4579f9ebc6a515f7d910b466eb583fb0a7e65fbecb2b8ee0e9da33afb88aa5da8da3a5e0e58fcb48de6f165826b046a8951a47e040bd419d0efa0f54e8e3694085a7bde6f6494968d8200000000000"], &(0x7f0000003ff6)='syzkaller\x00', 0x1, 0xc3, &(0x7f00000002c0)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff37}, 0x48) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_int(r1, 0x1, 0x1000000000000f, &(0x7f0000000080)=0x7fffffff, 0x4) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) setsockopt$sock_attach_bpf(r1, 0x1, 0x34, &(0x7f0000000040)=r0, 0x4) 5.270764387s ago: executing program 5 (id=13391): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x9e46, &(0x7f0000006680)) madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15) mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0) mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil) set_tid_address(0x0) 4.549353988s ago: executing program 5 (id=13398): madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) r0 = getpid() r1 = syz_pidfd_open(r0, 0x0) setns(r1, 0x24020000) syz_clone(0x498144eedbea24c9, 0x0, 0x1e, 0x0, 0x0, 0x0) syz_clone(0x904000, 0x0, 0x5f, 0x0, 0x0, 0x0) 4.414292708s ago: executing program 3 (id=13402): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x50) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x2, 0x4, 0x3, 0x5, 0x1000, 0xffffffffffffffff, 0x6}, 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000000000000850000008600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000040)={r2}, 0xc) 4.360107615s ago: executing program 3 (id=13403): openat$nullb(0xffffffffffffff9c, 0x0, 0x282, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000200), 0x4000000004002, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000007, 0x38011, r1, 0x0) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17) sync() 4.024374784s ago: executing program 3 (id=13409): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x9e46, &(0x7f0000006680)) madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15) mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0) mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil) set_tid_address(0x0) 1.529740955s ago: executing program 8 (id=13410): syz_usb_connect(0x5, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e"], 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40a01, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="001c86dd2000100000004000000060ec97000fc83c00fe8000000000000000000000000000aaff02000000000000000000000000000106"], 0xffe) 1.527929622s ago: executing program 6 (id=13419): r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) r1 = socket$kcm(0x23, 0x2, 0x0) readv(r1, &(0x7f0000000780)=[{&(0x7f0000000280)=""/206, 0xce}], 0x1) timer_settime(0x0, 0x1, &(0x7f00000002c0)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0) 1.527073038s ago: executing program 5 (id=13411): r0 = syz_open_procfs(0x0, &(0x7f0000000000)='mountinfo\x00') r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000380)={0x10000018}) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x0, 0x0) umount2(&(0x7f00000002c0)='./file0\x00', 0x0) 1.526177682s ago: executing program 3 (id=13420): r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000200), 0x80a02, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000080)={0x1, "0600000000000000c64c3b6e6ff82a75e5318fca4288c2ffbdbec772020acd2c", 0xffffffffffffffff}) dup3(r1, r0, 0x0) r2 = syz_io_uring_setup(0x3924, &(0x7f0000000080)={0x0, 0x2, 0x10100, 0x0, 0x1}, &(0x7f0000000780)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000380)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r2, 0x2def, 0x0, 0x0, 0x0, 0x0) 1.460550223s ago: executing program 5 (id=13412): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r1, 0x2000) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) mremap(&(0x7f000020e000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17) 1.460255118s ago: executing program 3 (id=13413): r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000480)) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040301, 0x0) r2 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000500)={0x0, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc) ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(r2, 0xc0684113, &(0x7f0000000040)={0x1, 0xfffff7fe, 0x10, 0x4000a, 0x8, 0x3, 0x6, 0x11, 0x7, 0x200, 0xffffffff, 0x4}) 284.507463ms ago: executing program 8 (id=13414): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x8) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@metacopy_on}]}) r0 = syz_open_procfs(0x0, &(0x7f0000000700)='mounts\x00') read$FUSE(r0, &(0x7f0000000980)={0x2020}, 0x2020) 284.395243ms ago: executing program 3 (id=13415): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000105509147200ed0000000109022400010000000009040000030300000009210000000122050009058103"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000100)={0x2c, &(0x7f0000000280)=ANY=[@ANYBLOB="200617"], 0x0, 0x0, 0x0, 0x0}, 0x0) r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$DEVLINK_CMD_RATE_GET(0xffffffffffffffff, &(0x7f0000001780)={0x0, 0x0, &(0x7f0000001740)={&(0x7f0000000000)={0x34, 0x0, 0x1, 0x0, 0x0, {0x5}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}}, 0x80) sendmsg$netlink(r1, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140100001400210200000000fcdbdf2503"], 0x114}], 0x1}, 0x40014) 279.740324ms ago: executing program 6 (id=13425): r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x101001) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r1, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000180)=[0x0], 0x1}) ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r1, 0xc02064b9, &(0x7f0000000100)={&(0x7f0000000240)=[0x0, 0x0], &(0x7f00000001c0), 0x2, r2, 0xeeeeeeee}) ioctl$DRM_IOCTL_MODE_GETPROPERTY(r0, 0xc04064aa, &(0x7f0000000140)={0x0, 0x0, r3}) 278.718542ms ago: executing program 5 (id=13416): r0 = socket$unix(0x1, 0x1, 0x0) r1 = dup(r0) r2 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) ioctl$int_in(r2, 0x40000000af01, 0x0) ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000340)) ioctl$VHOST_NET_SET_BACKEND(r2, 0x4008af30, &(0x7f00000003c0)={0x1, r1}) 247.287102ms ago: executing program 5 (id=13418): openat$nullb(0xffffffffffffff9c, 0x0, 0x282, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000200), 0x4000000004002, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000007, 0x38011, r1, 0x0) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17) sync() 237.88005ms ago: executing program 8 (id=13421): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x7}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)={0x30, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x30}}, 0x0) sendmsg$NL80211_CMD_GET_MPP(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)={0x28, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa}]}, 0x28}}, 0x0) 234.164514ms ago: executing program 6 (id=13422): mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0) mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000) syz_clone(0x20000, 0x0, 0x2c, 0x0, 0x0, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f0000cab000)) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000) 194.102483ms ago: executing program 8 (id=13423): r0 = socket$pppl2tp(0x18, 0x1, 0x1) r1 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @dev}, 0x2}}, 0x2e) close(r0) r2 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r2, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, 0xffffffffffffffff, {0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x2}}, 0x2, 0x0, 0x0, 0x2}}, 0x2e) 132.518546ms ago: executing program 8 (id=13424): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x200000000000011, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x509, &(0x7f0000000040)={&(0x7f00000001c0)=@RTM_NEWMDB={0x38, 0x54, 0x1e5, 0x0, 0x0, {0x7, r2}, [@MDBA_SET_ENTRY={0x20, 0x1, {r4, 0x0, 0x0, 0x0, {@ip4=@broadcast, 0x86dd}}}]}, 0x38}}, 0x0) 132.233418ms ago: executing program 8 (id=13426): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge0\x00', 0x0}) r3 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000", @ANYRES32=r2, @ANYBLOB="00000000000000001c001a800800028008000200080000003e120000080002001040e5"], 0x44}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0x2000000, 0x0, {0x0, 0x0, 0x0, r2, {}, {}, {0x9}}}, 0x24}}, 0x0) 93.284716ms ago: executing program 6 (id=13427): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000540)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r1 = accept4(r0, 0x0, 0x0, 0x80800) sendmmsg$alg(r1, &(0x7f00000002c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg$can_raw(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001c00)=""/4096, 0x1000}], 0x1}, 0x10120) 548.175µs ago: executing program 6 (id=13428): r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/cgroup.procs\x00', 0x40000, 0x6) pread64(r0, &(0x7f0000000040)=""/152, 0x98, 0x7) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r2 = openat$cgroup_procs(r1, &(0x7f00000000c0)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r2, &(0x7f0000000380), 0x12) 0s ago: executing program 6 (id=13429): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x18, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r1, 0x0, 0x9}, 0x18) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) setrlimit(0x7, &(0x7f0000000000)={0x4, 0x6}) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000100)={0x4}) 0s ago: executing program 6 (id=13431): syz_usb_connect(0x4, 0x0, 0x0, &(0x7f0000000980)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x4, &(0x7f0000000240)=@lang_id={0x4, 0x3, 0xf0ff}}]}) r0 = syz_open_dev$evdev(&(0x7f0000001540), 0x0, 0x0) ioctl$EVIOCGLED(r0, 0x5452, &(0x7f0000000240)=""/77) ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f0000000180)={0x57, 0x0, 0x0, {0xfffe, 0x1}, {0x74, 0x2}, @const={0x6, {0x7f, 0x0, 0x8000, 0xfffd}}}) r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x78, 0x822b01) write$char_usb(r1, &(0x7f0000000040)="e2", 0x1068) kernel console output (not intermixed with test programs): [ 572.955865][ T1329] plantronics 0003:047F:FFFF.0047: unknown main item tag 0x0 [ 572.958146][ T1329] plantronics 0003:047F:FFFF.0047: unknown main item tag 0x0 [ 572.960456][ T1329] plantronics 0003:047F:FFFF.0047: unknown main item tag 0x0 [ 572.962764][ T1329] plantronics 0003:047F:FFFF.0047: unknown main item tag 0x0 [ 572.965273][ T1329] plantronics 0003:047F:FFFF.0047: unknown main item tag 0x0 [ 572.967910][ T1329] plantronics 0003:047F:FFFF.0047: unknown main item tag 0x0 [ 572.970384][ T1329] plantronics 0003:047F:FFFF.0047: unknown main item tag 0x0 [ 572.972932][ T1329] plantronics 0003:047F:FFFF.0047: unknown main item tag 0x0 [ 572.975467][ T1329] plantronics 0003:047F:FFFF.0047: unknown main item tag 0x0 [ 572.982549][ T1329] plantronics 0003:047F:FFFF.0047: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.6-1/input0 [ 573.214771][ T9] usb 11-1: USB disconnect, device number 13 [ 573.543010][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 573.773836][T31092] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 573.839946][ T40] audit: type=1326 audit(1754936070.934:8454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31089 comm="syz.6.11195" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x0 [ 574.342710][ T6455] usb 13-1: new high-speed USB device number 6 using dummy_hcd [ 574.494644][ T6455] usb 13-1: Using ep0 maxpacket: 32 [ 574.497710][ T6455] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 574.501112][ T6455] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 574.504250][ T6455] usb 13-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 574.507040][ T6455] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 574.511267][ T6455] usb 13-1: config 0 descriptor?? [ 574.582460][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 574.618067][ T40] audit: type=1326 audit(1754936071.714:8455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31130 comm="syz.5.11213" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f73579 code=0x0 [ 574.928166][ T6455] savu 0003:1E7D:2D5A.0048: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.8-1/input0 [ 575.196276][ T6455] usb 13-1: USB disconnect, device number 6 [ 575.611928][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 576.651427][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 576.661269][T31235] veth3: entered promiscuous mode [ 577.691567][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 578.730362][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 579.082052][T31271] __nla_validate_parse: 3 callbacks suppressed [ 579.082065][T31271] netlink: 8 bytes leftover after parsing attributes in process `syz.8.11274'. [ 579.086743][T31271] netlink: 4 bytes leftover after parsing attributes in process `syz.8.11274'. [ 579.089509][T31271] netlink: 8 bytes leftover after parsing attributes in process `syz.8.11274'. [ 579.770041][T29296] Bluetooth: hci0: command 0x1407 tx timeout [ 579.779896][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 580.809422][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 581.848844][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 582.191695][T31357] netlink: 4 bytes leftover after parsing attributes in process `syz.6.11319'. [ 582.291286][ T24] kernel write not supported for file /sequencer2 (pid: 24 comm: kworker/2:0) [ 582.324908][T31377] syzkaller1: entered promiscuous mode [ 582.326731][T31377] syzkaller1: entered allmulticast mode [ 582.441512][T31396] netlink: 8 bytes leftover after parsing attributes in process `syz.8.11329'. [ 582.447765][T31398] input: syz0 as /devices/virtual/input/input107 [ 582.784727][T31431] input: syz0 as /devices/virtual/input/input108 [ 582.888283][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 582.906196][T31440] netlink: 'syz.6.11346': attribute type 1 has an invalid length. [ 583.608832][ T9] usb 13-1: new high-speed USB device number 7 using dummy_hcd [ 583.762220][ T9] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 583.765626][ T9] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 583.769234][ T9] usb 13-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 583.773195][ T9] usb 13-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 583.775997][ T9] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 583.780310][ T9] usb 13-1: config 0 descriptor?? [ 583.927779][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 583.949183][T31487] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input109 [ 583.990588][T31490] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 584.134387][T31497] netlink: 'syz.5.11372': attribute type 12 has an invalid length. [ 584.137859][T31497] netlink: 'syz.5.11372': attribute type 29 has an invalid length. [ 584.141490][T31497] netlink: 148 bytes leftover after parsing attributes in process `syz.5.11372'. [ 584.145286][T31497] netlink: 43 bytes leftover after parsing attributes in process `syz.5.11372'. [ 584.192416][ T9] hid_parser_main: 5 callbacks suppressed [ 584.192429][ T9] plantronics 0003:047F:FFFF.0049: unknown main item tag 0x0 [ 584.196961][ T9] plantronics 0003:047F:FFFF.0049: unknown main item tag 0x0 [ 584.199528][ T9] plantronics 0003:047F:FFFF.0049: unknown main item tag 0x0 [ 584.202805][ T9] plantronics 0003:047F:FFFF.0049: unknown main item tag 0x0 [ 584.205165][ T9] plantronics 0003:047F:FFFF.0049: unknown main item tag 0x0 [ 584.207548][ T9] plantronics 0003:047F:FFFF.0049: unknown main item tag 0x0 [ 584.209947][ T9] plantronics 0003:047F:FFFF.0049: unknown main item tag 0x0 [ 584.212315][ T9] plantronics 0003:047F:FFFF.0049: unknown main item tag 0x0 [ 584.214657][ T9] plantronics 0003:047F:FFFF.0049: unknown main item tag 0x0 [ 584.216992][ T9] plantronics 0003:047F:FFFF.0049: unknown main item tag 0x0 [ 584.225690][ T9] plantronics 0003:047F:FFFF.0049: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.8-1/input0 [ 584.320338][T31510] input: syz1 as /devices/virtual/input/input110 [ 584.449773][ T6055] usb 13-1: USB disconnect, device number 7 [ 584.693702][T31535] input: syz1 as /devices/virtual/input/input111 [ 584.777472][ T24] usb 11-1: new high-speed USB device number 14 using dummy_hcd [ 584.939308][ T24] usb 11-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 584.947745][ T24] usb 11-1: config 0 interface 0 has no altsetting 0 [ 584.951567][ T24] usb 11-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 584.954420][ T24] usb 11-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 584.957007][ T24] usb 11-1: Product: syz [ 584.958673][ T24] usb 11-1: Manufacturer: syz [ 584.964840][ T24] usb 11-1: SerialNumber: syz [ 584.967321][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 584.967901][ T24] usb 11-1: config 0 descriptor?? [ 584.976798][ T24] usb 11-1: selecting invalid altsetting 0 [ 585.181148][ T6035] usb 11-1: USB disconnect, device number 14 [ 585.646334][T31573] netlink: 8 bytes leftover after parsing attributes in process `syz.3.11407'. [ 585.654818][T31573] netlink: 'syz.3.11407': attribute type 1 has an invalid length. [ 585.658245][T31573] netlink: 'syz.3.11407': attribute type 2 has an invalid length. [ 585.675378][T31575] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 585.871888][T31592] lo speed is unknown, defaulting to 1000 [ 585.924106][T31597] binfmt_misc: register: failed to install interpreter file ./file0 [ 585.932303][T31592] netlink: 24 bytes leftover after parsing attributes in process `syz.3.11415'. [ 585.940415][T31592] netlink: 24 bytes leftover after parsing attributes in process `syz.3.11415'. [ 586.006731][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 586.182360][ T40] audit: type=1326 audit(1754936083.280:8456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31626 comm="syz.6.11431" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000 [ 586.191414][ T40] audit: type=1326 audit(1754936083.280:8457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31626 comm="syz.6.11431" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000 [ 586.201446][ T40] audit: type=1326 audit(1754936083.280:8458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31626 comm="syz.6.11431" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f44579 code=0x7ffc0000 [ 586.209282][ T40] audit: type=1326 audit(1754936083.280:8459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31626 comm="syz.6.11431" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000 [ 586.215959][ T40] audit: type=1326 audit(1754936083.280:8460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31626 comm="syz.6.11431" exe="/syz-executor" sig=0 arch=40000003 syscall=329 compat=1 ip=0xf7f44579 code=0x7ffc0000 [ 586.223355][ T40] audit: type=1326 audit(1754936083.280:8461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31626 comm="syz.6.11431" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000 [ 586.231809][ T40] audit: type=1326 audit(1754936083.290:8462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31626 comm="syz.6.11431" exe="/syz-executor" sig=0 arch=40000003 syscall=319 compat=1 ip=0xf7f44579 code=0x7ffc0000 [ 586.240528][ T40] audit: type=1326 audit(1754936083.350:8463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31626 comm="syz.6.11431" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000 [ 586.247608][ T40] audit: type=1326 audit(1754936083.350:8464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31626 comm="syz.6.11431" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000 [ 586.562403][T31647] vlan3: entered allmulticast mode [ 586.564190][T31647] bond0: entered allmulticast mode [ 586.566302][T31647] bond_slave_0: entered allmulticast mode [ 586.568597][T31647] bond_slave_1: entered allmulticast mode [ 587.046415][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 587.285756][T31675] netlink: 44 bytes leftover after parsing attributes in process `syz.6.11452'. [ 587.305305][T31675] netlink: 40 bytes leftover after parsing attributes in process `syz.6.11452'. [ 587.515991][ T9] usb 13-1: new high-speed USB device number 8 using dummy_hcd [ 587.607314][T31690] vlan3: entered allmulticast mode [ 587.608983][T31690] bond0: entered allmulticast mode [ 587.610630][T31690] bond_slave_0: entered allmulticast mode [ 587.612533][T31690] bond_slave_1: entered allmulticast mode [ 587.678580][ T9] usb 13-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 587.681568][ T9] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 587.684179][ T9] usb 13-1: Product: syz [ 587.685593][ T9] usb 13-1: Manufacturer: syz [ 587.687227][ T9] usb 13-1: SerialNumber: syz [ 587.690397][ T9] usb 13-1: config 0 descriptor?? [ 587.900201][ T9] usb 13-1: USB disconnect, device number 8 [ 588.095703][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 588.103413][T31706] lo speed is unknown, defaulting to 1000 [ 588.160334][T31709] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 588.169633][T31706] netlink: 24 bytes leftover after parsing attributes in process `syz.6.11466'. [ 588.173375][T31706] netlink: 24 bytes leftover after parsing attributes in process `syz.6.11466'. [ 588.311598][T31726] team_slave_0: entered promiscuous mode [ 588.313748][T31726] team_slave_1: entered promiscuous mode [ 588.316486][T31726] macsec2: entered promiscuous mode [ 588.318130][T31726] team0: entered promiscuous mode [ 588.319971][T31726] macsec2: entered allmulticast mode [ 588.321585][T31726] team0: entered allmulticast mode [ 588.323158][T31726] team_slave_0: entered allmulticast mode [ 588.324956][T31726] team_slave_1: entered allmulticast mode [ 588.885453][ T6055] usb 10-1: new high-speed USB device number 16 using dummy_hcd [ 589.038173][ T6055] usb 10-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 589.041273][ T6055] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 589.043994][ T6055] usb 10-1: Product: syz [ 589.045516][ T6055] usb 10-1: Manufacturer: syz [ 589.047102][ T6055] usb 10-1: SerialNumber: syz [ 589.050408][ T6055] usb 10-1: config 0 descriptor?? [ 589.125271][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 589.259606][ T1329] usb 10-1: USB disconnect, device number 16 [ 589.273203][T31763] netlink: 'syz.6.11493': attribute type 11 has an invalid length. [ 589.300029][ T5979] Bluetooth: hci0: unexpected subevent 0x05 length: 11 < 12 [ 589.331733][T31767] PF_CAN: dropped non conform CAN skbuff: dev type 65534, len 63 [ 589.726814][T31785] netlink: 348 bytes leftover after parsing attributes in process `syz.8.11504'. [ 589.879703][T31793] input: syz1 as /devices/virtual/input/input112 [ 589.918946][T31795] binder: 31794:31795 ioctl c0306201 800008c0 returned -14 [ 590.164649][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 590.413024][T31841] netlink: 4 bytes leftover after parsing attributes in process `syz.8.11531'. [ 590.419048][T31841] netlink: 4 bytes leftover after parsing attributes in process `syz.8.11531'. [ 590.444524][ T1329] usb 11-1: new full-speed USB device number 15 using dummy_hcd [ 590.617227][ T1329] usb 11-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 590.620527][ T1329] usb 11-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 590.624857][ T1329] usb 11-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 590.627939][ T1329] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 590.837630][ T1329] usb 11-1: usb_control_msg returned -32 [ 590.839589][ T1329] usbtmc 11-1:16.0: can't read capabilities [ 591.214142][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 592.253609][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 592.805455][ T5979] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 592.808244][ T5979] Bluetooth: hci3: Injecting HCI hardware error event [ 592.811340][ T5979] Bluetooth: hci3: hardware error 0x00 [ 593.001945][T31907] sctp: [Deprecated]: syz.8.11554 (pid 31907) Use of struct sctp_assoc_value in delayed_ack socket option. [ 593.001945][T31907] Use struct sctp_sack_info instead [ 593.218415][ T9] usb 11-1: USB disconnect, device number 15 [ 593.293106][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 593.671568][T31970] lo speed is unknown, defaulting to 1000 [ 593.705217][T31964] block nbd5: shutting down sockets [ 594.022758][ T9] usb 10-1: new high-speed USB device number 17 using dummy_hcd [ 594.085837][T32001] netlink: 12 bytes leftover after parsing attributes in process `syz.6.11601'. [ 594.103127][T32001] 8021q: adding VLAN 0 to HW filter on device bond2 [ 594.184349][ T9] usb 10-1: config index 0 descriptor too short (expected 45, got 36) [ 594.186977][ T9] usb 10-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 594.190947][ T9] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 594.194575][ T9] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 594.198147][ T9] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 594.202132][ T9] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 594.205034][ T9] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 594.209859][ T9] usb 10-1: config 0 descriptor?? [ 594.211990][T31989] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22 [ 594.322589][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 594.621328][ T9] plantronics 0003:047F:FFFF.004A: reserved main item tag 0xd [ 594.631661][ T9] plantronics 0003:047F:FFFF.004A: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0 [ 594.882396][ T5979] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 594.886641][T25843] usb 10-1: USB disconnect, device number 17 [ 595.372076][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 595.977227][T32063] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2 [ 596.411518][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 597.441191][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 597.785327][T32192] netlink: 16 bytes leftover after parsing attributes in process `syz.3.11684'. [ 597.788718][T32192] netlink: 16 bytes leftover after parsing attributes in process `syz.3.11684'. [ 597.988271][T32209] [U] [ 598.341879][T32239] kvm: apic: phys broadcast and lowest prio [ 598.420181][T32245] overlayfs: conflicting lowerdir path [ 598.425243][T32245] overlayfs: overlay with incompat feature 'volatile' cannot be mounted [ 598.490506][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 598.530592][ T9] usb 10-1: new high-speed USB device number 18 using dummy_hcd [ 598.702136][ T9] usb 10-1: Using ep0 maxpacket: 16 [ 598.707196][ T9] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 598.710715][ T9] usb 10-1: New USB device found, idVendor=0458, idProduct=5016, bcdDevice= 0.00 [ 598.713707][ T9] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 598.720947][ T9] usb 10-1: config 0 descriptor?? [ 598.784229][T32271] can0: slcan on ptm0. [ 598.880786][T32270] can0 (unregistered): slcan off ptm0. [ 599.130474][ T9] kye 0003:0458:5016.004B: control desc unexpectedly large [ 599.134795][ T9] input: HID 0458:5016 as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.0/0003:0458:5016.004B/input/input114 [ 599.202673][ T9] input: HID 0458:5016 as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.0/0003:0458:5016.004B/input/input115 [ 599.250315][ T6015] usb 11-1: new high-speed USB device number 16 using dummy_hcd [ 599.273205][ T9] kye 0003:0458:5016.004B: input,hiddev0,hidraw0: USB HID v0.09 Device [HID 0458:5016] on usb-dummy_hcd.5-1/input0 [ 599.300270][T25843] usb 13-1: new high-speed USB device number 9 using dummy_hcd [ 599.331197][ T9] usb 10-1: USB disconnect, device number 18 [ 599.401348][ T6015] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 599.404754][ T6015] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 599.407790][ T6015] usb 11-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 599.411845][ T6015] usb 11-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 599.414764][ T6015] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 599.419052][ T6015] usb 11-1: config 0 descriptor?? [ 599.453064][T25843] usb 13-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 599.456054][T25843] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 599.458558][T25843] usb 13-1: Product: syz [ 599.459983][T25843] usb 13-1: Manufacturer: syz [ 599.461472][T25843] usb 13-1: SerialNumber: syz [ 599.467320][T25843] usb 13-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 599.494070][ T24] usb 13-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 599.520003][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 599.707180][ T6055] usb 13-1: USB disconnect, device number 9 [ 599.831998][ T6015] plantronics 0003:047F:FFFF.004C: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.6-1/input0 [ 600.091064][ T839] usb 11-1: USB disconnect, device number 16 [ 600.283884][T32343] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 600.472104][T32356] vxcan1: tx address claim with different name [ 600.559450][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 600.559550][ T24] ath9k_htc 13-1:1.0: ath9k_htc: Target is unresponsive [ 600.565002][ T24] ath9k_htc: Failed to initialize the device [ 600.568988][ T6055] usb 13-1: ath9k_htc: USB layer deinitialized [ 600.952870][T32402] can0: slcan on ptm0. [ 601.029793][T32401] can0 (unregistered): slcan off ptm0. [ 601.149227][ T6455] usb 13-1: new high-speed USB device number 10 using dummy_hcd [ 601.150060][T32417] kvm: apic: phys broadcast and lowest prio [ 601.300418][ T6455] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 601.304005][ T6455] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 601.307015][ T6455] usb 13-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 601.312168][ T6455] usb 13-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 601.315061][ T6455] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 601.319216][ T6455] usb 13-1: config 0 descriptor?? [ 601.477692][T32440] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 601.608931][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 601.613790][ T5979] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201' [ 601.618013][ T5979] CPU: 3 UID: 0 PID: 5979 Comm: kworker/u33:6 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) [ 601.618033][ T5979] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 601.618042][ T5979] Workqueue: hci1 hci_rx_work [ 601.618105][ T5979] Call Trace: [ 601.618110][ T5979] [ 601.618115][ T5979] dump_stack_lvl+0x16c/0x1f0 [ 601.618133][ T5979] sysfs_warn_dup+0x7f/0xa0 [ 601.618169][ T5979] sysfs_create_dir_ns+0x24b/0x2b0 [ 601.618184][ T5979] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 601.618198][ T5979] ? find_held_lock+0x2b/0x80 [ 601.618215][ T5979] ? do_raw_spin_unlock+0x172/0x230 [ 601.618235][ T5979] kobject_add_internal+0x2c4/0x9b0 [ 601.618255][ T5979] kobject_add+0x16e/0x240 [ 601.618272][ T5979] ? __pfx_kobject_add+0x10/0x10 [ 601.618289][ T5979] ? do_raw_spin_unlock+0x172/0x230 [ 601.618316][ T5979] ? kobject_put+0xab/0x5a0 [ 601.618335][ T5979] device_add+0x288/0x1aa0 [ 601.618356][ T5979] ? __pfx_dev_set_name+0x10/0x10 [ 601.618368][ T5979] ? __pfx_device_add+0x10/0x10 [ 601.618387][ T5979] ? mgmt_send_event_skb+0x2fb/0x460 [ 601.618404][ T5979] hci_conn_add_sysfs+0x17e/0x230 [ 601.618419][ T5979] le_conn_complete_evt+0x1075/0x1d70 [ 601.618431][ T5979] ? preempt_count_sub+0xd0/0x160 [ 601.618444][ T5979] ? rcu_is_watching+0x12/0xc0 [ 601.618456][ T5979] ? find_held_lock+0x2b/0x80 [ 601.618467][ T5979] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 601.618478][ T5979] ? hci_event_packet+0x459/0x11c0 [ 601.618491][ T5979] ? __mutex_unlock_slowpath+0x163/0x800 [ 601.618508][ T5979] hci_le_conn_complete_evt+0x23c/0x370 [ 601.618523][ T5979] hci_le_meta_evt+0x357/0x5e0 [ 601.618536][ T5979] ? __pfx_hci_le_conn_complete_evt+0x10/0x10 [ 601.618553][ T5979] hci_event_packet+0x685/0x11c0 [ 601.618566][ T5979] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 601.618579][ T5979] ? __pfx_hci_event_packet+0x10/0x10 [ 601.618592][ T5979] ? kcov_remote_start+0x3c9/0x6d0 [ 601.618609][ T5979] ? lockdep_hardirqs_on+0x7c/0x110 [ 601.618625][ T5979] hci_rx_work+0x2c5/0x16b0 [ 601.618639][ T5979] ? rcu_is_watching+0x12/0xc0 [ 601.618653][ T5979] process_one_work+0x9cc/0x1b70 [ 601.618676][ T5979] ? __pfx_process_one_work+0x10/0x10 [ 601.618698][ T5979] ? assign_work+0x1a0/0x250 [ 601.618716][ T5979] worker_thread+0x6c8/0xf10 [ 601.618741][ T5979] ? __pfx_worker_thread+0x10/0x10 [ 601.618758][ T5979] kthread+0x3c5/0x780 [ 601.618775][ T5979] ? __pfx_kthread+0x10/0x10 [ 601.618793][ T5979] ? rcu_is_watching+0x12/0xc0 [ 601.618804][ T5979] ? __pfx_kthread+0x10/0x10 [ 601.618860][ T5979] ret_from_fork+0x5d4/0x6f0 [ 601.618895][ T5979] ? __pfx_kthread+0x10/0x10 [ 601.618918][ T5979] ret_from_fork_asm+0x1a/0x30 [ 601.618949][ T5979] [ 601.702627][ T5979] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 601.707020][ T5979] Bluetooth: hci1: failed to register connection device [ 601.733301][ T6455] plantronics 0003:047F:FFFF.004D: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.8-1/input0 [ 601.777842][ T40] audit: type=1326 audit(1754936098.878:8465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32459 comm="syz.6.11805" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f44579 code=0x0 [ 602.000653][ T6055] usb 13-1: USB disconnect, device number 10 [ 602.543164][T32475] netlink: 4 bytes leftover after parsing attributes in process `syz.5.11812'. [ 602.546188][T32475] netlink: 16 bytes leftover after parsing attributes in process `syz.5.11812'. [ 602.638482][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 602.879837][ T24] kernel write not supported for file /sg0 (pid: 24 comm: kworker/2:0) [ 603.013955][T32515] input: syz0 as /devices/virtual/input/input116 [ 603.091389][ T6055] usb 10-1: new high-speed USB device number 19 using dummy_hcd [ 603.240581][ T6055] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 603.244079][ T6055] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 603.247087][ T6055] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 603.251677][ T6055] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 603.254858][ T6055] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 603.259948][ T6055] usb 10-1: config 0 descriptor?? [ 603.388669][ T53] usb 11-1: new high-speed USB device number 17 using dummy_hcd [ 603.541057][ T53] usb 11-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 603.544109][ T53] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 603.546658][ T53] usb 11-1: Product: syz [ 603.548151][ T53] usb 11-1: Manufacturer: syz [ 603.549679][ T53] usb 11-1: SerialNumber: syz [ 603.555364][ T53] usb 11-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 603.571168][ T6015] usb 11-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 603.674321][ T6055] plantronics 0003:047F:FFFF.004E: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0 [ 603.687910][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 603.757938][ T5979] Bluetooth: hci1: command 0x0406 tx timeout [ 603.791758][ T6055] usb 11-1: USB disconnect, device number 17 [ 603.929694][ T53] usb 10-1: USB disconnect, device number 19 [ 604.344261][T32543] input: syz0 as /devices/virtual/input/input117 [ 604.391112][T32547] netlink: 8 bytes leftover after parsing attributes in process `syz.8.11844'. [ 604.637447][ T6015] ath9k_htc 11-1:1.0: ath9k_htc: Target is unresponsive [ 604.639756][ T6015] ath9k_htc: Failed to initialize the device [ 604.643224][ T6055] usb 11-1: ath9k_htc: USB layer deinitialized [ 604.676122][T32572] input: syz0 as /devices/virtual/input/input118 [ 604.717540][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 604.827501][ T839] usb 10-1: new high-speed USB device number 20 using dummy_hcd [ 604.937387][ T6055] usb 11-1: new high-speed USB device number 18 using dummy_hcd [ 604.990272][ T839] usb 10-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 604.993271][ T839] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 604.995864][ T839] usb 10-1: Product: syz [ 604.997287][ T839] usb 10-1: Manufacturer: syz [ 604.998779][ T839] usb 10-1: SerialNumber: syz [ 605.003711][ T839] usb 10-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 605.015948][ T9] usb 10-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 605.098455][ T6055] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 605.101986][ T6055] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 605.105148][ T6055] usb 11-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 605.108187][ T6055] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 605.112506][ T6055] usb 11-1: config 0 descriptor?? [ 605.228618][T25843] usb 10-1: USB disconnect, device number 20 [ 605.521736][ T6055] hid_parser_main: 5 callbacks suppressed [ 605.521749][ T6055] cm6533_jd 0003:0D8C:0022.004F: unknown main item tag 0x0 [ 605.526821][ T6055] cm6533_jd 0003:0D8C:0022.004F: unknown main item tag 0x0 [ 605.531277][ T6055] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.6/usb11/11-1/11-1:0.0/0003:0D8C:0022.004F/input/input119 [ 605.542452][ T6055] cm6533_jd 0003:0D8C:0022.004F: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.6-1/input0 [ 605.725762][ T1329] usb 11-1: USB disconnect, device number 18 [ 605.756891][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 605.972709][T32606] input: syz0 as /devices/virtual/input/input120 [ 606.086780][ T9] ath9k_htc 10-1:1.0: ath9k_htc: Target is unresponsive [ 606.089281][ T9] ath9k_htc: Failed to initialize the device [ 606.092784][T25843] usb 10-1: ath9k_htc: USB layer deinitialized [ 606.796382][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 607.835866][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 608.315851][ T5979] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 608.315905][T29296] Bluetooth: hci4: command 0x1003 tx timeout [ 608.845349][ T6455] usb 11-1: new high-speed USB device number 19 using dummy_hcd [ 608.875334][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 609.006653][ T6455] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 609.010010][ T6455] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 609.013010][ T6455] usb 11-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 609.017146][ T6455] usb 11-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 609.019952][ T6455] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 609.023584][ T6455] usb 11-1: config 0 descriptor?? [ 609.434628][ T6455] plantronics 0003:047F:FFFF.0050: unknown main item tag 0x0 [ 609.437994][ T6455] plantronics 0003:047F:FFFF.0050: unknown main item tag 0x0 [ 609.440415][ T6455] plantronics 0003:047F:FFFF.0050: unknown main item tag 0x0 [ 609.442746][ T6455] plantronics 0003:047F:FFFF.0050: unknown main item tag 0x0 [ 609.446464][ T6455] plantronics 0003:047F:FFFF.0050: unknown main item tag 0x0 [ 609.449769][ T6455] plantronics 0003:047F:FFFF.0050: unknown main item tag 0x0 [ 609.452288][ T6455] plantronics 0003:047F:FFFF.0050: unknown main item tag 0x0 [ 609.454609][ T6455] plantronics 0003:047F:FFFF.0050: unknown main item tag 0x0 [ 609.460020][ T6455] plantronics 0003:047F:FFFF.0050: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.6-1/input0 [ 609.696975][ T24] usb 11-1: USB disconnect, device number 19 [ 609.858723][ T40] audit: type=1326 audit(1754936106.972:8466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32658 comm="syz.3.11895" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa8579 code=0x7fc00000 [ 609.914876][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 610.378409][ T40] audit: type=1326 audit(1754936107.492:8467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32681 comm="syz.6.11904" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f44579 code=0x0 [ 610.482712][T32691] vhci_hcd vhci_hcd.0: pdev(8) rhport(0) sockfd(3) [ 610.484815][T32691] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 610.487758][T32691] vhci_hcd vhci_hcd.0: Device attached [ 610.493213][T32692] usbip_core: unknown command [ 610.494963][T32692] vhci_hcd: unknown pdu 0 [ 610.496370][T32692] usbip_core: unknown command [ 610.499903][ T1140] vhci_hcd: stop threads [ 610.501397][ T1140] vhci_hcd: release socket [ 610.502907][ T1140] vhci_hcd: disconnect device [ 610.534925][ T40] audit: type=1326 audit(1754936107.652:8468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32658 comm="syz.3.11895" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fa8579 code=0x7fc00000 [ 610.925414][T32704] loop7: detected capacity change from 0 to 7 [ 610.928312][T32704] Dev loop7: unable to read RDB block 7 [ 610.930110][T32704] loop7: unable to read partition table [ 610.931982][T32704] loop7: partition table beyond EOD, truncated [ 610.933919][T32704] loop_reread_partitions: partition scan of loop7 (被x ) failed (rc=-5) [ 610.964332][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 611.514056][ T24] usb 13-1: new high-speed USB device number 11 using dummy_hcd [ 611.669008][ T24] usb 13-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 611.671259][ T1142] Bluetooth: hci4: Frame reassembly failed (-84) [ 611.672792][ T24] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 611.679284][ T24] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 611.682329][ T24] usb 13-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 611.686571][ T24] usb 13-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 611.689442][ T24] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 611.693557][ T24] usb 13-1: config 0 descriptor?? [ 611.929544][T32741] KVM: debugfs: duplicate directory 32741-4 [ 611.993795][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 612.105339][ T24] hid_parser_main: 7 callbacks suppressed [ 612.105353][ T24] plantronics 0003:047F:FFFF.0051: unknown main item tag 0x0 [ 612.110572][ T24] plantronics 0003:047F:FFFF.0051: unknown main item tag 0x0 [ 612.113495][ T24] plantronics 0003:047F:FFFF.0051: unknown main item tag 0x0 [ 612.116886][ T24] plantronics 0003:047F:FFFF.0051: unknown main item tag 0x0 [ 612.119797][ T24] plantronics 0003:047F:FFFF.0051: unknown main item tag 0x0 [ 612.122112][ T24] plantronics 0003:047F:FFFF.0051: unknown main item tag 0x0 [ 612.124540][ T24] plantronics 0003:047F:FFFF.0051: unknown main item tag 0x0 [ 612.126841][ T24] plantronics 0003:047F:FFFF.0051: unknown main item tag 0x0 [ 612.129142][ T24] plantronics 0003:047F:FFFF.0051: unknown main item tag 0x0 [ 612.131440][ T24] plantronics 0003:047F:FFFF.0051: unknown main item tag 0x0 [ 612.137110][ T24] plantronics 0003:047F:FFFF.0051: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.8-1/input0 [ 612.365604][ T24] usb 13-1: USB disconnect, device number 11 [ 613.043227][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 613.655900][ T320] netlink: 'syz.3.11957': attribute type 12 has an invalid length. [ 613.658408][ T320] netlink: 'syz.3.11957': attribute type 29 has an invalid length. [ 613.660935][ T320] netlink: 148 bytes leftover after parsing attributes in process `syz.3.11957'. [ 613.673018][ T5979] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 613.673254][T29296] Bluetooth: hci4: command 0x1003 tx timeout [ 613.804979][ T331] netlink: 12 bytes leftover after parsing attributes in process `syz.3.11954'. [ 613.876994][ T341] netlink: 'syz.5.11959': attribute type 12 has an invalid length. [ 613.879648][ T341] netlink: 'syz.5.11959': attribute type 29 has an invalid length. [ 613.882299][ T341] netlink: 148 bytes leftover after parsing attributes in process `syz.5.11959'. [ 613.931703][ T343] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 614.005143][ T343] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 614.072737][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 614.078993][ T343] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 614.146672][ T343] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 614.214967][ T12] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 614.223975][ T12] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 614.232272][ T12] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 614.240197][ T12] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 614.273466][ T349] netlink: 'syz.5.11971': attribute type 29 has an invalid length. [ 614.288122][T29296] Bluetooth: hci4: sending frame failed (-49) [ 614.290803][ T5979] Bluetooth: hci4: Opcode 0x1003 failed: -49 [ 614.482312][ T359] netlink: 4 bytes leftover after parsing attributes in process `syz.3.11967'. [ 614.511929][ T363] netlink: 4 bytes leftover after parsing attributes in process `syz.5.11970'. [ 614.543926][ T367] input: syz0 as /devices/virtual/input/input122 [ 614.636886][ T380] binder: 379:380 ioctl c0306201 800003c0 returned -14 [ 615.112277][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 615.911875][T24321] usb 11-1: new high-speed USB device number 20 using dummy_hcd [ 616.071833][T24321] usb 11-1: Using ep0 maxpacket: 32 [ 616.074798][T24321] usb 11-1: config 0 has an invalid interface number: 184 but max is 0 [ 616.077616][T24321] usb 11-1: config 0 has no interface number 0 [ 616.079668][T24321] usb 11-1: config 0 interface 184 has no altsetting 0 [ 616.083501][T24321] usb 11-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 616.086539][T24321] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 616.089139][T24321] usb 11-1: Product: syz [ 616.090550][T24321] usb 11-1: Manufacturer: syz [ 616.092288][T24321] usb 11-1: SerialNumber: syz [ 616.095384][T24321] usb 11-1: config 0 descriptor?? [ 616.098458][T24321] smsc75xx v1.0.0 [ 616.099718][T24321] smsc75xx 11-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22 [ 616.103084][T24321] smsc75xx 11-1:0.184: probe with driver smsc75xx failed with error -22 [ 616.151648][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 616.302675][T24321] usb 11-1: USB disconnect, device number 20 [ 616.335020][ T428] input: syz0 as /devices/virtual/input/input123 [ 616.337214][ T428] input: failed to attach handler leds to device input123, error: -6 [ 617.191205][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 617.875554][ T468] netdevsim netdevsim6 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 617.878952][ T468] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 617.960638][ T468] netdevsim netdevsim6 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 617.964121][ T468] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 618.035418][ T468] netdevsim netdevsim6 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 618.038899][ T468] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 618.114850][ T468] netdevsim netdevsim6 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 618.118159][ T468] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 618.229186][ T1240] netdevsim netdevsim6 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 618.230707][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 618.232009][ T1240] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 618.241437][ T1240] netdevsim netdevsim6 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 618.244010][ T1240] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 618.246603][ T1240] netdevsim netdevsim6 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 618.249135][ T1240] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 618.256405][ T1240] netdevsim netdevsim6 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 618.259001][ T1240] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 618.265136][ T478] input: syz0 as /devices/virtual/input/input124 [ 618.267183][ T478] input: failed to attach handler leds to device input124, error: -6 [ 618.710659][ T839] usb 10-1: new high-speed USB device number 21 using dummy_hcd [ 618.767772][ T504] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 618.856564][ T504] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 618.861052][ T839] usb 10-1: Using ep0 maxpacket: 8 [ 618.864301][ T839] usb 10-1: config 0 interface 0 has no altsetting 0 [ 618.866443][ T839] usb 10-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 618.869274][ T839] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 618.873675][ T839] usb 10-1: config 0 descriptor?? [ 618.956747][ T504] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 619.017418][ T504] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 619.107037][T24282] netdevsim netdevsim8 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 619.115138][T24282] netdevsim netdevsim8 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 619.126050][T24282] netdevsim netdevsim8 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 619.135486][T24282] netdevsim netdevsim8 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 619.270077][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 619.286727][ T839] mcp2221 0003:04D8:00DD.0052: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.5-1/input0 [ 619.487634][ T839] usb 10-1: USB disconnect, device number 21 [ 619.549239][ T524] overlayfs: statfs failed on './file1' [ 620.309617][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 621.349066][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 621.688923][ T6015] usb 11-1: new high-speed USB device number 21 using dummy_hcd [ 621.840507][ T6015] usb 11-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 621.844593][ T6015] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 621.848017][ T6015] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 621.851172][ T6015] usb 11-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 621.855284][ T6015] usb 11-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 621.858175][ T6015] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 621.861947][ T6015] usb 11-1: config 0 descriptor?? [ 622.281815][ T6015] plantronics 0003:047F:FFFF.0053: ignoring exceeding usage max [ 622.287031][ T6015] plantronics 0003:047F:FFFF.0053: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.6-1/input0 [ 622.398540][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 622.599762][ T636] kvm: user requested TSC rate below hardware speed [ 623.438091][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 623.750292][ T1421] ieee802154 phy0 wpan0: encryption failed: -22 [ 623.752373][ T1421] ieee802154 phy1 wpan1: encryption failed: -22 [ 624.246846][ T40] audit: type=1326 audit(1754936121.359:8469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=689 comm="syz.5.12117" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f73579 code=0x0 [ 624.358382][ T1329] usb 11-1: USB disconnect, device number 21 [ 624.426051][ T706] Bluetooth: MGMT ver 1.23 [ 624.446322][ T710] veth0_to_hsr: entered promiscuous mode [ 624.448833][ T710] veth0_to_hsr: left promiscuous mode [ 624.467596][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 625.327081][ T1329] usb 10-1: new high-speed USB device number 22 using dummy_hcd [ 625.379763][ T732] veth0_to_hsr: entered promiscuous mode [ 625.382618][ T732] veth0_to_hsr: left promiscuous mode [ 625.477074][ T1329] usb 10-1: Using ep0 maxpacket: 8 [ 625.480269][ T1329] usb 10-1: config 0 interface 0 has no altsetting 0 [ 625.483807][ T1329] usb 10-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 625.486882][ T1329] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 625.491095][ T1329] usb 10-1: config 0 descriptor?? [ 625.506979][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 625.903251][ T1329] mcp2221 0003:04D8:00DD.0054: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.5-1/input0 [ 626.098199][ T750] netlink: 176 bytes leftover after parsing attributes in process `syz.6.12144'. [ 626.101772][ T6055] usb 10-1: USB disconnect, device number 22 [ 626.223064][ T758] lo speed is unknown, defaulting to 1000 [ 626.330871][ T764] kvm: user requested TSC rate below hardware speed [ 626.530665][ T778] pim6reg1: entered promiscuous mode [ 626.532409][ T778] pim6reg1: entered allmulticast mode [ 626.556511][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 626.675371][ T40] audit: type=1326 audit(1754936123.790:8470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=784 comm="syz.6.12160" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f44579 code=0x0 [ 627.509308][ T822] syzkaller1: entered promiscuous mode [ 627.511436][ T822] syzkaller1: entered allmulticast mode [ 627.585999][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 627.935902][ T1329] usb 11-1: new high-speed USB device number 22 using dummy_hcd [ 627.940414][ T855] netlink: 24 bytes leftover after parsing attributes in process `syz.3.12189'. [ 627.943901][ T855] netlink: 'syz.3.12189': attribute type 1 has an invalid length. [ 627.946960][ T855] netlink: 'syz.3.12189': attribute type 2 has an invalid length. [ 627.949848][ T855] netlink: 24 bytes leftover after parsing attributes in process `syz.3.12189'. [ 628.107148][ T1329] usb 11-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 628.112266][ T1329] usb 11-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 628.115246][ T1329] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 628.117956][ T1329] usb 11-1: SerialNumber: syz [ 628.625507][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 628.744209][ T1329] cdc_ether 11-1:1.0 usb0: register 'cdc_ether' at usb-dummy_hcd.6-1, CDC Ethernet Device, 42:42:42:42:42:42 [ 629.132775][ T6055] usb 11-1: USB disconnect, device number 22 [ 629.136859][ T6055] cdc_ether 11-1:1.0 usb0: unregister 'cdc_ether' usb-dummy_hcd.6-1, CDC Ethernet Device [ 629.664895][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 630.046598][ T926] netlink: 176 bytes leftover after parsing attributes in process `syz.5.12220'. [ 630.213821][ T934] lo speed is unknown, defaulting to 1000 [ 630.704429][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 631.678095][ T944] 9pnet: p9_errstr2errno: server reported unknown error 184467 [ 631.743911][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 632.783352][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 633.266661][ T976] netlink: 24 bytes leftover after parsing attributes in process `syz.8.12237'. [ 633.822868][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 633.983216][ T6055] usb 11-1: new full-speed USB device number 23 using dummy_hcd [ 634.149531][ T6055] usb 11-1: unable to read config index 0 descriptor/start: -71 [ 634.151973][ T6055] usb 11-1: can't read configurations, error -71 [ 634.872288][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 635.567838][ T1093] tipc: Started in network mode [ 635.569502][ T1093] tipc: Node identity ac1414aa, cluster identity 4711 [ 635.572126][ T1093] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 635.575053][ T1093] tipc: Enabled bearer , priority 10 [ 635.702079][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 635.841991][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 635.911762][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 635.981897][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 636.121784][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 636.160263][ C0] vxcan1: j1939_tp_rxtimer: 0xffff88804a85b800: rx timeout, send abort [ 636.163468][ C0] vxcan1: j1939_xtp_rx_abort_one: 0xffff88804a85b800: 0x40000: (3) A timeout occurred and this is the connection abort to close the session. [ 636.197742][ T1102] netlink: 4 bytes leftover after parsing attributes in process `syz.8.12287'. [ 636.237705][ T1104] netlink: 4 bytes leftover after parsing attributes in process `syz.6.12288'. [ 636.362330][ T1120] syz_tun: entered allmulticast mode [ 636.367767][ T1118] syz_tun: left allmulticast mode [ 636.682544][T24321] tipc: Node number set to 2886997162 [ 636.821447][ C0] net_ratelimit: 3 callbacks suppressed [ 636.821459][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 636.941622][ T1160] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (148514 ns). Using initial count to start timer. [ 636.951238][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 637.101213][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 637.148053][ T40] audit: type=1326 audit(1754936134.276:8471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1113 comm="syz.8.12292" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7fc00000 [ 637.434252][ T1190] loop6: detected capacity change from 0 to 7 [ 637.439406][ T1190] Dev loop6: unable to read RDB block 7 [ 637.443429][ T1190] loop6: unable to read partition table [ 637.445841][ T1190] loop6: partition table beyond EOD, truncated [ 637.448862][ T1190] loop_reread_partitions: partition scan of loop6 (被x) failed (rc=-5) [ 637.640982][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 637.980758][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 638.440787][ T1226] netlink: 212376 bytes leftover after parsing attributes in process `syz.8.12334'. [ 638.700410][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 639.020261][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 639.039833][ T1294] netlink: 'syz.3.12362': attribute type 1 has an invalid length. [ 639.043843][ T1294] netlink: 16074 bytes leftover after parsing attributes in process `syz.3.12362'. [ 639.072770][ T1296] dvmrp0: entered allmulticast mode [ 639.139184][ T1306] netlink: 212376 bytes leftover after parsing attributes in process `syz.5.12368'. [ 639.309935][ T40] audit: type=1326 audit(1754936136.437:8472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1322 comm="syz.6.12376" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x0 [ 639.739943][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 639.752442][ T1361] hsr0: entered allmulticast mode [ 639.754098][ T1361] hsr_slave_0: entered allmulticast mode [ 639.756047][ T1361] hsr_slave_1: entered allmulticast mode [ 639.758995][ T1361] hsr_slave_0: left promiscuous mode [ 639.761722][ T1361] hsr_slave_1: left promiscuous mode [ 639.774235][ T1361] hsr0 (unregistering): left allmulticast mode [ 639.792972][ T1365] netlink: 156 bytes leftover after parsing attributes in process `syz.5.12393'. [ 640.059757][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 640.169660][ T6055] usb 10-1: new high-speed USB device number 23 using dummy_hcd [ 640.329566][ T6055] usb 10-1: Using ep0 maxpacket: 8 [ 640.333196][ T6055] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 640.336731][ T6055] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 640.339837][ T6055] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 640.343013][ T6055] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 640.347327][ T6055] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 640.353569][ T6055] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 640.571457][ T6055] usb 10-1: GET_CAPABILITIES returned 0 [ 640.573328][ T6055] usbtmc 10-1:16.0: can't read capabilities [ 640.717651][ T1397] netlink: 830 bytes leftover after parsing attributes in process `syz.3.12407'. [ 640.775574][ C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 640.778665][ C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 640.779411][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 640.782203][ C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 640.787184][ C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 640.789979][ C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 640.792819][ C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 640.795667][ C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 640.798624][ C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 640.804498][ C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 640.807816][ C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 640.810646][ C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 640.813609][ C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 640.816417][ C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 640.819214][ C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 640.822026][ C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 640.824844][ C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 640.888834][T25843] usb 10-1: USB disconnect, device number 23 [ 640.999300][T24338] usb 13-1: new high-speed USB device number 12 using dummy_hcd [ 641.159137][T24338] usb 13-1: Using ep0 maxpacket: 32 [ 641.162052][T24338] usb 13-1: config 0 has an invalid interface number: 12 but max is 0 [ 641.164860][T24338] usb 13-1: config 0 has no interface number 0 [ 641.166935][T24338] usb 13-1: config 0 interface 12 has no altsetting 0 [ 641.171433][T24338] usb 13-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40 [ 641.174464][T24338] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 641.177078][T24338] usb 13-1: Product: syz [ 641.178482][T24338] usb 13-1: Manufacturer: syz [ 641.180342][T24338] usb 13-1: SerialNumber: syz [ 641.183433][T24338] usb 13-1: config 0 descriptor?? [ 641.186375][T24338] f81534 13-1:0.12: required endpoints missing [ 641.397608][T25843] usb 13-1: USB disconnect, device number 12 [ 641.517908][ T1432] netlink: 212376 bytes leftover after parsing attributes in process `syz.5.12420'. [ 641.990359][ T1461] unknown channel width for channel at 909000KHz? [ 641.992428][ T1461] unknown channel width for channel at 909000KHz? [ 642.138708][ C0] net_ratelimit: 2 callbacks suppressed [ 642.138718][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 642.184923][ T40] audit: type=1326 audit(1754936139.308:8473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1478 comm="syz.8.12439" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x0 [ 642.858357][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 642.964346][ T1514] netlink: 8 bytes leftover after parsing attributes in process `syz.5.12452'. [ 643.129646][ T1530] loop7: detected capacity change from 0 to 7 [ 643.183464][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 643.244796][T23891] Dev loop7: unable to read RDB block 7 [ 643.246607][T23891] loop7: unable to read partition table [ 643.248535][T23891] loop7: partition table beyond EOD, truncated [ 643.249094][ C1] blk_print_req_error: 83 callbacks suppressed [ 643.249109][ C1] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2 [ 643.256853][ C1] Buffer I/O error on dev loop7, logical block 0, lost async page write [ 643.262449][ C2] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2 [ 643.265563][ C2] Buffer I/O error on dev loop7, logical block 0, lost async page write [ 643.363573][ T1540] pim6reg1: entered promiscuous mode [ 643.365338][ T1540] pim6reg1: entered allmulticast mode [ 643.389644][ T1530] Dev loop7: unable to read RDB block 7 [ 643.391477][ T1530] loop7: unable to read partition table [ 643.393340][ T1530] loop7: partition table beyond EOD, truncated [ 643.395972][ T1530] loop_reread_partitions: partition scan of loop7 (Cj̖P=ý?}X %`ր{֐ȵ4FLQk݊) failed (rc=-5) [ 643.671218][ T1573] tls_set_device_offload_rx: netdev not found [ 643.753135][ T1581] netlink: 96 bytes leftover after parsing attributes in process `syz.5.12478'. [ 643.877608][ T40] audit: type=1326 audit(1754936140.999:8474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1584 comm="syz.5.12480" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73579 code=0x7ffc0000 [ 643.884490][ T40] audit: type=1326 audit(1754936140.999:8475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1584 comm="syz.5.12480" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73579 code=0x7ffc0000 [ 643.891391][ T40] audit: type=1326 audit(1754936141.009:8476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1584 comm="syz.5.12480" exe="/syz-executor" sig=0 arch=40000003 syscall=430 compat=1 ip=0xf7f73579 code=0x7ffc0000 [ 643.898148][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 643.901188][ T40] audit: type=1326 audit(1754936141.009:8477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1584 comm="syz.5.12480" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73579 code=0x7ffc0000 [ 643.908438][ T40] audit: type=1326 audit(1754936141.009:8478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1584 comm="syz.5.12480" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73579 code=0x7ffc0000 [ 643.915074][ T40] audit: type=1326 audit(1754936141.009:8479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1584 comm="syz.5.12480" exe="/syz-executor" sig=0 arch=40000003 syscall=431 compat=1 ip=0xf7f73579 code=0x7ffc0000 [ 643.921836][ T40] audit: type=1326 audit(1754936141.009:8480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1584 comm="syz.5.12480" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73579 code=0x7ffc0000 [ 643.928620][ T40] audit: type=1326 audit(1754936141.009:8481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1584 comm="syz.5.12480" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73579 code=0x7ffc0000 [ 643.935271][ T40] audit: type=1326 audit(1754936141.009:8482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1584 comm="syz.5.12480" exe="/syz-executor" sig=0 arch=40000003 syscall=432 compat=1 ip=0xf7f73579 code=0x7ffc0000 [ 643.998542][ T1589] binder: 1588:1589 ioctl c0306201 800003c0 returned -14 [ 644.217947][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 644.412397][ T1601] netlink: 8 bytes leftover after parsing attributes in process `syz.3.12487'. [ 644.415278][ T1601] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12487'. [ 644.930461][ T1613] kvm: user requested TSC rate below hardware speed [ 644.947308][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 645.053775][ T1615] "syz.5.12492" (1615) uses obsolete ecb(arc4) skcipher [ 645.232170][ T1626] overlayfs: invalid origin (00000000d1d3e81a820eee8a94416592a5356da96db48150eae08457fbc30ece5e7e7e318cb2b4b2f8bddb73e65c239a40942f00000000000000000000000000) [ 645.257098][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 645.986810][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 646.296573][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 646.576501][T32537] usb 11-1: new high-speed USB device number 25 using dummy_hcd [ 646.736467][T32537] usb 11-1: Using ep0 maxpacket: 16 [ 646.740420][T32537] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 646.743972][T32537] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 646.747293][T32537] usb 11-1: New USB device found, idVendor=0458, idProduct=5012, bcdDevice= 0.00 [ 646.750407][T32537] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 646.754504][T32537] usb 11-1: config 0 descriptor?? [ 647.016275][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 647.167915][T32537] input: HID 0458:5012 as /devices/platform/dummy_hcd.6/usb11/11-1/11-1:0.0/0003:0458:5012.0055/input/input125 [ 647.177858][T32537] input: HID 0458:5012 as /devices/platform/dummy_hcd.6/usb11/11-1/11-1:0.0/0003:0458:5012.0055/input/input126 [ 647.238776][T32537] kye 0003:0458:5012.0055: input,hiddev0,hidraw0: USB HID v0.09 Device [HID 0458:5012] on usb-dummy_hcd.6-1/input0 [ 647.316243][ T6455] usb 10-1: new full-speed USB device number 24 using dummy_hcd [ 647.336084][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 647.367608][ T24] usb 11-1: USB disconnect, device number 25 [ 647.397223][ T1733] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 647.487607][ T6455] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 647.490675][ T6455] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 647.494682][ T6455] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 647.497703][ T6455] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 647.708033][ T6455] usb 10-1: usb_control_msg returned -32 [ 647.709856][ T6455] usbtmc 10-1:16.0: can't read capabilities [ 648.055777][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 648.060548][ T1763] usbtmc 10-1:16.0: usbtmc_ioctl_request failed -32 [ 648.063870][ T24] usb 10-1: USB disconnect, device number 24 [ 648.375619][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 648.621661][ T1778] warn_alloc: 1 callbacks suppressed [ 648.621673][ T1778] syz.8.12563: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 648.629388][ T1778] CPU: 0 UID: 0 PID: 1778 Comm: syz.8.12563 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) [ 648.629406][ T1778] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 648.629413][ T1778] Call Trace: [ 648.629417][ T1778] [ 648.629422][ T1778] dump_stack_lvl+0x16c/0x1f0 [ 648.629440][ T1778] warn_alloc+0x248/0x3a0 [ 648.629455][ T1778] ? __pfx_warn_alloc+0x10/0x10 [ 648.629468][ T1778] ? __pfx_stack_trace_save+0x10/0x10 [ 648.629487][ T1778] ? kasan_save_stack+0x42/0x60 [ 648.629500][ T1778] ? kasan_save_stack+0x33/0x60 [ 648.629512][ T1778] ? kasan_save_track+0x14/0x30 [ 648.629524][ T1778] ? xskq_create+0x52/0x1d0 [ 648.629534][ T1778] ? xsk_setsockopt+0x792/0x9a0 [ 648.629544][ T1778] ? do_sock_setsockopt+0xf3/0x1d0 [ 648.629561][ T1778] ? xskq_create+0xfb/0x1d0 [ 648.629572][ T1778] __vmalloc_node_range_noprof+0xff5/0x14b0 [ 648.629595][ T1778] ? xskq_create+0xfb/0x1d0 [ 648.629609][ T1778] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 648.629631][ T1778] ? xskq_create+0xfb/0x1d0 [ 648.629642][ T1778] vmalloc_user_noprof+0x9e/0xe0 [ 648.629652][ T1778] ? xskq_create+0xfb/0x1d0 [ 648.629664][ T1778] xskq_create+0xfb/0x1d0 [ 648.629676][ T1778] xsk_setsockopt+0x792/0x9a0 [ 648.629686][ T1778] ? __pfx_xsk_setsockopt+0x10/0x10 [ 648.629704][ T1778] ? find_held_lock+0x2b/0x80 [ 648.629717][ T1778] ? aa_sock_opt_perm+0xfd/0x1c0 [ 648.629736][ T1778] ? __pfx_xsk_setsockopt+0x10/0x10 [ 648.629754][ T1778] do_sock_setsockopt+0xf3/0x1d0 [ 648.629772][ T1778] __sys_setsockopt+0x120/0x1a0 [ 648.629787][ T1778] __ia32_sys_setsockopt+0xbc/0x160 [ 648.629800][ T1778] ? lockdep_hardirqs_on+0x7c/0x110 [ 648.629813][ T1778] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 648.629828][ T1778] __do_fast_syscall_32+0x7c/0x3a0 [ 648.629843][ T1778] do_fast_syscall_32+0x32/0x80 [ 648.629857][ T1778] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 648.629872][ T1778] RIP: 0023:0xf709e579 [ 648.629880][ T1778] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 648.629897][ T1778] RSP: 002b:00000000f548e55c EFLAGS: 00000296 ORIG_RAX: 000000000000016e [ 648.629909][ T1778] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000000011b [ 648.629916][ T1778] RDX: 0000000000000002 RSI: 0000000080000900 RDI: 0000000000000004 [ 648.629923][ T1778] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 648.629930][ T1778] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 648.629937][ T1778] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 648.629951][ T1778] [ 648.629956][ T1778] Mem-Info: [ 648.714323][ T1778] active_anon:3355 inactive_anon:281 isolated_anon:0 [ 648.714323][ T1778] active_file:11555 inactive_file:5031 isolated_file:0 [ 648.714323][ T1778] unevictable:1768 dirty:440 writeback:0 [ 648.714323][ T1778] slab_reclaimable:6293 slab_unreclaimable:61371 [ 648.714323][ T1778] mapped:23455 shmem:3432 pagetables:1632 [ 648.714323][ T1778] sec_pagetables:330 bounce:0 [ 648.714323][ T1778] kernel_misc_reclaimable:0 [ 648.714323][ T1778] free:57978 free_pcp:4385 free_cma:0 [ 648.729080][ T1778] Node 0 active_anon:720kB inactive_anon:80kB active_file:20kB inactive_file:0kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:16kB dirty:0kB writeback:0kB shmem:4824kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:7960kB pagetables:1424kB sec_pagetables:1168kB all_unreclaimable? yes Balloon:0kB [ 648.738880][ T1778] Node 1 active_anon:16200kB inactive_anon:1044kB active_file:46200kB inactive_file:20124kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:97204kB dirty:1760kB writeback:0kB shmem:12304kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:2048kB kernel_stack:5448kB pagetables:5104kB sec_pagetables:152kB all_unreclaimable? no Balloon:0kB [ 648.749618][ T1778] Node 0 DMA free:2396kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:32kB local_pcp:32kB free_cma:0kB [ 648.759064][ T1778] lowmem_reserve[]: 0 288 288 288 288 [ 648.760778][ T1778] Node 0 DMA32 free:18636kB boost:2048kB min:15268kB low:18572kB high:21876kB reserved_highatomic:2048KB free_highatomic:132KB active_anon:716kB inactive_anon:80kB active_file:20kB inactive_file:0kB unevictable:3536kB writepending:0kB present:1032196kB managed:295164kB mlocked:0kB bounce:0kB free_pcp:1916kB local_pcp:180kB free_cma:0kB [ 648.770454][ T1778] lowmem_reserve[]: 0 0 0 0 0 [ 648.771989][ T1778] Node 1 DMA32 free:203080kB boost:0kB min:47140kB low:58924kB high:70708kB reserved_highatomic:2048KB free_highatomic:248KB active_anon:20000kB inactive_anon:1044kB active_file:46200kB inactive_file:20124kB unevictable:3536kB writepending:1760kB present:1048432kB managed:948220kB mlocked:0kB bounce:0kB free_pcp:16468kB local_pcp:7188kB free_cma:0kB [ 648.782345][ T1778] lowmem_reserve[]: 0 0 0 0 0 [ 648.783890][ T1778] Node 0 DMA: 21*4kB (UE) 13*8kB (UE) 10*16kB (UE) 4*32kB (U) 4*64kB (UE) 1*128kB (E) 0*256kB 1*512kB (E) 1*1024kB (E) 0*2048kB 0*4096kB = 2396kB [ 648.788635][ T1778] Node 0 DMA32: 155*4kB (UH) 128*8kB (UEH) 102*16kB (UMH) 62*32kB (UME) 41*64kB (UM) 37*128kB (UM) 9*256kB (UM) 7*512kB (UM) 0*1024kB 0*2048kB 0*4096kB = 18508kB [ 648.793680][ T1778] Node 1 DMA32: 2009*4kB (UMEH) 1280*8kB (UEH) 824*16kB (UEH) 592*32kB (UMEH) 362*64kB (UMEH) 227*128kB (UM) 116*256kB (UM) 86*512kB (UM) 24*1024kB (UM) 1*2048kB (U) 0*4096kB = 202980kB [ 648.799452][ T1778] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 648.802400][ T1778] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 648.805343][ T1778] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 648.808300][ T1778] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 648.811183][ T1778] 20373 total pagecache pages [ 648.812672][ T1778] 858 pages in swap cache [ 648.814040][ T1778] Free swap = 102800kB [ 648.815424][ T1778] Total swap = 124996kB [ 648.816804][ T1778] 524155 pages RAM [ 648.818125][ T1778] 0 pages HighMem/MovableOnly [ 648.819629][ T1778] 209469 pages reserved [ 648.820966][ T1778] 0 pages cma reserved [ 648.830837][ T40] kauditd_printk_skb: 5 callbacks suppressed [ 648.830849][ T40] audit: type=1326 audit(1754936145.962:8488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1784 comm="syz.5.12566" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f73579 code=0x0 [ 649.095283][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 649.248345][ T1811] bridge0: entered promiscuous mode [ 649.251489][ T1811] batman_adv: batadv0: Adding interface: macsec1 [ 649.253534][ T1811] batman_adv: batadv0: The MTU of interface macsec1 is too small (1468) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 649.261587][ T1811] batman_adv: batadv0: Interface activated: macsec1 [ 649.415023][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 649.581322][ T1819] "syz.6.12580" (1819) uses obsolete ecb(arc4) skcipher [ 649.606487][ T1821] syz_tun: entered allmulticast mode [ 649.609464][ T1820] syz_tun: left allmulticast mode [ 649.681862][ T1825] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns [ 649.685095][ T1825] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer. [ 650.083309][ T1849] Invalid/unusable pipe [ 650.134774][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 650.220112][ T1858] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 650.223063][ T1858] bond_slave_0: left allmulticast mode [ 650.227296][ T1858] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 650.230323][ T1858] bond_slave_1: left allmulticast mode [ 650.233565][ T1858] bond0 (unregistering): Released all slaves [ 650.356230][ T24] usb 13-1: new high-speed USB device number 13 using dummy_hcd [ 650.454498][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 650.514696][ T24] usb 13-1: Using ep0 maxpacket: 8 [ 650.517594][ T24] usb 13-1: config index 0 descriptor too short (expected 301, got 45) [ 650.520197][ T24] usb 13-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 650.523286][ T24] usb 13-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 650.526722][ T24] usb 13-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 650.530637][ T24] usb 13-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 650.534888][ T24] usb 13-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 650.537788][ T24] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 650.749514][ T24] usb 13-1: GET_CAPABILITIES returned 0 [ 650.751299][ T24] usbtmc 13-1:16.0: can't read capabilities [ 650.799436][ T1880] binder: 1879:1880 ioctl c0306201 80000640 returned -22 [ 650.844398][ T6455] usb 11-1: new high-speed USB device number 26 using dummy_hcd [ 651.004307][ T6455] usb 11-1: Using ep0 maxpacket: 32 [ 651.007239][ T6455] usb 11-1: config index 0 descriptor too short (expected 29220, got 36) [ 651.009800][ T6455] usb 11-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 651.012450][ T6455] usb 11-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 651.015386][ T6455] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 651.018504][ T6455] usb 11-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 651.021462][ T6455] usb 11-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 651.025891][ T6455] usb 11-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 651.030130][ T6455] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 651.034090][ T6455] usb 11-1: config 0 descriptor?? [ 651.057247][ T1851] usbtmc 13-1:16.0: usb_control_msg returned -71 [ 651.057809][ T6055] usb 13-1: USB disconnect, device number 13 [ 651.174260][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 651.244629][ T6455] usblp 11-1:0.0: usblp0: USB Bidirectional printer dev 26 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 651.251213][ T6455] usb 11-1: USB disconnect, device number 26 [ 651.255736][ T6455] usblp0: removed [ 651.493994][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 651.693889][ T839] usb 11-1: new high-speed USB device number 27 using dummy_hcd [ 651.714415][ T1893] lo speed is unknown, defaulting to 1000 [ 651.735901][ T1895] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 651.775015][ T1893] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 651.855711][ T839] usb 11-1: Using ep0 maxpacket: 32 [ 651.859299][ T839] usb 11-1: config index 0 descriptor too short (expected 29220, got 36) [ 651.862399][ T839] usb 11-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 651.865894][ T839] usb 11-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 651.869396][ T839] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 651.872630][ T839] usb 11-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 651.876008][ T839] usb 11-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 651.880098][ T839] usb 11-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 651.882893][ T839] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 651.887509][ T839] usb 11-1: config 0 descriptor?? [ 652.103860][ T9] usb 10-1: new high-speed USB device number 25 using dummy_hcd [ 652.278957][ T9] usb 10-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 652.282401][ T9] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 652.286397][ T9] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 652.289473][ T9] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 652.295245][ T9] usb 10-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 652.298087][ T9] usb 10-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 652.300615][ T9] usb 10-1: Manufacturer: syz [ 652.302887][ T839] usblp 11-1:0.0: usblp0: USB Bidirectional printer dev 27 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 652.309271][ T839] usb 11-1: USB disconnect, device number 27 [ 652.311971][ T9] usb 10-1: config 0 descriptor?? [ 652.325567][ T839] usblp0: removed [ 652.533443][ C0] net_ratelimit: 1 callbacks suppressed [ 652.533457][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 652.719139][ T9] hid_parser_main: 5 callbacks suppressed [ 652.719152][ T9] appleir 0003:05AC:8243.0056: unknown main item tag 0x0 [ 652.726356][ T9] appleir 0003:05AC:8243.0056: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.5-1/input0 [ 652.844370][ T1938] netlink: 28 bytes leftover after parsing attributes in process `syz.6.12629'. [ 653.193415][T24338] libceph: connect (1)[c::]:6789 error -22 [ 653.195550][T24338] libceph: mon0 (1)[c::]:6789 connect error [ 653.244554][T32537] libceph: connect (1)[c::]:6789 error -22 [ 653.247201][T32537] libceph: mon0 (1)[c::]:6789 connect error [ 653.253145][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 653.453386][T24338] libceph: connect (1)[c::]:6789 error -22 [ 653.455377][T24338] libceph: mon0 (1)[c::]:6789 connect error [ 653.504109][T32537] libceph: connect (1)[c::]:6789 error -22 [ 653.506573][T32537] libceph: mon0 (1)[c::]:6789 connect error [ 653.582924][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 653.667822][ T1954] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12634'. [ 653.962985][T24338] libceph: connect (1)[c::]:6789 error -22 [ 653.965090][T24338] libceph: mon0 (1)[c::]:6789 connect error [ 654.013125][T32537] libceph: connect (1)[c::]:6789 error -22 [ 654.015848][T32537] libceph: mon0 (1)[c::]:6789 connect error [ 654.021740][ T1946] ceph: No mds server is up or the cluster is laggy [ 654.021764][ T1943] ceph: No mds server is up or the cluster is laggy [ 654.223569][ T76] wlan1: Trigger new scan to find an IBSS to join [ 654.292837][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 654.374062][ T2004] bridge1: entered allmulticast mode [ 654.441912][T25843] libceph: connect (1)[c::]:6789 error -22 [ 654.444081][T25843] libceph: mon0 (1)[c::]:6789 connect error [ 654.502120][T24321] libceph: connect (1)[c::]:6789 error -22 [ 654.503598][ T2019] netlink: 212376 bytes leftover after parsing attributes in process `syz.5.12660'. [ 654.508938][T24321] libceph: mon0 (1)[c::]:6789 connect error [ 654.612421][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 654.679899][ T2036] netlink: 4 bytes leftover after parsing attributes in process `syz.5.12668'. [ 654.684869][ T2036] netlink: 32 bytes leftover after parsing attributes in process `syz.5.12668'. [ 654.693703][ T839] usb 10-1: USB disconnect, device number 25 [ 654.702939][ T24] libceph: connect (1)[c::]:6789 error -22 [ 654.704726][ T2038] loop7: detected capacity change from 0 to 7 [ 654.704952][ T24] libceph: mon0 (1)[c::]:6789 connect error [ 654.773994][ T9] libceph: connect (1)[c::]:6789 error -22 [ 654.776481][ T9] libceph: mon0 (1)[c::]:6789 connect error [ 654.907094][ T2038] Dev loop7: unable to read RDB block 7 [ 654.907550][ T2043] support for the xor transformation has been removed. [ 654.909428][ T2038] loop7: unable to read partition table [ 654.915484][ T2038] loop7: partition table beyond EOD, truncated [ 654.915696][ C3] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2 [ 654.919603][ T2038] loop_reread_partitions: partition scan of loop7 (Cj̖P=ý?}X %`ր{֐ȵ4FLQk݊) failed (rc=-5) [ 654.921421][ C3] Buffer I/O error on dev loop7, logical block 0, lost async page write [ 655.128448][ T5382] Dev loop7: unable to read RDB block 7 [ 655.130246][ T5382] loop7: unable to read partition table [ 655.132245][ T5382] loop7: partition table beyond EOD, truncated [ 655.212417][ T24] libceph: connect (1)[c::]:6789 error -22 [ 655.214505][ T24] libceph: mon0 (1)[c::]:6789 connect error [ 655.279799][ T2008] ceph: No mds server is up or the cluster is laggy [ 655.282142][ T2015] ceph: No mds server is up or the cluster is laggy [ 655.283796][ T839] libceph: connect (1)[c::]:6789 error -22 [ 655.286315][ T839] libceph: mon0 (1)[c::]:6789 connect error [ 655.332098][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 655.351805][ T2085] input: syz1 as /devices/virtual/input/input127 [ 655.458779][ T2098] netlink: 'syz.3.12693': attribute type 10 has an invalid length. [ 655.464326][ T2098] bridge0: port 2(bridge_slave_1) entered disabled state [ 655.468243][ T2098] bridge_slave_1: left allmulticast mode [ 655.470045][ T2098] bridge_slave_1: left promiscuous mode [ 655.471956][ T2098] bridge0: port 2(bridge_slave_1) entered disabled state [ 655.485187][ T2098] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link [ 655.493100][ T2100] syz_tun: entered promiscuous mode [ 655.500508][ T2100] batadv_slave_0: entered promiscuous mode [ 655.504279][ T2100] hsr2: Slave A (syz_tun) is not up; please bring it up to get a fully working HSR network [ 655.508212][ T2100] hsr2: entered allmulticast mode [ 655.510285][ T2100] syz_tun: entered allmulticast mode [ 655.512624][ T2100] batadv_slave_0: entered allmulticast mode [ 655.544595][T32537] libceph: connect (1)[c::]:6789 error -101 [ 655.546844][T32537] libceph: mon0 (1)[c::]:6789 connect error [ 655.596033][ T24] libceph: connect (1)[c::]:6789 error -101 [ 655.598049][ T24] libceph: mon0 (1)[c::]:6789 connect error [ 655.651966][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 655.813522][T32537] libceph: connect (1)[c::]:6789 error -101 [ 655.816040][T32537] libceph: mon0 (1)[c::]:6789 connect error [ 655.862195][T25843] libceph: connect (1)[c::]:6789 error -101 [ 655.864735][T25843] libceph: mon0 (1)[c::]:6789 connect error [ 655.891834][ T24] usb 13-1: new high-speed USB device number 14 using dummy_hcd [ 656.051780][ T24] usb 13-1: Using ep0 maxpacket: 32 [ 656.054713][ T24] usb 13-1: config index 0 descriptor too short (expected 29220, got 36) [ 656.057319][ T24] usb 13-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 656.060038][ T24] usb 13-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 656.062942][ T24] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 656.065932][ T24] usb 13-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 656.068947][ T24] usb 13-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 656.073000][ T24] usb 13-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 656.075812][ T24] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 656.079523][ T24] usb 13-1: config 0 descriptor?? [ 656.290528][ T24] usblp 13-1:0.0: usblp0: USB Bidirectional printer dev 14 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 656.296063][ T24] usb 13-1: USB disconnect, device number 14 [ 656.300199][ T24] usblp0: removed [ 656.322977][T32537] libceph: connect (1)[c::]:6789 error -101 [ 656.325458][T32537] libceph: mon0 (1)[c::]:6789 connect error [ 656.374525][ T2111] ceph: No mds server is up or the cluster is laggy [ 656.374559][ T2107] ceph: No mds server is up or the cluster is laggy [ 656.386537][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 656.386576][T25843] libceph: connect (1)[c::]:6789 error -101 [ 656.390744][T25843] libceph: mon0 (1)[c::]:6789 connect error [ 656.691399][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 656.731491][ T6455] usb 13-1: new high-speed USB device number 15 using dummy_hcd [ 656.891289][ T6455] usb 13-1: Using ep0 maxpacket: 32 [ 656.894421][ T6455] usb 13-1: config index 0 descriptor too short (expected 29220, got 36) [ 656.897271][ T6455] usb 13-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 656.900060][ T6455] usb 13-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 656.904158][ T6455] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 656.907548][ T6455] usb 13-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 656.910602][ T6455] usb 13-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 656.915398][ T6455] usb 13-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 656.918341][ T6455] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 656.923031][ T6455] usb 13-1: config 0 descriptor?? [ 657.171263][ T13] wlan1: Trigger new scan to find an IBSS to join [ 657.245100][ T24] libceph: connect (1)[c::]:6789 error -101 [ 657.247723][ T24] libceph: mon0 (1)[c::]:6789 connect error [ 657.299628][T32537] libceph: connect (1)[c::]:6789 error -101 [ 657.301983][T32537] libceph: mon0 (1)[c::]:6789 connect error [ 657.333071][ T6455] usblp 13-1:0.0: usblp0: USB Bidirectional printer dev 15 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 657.339105][ T6455] usb 13-1: USB disconnect, device number 15 [ 657.343086][ T6455] usblp0: removed [ 657.411105][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 657.522517][ T24] libceph: connect (1)[c::]:6789 error -101 [ 657.524493][ T24] libceph: mon0 (1)[c::]:6789 connect error [ 657.571300][T32537] libceph: connect (1)[c::]:6789 error -101 [ 657.573971][T32537] libceph: mon0 (1)[c::]:6789 connect error [ 657.730943][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 658.035814][ T24] libceph: connect (1)[c::]:6789 error -101 [ 658.037829][ T24] libceph: mon0 (1)[c::]:6789 connect error [ 658.075546][ T2154] ceph: No mds server is up or the cluster is laggy [ 658.075551][ T2159] ceph: No mds server is up or the cluster is laggy [ 658.081049][ T6055] libceph: connect (1)[c::]:6789 error -101 [ 658.083605][ T6055] libceph: mon0 (1)[c::]:6789 connect error [ 658.450625][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 658.770344][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 658.827396][ T2191] 9pnet: p9_errstr2errno: server reported unknown error 184467 [ 659.490022][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 659.809840][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 660.219833][ T13] wlan1: Trigger new scan to find an IBSS to join [ 660.529786][ C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 660.859388][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 661.181423][ T13] wlan1: Creating new IBSS network, BSSID 1a:ae:31:5f:db:e9 [ 661.579037][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 661.898853][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 662.073623][ T2251] netlink: 24 bytes leftover after parsing attributes in process `syz.6.12750'. [ 662.378624][ T6055] usb 13-1: new full-speed USB device number 16 using dummy_hcd [ 662.535665][ T6055] usb 13-1: unable to read config index 0 descriptor/start: -71 [ 662.538168][ T6055] usb 13-1: can't read configurations, error -71 [ 662.608570][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 662.776437][ T2258] tipc: Started in network mode [ 662.778227][ T2258] tipc: Node identity ac1414aa, cluster identity 4711 [ 662.781336][ T2258] tipc: Enabled bearer , priority 10 [ 662.815307][ T2263] netlink: 4 bytes leftover after parsing attributes in process `syz.6.12757'. [ 662.819911][ T2263] netlink: 32 bytes leftover after parsing attributes in process `syz.6.12757'. [ 662.928339][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 663.637106][ T2300] netlink: 4 bytes leftover after parsing attributes in process `syz.6.12782'. [ 663.657948][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 663.694892][ T2305] syz_tun: entered allmulticast mode [ 663.699012][ T2304] syz_tun: left allmulticast mode [ 663.907834][ T839] tipc: Node number set to 2886997162 [ 663.967779][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 664.486602][ T2332] syz_tun: entered allmulticast mode [ 664.491125][ T2331] syz_tun: left allmulticast mode [ 664.521753][ T2335] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12791'. [ 664.689436][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 664.766113][ T2350] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (148514 ns). Using initial count to start timer. [ 664.893784][ T2364] netlink: 4 bytes leftover after parsing attributes in process `syz.8.12801'. [ 665.007235][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 665.211949][ T2383] loop6: detected capacity change from 0 to 7 [ 665.217160][T23891] Dev loop6: unable to read RDB block 7 [ 665.219172][T23891] loop6: unable to read partition table [ 665.221338][T23891] loop6: partition table beyond EOD, truncated [ 665.225902][ T2383] Dev loop6: unable to read RDB block 7 [ 665.227671][ T2383] loop6: unable to read partition table [ 665.229463][ T2383] loop6: partition table beyond EOD, truncated [ 665.231389][ T2383] loop_reread_partitions: partition scan of loop6 (被x) failed (rc=-5) [ 665.726967][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 665.751254][ T40] audit: type=1326 audit(1754936162.890:8489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2367 comm="syz.3.12804" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa8579 code=0x7fc00000 [ 665.758130][ T40] audit: type=1326 audit(1754936162.890:8490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2367 comm="syz.3.12804" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fa8579 code=0x7fc00000 [ 665.764778][ T40] audit: type=1326 audit(1754936162.890:8491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2367 comm="syz.3.12804" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa8579 code=0x7fc00000 [ 665.772284][ T40] audit: type=1326 audit(1754936162.890:8492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2367 comm="syz.3.12804" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa8579 code=0x7fc00000 [ 665.779646][ T40] audit: type=1326 audit(1754936162.890:8493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2367 comm="syz.3.12804" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa8579 code=0x7fc00000 [ 665.786642][ T40] audit: type=1326 audit(1754936162.890:8494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2367 comm="syz.3.12804" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa8579 code=0x7fc00000 [ 665.793309][ T40] audit: type=1326 audit(1754936162.890:8495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2367 comm="syz.3.12804" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa8579 code=0x7fc00000 [ 665.800178][ T40] audit: type=1326 audit(1754936162.890:8496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2367 comm="syz.3.12804" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa8579 code=0x7fc00000 [ 665.807881][ T40] audit: type=1326 audit(1754936162.890:8497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2367 comm="syz.3.12804" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa8579 code=0x7fc00000 [ 665.814648][ T40] audit: type=1326 audit(1754936162.890:8498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2367 comm="syz.3.12804" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa8579 code=0x7fc00000 [ 665.873795][ T2419] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (148514 ns). Using initial count to start timer. [ 666.056694][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 666.740430][ T2448] loop6: detected capacity change from 0 to 7 [ 666.744522][T23891] Dev loop6: unable to read RDB block 7 [ 666.746255][T23891] loop6: unable to read partition table [ 666.750413][T23891] loop6: partition table beyond EOD, truncated [ 666.754956][ T2448] Dev loop6: unable to read RDB block 7 [ 666.756787][ T2448] loop6: unable to read partition table [ 666.758635][ T2448] loop6: partition table beyond EOD, truncated [ 666.764186][ T2448] loop_reread_partitions: partition scan of loop6 (被x) failed (rc=-5) [ 666.776371][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 666.851586][ T2456] loop7: detected capacity change from 0 to 7 [ 667.042195][T23891] Dev loop7: unable to read RDB block 7 [ 667.043936][ T2463] support for the xor transformation has been removed. [ 667.044110][T23891] loop7: unable to read partition table [ 667.047107][ C0] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2 [ 667.048727][T23891] loop7: partition table beyond EOD, truncated [ 667.051553][ C0] Buffer I/O error on dev loop7, logical block 0, lost async page write [ 667.086266][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 667.236785][ T2456] Dev loop7: unable to read RDB block 7 [ 667.238639][ T2456] loop7: unable to read partition table [ 667.240536][ T2456] loop7: partition table beyond EOD, truncated [ 667.242419][ T2456] loop_reread_partitions: partition scan of loop7 (Cj̖P=ý?}X %`ր{֐ȵ4FLQk݊) failed (rc=-5) [ 667.425447][ T2476] input: syz1 as /devices/virtual/input/input128 [ 667.805932][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 668.125666][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 668.845359][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 669.165217][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 669.885156][ C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 670.214658][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 670.924421][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 671.244196][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 671.963989][ C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 672.283803][ C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 673.003718][ C3] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 673.323128][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 674.042877][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 674.362608][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 675.040310][ T2494] loop7: detected capacity change from 0 to 7 [ 675.082225][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 675.248388][ T2502] support for the xor transformation has been removed. [ 675.248413][ T2497] Dev loop7: unable to read RDB block 7 [ 675.251883][ C1] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2 [ 675.252507][ T2497] loop7: unable to read partition table [ 675.255548][ C1] Buffer I/O error on dev loop7, logical block 0, lost async page write [ 675.257575][ T2497] loop7: partition table beyond EOD, truncated [ 675.402069][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 675.450933][ T2494] Dev loop7: unable to read RDB block 7 [ 675.453603][ T2494] loop7: unable to read partition table [ 675.455494][ T2494] loop7: partition table beyond EOD, truncated [ 675.457559][ T2494] loop_reread_partitions: partition scan of loop7 (Cj̖P=ý?}X %`ր{֐ȵ4FLQk݊) failed (rc=-5) [ 676.121798][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 676.441644][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 677.161234][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 677.318678][ T40] kauditd_printk_skb: 19 callbacks suppressed [ 677.318694][ T40] audit: type=1326 audit(1754936174.466:8518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2590 comm="syz.5.12893" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f73579 code=0x0 [ 677.335371][ T2594] netlink: 212376 bytes leftover after parsing attributes in process `syz.3.12895'. [ 677.362865][ T2598] netlink: 8 bytes leftover after parsing attributes in process `syz.3.12897'. [ 677.481054][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 678.210706][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 678.354789][ T2637] pim6reg1: entered promiscuous mode [ 678.356687][ T2637] pim6reg1: entered allmulticast mode [ 678.520490][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 678.699805][ T2669] hsr0: entered allmulticast mode [ 678.701891][ T2669] hsr_slave_0: entered allmulticast mode [ 678.703710][ T2669] hsr_slave_1: entered allmulticast mode [ 678.707688][ T2669] hsr_slave_0: left promiscuous mode [ 678.710054][ T2669] hsr_slave_1: left promiscuous mode [ 678.726477][ T2669] hsr0 (unregistering): left allmulticast mode [ 678.795667][ T2676] netlink: 96 bytes leftover after parsing attributes in process `syz.8.12924'. [ 678.823017][ T2678] tls_set_device_offload_rx: netdev not found [ 679.240277][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 679.320373][ T9] usb 10-1: new high-speed USB device number 26 using dummy_hcd [ 679.480024][ T9] usb 10-1: Using ep0 maxpacket: 32 [ 679.483876][ T9] usb 10-1: config 0 has an invalid interface number: 12 but max is 0 [ 679.486654][ T9] usb 10-1: config 0 has no interface number 0 [ 679.488670][ T9] usb 10-1: config 0 interface 12 has no altsetting 0 [ 679.492729][ T9] usb 10-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40 [ 679.495673][ T9] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 679.498894][ T9] usb 10-1: Product: syz [ 679.500799][ T9] usb 10-1: Manufacturer: syz [ 679.502816][ T9] usb 10-1: SerialNumber: syz [ 679.506909][ T9] usb 10-1: config 0 descriptor?? [ 679.511371][ T9] f81534 10-1:0.12: required endpoints missing [ 679.569930][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 679.719560][T32537] usb 10-1: USB disconnect, device number 26 [ 680.101963][ T2716] netlink: 212376 bytes leftover after parsing attributes in process `syz.3.12947'. [ 680.289614][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 680.599431][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 681.319099][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 681.613284][ T2772] unknown channel width for channel at 909000KHz? [ 681.615399][ T2772] unknown channel width for channel at 909000KHz? [ 681.638923][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 682.358649][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 682.688370][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 683.398068][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 683.689307][ T2832] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 683.727848][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 684.437580][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 684.533199][ T2861] loop7: detected capacity change from 0 to 7 [ 684.637554][ T24] usb 10-1: new high-speed USB device number 27 using dummy_hcd [ 684.640696][ T2501] Dev loop7: unable to read RDB block 7 [ 684.640865][ C2] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2 [ 684.643099][ T2501] loop7: unable to read partition table [ 684.646109][ C2] Buffer I/O error on dev loop7, logical block 0, lost async page write [ 684.648130][ T2501] loop7: partition table beyond EOD, truncated [ 684.651817][ C2] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2 [ 684.656184][ C2] Buffer I/O error on dev loop7, logical block 0, lost async page write [ 684.756600][ T2861] Dev loop7: unable to read RDB block 7 [ 684.757376][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 684.758666][ T2861] loop7: unable to read partition table [ 684.762548][ T2861] loop7: partition table beyond EOD, truncated [ 684.764537][ T2861] loop_reread_partitions: partition scan of loop7 (Cj̖P=ý?}X %`ր{֐ȵ4FLQk݊) failed (rc=-5) [ 684.774476][ T2501] udevd[2501]: failed to send result of seq 44467 to main daemon: Connection refused [ 684.787345][ T24] usb 10-1: Using ep0 maxpacket: 16 [ 684.790623][ T24] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 684.794001][ T24] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 684.797072][ T24] usb 10-1: New USB device found, idVendor=0458, idProduct=5012, bcdDevice= 0.00 [ 684.799962][ T24] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 684.803530][ T24] usb 10-1: config 0 descriptor?? [ 685.030853][ T40] audit: type=1326 audit(1754936182.180:8519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2895 comm="syz.3.13010" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa8579 code=0x7ffc0000 [ 685.038141][ T40] audit: type=1326 audit(1754936182.180:8520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2895 comm="syz.3.13010" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa8579 code=0x7ffc0000 [ 685.044978][ T40] audit: type=1326 audit(1754936182.180:8521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2895 comm="syz.3.13010" exe="/syz-executor" sig=0 arch=40000003 syscall=430 compat=1 ip=0xf7fa8579 code=0x7ffc0000 [ 685.052349][ T40] audit: type=1326 audit(1754936182.180:8522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2895 comm="syz.3.13010" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa8579 code=0x7ffc0000 [ 685.059128][ T40] audit: type=1326 audit(1754936182.180:8523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2895 comm="syz.3.13010" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa8579 code=0x7ffc0000 [ 685.065832][ T40] audit: type=1326 audit(1754936182.180:8524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2895 comm="syz.3.13010" exe="/syz-executor" sig=0 arch=40000003 syscall=431 compat=1 ip=0xf7fa8579 code=0x7ffc0000 [ 685.072566][ T40] audit: type=1326 audit(1754936182.180:8525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2895 comm="syz.3.13010" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa8579 code=0x7ffc0000 [ 685.079569][ T40] audit: type=1326 audit(1754936182.180:8526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2895 comm="syz.3.13010" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa8579 code=0x7ffc0000 [ 685.086231][ T40] audit: type=1326 audit(1754936182.180:8527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2895 comm="syz.3.13010" exe="/syz-executor" sig=0 arch=40000003 syscall=432 compat=1 ip=0xf7fa8579 code=0x7ffc0000 [ 685.092932][ T40] audit: type=1326 audit(1754936182.180:8528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2895 comm="syz.3.13010" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa8579 code=0x7ffc0000 [ 685.160911][ T1421] ieee802154 phy0 wpan0: encryption failed: -22 [ 685.163013][ T1421] ieee802154 phy1 wpan1: encryption failed: -22 [ 685.217786][ T24] input: HID 0458:5012 as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.0/0003:0458:5012.0057/input/input129 [ 685.225090][ T24] input: HID 0458:5012 as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.0/0003:0458:5012.0057/input/input130 [ 685.280897][ T24] kye 0003:0458:5012.0057: input,hiddev0,hidraw0: USB HID v0.09 Device [HID 0458:5012] on usb-dummy_hcd.5-1/input0 [ 685.416210][ T6055] usb 10-1: USB disconnect, device number 27 [ 685.477102][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 685.796891][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 685.837849][ T2903] tls_set_device_offload_rx: netdev not found [ 685.839046][ T2901] bridge0: entered promiscuous mode [ 685.842387][ T2901] batman_adv: batadv0: Adding interface: macsec2 [ 685.844506][ T2901] batman_adv: batadv0: The MTU of interface macsec2 is too small (1504) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 685.855379][ T2901] batman_adv: batadv0: Interface activated: macsec2 [ 685.896372][ T2912] netlink: 96 bytes leftover after parsing attributes in process `syz.3.13005'. [ 686.231329][ T2959] "syz.5.13023" (2959) uses obsolete ecb(arc4) skcipher [ 686.293351][ T2965] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer. [ 686.516573][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 686.836402][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 687.556023][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 687.608151][ T3019] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 687.612915][ T3019] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 687.616800][ T3019] bond0 (unregistering): Released all slaves [ 687.875909][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 688.595481][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 688.915329][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 689.645146][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 689.954823][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 690.646375][ T40] kauditd_printk_skb: 32 callbacks suppressed [ 690.646386][ T40] audit: type=1326 audit(1754936187.802:8561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3044 comm="syz.8.13054" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf709e579 code=0x0 [ 690.674478][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 690.678802][ T3050] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 690.994433][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 691.528933][ T3063] binder: 3062:3063 ioctl c0306201 80000640 returned -22 [ 691.713949][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 691.883816][ T24] usb 13-1: new high-speed USB device number 18 using dummy_hcd [ 692.033717][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 692.063755][ T24] usb 13-1: Using ep0 maxpacket: 16 [ 692.067490][ T24] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 692.071584][ T24] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 692.075284][ T24] usb 13-1: New USB device found, idVendor=0458, idProduct=5012, bcdDevice= 0.00 [ 692.078687][ T24] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 692.083429][ T24] usb 13-1: config 0 descriptor?? [ 692.497102][ T24] input: HID 0458:5012 as /devices/platform/dummy_hcd.8/usb13/13-1/13-1:0.0/0003:0458:5012.0058/input/input131 [ 692.503072][ T24] input: HID 0458:5012 as /devices/platform/dummy_hcd.8/usb13/13-1/13-1:0.0/0003:0458:5012.0058/input/input132 [ 692.570859][ T24] kye 0003:0458:5012.0058: input,hiddev0,hidraw0: USB HID v0.09 Device [HID 0458:5012] on usb-dummy_hcd.8-1/input0 [ 692.694780][ T9] usb 13-1: USB disconnect, device number 18 [ 692.753410][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 693.073190][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 693.474018][ T76] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 693.515705][ T3124] dvmrp0: left allmulticast mode [ 693.792869][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 693.822823][ T3156] netlink: 212376 bytes leftover after parsing attributes in process `syz.8.13103'. [ 693.907749][ T6055] libceph: connect (1)[c::]:6789 error -101 [ 693.909791][ T6055] libceph: mon0 (1)[c::]:6789 connect error [ 693.959830][ T6055] libceph: connect (1)[c::]:6789 error -101 [ 693.961845][ T6055] libceph: mon0 (1)[c::]:6789 connect error [ 694.112713][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 694.164918][ T6055] libceph: connect (1)[c::]:6789 error -101 [ 694.167024][ T6055] libceph: mon0 (1)[c::]:6789 connect error [ 694.196707][ T3172] bridge1: entered allmulticast mode [ 694.222809][ T6055] libceph: connect (1)[c::]:6789 error -101 [ 694.225307][ T6055] libceph: mon0 (1)[c::]:6789 connect error [ 694.672721][ T6055] libceph: connect (1)[c::]:6789 error -101 [ 694.674892][ T6055] libceph: mon0 (1)[c::]:6789 connect error [ 694.732677][T32537] libceph: connect (1)[c::]:6789 error -101 [ 694.735190][T32537] libceph: mon0 (1)[c::]:6789 connect error [ 694.740206][ T3165] ceph: No mds server is up or the cluster is laggy [ 694.740902][ T3168] ceph: No mds server is up or the cluster is laggy [ 694.842345][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 695.152175][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 695.276914][ T3213] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 695.871897][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 695.991822][T24321] usb 10-1: new high-speed USB device number 28 using dummy_hcd [ 696.154654][T24321] usb 10-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 696.158835][T24321] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 696.163018][T24321] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 696.167380][T24321] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 696.173988][T24321] usb 10-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 696.177831][T24321] usb 10-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 696.181260][T24321] usb 10-1: Manufacturer: syz [ 696.185552][T24321] usb 10-1: config 0 descriptor?? [ 696.201639][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 696.597467][T24321] appleir 0003:05AC:8243.0059: unknown main item tag 0x0 [ 696.601541][T24321] appleir 0003:05AC:8243.0059: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.5-1/input0 [ 696.911304][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 696.948163][ T3275] input: syz0 as /devices/virtual/input/input133 [ 697.231230][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 697.578996][ T3307] Bluetooth: hci0: too big key_count value 34945 [ 697.606794][T24321] libceph: connect (1)[c::]:6789 error -22 [ 697.609134][T24321] libceph: mon0 (1)[c::]:6789 connect error [ 697.707070][ T3310] ceph: No mds server is up or the cluster is laggy [ 697.870849][ T5979] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 697.870863][T29296] Bluetooth: hci4: command 0x1003 tx timeout [ 697.950853][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 698.129924][ T3355] netlink: 8 bytes leftover after parsing attributes in process `syz.3.13186'. [ 698.261508][ T3366] mac80211_hwsim hwsim34 wlan0: entered promiscuous mode [ 698.270792][ T3366] macsec3: entered promiscuous mode [ 698.273089][ T3366] macsec3: entered allmulticast mode [ 698.275216][ T3366] mac80211_hwsim hwsim34 wlan0: entered allmulticast mode [ 698.280601][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 698.394305][ T3380] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 698.406540][ T3387] binder: 3386:3387 ioctl c0306201 80000380 returned -14 [ 698.458962][ T3393] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 698.528687][ T3406] netlink: 'syz.3.13208': attribute type 1 has an invalid length. [ 698.532020][ T3406] netlink: 56 bytes leftover after parsing attributes in process `syz.3.13208'. [ 698.592098][ T6455] usb 10-1: USB disconnect, device number 28 [ 698.757680][ T3427] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 698.847521][ T3442] mac80211_hwsim hwsim36 wlan0: entered promiscuous mode [ 698.852727][ T3442] macsec2: entered promiscuous mode [ 698.854711][ T3442] macsec2: entered allmulticast mode [ 698.856379][ T3442] mac80211_hwsim hwsim36 wlan0: entered allmulticast mode [ 699.000347][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 699.063340][ T3459] netlink: 'syz.5.13233': attribute type 1 has an invalid length. [ 699.065878][ T3459] netlink: 56 bytes leftover after parsing attributes in process `syz.5.13233'. [ 699.126883][ T3467] mac80211_hwsim hwsim32 wlan0: entered promiscuous mode [ 699.129170][ T3467] macsec3: entered promiscuous mode [ 699.143336][ T3467] macsec3: entered allmulticast mode [ 699.145021][ T3467] mac80211_hwsim hwsim32 wlan0: entered allmulticast mode [ 699.307595][ T3488] netlink: 'syz.8.13247': attribute type 1 has an invalid length. [ 699.310122][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 699.315930][ T3488] netlink: 56 bytes leftover after parsing attributes in process `syz.8.13247'. [ 699.469238][ T3507] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 699.578312][ T3523] netlink: 'syz.6.13260': attribute type 1 has an invalid length. [ 699.581043][ T3523] netlink: 56 bytes leftover after parsing attributes in process `syz.6.13260'. [ 699.584907][ T3524] mac80211_hwsim hwsim41 wlan0: entered promiscuous mode [ 699.587941][ T3524] macsec1: entered promiscuous mode [ 699.591297][ T3524] macsec1: entered allmulticast mode [ 699.592979][ T3524] mac80211_hwsim hwsim41 wlan0: entered allmulticast mode [ 700.029756][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 700.074932][T32537] libceph: connect (1)[c::]:6789 error -101 [ 700.076940][T32537] libceph: mon0 (1)[c::]:6789 connect error [ 700.176245][ T3570] ceph: No mds server is up or the cluster is laggy [ 700.349643][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 700.538407][ T3607] binder: 3606:3607 ioctl c0306201 80000380 returned -14 [ 700.696138][ T3621] lo speed is unknown, defaulting to 1000 [ 700.698384][ T3624] input: syz1 as /devices/virtual/input/input134 [ 700.858333][ T3632] input: syz1 as /devices/virtual/input/input135 [ 701.069254][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 701.389058][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 702.118720][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 702.428637][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 703.148257][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 703.468010][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 703.900563][ T3660] netlink: 4 bytes leftover after parsing attributes in process `syz.5.13314'. [ 703.942874][ T3664] netlink: 'syz.6.13325': attribute type 10 has an invalid length. [ 703.948007][ T3664] bridge0: port 2(bridge_slave_1) entered disabled state [ 703.951156][ T3664] bridge_slave_1: left allmulticast mode [ 703.952995][ T3664] bridge_slave_1: left promiscuous mode [ 703.954843][ T3664] bridge0: port 2(bridge_slave_1) entered disabled state [ 704.197877][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 704.277739][ T1240] wlan1: Trigger new scan to find an IBSS to join [ 704.507657][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 705.227200][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 705.412702][ T3694] netlink: 'syz.5.13327': attribute type 10 has an invalid length. [ 705.418007][ T3694] bridge0: port 2(bridge_slave_1) entered disabled state [ 705.420733][ T3694] bridge_slave_1: left allmulticast mode [ 705.422704][ T3694] bridge_slave_1: left promiscuous mode [ 705.425337][ T3694] bridge0: port 2(bridge_slave_1) entered disabled state [ 705.430941][ T3694] bridge_slave_1: entered allmulticast mode [ 705.433222][ T3694] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link [ 705.454492][ T3698] syz_tun: entered promiscuous mode [ 705.456829][ T3698] syz_tun: left promiscuous mode [ 705.476726][ T3700] lo speed is unknown, defaulting to 1000 [ 705.543462][ T3700] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 705.546995][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 705.561667][ T1329] libceph: connect (1)[c::]:6789 error -101 [ 705.563706][ T1329] libceph: mon0 (1)[c::]:6789 connect error [ 705.621284][T24321] libceph: connect (1)[c::]:6789 error -101 [ 705.623299][T24321] libceph: mon0 (1)[c::]:6789 connect error [ 705.835893][ T24] libceph: connect (1)[c::]:6789 error -101 [ 705.841074][ T24] libceph: mon0 (1)[c::]:6789 connect error [ 705.843042][ T3730] Bluetooth: hci0: too big key_count value 34945 [ 705.877093][T24321] libceph: connect (1)[c::]:6789 error -101 [ 705.879086][T24321] libceph: mon0 (1)[c::]:6789 connect error [ 706.266662][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 706.346989][ T24] libceph: connect (1)[c::]:6789 error -101 [ 706.348959][ T24] libceph: mon0 (1)[c::]:6789 connect error [ 706.386891][T24321] libceph: connect (1)[c::]:6789 error -101 [ 706.388849][T24321] libceph: mon0 (1)[c::]:6789 connect error [ 706.396037][ T3708] ceph: No mds server is up or the cluster is laggy [ 706.401095][ T3714] ceph: No mds server is up or the cluster is laggy [ 706.586550][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 706.778771][ T3766] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 706.783946][ T3766] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 706.789826][ T3766] bond0 (unregistering): (slave bridge_slave_1): Releasing backup interface [ 706.794831][ T3766] bond0 (unregistering): Released all slaves [ 707.016400][T24338] usb 10-1: new high-speed USB device number 29 using dummy_hcd [ 707.055447][ T3779] ALSA: seq fatal error: cannot create timer (-16) [ 707.176168][T24338] usb 10-1: Using ep0 maxpacket: 8 [ 707.179042][T24338] usb 10-1: config index 0 descriptor too short (expected 301, got 45) [ 707.181740][T24338] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 707.184852][T24338] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 707.187968][T24338] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0 [ 707.191082][T24338] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0 [ 707.194458][T24338] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 707.198652][T24338] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 707.201552][T24338] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 707.206600][T24338] usbtmc 10-1:16.0: probe with driver usbtmc failed with error -22 [ 707.289834][ T3787] netlink: 4 bytes leftover after parsing attributes in process `syz.6.13365'. [ 707.296182][T24321] usb 13-1: new high-speed USB device number 19 using dummy_hcd [ 707.306320][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 707.447782][T24321] usb 13-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 707.452612][T24321] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 707.457703][T24321] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 707.461796][T24321] usb 13-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 707.467419][T24321] usb 13-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 707.471109][T24321] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 707.476251][T24321] usb 13-1: config 0 descriptor?? [ 707.488977][ T9] usb 10-1: USB disconnect, device number 29 [ 707.635989][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 707.889667][T24321] plantronics 0003:047F:FFFF.005A: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.8-1/input0 [ 708.104617][ T3793] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 708.107744][ T3793] bond_slave_0: left allmulticast mode [ 708.110826][ T3793] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 708.113766][ T3793] bond_slave_1: left allmulticast mode [ 708.117428][ T3793] bond0 (unregistering): (slave bridge_slave_1): Releasing backup interface [ 708.120503][ T3793] bridge_slave_1: left allmulticast mode [ 708.122946][ T3793] bond0 (unregistering): Released all slaves [ 708.345666][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 708.539536][ T3814] ALSA: seq fatal error: cannot create timer (-16) [ 708.543404][ T3813] lo speed is unknown, defaulting to 1000 [ 708.609435][ T3819] input: syz1 as /devices/virtual/input/input137 [ 708.665452][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 709.145299][ T12] wlan1: Trigger new scan to find an IBSS to join [ 709.205519][ T3782] usb 13-1: string descriptor 0 read error: -2 [ 709.556853][ T3838] syz.5.13386: attempt to access beyond end of device [ 709.556853][ T3838] loop11: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 709.561620][ T3838] SQUASHFS error: Failed to read block 0x0: -5 [ 709.694904][ T1329] usb 11-1: new high-speed USB device number 28 using dummy_hcd [ 709.704865][ C0] net_ratelimit: 1 callbacks suppressed [ 709.704878][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 709.844963][ T1329] usb 11-1: Using ep0 maxpacket: 8 [ 709.847900][ T1329] usb 11-1: config index 0 descriptor too short (expected 301, got 45) [ 709.850827][ T1329] usb 11-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 709.855054][ T1329] usb 11-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 709.858558][ T1329] usb 11-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0 [ 709.861856][ T1329] usb 11-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0 [ 709.865742][ T1329] usb 11-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 709.869927][ T1329] usb 11-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 709.873059][ T1329] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 709.878251][ T1329] usbtmc 11-1:16.0: probe with driver usbtmc failed with error -22 [ 709.985821][ T24] usb 13-1: USB disconnect, device number 19 [ 710.085596][ T302] wlan1: Creating new IBSS network, BSSID 8e:a5:8c:5c:db:3d [ 710.155925][ T6015] usb 11-1: USB disconnect, device number 28 [ 710.424557][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 710.639128][ T3868] lo speed is unknown, defaulting to 1000 [ 710.754783][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 711.166583][ T40] audit: type=1326 audit(1754936208.333:8562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3892 comm="syz.6.13417" exe="/syz-executor" sig=31 arch=40000003 syscall=20 compat=1 ip=0xf7f44579 code=0x0 [ 711.474092][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 711.783882][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 712.503533][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 712.823383][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 713.543050][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 713.862806][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 713.902902][T24338] usb 13-1: new high-speed USB device number 20 using dummy_hcd [ 714.052958][T24338] usb 13-1: Using ep0 maxpacket: 8 [ 714.055940][T24338] usb 13-1: config index 0 descriptor too short (expected 301, got 45) [ 714.058549][T24338] usb 13-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 714.061565][T24338] usb 13-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 714.064719][T24338] usb 13-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0 [ 714.067763][T24338] usb 13-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0 [ 714.070796][T24338] usb 13-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 714.074856][T24338] usb 13-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 714.077681][T24338] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 714.082482][T24338] usbtmc 13-1:16.0: probe with driver usbtmc failed with error -22 [ 714.364053][T24338] usb 13-1: USB disconnect, device number 20 [ 714.582694][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 714.902282][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 715.110765][ T3932] netlink: 4 bytes leftover after parsing attributes in process `syz.8.13426'. [ 715.114947][ T3932] bridge_slave_1: left allmulticast mode [ 715.116821][ T3932] bridge_slave_1: left promiscuous mode [ 715.118675][ T3932] bridge0: port 2(bridge_slave_1) entered disabled state [ 715.125187][ T3932] bridge_slave_0: left allmulticast mode [ 715.127503][ T3932] bridge_slave_0: left promiscuous mode [ 715.129818][ T3932] bridge0: port 1(bridge_slave_0) entered disabled state [ 715.318872][ T3942] [ 715.319716][ T3942] ===================================================== [ 715.322065][ T3942] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected [ 715.324736][ T3942] 6.17.0-rc1-syzkaller #0 Not tainted [ 715.326575][ T3942] ----------------------------------------------------- [ 715.330490][ T3942] syz.6.13431/3942 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire: [ 715.333579][ T3942] ffff88806f6b37f8 (&new->fa_lock){....}-{3:3}, at: kill_fasync+0x138/0x510 [ 715.336367][ T3942] [ 715.336367][ T3942] and this task is already holding: [ 715.338680][ T3942] ffff8880702b8028 (&client->buffer_lock){....}-{3:3}, at: evdev_pass_values+0x10e/0x9b0 [ 715.341742][ T3942] which would create a new lock dependency: [ 715.343752][ T3942] (&client->buffer_lock){....}-{3:3} -> (&new->fa_lock){....}-{3:3} [ 715.346410][ T3942] [ 715.346410][ T3942] but this new dependency connects a SOFTIRQ-irq-safe lock: [ 715.349607][ T3942] (&dev->event_lock#2){..-.}-{3:3} [ 715.349631][ T3942] [ 715.349631][ T3942] ... which became SOFTIRQ-irq-safe at: [ 715.353637][ T3942] lock_acquire+0x179/0x350 [ 715.355104][ T3942] _raw_spin_lock_irqsave+0x3a/0x60 [ 715.356803][ T3942] input_inject_event+0x9f/0x3b0 [ 715.358384][ T3942] led_set_brightness+0x217/0x290 [ 715.359988][ T3942] led_trigger_event+0xda/0x270 [ 715.361536][ T3942] kbd_bh+0x21b/0x300 [ 715.362942][ T3942] tasklet_action_common+0x284/0x400 [ 715.364726][ T3942] handle_softirqs+0x219/0x8e0 [ 715.366447][ T3942] run_ksoftirqd+0x3a/0x60 [ 715.367876][ T3942] smpboot_thread_fn+0x3f4/0xae0 [ 715.369458][ T3942] kthread+0x3c5/0x780 [ 715.370780][ T3942] ret_from_fork+0x5d4/0x6f0 [ 715.372265][ T3942] ret_from_fork_asm+0x1a/0x30 [ 715.373796][ T3942] [ 715.373796][ T3942] to a SOFTIRQ-irq-unsafe lock: [ 715.375963][ T3942] (tasklist_lock){.+.+}-{3:3} [ 715.375980][ T3942] [ 715.375980][ T3942] ... which became SOFTIRQ-irq-unsafe at: [ 715.379905][ T3942] ... [ 715.379910][ T3942] lock_acquire+0x179/0x350 [ 715.382216][ T3942] _raw_read_lock+0x5f/0x70 [ 715.383682][ T3942] __do_wait+0x105/0x890 [ 715.385126][ T3942] do_wait+0x21e/0x5a0 [ 715.386553][ T3942] kernel_wait+0x9f/0x160 [ 715.387981][ T3942] call_usermodehelper_exec_work+0xf1/0x170 [ 715.389864][ T3942] process_one_work+0x9cc/0x1b70 [ 715.391465][ T3942] worker_thread+0x6c8/0xf10 [ 715.392954][ T3942] kthread+0x3c5/0x780 [ 715.394287][ T3942] ret_from_fork+0x5d4/0x6f0 [ 715.395790][ T3942] ret_from_fork_asm+0x1a/0x30 [ 715.397325][ T3942] [ 715.397325][ T3942] other info that might help us debug this: [ 715.397325][ T3942] [ 715.400464][ T3942] Chain exists of: [ 715.400464][ T3942] &dev->event_lock#2 --> &client->buffer_lock --> tasklist_lock [ 715.400464][ T3942] [ 715.404582][ T3942] Possible interrupt unsafe locking scenario: [ 715.404582][ T3942] [ 715.407131][ T3942] CPU0 CPU1 [ 715.408800][ T3942] ---- ---- [ 715.410481][ T3942] lock(tasklist_lock); [ 715.411827][ T3942] local_irq_disable(); [ 715.413908][ T3942] lock(&dev->event_lock#2); [ 715.416155][ T3942] lock(&client->buffer_lock); [ 715.418474][ T3942] [ 715.419592][ T3942] lock(&dev->event_lock#2); [ 715.421109][ T3942] [ 715.421109][ T3942] *** DEADLOCK *** [ 715.421109][ T3942] [ 715.423710][ T3942] 7 locks held by syz.6.13431/3942: [ 715.425360][ T3942] #0: ffff888025d9c118 (&evdev->mutex){+.+.}-{4:4}, at: evdev_write+0x184/0x440 [ 715.428195][ T3942] #1: ffff8880430f7230 (&dev->event_lock#2){..-.}-{3:3}, at: input_inject_event+0x9f/0x3b0 [ 715.431234][ T3942] #2: ffffffff8e5c1060 (rcu_read_lock){....}-{1:3}, at: input_inject_event+0xbb/0x3b0 [ 715.434192][ T3942] #3: ffffffff8e5c1060 (rcu_read_lock){....}-{1:3}, at: input_pass_values+0x80/0x880 [ 715.437161][ T3942] #4: ffffffff8e5c1060 (rcu_read_lock){....}-{1:3}, at: evdev_events+0x7b/0x390 [ 715.440110][ T3942] #5: ffff8880702b8028 (&client->buffer_lock){....}-{3:3}, at: evdev_pass_values+0x10e/0x9b0 [ 715.443361][ T3942] #6: ffffffff8e5c1060 (rcu_read_lock){....}-{1:3}, at: kill_fasync+0x62/0x510 [ 715.446239][ T3942] [ 715.446239][ T3942] the dependencies between SOFTIRQ-irq-safe lock and the holding lock: [ 715.449464][ T3942] -> (&dev->event_lock#2){..-.}-{3:3} { [ 715.451261][ T3942] IN-SOFTIRQ-W at: [ 715.452560][ T3942] lock_acquire+0x179/0x350 [ 715.454562][ T3942] _raw_spin_lock_irqsave+0x3a/0x60 [ 715.456747][ T3942] input_inject_event+0x9f/0x3b0 [ 715.458864][ T3942] led_set_brightness+0x217/0x290 [ 715.460992][ T3942] led_trigger_event+0xda/0x270 [ 715.463099][ T3942] kbd_bh+0x21b/0x300 [ 715.464907][ T3942] tasklet_action_common+0x284/0x400 [ 715.467153][ T3942] handle_softirqs+0x219/0x8e0 [ 715.469210][ T3942] run_ksoftirqd+0x3a/0x60 [ 715.471186][ T3942] smpboot_thread_fn+0x3f4/0xae0 [ 715.473300][ T3942] kthread+0x3c5/0x780 [ 715.475168][ T3942] ret_from_fork+0x5d4/0x6f0 [ 715.477185][ T3942] ret_from_fork_asm+0x1a/0x30 [ 715.479246][ T3942] INITIAL USE at: [ 715.480547][ T3942] lock_acquire+0x179/0x350 [ 715.482520][ T3942] _raw_spin_lock_irqsave+0x3a/0x60 [ 715.484693][ T3942] input_inject_event+0x9f/0x3b0 [ 715.486791][ T3942] led_set_brightness+0x217/0x290 [ 715.489015][ T3942] kbd_led_trigger_activate+0xcb/0x110 [ 715.491275][ T3942] led_trigger_set+0x59a/0xc50 [ 715.493288][ T3942] led_trigger_set_default+0x1e0/0x2e0 [ 715.495630][ T3942] led_classdev_register_ext+0x7b8/0xa10 [ 715.497952][ T3942] input_leds_connect+0x552/0x8e0 [ 715.500081][ T3942] input_attach_handler.isra.0+0x176/0x250 [ 715.502460][ T3942] input_register_device+0xab9/0x1180 [ 715.504686][ T3942] atkbd_connect+0x5f8/0xa40 [ 715.506783][ T3942] serio_driver_probe+0x7f/0xd0 [ 715.508851][ T3942] really_probe+0x23e/0xa90 [ 715.510803][ T3942] __driver_probe_device+0x1de/0x440 [ 715.513068][ T3942] driver_probe_device+0x4c/0x1b0 [ 715.515164][ T3942] __driver_attach+0x283/0x580 [ 715.517231][ T3942] bus_for_each_dev+0x13e/0x1d0 [ 715.519318][ T3942] serio_handle_event+0x335/0xc30 [ 715.521438][ T3942] process_one_work+0x9cc/0x1b70 [ 715.523542][ T3942] worker_thread+0x6c8/0xf10 [ 715.525554][ T3942] kthread+0x3c5/0x780 [ 715.527398][ T3942] ret_from_fork+0x5d4/0x6f0 [ 715.529548][ T3942] ret_from_fork_asm+0x1a/0x30 [ 715.531832][ T3942] } [ 715.532779][ T3942] ... key at: [] __key.7+0x0/0x40 [ 715.535095][ T3942] -> (&client->buffer_lock){....}-{3:3} { [ 715.536910][ T3942] INITIAL USE at: [ 715.538162][ T3942] lock_acquire+0x179/0x350 [ 715.540060][ T3942] _raw_spin_lock+0x2e/0x40 [ 715.542108][ T3942] evdev_pass_values+0x10e/0x9b0 [ 715.544188][ T3942] evdev_events+0x1bb/0x390 [ 715.546122][ T3942] input_pass_values+0x74e/0x880 [ 715.548138][ T3942] input_handle_event+0xf00/0x14d0 [ 715.550236][ T3942] input_inject_event+0x1e8/0x3b0 [ 715.552402][ T3942] evdev_write+0x2e1/0x440 [ 715.554372][ T3942] vfs_write+0x29d/0x11d0 [ 715.556242][ T3942] ksys_write+0x1f8/0x250 [ 715.558136][ T3942] __do_fast_syscall_32+0x7c/0x3a0 [ 715.560270][ T3942] do_fast_syscall_32+0x32/0x80 [ 715.562334][ T3942] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 715.565015][ T3942] } [ 715.565927][ T3942] ... key at: [] __key.1+0x0/0x40 [ 715.568201][ T3942] ... acquired at: [ 715.569419][ T3942] _raw_spin_lock+0x2e/0x40 [ 715.570925][ T3942] evdev_pass_values+0x10e/0x9b0 [ 715.572547][ T3942] evdev_events+0x1bb/0x390 [ 715.574035][ T3942] input_pass_values+0x74e/0x880 [ 715.575658][ T3942] input_handle_event+0xf00/0x14d0 [ 715.577376][ T3942] input_inject_event+0x1e8/0x3b0 [ 715.578971][ T3942] evdev_write+0x2e1/0x440 [ 715.580349][ T3942] vfs_write+0x29d/0x11d0 [ 715.581747][ T3942] ksys_write+0x1f8/0x250 [ 715.583196][ T3942] __do_fast_syscall_32+0x7c/0x3a0 [ 715.584863][ T3942] do_fast_syscall_32+0x32/0x80 [ 715.586529][ T3942] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 715.588567][ T3942] [ 715.589339][ T3942] [ 715.589339][ T3942] the dependencies between the lock to be acquired [ 715.589345][ T3942] and SOFTIRQ-irq-unsafe lock: [ 715.593596][ T3942] -> (tasklist_lock){.+.+}-{3:3} { [ 715.595481][ T3942] HARDIRQ-ON-R at: [ 715.596813][ T3942] lock_acquire+0x179/0x350 [ 715.598766][ T3942] _raw_read_lock+0x5f/0x70 [ 715.600796][ T3942] __do_wait+0x105/0x890 [ 715.602969][ T3942] do_wait+0x21e/0x5a0 [ 715.605004][ T3942] kernel_wait+0x9f/0x160 [ 715.607015][ T3942] call_usermodehelper_exec_work+0xf1/0x170 [ 715.609446][ T3942] process_one_work+0x9cc/0x1b70 [ 715.611698][ T3942] worker_thread+0x6c8/0xf10 [ 715.613894][ T3942] kthread+0x3c5/0x780 [ 715.615875][ T3942] ret_from_fork+0x5d4/0x6f0 [ 715.617972][ T3942] ret_from_fork_asm+0x1a/0x30 [ 715.620252][ T3942] SOFTIRQ-ON-R at: [ 715.621626][ T3942] lock_acquire+0x179/0x350 [ 715.623916][ T3942] _raw_read_lock+0x5f/0x70 [ 715.626040][ T3942] __do_wait+0x105/0x890 [ 715.628088][ T3942] do_wait+0x21e/0x5a0 [ 715.630038][ T3942] kernel_wait+0x9f/0x160 [ 715.632168][ T3942] call_usermodehelper_exec_work+0xf1/0x170 [ 715.634733][ T3942] process_one_work+0x9cc/0x1b70 [ 715.636980][ T3942] worker_thread+0x6c8/0xf10 [ 715.639221][ T3942] kthread+0x3c5/0x780 [ 715.641228][ T3942] ret_from_fork+0x5d4/0x6f0 [ 715.643344][ T3942] ret_from_fork_asm+0x1a/0x30 [ 715.645584][ T3942] INITIAL USE at: [ 715.646891][ T3942] lock_acquire+0x179/0x350 [ 715.648903][ T3942] _raw_write_lock_irq+0x36/0x50 [ 715.651001][ T3942] copy_process+0x4caf/0x7690 [ 715.653078][ T3942] kernel_clone+0xfc/0x930 [ 715.655060][ T3942] user_mode_thread+0xc7/0x110 [ 715.657139][ T3942] rest_init+0x23/0x2b0 [ 715.659049][ T3942] start_kernel+0x3ee/0x4d0 [ 715.661165][ T3942] x86_64_start_reservations+0x18/0x30 [ 715.663652][ T3942] x86_64_start_kernel+0x130/0x190 [ 715.665844][ T3942] common_startup_64+0x13e/0x148 [ 715.667981][ T3942] INITIAL READ USE at: [ 715.669412][ T3942] lock_acquire+0x179/0x350 [ 715.671554][ T3942] _raw_read_lock+0x5f/0x70 [ 715.673695][ T3942] __do_wait+0x105/0x890 [ 715.675821][ T3942] do_wait+0x21e/0x5a0 [ 715.677871][ T3942] kernel_wait+0x9f/0x160 [ 715.679976][ T3942] call_usermodehelper_exec_work+0xf1/0x170 [ 715.682545][ T3942] process_one_work+0x9cc/0x1b70 [ 715.684944][ T3942] worker_thread+0x6c8/0xf10 [ 715.687143][ T3942] kthread+0x3c5/0x780 [ 715.689148][ T3942] ret_from_fork+0x5d4/0x6f0 [ 715.691319][ T3942] ret_from_fork_asm+0x1a/0x30 [ 715.693518][ T3942] } [ 715.694391][ T3942] ... key at: [] tasklist_lock+0x18/0x40 [ 715.696760][ T3942] ... acquired at: [ 715.698008][ T3942] _raw_read_lock+0x5f/0x70 [ 715.699495][ T3942] send_sigurg+0xed/0xc80 [ 715.701104][ T3942] sk_send_sigurg+0x76/0x360 [ 715.702673][ T3942] unix_stream_sendmsg+0xfa5/0x1340 [ 715.704376][ T3942] ____sys_sendmsg+0xa95/0xc70 [ 715.705937][ T3942] ___sys_sendmsg+0x134/0x1d0 [ 715.707520][ T3942] __sys_sendmsg+0x16d/0x220 [ 715.709040][ T3942] __do_fast_syscall_32+0x7c/0x3a0 [ 715.710748][ T3942] do_fast_syscall_32+0x32/0x80 [ 715.712382][ T3942] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 715.714433][ T3942] [ 715.715207][ T3942] -> (&f_owner->lock){....}-{3:3} { [ 715.716895][ T3942] INITIAL USE at: [ 715.718170][ T3942] lock_acquire+0x179/0x350 [ 715.720357][ T3942] _raw_write_lock_irq+0x36/0x50 [ 715.722457][ T3942] __f_setown+0x61/0x3c0 [ 715.724352][ T3942] generic_setlease+0xeef/0x1300 [ 715.726434][ T3942] kernel_setlease+0x106/0x140 [ 715.728515][ T3942] vfs_setlease+0x258/0x2d0 [ 715.730485][ T3942] fcntl_setlease+0x3ed/0x5a0 [ 715.732549][ T3942] do_fcntl+0x751/0x15a0 [ 715.734441][ T3942] do_compat_fcntl64+0x367/0x710 [ 715.736551][ T3942] __do_fast_syscall_32+0x7c/0x3a0 [ 715.738775][ T3942] do_fast_syscall_32+0x32/0x80 [ 715.740831][ T3942] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 715.743352][ T3942] INITIAL READ USE at: [ 715.744764][ T3942] lock_acquire+0x179/0x350 [ 715.746865][ T3942] _raw_read_lock_irqsave+0x74/0x90 [ 715.749159][ T3942] send_sigio+0x31/0x3e0 [ 715.751177][ T3942] dnotify_handle_event+0x15e/0x2b0 [ 715.753475][ T3942] fsnotify_handle_inode_event.isra.0+0x1e2/0x3f0 [ 715.756172][ T3942] fsnotify+0x13d6/0x1dc0 [ 715.758190][ T3942] vfs_set_acl+0x7d8/0x930 [ 715.760197][ T3942] do_set_acl+0x14c/0x1a0 [ 715.762240][ T3942] do_setxattr+0xeb/0x180 [ 715.764277][ T3942] filename_setxattr+0x16b/0x1d0 [ 715.766513][ T3942] path_setxattrat+0x1de/0x2a0 [ 715.768697][ T3942] __ia32_sys_lsetxattr+0xc7/0x140 [ 715.770993][ T3942] __do_fast_syscall_32+0x7c/0x3a0 [ 715.773284][ T3942] do_fast_syscall_32+0x32/0x80 [ 715.775481][ T3942] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 715.778131][ T3942] } [ 715.778983][ T3942] ... key at: [] __key.1+0x0/0x40 [ 715.781264][ T3942] ... acquired at: [ 715.782517][ T3942] _raw_read_lock_irqsave+0x74/0x90 [ 715.784225][ T3942] send_sigio+0x31/0x3e0 [ 715.785675][ T3942] kill_fasync+0x214/0x510 [ 715.787172][ T3942] lease_break_callback+0x23/0x30 [ 715.788815][ T3942] __break_lease+0x671/0x1810 [ 715.790571][ T3942] do_dentry_open+0x91f/0x1530 [ 715.792282][ T3942] vfs_open+0x82/0x3f0 [ 715.793612][ T3942] path_openat+0x1de4/0x2cb0 [ 715.795140][ T3942] do_filp_open+0x20b/0x470 [ 715.796663][ T3942] do_sys_openat2+0x11b/0x1d0 [ 715.798216][ T3942] __ia32_compat_sys_open+0x146/0x1e0 [ 715.799952][ T3942] __do_fast_syscall_32+0x7c/0x3a0 [ 715.801631][ T3942] do_fast_syscall_32+0x32/0x80 [ 715.803288][ T3942] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 715.805325][ T3942] [ 715.806113][ T3942] -> (&new->fa_lock){....}-{3:3} { [ 715.807698][ T3942] INITIAL USE at: [ 715.808936][ T3942] lock_acquire+0x179/0x350 [ 715.810851][ T3942] _raw_write_lock_irq+0x36/0x50 [ 715.812880][ T3942] fasync_remove_entry+0xb2/0x1e0 [ 715.814944][ T3942] fasync_helper+0xaf/0xd0 [ 715.816831][ T3942] lease_modify+0x232/0x500 [ 715.818919][ T3942] locks_remove_file+0x29e/0x5c0 [ 715.820981][ T3942] __fput+0x351/0xb70 [ 715.822753][ T3942] task_work_run+0x150/0x240 [ 715.824719][ T3942] exit_to_user_mode_loop+0xeb/0x110 [ 715.826930][ T3942] __do_fast_syscall_32+0x2ac/0x3a0 [ 715.829064][ T3942] do_fast_syscall_32+0x32/0x80 [ 715.831129][ T3942] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 715.833614][ T3942] INITIAL READ USE at: [ 715.834943][ T3942] lock_acquire+0x179/0x350 [ 715.836955][ T3942] _raw_read_lock_irqsave+0x74/0x90 [ 715.839245][ T3942] kill_fasync+0x138/0x510 [ 715.841276][ T3942] anon_pipe_write+0x418/0x1a90 [ 715.843439][ T3942] fifo_pipe_write+0x24/0x530 [ 715.845531][ T3942] vfs_write+0x7d0/0x11d0 [ 715.847537][ T3942] ksys_write+0x1f8/0x250 [ 715.849519][ T3942] __do_fast_syscall_32+0x7c/0x3a0 [ 715.851754][ T3942] do_fast_syscall_32+0x32/0x80 [ 715.853899][ T3942] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 715.856527][ T3942] } [ 715.857357][ T3942] ... key at: [] __key.0+0x0/0x40 [ 715.859582][ T3942] ... acquired at: [ 715.860806][ T3942] lock_acquire+0x179/0x350 [ 715.862311][ T3942] _raw_read_lock_irqsave+0x74/0x90 [ 715.864021][ T3942] kill_fasync+0x138/0x510 [ 715.865498][ T3942] evdev_pass_values+0x619/0x9b0 [ 715.867139][ T3942] evdev_events+0x1bb/0x390 [ 715.868644][ T3942] input_pass_values+0x74e/0x880 [ 715.870293][ T3942] input_handle_event+0xf00/0x14d0 [ 715.871979][ T3942] input_inject_event+0x1e8/0x3b0 [ 715.873625][ T3942] evdev_write+0x2e1/0x440 [ 715.875101][ T3942] vfs_write+0x29d/0x11d0 [ 715.876548][ T3942] ksys_write+0x1f8/0x250 [ 715.877993][ T3942] __do_fast_syscall_32+0x7c/0x3a0 [ 715.879685][ T3942] do_fast_syscall_32+0x32/0x80 [ 715.881286][ T3942] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 715.883344][ T3942] [ 715.884124][ T3942] [ 715.884124][ T3942] stack backtrace: [ 715.885998][ T3942] CPU: 0 UID: 0 PID: 3942 Comm: syz.6.13431 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) [ 715.886013][ T3942] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 715.886021][ T3942] Call Trace: [ 715.886026][ T3942] [ 715.886031][ T3942] dump_stack_lvl+0x116/0x1f0 [ 715.886046][ T3942] check_irq_usage+0x7dc/0x920 [ 715.886059][ T3942] ? tracing_record_taskinfo_sched_switch+0x54/0x400 [ 715.886094][ T3942] ? check_path.constprop.0+0x24/0x50 [ 715.886110][ T3942] ? __lock_acquire+0x12bc/0x1ce0 [ 715.886123][ T3942] __lock_acquire+0x12bc/0x1ce0 [ 715.886140][ T3942] lock_acquire+0x179/0x350 [ 715.886154][ T3942] ? kill_fasync+0x138/0x510 [ 715.886171][ T3942] _raw_read_lock_irqsave+0x74/0x90 [ 715.886184][ T3942] ? kill_fasync+0x138/0x510 [ 715.886199][ T3942] kill_fasync+0x138/0x510 [ 715.886215][ T3942] evdev_pass_values+0x619/0x9b0 [ 715.886234][ T3942] evdev_events+0x1bb/0x390 [ 715.886244][ T3942] input_pass_values+0x74e/0x880 [ 715.886256][ T3942] input_handle_event+0xf00/0x14d0 [ 715.886265][ T3942] ? _copy_from_user+0x59/0xd0 [ 715.886284][ T3942] input_inject_event+0x1e8/0x3b0 [ 715.886295][ T3942] evdev_write+0x2e1/0x440 [ 715.886306][ T3942] ? __pfx_evdev_write+0x10/0x10 [ 715.886315][ T3942] ? common_file_perm+0x1a9/0x340 [ 715.886329][ T3942] ? bpf_lsm_file_permission+0x9/0x10 [ 715.886345][ T3942] ? security_file_permission+0x71/0x210 [ 715.886361][ T3942] ? rw_verify_area+0xcf/0x6c0 [ 715.886372][ T3942] ? __pfx_evdev_write+0x10/0x10 [ 715.886381][ T3942] vfs_write+0x29d/0x11d0 [ 715.886394][ T3942] ? __pfx_vfs_write+0x10/0x10 [ 715.886405][ T3942] ? find_held_lock+0x2b/0x80 [ 715.886416][ T3942] ? __fget_files+0x204/0x3c0 [ 715.886429][ T3942] ? __fget_files+0x20e/0x3c0 [ 715.886442][ T3942] ksys_write+0x1f8/0x250 [ 715.886454][ T3942] ? __pfx_ksys_write+0x10/0x10 [ 715.886467][ T3942] ? rcu_is_watching+0x12/0xc0 [ 715.886479][ T3942] __do_fast_syscall_32+0x7c/0x3a0 [ 715.886494][ T3942] do_fast_syscall_32+0x32/0x80 [ 715.886508][ T3942] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 715.886522][ T3942] RIP: 0023:0xf7f44579 [ 715.886531][ T3942] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 715.886542][ T3942] RSP: 002b:00000000f546655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004 [ 715.886553][ T3942] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000040 [ 715.886560][ T3942] RDX: 0000000000001068 RSI: 0000000000000000 RDI: 0000000000000000 [ 715.886566][ T3942] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 715.886572][ T3942] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 715.886579][ T3942] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 715.886588][ T3942] [ 715.973635][ C0] vkms_vblank_simulate: vblank timer overrun [ 715.975987][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 715.978497][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 716.981300][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 716.983730][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 718.020919][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 718.023333][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 719.060252][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 719.062524][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 720.099730][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 720.101836][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 721.139231][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 721.141539][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 722.178744][ C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 722.181044][ C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 723.218142][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 723.220465][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 724.267722][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 724.270131][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 725.307079][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 725.309654][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available VM DIAGNOSIS: 17:55:30 Registers: info registers vcpu 0 CPU#0 RAX=000000000000002d RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff85613555 RDI=ffffffff9b0f6600 RBP=ffffffff9b0f65c0 RSP=ffffc9000751f2f0 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d R12=0000000000000000 R13=000000000000002d R14=ffffffff9b0f65c0 R15=ffffffff856134f0 RIP=ffffffff8561357f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff8880974c6000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f73cd6f8 CR3=000000004d0b0000 CR4=00352ef0 DR0=000000005ffffffd DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffff00 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=dffffc0000000000 RBX=ffff88802b3332a8 RCX=0000000000000001 RDX=1ffffffff1beafcd RSI=ffffffff8c162800 RDI=ffffffff8df57e68 RBP=0000000000000001 RSP=ffffc90002c1fd90 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000 R12=0000000000000001 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff81a04c75 RFL=00000283 [--S---C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007ff7e0951300 ffffffff 00c00000 GS =0000 ffff8880975c6000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000055ebb4e96000 CR3=000000004aca2000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 8275ffffffff8b8a 7e36ffffffff8b8a 7e18ffffffff8b8a 7bd8ffffffff8b8a ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 8618ffffffff8b8a 836dffffffff8b8a 835cffffffff8b8a 82fdffffffff8b8a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 8992ffffffff8b8a 8774ffffffff8b8a 8742ffffffff8b8a 8722ffffffff8b8a ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4a91ffffffff8b8e 4a54ffffffff8b8e 1762ffffffff8b8e 1634ffffffff8b8e ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1498ffffffff8b8e 0be3ffffffff8b8e 0b87ffffffff8b8e 0b6cffffffff8b8e ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0a63ffffffff8b8e 0997ffffffff8b8e 0989ffffffff8b8e 096effffffff8b8e ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 090dffffffff8b8a 8d84ffffffff8b8a 8c0fffffffff8b8a 89d0ffffffff8b8a ZMM24=da13cd32da13cd32 da13cd32da13cd32 da13cd32da13cd32 da13cd32da13cd32 da13cd32da13cd32 da13cd32da13cd32 da13cd32da13cd32 da13cd32da13cd32 ZMM25=a013758ca013758c a013758ca013758c a013758ca013758c a013758ca013758c a013758ca013758c a013758ca013758c a013758ca013758c a013758ca013758c ZMM26=9ac1f01a9ac1f01a 9ac1f01a9ac1f01a 9ac1f01a9ac1f01a 9ac1f01a9ac1f01a 9ac1f01a9ac1f01a 9ac1f01a9ac1f01a 9ac1f01a9ac1f01a 9ac1f01a9ac1f01a ZMM27=1e7074be1e7074be 1e7074be1e7074be 1e7074be1e7074be 1e7074be1e7074be 1e7074be1e7074be 1e7074be1e7074be 1e7074be1e7074be 1e7074be1e7074be ZMM28=00000100000000ff 000000fe000000fd 000000fc000000fb 000000fa000000f9 000000f8000000f7 000000f6000000f5 000000f4000000f3 000000f2000000f1 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=6767000067670000 6767000067670000 6767000067670000 6767000067670000 6767000067670000 6767000067670000 6767000067670000 6767000067670000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=ffff88806ef1e140 RCX=ffff88806ef1fe00 RDX=0000000000000000 RSI=ffff88806ef1e140 RDI=ffffed100dde3c28 RBP=ffffffff89630794 RSP=ffffc90000538198 R8 =0000000000000140 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000012 R12=ffff888041efa8c0 R13=0000000000212110 R14=ffffea0001bbc780 R15=0000000000000000 RIP=ffffffff82206968 RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff8880976c6000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000056ffb4c0 CR3=0000000073128000 CR4=00352ef0 DR0=000000005ffffffd DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 EAX=81859c90 EBX=ffffffff ECX=ffffffff EDX=81859c90 ESI=00000000 EDI=ffffffff EBP=f6d12198 ESP=ff861db0 EIP=f70d7ca9 EFL=00000246 [---Z-P-] CPL=3 II=0 A20=1 SMM=0 HLT=0 ES =002b 00000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0023 00000000 ffffffff 00c0fb00 DPL=3 CS32 [-RA] SS =002b 00000000 ffffffff 00c0f300 DPL=3 DS [-WA] DS =002b 00000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 00000000 ffffffff 00c00000 GS =0063 56eb1440 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 00000000 ffffffff 00c00000 TR =0040 000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000002e203ff8 CR3=0000000077687000 CR4=00352ef0 DR0=000000005ffffffd DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000