last executing test programs: 1m16.871162928s ago: executing program 2 (id=312): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa10000000000000701"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=@framed={{0x18, 0x2, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x8000}, [@call={0x85, 0x0, 0x0, 0x75}]}, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0xa, 0x101, 0x7ffc, 0xcc}, 0x50) 1m15.75445427s ago: executing program 2 (id=320): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000180000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000f0850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) r1 = socket$rds(0x15, 0x5, 0x0) bind$rds(r1, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10) sendmsg$rds(r1, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000200)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f00000006c0)=[{&(0x7f0000000100)=""/44, 0x2c}], 0x1}}, @rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, 0x0}}], 0x90}, 0x0) 1m14.88247026s ago: executing program 2 (id=324): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10) request_key(0x0, 0x0, 0x0, 0xfffffffffffffffd) 1m13.968318932s ago: executing program 2 (id=326): socket$inet_udp(0x2, 0x2, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) r1 = socket(0x10, 0x3, 0x0) connect$netlink(r1, &(0x7f0000000280)=@proc={0x10, 0x0, 0x1}, 0xc) sendmsg$IPVS_CMD_GET_DAEMON(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x14, 0x0, 0x4, 0x70bd29, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x8811}, 0x4000) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x50) pipe2$9p(0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r3 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r6 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r6, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000006c0)=ANY=[@ANYBLOB="48000000120001002abd7000ffdbdf25ac1414bb000000000000000000000000000004d60000320014"], 0x48}, 0x1, 0x0, 0x0, 0x44000}, 0x4040) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000280)={0x0, 0x0, 0x0, &(0x7f0000000200), 0x3, r2}, 0x38) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10) timer_settime(0x0, 0x1, 0x0, 0x0) 1m12.751602116s ago: executing program 2 (id=333): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[], 0x7c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0) syz_emit_ethernet(0x9d, &(0x7f0000000180)={@local, @random="416cee93a4a6", @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x8f, 0x0, 0x0, 0xfd, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x13, 0x4, 0x2, 0x0, 0x0, {[@timestamp={0x8, 0xa, 0x6, 0x4000}, @generic={0x22, 0xf, "3abc6903030000000000000000"}, @window={0x3, 0x3, 0xac}, @timestamp={0x8, 0xa, 0x200, 0x9}, @mss={0x2, 0x4}, @sack_perm={0x4, 0x2}, @fastopen={0x22, 0x5, "8537c8"}, @exp_fastopen={0xfe, 0x4}]}}, {"3416af759b3c6a17234d4c2152b5ae2e004fddd386c9b64ad6f215535cc63e143334edc421ad322c3793882feede38"}}}}}}, 0x0) 1m12.33976532s ago: executing program 2 (id=338): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000000)='kfree\x00', r0, 0x0, 0x2000000000000000}, 0x18) r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0) pipe2(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80800) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x40, 0x5, r2, 0x0, 0x0, 0x0, 0x80800}) io_uring_enter(0xffffffffffffffff, 0x47f5, 0x0, 0x0, 0x0, 0x0) close_range(r1, 0xffffffffffffffff, 0x200000000000000) 57.007253201s ago: executing program 32 (id=338): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000000)='kfree\x00', r0, 0x0, 0x2000000000000000}, 0x18) r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0) pipe2(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80800) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x40, 0x5, r2, 0x0, 0x0, 0x0, 0x80800}) io_uring_enter(0xffffffffffffffff, 0x47f5, 0x0, 0x0, 0x0, 0x0) close_range(r1, 0xffffffffffffffff, 0x200000000000000) 24.503466719s ago: executing program 4 (id=659): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r0, 0x0, 0xd}, 0x18) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) socket(0x40000000015, 0x5, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = syz_open_dev$cec(&(0x7f00000000c0), 0xffffffffffffffff, 0x8802) ioctl$CEC_DQEVENT(r2, 0xc0506107, 0x0) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x8}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0x0, 0x9, 0x0, 0x0, 0x7fffffff, 0x2}, 0x0, 0x0) 24.154662986s ago: executing program 4 (id=663): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000ec0)={&(0x7f0000000000)=@newtfilter={0x34, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {}, {0xc}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}}, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c000000680001ed020000000000008000000000000000000c000200010000000600000008"], 0x2c}}, 0x4000) write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x2d) splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x0) 23.975244979s ago: executing program 0 (id=665): r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r1) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) syz_usb_disconnect(0xffffffffffffffff) syz_open_procfs$namespace(r0, 0x0) 23.143689244s ago: executing program 4 (id=673): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000500)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0x3}, 0x18) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_udp_int(r2, 0x11, 0x67, &(0x7f00000001c0)=0x9, 0x4) sendto$inet6(r2, 0x0, 0x0, 0x1, &(0x7f0000000180)={0xa, 0x4e24, 0x40, @empty, 0x9}, 0x1c) 22.89487538s ago: executing program 0 (id=674): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) memfd_secret(0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r2, 0x3) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10) syz_emit_ethernet(0x3a, &(0x7f0000000280)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x6, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local, {[@timestamp_prespec={0x44, 0x4, 0xb3, 0x3, 0x1}]}}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2, 0x0, 0x0, 0x1}}}}}}, 0x0) syz_emit_ethernet(0x38, &(0x7f0000000580)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x2a, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x4}, {"c516"}}}}}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x54, 0x10, 0x1, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffe0}, {0xf}, {0xe}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x1}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x491, 0x0, 0x0, 0x0, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x4000c00) 22.721013515s ago: executing program 4 (id=677): syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) open(&(0x7f0000000280)='.\x00', 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]}) setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x70, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x200000001300, 0x200000001330], 0x0, 0x0, 0x0}, 0x108) r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.time_recursive\x00', 0x275a, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x8, 0x0) 22.662842781s ago: executing program 0 (id=678): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r1 = fsopen(&(0x7f0000000180)='proc\x00', 0x1) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) r2 = fsmount(r1, 0x0, 0x1) fchdir(r2) r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x2100, 0x0) lseek(r3, 0xff, 0x1) getdents(r3, 0x0, 0x58) 22.310169419s ago: executing program 0 (id=679): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0x2000002, 0xe, 0x0, &(0x7f0000000200)="df33c9f7b9a60000000000000000", 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) 22.252794083s ago: executing program 4 (id=680): ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) kcmp(0x0, 0x0, 0x1, 0xffffffffffffffff, 0xffffffffffffffff) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) sched_setaffinity(0x0, 0x0, 0x0) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000100), 0x880200, 0x0) ioctl$SNDCTL_DSP_SUBDIVIDE(r2, 0xc0045009, &(0x7f00000000c0)=0x10) ioctl$SNDCTL_DSP_SETFRAGMENT(r2, 0xc004500a, &(0x7f0000000340)) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0) ioctl$SYNC_IOC_MERGE(0xffffffffffffffff, 0xc0303e03, &(0x7f0000000080)={"6739669f274d13b691ebe45b00e4f5b53e0ca34dd02acecdc67c5e3126628168", 0xffffffffffffffff, 0xffffffffffffffff, 0x700}) epoll_create(0xfffffff7) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x2, 0x3fc, 0x0, 0x32}, 0x9c) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, &(0x7f00000001c0)={0x0, 0x1, 0x20}, 0xc) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000000)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x800, 0x0, 0x0, 0x8a}, 0x9c) bpf$MAP_CREATE(0x0, 0x0, 0x50) sendto$inet6(r3, &(0x7f0000847fff)='X', 0x34000, 0x600, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x0, @loopback}}, 0x100, 0x0, 0x0, 0x0, 0x54}, 0x9c) 22.107047955s ago: executing program 0 (id=681): syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x20, 0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x322, 0x1, {0x1}}) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000c00), r0) sendmsg$IEEE802154_LLSEC_DEL_KEY(r0, &(0x7f0000000d40)={0x0, 0x0, &(0x7f0000000d00)={&(0x7f00000002c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090068bd7000ffdbdfe52441910005002e000e00000005002b0002000000080002"], 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000804) 21.90233547s ago: executing program 0 (id=682): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0xd9}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000000c0)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x60, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x18) r2 = openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) close_range(r2, 0xffffffffffffffff, 0x200000000000000) syz_io_uring_submit(0x0, 0x0, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x20, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, 0x18}) socket$phonet(0x23, 0x2, 0x1) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) readv(r3, &(0x7f0000000500), 0x100000000000031a) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 21.255176371s ago: executing program 4 (id=685): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000880)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}) write$tun(r0, &(0x7f0000000140)={@val={0x3, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x14}, @ipv4=@icmp={{0x5, 0x4, 0x0, 0x0, 0x8016, 0x1400, 0x0, 0x0, 0x1, 0x0, @private=0xa010100, @local}, @dest_unreach={0x4, 0x0, 0x0, 0x0, 0x0, 0x1400, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @local, @loopback}}}}, 0xfdef) 19.766163093s ago: executing program 1 (id=695): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = add_key(&(0x7f00000001c0)='user\x00', &(0x7f0000000080)={'syz', 0x3}, &(0x7f00000000c0)='9', 0x1, 0xffffffffffffffff) keyctl$chown(0x4, r2, 0xee00, 0xffffffffffffffff) keyctl$chown(0x4, r2, 0x0, 0x0) 19.701358057s ago: executing program 1 (id=697): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000000)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={0x0, r1}, 0x18) socket$nl_generic(0x10, 0x3, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000000c0)}) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x88882, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./bus\x00', 0x1c5902, 0x2d) write(r2, &(0x7f0000004200)='t', 0x1) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x1001f4) faccessat2(0xffffffffffffffff, &(0x7f0000001400)='\x00', 0x0, 0x1100) 19.602330544s ago: executing program 1 (id=699): r0 = socket(0x10, 0x803, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'team_slave_1\x00'}) sendmsg$nl_route_sched(r0, 0x0, 0x0) sendmsg$nl_route_sched(r0, 0x0, 0x24040084) 19.530828103s ago: executing program 1 (id=700): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0x2000002, 0xe, 0x0, &(0x7f0000000200)="df33c9f7b9a60000000000000000", 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) 19.427208658s ago: executing program 1 (id=701): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0) flock(r1, 0x5) r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x80002, 0x0) flock(r2, 0x2) dup3(r2, r1, 0x80000) 18.647847593s ago: executing program 1 (id=702): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x62, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x18) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r3 = socket(0x400000000010, 0x3, 0x0) r4 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x400}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000004c0)=@newtfilter={0x34, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0x0, 0xf}, {}, {0x7, 0x4}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x0) 15.735040777s ago: executing program 3 (id=718): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) r2 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) futex(0x0, 0xd, 0x0, 0x0, 0x0, 0x2) futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000)=0x2000000, 0x300) futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, &(0x7f0000048000)=0x1, 0x0) 15.625988967s ago: executing program 3 (id=719): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = dup(r0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3, 0x0, 0x7fff}, 0x18) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x7}, 0x1c) setsockopt$IPT_SO_SET_REPLACE(r1, 0x4000000000000, 0x4, 0x0, 0x0) 15.54309808s ago: executing program 3 (id=720): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x14, 0x5, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x38, '\x00', 0x0, @lirc_mode2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00'}, 0x10) r1 = socket$inet_tcp(0x2, 0x1, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="500000001400030500008000ffdbdf25020751ff", @ANYRES32=r4, @ANYBLOB="080002007f00000114000600ff030000ffffffff0300000000000000080004"], 0x50}, 0x1, 0x0, 0x0, 0xc090}, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8916, &(0x7f0000000180)={'lo\x00', {0x2, 0x4e21, @empty=0x7f000000}}) 15.524737467s ago: executing program 3 (id=721): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[], 0x7c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0) syz_emit_ethernet(0xa5, &(0x7f0000000180)={@local, @random="416cee93a4a6", @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x97, 0x0, 0x0, 0xfd, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x15, 0x4, 0x2, 0x0, 0x0, {[@timestamp={0x8, 0xa, 0x6, 0x4000}, @generic={0x22, 0xc, "3abc6903030000000000"}, @window={0x3, 0x3, 0xac}, @timestamp={0x8, 0xa, 0x200, 0x9}, @mss={0x2, 0x4}, @fastopen={0x22, 0xe, "54df942f7e09586180bbb068"}, @sack_perm={0x4, 0x2}, @fastopen={0x22, 0x5, "8537c8"}, @exp_fastopen={0xfe, 0x4}]}}, {"3416af759b3c6a17234d4c2152b5ae2e004fddd386c9b64ad6f215535cc63e143334edc421ad322c3793882feede38"}}}}}}, 0x0) 15.486588548s ago: executing program 3 (id=722): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0) flock(r1, 0x5) r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x80002, 0x0) flock(r2, 0x2) dup3(r2, r1, 0x80000) 15.394136919s ago: executing program 3 (id=723): r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) gettid() openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401) epoll_create1(0x80000) socket$inet_mptcp(0x2, 0x1, 0x106) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 5.996103931s ago: executing program 33 (id=682): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0xd9}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000000c0)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x60, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x18) r2 = openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) close_range(r2, 0xffffffffffffffff, 0x200000000000000) syz_io_uring_submit(0x0, 0x0, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x20, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, 0x18}) socket$phonet(0x23, 0x2, 0x1) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) readv(r3, &(0x7f0000000500), 0x100000000000031a) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 5.9551388s ago: executing program 34 (id=685): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000880)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}) write$tun(r0, &(0x7f0000000140)={@val={0x3, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x14}, @ipv4=@icmp={{0x5, 0x4, 0x0, 0x0, 0x8016, 0x1400, 0x0, 0x0, 0x1, 0x0, @private=0xa010100, @local}, @dest_unreach={0x4, 0x0, 0x0, 0x0, 0x0, 0x1400, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @local, @loopback}}}}, 0xfdef) 3.500693896s ago: executing program 35 (id=702): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x62, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x18) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r3 = socket(0x400000000010, 0x3, 0x0) r4 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x400}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000004c0)=@newtfilter={0x34, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0x0, 0xf}, {}, {0x7, 0x4}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x0) 0s ago: executing program 36 (id=723): r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) gettid() openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401) epoll_create1(0x80000) socket$inet_mptcp(0x2, 0x1, 0x106) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.146' (ED25519) to the list of known hosts. [ 81.813076][ T5826] cgroup: Unknown subsys name 'net' [ 81.927336][ T5826] cgroup: Unknown subsys name 'cpuset' [ 81.936484][ T5826] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 83.575113][ T5826] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 86.492448][ T51] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 86.505497][ T5850] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 86.513744][ T5850] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 86.521712][ T5850] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 86.529277][ T5850] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 86.537087][ T5850] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 86.544598][ T5850] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 86.553442][ T5853] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 86.589778][ T5850] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 86.594994][ T5851] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 86.604994][ T5851] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 86.613291][ T5850] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 86.613312][ T5851] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 86.622930][ T5850] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 86.630288][ T5851] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 86.641543][ T5852] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 86.641980][ T5851] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 86.648859][ T5850] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 86.657816][ T5851] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 86.666005][ T5850] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 86.675438][ T5851] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 86.677722][ T5850] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 86.692980][ T5852] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 86.706442][ T5850] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 86.718457][ T5841] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 87.340946][ T5836] chnl_net:caif_netlink_parms(): no params data found [ 87.535332][ T5837] chnl_net:caif_netlink_parms(): no params data found [ 87.726495][ T5854] chnl_net:caif_netlink_parms(): no params data found [ 87.737733][ T5842] chnl_net:caif_netlink_parms(): no params data found [ 87.749721][ T5836] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.757154][ T5836] bridge0: port 1(bridge_slave_0) entered disabled state [ 87.764867][ T5836] bridge_slave_0: entered allmulticast mode [ 87.772372][ T5836] bridge_slave_0: entered promiscuous mode [ 87.813173][ T5836] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.820386][ T5836] bridge0: port 2(bridge_slave_1) entered disabled state [ 87.828273][ T5836] bridge_slave_1: entered allmulticast mode [ 87.840522][ T5836] bridge_slave_1: entered promiscuous mode [ 87.958238][ T5838] chnl_net:caif_netlink_parms(): no params data found [ 87.991500][ T5837] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.999087][ T5837] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.006387][ T5837] bridge_slave_0: entered allmulticast mode [ 88.014205][ T5837] bridge_slave_0: entered promiscuous mode [ 88.044139][ T5836] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 88.053641][ T5837] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.060954][ T5837] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.069212][ T5837] bridge_slave_1: entered allmulticast mode [ 88.076963][ T5837] bridge_slave_1: entered promiscuous mode [ 88.128012][ T5836] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 88.188005][ T5854] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.195326][ T5854] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.202675][ T5854] bridge_slave_0: entered allmulticast mode [ 88.210667][ T5854] bridge_slave_0: entered promiscuous mode [ 88.234863][ T5836] team0: Port device team_slave_0 added [ 88.275071][ T5854] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.282304][ T5854] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.289953][ T5854] bridge_slave_1: entered allmulticast mode [ 88.298004][ T5854] bridge_slave_1: entered promiscuous mode [ 88.321378][ T5836] team0: Port device team_slave_1 added [ 88.345837][ T5837] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 88.407715][ T5836] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 88.414751][ T5836] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 88.442126][ T5836] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 88.456512][ T5837] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 88.480602][ T5842] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.488548][ T5842] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.496378][ T5842] bridge_slave_0: entered allmulticast mode [ 88.504212][ T5842] bridge_slave_0: entered promiscuous mode [ 88.521349][ T5854] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 88.535018][ T5854] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 88.545228][ T5836] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 88.552193][ T5836] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 88.578574][ T5836] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 88.610846][ T5842] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.620791][ T5842] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.628159][ T5842] bridge_slave_1: entered allmulticast mode [ 88.635662][ T5842] bridge_slave_1: entered promiscuous mode [ 88.690192][ T5837] team0: Port device team_slave_0 added [ 88.725506][ T5838] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.732820][ T5838] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.740012][ T5838] bridge_slave_0: entered allmulticast mode [ 88.746554][ T5853] Bluetooth: hci0: command tx timeout [ 88.746927][ T51] Bluetooth: hci1: command tx timeout [ 88.755014][ T5838] bridge_slave_0: entered promiscuous mode [ 88.758696][ T5853] Bluetooth: hci4: command tx timeout [ 88.769304][ T5841] Bluetooth: hci3: command tx timeout [ 88.769312][ T5850] Bluetooth: hci2: command tx timeout [ 88.801664][ T5837] team0: Port device team_slave_1 added [ 88.826260][ T5842] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 88.835700][ T5838] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.843122][ T5838] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.850332][ T5838] bridge_slave_1: entered allmulticast mode [ 88.858118][ T5838] bridge_slave_1: entered promiscuous mode [ 88.868013][ T5854] team0: Port device team_slave_0 added [ 88.878248][ T5854] team0: Port device team_slave_1 added [ 88.914970][ T5842] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 88.969935][ T5836] hsr_slave_0: entered promiscuous mode [ 88.977785][ T5836] hsr_slave_1: entered promiscuous mode [ 88.985410][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 88.992477][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.019782][ T5837] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 89.072157][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 89.079561][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.105897][ T5837] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 89.120360][ T5842] team0: Port device team_slave_0 added [ 89.129291][ T5838] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 89.140214][ T5854] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 89.148094][ T5854] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.174927][ T5854] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 89.195869][ T5842] team0: Port device team_slave_1 added [ 89.224935][ T5838] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 89.248031][ T5854] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 89.255226][ T5854] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.281811][ T5854] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 89.391722][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 89.399088][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.425547][ T5842] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 89.447903][ T5838] team0: Port device team_slave_0 added [ 89.457501][ T5838] team0: Port device team_slave_1 added [ 89.491905][ T5854] hsr_slave_0: entered promiscuous mode [ 89.499214][ T5854] hsr_slave_1: entered promiscuous mode [ 89.505666][ T5854] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 89.513466][ T5854] Cannot create hsr debugfs directory [ 89.519833][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 89.526959][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.553015][ T5842] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 89.611615][ T5837] hsr_slave_0: entered promiscuous mode [ 89.618606][ T5837] hsr_slave_1: entered promiscuous mode [ 89.629580][ T5837] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 89.637863][ T5837] Cannot create hsr debugfs directory [ 89.706598][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 89.714254][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.740509][ T5838] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 89.754663][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 89.761675][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.787696][ T5838] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 89.918929][ T5842] hsr_slave_0: entered promiscuous mode [ 89.928659][ T5842] hsr_slave_1: entered promiscuous mode [ 89.935555][ T5842] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 89.945940][ T5842] Cannot create hsr debugfs directory [ 90.084895][ T5838] hsr_slave_0: entered promiscuous mode [ 90.091342][ T5838] hsr_slave_1: entered promiscuous mode [ 90.097838][ T5838] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 90.105555][ T5838] Cannot create hsr debugfs directory [ 90.428920][ T5836] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 90.458025][ T5836] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 90.508094][ T5836] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 90.551411][ T5836] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 90.613655][ T5854] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 90.628278][ T5854] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 90.656883][ T5854] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 90.672149][ T5854] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 90.744734][ T5837] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 90.772411][ T5837] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 90.784847][ T5837] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 90.797975][ T5837] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 90.823610][ T51] Bluetooth: hci4: command tx timeout [ 90.823636][ T5852] Bluetooth: hci0: command tx timeout [ 90.829158][ T5853] Bluetooth: hci3: command tx timeout [ 90.834614][ T5850] Bluetooth: hci1: command tx timeout [ 90.840003][ T5841] Bluetooth: hci2: command tx timeout [ 90.928396][ T5842] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 90.967932][ T5842] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 90.980501][ T5842] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 91.006620][ T5842] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 91.068067][ T5836] 8021q: adding VLAN 0 to HW filter on device bond0 [ 91.128263][ T5838] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 91.148963][ T5836] 8021q: adding VLAN 0 to HW filter on device team0 [ 91.156756][ T5838] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 91.168065][ T5838] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 91.181017][ T5838] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 91.209841][ T3508] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.217214][ T3508] bridge0: port 1(bridge_slave_0) entered forwarding state [ 91.251845][ T3508] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.259156][ T3508] bridge0: port 2(bridge_slave_1) entered forwarding state [ 91.322728][ T5854] 8021q: adding VLAN 0 to HW filter on device bond0 [ 91.371492][ T5837] 8021q: adding VLAN 0 to HW filter on device bond0 [ 91.416146][ T5854] 8021q: adding VLAN 0 to HW filter on device team0 [ 91.450414][ T3508] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.457636][ T3508] bridge0: port 1(bridge_slave_0) entered forwarding state [ 91.501547][ T5837] 8021q: adding VLAN 0 to HW filter on device team0 [ 91.516875][ T3508] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.524115][ T3508] bridge0: port 2(bridge_slave_1) entered forwarding state [ 91.562321][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.569531][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 91.622234][ T3508] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.629494][ T3508] bridge0: port 2(bridge_slave_1) entered forwarding state [ 91.749369][ T5842] 8021q: adding VLAN 0 to HW filter on device bond0 [ 91.800654][ T5838] 8021q: adding VLAN 0 to HW filter on device bond0 [ 91.853727][ T5842] 8021q: adding VLAN 0 to HW filter on device team0 [ 91.880115][ T3485] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.887337][ T3485] bridge0: port 1(bridge_slave_0) entered forwarding state [ 91.950657][ T44] cfg80211: failed to load regulatory.db [ 91.985178][ T3485] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.992386][ T3485] bridge0: port 2(bridge_slave_1) entered forwarding state [ 92.017210][ T5838] 8021q: adding VLAN 0 to HW filter on device team0 [ 92.090935][ T3485] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.098164][ T3485] bridge0: port 1(bridge_slave_0) entered forwarding state [ 92.135808][ T5836] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 92.210597][ T5842] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 92.238244][ T3485] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.245486][ T3485] bridge0: port 2(bridge_slave_1) entered forwarding state [ 92.366908][ T5854] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 92.460053][ T5837] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 92.589054][ T5836] veth0_vlan: entered promiscuous mode [ 92.618234][ T5854] veth0_vlan: entered promiscuous mode [ 92.672117][ T5854] veth1_vlan: entered promiscuous mode [ 92.708697][ T5836] veth1_vlan: entered promiscuous mode [ 92.800767][ T5854] veth0_macvtap: entered promiscuous mode [ 92.828709][ T5854] veth1_macvtap: entered promiscuous mode [ 92.891552][ T5842] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 92.903190][ T5853] Bluetooth: hci1: command tx timeout [ 92.910284][ T5853] Bluetooth: hci0: command tx timeout [ 92.916519][ T5841] Bluetooth: hci3: command tx timeout [ 92.916562][ T5841] Bluetooth: hci2: command tx timeout [ 92.916595][ T5841] Bluetooth: hci4: command tx timeout [ 92.953418][ T5836] veth0_macvtap: entered promiscuous mode [ 92.967131][ T5854] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 92.981493][ T5836] veth1_macvtap: entered promiscuous mode [ 92.997966][ T5838] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 93.049495][ T5854] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 93.107211][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 93.119600][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 93.134608][ T5854] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.145231][ T5854] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.154583][ T5854] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.163474][ T5854] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.196731][ T5836] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.206032][ T5836] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.214965][ T5836] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.226759][ T5836] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.257713][ T5842] veth0_vlan: entered promiscuous mode [ 93.355507][ T5842] veth1_vlan: entered promiscuous mode [ 93.367756][ T5838] veth0_vlan: entered promiscuous mode [ 93.391299][ T5837] veth0_vlan: entered promiscuous mode [ 93.449547][ T5837] veth1_vlan: entered promiscuous mode [ 93.472621][ T1037] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.483797][ T3567] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.491645][ T3567] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.500052][ T1037] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.515937][ T5838] veth1_vlan: entered promiscuous mode [ 93.600244][ T3485] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.600640][ T5842] veth0_macvtap: entered promiscuous mode [ 93.615297][ T3485] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.628911][ T1037] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.640924][ T1037] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.655897][ T5842] veth1_macvtap: entered promiscuous mode [ 93.715574][ T5838] veth0_macvtap: entered promiscuous mode [ 93.730247][ T5837] veth0_macvtap: entered promiscuous mode [ 93.746094][ T5838] veth1_macvtap: entered promiscuous mode [ 93.758132][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 93.798910][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 93.809926][ T5854] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 93.823518][ T5837] veth1_macvtap: entered promiscuous mode [ 93.850025][ T5842] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.859685][ T5842] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.877290][ T5842] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.887318][ T5842] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.909574][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 93.938572][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 94.008750][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 94.049875][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 94.087607][ T5958] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2'. [ 94.097162][ T5958] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 94.121944][ T5837] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.141857][ T5837] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.173532][ T5837] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.182308][ T5837] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.250935][ T5838] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.268459][ T5838] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.278357][ T5838] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.287904][ T5838] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.311515][ T5964] mmap: syz.3.6 (5964) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 94.501763][ T1037] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.527616][ T1037] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.635001][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.635025][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.739511][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.754324][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.862467][ T5976] netlink: 'syz.1.10': attribute type 4 has an invalid length. [ 94.886172][ T3567] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.917781][ T3567] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.983527][ T5853] Bluetooth: hci4: command tx timeout [ 94.985909][ T5850] Bluetooth: hci2: command tx timeout [ 94.989421][ T5853] Bluetooth: hci0: command tx timeout [ 94.995403][ T5850] Bluetooth: hci3: command tx timeout [ 94.995441][ T5850] Bluetooth: hci1: command tx timeout [ 95.053188][ T3567] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.076681][ T3567] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.189351][ T1037] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.200232][ T1037] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.649363][ T5991] IPv6: Can't replace route, no match found [ 95.674776][ T5994] netlink: 'syz.2.3': attribute type 5 has an invalid length. [ 95.983339][ T30] audit: type=1326 audit(1752633888.211:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5997 comm="syz.4.15" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b2d8e929 code=0x7ffc0000 [ 96.049034][ T30] audit: type=1326 audit(1752633888.211:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5997 comm="syz.4.15" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b2d8e929 code=0x7ffc0000 [ 96.074254][ T30] audit: type=1326 audit(1752633888.281:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5997 comm="syz.4.15" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f56b2d8e929 code=0x7ffc0000 [ 96.132825][ T30] audit: type=1326 audit(1752633888.281:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5997 comm="syz.4.15" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b2d8e929 code=0x7ffc0000 [ 96.201237][ T30] audit: type=1326 audit(1752633888.281:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5997 comm="syz.4.15" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b2d8e929 code=0x7ffc0000 [ 96.231915][ T30] audit: type=1326 audit(1752633888.301:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5997 comm="syz.4.15" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f56b2d8e929 code=0x7ffc0000 [ 96.293901][ T30] audit: type=1326 audit(1752633888.391:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5997 comm="syz.4.15" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b2d8e929 code=0x7ffc0000 [ 96.333151][ T30] audit: type=1326 audit(1752633888.401:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5997 comm="syz.4.15" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b2d8e929 code=0x7ffc0000 [ 96.496124][ T30] audit: type=1326 audit(1752633888.491:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5997 comm="syz.4.15" exe="/root/syz-executor" sig=0 arch=c000003e syscall=197 compat=0 ip=0x7f56b2d8e929 code=0x7ffc0000 [ 96.543776][ T6007] tipc: Started in network mode [ 96.564900][ T6007] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711 [ 96.592194][ T30] audit: type=1326 audit(1752633888.491:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5997 comm="syz.4.15" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b2d8e929 code=0x7ffc0000 [ 96.644482][ T6007] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00aa [ 96.705693][ T6007] tipc: Enabled bearer , priority 10 [ 96.764800][ T6016] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 97.268809][ T6027] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in; [ 97.268809][ T6027] program syz.1.26 not setting count and/or reply_len properly [ 97.737746][ T5943] tipc: Node number set to 1 [ 99.076216][ T5927] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 99.282879][ T5927] usb 4-1: Using ep0 maxpacket: 32 [ 99.312245][ T5927] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 99.345199][ T5927] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 99.385581][ T5927] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 99.423117][ T5927] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 99.475216][ T5927] usb 4-1: config 0 descriptor?? [ 99.568151][ T6069] netlink: 'syz.4.43': attribute type 10 has an invalid length. [ 99.612002][ T6069] netlink: 168 bytes leftover after parsing attributes in process `syz.4.43'. [ 99.964108][ T5927] savu 0003:1E7D:2D5A.0001: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.3-1/input0 [ 100.105813][ T6086] netlink: 24 bytes leftover after parsing attributes in process `syz.4.49'. [ 100.614991][ T6074] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 100.983406][ T5927] usb 4-1: USB disconnect, device number 2 [ 101.141230][ T6104] netlink: 'syz.0.56': attribute type 10 has an invalid length. [ 101.173056][ T6104] netlink: 168 bytes leftover after parsing attributes in process `syz.0.56'. [ 101.579915][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 102.177221][ T30] kauditd_printk_skb: 35 callbacks suppressed [ 102.177238][ T30] audit: type=1326 audit(1752633894.411:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6129 comm="syz.1.64" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cdfb8e929 code=0x7ffc0000 [ 102.256812][ T30] audit: type=1326 audit(1752633894.411:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6129 comm="syz.1.64" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cdfb8e929 code=0x7ffc0000 [ 102.278755][ T6131] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5) [ 102.278811][ T6131] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 102.280612][ T6131] vhci_hcd vhci_hcd.0: Device attached [ 102.388149][ T30] audit: type=1326 audit(1752633894.421:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6129 comm="syz.1.64" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1cdfb8e929 code=0x7ffc0000 [ 102.409424][ T6135] vhci_hcd: connection closed [ 102.435906][ T3508] vhci_hcd: stop threads [ 102.475543][ T3508] vhci_hcd: release socket [ 102.497465][ T3508] vhci_hcd: disconnect device [ 102.502531][ T30] audit: type=1326 audit(1752633894.421:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6129 comm="syz.1.64" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cdfb8e929 code=0x7ffc0000 [ 102.533709][ T10] vhci_hcd: vhci_device speed not set [ 102.604373][ T30] audit: type=1326 audit(1752633894.421:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6129 comm="syz.1.64" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cdfb8e929 code=0x7ffc0000 [ 102.679198][ T30] audit: type=1326 audit(1752633894.421:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6129 comm="syz.1.64" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1cdfb8e929 code=0x7ffc0000 [ 102.773368][ T30] audit: type=1326 audit(1752633894.441:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6129 comm="syz.1.64" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cdfb8e929 code=0x7ffc0000 [ 102.842925][ T30] audit: type=1326 audit(1752633894.451:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6129 comm="syz.1.64" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1cdfb8e929 code=0x7ffc0000 [ 102.880912][ T6149] netlink: 'syz.4.70': attribute type 10 has an invalid length. [ 102.934766][ T6149] netlink: 168 bytes leftover after parsing attributes in process `syz.4.70'. [ 102.961604][ T30] audit: type=1326 audit(1752633894.481:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6129 comm="syz.1.64" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cdfb8e929 code=0x7ffc0000 [ 102.999339][ T30] audit: type=1326 audit(1752633894.481:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6129 comm="syz.1.64" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cdfb8e929 code=0x7ffc0000 [ 103.174771][ T6158] netlink: 4 bytes leftover after parsing attributes in process `syz.1.74'. [ 103.273672][ T5905] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 103.447638][ T5905] usb 4-1: Using ep0 maxpacket: 32 [ 103.476311][ T5905] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 103.504742][ T5905] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 103.538909][ T5905] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 103.566492][ T5905] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 103.583274][ T6174] netlink: 12 bytes leftover after parsing attributes in process `syz.1.81'. [ 103.627856][ T5905] usb 4-1: config 0 descriptor?? [ 103.707457][ T6177] Zero length message leads to an empty skb [ 103.901417][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 103.912785][ T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!! [ 103.942985][ T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!! [ 104.003605][ T0] NOHZ tick-stop error: local softirq work is pending, handler #3c2!!! [ 104.106267][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 104.108019][ T0] NOHZ tick-stop error: local softirq work is pending, handler #108!!! [ 104.413102][ T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!! [ 104.414378][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 104.421349][ T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!! [ 104.591369][ T5905] savu 0003:1E7D:2D5A.0002: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.3-1/input0 [ 105.247515][ T6191] netlink: 'syz.0.86': attribute type 10 has an invalid length. [ 105.309347][ T6191] netlink: 168 bytes leftover after parsing attributes in process `syz.0.86'. [ 105.503694][ T5927] usb 4-1: USB disconnect, device number 3 [ 106.350402][ T6215] syz.4.96 uses obsolete (PF_INET,SOCK_PACKET) [ 107.932895][ T5923] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 108.026073][ T6239] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.106'. [ 108.063569][ T6237] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.106'. [ 108.143091][ T5923] usb 5-1: Using ep0 maxpacket: 32 [ 108.161682][ T5923] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 108.197895][ T5923] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 108.228471][ T5923] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 108.260322][ T5923] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 108.327974][ T5923] usb 5-1: config 0 descriptor?? [ 108.780963][ T5923] savu 0003:1E7D:2D5A.0003: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.4-1/input0 [ 108.928493][ T6251] CIFS: VFS: Malformed UNC in devname [ 109.940727][ T10] usb 5-1: USB disconnect, device number 2 [ 111.123159][ T6263] netlink: 12 bytes leftover after parsing attributes in process `syz.1.114'. [ 112.414495][ T30] kauditd_printk_skb: 13 callbacks suppressed [ 112.414514][ T30] audit: type=1326 audit(1752633904.651:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6289 comm="syz.4.124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b2d8e929 code=0x7ffc0000 [ 112.513801][ T30] audit: type=1326 audit(1752633904.681:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6289 comm="syz.4.124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b2d8e929 code=0x7ffc0000 [ 112.546431][ T30] audit: type=1326 audit(1752633904.711:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6289 comm="syz.4.124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f56b2d8e929 code=0x7ffc0000 [ 112.619426][ T30] audit: type=1326 audit(1752633904.711:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6289 comm="syz.4.124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b2d8e929 code=0x7ffc0000 [ 112.666964][ T6299] netlink: 'syz.0.127': attribute type 10 has an invalid length. [ 112.673635][ T30] audit: type=1326 audit(1752633904.711:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6289 comm="syz.4.124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b2d8e929 code=0x7ffc0000 [ 112.689667][ T6299] netlink: 168 bytes leftover after parsing attributes in process `syz.0.127'. [ 112.717764][ T30] audit: type=1326 audit(1752633904.711:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6289 comm="syz.4.124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f56b2d8e929 code=0x7ffc0000 [ 112.805141][ T30] audit: type=1326 audit(1752633904.711:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6289 comm="syz.4.124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b2d8e929 code=0x7ffc0000 [ 112.886759][ T30] audit: type=1326 audit(1752633904.711:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6289 comm="syz.4.124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b2d8e929 code=0x7ffc0000 [ 112.928120][ T30] audit: type=1326 audit(1752633904.711:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6289 comm="syz.4.124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f56b2d8e929 code=0x7ffc0000 [ 112.950909][ T30] audit: type=1326 audit(1752633904.711:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6289 comm="syz.4.124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b2d8e929 code=0x7ffc0000 [ 113.345494][ T6306] netlink: 12 bytes leftover after parsing attributes in process `syz.1.129'. [ 114.886763][ T5935] usb 2-1: new low-speed USB device number 2 using dummy_hcd [ 115.043140][ T5935] usb 2-1: device descriptor read/64, error -71 [ 115.189446][ T6343] netlink: 8 bytes leftover after parsing attributes in process `syz.2.143'. [ 115.204044][ T6345] netlink: 12 bytes leftover after parsing attributes in process `syz.4.144'. [ 115.304441][ T5935] usb 2-1: new low-speed USB device number 3 using dummy_hcd [ 115.482897][ T5935] usb 2-1: device descriptor read/64, error -71 [ 115.495771][ T6347] netlink: 40 bytes leftover after parsing attributes in process `syz.2.145'. [ 115.593496][ T5935] usb usb2-port1: attempt power cycle [ 115.953071][ T5935] usb 2-1: new low-speed USB device number 4 using dummy_hcd [ 116.014697][ T5935] usb 2-1: device descriptor read/8, error -71 [ 116.853545][ T5935] usb 2-1: new low-speed USB device number 5 using dummy_hcd [ 116.907781][ T5935] usb 2-1: device descriptor read/8, error -71 [ 117.085929][ T5935] usb usb2-port1: unable to enumerate USB device [ 119.522559][ T6394] netlink: 'syz.3.166': attribute type 10 has an invalid length. [ 119.611632][ T6394] team0: Device veth0_macvtap failed to register rx_handler [ 119.624064][ T6397] netlink: 72 bytes leftover after parsing attributes in process `syz.0.168'. [ 119.662966][ T6394] syz.3.166 (6394) used greatest stack depth: 20056 bytes left [ 120.023080][ T6403] netlink: 8 bytes leftover after parsing attributes in process `syz.4.167'. [ 120.073449][ T6409] netlink: 4 bytes leftover after parsing attributes in process `syz.0.172'. [ 120.216174][ T6409] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(12) [ 120.223061][ T6409] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 120.293978][ T6409] vhci_hcd vhci_hcd.0: Device attached [ 120.317272][ T6415] vhci_hcd vhci_hcd.0: pdev(0) rhport(1) sockfd(15) [ 120.323961][ T6415] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 120.355884][ T6415] vhci_hcd vhci_hcd.0: Device attached [ 120.434467][ T30] kauditd_printk_skb: 19 callbacks suppressed [ 120.434486][ T30] audit: type=1326 audit(1752633912.671:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6418 comm="syz.3.174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f774eb8e929 code=0x7ffc0000 [ 120.497454][ T6415] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 120.532921][ T6409] vhci_hcd vhci_hcd.0: pdev(0) rhport(2) sockfd(14) [ 120.539603][ T6409] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 120.581542][ T30] audit: type=1326 audit(1752633912.671:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6418 comm="syz.3.174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f774eb8e929 code=0x7ffc0000 [ 120.583158][ T5927] usb 33-1: new low-speed USB device number 2 using vhci_hcd [ 120.615352][ T6409] vhci_hcd vhci_hcd.0: Device attached [ 120.661727][ T6415] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(21) [ 120.668426][ T6415] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 120.698927][ T30] audit: type=1326 audit(1752633912.681:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6418 comm="syz.3.174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f774eb8e929 code=0x7ffc0000 [ 120.732820][ T6415] vhci_hcd vhci_hcd.0: Device attached [ 120.758479][ T6409] vhci_hcd vhci_hcd.0: pdev(0) rhport(4) sockfd(18) [ 120.765157][ T6409] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 120.780216][ T30] audit: type=1326 audit(1752633912.681:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6418 comm="syz.3.174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f774eb8e929 code=0x7ffc0000 [ 120.826476][ T6415] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 120.855188][ T6409] vhci_hcd vhci_hcd.0: Device attached [ 120.895287][ T30] audit: type=1326 audit(1752633912.681:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6418 comm="syz.3.174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f774eb8e929 code=0x7ffc0000 [ 120.927028][ T6416] vhci_hcd: connection closed [ 120.927991][ T6412] vhci_hcd: connection reset by peer [ 120.928028][ T6422] vhci_hcd: connection closed [ 120.936036][ T1037] vhci_hcd: stop threads [ 120.970538][ T6424] vhci_hcd: connection closed [ 121.005155][ T30] audit: type=1326 audit(1752633912.681:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6418 comm="syz.3.174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f774eb8e929 code=0x7ffc0000 [ 121.012977][ T1037] vhci_hcd: release socket [ 121.106377][ T6428] vhci_hcd: connection closed [ 121.131328][ T30] audit: type=1326 audit(1752633912.681:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6418 comm="syz.3.174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f774eb8e929 code=0x7ffc0000 [ 121.143167][ T1037] vhci_hcd: disconnect device [ 121.207972][ T1037] vhci_hcd: stop threads [ 121.212324][ T1037] vhci_hcd: release socket [ 121.298429][ T30] audit: type=1326 audit(1752633912.681:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6418 comm="syz.3.174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f774eb8e929 code=0x7ffc0000 [ 121.301132][ T1037] vhci_hcd: disconnect device [ 121.382804][ T30] audit: type=1326 audit(1752633912.681:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6418 comm="syz.3.174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=50 compat=0 ip=0x7f774eb8e929 code=0x7ffc0000 [ 121.425843][ T1037] vhci_hcd: stop threads [ 121.430169][ T1037] vhci_hcd: release socket [ 121.500675][ T1037] vhci_hcd: disconnect device [ 121.532870][ T1037] vhci_hcd: stop threads [ 121.547423][ T1037] vhci_hcd: release socket [ 121.557554][ T1037] vhci_hcd: disconnect device [ 121.568253][ T30] audit: type=1326 audit(1752633912.681:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6418 comm="syz.3.174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f774eb8e929 code=0x7ffc0000 [ 121.602852][ T1037] vhci_hcd: stop threads [ 121.607190][ T1037] vhci_hcd: release socket [ 121.675091][ T1037] vhci_hcd: disconnect device [ 123.357253][ T6454] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 124.445172][ T6467] netlink: 5 bytes leftover after parsing attributes in process `syz.0.188'. [ 125.175193][ T6481] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 125.242898][ T6481] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 125.284141][ T6481] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 125.291640][ T6481] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 125.576121][ T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 125.662820][ T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 125.692826][ T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 125.700307][ T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 125.730908][ T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 125.793982][ T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 125.853044][ T5927] vhci_hcd: vhci_device speed not set [ 125.878862][ T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 125.912985][ T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 125.943164][ T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 125.972022][ T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 126.011570][ T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 126.034161][ T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 126.041627][ T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 126.069453][ T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 126.079576][ T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 126.130883][ T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 126.142804][ T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 126.150254][ T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 126.202975][ T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 126.230988][ T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 126.262993][ T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 126.277923][ T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 126.297334][ T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 126.325201][ T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 126.362922][ T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 126.375088][ T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 126.416428][ T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 126.432949][ T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 126.440426][ T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 126.482843][ T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 126.508569][ T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 126.525084][ T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 126.554474][ T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 126.595054][ T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 126.602527][ T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 126.661125][ T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 126.672814][ T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 126.701980][ T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 126.722808][ T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 126.731336][ T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 126.772870][ T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 126.780345][ T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 126.826982][ T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 126.885020][ T10] hid-generic 0000:0000:0000.0004: hidraw0: HID v0.00 Device [syz0] on syz0 [ 126.987992][ T6502] netlink: 666 bytes leftover after parsing attributes in process `syz.3.199'. [ 127.105079][ T30] kauditd_printk_skb: 10 callbacks suppressed [ 127.105098][ T30] audit: type=1326 audit(1752633919.341:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6503 comm="syz.2.200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f4778e929 code=0x7ffc0000 [ 127.161321][ T9] usb usb34-port1: attempt power cycle [ 127.208357][ T30] audit: type=1326 audit(1752633919.341:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6503 comm="syz.2.200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5f4778e929 code=0x7ffc0000 [ 127.292822][ T30] audit: type=1326 audit(1752633919.341:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6503 comm="syz.2.200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f4778e929 code=0x7ffc0000 [ 127.362883][ T30] audit: type=1326 audit(1752633919.341:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6503 comm="syz.2.200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f4778e929 code=0x7ffc0000 [ 127.417291][ T30] audit: type=1326 audit(1752633919.341:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6503 comm="syz.2.200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5f4778e929 code=0x7ffc0000 [ 127.482840][ T30] audit: type=1326 audit(1752633919.341:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6503 comm="syz.2.200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f4778e929 code=0x7ffc0000 [ 127.531697][ T30] audit: type=1326 audit(1752633919.341:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6503 comm="syz.2.200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f4778e929 code=0x7ffc0000 [ 127.602274][ T30] audit: type=1326 audit(1752633919.341:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6503 comm="syz.2.200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5f4778e929 code=0x7ffc0000 [ 127.668138][ T30] audit: type=1326 audit(1752633919.341:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6503 comm="syz.2.200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f4778e929 code=0x7ffc0000 [ 127.730298][ T30] audit: type=1326 audit(1752633919.341:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6503 comm="syz.2.200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f4778e929 code=0x7ffc0000 [ 127.774625][ T9] usb usb34-port1: unable to enumerate USB device [ 128.483369][ T9] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 128.662853][ T5905] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 128.673233][ T9] usb 3-1: too many configurations: 9, using maximum allowed: 8 [ 128.705742][ T9] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 128.840969][ T9] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0 [ 128.852937][ T9] usb 3-1: config 0 interface 0 has no altsetting 0 [ 128.862979][ T9] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 128.871957][ T5905] usb 2-1: Using ep0 maxpacket: 8 [ 128.879373][ T5905] usb 2-1: config 0 has an invalid interface number: 55 but max is 0 [ 128.890970][ T9] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0 [ 128.900916][ T5905] usb 2-1: config 0 has no interface number 0 [ 128.907231][ T5905] usb 2-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 128.918443][ T9] usb 3-1: config 0 interface 0 has no altsetting 0 [ 128.925254][ T5905] usb 2-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 128.937559][ T5905] usb 2-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 128.949075][ T9] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 128.960369][ T9] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0 [ 128.970265][ T5905] usb 2-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 128.983515][ T9] usb 3-1: config 0 interface 0 has no altsetting 0 [ 128.992410][ T5905] usb 2-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 129.002175][ T5905] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 129.010893][ T9] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 129.021701][ T9] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0 [ 129.033509][ T5905] usb 2-1: config 0 descriptor?? [ 129.038733][ T9] usb 3-1: config 0 interface 0 has no altsetting 0 [ 129.052094][ T9] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 129.068262][ T9] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0 [ 129.078516][ T5905] ldusb 2-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 129.097022][ T9] usb 3-1: config 0 interface 0 has no altsetting 0 [ 129.115420][ T9] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 129.124839][ T9] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0 [ 129.142886][ T9] usb 3-1: config 0 interface 0 has no altsetting 0 [ 129.151013][ T9] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 129.160299][ T9] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0 [ 129.176746][ T9] usb 3-1: config 0 interface 0 has no altsetting 0 [ 129.196266][ T9] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 129.205793][ T9] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0 [ 129.238498][ T9] usb 3-1: config 0 interface 0 has no altsetting 0 [ 129.263335][ T9] usb 3-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 129.273613][ T9] usb 3-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 129.282009][ T9] usb 3-1: Product: syz [ 129.288009][ T5935] usb 2-1: USB disconnect, device number 6 [ 129.300476][ T5935] ldusb 2-1:0.55: LD USB Device #0 now disconnected [ 129.322052][ T9] usb 3-1: Manufacturer: syz [ 129.345098][ T9] usb 3-1: SerialNumber: syz [ 129.361566][ T9] usb 3-1: config 0 descriptor?? [ 129.389711][ T9] yurex 3-1:0.0: Could not find endpoints [ 129.609295][ T9] usb 3-1: USB disconnect, device number 2 [ 129.947396][ T6558] netlink: 12 bytes leftover after parsing attributes in process `syz.3.221'. [ 131.962840][ T5840] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 132.028320][ T6590] netlink: 12 bytes leftover after parsing attributes in process `syz.3.232'. [ 132.123183][ T5840] usb 3-1: Using ep0 maxpacket: 8 [ 132.146828][ T5840] usb 3-1: config 0 has an invalid interface number: 55 but max is 0 [ 132.157009][ T5840] usb 3-1: config 0 has no interface number 0 [ 132.175300][ T5840] usb 3-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 132.204636][ T5840] usb 3-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 132.242855][ T5840] usb 3-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 132.262862][ T5840] usb 3-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 132.302933][ T5840] usb 3-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 132.312066][ T5840] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 132.369792][ T5840] usb 3-1: config 0 descriptor?? [ 132.398559][ T5840] ldusb 3-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 132.601542][ T5840] usb 3-1: USB disconnect, device number 3 [ 132.610896][ T5840] ldusb 3-1:0.55: LD USB Device #0 now disconnected [ 132.906043][ T6607] netlink: 658 bytes leftover after parsing attributes in process `syz.0.240'. [ 132.926759][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.937683][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.932362][ T30] kauditd_printk_skb: 63 callbacks suppressed [ 133.932380][ T30] audit: type=1326 audit(1752633926.161:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6613 comm="syz.2.242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f4778e929 code=0x7ffc0000 [ 134.062692][ T30] audit: type=1326 audit(1752633926.161:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6613 comm="syz.2.242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f4778e929 code=0x7ffc0000 [ 134.214067][ T30] audit: type=1326 audit(1752633926.291:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6613 comm="syz.2.242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5f4778e929 code=0x7ffc0000 [ 134.285995][ T30] audit: type=1326 audit(1752633926.291:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6613 comm="syz.2.242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f4778e929 code=0x7ffc0000 [ 134.309306][ T30] audit: type=1326 audit(1752633926.291:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6613 comm="syz.2.242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5f4778e929 code=0x7ffc0000 [ 134.309355][ T30] audit: type=1326 audit(1752633926.291:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6613 comm="syz.2.242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f4778e929 code=0x7ffc0000 [ 134.309396][ T30] audit: type=1326 audit(1752633926.291:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6613 comm="syz.2.242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5f4778e929 code=0x7ffc0000 [ 134.309440][ T30] audit: type=1326 audit(1752633926.291:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6613 comm="syz.2.242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f4778e929 code=0x7ffc0000 [ 134.309483][ T30] audit: type=1326 audit(1752633926.291:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6613 comm="syz.2.242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5f4778e929 code=0x7ffc0000 [ 134.309526][ T30] audit: type=1326 audit(1752633926.291:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6613 comm="syz.2.242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f4778e929 code=0x7ffc0000 [ 135.700744][ T6604] tty tty27: ldisc open failed (-12), clearing slot 26 [ 135.832903][ T5943] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 136.037541][ T5943] usb 3-1: Using ep0 maxpacket: 8 [ 136.071535][ T5943] usb 3-1: config 0 has an invalid interface number: 55 but max is 0 [ 136.099163][ T5943] usb 3-1: config 0 has no interface number 0 [ 136.125692][ T5943] usb 3-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 136.178300][ T5943] usb 3-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 136.234151][ T5943] usb 3-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 136.288678][ T5943] usb 3-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 136.363164][ T5943] usb 3-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 136.395146][ T5943] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 136.437741][ T5943] usb 3-1: config 0 descriptor?? [ 136.489496][ T5943] ldusb 3-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 136.736924][ T5840] usb 3-1: USB disconnect, device number 4 [ 136.761127][ T5840] ldusb 3-1:0.55: LD USB Device #0 now disconnected [ 137.194246][ T6692] netlink: 12 bytes leftover after parsing attributes in process `syz.3.260'. [ 137.364794][ T6701] netlink: 100 bytes leftover after parsing attributes in process `syz.1.262'. [ 137.674341][ T6712] netlink: 'syz.0.264': attribute type 10 has an invalid length. [ 137.682154][ T6712] netlink: 168 bytes leftover after parsing attributes in process `syz.0.264'. [ 138.136393][ T6731] netlink: 12 bytes leftover after parsing attributes in process `syz.2.275'. [ 138.192927][ T5840] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 138.362895][ T5840] usb 5-1: Using ep0 maxpacket: 8 [ 138.376590][ T5840] usb 5-1: config 0 has an invalid interface number: 55 but max is 0 [ 138.387003][ T5840] usb 5-1: config 0 has no interface number 0 [ 138.395053][ T5840] usb 5-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 138.418402][ T5840] usb 5-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 138.439606][ T5840] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 138.457307][ T5840] usb 5-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 138.470557][ T5840] usb 5-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 138.483059][ T5840] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 138.498091][ T5840] usb 5-1: config 0 descriptor?? [ 138.559452][ T5840] ldusb 5-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 138.591297][ T6721] vlan2: entered allmulticast mode [ 138.597018][ T6721] dummy0: entered allmulticast mode [ 138.915992][ T9] usb 5-1: USB disconnect, device number 3 [ 138.994430][ T5935] Process accounting resumed [ 139.011615][ T9] ldusb 5-1:0.55: LD USB Device #0 now disconnected [ 139.084958][ T6746] netlink: 12 bytes leftover after parsing attributes in process `syz.1.277'. [ 141.991950][ T6768] netlink: 650 bytes leftover after parsing attributes in process `syz.2.286'. [ 142.647128][ T6781] No control pipe specified [ 142.815273][ T10] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 143.079032][ T10] usb 3-1: Using ep0 maxpacket: 8 [ 143.087295][ T10] usb 3-1: config 0 has an invalid interface number: 55 but max is 0 [ 143.115913][ T10] usb 3-1: config 0 has no interface number 0 [ 143.175975][ T10] usb 3-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 143.237134][ T10] usb 3-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 143.331713][ T10] usb 3-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 143.398184][ T10] usb 3-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 143.457015][ T10] usb 3-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 143.482881][ T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 143.730477][ T10] usb 3-1: config 0 descriptor?? [ 144.193672][ T6797] netlink: 12 bytes leftover after parsing attributes in process `syz.4.295'. [ 144.716141][ T10] ldusb 3-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 145.364106][ T5969] usb 3-1: USB disconnect, device number 5 [ 145.386989][ T5969] ldusb 3-1:0.55: LD USB Device #0 now disconnected [ 145.760782][ T6817] CIFS: VFS: Malformed UNC in devname [ 148.815515][ T30] kauditd_printk_skb: 20 callbacks suppressed [ 148.815536][ T30] audit: type=1326 audit(1752633941.041:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6853 comm="syz.1.318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cdfb8e929 code=0x7ffc0000 [ 148.958200][ T30] audit: type=1326 audit(1752633941.041:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6853 comm="syz.1.318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cdfb8e929 code=0x7ffc0000 [ 149.060786][ T30] audit: type=1326 audit(1752633941.051:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6853 comm="syz.1.318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f1cdfb8e929 code=0x7ffc0000 [ 149.153004][ T30] audit: type=1326 audit(1752633941.121:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6856 comm="syz.1.318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f1cdfbc11e5 code=0x7ffc0000 [ 149.242853][ T30] audit: type=1326 audit(1752633941.121:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6853 comm="syz.1.318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cdfb8e929 code=0x7ffc0000 [ 149.312925][ T30] audit: type=1326 audit(1752633941.161:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6853 comm="syz.1.318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cdfb8e929 code=0x7ffc0000 [ 149.417892][ T30] audit: type=1326 audit(1752633941.191:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6853 comm="syz.1.318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1cdfb8e929 code=0x7ffc0000 [ 149.532913][ T30] audit: type=1326 audit(1752633941.191:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6853 comm="syz.1.318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cdfb8e929 code=0x7ffc0000 [ 149.662876][ T30] audit: type=1326 audit(1752633941.191:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6853 comm="syz.1.318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cdfb8e929 code=0x7ffc0000 [ 149.733030][ T30] audit: type=1326 audit(1752633941.221:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6853 comm="syz.1.318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1cdfb8e929 code=0x7ffc0000 [ 151.142376][ T6886] netlink: 12 bytes leftover after parsing attributes in process `syz.2.326'. [ 151.378445][ T6888] netlink: 224 bytes leftover after parsing attributes in process `syz.3.330'. [ 151.426174][ T6888] ksmbd: Unknown IPC event: 1, ignore. [ 151.937865][ T6895] netlink: 'syz.3.332': attribute type 1 has an invalid length. [ 152.202549][ T6895] 8021q: adding VLAN 0 to HW filter on device bond1 [ 153.558481][ T6918] netlink: 'syz.1.340': attribute type 21 has an invalid length. [ 153.650890][ T6903] bond1 (unregistering): Released all slaves [ 153.767891][ T6918] netlink: 'syz.1.340': attribute type 1 has an invalid length. [ 153.806544][ T6918] netlink: 144 bytes leftover after parsing attributes in process `syz.1.340'. [ 153.901302][ T30] kauditd_printk_skb: 22 callbacks suppressed [ 153.901320][ T30] audit: type=1326 audit(1752633946.131:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6924 comm="syz.1.344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cdfb8e929 code=0x7ffc0000 [ 154.009403][ T30] audit: type=1326 audit(1752633946.131:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6924 comm="syz.1.344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cdfb8e929 code=0x7ffc0000 [ 154.040715][ T30] audit: type=1326 audit(1752633946.131:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6924 comm="syz.1.344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1cdfb8e929 code=0x7ffc0000 [ 154.092364][ T30] audit: type=1326 audit(1752633946.131:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6924 comm="syz.1.344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cdfb8e929 code=0x7ffc0000 [ 154.114526][ T30] audit: type=1326 audit(1752633946.131:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6924 comm="syz.1.344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cdfb8e929 code=0x7ffc0000 [ 154.136122][ T30] audit: type=1326 audit(1752633946.131:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6924 comm="syz.1.344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f1cdfb8e929 code=0x7ffc0000 [ 154.192018][ T30] audit: type=1326 audit(1752633946.131:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6924 comm="syz.1.344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cdfb8e929 code=0x7ffc0000 [ 154.219034][ T30] audit: type=1326 audit(1752633946.131:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6924 comm="syz.1.344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cdfb8e929 code=0x7ffc0000 [ 154.276548][ T30] audit: type=1326 audit(1752633946.131:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6924 comm="syz.1.344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=129 compat=0 ip=0x7f1cdfb8e929 code=0x7ffc0000 [ 154.309146][ T30] audit: type=1326 audit(1752633946.131:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6924 comm="syz.1.344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1cdfb858e7 code=0x7ffc0000 [ 154.408013][ T6943] netlink: 16 bytes leftover after parsing attributes in process `syz.4.350'. [ 154.698254][ T6955] binfmt_misc: register: failed to install interpreter file ./file2 [ 155.639422][ T6967] tmpfs: Bad value for 'mpol' [ 155.939797][ T6981] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 156.377541][ T6995] syzkaller1: entered promiscuous mode [ 156.385871][ T6995] syzkaller1: entered allmulticast mode [ 156.799349][ T7006] netlink: 32 bytes leftover after parsing attributes in process `syz.1.378'. [ 157.056675][ T7017] netlink: 20 bytes leftover after parsing attributes in process `syz.0.383'. [ 157.217716][ T7025] netlink: 96 bytes leftover after parsing attributes in process `syz.3.388'. [ 157.262888][ T5969] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 157.432950][ T5969] usb 5-1: Using ep0 maxpacket: 8 [ 157.449861][ T5969] usb 5-1: config 0 has an invalid interface number: 55 but max is 0 [ 157.482912][ T5969] usb 5-1: config 0 has no interface number 0 [ 157.489105][ T5969] usb 5-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 157.516779][ T5969] usb 5-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 157.529750][ T5969] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 157.541607][ T5969] usb 5-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 157.556504][ T5969] usb 5-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 157.568137][ T5969] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 157.584147][ T5969] usb 5-1: config 0 descriptor?? [ 157.594311][ T5969] ldusb 5-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 157.808686][ T5969] usb 5-1: USB disconnect, device number 4 [ 157.826748][ T5969] ldusb 5-1:0.55: LD USB Device #0 now disconnected [ 158.905883][ T7059] bridge0: port 2(bridge_slave_1) entered disabled state [ 158.914612][ T7059] bridge0: port 1(bridge_slave_0) entered disabled state [ 159.529923][ T7076] ieee802154 phy0 wpan0: encryption failed: -22 [ 159.552875][ T5969] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 159.626446][ T7059] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 159.648807][ T7059] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 159.737582][ T5969] usb 2-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config [ 159.768311][ T5969] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 159.818403][ T5969] usb 2-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 159.843264][ T5969] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 159.852440][ T5969] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 160.037499][ T5969] usb 2-1: Quirk or no altset; falling back to MIDI 1.0 [ 160.077673][ T7059] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 160.080324][ T5969] usb 2-1: invalid MIDI out EP 0 [ 160.102858][ T7059] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 160.122059][ T7059] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 160.154387][ T7059] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 160.189757][ T5969] snd-usb-audio 2-1:27.0: probe with driver snd-usb-audio failed with error -22 [ 160.275667][ T7087] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 160.418591][ T5969] usb 2-1: USB disconnect, device number 7 [ 161.534234][ T7109] program syz.4.425 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 162.021406][ T7127] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 162.709745][ T7133] No control pipe specified [ 164.651477][ T30] kauditd_printk_skb: 148 callbacks suppressed [ 164.651495][ T30] audit: type=1326 audit(1752633956.881:412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7148 comm="syz.4.439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b2d8e929 code=0x7ffc0000 [ 164.738723][ T30] audit: type=1326 audit(1752633956.881:413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7148 comm="syz.4.439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b2d8e929 code=0x7ffc0000 [ 164.788792][ T30] audit: type=1326 audit(1752633956.881:414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7148 comm="syz.4.439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f56b2d8e929 code=0x7ffc0000 [ 164.848042][ T30] audit: type=1326 audit(1752633956.881:415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7148 comm="syz.4.439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b2d8e929 code=0x7ffc0000 [ 164.870806][ T7156] netlink: 'syz.1.442': attribute type 13 has an invalid length. [ 164.902385][ T30] audit: type=1326 audit(1752633956.911:416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7148 comm="syz.4.439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f56b2d858e7 code=0x7ffc0000 [ 164.972163][ T30] audit: type=1326 audit(1752633956.911:417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7148 comm="syz.4.439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f56b2d2ab19 code=0x7ffc0000 [ 165.032691][ T30] audit: type=1326 audit(1752633956.911:418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7148 comm="syz.4.439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f56b2d858e7 code=0x7ffc0000 [ 165.090225][ T7156] bridge0: port 2(bridge_slave_1) entered disabled state [ 165.099047][ T7156] bridge0: port 1(bridge_slave_0) entered disabled state [ 165.112599][ T30] audit: type=1326 audit(1752633956.911:419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7148 comm="syz.4.439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f56b2d2ab19 code=0x7ffc0000 [ 165.163793][ T30] audit: type=1326 audit(1752633956.911:420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7148 comm="syz.4.439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f56b2d858e7 code=0x7ffc0000 [ 165.235358][ T30] audit: type=1326 audit(1752633956.911:421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7148 comm="syz.4.439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f56b2d2ab19 code=0x7ffc0000 [ 165.466024][ T7156] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 165.488440][ T7156] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 165.919359][ T7156] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 165.949060][ T7156] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 165.979644][ T7156] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 166.001399][ T7156] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 166.719982][ T7177] No control pipe specified [ 167.773070][ T24] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 167.952816][ T24] usb 4-1: Using ep0 maxpacket: 8 [ 167.965517][ T24] usb 4-1: config 0 has an invalid interface number: 55 but max is 0 [ 167.987644][ T24] usb 4-1: config 0 has no interface number 0 [ 168.012242][ T24] usb 4-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 168.056464][ T24] usb 4-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 168.089665][ T24] usb 4-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 168.117479][ T24] usb 4-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 168.336124][ T24] usb 4-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 168.345969][ T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 168.363743][ T24] usb 4-1: config 0 descriptor?? [ 168.381010][ T24] ldusb 4-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 168.469320][ T7204] netlink: 12 bytes leftover after parsing attributes in process `syz.0.457'. [ 169.106054][ T24] usb 4-1: USB disconnect, device number 4 [ 169.267320][ T24] ldusb 4-1:0.55: LD USB Device #0 now disconnected [ 170.231352][ T7253] loop9: detected capacity change from 0 to 7 [ 170.247965][ T7253] Buffer I/O error on dev loop9, logical block 0, async page read [ 170.280043][ T7250] syzkaller0: entered promiscuous mode [ 170.284380][ T7253] Buffer I/O error on dev loop9, logical block 0, async page read [ 170.285637][ T7250] syzkaller0: entered allmulticast mode [ 170.303061][ T7253] Buffer I/O error on dev loop9, logical block 0, async page read [ 170.323826][ T7253] Buffer I/O error on dev loop9, logical block 0, async page read [ 170.331861][ T7253] Buffer I/O error on dev loop9, logical block 0, async page read [ 170.386803][ T7253] Buffer I/O error on dev loop9, logical block 0, async page read [ 170.396525][ T7253] Buffer I/O error on dev loop9, logical block 0, async page read [ 170.405363][ T7253] ldm_validate_partition_table(): Disk read failed. [ 170.412611][ T7253] Buffer I/O error on dev loop9, logical block 0, async page read [ 170.440537][ T7253] Buffer I/O error on dev loop9, logical block 0, async page read [ 170.457156][ T7253] Buffer I/O error on dev loop9, logical block 0, async page read [ 170.467326][ T7253] Dev loop9: unable to read RDB block 0 [ 170.543609][ T7253] loop9: unable to read partition table [ 170.552984][ T7253] loop9: partition table beyond EOD, truncated [ 170.559384][ T7253] loop_reread_partitions: partition scan of loop9 (被xڬdGݡ [ 170.559384][ T7253] ) failed (rc=-5) [ 170.972971][ T5923] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 171.263190][ T5923] usb 4-1: Using ep0 maxpacket: 8 [ 171.406620][ T5923] usb 4-1: config 0 has an invalid interface number: 55 but max is 0 [ 171.420407][ T5923] usb 4-1: config 0 has no interface number 0 [ 171.426896][ T5923] usb 4-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 171.441928][ T5923] usb 4-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 171.456847][ T5923] usb 4-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 171.468200][ T5923] usb 4-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 171.487624][ T5923] usb 4-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 171.497860][ T5923] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 171.517324][ T5923] usb 4-1: config 0 descriptor?? [ 171.531818][ T5923] ldusb 4-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 171.744047][ T5943] usb 4-1: USB disconnect, device number 5 [ 171.765398][ T7266] CIFS: VFS: Malformed UNC in devname [ 171.785045][ T5943] ldusb 4-1:0.55: LD USB Device #0 now disconnected [ 173.356790][ T30] kauditd_printk_skb: 82 callbacks suppressed [ 173.356808][ T30] audit: type=1326 audit(1752633965.591:504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7282 comm="syz.1.477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cdfb8e929 code=0x7ffc0000 [ 173.425941][ T30] audit: type=1326 audit(1752633965.591:505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7282 comm="syz.1.477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cdfb8e929 code=0x7ffc0000 [ 173.464414][ T30] audit: type=1326 audit(1752633965.591:506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7282 comm="syz.1.477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1cdfb8e929 code=0x7ffc0000 [ 173.486765][ T30] audit: type=1326 audit(1752633965.591:507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7282 comm="syz.1.477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cdfb8e929 code=0x7ffc0000 [ 173.511682][ T30] audit: type=1326 audit(1752633965.591:508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7282 comm="syz.1.477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cdfb8e929 code=0x7ffc0000 [ 173.541051][ T30] audit: type=1326 audit(1752633965.601:509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7282 comm="syz.1.477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1cdfb8e929 code=0x7ffc0000 [ 173.580095][ T30] audit: type=1326 audit(1752633965.601:510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7282 comm="syz.1.477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cdfb8e929 code=0x7ffc0000 [ 173.615936][ T30] audit: type=1326 audit(1752633965.601:511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7282 comm="syz.1.477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cdfb8e929 code=0x7ffc0000 [ 173.643114][ T30] audit: type=1326 audit(1752633965.601:512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7282 comm="syz.1.477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=70 compat=0 ip=0x7f1cdfb8e929 code=0x7ffc0000 [ 173.667351][ T30] audit: type=1326 audit(1752633965.601:513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7282 comm="syz.1.477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cdfb8e929 code=0x7ffc0000 [ 173.819837][ T7301] CIFS: VFS: Malformed UNC in devname [ 174.211983][ T7311] netlink: 36 bytes leftover after parsing attributes in process `syz.3.490'. [ 175.576870][ T7344] netlink: 12 bytes leftover after parsing attributes in process `syz.0.505'. [ 177.133116][ T7373] netlink: 20 bytes leftover after parsing attributes in process `syz.1.518'. [ 179.721293][ T7410] netlink: 666 bytes leftover after parsing attributes in process `syz.4.534'. [ 179.872634][ T7414] bridge0: port 2(bridge_slave_1) entered disabled state [ 179.880600][ T7414] bridge0: port 1(bridge_slave_0) entered disabled state [ 179.900796][ T7417] netlink: 12 bytes leftover after parsing attributes in process `syz.0.539'. [ 180.067279][ T7425] netlink: 20 bytes leftover after parsing attributes in process `syz.1.540'. [ 180.146523][ T7414] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 180.156183][ T7414] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 180.165748][ T7414] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 180.174691][ T7414] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 181.942898][ T30] kauditd_printk_skb: 23 callbacks suppressed [ 181.942917][ T30] audit: type=1326 audit(1752633974.161:537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7440 comm="syz.4.545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b2d8e929 code=0x7ffc0000 [ 182.102932][ T30] audit: type=1326 audit(1752633974.161:538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7440 comm="syz.4.545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f56b2d8e929 code=0x7ffc0000 [ 182.151370][ T7446] netlink: 666 bytes leftover after parsing attributes in process `syz.4.548'. [ 182.162895][ T30] audit: type=1326 audit(1752633974.161:539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7440 comm="syz.4.545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b2d8e929 code=0x7ffc0000 [ 182.216279][ T30] audit: type=1326 audit(1752633974.161:540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7440 comm="syz.4.545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b2d8e929 code=0x7ffc0000 [ 182.238447][ T30] audit: type=1326 audit(1752633974.161:541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7440 comm="syz.4.545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f56b2d8e929 code=0x7ffc0000 [ 182.267609][ T30] audit: type=1326 audit(1752633974.171:542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7440 comm="syz.4.545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b2d8e929 code=0x7ffc0000 [ 182.289358][ T30] audit: type=1326 audit(1752633974.171:543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7440 comm="syz.4.545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f56b2d8e929 code=0x7ffc0000 [ 182.330246][ T7451] netlink: 4 bytes leftover after parsing attributes in process `syz.1.550'. [ 182.350382][ T7451] macvtap1: entered promiscuous mode [ 182.356286][ T30] audit: type=1326 audit(1752633974.171:544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7440 comm="syz.4.545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b2d8e929 code=0x7ffc0000 [ 182.377971][ T7451] dummy0: entered promiscuous mode [ 182.389291][ T7451] macvtap1: entered allmulticast mode [ 182.395322][ T30] audit: type=1326 audit(1752633974.171:545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7440 comm="syz.4.545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f56b2d8e929 code=0x7ffc0000 [ 182.416905][ T7451] dummy0: entered allmulticast mode [ 182.429019][ T7456] x_tables: ip6_tables: TCPOPTSTRIP target: only valid in mangle table, not raw [ 182.429964][ T30] audit: type=1326 audit(1752633974.171:546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7440 comm="syz.4.545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b2d8e929 code=0x7ffc0000 [ 182.473805][ T7453] netlink: 20 bytes leftover after parsing attributes in process `syz.3.552'. [ 183.953525][ T7478] netlink: 666 bytes leftover after parsing attributes in process `syz.4.560'. [ 184.034800][ T7483] netlink: 8 bytes leftover after parsing attributes in process `syz.0.563'. [ 184.314034][ T7490] netlink: 12 bytes leftover after parsing attributes in process `syz.4.566'. [ 184.691587][ T7504] syzkaller1: entered promiscuous mode [ 184.699933][ T7504] syzkaller1: entered allmulticast mode [ 184.871768][ T7514] Driver unsupported XDP return value 0 on prog (id 300) dev N/A, expect packet loss! [ 185.148624][ T7525] netlink: 20 bytes leftover after parsing attributes in process `syz.4.582'. [ 185.192007][ T7525] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 185.201854][ T7525] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 185.211430][ T7525] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 185.220978][ T7525] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 185.234455][ T7525] vxlan0: entered promiscuous mode [ 187.131441][ T30] kauditd_printk_skb: 48 callbacks suppressed [ 187.131482][ T30] audit: type=1326 audit(1752633979.361:595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7568 comm="syz.4.599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b2d8e929 code=0x7ffc0000 [ 187.485703][ T7570] sd 0:0:1:0: device reset [ 187.543113][ T30] audit: type=1326 audit(1752633979.421:596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7568 comm="syz.4.599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b2d8e929 code=0x7ffc0000 [ 187.766960][ T30] audit: type=1326 audit(1752633979.461:597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7568 comm="syz.4.599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f56b2d8e929 code=0x7ffc0000 [ 187.822627][ T30] audit: type=1326 audit(1752633979.501:598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7568 comm="syz.4.599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b2d8e929 code=0x7ffc0000 [ 187.935680][ T30] audit: type=1326 audit(1752633979.521:599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7568 comm="syz.4.599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b2d8e929 code=0x7ffc0000 [ 188.008984][ T30] audit: type=1326 audit(1752633979.591:600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7568 comm="syz.4.599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f56b2d8e929 code=0x7ffc0000 [ 188.047718][ T30] audit: type=1326 audit(1752633979.601:601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7568 comm="syz.4.599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b2d8e929 code=0x7ffc0000 [ 188.069147][ C0] vkms_vblank_simulate: vblank timer overrun [ 188.175019][ T30] audit: type=1326 audit(1752633979.601:602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7568 comm="syz.4.599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b2d8e929 code=0x7ffc0000 [ 188.244802][ T30] audit: type=1326 audit(1752633979.641:603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7568 comm="syz.4.599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f56b2d8d290 code=0x7ffc0000 [ 188.275371][ T30] audit: type=1326 audit(1752633979.661:604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7568 comm="syz.4.599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b2d8e929 code=0x7ffc0000 [ 190.279870][ T7615] netlink: 12 bytes leftover after parsing attributes in process `syz.1.614'. [ 190.515901][ T7622] program syz.3.618 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 191.990445][ T7643] dummy0: left allmulticast mode [ 192.003083][ T7643] dummy0: left promiscuous mode [ 194.347694][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.355451][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.237235][ T7698] random: crng reseeded on system resumption [ 195.483154][ T30] kauditd_printk_skb: 33 callbacks suppressed [ 195.483209][ T30] audit: type=1326 audit(1752633987.631:638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7694 comm="syz.1.644" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1cdfb8e929 code=0x0 [ 196.283389][ T7718] netlink: 12 bytes leftover after parsing attributes in process `syz.4.647'. [ 196.882669][ T7721] CIFS: VFS: Malformed UNC in devname [ 200.638500][ T7755] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 200.830564][ T7769] netlink: 20 bytes leftover after parsing attributes in process `syz.1.667'. [ 201.379076][ T7785] CIFS: VFS: Malformed UNC in devname [ 202.229583][ T30] audit: type=1326 audit(1752633994.461:639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7798 comm="syz.4.677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b2d8e929 code=0x7ffc0000 [ 202.319635][ T30] audit: type=1326 audit(1752633994.481:640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7798 comm="syz.4.677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f56b2d8e929 code=0x7ffc0000 [ 202.393797][ T30] audit: type=1326 audit(1752633994.481:641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7798 comm="syz.4.677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b2d8e929 code=0x7ffc0000 [ 202.434266][ T30] audit: type=1326 audit(1752633994.481:642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7798 comm="syz.4.677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7f56b2d8e929 code=0x7ffc0000 [ 202.477737][ T30] audit: type=1326 audit(1752633994.481:643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7798 comm="syz.4.677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b2d8e929 code=0x7ffc0000 [ 202.500883][ T30] audit: type=1326 audit(1752633994.481:644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7798 comm="syz.4.677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f56b2d8e929 code=0x7ffc0000 [ 202.525533][ T30] audit: type=1326 audit(1752633994.491:645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7798 comm="syz.4.677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b2d8e929 code=0x7ffc0000 [ 202.579894][ T30] audit: type=1326 audit(1752633994.491:646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7798 comm="syz.4.677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=326 compat=0 ip=0x7f56b2d8e929 code=0x7ffc0000 [ 202.601744][ T30] audit: type=1326 audit(1752633994.491:647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7798 comm="syz.4.677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b2d8e929 code=0x7ffc0000 [ 204.842980][ T7850] tmpfs: Unknown parameter 'mpo' [ 207.659350][ T6675] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 208.605130][ T10] IPVS: starting estimator thread 0... [ 208.692924][ T7899] IPVS: using max 27 ests per chain, 64800 per kthread [ 208.694567][ T7903] netlink: 'syz.3.715': attribute type 10 has an invalid length. [ 208.708159][ T7903] netlink: 168 bytes leftover after parsing attributes in process `syz.3.715'. [ 209.008669][ T7914] netlink: 20 bytes leftover after parsing attributes in process `syz.3.720'. [ 211.383062][ C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 211.789793][ T51] Bluetooth: hci4: command 0x0406 tx timeout [ 211.790019][ T5159] Bluetooth: hci3: command 0x0406 tx timeout [ 211.796003][ T5857] Bluetooth: hci1: command 0x0406 tx timeout [ 211.801989][ T5851] Bluetooth: hci2: command 0x0406 tx timeout [ 219.302957][ C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 234.663024][ C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 255.787461][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.793925][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 266.022988][ C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 306.984378][ T31] INFO: task kworker/1:3:5840 blocked for more than 143 seconds. [ 306.992194][ T31] Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 [ 306.999935][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 307.008727][ T31] task:kworker/1:3 state:D stack:23400 pid:5840 tgid:5840 ppid:2 task_flags:0x4208060 flags:0x00004000 [ 307.020870][ T31] Workqueue: events rfkill_sync_work [ 307.026288][ T31] Call Trace: [ 307.029604][ T31] SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 307.032585][ T31] __schedule+0x16a2/0x4cb0 [ 307.037375][ T31] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 307.042917][ T31] ? schedule+0x165/0x360 [ 307.047313][ T31] ? __pfx___schedule+0x10/0x10 [ 307.052246][ T31] ? schedule+0x91/0x360 [ 307.056581][ T31] schedule+0x165/0x360 [ 307.060789][ T31] schedule_preempt_disabled+0x13/0x30 [ 307.066801][ T31] __mutex_lock+0x724/0xe80 [ 307.071367][ T31] ? __lock_acquire+0xab9/0xd20 [ 307.076638][ T31] ? __mutex_lock+0x51b/0xe80 [ 307.081380][ T31] ? nfc_rfkill_set_block+0x50/0x2e0 [ 307.087059][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 307.092139][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 307.097428][ T31] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 307.103417][ T31] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 307.109793][ T31] ? __pfx_nfc_rfkill_set_block+0x10/0x10 [ 307.115608][ T31] nfc_rfkill_set_block+0x50/0x2e0 [ 307.120762][ T31] ? __pfx_nfc_rfkill_set_block+0x10/0x10 [ 307.126569][ T31] rfkill_set_block+0x1cf/0x440 [ 307.131474][ T31] rfkill_sync_work+0x114/0x200 [ 307.136421][ T31] ? process_scheduled_works+0x9ef/0x17b0 [ 307.142187][ T31] process_scheduled_works+0xade/0x17b0 [ 307.148045][ T31] ? __pfx_process_scheduled_works+0x10/0x10 [ 307.154132][ T31] worker_thread+0x8a0/0xda0 [ 307.158767][ T31] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 307.165482][ T31] ? __kthread_parkme+0x7b/0x200 [ 307.170482][ T31] kthread+0x711/0x8a0 [ 307.174635][ T31] ? __pfx_worker_thread+0x10/0x10 [ 307.179788][ T31] ? __pfx_kthread+0x10/0x10 [ 307.184466][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 307.189709][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 307.200839][ T31] ? __pfx_kthread+0x10/0x10 [ 307.213841][ T31] ret_from_fork+0x3fc/0x770 [ 307.218531][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 307.242907][ T31] ? __switch_to_asm+0x39/0x70 [ 307.247780][ T31] ? __switch_to_asm+0x33/0x70 [ 307.252586][ T31] ? __pfx_kthread+0x10/0x10 [ 307.276648][ T31] ret_from_fork_asm+0x1a/0x30 [ 307.281624][ T31] [ 307.297257][ T31] INFO: task kworker/1:6:5927 blocked for more than 143 seconds. [ 307.305773][ T31] Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 [ 307.313543][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 307.322250][ T31] task:kworker/1:6 state:D stack:20760 pid:5927 tgid:5927 ppid:2 task_flags:0x4208060 flags:0x00004000 [ 307.334437][ T31] Workqueue: events rfkill_global_led_trigger_worker [ 307.341181][ T31] Call Trace: [ 307.344523][ T31] [ 307.347503][ T31] __schedule+0x16a2/0x4cb0 [ 307.352094][ T31] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 307.357550][ T31] ? schedule+0x165/0x360 [ 307.361907][ T31] ? __pfx___schedule+0x10/0x10 [ 307.366882][ T31] ? schedule+0x91/0x360 [ 307.371408][ T31] schedule+0x165/0x360 [ 307.375680][ T31] schedule_preempt_disabled+0x13/0x30 [ 307.381177][ T31] __mutex_lock+0x724/0xe80 [ 307.385761][ T31] ? look_up_lock_class+0x74/0x170 [ 307.390912][ T31] ? __mutex_lock+0x51b/0xe80 [ 307.395635][ T31] ? rfkill_global_led_trigger_worker+0x27/0xd0 [ 307.401890][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 307.407012][ T31] ? process_scheduled_works+0x9ef/0x17b0 [ 307.412840][ T31] ? process_scheduled_works+0x9ef/0x17b0 [ 307.418607][ T31] rfkill_global_led_trigger_worker+0x27/0xd0 [ 307.424798][ T31] ? process_scheduled_works+0x9ef/0x17b0 [ 307.430564][ T31] process_scheduled_works+0xade/0x17b0 [ 307.436207][ T31] ? __pfx_process_scheduled_works+0x10/0x10 [ 307.442221][ T31] worker_thread+0x8a0/0xda0 [ 307.446875][ T31] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 307.453262][ T31] ? __kthread_parkme+0x7b/0x200 [ 307.458224][ T31] kthread+0x711/0x8a0 [ 307.462310][ T31] ? __pfx_worker_thread+0x10/0x10 [ 307.467495][ T31] ? __pfx_kthread+0x10/0x10 [ 307.472447][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 307.477730][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 307.483005][ T31] ? __pfx_kthread+0x10/0x10 [ 307.487630][ T31] ret_from_fork+0x3fc/0x770 [ 307.492236][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 307.497413][ T31] ? __switch_to_asm+0x39/0x70 [ 307.502190][ T31] ? __switch_to_asm+0x33/0x70 [ 307.506996][ T31] ? __pfx_kthread+0x10/0x10 [ 307.511604][ T31] ret_from_fork_asm+0x1a/0x30 [ 307.516439][ T31] [ 307.519499][ T31] INFO: task syz.2.338:6909 blocked for more than 143 seconds. [ 307.534082][ T31] Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 [ 307.541766][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 307.550860][ T31] task:syz.2.338 state:D stack:25096 pid:6909 tgid:6909 ppid:5838 task_flags:0x400040 flags:0x00004004 [ 307.563033][ T31] Call Trace: [ 307.566344][ T31] [ 307.569289][ T31] __schedule+0x16a2/0x4cb0 [ 307.574768][ T31] ? finish_task_switch+0x18b/0x950 [ 307.580062][ T31] ? schedule+0x165/0x360 [ 307.584552][ T31] ? __lock_acquire+0xab9/0xd20 [ 307.589444][ T31] ? __pfx___schedule+0x10/0x10 [ 307.594379][ T31] ? schedule+0x91/0x360 [ 307.598644][ T31] schedule+0x165/0x360 [ 307.602929][ T31] schedule_timeout+0x9a/0x270 [ 307.607774][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 307.613236][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 307.618471][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 307.624092][ T31] ? wait_for_completion+0x267/0x5d0 [ 307.629440][ T31] wait_for_completion+0x2bf/0x5d0 [ 307.634673][ T31] ? __pfx_wait_for_completion+0x10/0x10 [ 307.640357][ T31] ? __flush_work+0xd2/0xbc0 [ 307.645086][ T31] ? __flush_work+0xd2/0xbc0 [ 307.649726][ T31] __flush_work+0x9b9/0xbc0 [ 307.654499][ T31] ? __flush_work+0xd2/0xbc0 [ 307.659129][ T31] ? __pfx___flush_work+0x10/0x10 [ 307.664225][ T31] ? __pfx_wq_barrier_func+0x10/0x10 [ 307.669555][ T31] ? __pfx___cancel_work+0x10/0x10 [ 307.674735][ T31] __cancel_work_sync+0xbe/0x110 [ 307.680379][ T31] rfkill_unregister+0x92/0x220 [ 307.685388][ T31] nfc_unregister_device+0x96/0x2a0 [ 307.690628][ T31] ? __pfx_virtual_ncidev_close+0x10/0x10 [ 307.696417][ T31] virtual_ncidev_close+0x56/0x90 [ 307.701457][ T31] __fput+0x449/0xa70 [ 307.705945][ T31] task_work_run+0x1d4/0x260 [ 307.710590][ T31] ? __pfx_task_work_run+0x10/0x10 [ 307.715799][ T31] ? schedule+0x16f/0x360 [ 307.720148][ T31] exit_to_user_mode_loop+0xec/0x110 [ 307.725494][ T31] do_syscall_64+0x2bd/0x3b0 [ 307.730094][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 307.736212][ T31] ? asm_sysvec_reschedule_ipi+0x1a/0x20 [ 307.741862][ T31] ? clear_bhb_loop+0x60/0xb0 [ 307.746589][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 307.752506][ T31] RIP: 0033:0x7f5f4778e929 [ 307.757022][ T31] RSP: 002b:00007fffba91ca38 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 307.765756][ T31] RAX: 0000000000000000 RBX: 00007f5f479b7ba0 RCX: 00007f5f4778e929 [ 307.773839][ T31] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 307.782581][ T31] RBP: 00007f5f479b7ba0 R08: 00000000000001f4 R09: 00000008ba91cd2f [ 307.790682][ T31] R10: 00000000003ffbe8 R11: 0000000000000246 R12: 00000000000258f9 [ 307.798716][ T31] R13: 00007f5f479b6080 R14: ffffffffffffffff R15: 00007fffba91cb50 [ 307.806752][ T31] [ 307.809835][ T31] [ 307.809835][ T31] Showing all locks held in the system: [ 307.819892][ T31] 2 locks held by ksoftirqd/0/15: [ 307.828012][ T31] #0: ffff8880b8639e18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140 [ 307.838109][ T31] #1: ffff8880b8623f08 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x318/0x6d0 [ 307.849820][ T31] 1 lock held by khungtaskd/31: [ 307.854726][ T31] #0: ffffffff8e13f0e0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180 [ 307.864665][ T31] 2 locks held by getty/5599: [ 307.869345][ T31] #0: ffff88803594a0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 307.879402][ T31] #1: ffffc9000362c2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400 [ 307.890324][ T31] 4 locks held by kworker/1:3/5840: [ 307.895651][ T31] #0: ffff88801a480d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 307.906711][ T31] #1: ffffc9000427fbc0 ((work_completion)(&rfkill->sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 307.919172][ T31] #2: ffffffff8f7e6c88 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_sync_work+0x2e/0x200 [ 307.929327][ T31] #3: ffff888078b5b100 (&dev->mutex){....}-{4:4}, at: nfc_rfkill_set_block+0x50/0x2e0 [ 307.939053][ T31] 3 locks held by kworker/1:6/5927: [ 307.944409][ T31] #0: ffff88801a480d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 307.955488][ T31] #1: ffffc90004727bc0 ((work_completion)(&rfkill_global_led_trigger_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 307.969052][ T31] #2: ffffffff8f7e6c88 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_global_led_trigger_worker+0x27/0xd0 [ 307.980469][ T31] 1 lock held by syz.2.338/6909: [ 307.985861][ T31] #0: ffff888078b5b100 (&dev->mutex){....}-{4:4}, at: nfc_unregister_device+0x63/0x2a0 [ 307.995752][ T31] 2 locks held by syz-executor/7203: [ 308.001044][ T31] #0: ffff88807b4b5918 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x6e0 [ 308.011139][ T31] #1: ffffffff8f7e6c88 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0 [ 308.021143][ T31] 3 locks held by syz.0.682/7810: [ 308.026415][ T31] #0: ffffffff8e9b0ac8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330 [ 308.034977][ T31] #1: ffff888051645100 (&dev->mutex){....}-{4:4}, at: nfc_register_device+0xa1/0x320 [ 308.044630][ T31] #2: ffffffff8f7e6c88 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0 [ 308.054652][ T31] 1 lock held by syz.0.682/7814: [ 308.059598][ T31] #0: ffffffff8e9b0ac8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330 [ 308.068134][ T31] 1 lock held by syz.4.685/7822: [ 308.073128][ T31] #0: ffffffff8e9b0ac8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330 [ 308.081648][ T31] 1 lock held by syz.1.702/7866: [ 308.086976][ T31] #0: ffffffff8e9b0ac8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330 [ 308.095613][ T31] 1 lock held by syz.3.723/7921: [ 308.100589][ T31] #0: ffffffff8e9b0ac8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330 [ 308.109249][ T31] 1 lock held by syz-executor/7925: [ 308.114690][ T31] #0: ffffffff8e9b0ac8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330 [ 308.123362][ T31] 1 lock held by syz-executor/7926: [ 308.128580][ T31] #0: ffffffff8e9b0ac8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330 [ 308.137112][ T31] 1 lock held by syz-executor/7928: [ 308.142314][ T31] #0: ffffffff8e9b0ac8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330 [ 308.150850][ T31] 1 lock held by syz-executor/7930: [ 308.156084][ T31] #0: ffffffff8e9b0ac8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330 [ 308.164616][ T31] 1 lock held by syz-executor/7932: [ 308.169893][ T31] #0: ffffffff8e9b0ac8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330 [ 308.178446][ T31] 1 lock held by syz-executor/7935: [ 308.183885][ T31] #0: ffffffff8e9b0ac8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330 [ 308.192699][ T31] 1 lock held by syz-executor/7936: [ 308.197928][ T31] #0: ffffffff8e9b0ac8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330 [ 308.206523][ T31] 1 lock held by syz-executor/7938: [ 308.211743][ T31] #0: ffffffff8e9b0ac8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330 [ 308.220283][ T31] 1 lock held by syz-executor/7940: [ 308.225616][ T31] #0: ffffffff8e9b0ac8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330 [ 308.234118][ T31] 1 lock held by syz-executor/7942: [ 308.239317][ T31] #0: ffffffff8e9b0ac8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330 [ 308.247906][ T31] [ 308.250272][ T31] ============================================= [ 308.250272][ T31] [ 308.258777][ T31] NMI backtrace for cpu 1 [ 308.258795][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 308.258813][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 308.258822][ T31] Call Trace: [ 308.258828][ T31] [ 308.258835][ T31] dump_stack_lvl+0x189/0x250 [ 308.258855][ T31] ? __wake_up_klogd+0xd9/0x110 [ 308.258877][ T31] ? __pfx_dump_stack_lvl+0x10/0x10 [ 308.258893][ T31] ? __pfx__printk+0x10/0x10 [ 308.258921][ T31] nmi_cpu_backtrace+0x39e/0x3d0 [ 308.258982][ T31] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 308.258999][ T31] ? _printk+0xcf/0x120 [ 308.259020][ T31] ? __pfx__printk+0x10/0x10 [ 308.259040][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 308.259065][ T31] nmi_trigger_cpumask_backtrace+0x17a/0x300 [ 308.259087][ T31] watchdog+0xfee/0x1030 [ 308.259110][ T31] ? watchdog+0x1de/0x1030 [ 308.259138][ T31] kthread+0x711/0x8a0 [ 308.259160][ T31] ? __pfx_watchdog+0x10/0x10 [ 308.259181][ T31] ? __pfx_kthread+0x10/0x10 [ 308.259202][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 308.259223][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 308.259244][ T31] ? __pfx_kthread+0x10/0x10 [ 308.259264][ T31] ret_from_fork+0x3fc/0x770 [ 308.259280][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 308.259299][ T31] ? __switch_to_asm+0x39/0x70 [ 308.259316][ T31] ? __switch_to_asm+0x33/0x70 [ 308.259333][ T31] ? __pfx_kthread+0x10/0x10 [ 308.259353][ T31] ret_from_fork_asm+0x1a/0x30 [ 308.259383][ T31] [ 308.259389][ T31] Sending NMI from CPU 1 to CPUs 0: [ 308.417625][ C0] NMI backtrace for cpu 0 [ 308.417641][ C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 308.417662][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 308.417672][ C0] RIP: 0010:pv_native_safe_halt+0x13/0x20 [ 308.417702][ C0] Code: 93 de 02 00 cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d d3 fd 1f 00 f3 0f 1e fa fb f4 cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 [ 308.417716][ C0] RSP: 0018:ffffffff8de07d80 EFLAGS: 000002c2 [ 308.417732][ C0] RAX: 7f7cb89f0075ae00 RBX: ffffffff81976938 RCX: 7f7cb89f0075ae00 [ 308.417745][ C0] RDX: 0000000000000001 RSI: ffffffff8d98544c RDI: ffffffff8be1ca00 [ 308.417756][ C0] RBP: ffffffff8de07ea8 R08: ffff8880b8632f5b R09: 1ffff110170c65eb [ 308.417769][ C0] R10: dffffc0000000000 R11: ffffed10170c65ec R12: ffffffff8fa0cbf0 [ 308.417781][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 1ffffffff1bd2a50 [ 308.417792][ C0] FS: 0000000000000000(0000) GS:ffff888125c4f000(0000) knlGS:0000000000000000 [ 308.417806][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 308.417817][ C0] CR2: 000055ed7cd42000 CR3: 000000000df38000 CR4: 00000000003526f0 [ 308.417832][ C0] Call Trace: [ 308.417839][ C0] [ 308.417846][ C0] default_idle+0x13/0x20 [ 308.417864][ C0] default_idle_call+0x74/0xb0 [ 308.417883][ C0] do_idle+0x1e8/0x510 [ 308.417905][ C0] ? __pfx_do_idle+0x10/0x10 [ 308.417933][ C0] cpu_startup_entry+0x44/0x60 [ 308.417951][ C0] rest_init+0x2de/0x300 [ 308.417969][ C0] ? __pfx_x86_late_time_init+0x10/0x10 [ 308.417996][ C0] start_kernel+0x47d/0x500 [ 308.418016][ C0] x86_64_start_reservations+0x24/0x30 [ 308.418040][ C0] x86_64_start_kernel+0x143/0x1c0 [ 308.418063][ C0] common_startup_64+0x13e/0x147 [ 308.418095][ C0] [ 308.418691][ T31] Kernel panic - not syncing: hung_task: blocked tasks [ 308.607746][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 308.619572][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 308.629645][ T31] Call Trace: [ 308.632943][ T31] [ 308.635893][ T31] dump_stack_lvl+0x99/0x250 [ 308.640504][ T31] ? __asan_memcpy+0x40/0x70 [ 308.645134][ T31] ? __pfx_dump_stack_lvl+0x10/0x10 [ 308.650374][ T31] ? __pfx__printk+0x10/0x10 [ 308.655095][ T31] panic+0x2db/0x790 [ 308.659015][ T31] ? __pfx_panic+0x10/0x10 [ 308.663445][ T31] ? nmi_backtrace_stall_check+0x433/0x440 [ 308.669272][ T31] ? preempt_schedule_thunk+0x16/0x30 [ 308.674668][ T31] ? nmi_trigger_cpumask_backtrace+0x2b6/0x300 [ 308.680867][ T31] watchdog+0x102d/0x1030 [ 308.685309][ T31] ? watchdog+0x1de/0x1030 [ 308.689760][ T31] kthread+0x711/0x8a0 [ 308.693862][ T31] ? __pfx_watchdog+0x10/0x10 [ 308.698559][ T31] ? __pfx_kthread+0x10/0x10 [ 308.703181][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 308.708414][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 308.713636][ T31] ? __pfx_kthread+0x10/0x10 [ 308.718247][ T31] ret_from_fork+0x3fc/0x770 [ 308.722862][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 308.727995][ T31] ? __switch_to_asm+0x39/0x70 [ 308.732773][ T31] ? __switch_to_asm+0x33/0x70 [ 308.737640][ T31] ? __pfx_kthread+0x10/0x10 [ 308.742247][ T31] ret_from_fork_asm+0x1a/0x30 [ 308.747053][ T31] [ 308.750375][ T31] Kernel Offset: disabled [ 308.754710][ T31] Rebooting in 86400 seconds..