last executing test programs: 1m53.026175988s ago: executing program 0 (id=10953): r0 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0x3) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000180)=0x3) 1m52.788788577s ago: executing program 0 (id=10962): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000080)=[@in6={0xa, 0x4e20, 0x8, @private0={0xfc, 0x0, '\x00', 0x1}, 0x5}], 0x1c) getpeername(r0, 0x0, 0x0) 1m51.871463478s ago: executing program 0 (id=10968): r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000240)='/sys/fs/nfs', 0x0, 0x0) getdents(r0, 0x0, 0x0) openat$cgroup_ro(r0, &(0x7f0000000280)='cpuset.memory_pressure\x00', 0x0, 0x0) 1m51.871083117s ago: executing program 0 (id=10969): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$nfs4(&(0x7f0000000040)='/', &(0x7f0000000080)='./file0\x00', 0x0, 0x197841, 0x0) umount2(&(0x7f0000000100)='./file0\x00', 0xc) 1m51.827629209s ago: executing program 0 (id=10970): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000001c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0xffffffff}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x1f, 0x11, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a8000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a700000095"], &(0x7f0000000b00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) 1m51.3208988s ago: executing program 0 (id=10973): r0 = openat$pmem0(0xffffffffffffff9c, &(0x7f0000002340), 0x80d01, 0x0) pwrite64(r0, &(0x7f0000000000)="a5", 0xfffffe8c, 0x2) ioctl$BLKZEROOUT(r0, 0x127f, &(0x7f0000000100)={0xa00, 0xa0000}) 1m51.29585227s ago: executing program 32 (id=10973): r0 = openat$pmem0(0xffffffffffffff9c, &(0x7f0000002340), 0x80d01, 0x0) pwrite64(r0, &(0x7f0000000000)="a5", 0xfffffe8c, 0x2) ioctl$BLKZEROOUT(r0, 0x127f, &(0x7f0000000100)={0xa00, 0xa0000}) 1m31.577246543s ago: executing program 2 (id=11521): r0 = openat$pmem0(0xffffffffffffff9c, &(0x7f0000002340), 0x80d01, 0x0) ioctl$BLKPG(r0, 0x1269, &(0x7f00000001c0)={0x1, 0x0, 0x98, &(0x7f00000000c0)={0x0, 0x1000, 0xd}}) ioctl$BLKPG(r0, 0x1269, &(0x7f00000001c0)={0x2, 0x0, 0x98, &(0x7f00000000c0)={0x400, 0x1000, 0xd}}) 1m31.406539749s ago: executing program 2 (id=11522): r0 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10) sendmsg$tipc(r0, &(0x7f0000000280)={&(0x7f0000000040)=@name={0x1e, 0x2, 0x1, {{0x1}, 0x3}}, 0x10, 0x0}, 0x0) 1m31.406180428s ago: executing program 2 (id=11523): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000f40)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x2000c881}, 0x40014) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000700000a5c000000060a030400000000000000000a0000050900010073797a3100000000300004802c0001800b000100736f636b657400001c0002800800a8c5a2f000d3080002400000001708000140000000200900020073797a32"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x20008040) 1m31.259917345s ago: executing program 2 (id=11526): r0 = syz_open_dev$amidi(&(0x7f0000000100), 0x2, 0x181) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000000), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}}) 1m31.185480524s ago: executing program 2 (id=11530): mkdir(&(0x7f0000005800)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f00000000c0)='sysfs\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000200)='./file0/bus\x00', &(0x7f00000001c0)='sysfs\x00', 0x0, 0x0) 1m31.179947176s ago: executing program 2 (id=11533): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000b80), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_TSINFO_GET(r0, &(0x7f0000000f40)={0x0, 0x0, &(0x7f0000000f00)={&(0x7f0000000d00)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010727bd7000fbdbdf25190000002000018008000300040000001400020067726574617030"], 0x34}, 0x1, 0x0, 0x0, 0x4040894}, 0x4040094) 1m14.47918162s ago: executing program 33 (id=11533): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000b80), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_TSINFO_GET(r0, &(0x7f0000000f40)={0x0, 0x0, &(0x7f0000000f00)={&(0x7f0000000d00)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010727bd7000fbdbdf25190000002000018008000300040000001400020067726574617030"], 0x34}, 0x1, 0x0, 0x0, 0x4040894}, 0x4040094) 1m2.118143009s ago: executing program 4 (id=12196): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @match={{0xa}, @val={0x18, 0x2, 0x0, 0x1, [@NFTA_MATCH_REV={0x8}, @NFTA_MATCH_INFO={0x4}, @NFTA_MATCH_NAME={0x8, 0x1, 'bpf\x00'}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x80}}, 0x4048010) 1m2.117192415s ago: executing program 4 (id=12198): r0 = openat$sndseq(0xffffff9c, &(0x7f0000001240), 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a45320, &(0x7f00000000c0)={{0x80, 0xff}, 'port0\x00', 0x3eb, 0x21e3f, 0x10, 0x0, 0x3, 0x5, 0x400, 0x0, 0xa}) openat$sequencer2(0xffffff9c, &(0x7f0000000280), 0xe0190, 0x0) 1m2.036442492s ago: executing program 4 (id=12201): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000040)=@req3={0x410000, 0x100000001, 0x210000, 0x1, 0xa, 0x401}, 0x1c) sendto$packet(r0, 0x0, 0x0, 0x4000881, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0xcf, 0x6, @local}, 0x14) 1m1.959740257s ago: executing program 4 (id=12206): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_VENDOR(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000002b40)={0x30, r0, 0x701, 0x0, 0x0, {{}, {@void, @void, @val={0xc, 0x99, {0x401, 0x75}}}}, [@NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0xfffffff7}, @NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0xa}]}, 0x30}}, 0x0) 1m1.890146629s ago: executing program 4 (id=12207): r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x100) fcntl$notify(r0, 0x402, 0x8000000b) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)=0x20) 1m1.890043946s ago: executing program 4 (id=12208): r0 = socket$pptp(0x18, 0x1, 0x2) bind$pptp(r0, &(0x7f0000000140)={0x18, 0x2, {0xfffe, @loopback}}, 0x1e) bind$pptp(r0, &(0x7f0000000000)={0x18, 0x2, {0x1, @loopback}}, 0x1e) 46.889380139s ago: executing program 34 (id=12208): r0 = socket$pptp(0x18, 0x1, 0x2) bind$pptp(r0, &(0x7f0000000140)={0x18, 0x2, {0xfffe, @loopback}}, 0x1e) bind$pptp(r0, &(0x7f0000000000)={0x18, 0x2, {0x1, @loopback}}, 0x1e) 1.668190833s ago: executing program 6 (id=14276): r0 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'ip6tnl0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000ac0)=@newqdisc={0x14c, 0x24, 0xf0b, 0x70bd2b, 0x25dfdbfd, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}, {0x7ff9}}, [@qdisc_kind_options=@q_choke={{0xa}, {0x11c, 0x2, [@TCA_CHOKE_STAB={0x104, 0x2, "bc501f300503d77fbe7533de051cd77b1a8e3fe8f1204c7e0ff6770d957e3a6e32fb7f3b98f4ef075ca55b8c13cb265b8a88000e17d655a15331a6930aa9e7d243cc187c6a6cf75a043ef7aeb8a68230632278ef98e3c2ac111354d88c738ecd156d79be5a2f4309975957f0bcb0f47ee92d8bda25ed824fd7ee7ebcdfe43a6acf8276da95940c23ef9823b37c848493604ef471ba4f60a7c75822e76ccf8617c693d9dfc0bd4f48ac287b145f71442a655203a6a13cd6046ef39f57e208032d8b849663df9d38171e219c418624a6797d2d81f24153bba0ad5cc2a903d5a33cb5f653258b39b5e4ae76f08789996dfc3acacdaa848f36a52b663a4449c3d3ca"}, @TCA_CHOKE_PARMS={0x14, 0x1, {0x9, 0x8, 0x30, 0x0, 0x2, 0x20, 0x7}}]}}]}, 0x14c}, 0x1, 0x0, 0x0, 0x40}, 0x0) 1.667833933s ago: executing program 6 (id=14278): socket$l2tp(0x2, 0x2, 0x73) r0 = socket$l2tp(0x2, 0x2, 0x73) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4820, @broadcast}, 0x10) 1.597112094s ago: executing program 6 (id=14282): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000004540), r0) sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r0, &(0x7f0000004640)={0x0, 0x0, &(0x7f0000004600)={&(0x7f0000004580)={0x48, r1, 0x36bc9ec053d6c199, 0x70bd2a, 0x5f47, {}, [@IEEE802154_ATTR_LLSEC_KEY_ID={0x5}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0202}}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x3}, @IEEE802154_ATTR_HW_ADDR={0xc}]}, 0x48}, 0x1, 0x0, 0x0, 0x40881}, 0x4040040) 1.538553995s ago: executing program 6 (id=14284): syz_usb_connect(0x1, 0x3d, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000bdce4208110f80106afc0000000109022b00010000000009043700022ee5cd0009058010ff037f790209050e0320000980070705ab0b78"], 0x0) r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) writev(r0, &(0x7f0000000000)=[{0x0}, {&(0x7f0000019080)='\x00\x00', 0x2}], 0x50) 640.90684ms ago: executing program 3 (id=14306): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x11, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000000000000000000040000850000002f000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000300)={r1, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000000)="b979ff03076003008cb89e08f086", 0x0, 0x20fe8, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) 456.405701ms ago: executing program 5 (id=14309): mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f0000000340), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0) listxattr(&(0x7f0000000840)='./file0\x00', 0x0, 0x0) 397.538511ms ago: executing program 3 (id=14310): r0 = syz_open_dev$vbi(&(0x7f0000000080), 0x1, 0x2) ioctl$VIDIOC_S_OUTPUT(r0, 0xc004562f, &(0x7f00000000c0)=0x1) ioctl$VIDIOC_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000240)={0x0, @bt={0x13, 0x7c5, 0x1, 0x2800, 0x80000000, 0x2, 0x5, 0xb, 0x8, 0x0, 0x722, 0x1, 0x7, 0x9, 0x2b, 0x0, {0x6, 0x1}, 0x9, 0xf1}}) 397.277142ms ago: executing program 1 (id=14311): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) sendmmsg$inet6(r0, &(0x7f0000000280)=[{{&(0x7f0000000200)={0xa, 0x4e20, 0x2, @private1, 0x3}, 0x1c, &(0x7f00000003c0)=[{&(0x7f0000000300)="14", 0x1}], 0x1}}, {{&(0x7f0000000140)={0xa, 0x4e23, 0x9, @remote, 0x1}, 0x1c, &(0x7f00000001c0)=[{&(0x7f0000000400)="91", 0x1}], 0x1}}], 0x2, 0x54) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, 0x0, 0x0) 396.996125ms ago: executing program 5 (id=14312): r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2) ioctl$VIDIOC_S_INPUT(r0, 0xc0045627, &(0x7f0000000100)=0x3) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000200)={0x0, @bt={0xe10, 0x870, 0x1, 0x1, 0xd59f80, 0x19f2, 0x3f, 0x19ef, 0x3, 0x3, 0x2800, 0x2800, 0x2, 0xd1, 0xc, 0x30, {0x8, 0xfffffff7}, 0xd0, 0x9}}) 393.657799ms ago: executing program 3 (id=14313): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x10, &(0x7f0000000080)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x8000}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@call={0x85, 0x0, 0x0, 0xe}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000003f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x20}, 0x15) 368.332832ms ago: executing program 1 (id=14314): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002ebd7001000000001400000018000180140002006e657464657673696d3000000000000005000b000100000005000c00000000000800100001800000080012"], 0x4c}, 0x1, 0x0, 0x0, 0x104}, 0x20000000) 360.259554ms ago: executing program 6 (id=14315): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mount$9p_virtio(&(0x7f0000000380), &(0x7f00000003c0)='./file0\x00', &(0x7f0000000480), 0x9, &(0x7f0000000000)={'trans=virtio,', {[{@access_any}]}}) openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0/file0\x00', 0x8000, 0x102) 279.086457ms ago: executing program 3 (id=14316): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000200)={@in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x4c, 0x0, "01deaba05ccc4fa00711be66bd584ecd190428efc9e569f4b222158b227692cebc00924f2deea371bafa061b8f2959b4b696b22e4881f40a0d8f4c2fdea78893bc2c160df3e41db4153cfd9221d01c79"}, 0xd8) setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000020, &(0x7f0000000040)=0xa, 0x1959cc36) 278.896198ms ago: executing program 1 (id=14317): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'aead\x00', 0x0, 0x0, 'authencesn(wp512-generic,cbc-camellia-aesni-avx2)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) 278.745271ms ago: executing program 3 (id=14318): mount$9p_virtio(&(0x7f0000000100), &(0x7f00000000c0)='.\x00', &(0x7f0000000000), 0x0, &(0x7f0000000200)={'trans=virtio,', {[{@access_any}]}}) r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='mountinfo\x00') read$FUSE(r0, &(0x7f0000002540)={0x2020}, 0x2020) 278.15277ms ago: executing program 6 (id=14319): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000180)={0x1f, 0xffffffffffffffff, 0x4}, 0x6) ioctl$sock_bt_hci(r0, 0x400448e7, 0x0) 274.006227ms ago: executing program 1 (id=14320): r0 = fsopen(&(0x7f0000000140)='ext3\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='test_dummy_encryption', &(0x7f0000002440)='v2\x00ul\x00\x00\x00]\xa67\x97 \xc9\xfc|\x85\xc6\x16>\xb7\xc4\a\xa2C\xe1:\x13\x00\x00\x00\x00\x00\x00\x00\n\xaf?4\xafq\x1d\xf6(\x81\x00\x00\x00\x00\x00\x00\x00\x15\x81\xd47\x8e\x86\xa2u~FC\x9c\xe3\x98\x87\x85\xf7\xa2\xb5\x12\x8cv\xe4_\x91\xc4G!mm\xec\xcf\xfb[\xd5Qf\x15\xfe\xc80\xad\xaa\xe9', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='test_dummy_encryption', &(0x7f0000000080)='v1\x00ul\x00\x00\x00\x00\x00loc\x00\x02\x00\x00\xb9\xbd\"\xeb.\xc7]\xa67\x97 \xc9\xfc|\x85o7Z\xdc}U\x8c\xdd\n\xaa?4\xafq\x1d\xf6(\xe6\x9em_\x1a\xbfDi\x15\x81\xd47\x8e\xd3O8mFC\x9c\xe3\x98\x87\x98\xf7\xa2\xb5\x12\x8cv\xe4_\x91\xa8\x97\bmm\f\xcf\xfb[\xd5Qf\x15\xfe\xc80\xad\xaa\xe9', 0x0) 178.349935ms ago: executing program 1 (id=14321): r0 = socket(0x848000000015, 0x805, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0x7, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x7f72}, 0x1c) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x1a}, 0x10}, 0x1c) 178.186905ms ago: executing program 3 (id=14322): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f00000001c0)={0x1f, 0xffff, 0x4}, 0x6) write$binfmt_misc(r0, &(0x7f0000000000), 0xd) 178.091913ms ago: executing program 1 (id=14323): syz_usb_connect(0x2, 0x2d, &(0x7f0000000540)=ANY=[@ANYBLOB="120100007516b7108c0d0e008f8e0018030109021b0001000000000904080001030000000905", @ANYBLOB="9fcf"], 0x0) r0 = syz_open_dev$evdev(&(0x7f0000003880), 0x4, 0x2) ioctl$EVIOCSKEYCODE(r0, 0x40084504, &(0x7f0000000700)=[0x2a]) 177.899476ms ago: executing program 5 (id=14324): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x121a03, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x3) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000100)=0x1) 79.878306ms ago: executing program 5 (id=14325): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x60081, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x15) ioctl$TCSETS(r0, 0x80044704, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x400000, 0x14, "3eccd8000000000000000010000000040100"}) 79.61886ms ago: executing program 5 (id=14326): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000007940), r0) sendmsg$IEEE802154_ASSOCIATE_REQ(r0, &(0x7f0000007a40)={0x0, 0x0, &(0x7f0000007a00)={&(0x7f0000007980)={0x14, r1, 0x801, 0x70bd2c, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x40011}, 0x80) 0s ago: executing program 5 (id=14327): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r0) sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000014c0)=ANY=[@ANYBLOB="50010000", @ANYRES16=r1, @ANYBLOB="010000000000fcdbdf250100000008000100000000000400048008000c8004000b800800020001000000200108801c000780080005000000000008001c001c870a5c080005000000000024000780080005000000000008000500000000000800050029c8"], 0x150}}, 0x0) 0s ago: executing program 5 (id=14328): write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x9, 0x4, 0x6, 0xfffa}, 0x1d, [0x1, 0xc95a, 0xfffffff3, 0x9, 0x80, 0x2, 0x3, 0x7f, 0x6, 0x4d, 0x39cc191a, 0x5c, 0x9, 0x3, 0x2, 0x0, 0x1006, 0x3, 0x0, 0x2a9, 0x4, 0x7, 0x4, 0x3c5b, 0x40001, 0x1ff, 0x1, 0x1, 0x1f461e2c, 0x7, 0xe661, 0x7fff, 0xb, 0x3, 0x7fff, 0x4c74, 0x80, 0x10800242, 0xffffffff, 0xbc, 0x0, 0x71, 0x2, 0x6, 0x3, 0x2, 0x5, 0x40, 0x8f, 0x6, 0x6, 0x3, 0x80092a3, 0x4, 0x1, 0x20000000, 0x82, 0x0, 0x7, 0x7, 0x8, 0x4, 0x7, 0x3], [0x10000007, 0xffff, 0x12f, 0x1283, 0x10, 0xfffffff3, 0x129432e6, 0xcb, 0xa14a, 0xd, 0x2bf, 0x2, 0x1000, 0xfffffffc, 0x0, 0x0, 0x7, 0x5, 0x2f, 0xe, 0x312, 0x1, 0x0, 0xfffffffe, 0x8, 0x4, 0x8000, 0x5, 0x3fe, 0x401, 0x40, 0x4, 0x4000fb, 0xffff8000, 0x8000, 0x5f31, 0x4, 0x1, 0x2, 0x2, 0x20009, 0x4, 0x9, 0x8, 0x9, 0x6, 0xe, 0xb, 0x1, 0x9, 0x9, 0x3, 0x555, 0x9, 0x1, 0x3, 0x9, 0xffffffff, 0x7, 0x753, 0x9, 0x48c93690, 0x42, 0x400004], [0x6, 0x6, 0x80000001, 0x2, 0xff, 0x40000100, 0x88d2, 0x9, 0x5, 0x7fff, 0x0, 0xb, 0xb, 0xa, 0x5, 0x1005, 0x0, 0x1f0, 0xfffffffd, 0x2, 0x86, 0x2, 0x9, 0x3e7, 0x9, 0x5, 0x202, 0x2, 0x800, 0x8, 0x5, 0x8001, 0x7, 0x38, 0x800003, 0x200, 0x3, 0x2, 0xcc52, 0x950bfaf, 0x1000, 0x3, 0x7, 0x53cf697b, 0xfffffff9, 0x6, 0xac8, 0xbf, 0x10002, 0x403, 0x7ff, 0x5, 0x0, 0x1, 0xffff, 0x0, 0x3, 0x1c, 0x120000, 0x3, 0x6, 0xaaed, 0x4, 0xff], [0x9, 0xbb31, 0x3, 0xb, 0x5, 0xfffffffe, 0x6, 0x5, 0x0, 0x3, 0x80ce7, 0x1ff, 0xf8e, 0x7, 0x5, 0x1003, 0x101, 0x810000, 0x6, 0x7fff, 0xffff, 0x4000e620, 0x2, 0x2, 0x1, 0x2, 0x14c, 0x60a7, 0x3, 0x4, 0xffffffff, 0x80000000, 0x7ff, 0x4, 0xc8, 0xee1, 0x0, 0xffff, 0x3, 0x7f, 0x100, 0x9602, 0x5, 0x2, 0xffff, 0x6, 0x1, 0x10080, 0x6, 0x8, 0x30b1d693, 0x5a2d, 0xc, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1c, 0x2, 0x200, 0xffff3441, 0xfff]}, 0x45c) syz_open_dev$dvb_frontend(&(0x7f0000000080), 0x0, 0x2) ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0) kernel console output (not intermixed with test programs): ] kmalloc-cg-2k 8028KB 9504KB [ 270.762133][ T376] kmalloc-cg-1k 2184KB 2784KB [ 270.762140][ T376] kmalloc-cg-512 1361KB 1376KB [ 270.762151][ T376] kmalloc-cg-256 363KB 448KB [ 270.762163][ T376] kmalloc-cg-128 210KB 268KB [ 270.762172][ T376] kmalloc-cg-64 59KB 92KB [ 270.762183][ T376] kmalloc-cg-32 48KB 168KB [ 270.762192][ T376] kmalloc-cg-16 7KB 28KB [ 270.762200][ T376] kmalloc-cg-8 20KB 36KB [ 270.762208][ T376] kmalloc-cg-192 65KB 92KB [ 270.762218][ T376] kmalloc-cg-96 48KB 84KB [ 270.762237][ T376] kmalloc-8k 5888KB 6176KB [ 270.762250][ T376] kmalloc-4k 25680KB 26592KB [ 270.762265][ T376] kmalloc-2k 12908KB 13728KB [ 270.762277][ T376] kmalloc-1k 6868KB 7200KB [ 270.762304][ T376] kmalloc-512 10421KB 11264KB [ 270.762320][ T376] kmalloc-256 4704KB 4856KB [ 270.762334][ T376] kmalloc-128 1637KB 1752KB [ 270.762353][ T376] kmalloc-64 3081KB 3264KB [ 270.762383][ T376] kmalloc-32 1792KB 2272KB [ 270.762396][ T376] kmalloc-16 425KB 496KB [ 270.762416][ T376] kmalloc-8 480KB 732KB [ 270.762446][ T376] kmalloc-192 1509KB 1820KB [ 270.762463][ T376] kmalloc-96 1617KB 1844KB [ 270.762471][ T376] kmem_cache_node 213KB 220KB [ 270.762479][ T376] kmem_cache 177KB 218KB [ 270.762491][ T376] oom-kill:constraint=CONSTRAINT_MEMORY_POLICY,nodemask=0,cpuset=/,mems_allowed=0-1,global_oom,task_memcg=/syz3,task=syz.3.11504,pid=376,uid=0 [ 270.871756][ T376] Out of memory (oom_kill_allocating_task): Killed process 376 (syz.3.11504) total-vm:104060kB, anon-rss:652kB, file-rss:22740kB, shmem-rss:0kB, UID:0 pgtables:108kB oom_score_adj:1000 [ 271.325923][ T40] audit: type=1326 audit(1780300689.959:22474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=501 comm="syz.1.11549" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf6ffef7c code=0x0 [ 271.758019][ T53] kernel write not supported for file /amidi2 (pid: 53 comm: kworker/1:1) [ 271.759694][ T521] support for cryptoloop has been removed. Use dm-crypt instead. [ 271.956295][ T534] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth1_vlan, syncid = 0, id = 0 [ 272.244533][ T557] ip6gretap0: entered promiscuous mode [ 272.282893][ T10] kernel write not supported for file /uinput (pid: 10 comm: kworker/0:1) [ 272.621126][ T606] F2FS-fs: Conflicting test_dummy_encryption options [ 273.191687][ T40] audit: type=1326 audit(1780300691.829:22475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=626 comm="syz.1.11594" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef7c code=0x7ffc0000 [ 273.205795][ T40] audit: type=1326 audit(1780300691.829:22476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=626 comm="syz.1.11594" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef7c code=0x7ffc0000 [ 273.213499][ T40] audit: type=1326 audit(1780300691.829:22477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=626 comm="syz.1.11594" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef7c code=0x7ffc0000 [ 273.227449][ T40] audit: type=1326 audit(1780300691.829:22478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=626 comm="syz.1.11594" exe="/syz-executor" sig=0 arch=40000003 syscall=340 compat=1 ip=0xf6ffef7c code=0x7ffc0000 [ 273.243421][ T40] audit: type=1326 audit(1780300691.829:22479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=626 comm="syz.1.11594" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef7c code=0x7ffc0000 [ 273.255663][ T40] audit: type=1326 audit(1780300691.829:22480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=626 comm="syz.1.11594" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef7c code=0x7ffc0000 [ 273.263030][ T40] audit: type=1326 audit(1780300691.829:22481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=626 comm="syz.1.11594" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef7c code=0x7ffc0000 [ 273.271354][ T40] audit: type=1326 audit(1780300691.829:22482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=626 comm="syz.1.11594" exe="/syz-executor" sig=0 arch=40000003 syscall=436 compat=1 ip=0xf6ffef7c code=0x7ffc0000 [ 273.279782][ T40] audit: type=1326 audit(1780300691.829:22483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=626 comm="syz.1.11594" exe="/syz-executor" sig=0 arch=40000003 syscall=252 compat=1 ip=0xf6ffef7c code=0x7ffc0000 [ 273.485740][ T54] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 273.538616][ T648] ptrace attach of "/syz-executor exec"[649] was attempted by "/syz-executor exec"[648] [ 273.573461][ T657] batadv0: entered promiscuous mode [ 273.580566][ T657] macsec1: entered promiscuous mode [ 273.582493][ T657] macsec1: entered allmulticast mode [ 273.584280][ T657] batadv0: entered allmulticast mode [ 273.587565][ T657] 8021q: adding VLAN 0 to HW filter on device macsec1 [ 273.591693][ T657] batadv0: left allmulticast mode [ 273.594600][ T657] batadv0: left promiscuous mode [ 273.645764][ T54] usb 6-1: Using ep0 maxpacket: 32 [ 273.652089][ T54] usb 6-1: New USB device found, idVendor=2304, idProduct=0222, bcdDevice=77.3f [ 273.654899][ T54] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 273.657764][ T54] usb 6-1: Product: syz [ 273.659219][ T54] usb 6-1: Manufacturer: syz [ 273.663056][ T54] usb 6-1: SerialNumber: syz [ 273.668533][ T54] usb 6-1: config 0 descriptor?? [ 273.690243][ T54] dvb-usb: found a 'Pinnacle 450e DVB-S USB2.0' in warm state. [ 273.693593][ T54] dvb-usb: bulk message failed: -22 (4/0) [ 273.696593][ T54] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0) [ 273.701174][ T54] dvb-usb: bulk message failed: -22 (5/0) [ 273.705365][ T54] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0) [ 273.733715][ T54] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 273.738397][ T54] dvbdev: DVB: registering new adapter (Pinnacle 450e DVB-S USB2.0) [ 273.741760][ T54] usb 6-1: media controller created [ 273.759352][ T54] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 273.807030][ T54] usb 6-1: selecting invalid altsetting 3 [ 273.809952][ T54] ttusb2: set interface to alts=3 failed [ 273.842355][ T54] DVB: Unable to find symbol tda10086_attach() [ 273.844957][ T54] dvb-usb: no frontend was attached by 'Pinnacle 450e DVB-S USB2.0' [ 273.849463][ T54] dvb-usb: bulk message failed: -22 (4/0) [ 273.851813][ T54] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0) [ 273.864943][ T54] dvb-usb: bulk message failed: -22 (5/0) [ 273.867482][ T54] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0) [ 273.871660][ T54] dvb-usb: Pinnacle 450e DVB-S USB2.0 successfully initialized and connected. [ 273.900433][ T629] ttusb2: i2c wr len=133 too high [ 273.907093][ T54] usb 6-1: USB disconnect, device number 7 [ 273.986713][ T54] dvb-usb: Pinnacle 450e DVB-S USB2.0 successfully deinitialized and disconnected. [ 273.989904][ T703] bridge0: adding interface bridge0 with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 274.002698][ T703] bridge0: port 2(bridge_slave_1) entered disabled state [ 274.006320][ T703] bridge0: port 1(bridge_slave_0) entered disabled state [ 274.011074][ T703] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check. [ 274.265020][ T731] netlink: 4 bytes leftover after parsing attributes in process `syz.4.11624'. [ 274.268970][ T731] netlink: 8 bytes leftover after parsing attributes in process `syz.4.11624'. [ 274.380795][ T40] audit: type=1326 audit(1780300693.019:22484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=741 comm="syz.3.11628" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf703ef7c code=0x0 [ 274.429397][ T746] netlink: 5 bytes leftover after parsing attributes in process `syz.4.11629'. [ 274.718480][ T772] lo speed is unknown, defaulting to 1000 [ 275.424939][ T827] netlink: 35 bytes leftover after parsing attributes in process `syz.1.11650'. [ 276.288081][ T868] usb usb8: usbfs: process 868 (syz.3.11662) did not claim interface 0 before use [ 276.473569][ T890] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 276.476839][ T890] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 276.983235][ T928] netem: change failed [ 277.012166][ T930] netlink: 8 bytes leftover after parsing attributes in process `syz.3.11690'. [ 277.186439][ T5608] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 286.357030][ T103] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 286.448998][ T103] netdevsim netdevsim2 netdevsim2 (unregistering): left allmulticast mode [ 286.456464][ T103] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 286.555214][ T103] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 286.633480][ T103] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 286.777023][ T103] dvmrp9: left allmulticast mode [ 287.281248][ T103] bond0 (unregistering): Released all slaves [ 287.289298][ T103] bond1 (unregistering): Released all slaves [ 287.302148][ T103] bond2 (unregistering): Released all slaves [ 287.314641][ T103] bond3 (unregistering): Released all slaves [ 287.327451][ T103] bond4 (unregistering): Released all slaves [ 287.335401][ T103] bond5 (unregistering): Released all slaves [ 287.342352][ T103] bond6 (unregistering): Released all slaves [ 287.349703][ T103] bond7 (unregistering): Released all slaves [ 287.497079][ T103] ÃM¯”ÛÓó: left promiscuous mode [ 287.514658][ T5453] 8021q: adding VLAN 0 to HW filter on device eth6 [ 287.579363][ T103] : left promiscuous mode [ 287.670727][ T5756] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 287.677166][ T5756] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 287.690112][ T5756] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 287.693885][ T103] tipc: Disabling bearer [ 287.697735][ T103] tipc: Left network mode [ 287.700238][ T5756] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 287.711542][ T5756] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 287.714893][ T5453] 8021q: adding VLAN 0 to HW filter on device eth7 [ 287.757504][ T1058] smc: net device vcan0 applied user defined pnetid SYZ1 [ 288.051612][ T5453] 8021q: adding VLAN 0 to HW filter on device eth8 [ 288.136314][ T1042] lo speed is unknown, defaulting to 1000 [ 288.219044][ T103] hsr_slave_1: left promiscuous mode [ 288.363581][ T40] kauditd_printk_skb: 10 callbacks suppressed [ 288.363597][ T40] audit: type=1326 audit(1780300706.999:22495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1190 comm="syz.1.11730" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf6ffef7c code=0x0 [ 288.437708][ T103] team0 (unregistering): Port device wg2 removed [ 288.516460][ T5453] 8021q: adding VLAN 0 to HW filter on device eth9 [ 288.538434][ T1220] netlink: 4 bytes leftover after parsing attributes in process `syz.4.11739'. [ 288.758606][ T1042] bridge0: port 1(bridge_slave_0) entered blocking state [ 288.762934][ T1042] bridge0: port 1(bridge_slave_0) entered disabled state [ 288.767511][ T1042] bridge_slave_0: entered allmulticast mode [ 288.771436][ T1042] bridge_slave_0: entered promiscuous mode [ 288.779657][ T1042] bridge0: port 2(bridge_slave_1) entered blocking state [ 288.789465][ T1042] bridge0: port 2(bridge_slave_1) entered disabled state [ 288.794905][ T1042] bridge_slave_1: entered allmulticast mode [ 288.803488][ T1042] bridge_slave_1: entered promiscuous mode [ 288.858897][ T1042] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 288.863651][ T1042] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 288.880877][ T1042] team0: Port device team_slave_0 added [ 288.884317][ T1042] team0: Port device team_slave_1 added [ 288.901706][ T1042] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 288.903835][ T1042] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 288.916086][ T1042] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 288.927385][ T1042] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 288.929484][ T1042] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 288.938206][ T1042] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 288.970746][ T1042] hsr_slave_0: entered promiscuous mode [ 288.973187][ T1042] hsr_slave_1: entered promiscuous mode [ 289.148704][ T1042] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 289.158273][ T1042] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 289.161887][ T1042] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 289.168331][ T1042] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 289.172274][ T1042] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 289.182080][ T1042] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 289.189239][ T1042] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 289.198428][ T1042] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 289.213519][ T1042] bridge0: port 2(bridge_slave_1) entered blocking state [ 289.216107][ T1042] bridge0: port 2(bridge_slave_1) entered forwarding state [ 289.218528][ T1042] bridge0: port 1(bridge_slave_0) entered blocking state [ 289.220691][ T1042] bridge0: port 1(bridge_slave_0) entered forwarding state [ 289.256515][ T1042] 8021q: adding VLAN 0 to HW filter on device bond0 [ 289.273259][ T1193] bridge0: port 1(bridge_slave_0) entered disabled state [ 289.279172][ T1193] bridge0: port 2(bridge_slave_1) entered disabled state [ 289.289204][ T1042] 8021q: adding VLAN 0 to HW filter on device team0 [ 289.299007][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 289.301786][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 289.308680][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 289.311034][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 289.398513][ T5901] usb 8-1: new high-speed USB device number 8 using dummy_hcd [ 289.556431][ T5901] usb 8-1: Using ep0 maxpacket: 32 [ 289.561173][ T5901] usb 8-1: unable to get BOS descriptor or descriptor too short [ 289.563163][ T1042] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 289.567237][ T5901] usb 8-1: config 8 has an invalid interface number: 188 but max is 0 [ 289.570790][ T5901] usb 8-1: config 8 has no interface number 0 [ 289.573305][ T5901] usb 8-1: config 8 interface 188 has no altsetting 0 [ 289.579440][ T5901] usb 8-1: string descriptor 0 read error: -22 [ 289.582359][ T5901] usb 8-1: New USB device found, idVendor=0ccd, idProduct=0102, bcdDevice=89.0e [ 289.586341][ T5901] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 289.599560][ T5901] dvb-usb: found a 'Terratec Cinergy S2 USB HD Rev.3' in warm state. [ 289.603779][ T5901] dw2102: su3000_power_ctrl: 1, initialized 0 [ 289.606707][ T5901] dvb-usb: bulk message failed: -22 (2/0) [ 289.638227][ T5901] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 289.651185][ T5901] dvbdev: DVB: registering new adapter (Terratec Cinergy S2 USB HD Rev.3) [ 289.654820][ T5901] usb 8-1: media controller created [ 289.658389][ T5901] dvb-usb: bulk message failed: -22 (6/0) [ 289.660843][ T5901] dw2102: i2c transfer failed. [ 289.662870][ T5901] dvb-usb: bulk message failed: -22 (6/0) [ 289.665348][ T5901] dw2102: i2c transfer failed. [ 289.669717][ T5901] dvb-usb: bulk message failed: -22 (6/0) [ 289.672104][ T5901] dw2102: i2c transfer failed. [ 289.674011][ T5901] dvb-usb: bulk message failed: -22 (6/0) [ 289.677111][ T5901] dw2102: i2c transfer failed. [ 289.681107][ T5901] dvb-usb: bulk message failed: -22 (6/0) [ 289.683454][ T5901] dw2102: i2c transfer failed. [ 289.686416][ T5901] dvb-usb: bulk message failed: -22 (6/0) [ 289.689330][ T5901] dw2102: i2c transfer failed. [ 289.691336][ T5901] dvb-usb: MAC address: 02:02:02:02:02:02 [ 289.715133][ T1584] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11773'. [ 289.717237][ T5901] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 289.747030][ T5901] dvb-usb: bulk message failed: -22 (3/0) [ 289.753379][ T5901] dw2102: command 0x0e transfer failed. [ 289.754913][ T1590] loop6: detected capacity change from 0 to 524287999 [ 289.757097][ T5901] dvb-usb: bulk message failed: -22 (3/0) [ 289.758695][ T1590] Buffer I/O error on dev loop6, logical block 0, async page read [ 289.760510][ T5901] dw2102: command 0x0e transfer failed. [ 289.763478][ T1590] Buffer I/O error on dev loop6, logical block 0, async page read [ 289.764753][ T1042] veth0_vlan: entered promiscuous mode [ 289.770014][ T1590] Buffer I/O error on dev loop6, logical block 0, async page read [ 289.772522][ T1590] Buffer I/O error on dev loop6, logical block 0, async page read [ 289.773648][ T1042] veth1_vlan: entered promiscuous mode [ 289.775367][ T1590] Buffer I/O error on dev loop6, logical block 0, async page read [ 289.782061][ T1590] Buffer I/O error on dev loop6, logical block 0, async page read [ 289.784896][ T1590] Buffer I/O error on dev loop6, logical block 0, async page read [ 289.785646][ T5757] Bluetooth: hci2: command tx timeout [ 289.787710][ T1590] Buffer I/O error on dev loop6, logical block 0, async page read [ 289.787756][ T1590] ldm_validate_partition_table(): Disk read failed. [ 289.787781][ T1590] Buffer I/O error on dev loop6, logical block 0, async page read [ 289.787871][ T1590] Buffer I/O error on dev loop6, logical block 0, async page read [ 289.788034][ T1590] Dev loop6: unable to read RDB block 0 [ 289.788265][ T1590] loop6: unable to read partition table [ 289.788365][ T1590] loop_reread_partitions: partition scan of loop6 (3Ÿ ¾x³˜CÖ) failed (rc=-5) [ 289.792775][ T1042] veth0_macvtap: entered promiscuous mode [ 289.821374][ T1042] veth1_macvtap: entered promiscuous mode [ 289.831706][ T1042] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 289.836284][ T1042] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 289.850405][ T12] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 289.853949][ T12] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 289.863184][ T12] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 289.867550][ T12] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 289.949070][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 289.952095][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 289.973585][ T1193] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 289.978241][ T1193] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 290.076380][ T5901] dvb-usb: bulk message failed: -22 (3/0) [ 290.080249][ T5901] dw2102: command 0x0e transfer failed. [ 290.084137][ T5901] dvb-usb: bulk message failed: -22 (3/0) [ 290.089104][ T5901] dw2102: command 0x0e transfer failed. [ 290.091962][ T5901] dvb-usb: bulk message failed: -22 (1/0) [ 290.094472][ T5901] dw2102: command 0x51 transfer failed. [ 290.098421][ T1497] dw2102: i2c rd: len=155 is too big! [ 290.098421][ T1497] [ 290.140890][ T5901] DVB: Unable to find symbol ds3000_attach() [ 290.142801][ T5901] dvb-usb: no frontend was attached by 'Terratec Cinergy S2 USB HD Rev.3' [ 290.163365][ T40] audit: type=1326 audit(1780300708.799:22496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1650 comm="syz.5.11787" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02f7c code=0x7ffc0000 [ 290.174885][ T40] audit: type=1326 audit(1780300708.799:22497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1650 comm="syz.5.11787" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02f7c code=0x7ffc0000 [ 290.182980][ T40] audit: type=1326 audit(1780300708.799:22498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1650 comm="syz.5.11787" exe="/syz-executor" sig=0 arch=40000003 syscall=322 compat=1 ip=0xf7f02f7c code=0x7ffc0000 [ 290.195704][ T5901] rc_core: IR keymap rc-su3000 not found [ 290.197834][ T5901] Registered IR keymap rc-empty [ 290.201211][ T5901] rc rc0: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.3/usb8/8-1/rc/rc0 [ 290.202505][ T40] audit: type=1326 audit(1780300708.799:22499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1650 comm="syz.5.11787" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02f7c code=0x7ffc0000 [ 290.208798][ T5901] input: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.3/usb8/8-1/rc/rc0/input39 [ 290.221797][ T40] audit: type=1326 audit(1780300708.799:22500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1650 comm="syz.5.11787" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02f7c code=0x7ffc0000 [ 290.221955][ T5901] dvb-usb: schedule remote query interval to 150 msecs. [ 290.231321][ T40] audit: type=1326 audit(1780300708.799:22501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1650 comm="syz.5.11787" exe="/syz-executor" sig=0 arch=40000003 syscall=326 compat=1 ip=0xf7f02f7c code=0x7ffc0000 [ 290.241062][ T5901] dw2102: su3000_power_ctrl: 0, initialized 1 [ 290.242381][ T40] audit: type=1326 audit(1780300708.799:22502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1650 comm="syz.5.11787" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02f7c code=0x7ffc0000 [ 290.243860][ T5901] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully initialized and connected. [ 290.277353][ T5901] usb 8-1: USB disconnect, device number 8 [ 290.298048][ T1677] tipc: Started in network mode [ 290.299188][ T5901] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully deinitialized and disconnected. [ 290.299720][ T1677] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711 [ 290.310273][ T1677] tipc: Enabled bearer , priority 10 [ 290.548010][ C0] sr 2:0:0:0: [sr0] tag#15 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 290.552351][ C0] sr 2:0:0:0: [sr0] tag#15 CDB: Regenerate(16) 82 5a 86 a5 26 a3 50 1f b1 dd 8d ff 3e 90 d6 f5 [ 291.219409][ T40] audit: type=1326 audit(1780300709.859:22503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1825 comm="syz.1.11842" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf6ffef7c code=0x0 [ 291.305590][ T53] tipc: Node number set to 1 [ 291.416114][ T29] usb 9-1: new high-speed USB device number 3 using dummy_hcd [ 291.589429][ T29] usb 9-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 291.592588][ T29] usb 9-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 291.598072][ T29] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 291.600989][ T29] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 291.604372][ T29] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 291.611449][ T29] usb 9-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 291.616794][ T29] usb 9-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 291.619995][ T29] usb 9-1: Product: syz [ 291.621489][ T29] usb 9-1: Manufacturer: syz [ 291.635890][ T29] cdc_wdm 9-1:1.0: skipping garbage [ 291.638227][ T29] cdc_wdm 9-1:1.0: skipping garbage [ 291.644384][ T29] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device [ 291.646804][ T29] cdc_wdm 9-1:1.0: Unknown control protocol [ 291.843926][ T29] usb 9-1: USB disconnect, device number 3 [ 291.865746][ T5757] Bluetooth: hci2: command tx timeout [ 291.921186][ T1889] netlink: 8 bytes leftover after parsing attributes in process `syz.3.11858'. [ 292.494658][ T1926] netlink: 8 bytes leftover after parsing attributes in process `syz.3.11873'. [ 292.497960][ T1926] netlink: 4 bytes leftover after parsing attributes in process `syz.3.11873'. [ 292.501746][ T1926] netlink: 'syz.3.11873': attribute type 12 has an invalid length. [ 292.538351][ T1935] random: crng reseeded on system resumption [ 292.763564][ T1970] netlink: 96 bytes leftover after parsing attributes in process `syz.5.11890'. [ 292.839000][ T1982] netlink: 264 bytes leftover after parsing attributes in process `syz.4.11894'. [ 292.880586][ T1992] IPVS: sync thread started: state = MASTER, mcast_ifn = bridge_slave_0, syncid = 1, id = 0 [ 292.940123][ T2002] overlayfs: conflicting lowerdir path [ 292.959238][ T2006] netlink: 8 bytes leftover after parsing attributes in process `syz.4.11903'. [ 292.964850][ T2006] netlink: 4 bytes leftover after parsing attributes in process `syz.4.11903'. [ 292.972600][ T2006] netlink: 'syz.4.11903': attribute type 11 has an invalid length. [ 293.043974][ T2024] netlink: 8 bytes leftover after parsing attributes in process `syz.4.11909'. [ 293.047556][ T2024] netlink: 'syz.4.11909': attribute type 14 has an invalid length. [ 293.056827][ T169] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 293.063314][ T169] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 293.068779][ T169] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 293.071904][ T169] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 293.145097][ T2038] kAFS: unable to lookup cell 'syz1' [ 293.148479][ T2038] kAFS: unable to lookup cell 'syz1' [ 293.306219][ T2062] ALSA: seq fatal error: cannot create timer (-22) [ 293.375607][ T53] usb 10-1: new low-speed USB device number 2 using dummy_hcd [ 293.417447][ T2080] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported [ 293.450584][ T2084] Option ' ' to dns_resolver key: bad/missing value [ 293.470258][ T2086] netlink: 'syz.3.11932': attribute type 3 has an invalid length. [ 293.525445][ T2093] vlan0: entered promiscuous mode [ 293.526839][ T53] usb 10-1: config 0 has an invalid interface number: 1 but max is 0 [ 293.528680][ T2093] bridge0: entered promiscuous mode [ 293.532149][ T53] usb 10-1: config 0 has no interface number 0 [ 293.537828][ T53] usb 10-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 293.541505][ T53] usb 10-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8 [ 293.546297][ T53] usb 10-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 293.549435][ T53] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 293.553376][ T53] usb 10-1: config 0 descriptor?? [ 293.556291][ T2032] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 293.563397][ T53] iowarrior 10-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 293.606536][ T2115] __nla_validate_parse: 2 callbacks suppressed [ 293.606553][ T2115] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11939'. [ 293.860580][ T5900] usb 10-1: USB disconnect, device number 2 [ 293.928907][ T2172] netlink: 12 bytes leftover after parsing attributes in process `syz.3.11953'. [ 293.937939][ T5757] Bluetooth: hci2: command tx timeout [ 293.945934][ T2172] ipvlan0: entered allmulticast mode [ 293.947585][ T2172] syz_tun: entered allmulticast mode [ 294.467202][ T2246] [U] VÔ3¸ÂFÙ¾"SÇÁ/ÉÊ4:ÃXTZ“W¡T‘’LWµ«= [ 294.469906][ T2246] [U] J"—E:ÀÆ" [ 294.477701][ T53] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 294.645617][ T53] usb 6-1: Using ep0 maxpacket: 8 [ 294.656428][ T53] usb 6-1: config 0 has no interfaces? [ 294.658614][ T53] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 294.661999][ T53] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 294.668929][ T53] usb 6-1: config 0 descriptor?? [ 294.828575][ T2297] netlink: 92 bytes leftover after parsing attributes in process `syz.3.11991'. [ 294.831837][ T2297] netlink: 14 bytes leftover after parsing attributes in process `syz.3.11991'. [ 294.881931][ T5900] usb 6-1: USB disconnect, device number 8 [ 294.937225][ T2313] netlink: 810 bytes leftover after parsing attributes in process `syz.3.11994'. [ 295.371702][ T2371] netlink: 20 bytes leftover after parsing attributes in process `syz.3.12016'. [ 295.389200][ T2374] xt_AUDIT: Audit type out of range (valid range: 0..2) [ 295.467613][ T2386] netlink: 'syz.3.12022': attribute type 4 has an invalid length. [ 295.470127][ T2386] netlink: 17 bytes leftover after parsing attributes in process `syz.3.12022'. [ 295.513462][ T2393] netlink: 8 bytes leftover after parsing attributes in process `syz.3.12025'. [ 295.643586][ T2395] vlan0: entered promiscuous mode [ 295.645801][ T2395] bridge0: entered promiscuous mode [ 295.646085][ T24] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 295.656404][ T2410] netlink: 8 bytes leftover after parsing attributes in process `syz.5.12031'. [ 295.659348][ T2410] netlink: 20 bytes leftover after parsing attributes in process `syz.5.12031'. [ 295.665892][ T2410] geneve2: entered promiscuous mode [ 295.667601][ T2410] geneve2: entered allmulticast mode [ 295.716716][ T2416] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 296.015652][ T5757] Bluetooth: hci2: command tx timeout [ 296.684487][ T2430] smc: net device wlan0 erased user defined pnetid SYZ0 [ 296.764346][ T2442] vlan2: entered promiscuous mode [ 296.764366][ T2442] bridge0: entered promiscuous mode [ 297.224714][ T2511] netlink: 'syz.3.12066': attribute type 1 has an invalid length. [ 297.231339][ T2511] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 297.391898][ T2556] netlink: 'syz.5.12081': attribute type 12 has an invalid length. [ 297.398514][ T40] audit: type=1326 audit(1780300716.039:22504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2557 comm="syz.1.12082" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef7c code=0x7ffc0000 [ 297.450616][ T40] audit: type=1326 audit(1780300716.039:22505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2557 comm="syz.1.12082" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef7c code=0x7ffc0000 [ 297.461357][ T40] audit: type=1326 audit(1780300716.039:22506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2557 comm="syz.1.12082" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef7c code=0x7ffc0000 [ 297.470215][ T40] audit: type=1326 audit(1780300716.039:22507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2557 comm="syz.1.12082" exe="/syz-executor" sig=0 arch=40000003 syscall=291 compat=1 ip=0xf6ffef7c code=0x7ffc0000 [ 297.485728][ T40] audit: type=1326 audit(1780300716.049:22508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2557 comm="syz.1.12082" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef7c code=0x7ffc0000 [ 297.494454][ T2577] comedi comedi2: dac02: I/O base address or length out of range [ 297.498851][ T40] audit: type=1326 audit(1780300716.049:22509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2557 comm="syz.1.12082" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef7c code=0x7ffc0000 [ 297.506356][ T40] audit: type=1326 audit(1780300716.049:22510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2557 comm="syz.1.12082" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef7c code=0x7ffc0000 [ 297.513431][ T40] audit: type=1326 audit(1780300716.049:22511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2557 comm="syz.1.12082" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef7c code=0x7ffc0000 [ 297.520643][ T40] audit: type=1326 audit(1780300716.049:22512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2557 comm="syz.1.12082" exe="/syz-executor" sig=0 arch=40000003 syscall=292 compat=1 ip=0xf6ffef7c code=0x7ffc0000 [ 297.528998][ T40] audit: type=1326 audit(1780300716.049:22513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2557 comm="syz.1.12082" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef7c code=0x7ffc0000 [ 297.540520][ T2583] tipc: Enabling of bearer rejected, failed to enable media [ 298.693440][ T2760] tipc: Started in network mode [ 298.695045][ T2760] tipc: Node identity , cluster identity 4711 [ 298.697376][ T2760] tipc: Failed to obtain node identity [ 298.699087][ T2760] tipc: Enabling of bearer rejected, failed to enable media [ 299.046147][ T2829] gtp0: entered allmulticast mode [ 299.256611][ T2874] __nla_validate_parse: 2 callbacks suppressed [ 299.256623][ T2874] netlink: 8 bytes leftover after parsing attributes in process `syz.5.12168'. [ 299.836990][ T2980] vlan1: entered allmulticast mode [ 299.838740][ T2980] bond0: entered allmulticast mode [ 299.840480][ T2980] : entered allmulticast mode [ 299.842712][ T2980] bridge0: entered allmulticast mode [ 299.844835][ T2980] syz_tun: entered allmulticast mode [ 300.191820][ T3054] syz_tun: refused to change device tx_queue_len [ 300.193804][ T3054] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check. [ 300.415682][ T39] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 300.475624][ T5530] usb 8-1: new full-speed USB device number 10 using dummy_hcd [ 300.577431][ T39] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 300.581616][ T39] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 300.584632][ T39] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 300.587885][ T39] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 300.594680][ T3049] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 300.599046][ T39] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 300.631597][ T5530] usb 8-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6 [ 300.642789][ T5530] usb 8-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3 [ 300.647428][ T5530] usb 8-1: Product: syz [ 300.649258][ T5530] usb 8-1: Manufacturer: syz [ 300.651111][ T5530] usb 8-1: SerialNumber: syz [ 300.655136][ T5530] usb 8-1: config 0 descriptor?? [ 300.839008][ T5900] usb 6-1: USB disconnect, device number 9 [ 300.870398][ T54] usb 8-1: USB disconnect, device number 10 [ 301.103569][ T3114] IPVS: Scheduler module ip_vs_sip not found [ 301.150463][ T3118] nd_bus ndbus0: __nd_ioctl:bus unknown input size cmd: cmd_call field: 1 [ 301.287796][ T3127] netlink: 348 bytes leftover after parsing attributes in process `syz.5.12217'. [ 301.392255][ T3138] netlink: 72 bytes leftover after parsing attributes in process `syz.5.12221'. [ 301.971445][ T3205] netlink: 'syz.5.12238': attribute type 1 has an invalid length. [ 302.412641][ T3244] netlink: 32 bytes leftover after parsing attributes in process `syz.3.12253'. [ 302.663383][ T3288] IPVS: ip_vs_edit_dest(): server weight less than zero [ 302.715942][ T3296] netlink: 8 bytes leftover after parsing attributes in process `syz.3.12269'. [ 302.719518][ T3296] netlink: 8 bytes leftover after parsing attributes in process `syz.3.12269'. [ 303.979898][ T3425] hpfs: Bad magic ... probably not HPFS [ 303.984291][ T3425] hpfs: Bad magic ... probably not HPFS [ 304.110859][ T3439] xt_l2tp: v2 tid > 0xffff: 37482740 [ 304.465602][ T3472] comedi comedi1: dt2817: I/O base address or length out of range [ 304.600776][ T3483] vim2m vim2m.0: vidioc_s_fmt queue busy [ 304.844802][ T34] libceph: connect (1)[c::]:6789 error -101 [ 304.849236][ T34] libceph: mon0 (1)[c::]:6789 connect error [ 304.957815][ T12] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 304.966183][ T12] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 304.969453][ T12] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 304.973275][ T12] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 305.127650][ T34] libceph: connect (1)[c::]:6789 error -101 [ 305.130514][ T34] libceph: mon0 (1)[c::]:6789 connect error [ 305.233861][ T3537] netlink: 'syz.1.12348': attribute type 2 has an invalid length. [ 305.338407][ T3546] netlink: 48 bytes leftover after parsing attributes in process `syz.1.12352'. [ 305.419427][ T3554] random: crng reseeded on system resumption [ 305.480275][ T3560] netlink: 8 bytes leftover after parsing attributes in process `syz.3.12359'. [ 305.484173][ T3560] netlink: 24 bytes leftover after parsing attributes in process `syz.3.12359'. [ 305.637455][ T34] libceph: connect (1)[c::]:6789 error -101 [ 305.640201][ T34] libceph: mon0 (1)[c::]:6789 connect error [ 305.649429][ T3505] ceph: No mds server is up or the cluster is laggy [ 305.875353][ T3590] netlink: 68 bytes leftover after parsing attributes in process `syz.3.12371'. [ 305.878951][ T3590] netlink: 16 bytes leftover after parsing attributes in process `syz.3.12371'. [ 305.881582][ T3590] netlink: 8 bytes leftover after parsing attributes in process `syz.3.12371'. [ 306.202584][ T3630] netlink: 100 bytes leftover after parsing attributes in process `syz.3.12387'. [ 306.205411][ T3630] netlink: 100 bytes leftover after parsing attributes in process `syz.3.12387'. [ 306.251271][ T3634] syz.3.12389: page allocation failure: order:10, mode:0x40dc0(GFP_KERNEL|__GFP_ZERO|__GFP_COMP), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 306.254474][ T3638] netlink: 8 bytes leftover after parsing attributes in process `syz.5.12391'. [ 306.258542][ T3634] CPU: 3 UID: 0 PID: 3634 Comm: syz.3.12389 Tainted: G L syzkaller #0 PREEMPT(full) [ 306.258572][ T3634] Tainted: [L]=SOFTLOCKUP [ 306.258579][ T3634] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 306.258592][ T3634] Call Trace: [ 306.258599][ T3634] [ 306.258606][ T3634] dump_stack_lvl+0x100/0x190 [ 306.258631][ T3634] warn_alloc.cold+0x95/0x1c1 [ 306.258651][ T3634] ? __pfx_warn_alloc+0x10/0x10 [ 306.258699][ T3634] ? __pfx___might_resched+0x10/0x10 [ 306.258726][ T3634] __alloc_frozen_pages_noprof+0xf25/0x2bc0 [ 306.258769][ T3634] ? __lock_acquire+0x4a5/0x2630 [ 306.258797][ T3634] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 306.258830][ T3634] ? find_held_lock+0x2b/0x80 [ 306.258874][ T3634] ? find_held_lock+0x2b/0x80 [ 306.258897][ T3634] ? aa_file_perm+0x7e4/0x14d0 [ 306.258924][ T3634] ? aa_file_perm+0x7e4/0x14d0 [ 306.258952][ T3634] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 306.258981][ T3634] ? policy_nodemask+0xed/0x4f0 [ 306.259005][ T3634] alloc_pages_mpol+0x1fb/0x540 [ 306.259028][ T3634] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 306.259056][ T3634] ? qrtr_tun_write_iter+0xc1/0x1b0 [ 306.259076][ T3634] ___kmalloc_large_node+0xe5/0x120 [ 306.259101][ T3634] __kmalloc_large_node_noprof+0x1c/0x70 [ 306.259126][ T3634] __kmalloc_noprof+0x5be/0x850 [ 306.259148][ T3634] qrtr_tun_write_iter+0xc1/0x1b0 [ 306.259171][ T3634] aio_write+0x3ba/0x920 [ 306.259196][ T3634] ? __pfx_aio_write+0x10/0x10 [ 306.259219][ T3634] ? __lock_acquire+0x4a5/0x2630 [ 306.259261][ T3634] ? __might_fault+0xc5/0x140 [ 306.259296][ T3634] ? io_submit_one+0x1142/0x1fb0 [ 306.259320][ T3634] io_submit_one+0x1142/0x1fb0 [ 306.259348][ T3634] ? __lock_acquire+0x4a5/0x2630 [ 306.259381][ T3634] ? __pfx_io_submit_one+0x10/0x10 [ 306.259414][ T3634] ? __might_fault+0xc5/0x140 [ 306.259448][ T3634] ? __ia32_compat_sys_io_submit+0x1a7/0x3b0 [ 306.259475][ T3634] __ia32_compat_sys_io_submit+0x1a7/0x3b0 [ 306.259505][ T3634] ? __pfx___ia32_compat_sys_io_submit+0x10/0x10 [ 306.259532][ T3634] ? xfd_validate_state+0x129/0x190 [ 306.259556][ T3634] ? rcu_is_watching+0x12/0xc0 [ 306.259581][ T3634] __do_fast_syscall_32+0xe7/0x970 [ 306.259613][ T3634] do_fast_syscall_32+0x32/0x70 [ 306.259640][ T3634] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 306.259663][ T3634] RIP: 0023:0xf703ef7c [ 306.259686][ T3634] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8 [ 306.259705][ T3634] RSP: 002b:00000000f542d50c EFLAGS: 00000292 ORIG_RAX: 00000000000000f8 [ 306.259723][ T3634] RAX: ffffffffffffffda RBX: 00000000f7f6b000 RCX: 0000000000000001 [ 306.259735][ T3634] RDX: 0000000080000080 RSI: 0000000000000000 RDI: 0000000000000000 [ 306.259747][ T3634] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 306.259757][ T3634] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 306.259769][ T3634] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 306.259793][ T3634] [ 306.259836][ T3634] Mem-Info: [ 306.259848][ T3634] active_anon:3465 inactive_anon:2 isolated_anon:0 [ 306.259848][ T3634] active_file:6164 inactive_file:15420 isolated_file:0 [ 306.259848][ T3634] unevictable:1768 dirty:474 writeback:0 [ 306.259848][ T3634] slab_reclaimable:6486 slab_unreclaimable:63328 [ 306.259848][ T3634] mapped:22970 shmem:1789 pagetables:1540 [ 306.259848][ T3634] sec_pagetables:311 bounce:0 [ 306.259848][ T3634] kernel_misc_reclaimable:0 [ 306.259848][ T3634] free:71157 free_pcp:621 free_cma:0 [ 306.259896][ T3634] Node 0 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:4kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:28kB dirty:0kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8384kB pagetables:1060kB sec_pagetables:1140kB all_unreclaimable? yes Balloon:0kB gpu_active:0kB gpu_reclaim:0kB [ 306.259945][ T3634] Node 1 active_anon:13860kB inactive_anon:8kB active_file:24656kB inactive_file:61676kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:91852kB dirty:1896kB writeback:0kB shmem:3620kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:5516kB pagetables:5100kB sec_pagetables:104kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB [ 306.259995][ T3634] Node 0 DMA free:3092kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 306.260046][ T3634] lowmem_reserve[]: 0 285 285 285 285 [ 306.260084][ T3634] Node 0 [ 306.264872][ T3638] netlink: 4 bytes leftover after parsing attributes in process `syz.5.12391'. [ 306.265398][ T3634] DMA32 free:37688kB boost:29460kB min:42556kB low:45828kB high:49100kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:4kB unevictable:3536kB writepending:0kB zspages:1556kB present:1032196kB managed:292748kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 306.268738][ T3638] netlink: 'syz.5.12391': attribute type 15 has an invalid length. [ 306.441098][ T3634] lowmem_reserve[]: 0 0 0 0 0 [ 306.442804][ T3634] Node 1 DMA32 free:249960kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB free_highatomic:0KB active_anon:13460kB inactive_anon:440kB active_file:18188kB inactive_file:60568kB unevictable:3536kB writepending:1896kB zspages:3572kB present:1048432kB managed:948212kB mlocked:0kB bounce:0kB free_pcp:2596kB local_pcp:284kB free_cma:0kB [ 306.452979][ T3634] lowmem_reserve[]: 0 0 0 0 0 [ 306.454443][ T3634] Node 0 DMA: 71*4kB (U) 35*8kB (UM) 19*16kB (UM) 18*32kB (UM) 2*64kB (UM) 0*128kB 0*256kB 1*512kB (M) 1*1024kB (M) 0*2048kB 0*4096kB = 3108kB [ 306.459558][ T3634] Node 0 DMA32: 1375*4kB (UME) 490*8kB (UME) 305*16kB (UME) 277*32kB (UME) 80*64kB (UME) 24*128kB (UME) 13*256kB (UME) 6*512kB (UME) 0*1024kB 0*2048kB 0*4096kB = 37756kB [ 306.465086][ T3634] Node 1 DMA32: 6035*4kB (UME) 4873*8kB (UME) 4008*16kB (UME) 494*32kB (UME) 194*64kB (UME) 118*128kB (UME) 69*256kB (UME) 46*512kB (UM) 22*1024kB (UM) 8*2048kB (UM) 0*4096kB = 250708kB [ 306.470754][ T3634] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 306.474256][ T3634] Node 0 hugepages_total=1 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB [ 306.477481][ T3634] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 306.480802][ T3634] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 306.483934][ T3634] 21708 total pagecache pages [ 306.485370][ T3634] 477 pages in swap cache [ 306.488017][ T3634] Free swap = 58808kB [ 306.489708][ T3634] Total swap = 124996kB [ 306.491426][ T3634] 524155 pages RAM [ 306.492903][ T3634] 0 pages HighMem/MovableOnly [ 306.494952][ T3634] 210075 pages reserved [ 306.497372][ T3634] 0 pages cma reserved [ 307.564905][ T3760] tipc: Enabling of bearer rejected, failed to enable media [ 307.994361][ T40] kauditd_printk_skb: 3 callbacks suppressed [ 307.994377][ T40] audit: type=1326 audit(1780300726.629:22517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3729 comm="syz.5.12424" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02f7c code=0x7fc00000 [ 308.464049][ T3832] program syz.5.12469 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 309.284244][ T3937] program syz.1.12506 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 309.287600][ T3937] ata1.00: non-matching transfer count (8388608/133) [ 309.478268][ T34] libceph: connect (1)[c::]:6789 error -101 [ 309.483405][ T34] libceph: mon0 (1)[c::]:6789 connect error [ 309.708359][ T39] hid (null): global environment stack underflow [ 309.730108][ T39] hid-generic 616F:20C2607D:F72986D9.0005: global environment stack underflow [ 309.733132][ T39] hid-generic 616F:20C2607D:F72986D9.0005: item 0 1 1 11 parsing failed [ 309.738235][ T39] hid-generic 616F:20C2607D:F72986D9.0005: probe with driver hid-generic failed with error -22 [ 309.746240][ T39] libceph: connect (1)[c::]:6789 error -101 [ 309.748549][ T39] libceph: mon0 (1)[c::]:6789 connect error [ 309.946973][ T4024] input input41: cannot allocate more than FF_MAX_EFFECTS effects [ 310.268777][ T39] libceph: connect (1)[c::]:6789 error -101 [ 310.272686][ T39] libceph: mon0 (1)[c::]:6789 connect error [ 310.300308][ T3961] ceph: No mds server is up or the cluster is laggy [ 310.463322][ T24] kernel read not supported for file /media0 (pid: 24 comm: kworker/2:0) [ 310.628631][ T4100] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 310.631304][ T4100] batadv_slave_0: entered promiscuous mode [ 310.636978][ T4100] batadv_slave_0: entered allmulticast mode [ 310.648953][ T4103] __nla_validate_parse: 6 callbacks suppressed [ 310.648965][ T4103] netlink: 24 bytes leftover after parsing attributes in process `syz.5.12563'. [ 310.703634][ T4112] netlink: 28 bytes leftover after parsing attributes in process `syz.5.12565'. [ 310.808505][ T4127] 9pnet_virtio: no channels available for device ./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 310.813153][ T4127] @0Ù: renamed from bond_slave_1 [ 310.858965][ T4129] netlink: 20 bytes leftover after parsing attributes in process `syz.3.12575'. [ 310.862346][ T4129] tipc: Invalid UDP bearer configuration [ 310.862401][ T4129] tipc: Enabling of bearer rejected, failed to enable media [ 311.590414][ T4224] netlink: 4 bytes leftover after parsing attributes in process `syz.5.12610'. [ 311.738518][ T4250] netlink: 136 bytes leftover after parsing attributes in process `syz.1.12622'. [ 311.859589][ T4262] openvswitch: netlink: IP tunnel dst address not specified [ 311.862164][ T4262] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 311.863860][ T4263] [U]  [ 313.339586][ T4311] netlink: 8 bytes leftover after parsing attributes in process `syz.5.12645'. [ 313.431152][ T4320] netlink: 8 bytes leftover after parsing attributes in process `syz.5.12648'. [ 313.968453][ T4336] digital: digital_start_poll: Unknown protocol [ 314.498154][ T4385] netlink: 28 bytes leftover after parsing attributes in process `syz.1.12679'. [ 314.670418][ T4323] Set syz1 is full, maxelem 65536 reached [ 315.035676][ T4438] program syz.1.12701 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 315.250257][ T5756] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 315.258375][ T5756] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 315.262309][ T5756] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 315.268088][ T5756] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 315.270618][ T5756] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 315.565048][ T4451] lo speed is unknown, defaulting to 1000 [ 315.678374][ T13] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 315.682734][ T13] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 315.818083][ T13] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 315.823508][ T13] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 315.946604][ T13] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 315.950828][ T13] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 315.984980][ T4451] bridge0: port 1(bridge_slave_0) entered blocking state [ 315.988820][ T4451] bridge0: port 1(bridge_slave_0) entered disabled state [ 315.992015][ T4451] bridge_slave_0: entered allmulticast mode [ 315.997395][ T4451] bridge_slave_0: entered promiscuous mode [ 316.002407][ T4451] bridge0: port 2(bridge_slave_1) entered blocking state [ 316.005642][ T4451] bridge0: port 2(bridge_slave_1) entered disabled state [ 316.008751][ T4451] bridge_slave_1: entered allmulticast mode [ 316.012349][ T4451] bridge_slave_1: entered promiscuous mode [ 316.040517][ T13] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 316.044877][ T13] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 316.098225][ T4641] netlink: 56 bytes leftover after parsing attributes in process `syz.3.12730'. [ 316.106796][ T4451] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 316.115035][ T4451] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 316.142196][ T4451] team0: Port device team_slave_0 added [ 316.147360][ T4451] team0: Port device team_slave_1 added [ 316.171887][ T4451] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 316.174796][ T4451] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 316.186305][ T4451] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 316.191970][ T4451] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 316.195043][ T4451] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 316.204510][ T4451] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 316.270959][ T4451] hsr_slave_0: entered promiscuous mode [ 316.274267][ T4451] hsr_slave_1: entered promiscuous mode [ 316.277691][ T4451] debugfs: 'hsr0' already exists in 'hsr' [ 316.279599][ T4451] Cannot create hsr debugfs directory [ 316.335061][ T4743] xt_socket: unknown flags 0xe4 [ 316.374222][ T13] bridge_slave_1: left allmulticast mode [ 316.376136][ T13] bridge_slave_1: left promiscuous mode [ 316.378056][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 316.393280][ T13] bridge_slave_0: left allmulticast mode [ 316.395232][ T13] bridge_slave_0: left promiscuous mode [ 316.397964][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 316.640664][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 316.645966][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 316.651005][ T13] bond0 (unregistering): Released all slaves [ 316.681938][ T5453] 8021q: adding VLAN 0 to HW filter on device eth10 [ 316.882876][ T13] IPVS: stopping backup sync thread 534 ... [ 316.884187][ T4863] Invalid source name [ 316.891783][ T4863] UBIFS error (pid: 4863): cannot open "./file0", error -22 [ 317.043645][ T5453] 8021q: adding VLAN 0 to HW filter on device eth11 [ 317.132675][ T4451] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 317.142013][ T4451] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 317.144805][ T4451] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 317.153782][ T4451] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 317.158166][ T4451] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 317.171725][ T4451] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 317.175062][ T4451] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 317.185112][ T4451] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 317.241853][ T13] hsr_slave_0: left promiscuous mode [ 317.251147][ T13] hsr_slave_1: left promiscuous mode [ 317.257578][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 317.260681][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 317.264604][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 317.268891][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 317.292105][ T13] veth1_macvtap: left promiscuous mode [ 317.294742][ T13] veth0_macvtap: left promiscuous mode [ 317.302661][ T5757] Bluetooth: hci4: command tx timeout [ 317.309495][ T13] veth1_vlan: left promiscuous mode [ 317.311805][ T13] veth0_vlan: left promiscuous mode [ 317.364414][ T29] IPVS: starting estimator thread 0... [ 317.458666][ T4931] IPVS: using max 44 ests per chain, 105600 per kthread [ 317.505341][ T4943] netlink: 8 bytes leftover after parsing attributes in process `syz.5.12778'. [ 317.508893][ T4943] netlink: 4 bytes leftover after parsing attributes in process `syz.5.12778'. [ 317.555690][ T13] team0 (unregistering): Port device team_slave_1 removed [ 317.568572][ T13] team0 (unregistering): Port device team_slave_0 removed [ 317.636669][ T13] smc: removing net device vcan0 with user defined pnetid SYZ1 [ 317.648398][ T5453] 8021q: adding VLAN 0 to HW filter on device eth12 [ 317.703234][ T4451] 8021q: adding VLAN 0 to HW filter on device bond0 [ 317.729018][ T4451] 8021q: adding VLAN 0 to HW filter on device team0 [ 317.739105][ T103] bridge0: port 1(bridge_slave_0) entered blocking state [ 317.742110][ T103] bridge0: port 1(bridge_slave_0) entered forwarding state [ 317.785974][ T169] bridge0: port 2(bridge_slave_1) entered blocking state [ 317.788250][ T169] bridge0: port 2(bridge_slave_1) entered forwarding state [ 317.890463][ T5453] 8021q: adding VLAN 0 to HW filter on device eth13 [ 318.104647][ T4451] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 318.281257][ T4451] veth0_vlan: entered promiscuous mode [ 318.290535][ T4451] veth1_vlan: entered promiscuous mode [ 318.308526][ T4451] veth0_macvtap: entered promiscuous mode [ 318.312557][ T4451] veth1_macvtap: entered promiscuous mode [ 318.327103][ T4451] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 318.337673][ T4451] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 318.344614][ T78] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 318.347673][ T78] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 318.351390][ T78] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 318.354148][ T78] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 318.409210][ T169] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 318.412487][ T169] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 318.431630][ T103] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 318.435025][ T103] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 318.593142][ T5017] netlink: 120 bytes leftover after parsing attributes in process `syz.5.12785'. [ 318.677907][ T5035] bridge: RTM_NEWNEIGH with unconfigured vlan 1 on bridge0 [ 318.905776][T18924] usb 11-1: new high-speed USB device number 2 using dummy_hcd [ 319.056713][T18924] usb 11-1: Using ep0 maxpacket: 16 [ 319.060440][T18924] usb 11-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 319.063927][T18924] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 319.071211][T18924] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 319.075224][T18924] usb 11-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 319.080935][T18924] usb 11-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 319.090096][T18924] usb 11-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 319.094037][T18924] usb 11-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 319.094175][ T5077] tipc: Enabling of bearer rejected, media not registered [ 319.097787][T18924] usb 11-1: Manufacturer: syz [ 319.106525][T18924] usb 11-1: config 0 descriptor?? [ 319.375651][T18924] rc_core: IR keymap rc-hauppauge not found [ 319.375657][ T5757] Bluetooth: hci4: command tx timeout [ 319.377537][T18924] Registered IR keymap rc-empty [ 319.380959][T18924] mceusb 11-1:0.0: Error: mce write submit urb error = -90 [ 319.395797][T18924] mceusb 11-1:0.0: Error: mce write submit urb error = -90 [ 319.416672][T18924] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.6/usb11/11-1/11-1:0.0/rc/rc0 [ 319.424402][T18924] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.6/usb11/11-1/11-1:0.0/rc/rc0/input42 [ 319.432744][T18924] mceusb 11-1:0.0: Error: mce write submit urb error = -90 [ 319.433584][ T5121] netem: change failed [ 319.465844][T18924] mceusb 11-1:0.0: Error: mce write submit urb error = -90 [ 319.485926][T18924] mceusb 11-1:0.0: Error: mce write submit urb error = -90 [ 319.506381][T18924] mceusb 11-1:0.0: Error: mce write submit urb error = -90 [ 319.537448][T18924] mceusb 11-1:0.0: Error: mce write submit urb error = -90 [ 319.555648][T18924] mceusb 11-1:0.0: Error: mce write submit urb error = -90 [ 319.556929][ T5900] Process accounting resumed [ 319.575436][ T5136] Process accounting resumed [ 319.585934][T18924] mceusb 11-1:0.0: Error: mce write submit urb error = -90 [ 319.605710][T18924] mceusb 11-1:0.0: Error: mce write submit urb error = -90 [ 319.635683][T18924] mceusb 11-1:0.0: Error: mce write submit urb error = -90 [ 319.665841][T18924] mceusb 11-1:0.0: Error: mce write submit urb error = -90 [ 319.714074][T18924] mceusb 11-1:0.0: Registered with mce emulator interface version 1 [ 319.714097][T18924] mceusb 11-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 319.721442][T18924] usb 11-1: USB disconnect, device number 2 [ 320.325401][ T5530] hid (null): invalid report_size 51505 [ 320.327708][ T5530] hid (null): unknown global tag 0xc [ 320.329610][ T5530] hid (null): unknown global tag 0xc [ 320.331420][ T5530] hid (null): unknown global tag 0x9f [ 320.333086][ T5530] hid (null): unknown global tag 0xc [ 320.337566][ T5530] hid (null): unknown global tag 0x42 [ 320.340015][ T5530] hid (null): unknown global tag 0xd [ 320.342230][ T5530] hid (null): unknown global tag 0xc [ 320.344425][ T5530] hid (null): unknown global tag 0xc [ 320.347808][ T5530] hid (null): report_id 0 is invalid [ 320.349880][ T5530] hid (null): unknown global tag 0xe [ 320.352286][ T5530] hid (null): report_id 16697 is invalid [ 320.354625][ T5530] hid (null): bogus close delimiter [ 320.357169][ T5530] hid (null): unknown global tag 0xc [ 320.359760][ T5530] hid (null): invalid report_size 1234625101 [ 320.362309][ T5530] hid (null): unknown global tag 0xd [ 320.364516][ T5530] hid (null): unknown global tag 0xd [ 320.367586][ T5530] hid (null): invalid report_size -2125375034 [ 320.369952][ T5530] hid (null): report_id 0 is invalid [ 320.371616][ T5530] hid (null): invalid report_count -1724469666 [ 320.373936][ T5530] hid (null): unknown global tag 0xc [ 320.376322][ T5530] hid (null): unknown global tag 0xd [ 320.380428][ T5530] hid (null): global environment stack overflow [ 320.383135][ T5530] hid (null): unknown global tag 0xe [ 320.385359][ T5530] hid (null): unknown global tag 0xc [ 320.388049][ T5530] hid (null): unknown global tag 0xc [ 320.393124][ T5530] hid-generic 0009:0007:0077.0006: unknown main item tag 0x1 [ 320.396146][ T5530] hid-generic 0009:0007:0077.0006: reserved main item tag 0xd [ 320.398559][ T5530] hid-generic 0009:0007:0077.0006: unknown main item tag 0x1 [ 320.401408][ T5530] hid-generic 0009:0007:0077.0006: unexpected long global item [ 320.405192][ T5530] hid-generic 0009:0007:0077.0006: probe with driver hid-generic failed with error -22 [ 321.403568][ T5185] Set syz1 is full, maxelem 65536 reached [ 321.460778][ T5757] Bluetooth: hci4: command tx timeout [ 322.133759][ T5375] fuse: Invalid rootmode [ 322.620307][ T5427] tipc: Enabling not permitted [ 322.623923][ T5427] tipc: Enabling of bearer rejected, failed to enable media [ 322.722328][ T5441] netlink: 12 bytes leftover after parsing attributes in process `syz.5.12936'. [ 322.913066][ T5474] 9pnet_fd: p9_fd_create_tcp (5474): problem binding to privport [ 323.223913][ T5520] netlink: 8 bytes leftover after parsing attributes in process `syz.3.12960'. [ 323.226862][ T5520] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12960'. [ 323.230185][ T5520] netlink: 'syz.3.12960': attribute type 18 has an invalid length. [ 323.232760][ T5520] netlink: 8 bytes leftover after parsing attributes in process `syz.3.12960'. [ 323.271139][ T5527] netlink: 8 bytes leftover after parsing attributes in process `syz.3.12962'. [ 323.527290][ T5576] usb 1-1: USB disconnect, device number 2 [ 323.545915][ T5757] Bluetooth: hci4: command tx timeout [ 323.679867][ T5602] netlink: 40 bytes leftover after parsing attributes in process `syz.3.12980'. [ 323.683600][ T5602] netlink: 28 bytes leftover after parsing attributes in process `syz.3.12980'. [ 323.730495][ T5609] netlink: 24 bytes leftover after parsing attributes in process `syz.5.12981'. [ 323.804492][ T5615] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 324.154174][ T5664] PKCS8: Unsupported PKCS#8 version [ 324.195343][ T5666] bridge0: port 1(bridge_slave_0) entered disabled state [ 324.328965][ T5757] Bluetooth: hci3: unexpected event 0x2f length: 1017 > 260 [ 324.423866][ T5716] comedi comedi4: bad chanlist[1]=0x0000c413 chan=50195 range length=2 [ 324.539334][ T5734] netlink: 8 bytes leftover after parsing attributes in process `syz.5.13022'. [ 324.737363][ T34] Process accounting resumed [ 324.752076][ T5765] Process accounting resumed [ 325.124908][ T40] audit: type=1326 audit(1780300743.759:22518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5806 comm="syz.5.13043" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02f7c code=0x7ffc0000 [ 325.133941][ T40] audit: type=1326 audit(1780300743.759:22519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5806 comm="syz.5.13043" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02f7c code=0x7ffc0000 [ 325.144796][ T40] audit: type=1326 audit(1780300743.769:22520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5806 comm="syz.5.13043" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02f7c code=0x7ffc0000 [ 325.157703][ T40] audit: type=1326 audit(1780300743.769:22521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5806 comm="syz.5.13043" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02f7c code=0x7ffc0000 [ 325.167372][ T40] audit: type=1326 audit(1780300743.769:22522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5806 comm="syz.5.13043" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f02f7c code=0x7ffc0000 [ 325.177011][ T40] audit: type=1326 audit(1780300743.769:22523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5806 comm="syz.5.13043" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02f7c code=0x7ffc0000 [ 325.186750][ T40] audit: type=1326 audit(1780300743.769:22524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5806 comm="syz.5.13043" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02f7c code=0x7ffc0000 [ 325.195436][ T40] audit: type=1326 audit(1780300743.769:22525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5806 comm="syz.5.13043" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02f7c code=0x7ffc0000 [ 325.206376][ T40] audit: type=1326 audit(1780300743.769:22526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5806 comm="syz.5.13043" exe="/syz-executor" sig=0 arch=40000003 syscall=365 compat=1 ip=0xf7f02f7c code=0x7ffc0000 [ 325.217300][ T40] audit: type=1326 audit(1780300743.769:22527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5806 comm="syz.5.13043" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f02f7c code=0x7ffc0000 [ 325.437943][ T5835] qrtr: Invalid version 255 [ 325.620394][ T5867] netlink: 12 bytes leftover after parsing attributes in process `syz.1.13059'. [ 326.219949][ T5944] use of bytesused == 0 is deprecated and will be removed in the future, [ 326.224725][ T5944] use the actual size instead. [ 326.765593][ T5900] usb 10-1: new high-speed USB device number 3 using dummy_hcd [ 326.825642][ T5530] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 326.873357][ T6010] netlink: 'syz.3.13114': attribute type 13 has an invalid length. [ 326.925828][ T5900] usb 10-1: Using ep0 maxpacket: 8 [ 326.929810][ T5900] usb 10-1: config 0 has no interfaces? [ 326.932403][ T5900] usb 10-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 326.937531][ T5900] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 326.943947][ T5900] usb 10-1: config 0 descriptor?? [ 326.977875][ T5530] usb 6-1: config 0 has an invalid interface number: 50 but max is 0 [ 326.982155][ T5530] usb 6-1: config 0 has no interface number 0 [ 326.984677][ T5530] usb 6-1: config 0 interface 50 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 326.994110][ T5530] usb 6-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=e6.fc [ 326.998415][ T5530] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 327.001823][ T5530] usb 6-1: Product: syz [ 327.003571][ T5530] usb 6-1: Manufacturer: syz [ 327.005453][ T5530] usb 6-1: SerialNumber: syz [ 327.011964][ T5530] usb 6-1: config 0 descriptor?? [ 327.017565][ T5530] yurex 6-1:0.50: USB YUREX device now attached to Yurex #0 [ 327.171687][ T5900] usb 10-1: USB disconnect, device number 3 [ 327.226750][ T5530] usb 6-1: USB disconnect, device number 10 [ 327.233152][ T5530] yurex 6-1:0.50: USB YUREX #0 now disconnected [ 328.006142][ T24] usb 10-1: new high-speed USB device number 4 using dummy_hcd [ 328.165610][ T24] usb 10-1: Using ep0 maxpacket: 32 [ 328.170164][ T24] usb 10-1: unable to get BOS descriptor or descriptor too short [ 328.174591][ T24] usb 10-1: config 8 has an invalid interface number: 188 but max is 0 [ 328.181762][ T24] usb 10-1: config 8 has no interface number 0 [ 328.184219][ T24] usb 10-1: config 8 interface 188 has no altsetting 0 [ 328.194317][ T24] usb 10-1: string descriptor 0 read error: -22 [ 328.196753][ T24] usb 10-1: New USB device found, idVendor=0ccd, idProduct=0102, bcdDevice=89.0e [ 328.199739][ T24] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 328.217434][ T24] dvb-usb: found a 'Terratec Cinergy S2 USB HD Rev.3' in warm state. [ 328.221638][ T24] dw2102: su3000_power_ctrl: 1, initialized 0 [ 328.223796][ T24] dvb-usb: bulk message failed: -22 (2/0) [ 328.230473][ T24] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 328.238496][ T24] dvbdev: DVB: registering new adapter (Terratec Cinergy S2 USB HD Rev.3) [ 328.241300][ T24] usb 10-1: media controller created [ 328.243074][ T24] dvb-usb: bulk message failed: -22 (6/0) [ 328.244818][ T24] dw2102: i2c transfer failed. [ 328.246637][ T24] dvb-usb: bulk message failed: -22 (6/0) [ 328.248418][ T24] dw2102: i2c transfer failed. [ 328.249920][ T24] dvb-usb: bulk message failed: -22 (6/0) [ 328.251711][ T24] dw2102: i2c transfer failed. [ 328.253671][ T24] dvb-usb: bulk message failed: -22 (6/0) [ 328.256138][ T24] dw2102: i2c transfer failed. [ 328.257635][ T24] dvb-usb: bulk message failed: -22 (6/0) [ 328.259565][ T24] dw2102: i2c transfer failed. [ 328.261021][ T24] dvb-usb: bulk message failed: -22 (6/0) [ 328.262957][ T24] dw2102: i2c transfer failed. [ 328.264399][ T24] dvb-usb: MAC address: 02:02:02:02:02:02 [ 328.271064][ T24] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 328.283653][ T24] dvb-usb: bulk message failed: -22 (3/0) [ 328.285385][ T24] dw2102: command 0x0e transfer failed. [ 328.287349][ T24] dvb-usb: bulk message failed: -22 (3/0) [ 328.289146][ T24] dw2102: command 0x0e transfer failed. [ 328.336741][ T6128] netlink: 'syz.6.13146': attribute type 4 has an invalid length. [ 328.339982][ T6128] __nla_validate_parse: 3 callbacks suppressed [ 328.339995][ T6128] netlink: 224 bytes leftover after parsing attributes in process `syz.6.13146'. [ 328.435598][ T5530] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 328.585666][ T5530] usb 6-1: Using ep0 maxpacket: 16 [ 328.589233][ T5530] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 328.593335][ T5530] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 328.595643][ T24] dvb-usb: bulk message failed: -22 (3/0) [ 328.600251][ T5530] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 328.603940][ T5530] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 328.604554][ T24] dw2102: command 0x0e transfer failed. [ 328.608631][ T5530] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 328.617401][ T24] dvb-usb: bulk message failed: -22 (3/0) [ 328.621200][ T5530] usb 6-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 328.623973][ T24] dw2102: command 0x0e transfer failed. [ 328.624771][ T5530] usb 6-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 328.627532][ T24] dvb-usb: bulk message failed: -22 (1/0) [ 328.631725][ T5530] usb 6-1: Manufacturer: syz [ 328.633066][ T24] dw2102: command 0x51 transfer failed. [ 328.638040][ T6054] dvb-usb: bulk message failed: -22 (20/0) [ 328.643816][ T5530] usb 6-1: config 0 descriptor?? [ 328.651116][ T6054] dw2102: i2c transfer failed. [ 328.675773][ T24] DVB: Unable to find symbol ds3000_attach() [ 328.678299][ T24] dvb-usb: no frontend was attached by 'Terratec Cinergy S2 USB HD Rev.3' [ 328.725656][ T24] rc_core: IR keymap rc-su3000 not found [ 328.729066][ T24] Registered IR keymap rc-empty [ 328.736548][ T24] rc rc0: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.5/usb10/10-1/rc/rc0 [ 328.747260][ T24] input: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.5/usb10/10-1/rc/rc0/input43 [ 328.757176][ T24] dvb-usb: schedule remote query interval to 150 msecs. [ 328.759879][ T24] dw2102: su3000_power_ctrl: 0, initialized 1 [ 328.762302][ T24] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully initialized and connected. [ 328.771112][ T24] usb 10-1: USB disconnect, device number 4 [ 328.820374][ T24] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully deinitialized and disconnected. [ 328.926552][ T5530] rc_core: IR keymap rc-hauppauge not found [ 328.929877][ T5530] Registered IR keymap rc-empty [ 328.933910][ T5530] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 328.955721][ T5530] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 328.963629][ T6193] netlink: 276 bytes leftover after parsing attributes in process `syz.3.13157'. [ 328.976622][ T5530] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/rc/rc0 [ 328.988140][ T5530] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/rc/rc0/input44 [ 329.001065][ T5530] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 329.025608][ T5530] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 329.045639][ T5530] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 329.066897][ T5530] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 329.085869][ T5530] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 329.115776][ T5530] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 329.138872][ T5530] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 329.155674][ T5530] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 329.175706][ T5530] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 329.195818][ T5530] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 329.234660][ T5530] mceusb 6-1:0.0: Registered with mce emulator interface version 1 [ 329.238006][ T5530] mceusb 6-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 329.247839][ T5530] usb 6-1: USB disconnect, device number 11 [ 329.303205][ T6220] netlink: 68 bytes leftover after parsing attributes in process `syz.5.13162'. [ 329.667485][ T6277] netlink: 14 bytes leftover after parsing attributes in process `syz.5.13180'. [ 329.707135][ T6277] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 329.718600][ T6277] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 329.731111][ T6277] bond0 (unregistering): Released all slaves [ 330.136715][ T6350] netlink: 766 bytes leftover after parsing attributes in process `syz.6.13197'. [ 330.587572][ T6388] netlink: 4 bytes leftover after parsing attributes in process `syz.5.13208'. [ 330.859258][ T6419] netlink: 8 bytes leftover after parsing attributes in process `syz.6.13219'. [ 330.862628][ T6419] netlink: 4 bytes leftover after parsing attributes in process `syz.6.13219'. [ 330.865888][ T6419] netlink: 'syz.6.13219': attribute type 19 has an invalid length. [ 330.868458][ T6419] netlink: 'syz.6.13219': attribute type 20 has an invalid length. [ 331.031238][ T6441] xt_l2tp: unknown flags: 51 [ 331.558546][ T40] kauditd_printk_skb: 3 callbacks suppressed [ 331.558562][ T40] audit: type=1326 audit(1780300750.199:22531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6489 comm="syz.6.13243" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef7c code=0x7ffc0000 [ 331.563004][ T6498] netlink: 68 bytes leftover after parsing attributes in process `syz.5.13245'. [ 331.576163][ T40] audit: type=1326 audit(1780300750.199:22532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6489 comm="syz.6.13243" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef7c code=0x7ffc0000 [ 331.584854][ T40] audit: type=1326 audit(1780300750.199:22533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6489 comm="syz.6.13243" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef7c code=0x7ffc0000 [ 331.595151][ T40] audit: type=1326 audit(1780300750.199:22534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6489 comm="syz.6.13243" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef7c code=0x7ffc0000 [ 331.605553][ T40] audit: type=1326 audit(1780300750.209:22535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6489 comm="syz.6.13243" exe="/syz-executor" sig=0 arch=40000003 syscall=270 compat=1 ip=0xf703ef7c code=0x7ffc0000 [ 331.612287][ T40] audit: type=1326 audit(1780300750.209:22536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6489 comm="syz.6.13243" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef7c code=0x7ffc0000 [ 331.619508][ T40] audit: type=1326 audit(1780300750.209:22537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6489 comm="syz.6.13243" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef7c code=0x7ffc0000 [ 331.636497][ T40] audit: type=1326 audit(1780300750.209:22538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6489 comm="syz.6.13243" exe="/syz-executor" sig=0 arch=40000003 syscall=436 compat=1 ip=0xf703ef7c code=0x7ffc0000 [ 331.643463][ T40] audit: type=1326 audit(1780300750.209:22539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6489 comm="syz.6.13243" exe="/syz-executor" sig=0 arch=40000003 syscall=252 compat=1 ip=0xf703ef7c code=0x7ffc0000 [ 333.107215][ T6613] netlink: 4 bytes leftover after parsing attributes in process `syz.6.13283'. [ 333.515729][ T70] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 333.679617][ T6680] tipc: Enabling of bearer rejected, failed to enable media [ 333.686922][ T70] usb 6-1: too many configurations: 9, using maximum allowed: 8 [ 333.690972][ T70] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 333.694683][ T70] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 333.699178][ T70] usb 6-1: config 0 interface 0 has no altsetting 0 [ 333.702827][ T70] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 333.706531][ T70] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 333.710576][ T70] usb 6-1: config 0 interface 0 has no altsetting 0 [ 333.713887][ T70] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 333.717827][ T70] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 333.721868][ T70] usb 6-1: config 0 interface 0 has no altsetting 0 [ 333.725385][ T70] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 333.729322][ T70] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 333.733267][ T70] usb 6-1: config 0 interface 0 has no altsetting 0 [ 333.737384][ T70] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 333.740789][ T70] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 333.744736][ T70] usb 6-1: config 0 interface 0 has no altsetting 0 [ 333.748520][ T70] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 333.752056][ T70] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 333.756073][ T70] usb 6-1: config 0 interface 0 has no altsetting 0 [ 333.759737][ T70] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 333.763155][ T70] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 333.767184][ T70] usb 6-1: config 0 interface 0 has no altsetting 0 [ 333.770650][ T70] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 333.774404][ T70] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 333.778586][ T70] usb 6-1: config 0 interface 0 has no altsetting 0 [ 333.783465][ T70] usb 6-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 333.787215][ T70] usb 6-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 333.790299][ T70] usb 6-1: Product: syz [ 333.791874][ T70] usb 6-1: Manufacturer: syz [ 333.793580][ T70] usb 6-1: SerialNumber: syz [ 333.798174][ T70] usb 6-1: config 0 descriptor?? [ 333.809340][ T70] yurex 6-1:0.0: USB YUREX device now attached to Yurex #0 [ 334.014697][ T5823] usb 6-1: USB disconnect, device number 12 [ 334.028631][ T5823] yurex 6-1:0.0: USB YUREX #0 now disconnected [ 334.122326][ T6702] lo speed is unknown, defaulting to 1000 [ 334.465660][ T5530] usb 11-1: new high-speed USB device number 3 using dummy_hcd [ 334.619631][ T6748] tipc: Enabling of bearer rejected, failed to enable media [ 334.625617][ T5530] usb 11-1: Using ep0 maxpacket: 32 [ 334.632505][ T5530] usb 11-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 334.639140][ T5530] usb 11-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 334.642877][ T5530] usb 11-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 334.646641][ T5530] usb 11-1: Product: syz [ 334.648501][ T5530] usb 11-1: Manufacturer: syz [ 334.651001][ T5530] usb 11-1: SerialNumber: syz [ 334.661925][ T5530] usb 11-1: config 0 descriptor?? [ 334.664869][ T6730] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 334.883252][ T5530] usb 11-1: USB disconnect, device number 3 [ 335.030502][ T6811] netdevsim netdevsim3: Firmware load for '../file0/file0' refused, path contains '..' component [ 335.452099][ T6858] ebtables: wrong size: *len 168, entries_size 48, replsz 48 [ 335.562372][ T6872] hpfs: Bad magic ... probably not HPFS [ 335.566899][ T6872] hpfs: hpfs_map_sector(): read error [ 335.577454][ T6875] tipc: Started in network mode [ 335.579741][ T6875] tipc: Node identity e0000001, cluster identity 4711 [ 335.582454][ T6875] tipc: Enabling of bearer rejected, failed to enable media [ 335.925690][ T5900] usb 10-1: new high-speed USB device number 5 using dummy_hcd [ 336.095690][ T5900] usb 10-1: Using ep0 maxpacket: 8 [ 336.099221][ T5900] usb 10-1: config index 0 descriptor too short (expected 5924, got 36) [ 336.101817][ T5900] usb 10-1: config 250 has an invalid interface number: 228 but max is -1 [ 336.104474][ T5900] usb 10-1: config 250 has 1 interface, different from the descriptor's value: 0 [ 336.108133][ T5900] usb 10-1: config 250 has no interface number 0 [ 336.111100][ T5900] usb 10-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024 [ 336.116171][ T5900] usb 10-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024 [ 336.120409][ T5900] usb 10-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0 [ 336.124856][ T5900] usb 10-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0 [ 336.129560][ T5900] usb 10-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17 [ 336.134746][ T5900] usb 10-1: config 250 interface 228 has no altsetting 0 [ 336.138324][ T5900] usb 10-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07 [ 336.141279][ T5900] usb 10-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59 [ 336.143837][ T5900] usb 10-1: Product: syz [ 336.145139][ T5900] usb 10-1: SerialNumber: syz [ 336.153165][ T5900] hub 10-1:250.228: bad descriptor, ignoring hub [ 336.155831][ T5900] hub 10-1:250.228: probe with driver hub failed with error -5 [ 336.363323][ T5900] usblp 10-1:250.228: usblp0: USB Bidirectional printer dev 5 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292 [ 336.488364][ T6914] netlink: 'syz.1.13368': attribute type 5 has an invalid length. [ 336.714438][ T54] usb 10-1: USB disconnect, device number 5 [ 336.727282][ T54] usblp0: removed [ 337.753954][ T7040] lo speed is unknown, defaulting to 1000 [ 337.950038][ T7090] netlink: 'syz.6.13414': attribute type 1 has an invalid length. [ 337.961432][ T7090] netlink: 96 bytes leftover after parsing attributes in process `syz.6.13414'. [ 337.966041][ T7090] netlink: 1 bytes leftover after parsing attributes in process `syz.6.13414'. [ 337.970185][ T7090] netlink: 'syz.6.13414': attribute type 1 has an invalid length. [ 337.973413][ T7090] netlink: 'syz.6.13414': attribute type 8 has an invalid length. [ 337.977949][ T7090] netlink: 606 bytes leftover after parsing attributes in process `syz.6.13414'. [ 338.160174][ T7117] program syz.1.13423 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 338.365634][ T54] usb 11-1: new high-speed USB device number 4 using dummy_hcd [ 338.374595][ T7147] lo speed is unknown, defaulting to 1000 [ 338.434986][ T7165] IPVS: sync thread started: state = MASTER, mcast_ifn = ip6gre0, syncid = 1, id = 0 [ 338.535712][ T54] usb 11-1: Using ep0 maxpacket: 32 [ 338.539095][ T54] usb 11-1: unable to get BOS descriptor or descriptor too short [ 338.542707][ T54] usb 11-1: config 8 has an invalid interface number: 188 but max is 0 [ 338.545277][ T54] usb 11-1: config 8 has no interface number 0 [ 338.547450][ T54] usb 11-1: config 8 interface 188 has no altsetting 0 [ 338.552979][ T54] usb 11-1: string descriptor 0 read error: -22 [ 338.555838][ T54] usb 11-1: New USB device found, idVendor=0ccd, idProduct=0102, bcdDevice=89.0e [ 338.559432][ T54] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 338.571569][ T54] dvb-usb: found a 'Terratec Cinergy S2 USB HD Rev.3' in warm state. [ 338.574408][ T54] dw2102: su3000_power_ctrl: 1, initialized 0 [ 338.577091][ T54] dvb-usb: bulk message failed: -22 (2/0) [ 338.583508][ T54] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 338.587489][ T54] dvbdev: DVB: registering new adapter (Terratec Cinergy S2 USB HD Rev.3) [ 338.590115][ T54] usb 11-1: media controller created [ 338.591747][ T54] dvb-usb: bulk message failed: -22 (6/0) [ 338.593493][ T54] dw2102: i2c transfer failed. [ 338.595095][ T54] dvb-usb: bulk message failed: -22 (6/0) [ 338.597337][ T54] dw2102: i2c transfer failed. [ 338.609946][ T54] dvb-usb: bulk message failed: -22 (6/0) [ 338.612223][ T54] dw2102: i2c transfer failed. [ 338.613927][ T54] dvb-usb: bulk message failed: -22 (6/0) [ 338.624020][ T54] dw2102: i2c transfer failed. [ 338.626349][ T54] dvb-usb: bulk message failed: -22 (6/0) [ 338.628736][ T54] dw2102: i2c transfer failed. [ 338.630726][ T54] dvb-usb: bulk message failed: -22 (6/0) [ 338.633291][ T54] dw2102: i2c transfer failed. [ 338.635860][ T54] dvb-usb: MAC address: 02:02:02:02:02:02 [ 338.657549][ T54] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 338.674921][ T54] dvb-usb: bulk message failed: -22 (3/0) [ 338.677309][ T54] dw2102: command 0x0e transfer failed. [ 338.679636][ T54] dvb-usb: bulk message failed: -22 (3/0) [ 338.681740][ T54] dw2102: command 0x0e transfer failed. [ 338.715648][ T24] usb 10-1: new high-speed USB device number 6 using dummy_hcd [ 338.866587][ T24] usb 10-1: too many configurations: 9, using maximum allowed: 8 [ 338.873054][ T24] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 338.877608][ T24] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 338.882539][ T24] usb 10-1: config 0 interface 0 has no altsetting 0 [ 338.887003][ T24] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 338.891019][ T24] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 338.895394][ T24] usb 10-1: config 0 interface 0 has no altsetting 0 [ 338.899465][ T24] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 338.903415][ T24] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 338.908147][ T24] usb 10-1: config 0 interface 0 has no altsetting 0 [ 338.912311][ T24] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 338.916445][ T24] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 338.921087][ T24] usb 10-1: config 0 interface 0 has no altsetting 0 [ 338.925005][ T24] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 338.928991][ T24] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 338.934212][ T24] usb 10-1: config 0 interface 0 has no altsetting 0 [ 338.938344][ T24] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 338.942207][ T24] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 338.946884][ T24] usb 10-1: config 0 interface 0 has no altsetting 0 [ 338.950829][ T24] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 338.954777][ T24] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 338.959502][ T24] usb 10-1: config 0 interface 0 has no altsetting 0 [ 338.963557][ T24] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 338.967648][ T24] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 338.972345][ T24] usb 10-1: config 0 interface 0 has no altsetting 0 [ 338.977525][ T24] usb 10-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 338.981540][ T24] usb 10-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 338.985122][ T24] usb 10-1: Product: syz [ 338.987113][ T24] usb 10-1: Manufacturer: syz [ 338.989238][ T54] dvb-usb: bulk message failed: -22 (3/0) [ 338.991988][ T24] usb 10-1: SerialNumber: syz [ 338.994252][ T54] dw2102: command 0x0e transfer failed. [ 338.998168][ T54] dvb-usb: bulk message failed: -22 (3/0) [ 339.001497][ T24] usb 10-1: config 0 descriptor?? [ 339.003593][ T54] dw2102: command 0x0e transfer failed. [ 339.006161][ T54] dvb-usb: bulk message failed: -22 (1/0) [ 339.011481][ T54] dw2102: command 0x51 transfer failed. [ 339.016382][ T7110] dvb-usb: bulk message failed: -22 (20/0) [ 339.018953][ T7110] dw2102: i2c transfer failed. [ 339.020493][ T24] yurex 10-1:0.0: USB YUREX device now attached to Yurex #0 [ 339.038289][ T54] DVB: Unable to find symbol ds3000_attach() [ 339.043269][ T54] dvb-usb: no frontend was attached by 'Terratec Cinergy S2 USB HD Rev.3' [ 339.115606][ T54] rc_core: IR keymap rc-su3000 not found [ 339.118151][ T54] Registered IR keymap rc-empty [ 339.123458][ T54] rc rc0: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.6/usb11/11-1/rc/rc0 [ 339.136381][ T54] input: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.6/usb11/11-1/rc/rc0/input45 [ 339.144096][ T54] dvb-usb: schedule remote query interval to 150 msecs. [ 339.151082][ T54] dw2102: su3000_power_ctrl: 0, initialized 1 [ 339.153881][ T54] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully initialized and connected. [ 339.165935][ T54] usb 11-1: USB disconnect, device number 4 [ 339.224050][ T54] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully deinitialized and disconnected. [ 339.233898][T20600] usb 10-1: USB disconnect, device number 6 [ 339.252942][T20600] yurex 10-1:0.0: USB YUREX #0 now disconnected [ 339.351143][ T5757] Bluetooth: hci1: unexpected event for opcode 0x1002 [ 339.531086][ T7243] tmpfs: Too few inodes for current use [ 339.628722][ T7253] lo speed is unknown, defaulting to 1000 [ 339.722881][ T54] kernel write not supported for file /dsp1 (pid: 54 comm: kworker/2:1) [ 339.814936][ T7291] netlink: 332 bytes leftover after parsing attributes in process `syz.5.13456'. [ 339.821413][ T7291] netlink: 160 bytes leftover after parsing attributes in process `syz.5.13456'. [ 340.125620][ T5530] kernel write not supported for file /sg0 (pid: 5530 comm: kworker/1:3) [ 340.285709][ T5823] usb 6-1: new full-speed USB device number 13 using dummy_hcd [ 340.343362][ T7364] nbd: must specify a size in bytes for the device [ 340.353939][ T7366] pim6reg: entered allmulticast mode [ 340.371977][ T7366] pim6reg: left allmulticast mode [ 340.448992][ T5823] usb 6-1: config 0 has an invalid interface number: 8 but max is 0 [ 340.452424][ T5823] usb 6-1: config 0 has no interface number 0 [ 340.455074][ T5823] usb 6-1: config 0 interface 8 altsetting 0 has an endpoint descriptor with address 0x9F, changing to 0x8F [ 340.461160][ T5823] usb 6-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 340.465956][ T5823] usb 6-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 340.472252][ T5823] usb 6-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 340.477013][ T5823] usb 6-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 340.480807][ T5823] usb 6-1: Product: syz [ 340.482601][ T5823] usb 6-1: SerialNumber: syz [ 340.493877][ T5823] usb 6-1: config 0 descriptor?? [ 340.500369][ T5823] cm109 6-1:0.8: invalid payload size 0, expected 4 [ 340.503603][ T5823] input: CM109 USB driver as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.8/input/input46 [ 340.706963][ C1] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 340.711504][ C1] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 340.713750][ C1] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 340.716719][ C1] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 340.719079][ C1] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 340.724092][ C1] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 340.726430][ C1] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 340.728865][ C1] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 340.731180][ C1] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 340.733436][ C1] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 340.736384][ T5823] usb 6-1: USB disconnect, device number 13 [ 340.738845][ C1] cm109 6-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 340.760267][ T5823] cm109 6-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 340.838100][ T7446] sch_fq: defrate 4294967295 ignored. [ 340.953240][ T5757] Bluetooth: hci3: unexpected event for opcode 0x2016 [ 341.146159][ T40] audit: type=1326 audit(1780300759.789:22540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7502 comm="syz.3.13519" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf703ef7c code=0x0 [ 341.370393][ T7526] netlink: 4 bytes leftover after parsing attributes in process `syz.1.13526'. [ 341.416234][T20600] usb 10-1: new high-speed USB device number 7 using dummy_hcd [ 341.587437][T20600] usb 10-1: Using ep0 maxpacket: 8 [ 341.594987][T20600] usb 10-1: config 179 has an invalid interface number: 65 but max is 0 [ 341.603181][T20600] usb 10-1: config 179 has no interface number 0 [ 341.613600][T20600] usb 10-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9 [ 341.626373][T20600] usb 10-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024 [ 341.638756][T20600] usb 10-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 52, changing to 9 [ 341.643412][T20600] usb 10-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid maxpacket 8241, setting to 1024 [ 341.643593][ T5823] kernel write not supported for file /dsp1 (pid: 5823 comm: kworker/1:4) [ 341.653244][T20600] usb 10-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 341.658686][T20600] usb 10-1: config 179 interface 65 has no altsetting 0 [ 341.661528][T20600] usb 10-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 341.665263][T20600] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 qemu-system-x86_64: ahci: PRDT length for NCQ command (0x0) is smaller than the requested size (0xa8000) [ 341.777998][T20600] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:179.65/input/input47 [ 341.786132][ T1130] ata1.00: Read log 0x10 page 0x00 failed, Emask 0x1 [ 341.794525][ T1130] ata1: failed to read log page 10h (errno=-5) [ 341.808916][ T1130] ata1.00: NCQ disabled due to excessive errors [ 341.811341][ T1130] ata1.00: exception Emask 0x1 SAct 0x4000 SErr 0x0 action 0x0 [ 341.813865][ T1130] ata1.00: irq_stat 0x41000008 [ 341.815717][ T1130] ata1.00: failed command: READ FPDMA QUEUED [ 341.817870][ T1130] ata1.00: cmd 60/40:70:76:38:01/05:00:00:00:00/40 tag 14 ncq dma 688128 in [ 341.817870][ T1130] res 50/04:00:00:00:00/00:00:00:00:00/00 Emask 0x1 (device error) [ 341.825384][ T1130] ata1.00: status: { DRDY } [ 341.827982][ T1130] ata1.00: error: { ABRT } [ 341.830728][ T1130] ata1.00: configured for UDMA/100 [ 341.832883][ T1130] sd 0:0:0:0: [sda] tag#14 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 341.835879][ T5135] input input47: unable to receive magic message: -110 [ 341.838231][ T1130] sd 0:0:0:0: [sda] tag#14 Sense Key : Aborted Command [current] [ 341.846543][ T1130] sd 0:0:0:0: [sda] tag#14 Add. Sense: No additional sense information [ 341.854162][ T5135] input input47: unable to receive magic message: -32 [ 341.854478][ T1130] sd 0:0:0:0: [sda] tag#14 CDB: Read(10) 28 00 00 01 38 76 00 05 40 00 [ 341.861281][ T1130] I/O error, dev sda, sector 79990 op 0x0:(READ) flags 0x84700 phys_seg 168 prio class 2 [ 341.865131][ T1130] ata1: EH complete [ 341.868796][ T5135] input input47: unable to receive magic message: -32 [ 341.895698][ T24] usb 10-1: USB disconnect, device number 7 [ 341.895830][ C3] xpad 10-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 341.900756][ T5135] input input47: unable to receive magic message: -71 [ 341.901889][ C3] xpad 10-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 342.025212][ T7612] lo speed is unknown, defaulting to 1000 [ 342.075655][T20600] usb 11-1: new high-speed USB device number 5 using dummy_hcd [ 342.085733][ T5823] usb 6-1: new high-speed USB device number 14 using dummy_hcd [ 342.242399][T20600] usb 11-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 342.245841][ T5823] usb 6-1: Using ep0 maxpacket: 32 [ 342.246989][T20600] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 342.249611][ T5823] usb 6-1: unable to get BOS descriptor or descriptor too short [ 342.251237][T20600] usb 11-1: Product: syz [ 342.254528][ T5823] usb 6-1: config 252 has an invalid interface number: 0 but max is -1 [ 342.255376][T20600] usb 11-1: Manufacturer: syz [ 342.258427][ T5823] usb 6-1: config 252 has 1 interface, different from the descriptor's value: 0 [ 342.260169][T20600] usb 11-1: SerialNumber: syz [ 342.262572][T20600] usb 11-1: config 0 descriptor?? [ 342.270484][ T5823] usb 6-1: string descriptor 0 read error: -22 [ 342.272410][ T5823] usb 6-1: New USB device found, idVendor=0ccd, idProduct=0102, bcdDevice=89.0e [ 342.275441][ T5823] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 342.284751][ T5823] dvb-usb: found a 'Terratec Cinergy S2 USB HD Rev.3' in warm state. [ 342.288774][ T5823] dw2102: su3000_power_ctrl: 1, initialized 0 [ 342.291154][ T5823] dvb-usb: bulk message failed: -22 (2/0) [ 342.295424][ T5823] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 342.299995][ T5823] dvbdev: DVB: registering new adapter (Terratec Cinergy S2 USB HD Rev.3) [ 342.303661][ T5823] usb 6-1: media controller created [ 342.306207][ T5823] dvb-usb: bulk message failed: -22 (6/0) [ 342.308618][ T5823] dw2102: i2c transfer failed. [ 342.310192][ T5823] dvb-usb: bulk message failed: -22 (6/0) [ 342.312041][ T5823] dw2102: i2c transfer failed. [ 342.313551][ T5823] dvb-usb: bulk message failed: -22 (6/0) [ 342.315425][ T5823] dw2102: i2c transfer failed. [ 342.317261][ T5823] dvb-usb: bulk message failed: -22 (6/0) [ 342.319246][ T5823] dw2102: i2c transfer failed. [ 342.320873][ T5823] dvb-usb: bulk message failed: -22 (6/0) [ 342.322820][ T5823] dw2102: i2c transfer failed. [ 342.324813][ T5823] dvb-usb: bulk message failed: -22 (6/0) [ 342.327312][ T5823] dw2102: i2c transfer failed. [ 342.329166][ T5823] dvb-usb: MAC address: 02:02:02:02:02:02 [ 342.345179][ T5823] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 342.361317][ T5823] dvb-usb: bulk message failed: -22 (3/0) [ 342.363856][ T5823] dw2102: command 0x0e transfer failed. [ 342.366085][ T5823] dvb-usb: bulk message failed: -22 (3/0) [ 342.367891][ T5823] dw2102: command 0x0e transfer failed. [ 342.480637][T20600] usb 11-1: USB disconnect, device number 5 [ 342.685628][ T5823] dvb-usb: bulk message failed: -22 (3/0) [ 342.687468][ T5823] dw2102: command 0x0e transfer failed. [ 342.689207][ T5823] dvb-usb: bulk message failed: -22 (3/0) [ 342.691049][ T5823] dw2102: command 0x0e transfer failed. [ 342.692726][ T5823] dvb-usb: bulk message failed: -22 (1/0) [ 342.694503][ T5823] dw2102: command 0x51 transfer failed. [ 342.712418][ T5823] DVB: Unable to find symbol ds3000_attach() [ 342.715177][ T5823] dvb-usb: no frontend was attached by 'Terratec Cinergy S2 USB HD Rev.3' [ 342.765729][ T5823] rc_core: IR keymap rc-su3000 not found [ 342.767698][ T5823] Registered IR keymap rc-empty [ 342.770733][ T5823] rc rc0: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.1/usb6/6-1/rc/rc0 [ 342.775206][ T5823] input: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.1/usb6/6-1/rc/rc0/input48 [ 342.780694][ T5823] dvb-usb: schedule remote query interval to 150 msecs. [ 342.782898][ T5823] dw2102: su3000_power_ctrl: 0, initialized 1 [ 342.784946][ T5823] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully initialized and connected. [ 342.791126][ T5823] usb 6-1: USB disconnect, device number 14 [ 342.818343][ T5823] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully deinitialized and disconnected. [ 343.026596][ T7696] netlink: 'syz.5.13546': attribute type 2 has an invalid length. [ 343.563949][ T7764] sctp: [Deprecated]: syz.5.13565 (pid 7764) Use of struct sctp_assoc_value in delayed_ack socket option. [ 343.563949][ T7764] Use struct sctp_sack_info instead [ 343.583762][ T7764] sctp: [Deprecated]: syz.5.13565 (pid 7764) Use of struct sctp_assoc_value in delayed_ack socket option. [ 343.583762][ T7764] Use struct sctp_sack_info instead [ 343.807178][ T7797] netlink: 5 bytes leftover after parsing attributes in process `syz.1.13577'. [ 344.086154][ T5823] usb 10-1: new high-speed USB device number 8 using dummy_hcd [ 344.169502][ T7837] lo speed is unknown, defaulting to 1000 [ 344.235763][ T5823] usb 10-1: Using ep0 maxpacket: 32 [ 344.241546][ T5823] usb 10-1: unable to get BOS descriptor or descriptor too short [ 344.249052][ T5823] usb 10-1: config 8 has an invalid interface number: 188 but max is 0 [ 344.252472][ T5823] usb 10-1: config 8 has no interface number 0 [ 344.255104][ T5823] usb 10-1: config 8 interface 188 has no altsetting 0 [ 344.268998][ T5823] usb 10-1: string descriptor 0 read error: -22 [ 344.271640][ T5823] usb 10-1: New USB device found, idVendor=0ccd, idProduct=0102, bcdDevice=89.0e [ 344.275349][ T5823] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 344.289959][ T5823] dvb-usb: found a 'Terratec Cinergy S2 USB HD Rev.3' in warm state. [ 344.293640][ T5823] dw2102: su3000_power_ctrl: 1, initialized 0 [ 344.297749][ T5823] dvb-usb: bulk message failed: -22 (2/0) [ 344.306159][ T5823] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 344.310973][ T5823] dvbdev: DVB: registering new adapter (Terratec Cinergy S2 USB HD Rev.3) [ 344.314987][ T5823] usb 10-1: media controller created [ 344.318046][ T5823] dvb-usb: bulk message failed: -22 (6/0) [ 344.321252][ T5823] dw2102: i2c transfer failed. [ 344.323471][ T5823] dvb-usb: bulk message failed: -22 (6/0) [ 344.327162][ T5823] dw2102: i2c transfer failed. [ 344.329386][ T5823] dvb-usb: bulk message failed: -22 (6/0) [ 344.332139][ T5823] dw2102: i2c transfer failed. [ 344.334208][ T5823] dvb-usb: bulk message failed: -22 (6/0) [ 344.337555][ T5823] dw2102: i2c transfer failed. [ 344.339609][ T5823] dvb-usb: bulk message failed: -22 (6/0) [ 344.341909][ T5823] dw2102: i2c transfer failed. [ 344.343870][ T5823] dvb-usb: bulk message failed: -22 (6/0) [ 344.352000][ T5823] dw2102: i2c transfer failed. [ 344.366921][ T5823] dvb-usb: MAC address: 02:02:02:02:02:02 [ 344.379241][ T5823] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 344.398451][ T7888] netlink: 12 bytes leftover after parsing attributes in process `syz.6.13595'. [ 344.430162][ T5823] dvb-usb: bulk message failed: -22 (3/0) [ 344.432620][ T5823] dw2102: command 0x0e transfer failed. [ 344.434932][ T5823] dvb-usb: bulk message failed: -22 (3/0) [ 344.437999][ T5823] dw2102: command 0x0e transfer failed. [ 344.755803][ T5823] dvb-usb: bulk message failed: -22 (3/0) [ 344.762238][ T5823] dw2102: command 0x0e transfer failed. [ 344.767229][ T5823] dvb-usb: bulk message failed: -22 (3/0) [ 344.772788][ T5823] dw2102: command 0x0e transfer failed. [ 344.777381][ T5823] dvb-usb: bulk message failed: -22 (1/0) [ 344.779915][ T5823] dw2102: command 0x51 transfer failed. [ 344.782321][ T7800] dvb-usb: bulk message failed: -22 (4/0) [ 344.784978][ T7800] dw2102: i2c transfer failed. [ 344.811803][ T5823] DVB: Unable to find symbol ds3000_attach() [ 344.816061][ T5823] dvb-usb: no frontend was attached by 'Terratec Cinergy S2 USB HD Rev.3' [ 344.876111][ T5823] rc_core: IR keymap rc-su3000 not found [ 344.878237][ T5823] Registered IR keymap rc-empty [ 344.881346][ T5823] rc rc0: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.5/usb10/10-1/rc/rc0 [ 344.889925][ T5823] input: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.5/usb10/10-1/rc/rc0/input49 [ 344.900334][ T5823] dvb-usb: schedule remote query interval to 150 msecs. [ 344.905413][ T5823] dw2102: su3000_power_ctrl: 0, initialized 1 [ 344.910019][ T5823] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully initialized and connected. [ 344.920878][ T5823] usb 10-1: USB disconnect, device number 8 [ 344.962304][ T5823] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully deinitialized and disconnected. [ 344.991380][ T5757] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 344.999898][ T5757] Bluetooth: hci3: Injecting HCI hardware error event [ 345.006436][ T5757] Bluetooth: hci3: hardware error 0x00 [ 345.374125][ T8000] lo speed is unknown, defaulting to 1000 [ 345.421505][ T8027] IPVS: sync thread started: state = MASTER, mcast_ifn = ip6gre0, syncid = 1, id = 0 [ 345.433399][ T8029] netlink: 47 bytes leftover after parsing attributes in process `syz.1.13622'. [ 345.438337][ T8029] netlink: 20 bytes leftover after parsing attributes in process `syz.1.13622'. [ 346.071498][ T8088] program syz.1.13643 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 346.255350][ T8118] netlink: 8 bytes leftover after parsing attributes in process `syz.6.13654'. [ 346.264490][ T8118] netlink: 8 bytes leftover after parsing attributes in process `syz.6.13654'. [ 346.488553][ T8150] netlink: 4 bytes leftover after parsing attributes in process `syz.5.13665'. [ 346.546177][ T8155] lo speed is unknown, defaulting to 1000 [ 347.067784][ T5757] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 347.195837][ T5901] usb 6-1: new high-speed USB device number 15 using dummy_hcd [ 347.364000][ T5901] usb 6-1: Using ep0 maxpacket: 8 [ 347.371917][ T5901] usb 6-1: config index 0 descriptor too short (expected 5924, got 36) [ 347.380529][ T5901] usb 6-1: config 250 has an invalid interface number: 228 but max is -1 [ 347.390751][ T5901] usb 6-1: config 250 has 1 interface, different from the descriptor's value: 0 [ 347.397264][ T5901] usb 6-1: config 250 has no interface number 0 [ 347.402285][ T5901] usb 6-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024 [ 347.413264][ T5901] usb 6-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024 [ 347.431309][ T5901] usb 6-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0 [ 347.435610][ T5901] usb 6-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0 [ 347.439945][ T5901] usb 6-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17 [ 347.445435][ T5901] usb 6-1: config 250 interface 228 has no altsetting 0 [ 347.449615][ T5901] usb 6-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07 [ 347.453486][ T5901] usb 6-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59 [ 347.457913][ T5901] usb 6-1: Product: syz [ 347.459830][ T5901] usb 6-1: SerialNumber: syz [ 347.483825][ T8271] netlink: 24 bytes leftover after parsing attributes in process `syz.5.13695'. [ 347.484010][ T5901] hub 6-1:250.228: bad descriptor, ignoring hub [ 347.504224][ T5901] hub 6-1:250.228: probe with driver hub failed with error -5 [ 347.714256][ T5901] usblp 6-1:250.228: usblp0: USB Bidirectional printer dev 15 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292 [ 348.008763][ T5900] usb 6-1: USB disconnect, device number 15 [ 348.019116][ T5900] usblp0: removed [ 348.041295][ T8340] netlink: 4 bytes leftover after parsing attributes in process `syz.3.13713'. [ 348.311105][ T40] audit: type=1326 audit(1780300766.949:22541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8375 comm="syz.3.13725" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef7c code=0x7ffc0000 [ 348.318859][ T40] audit: type=1326 audit(1780300766.949:22542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8375 comm="syz.3.13725" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef7c code=0x7ffc0000 [ 348.327498][ T40] audit: type=1326 audit(1780300766.949:22543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8375 comm="syz.3.13725" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef7c code=0x7ffc0000 [ 348.336348][ T40] audit: type=1326 audit(1780300766.949:22544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8375 comm="syz.3.13725" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef7c code=0x7ffc0000 [ 348.344326][ T40] audit: type=1326 audit(1780300766.949:22545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8375 comm="syz.3.13725" exe="/syz-executor" sig=0 arch=40000003 syscall=296 compat=1 ip=0xf703ef7c code=0x7ffc0000 [ 348.351895][ T40] audit: type=1326 audit(1780300766.949:22546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8375 comm="syz.3.13725" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef7c code=0x7ffc0000 [ 348.358557][ T40] audit: type=1326 audit(1780300766.949:22547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8375 comm="syz.3.13725" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef7c code=0x7ffc0000 [ 348.369053][ T40] audit: type=1326 audit(1780300766.949:22548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8375 comm="syz.3.13725" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef7c code=0x7ffc0000 [ 348.382248][ T40] audit: type=1326 audit(1780300766.949:22549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8375 comm="syz.3.13725" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef7c code=0x7ffc0000 [ 348.389947][ T40] audit: type=1326 audit(1780300766.949:22550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8375 comm="syz.3.13725" exe="/syz-executor" sig=0 arch=40000003 syscall=301 compat=1 ip=0xf703ef7c code=0x7ffc0000 [ 348.527501][ T8397] netlink: 12 bytes leftover after parsing attributes in process `syz.5.13730'. [ 348.576214][ T8404] tipc: Enabled bearer , priority 10 [ 348.664016][ T8415] lo speed is unknown, defaulting to 1000 [ 348.773615][ T8449] IPVS: sync thread started: state = MASTER, mcast_ifn = ip6gre0, syncid = 1, id = 0 [ 349.077405][ T8478] lo speed is unknown, defaulting to 1000 [ 349.229201][ T8512] netlink: 7060 bytes leftover after parsing attributes in process `syz.3.13750'. [ 349.653310][ T8536] netlink: 16186 bytes leftover after parsing attributes in process `syz.6.13763'. [ 350.610133][ T8647] netlink: 4 bytes leftover after parsing attributes in process `syz.6.13806'. [ 350.763093][ T8668] netlink: 'syz.6.13815': attribute type 1 has an invalid length. [ 350.818664][ T8677] IPVS: sync thread started: state = BACKUP, mcast_ifn = bond0, syncid = 4, id = 0 [ 350.818805][ T8675] IPVS: stopping backup sync thread 8677 ... [ 350.920919][ T39] kernel write not supported for file /uhid (pid: 39 comm: kworker/3:1) [ 350.922055][ T8695] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 351.323158][ T8748] netlink: 4 bytes leftover after parsing attributes in process `syz.1.13848'. [ 351.466386][ T8766] netlink: 'syz.6.13855': attribute type 3 has an invalid length. [ 351.579794][ T8782] sock: sock_timestamping_bind_phc: sock not bind to device [ 351.671023][ T8790] netlink: 1010 bytes leftover after parsing attributes in process `syz.5.13864'. [ 351.675005][ T8790] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 351.954105][ T8831] netlink: 12 bytes leftover after parsing attributes in process `syz.1.13881'. [ 351.961044][ T8831] vlan3: entered promiscuous mode [ 352.189516][ T8862] ptrace attach of "/syz-executor exec"[5755] was attempted by ""[8862] [ 352.285135][ T8880] netlink: 8 bytes leftover after parsing attributes in process `syz.5.13901'. [ 352.403181][ T8899] netlink: 12 bytes leftover after parsing attributes in process `syz.6.13911'. [ 352.732486][ T8937] netlink: 8 bytes leftover after parsing attributes in process `syz.6.13923'. [ 352.894748][ T24] dummy0: entered promiscuous mode [ 352.904388][ T39] dummy0: left promiscuous mode [ 353.221725][ T9003] program syz.5.13948 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 353.335244][ T9017] netlink: 256 bytes leftover after parsing attributes in process `syz.5.13954'. [ 353.359089][ T9019] netlink: 'syz.6.13955': attribute type 3 has an invalid length. [ 353.782022][ T9063] can0: slcan on ttyS3. [ 353.859847][ T9062] can0 (unregistered): slcan off ttyS3. [ 354.388615][ T9147] __nla_validate_parse: 2 callbacks suppressed [ 354.388634][ T9147] netlink: 24 bytes leftover after parsing attributes in process `syz.6.14000'. [ 355.225261][ T9207] bridge0: port 3(team0) entered disabled state [ 355.238292][ T9207] bridge0: port 1(bridge_slave_0) entered disabled state [ 355.243722][ T9207] bridge0: port 2(bridge_slave_1) entered disabled state [ 355.278200][ T9212] netlink: 'syz.1.14020': attribute type 16 has an invalid length. [ 355.283667][ T9212] netlink: 'syz.1.14020': attribute type 17 has an invalid length. [ 355.306296][ T9212] bridge0: port 1(bridge_slave_0) entered blocking state [ 355.309105][ T9212] bridge0: port 1(bridge_slave_0) entered forwarding state [ 355.322908][ T9212] bridge0: port 2(bridge_slave_1) entered blocking state [ 355.325925][ T9212] bridge0: port 2(bridge_slave_1) entered forwarding state [ 355.380378][ T9227] netlink: 8 bytes leftover after parsing attributes in process `syz.5.14027'. [ 355.381368][ T13] bridge0: port 3(team0) entered blocking state [ 355.383893][ T9227] netlink: 'syz.5.14027': attribute type 5 has an invalid length. [ 355.386641][ T13] bridge0: port 3(team0) entered forwarding state [ 355.393257][ T9227] netlink: 12 bytes leftover after parsing attributes in process `syz.5.14027'. [ 355.404741][ T9227] geneve3: entered promiscuous mode [ 355.406852][ T9227] geneve3: entered allmulticast mode [ 355.409673][ T1193] netdevsim netdevsim5 netdevsim0: set [1, 1] type 2 family 0 port 256 - 0 [ 355.413474][ T1193] netdevsim netdevsim5 netdevsim1: set [1, 1] type 2 family 0 port 256 - 0 [ 355.421059][ T1193] netdevsim netdevsim5 netdevsim2: set [1, 1] type 2 family 0 port 256 - 0 [ 355.431008][ T1193] netdevsim netdevsim5 netdevsim3: set [1, 1] type 2 family 0 port 256 - 0 [ 355.647983][ T9264] RDS: rds_bind could not find a transport for ::ffff:172.20.20.170, load rds_tcp or rds_rdma? [ 355.729596][ T9272] netlink: 68 bytes leftover after parsing attributes in process `syz.3.14046'. [ 355.733492][ T9272] netlink: 16 bytes leftover after parsing attributes in process `syz.3.14046'. [ 355.747840][ T9274] program syz.6.14047 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 355.819012][ T9283] netlink: 16 bytes leftover after parsing attributes in process `syz.3.14051'. [ 355.925047][ T9293] can0: slcan on ttyS3. [ 356.006105][ T9291] can0 (unregistered): slcan off ttyS3. [ 356.047735][ T9312] netlink: 4 bytes leftover after parsing attributes in process `syz.3.14059'. [ 356.082318][ T9314] openvswitch: netlink: Invalid MD length 0 for MD type 0 [ 356.085412][ T9314] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 356.751345][ T9388] tipc: Invalid UDP bearer configuration [ 356.751389][ T9388] tipc: Enabling of bearer rejected, failed to enable media [ 356.887098][ T9402] sch_fq: defrate 2 ignored. [ 357.055425][ T9422] bridge0: port 1(bridge_slave_0) entered disabled state [ 357.061107][ T9422] bridge0: port 2(bridge_slave_1) entered disabled state [ 357.074302][ T9422] tipc: Resetting bearer [ 357.078224][ T9422] tipc: Resetting bearer [ 357.088712][ T9427] netlink: 'syz.5.14100': attribute type 16 has an invalid length. [ 357.091544][ T13] tipc: Resetting bearer [ 357.092215][ T9427] netlink: 'syz.5.14100': attribute type 17 has an invalid length. [ 357.119413][ T9427] bridge0: port 1(bridge_slave_0) entered blocking state [ 357.123542][ T9427] bridge0: port 1(bridge_slave_0) entered forwarding state [ 357.128735][ T9427] bridge0: port 2(bridge_slave_1) entered blocking state [ 357.131758][ T9427] bridge0: port 2(bridge_slave_1) entered forwarding state [ 357.276410][ T9443] netlink: 4 bytes leftover after parsing attributes in process `syz.3.14114'. [ 357.673293][T20600] IPVS: starting estimator thread 0... [ 357.777264][ T9500] IPVS: using max 44 ests per chain, 105600 per kthread [ 357.965667][ T40] kauditd_printk_skb: 4 callbacks suppressed [ 357.965680][ T40] audit: type=1326 audit(1780300776.599:22555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9544 comm="syz.6.14142" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef7c code=0x7ffc0000 [ 357.979021][ T40] audit: type=1326 audit(1780300776.599:22556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9544 comm="syz.6.14142" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef7c code=0x7ffc0000 [ 357.989433][ T40] audit: type=1326 audit(1780300776.599:22557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9544 comm="syz.6.14142" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf71761ab code=0x7ffc0000 [ 357.998406][ T40] audit: type=1326 audit(1780300776.599:22558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9544 comm="syz.6.14142" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef7c code=0x7ffc0000 [ 358.007134][ T40] audit: type=1326 audit(1780300776.599:22559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9544 comm="syz.6.14142" exe="/syz-executor" sig=0 arch=40000003 syscall=314 compat=1 ip=0xf703ef7c code=0x7ffc0000 [ 358.015041][ T40] audit: type=1326 audit(1780300776.599:22560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9544 comm="syz.6.14142" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef7c code=0x7ffc0000 [ 358.034771][ T40] audit: type=1326 audit(1780300776.609:22561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9544 comm="syz.6.14142" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef7c code=0x7ffc0000 [ 358.124329][ T9557] digital: digital_start_poll: Unknown protocol [ 358.209655][ T9565] netlink: 8 bytes leftover after parsing attributes in process `syz.6.14150'. [ 358.458639][ T9589] bridge0: port 1(bridge_slave_0) entered disabled state [ 358.463295][ T9589] bridge0: port 2(bridge_slave_1) entered disabled state [ 358.518661][ T9589] netlink: 'syz.6.14161': attribute type 16 has an invalid length. [ 358.520947][ T9589] netlink: 'syz.6.14161': attribute type 17 has an invalid length. [ 358.540953][ T9589] bridge0: port 1(bridge_slave_0) entered blocking state [ 358.543829][ T9597] netlink: 'syz.3.14165': attribute type 1 has an invalid length. [ 358.544028][ T9589] bridge0: port 1(bridge_slave_0) entered forwarding state [ 358.546615][ T9597] netlink: 'syz.3.14165': attribute type 2 has an invalid length. [ 358.551103][ T9589] bridge0: port 2(bridge_slave_1) entered blocking state [ 358.551612][ T9597] netlink: 'syz.3.14165': attribute type 1 has an invalid length. [ 358.554469][ T9589] bridge0: port 2(bridge_slave_1) entered forwarding state [ 358.558573][ T9597] netlink: 16 bytes leftover after parsing attributes in process `syz.3.14165'. [ 358.683266][ T9601] usb usb3: usbfs: process 9601 (syz.1.14167) did not claim interface 0 before use [ 359.901414][ T9799] overlayfs: conflicting lowerdir path [ 359.942831][ T9807] __nla_validate_parse: 2 callbacks suppressed [ 359.942842][ T9807] netlink: 28 bytes leftover after parsing attributes in process `syz.1.14249'. [ 359.999269][ T9821] netlink: 8 bytes leftover after parsing attributes in process `syz.1.14254'. [ 360.003460][ T9821] netlink: 8 bytes leftover after parsing attributes in process `syz.1.14254'. [ 360.007624][ T9821] netlink: 8 bytes leftover after parsing attributes in process `syz.1.14254'. [ 360.024150][ T9821] netlink: 8 bytes leftover after parsing attributes in process `syz.1.14254'. [ 360.027893][ T9821] netlink: 8 bytes leftover after parsing attributes in process `syz.1.14254'. [ 360.171284][ T9849] netlink: 24 bytes leftover after parsing attributes in process `syz.1.14264'. [ 360.312739][ T9867] vimc link validate: Sensor A:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 0:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 360.716549][ T5900] usb 11-1: new low-speed USB device number 6 using dummy_hcd [ 360.867456][ T5900] usb 11-1: config 0 has an invalid interface number: 55 but max is 0 [ 360.871128][ T5900] usb 11-1: config 0 has no interface number 0 [ 360.877593][ T5900] usb 11-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 360.882592][ T5900] usb 11-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8 [ 360.888010][ T5900] usb 11-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 360.893043][ T5900] usb 11-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10 [ 360.897954][ T5900] usb 11-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8 [ 360.902651][ T5900] usb 11-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 360.908603][ T5900] usb 11-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 360.912838][ T5900] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 360.920525][ T5900] usb 11-1: config 0 descriptor?? [ 360.923842][ T9901] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 360.927677][ T9901] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 360.935837][ T5900] ldusb 11-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 360.944649][ T9935] vlan5: entered promiscuous mode [ 360.948938][ T9935] gretap0: entered promiscuous mode [ 360.951612][ T9935] vlan5: entered allmulticast mode [ 360.954434][ T9935] gretap0: entered allmulticast mode [ 361.148437][ T9901] ldusb 11-1:0.55: Write buffer overflow, 138595949 bytes dropped [ 361.156977][ T29] usb 11-1: USB disconnect, device number 6 [ 361.162833][ T29] ldusb 11-1:0.55: LD USB Device #0 now disconnected [ 361.516718][ T40] audit: type=1800 audit(1780300780.149:22562): pid=9982 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.14307" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0 [ 361.788402][T10009] EXT4-fs: Conflicting test_dummy_encryption options [ 362.023329][T10034] netlink: 220 bytes leftover after parsing attributes in process `syz.5.14327'. [ 362.027623][T10034] netlink: 8 bytes leftover after parsing attributes in process `syz.5.14327'. [ 362.076396][T10037] ================================================================== [ 362.079733][T10037] BUG: KASAN: slab-use-after-free in dvb_device_open+0x33f/0x3b0 [ 362.082944][T10037] Read of size 8 at addr ffff8880006a6618 by task syz.5.14328/10037 [ 362.087638][T10037] [ 362.089052][T10037] CPU: 3 UID: 0 PID: 10037 Comm: syz.5.14328 Tainted: G L syzkaller #0 PREEMPT(full) [ 362.089083][T10037] Tainted: [L]=SOFTLOCKUP [ 362.089091][T10037] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 362.089103][T10037] Call Trace: [ 362.089110][T10037] [ 362.089118][T10037] dump_stack_lvl+0x100/0x190 [ 362.089140][T10037] print_report+0x13d/0x4b0 [ 362.089169][T10037] ? __virt_addr_valid+0x239/0x430 [ 362.089200][T10037] ? dvb_device_open+0x33f/0x3b0 [ 362.089227][T10037] kasan_report+0xdf/0x1d0 [ 362.089249][T10037] ? dvb_device_open+0x33f/0x3b0 [ 362.089278][T10037] ? __pfx_dvb_device_open+0x10/0x10 [ 362.089305][T10037] dvb_device_open+0x33f/0x3b0 [ 362.089333][T10037] ? __pfx_dvb_device_open+0x10/0x10 [ 362.089358][T10037] chrdev_open+0x234/0x6a0 [ 362.089380][T10037] ? __pfx_apparmor_file_open+0x10/0x10 [ 362.089401][T10037] ? __pfx_chrdev_open+0x10/0x10 [ 362.089423][T10037] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 362.089450][T10037] do_dentry_open+0x6ab/0x14d0 [ 362.089472][T10037] ? __pfx_chrdev_open+0x10/0x10 [ 362.089498][T10037] vfs_open+0x82/0x3f0 [ 362.089525][T10037] path_openat+0x208c/0x31a0 [ 362.089549][T10037] ? asm_int80_emulation+0x1a/0x20 [ 362.089568][T10037] ? __pfx_path_openat+0x10/0x10 [ 362.089595][T10037] do_file_open+0x20e/0x430 [ 362.089618][T10037] ? __pfx_do_file_open+0x10/0x10 [ 362.089649][T10037] ? _raw_spin_unlock+0x28/0x50 [ 362.089673][T10037] ? alloc_fd+0x476/0x790 [ 362.089697][T10037] do_sys_openat2+0x10d/0x1e0 [ 362.089750][T10037] ? __pfx_do_sys_openat2+0x10/0x10 [ 362.089783][T10037] ? __ia32_sys_futex_time32+0x2fd/0x470 [ 362.089808][T10037] __ia32_compat_sys_openat+0x12d/0x210 [ 362.089839][T10037] ? __pfx___ia32_compat_sys_openat+0x10/0x10 [ 362.089876][T10037] ? rcu_is_watching+0x12/0xc0 [ 362.089898][T10037] ? rcu_is_watching+0x12/0xc0 [ 362.089919][T10037] do_int80_emulation+0x14b/0x720 [ 362.089950][T10037] asm_int80_emulation+0x1a/0x20 [ 362.089970][T10037] RIP: 0023:0xf71061ab [ 362.089985][T10037] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53 [ 362.090003][T10037] RSP: 002b:00000000f53c603c EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 362.090022][T10037] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000f53c6100 [ 362.090034][T10037] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 362.090045][T10037] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 362.090056][T10037] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 362.090066][T10037] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 362.090084][T10037] [ 362.090090][T10037] [ 362.125759][ T29] usb 6-1: new full-speed USB device number 16 using dummy_hcd [ 362.127355][T10037] Allocated by task 1: [ 362.187680][T10037] kasan_save_stack+0x30/0x50 [ 362.189664][T10037] kasan_save_track+0x14/0x30 [ 362.191646][T10037] __kasan_kmalloc+0xaa/0xb0 [ 362.193539][T10037] dvb_register_device+0x1d6/0x1e20 [ 362.195643][T10037] dvb_register_frontend+0x552/0x820 [ 362.197823][T10037] vidtv_bridge_probe+0x44b/0xa30 [ 362.199926][T10037] platform_probe+0x106/0x1d0 [ 362.201928][T10037] really_probe+0x241/0xa60 [ 362.203833][T10037] __driver_probe_device+0x22e/0x480 [ 362.206152][T10037] driver_probe_device+0x4c/0x1b0 [ 362.208282][T10037] __driver_attach+0x21f/0x5d0 [ 362.210291][T10037] bus_for_each_dev+0x13e/0x1d0 [ 362.212336][T10037] bus_add_driver+0x305/0x5b0 [ 362.214322][T10037] driver_register+0x1e2/0x360 [ 362.216311][T10037] vidtv_bridge_init+0x38/0x70 [ 362.218341][T10037] do_one_initcall+0x121/0x750 [ 362.220568][T10037] kernel_init_freeable+0x6ea/0x7b0 [ 362.222677][T10037] kernel_init+0x1f/0x1e0 [ 362.224245][T10037] ret_from_fork+0x72b/0xd50 [ 362.225668][T10037] ret_from_fork_asm+0x1a/0x30 [ 362.227165][T10037] [ 362.227970][T10037] Freed by task 9950: [ 362.229378][T10037] kasan_save_stack+0x30/0x50 [ 362.231325][T10037] kasan_save_track+0x14/0x30 [ 362.233158][T10037] kasan_save_free_info+0x3b/0x70 [ 362.235219][T10037] __kasan_slab_free+0x5f/0x80 [ 362.237150][T10037] kfree+0x223/0x6c0 [ 362.238816][T10037] dvb_device_put.part.0+0x57/0x90 [ 362.240878][T10037] dvb_device_open+0x2ba/0x3b0 [ 362.242789][T10037] chrdev_open+0x234/0x6a0 [ 362.244959][T10037] do_dentry_open+0x6ab/0x14d0 [ 362.246621][T10037] vfs_open+0x82/0x3f0 [ 362.247978][T10037] path_openat+0x208c/0x31a0 [ 362.249648][T10037] do_file_open+0x20e/0x430 [ 362.251559][T10037] do_sys_openat2+0x10d/0x1e0 [ 362.253607][T10037] __ia32_compat_sys_openat+0x12d/0x210 [ 362.255925][T10037] do_int80_emulation+0x14b/0x720 [ 362.258101][T10037] asm_int80_emulation+0x1a/0x20 [ 362.260180][T10037] [ 362.261316][T10037] The buggy address belongs to the object at ffff8880006a6600 [ 362.261316][T10037] which belongs to the cache kmalloc-256 of size 256 [ 362.266904][T10037] The buggy address is located 24 bytes inside of [ 362.266904][T10037] freed 256-byte region [ffff8880006a6600, ffff8880006a6700) [ 362.271508][T10037] [ 362.272250][T10037] The buggy address belongs to the physical page: [ 362.274151][T10037] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x6a6 [ 362.276777][T10037] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 362.279390][T10037] flags: 0x7ff00000000040(head|node=0|zone=0|lastcpupid=0x7ff) [ 362.281694][T10037] page_type: f5(slab) [ 362.282943][T10037] raw: 007ff00000000040 ffff88801b842b40 dead000000000100 dead000000000122 [ 362.285492][T10037] raw: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000 [ 362.288232][T10037] head: 007ff00000000040 ffff88801b842b40 dead000000000100 dead000000000122 [ 362.290867][T10037] head: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000 [ 362.293476][T10037] head: 007ff00000000001 ffffffffffffff81 00000000ffffffff 00000000ffffffff [ 362.296124][T10037] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 362.298963][T10037] page dumped because: kasan: bad access detected [ 362.301330][T10037] page_owner tracks the page as allocated [ 362.303375][T10037] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 20017106396, free_ts 0 [ 362.309963][T10037] post_alloc_hook+0xfd/0x120 [ 362.311461][T10037] get_page_from_freelist+0x11a6/0x3410 [ 362.313165][T10037] __alloc_frozen_pages_noprof+0x27c/0x2bc0 [ 362.314975][T10037] new_slab+0xa6/0x6c0 [ 362.316491][T10037] refill_objects+0x277/0x420 [ 362.318056][T10037] __pcs_replace_empty_main+0x375/0x650 [ 362.319768][T10037] __kmalloc_cache_noprof+0x493/0x6f0 [ 362.321453][T10037] bus_add_driver+0x92/0x5b0 [ 362.322886][T10037] driver_register+0x1e2/0x360 [ 362.324325][T10037] usb_register_driver+0x21c/0x3e0 [ 362.325925][T10037] do_one_initcall+0x121/0x750 [ 362.327385][T10037] kernel_init_freeable+0x6ea/0x7b0 [ 362.328970][T10037] kernel_init+0x1f/0x1e0 [ 362.330287][T10037] ret_from_fork+0x72b/0xd50 [ 362.331713][T10037] ret_from_fork_asm+0x1a/0x30 [ 362.333140][T10037] page_owner free stack trace missing [ 362.334727][T10037] [ 362.335434][T10037] Memory state around the buggy address: [ 362.337613][T10037] ffff8880006a6500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 362.340424][T10037] ffff8880006a6580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 362.342795][T10037] >ffff8880006a6600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 362.345111][T10037] ^ [ 362.346902][T10037] ffff8880006a6680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 362.349287][T10037] ffff8880006a6700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 362.351849][T10037] ================================================================== [ 362.355485][T10037] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 362.358052][T10037] CPU: 3 UID: 0 PID: 10037 Comm: syz.5.14328 Tainted: G L syzkaller #0 PREEMPT(full) [ 362.361914][T10037] Tainted: [L]=SOFTLOCKUP [ 362.363558][T10037] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 362.367229][T10037] Call Trace: [ 362.368607][T10037] [ 362.369791][T10037] dump_stack_lvl+0x100/0x190 [ 362.371507][T10037] vpanic+0x552/0x970 [ 362.372829][T10037] ? __pfx_vpanic+0x10/0x10 [ 362.374366][T10037] ? mark_held_locks+0x40/0x70 [ 362.376099][T10037] ? dvb_device_open+0x33f/0x3b0 [ 362.377943][T10037] panic+0xd1/0xe0 [ 362.379315][T10037] ? __pfx_panic+0x10/0x10 [ 362.381123][T10037] ? dvb_device_open+0x33f/0x3b0 [ 362.383015][T10037] ? preempt_schedule_common+0x42/0xc0 [ 362.384967][T10037] check_panic_on_warn.cold+0x19/0x34 [ 362.386901][T10037] end_report.part.0+0x3a/0x90 [ 362.389081][T10037] kasan_report.cold+0xe/0x18 [ 362.390820][T10037] ? dvb_device_open+0x33f/0x3b0 [ 362.392624][T10037] ? __pfx_dvb_device_open+0x10/0x10 [ 362.394685][T10037] dvb_device_open+0x33f/0x3b0 [ 362.396521][T10037] ? __pfx_dvb_device_open+0x10/0x10 [ 362.398826][T10037] chrdev_open+0x234/0x6a0 [ 362.400577][T10037] ? __pfx_apparmor_file_open+0x10/0x10 [ 362.402479][T10037] ? __pfx_chrdev_open+0x10/0x10 [ 362.404247][T10037] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 362.406493][T10037] do_dentry_open+0x6ab/0x14d0 [ 362.408188][T10037] ? __pfx_chrdev_open+0x10/0x10 [ 362.409938][T10037] vfs_open+0x82/0x3f0 [ 362.411405][T10037] path_openat+0x208c/0x31a0 [ 362.413269][T10037] ? asm_int80_emulation+0x1a/0x20 [ 362.415155][T10037] ? __pfx_path_openat+0x10/0x10 [ 362.416950][T10037] do_file_open+0x20e/0x430 [ 362.418626][T10037] ? __pfx_do_file_open+0x10/0x10 [ 362.420435][T10037] ? _raw_spin_unlock+0x28/0x50 [ 362.422166][T10037] ? alloc_fd+0x476/0x790 [ 362.423728][T10037] do_sys_openat2+0x10d/0x1e0 [ 362.425436][T10037] ? __pfx_do_sys_openat2+0x10/0x10 [ 362.427381][T10037] ? __ia32_sys_futex_time32+0x2fd/0x470 [ 362.429387][T10037] __ia32_compat_sys_openat+0x12d/0x210 [ 362.431365][T10037] ? __pfx___ia32_compat_sys_openat+0x10/0x10 [ 362.433631][T10037] ? rcu_is_watching+0x12/0xc0 [ 362.435393][T10037] ? rcu_is_watching+0x12/0xc0 [ 362.437130][T10037] do_int80_emulation+0x14b/0x720 [ 362.438970][T10037] asm_int80_emulation+0x1a/0x20 [ 362.440776][T10037] RIP: 0023:0xf71061ab [ 362.442259][T10037] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53 [ 362.449140][T10037] RSP: 002b:00000000f53c603c EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 362.452013][T10037] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000f53c6100 [ 362.454824][T10037] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 362.457740][T10037] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 362.460530][T10037] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 362.463362][T10037] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 362.466450][T10037] [ 362.468738][T10037] Kernel Offset: disabled [ 362.470324][T10037] Rebooting in 86400 seconds.. VM DIAGNOSIS: 07:59:40 Registers: info registers vcpu 0 CPU#0 RAX=00000000001dea79 RBX=ffffffff8e4955c0 RCX=ffffffff8b86e225 RDX=0000000000000000 RSI=ffffffff8df1a757 RDI=ffffffff8c1c4380 RBP=0000000000000000 RSP=ffffffff8e407e00 R8 =0000000000000001 R9 =ffffed10056467b5 R10=ffff88802b233dab R11=0000000000000000 R12=0000000000000000 R13=fffffbfff1c92ab8 R14=0000000000000000 R15=ffffffff90d73c50 RIP=ffffffff8b86c87f RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88809718a000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055bbda328930 CR3=000000005266f000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000080000000 RBX=000000001b800067 RCX=ffffffff8262495e RDX=000000001b800007 RSI=0000000000000000 RDI=ffff8880224c0000 RBP=000000001b800007 RSP=ffffc900043872b8 R8 =0000000000000007 R9 =0000000000000000 R10=000000001b800007 R11=0000000000000000 R12=ffffc9000dae3000 R13=ffffffff8e596c90 R14=8000000000000163 R15=ffffc9000dae4000 RIP=ffffffff8207fc4b RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88809728a000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f74052f0 CR3=0000000051ad6000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=00000000001db75f RBX=ffff88801c3cca80 RCX=ffffffff8b86e225 RDX=0000000000000000 RSI=ffffffff8df1a757 RDI=ffffffff8c1c4380 RBP=0000000000000000 RSP=ffffc9000047fdf0 R8 =0000000000000001 R9 =ffffed10056867b5 R10=ffff88802b433dab R11=0000000000000000 R12=0000000000000002 R13=ffffed1003879950 R14=0000000000000002 R15=ffffffff90d73c50 RIP=ffffffff8b86c87f RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88809738a000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00005572f5e13f40 CR3=000000004d1cc000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=8cf157a1523bf1f8 4cf531c6beee0a93 8cf157a1523bf1f8 4cf531c6beee0a93 8cf157a1523bf1f8 4cf531c6beee0a93 8cf157a1523bf1f8 4cf531c6beee0a93 ZMM18=6bb8fe658e179c2e 4e4a1f71d35b129c 6bb8fe658e179c2e 4e4a1f71d35b129c 6bb8fe658e179c2e 4e4a1f71d35b129c 6bb8fe658e179c2e 4e4a1f71d35b129c ZMM19=a045000000000000 0000000000000004 a045000000000000 0000000000000003 a045000000000000 0000000000000002 a045000000000000 0000000000000001 ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1ffffffffe080009 9003020400098c03 0000000204060988 0301900800098003 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0980020880030880 0206900300080006 88030fffffffff02 0680030108000580 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 02040276b0007074 326c01ffffffffff fffffff508058003 2008000608002008 ZMM24=d7a6514fd7a6514f d7a6514fd7a6514f d7a6514fd7a6514f d7a6514fd7a6514f d7a6514fd7a6514f d7a6514fd7a6514f d7a6514fd7a6514f d7a6514fd7a6514f ZMM25=010dac80010dac80 010dac80010dac80 010dac80010dac80 010dac80010dac80 010dac80010dac80 010dac80010dac80 010dac80010dac80 010dac80010dac80 ZMM26=7d462b547d462b54 7d462b547d462b54 7d462b547d462b54 7d462b547d462b54 7d462b547d462b54 7d462b547d462b54 7d462b547d462b54 7d462b547d462b54 ZMM27=17e511e117e511e1 17e511e117e511e1 17e511e117e511e1 17e511e117e511e1 17e511e117e511e1 17e511e117e511e1 17e511e117e511e1 17e511e117e511e1 ZMM28=000000f0000000ef 000000ee000000ed 000000ec000000eb 000000ea000000e9 000000e8000000e7 000000e6000000e5 000000e4000000e3 000000e2000000e1 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=4e4300004e430000 4e4300004e430000 4e4300004e430000 4e4300004e430000 4e4300004e430000 4e4300004e430000 4e4300004e430000 4e4300004e430000 info registers vcpu 3 CPU#3 RAX=0000000000000000 RBX=00000000000003f9 RCX=0000000000000000 RDX=00000000000003f9 RSI=ffffffff857c35a5 RDI=ffffffff9b44d300 RBP=ffffffff9b44d2c0 RSP=ffffc9000d6ff2d0 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3030303838386652 R12=0000000000000000 R13=0000000000000000 R14=ffffffff9b44d310 R15=0000000000000000 RIP=ffffffff857c35cf RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88809748a000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f7efa190 CR3=000000005a7ef000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000