last executing test programs: 3m29.973557964s ago: executing program 2 (id=281): r0 = fsopen(&(0x7f0000000c00)='bdev\x00', 0x0) readv(r0, &(0x7f00000000c0)=[{&(0x7f000009de00)=""/40, 0x28}], 0x1) 3m28.980916434s ago: executing program 2 (id=282): r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x82) ioctl$USBDEVFS_REAPURB(r0, 0x4008550c, &(0x7f00000002c0)) ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, 0x0) 3m27.205114676s ago: executing program 2 (id=290): r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0xec830d08601a305a, 0x0) writev(r0, &(0x7f000000d540)=[{0x0}], 0x1) 3m26.729147651s ago: executing program 2 (id=294): mkdir(&(0x7f0000000080)='./file1\x00', 0x8) mount(0x0, &(0x7f0000000200)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x8, &(0x7f0000000300)='usrquota') chdir(0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0) quotactl_fd$Q_SETQUOTA(r0, 0xffffffff80000800, 0x0, &(0x7f0000000340)={0x8000000000000000, 0x4, 0x100000001, 0x3, 0x24, 0x6, 0x6, 0xfffffffffffffffc, 0x100fff}) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x1d7) mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1/file0\x00', 0x0) mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000080)='./file1/file0\x00', 0x0, 0x1085408, 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f00000003c0), 0x40, &(0x7f00000004c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1/file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) unlinkat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x200) 3m25.525265667s ago: executing program 2 (id=297): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000440)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000f36d666666440f38826b410f786b42d1d107b8010000000f01d98fe9d89afd", 0x3d}], 0x1, 0x21, 0x0, 0x0) write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000040)=0x1000) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@x86={0x40, 0x1, 0x10, 0x0, 0x8, 0x0, 0x10, 0x0, 0x0, 0x80, 0x9, 0x1, 0x0, 0x0, 0xfffffff8, 0x0, 0xff, 0xff, 0x1}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 3m24.159947791s ago: executing program 2 (id=306): r0 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000003280)={0x73622a85, 0xa, 0x4}) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000180)=[@acquire], 0xffffffffffffff47, 0x0, 0x0}) dup3(r1, r0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0xffffffffffffff67, 0x0, 0x0}) 3m23.631883797s ago: executing program 32 (id=306): r0 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000003280)={0x73622a85, 0xa, 0x4}) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000180)=[@acquire], 0xffffffffffffff47, 0x0, 0x0}) dup3(r1, r0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0xffffffffffffff67, 0x0, 0x0}) 9.70082604s ago: executing program 3 (id=1302): ioctl$KVM_X86_SET_MSR_FILTER(0xffffffffffffffff, 0x4188aec6, &(0x7f0000002cc0)={0x0, [{0x3, 0x0, 0x6, 0x0}, {0x2, 0x0, 0x1ff, 0x0}, {0x3, 0x0, 0x9, 0x0}, {0x0, 0x0, 0xfffffff8, 0x0}, {0x0, 0x0, 0x9, 0x0}, {0x1, 0x0, 0x40003, 0x0}, {0x2, 0x0, 0xa2d, 0x0}, {0x0, 0x0, 0x10000004, 0x0}, {0x1, 0x0, 0xf3f, 0x0}, {0x4, 0x0, 0xa3a, 0x0}, {0x3, 0x0, 0x3, 0x0}, {0x3, 0x0, 0x1000, 0x0}, {0x0, 0x0, 0x9, 0x0}, {0x0, 0x0, 0x1545, 0x0}, {0x1, 0x0, 0x9, 0x0}, {0x1, 0x0, 0x40007, 0x0}]}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6) sendmsg$NL80211_CMD_SET_CHANNEL(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000980)=ANY=[@ANYBLOB="e6bf049d51e61f8dc06efe03001e7bdac916ed8df2f7182d5aafb1d1756c4b514543", @ANYRES16, @ANYBLOB="000128bd7000fedbdf", @ANYBLOB="0500180127"], 0x24}, 0x1, 0x0, 0x0, 0x840}, 0x4004840) r2 = accept4(r1, 0x0, 0x0, 0x800) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0xfffff000, 0x2000, &(0x7f0000000000/0x2000)=nil}) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) 8.48788644s ago: executing program 3 (id=1309): r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) r1 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) setsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000000)={r2, @dev={0xac, 0x14, 0x14, 0x36}, @multicast1}, 0xc) connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0) setsockopt$inet_int(r0, 0x0, 0xc, &(0x7f0000000040)=0xfffffffc, 0x4) recvmmsg(r0, &(0x7f0000000340)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)=""/33, 0x21}, 0x4}], 0x3d5, 0x45833af92e4b38ff, 0x0) 5.652286875s ago: executing program 5 (id=1321): r0 = syz_open_dev$dmmidi(&(0x7f0000000040), 0x1, 0x92a02) pwritev2(r0, &(0x7f0000001c40)=[{&(0x7f00000001c0)="a52003183499f934336d5dc93717c5d7d7831c84fe7e829281d2f06816bcaa9cb01e123b91f6e5d4cd9c4be2efb64887bbb766803d0b69df5941aff23c8b1dc635f6d1af3cb4b8", 0x47}, {&(0x7f0000000240)}, {&(0x7f00000002c0)="eb4e6557447f55dbc7fa7cb51083b7acdc3fbbf4af2f678e5d0b87a83e1fb3d4ac0ac41dc2a36acd88cd0eaa89d15098706e", 0x32}, {&(0x7f0000001840)}, {0x0}, {&(0x7f0000001a00)="520df5355540226801189ad114e04730b2ddbd910d1635f5f78f7adf420782fe0e8bed3b8ac642d7b3676970f42dadb44ae96e1251804f33dbab6360134e37b337f63d412d8205b7fdf94420075c1d15e3317d5a61491ce6ca24cd35b5f908b62952f0eb29efb318ed31ed3ff675121f8bec", 0x72}, {&(0x7f0000001a80)="1b2509752570306ee21e3a9c9e838d6d6f273615907f86ae0fe9358313c0f3a7f96668d1fcf90a488930edcb2be6ec8d4db5ade5178907619bd7422b8cb77e58cdb2682e37135b4958afeb5842e0e97c7882a0e8dcd0c38fdb2a4f8618bb38f99893d9724dc2f7436c937e33a8da80b8099392c343e2894d94d1ea6b8962d4e29b224a1e887f63920ec9ce7b0eb57e8e44b0fcde702f7793f7c7e2aee3791344b28404c3b07ae24e4f7e9548971d", 0xae}, {&(0x7f0000001b80)="46b54c8db8cebf7e9b3df3473839bd64bfb13327cf56b170a9e079c6dbd7536d88d2b8bd00deabe67b86bc4c919306069a6f9fa48439c331abf9ffd0197a0dc548edfe38c571fed483327ec7fffd1a6aeb095c098bb327aaccc28a55694de5bc22b6a26182f5cd00a05436624d79d7d29df7846770aab7e3d8c96add9590c544da465257d62a52cafca4122fa331", 0x8e}], 0x8, 0x7ff, 0x6, 0x10) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYRES8=0x0, @ANYRES32=0x0, @ANYBLOB="c9b703d594ac"], 0x20}, 0x1, 0x0, 0x0, 0x2000008c}, 0x80) sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x20004855) socket$nl_route(0x10, 0x3, 0x0) r1 = socket$kcm(0x29, 0x5, 0x0) sendmsg$kcm(r1, &(0x7f0000001800)={&(0x7f00000000c0)=@tipc=@name={0x1e, 0x2, 0x2, {{0x2, 0x3}, 0x2}}, 0x80, &(0x7f0000000440)=[{&(0x7f0000000340)="5bf1cbb20c3331aa5bbb4cbe269b8604a5b0a3b9d7c89a749de1c653fcb97f9795b370218e70e59450cedf534ed8307a85c2d7ff34571d2b80bd0c844a9aa48f3ee087a997a63321e126f665f5186a610540f1c6b0c8e20c90c3e5a9505bbf1983227506a6986df4d6e69cf0747dabd3df687d1ac6ab4d2988a2a15aa0adf654f04b6e158f16fd254db6540be47c9251e95fcbb7bf9d6fe761c6719a751067cb5ab30245c0f97955dfcfde761e2371d67fa96e694c3cd11f31535f333063fbe34e89eab619a8f63b6cca4c9b0b36e9c6ba49be58894536645b8f2722aa98", 0xde}], 0x1, &(0x7f0000000480)=[{0x18, 0x115, 0x1f, "862a"}, {0x1010, 0x0, 0xd, "ecad9a50c725632e215db6cbb65793dd9b7f1513d2a0a31ffe6ae2886ff4a2215198e663885e44030e71743b9a07da49c550e03d10f1b480f2225af432da9ce2b7ec759b58caddd8f1cdd504ab7d1ea45cb1eb66827413fea192cf77bb399543f75f95bca7aef49b8b4a8e17ab1353936c5c118714d900596ac59f96bbfc92ad9b957e3ce2eae3d33b14d2248c30578fdbdbc2c1a831d713ccdb16b3899419d64e650421991cca28234df30759c13070d6a51d5393a1a487fb8fdee8c62b92a17fc73c9603302c30a1c7ef7ced4b12e3342dfcde4da084e8c6a93078c6c6c3964f2f83b65f658b082dcfdc4d4a977b7ea57835313fb28e34b9d940e63cabbba619fe8ca86cdb52dfc4de91aaed401837830cae1c6fed10acf719a71a0a6bc120a18a35e52a6fd32c5f316983b976bfb47715fb8a8ae051f7742155a10d2e8fc783d3a8759c55da0ee29c258ed55e411ecb5b9087fb420662b73a6c1048d7f84dd09ecfc9c1733fc50bd5c37ad37785536a93e699615752ae7354e502b58cdaa78f26dca81dc74921e8dbab34e789dbe6fc74c6f9c1a4c2e3079232fea44a3cdcda757f51ff88b880aa730f3895b08a7fcb66d06527da0e91d9eb30ff981da7d9c1326436d6b516ab2d93fcd3bfadc88315fd7210766cae46f64d1419048fec6c84e22451cf990e9977dda655c67d1bce7acbc1d5a0be3042c8cb3ec4ae110815f3b5df008bf2b4d3f4b25296c50c8a32c53d6f6327164abb2c01b0b1dc40a04b67e708926bf9d7c6c6a010e286d4b75d2bd774fba0732e2cb6a467cdde499de15e0f9dfcfc259beb1d96a6cf3d3237ecca0afd17b213cc1d1f797a834ee15a2dcc65ab57ad5e7027c06d062267dbb494cde5b2a26a64933d30ee5d336f7598d7ec51f66ef8a65b6020e88f7f0a90d6a0f77064ec99d1473c4442cfdd0e846b93d2720f1ec39e7db4b1dd97de7cc2ee998ec5dc01c513875a127aeacb722af482de602277141c7599dc6703db13ebb01436d2b9790fd60f8070cd2ab7d0515b6319943955fb5a40e95bc871a1495c1fc84847a3cc82a7acda758e9030eae05369347fed5bf16ae75490bbd39886df82dfbb100872a1307ab062d39a19c158ad0af901d373935346eb821b7d9dfcee24d57964c65632efe29e70f619d7a9496a078caf8ed3612b7c5cfb93f2b2655ac7435a9441ddae8b5954c45e7ce37bf9d950ea57b26af204f390fcb02467c46718dd3a7b811b44bd0b68416788108e29fb551f02cbdc123e91f26f997117a92e290fede7db814f499ecf8275899cae99575973a0e6004174e02ad869d1a53c50a236ee63f90b60ca0134ef1eede0b57510be385d8e9d7505d9932fd6f4be42f87e5e15c5fa84cf67cbe9eec16ab868ed92403a127bd74059f8f75b1b011241ac3757d7df8dfaf9bd3d487c8dc715ec8638f93ec899a3553a27574e85c726e0745f1fcf04e51535fffbc140c0ba6bb52eb843112047df28b8dba8435fa65ac689dbc2076c114ae0419a3d389734812de95ba9b79eb596ef4189597b164cdf55c418e5d24e842e92926e44283a58a1c46e70bbf93a95cdd0635e4e0717f442f0052b9e8d5abada803cc01f92ac6200a864b280c5430dec151c84d109524a0fe54586272c93fd6b50406a4897d76750614710881f8be4d8a6ea35bb652945c7cfe686226470b798140d92ffa453ed2087967d6f9b9abaa66ad0f1c1a2f54155bb6909dda4eafff902084209818c0a6334dad06ab00c34f22b2ac7ebd17d4174483f8e8ab09eff15a888963d3a2bf90f96ac3f0ac9e7fd51997771ef25146b43d8da1fc6bf1aca5fb6dd943ad138513a50d4f63e80f27cf932ab99d828439cce576642ef16cb9957b637384c756e1777ab21edf55741c10ca4202bf506a9397edd4db2a4f05b6a383d9b1cffe80c4636bfa82d4c64c0a9769979e6fe00fbd3de80464d2bcb01ad36fd4a13c121a130b69a9d0f25a061ce4e2ec727433a0f495feecc3a2ce58b9940dcf7baf4c72229f3584f4c13d6bb675e96cc9d65db8989cdaa298a6b1c60689363003ffa1ae20cc0c1a837717a16daaa9c079e8eb0c8bab187a074b7ea1db5ff64753933292a06cf7fb7bf28df6fc7123793fbb2a3f3a4b3925deabd518b8d833cc9fa4a615b1aef0ea098012a969f408989b36ea70cd0355f39e32d6dc2f25e1b9aac600e13f421b8e89857244eb73f648f70c311c6f79333ce330c037a774b60fd94879993fc05bceaa77d0291a2dab0ae2f936776815823e379c5d4e43cbbcae268a783cdbf25041647f06c89fec07264f36a84af3227aa1fc8fd5149d5df76953a26bfbb67890c398a5f4b13e1d5efd9f25721c8fbf74076601792b2abaf8fc80460db6f9177494a75f1ca9b2188816651360b13027eb871351f615be9f9f00411c5a0332a4e3b1be483a5b12d38f6c24f46110f24fdc6ec46c4cb35f05be65c26313a13c86316392039fbf80acb1be84642857339eb1506dfecbcddda1752a1dc92890b4405faa3e609483664346e71856073a623ead694c3fd72e22fb34e1b8957c1952c57ccdda87fc828695d2e0d5b4e564f68b08ac2c53d422447b947a799f2501b2a2b6e0339e319376da27628e86605db0744444a74581b01a64b6246ec69be6185170463ee42add235d5323bd18ebbef11970024dc060a36e8b59d079fc5a2d5ea82fca15d48efcd43078a106d636a5b89bfef4f28a02ae46a970d272567c6383fa7192e6bb75853bf50cfbbbe0b0914ee6fc4fbee664c34d35e249d653942524ac227e6bd99df0bd18273d70311c17312ab948946b08552e82a820a8470e842c5bf9bd612e7269a831e220ea061408472b72f506605c59439e7c2d6dd0e64af67923b6219b6a7233c71e3f006b71c13d8ef2f850f036ab0c9c835ad6b9f428066e4920d063d134d8ccbbbedaa39207c47b3f74195939c7e27cdd2674184795c1fe8674aeba5ac09367e4d42593de6f5cebd8958c08b6fa7bba96c70734ac120cb16e5dd4c9feebb422fd416b594758f97e551e8915c059f30516fde9ce0a1af10c97f987c0154c1754d450dcbb08c9a691d512fae60c36619a4041f9806f7666045a997cc2a31cdbe1b463cba8dde4790638b92f3409c940f8932386341d8c93af3850beb5af04bf546c31707eae9747af4e1efe30fe3b5ea4818adfdc2cc29fc1fe41fe992c36627d7047561a639e43a0635fbeda499d24913e7276f7bd1d2fcbb02a54230a0e71cba4d130ce922672d200470827b11901d2d76f4b6a7eb4761140a1309b4b598e8c08b84f47dae677d2dd1d9d2d27204a87328e21fe44ce9df5ded187b908ca74943b618aac6f8b34835ee4736a7838720892029d5e3482afbc961706208c1d3db291bf1d0e6f0e40aa1aba8dabe821e6f914b5d6e7729a1e763c3fa6759846ffc5f5fcb2df2300a609b8b45d5be259c7bbdf4de001bcbb6c5d7208a12c79830098fcced859de1feaba4901eefe82bd718216232a679ee645e95c67ad5a013d26a42c504c61e31ea603a176211f591d900924d62dcaac0d3f776963f38d2dd26bc75588511681d56e8eb6e0cbf13762efe35ff29dd27de798c5334a1b346f8582219cea533788fc041c0b6f10b8f6574454058b34d4e3b6c295506c20a6186e31390047905781afef2f69d50c48e079ec36bca10f5dcc074261803e3c0f86cf522cb82c8445f69bfa10fae531e4024c58e0c1994260e756046839708fdddcbbff9047927e1f1f621192a4e7073cdb88a9c10d78690126757c99daeb1e6ed0b0fe92a7ef5978ef47055dfa5588d04d7ac3ccfc7a050a74f4ff2c8e577eb82c85b1bc9ff4e1ce6119a744f30e016816e53da75ff403747bdac159081dcbedea36d07ed3817c71b098549b07e58d6da404423da2161e468ce41b3e0d3946366b7062645a01813684529f049a544a0fb39f6cac195f08c08ce7d9c92823b37f1e135494471bab6bb6e6fdc17e528e250da07e1545131e70c42cab3c7cca24cfbda5aba0958609d36c3b5610b44e9d1ed17702c2b3e023bd2a1161dd71586e287f52f75c7e02bb62ec1fa7a5c14f18759cbb6080af3f1441532657aa3b4f184bf274180db20267d4876a3814af419830f6ee8ed6ff830cecd395735233d57252865a14b2794cb043f79e5849a77808358f2b483120d9ddae477d4ce43f720e819ab20f0f3e77166495a9784e10f1b1e6e0ae8e53bf3d53164100c63d5bf93e8d7554a7df566d026282bc84ec0395b9a40fc12fe534ba68ff0bdf0e90caae5b15b493da382a54e5414732edc3f25a953890333c31b24a034df1f0a0111d4b80c382c438597af1a8e6e0779222cb0722363c9f957ab771733a41fcd05a391bac9f522454aa658185018f6a205cb29de98ddd4daec076c350b5d0aba2cf74a7dbcae13d3e684b1506a59298a018ce3d59a59b6f36475f0bd5394a74d4eaffdc8377fb1edcfd7af266ad3d574263195c080e9336d82d88f6d75b9b5a0f8870cfe7b09f38179f2e9fea8e8cb2c4ed37402e62cc6280c153789a8c4b3a0fe887d3778ef4e158005db51fd44a418e37d9615600ddf392c0a870e80dcaaa01b1ce90df8ea2e03ec5f62d4c628862936b2463360a162f15b547cf7e28e7ff465fc711f49a650e63d7d49e234836013cf8e6538e98808860c6b23f6f5a36366f6c2b6112b1be51efcc36940864579945a31f1ea3a7b8c06b884d7e7624c1b1c0aa4086f50c7d1d1e78fc33e333c2a687e83fb68950939451f6b083d811e5aa982d85f8d4450e4fb208d207f9e5087fb03d13cea79f6a4de957b753d5839d7c51c84c81bc67b8fff38d52fa778c204846533d7e0181287934221089732ac9e883bf2d4e1bb5b43ed77da382da4386f16ab3d70ddec927a1fadb8f425d149fee903635a578adc5b3cefec41edb869bf2dfc1279059144a6571f73f71f6630aa1fbc986e1ad5884e5f154c300557f67f2beb0f366d1c66d31b73e58f30a10080bb4d740a6b5bc542ad19ef2081365c73048fdc7cf5783b5bd3f94a1b24c7ac572e56c6ae4d5294a8f879f4dd893f503ae84706ddd57f3503ca59ef989ba59652dd6a19c5dac18fc50afc1f54fe0f8e1469dd43ffa3af4cdad0253235522ff12d14752868acc3df47ddc8c4ba5c51f44d37e9a881b2164883a716442d545ebe5a880cd7894823a5392975449503ab60b3f9f1cdf6ec7e8f75e7abb0ed634b98900928f7eea0d53a57d23a9b3a58af284fa35465d06cbe903530f5e310438baef29b0df6ba2d8cff6660a45e085f7efad30075e638f4b140cfbfb2dfaa948260b70dddfadbb0844332752fcf9a61f33ca4d0505158ef0408f5d138a4baa5be0c9677b2f70eb2770fe84c0d5ce337186d2cce8ec177f19722ee4ec25079c845e9fd718c0c14f5e5c750dbd8d49b19696bc43babeddc0f5b31cdd50201025d65e9f156053113d6c0ae39f029bcc45fc32bc08990b04c257b2481205f7817378c8f8379654f634949ff32174d6e156ad68f05fca3da605235cb655449ebbbb0ffb55a44f9a0b9adcdfb66806b8085b39ad852b5bafec1c4c3b0abf2ae4c2cf84fc67dbd9dfa3c46b34f615c766fee219f76000e8d245f84aa0f80763d42d8bb770ad2d17cb3f215bca28b55bd1563ae9312aaf66c49e0332331ddfbdb199b619855bff0853e02ff7040400895e186235786e41d41b4daf3c20cd774963766cc0e92c5dfc32432144a48f66dab71d15edd2d2242b423d5fa45f12f95040281b58117562f32e81901cdf2"}, {0x18, 0x29, 0x40, "11a6398b1f"}, {0xe8, 0x112, 0x2, "1a08b197aa91e32233065954e515dc653b9e2f3c93c9acd5b8ed665f43e70dfe9a1ba8ebbdd19b107ff94e94ff931256e144dc84a5d32b616993dd162dbe5bc35128b2e6dec4df482675fa003a9ea24ad67639e3d1c6c070031b2b4aedb5bcce80d9835488baa811034b3b86632f5a019d9dec938d1f868eacc11d12cd8a7636f6d12363f1ed493bf89e2aafc541bc7afe66095d404aa29aeb6ac26cee9bb7cdf69104d85d5b5340711c46c14b4fb1bd7b2a808fe627ecb88244d2bbe7900d143055b02e19de1110d19016f55d3519449391f1"}, {0xe0, 0x10a, 0x3, "c92f386f5161faab52d3f40d6200af5517cc166bddca419db111bde699c092ea12f4f35fb696e96b004e3ee831e83feee4dbd22b090cba8d7bc987dcd9c565eb5cc8d474ee153f25e0d709b9f006d38b1275cf758bb3cbda0b94eb8a483f3791711f1f6ad729a3d580ab00fd83fc48db686a499f6183e4b4b4c7e04b84dbe4f290a3d35eac36e71cc1ef7d3463df560b76456d1ba554a8d5a91920293bd7ca09dd94a965e6e7ecc5a46df5a41697ad18c92e51974806efc9453734f6a89edf0a0a3a5d33ab3405c4c0b622209f059abf"}, {0x80, 0x10b, 0x49a, "6c0d3e09edabf9c2ddd0f0429e5ba7a3e449bcf51d3174b4ffbfaf901c53e98c0820c72fb2cd37a94d9430d63601b46a486fb7c6357819a27493d8a72eec8f6efb556f459c0a186a4e0b81a546f34409f047760754a9ce5378a3c0e09785a5b53f7a04cda700054054"}, {0x28, 0x107, 0xffffffff, "eca96f33076ebbe5da8b6e711d2abb445e"}, {0xa0, 0x107, 0xc968, "f525301010b4c244cf7bf400cc10d35c3b845151f92d7597d6fbe7a4d8c0facef6df728de9cab1c897a86a9bc3233d1974e088c491127970b9991a77cfd75e1b3376ed416b8cbff106d788812dc56c738c807a4a2fe4b3a88e5daaf1a9d87dac5510d36c8e05cb8531ba3e4beaf24f7c72d68e130fdd6f2d610deba8f0cf3c990b8a49e5566bf077d14b1d"}], 0x1350}, 0x4000) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x6) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = syz_open_dev$usbfs(&(0x7f0000000140), 0x77, 0x3501) ioctl$USBDEVFS_GETDRIVER(r5, 0x41045508, 0x0) capset(0x0, &(0x7f0000000080)={0x6, 0x6, 0x2, 0x87, 0xffffffff, 0x40}) r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000480)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x4000000}, 0x50) r7 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r7, &(0x7f00000000c0)='asymmetric\x00', &(0x7f0000000300)) keyctl$search(0xa, r7, &(0x7f0000000280)='user\x00', 0x0, r7) keyctl$setperm(0x5, r7, 0x101008) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000340)={0x1b, 0x0, 0x0, 0x40000, 0x0, r6, 0xfff}, 0x50) sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x4000) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000006000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d6c2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0) 3.825560854s ago: executing program 3 (id=1323): prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f00000000c0)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000003c0)=@abs, 0x76) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff000000000200000009000100"], 0x7c}}, 0x0) r4 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000680), 0xffffffffffffffff) sendmsg$L2TP_CMD_TUNNEL_CREATE(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)={0x3c, r4, 0x917, 0x0, 0x0, {}, [@L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0x2}, @L2TP_ATTR_PEER_CONN_ID={0x8}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_FD={0x8}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x400003}]}, 0x3c}}, 0x20000018) 3.816044247s ago: executing program 0 (id=1324): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4) sendmmsg$inet(r0, &(0x7f0000000d00)=[{{0x0, 0x0, &(0x7f0000002c00)=[{&(0x7f0000000440)="b25b", 0x2}, {&(0x7f0000002800)="cf", 0x1}, {&(0x7f0000000380)='\b', 0x1}, {&(0x7f0000002b40)='-', 0x1}], 0x4}}, {{0x0, 0x0, &(0x7f0000002f00)=[{&(0x7f0000001580)="ce", 0x1}, {&(0x7f00000007c0)="f2", 0x1}, {&(0x7f0000002e40)="d4", 0x1}], 0x3}}, {{0x0, 0x0, &(0x7f0000000b40)}}, {{0x0, 0x0, &(0x7f0000000a40)=[{&(0x7f0000000340)='\x00', 0x1}], 0x1}}], 0x4, 0x4000084) setsockopt$sock_int(r0, 0x1, 0x20, &(0x7f0000000000)=0x7fffffff, 0x4) 3.560890517s ago: executing program 5 (id=1326): openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c0000002000020026bd70000300df250a"], 0x1c}, 0x1, 0x0, 0x0, 0x20008081}, 0x0) write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0) preadv(r0, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0) sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x0) 3.419822996s ago: executing program 0 (id=1327): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-aesni\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000cc0)="adf802e5370fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r1 = accept4(r0, 0x0, 0x0, 0x800) sendmmsg$alg(r1, &(0x7f0000007200)=[{0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000300)="a95c55bad7240eb8d02e07d6581ca7eb3af595b036e2131d061710bfc923300ace27ac9f6a8792943f0a9d29e900efab791f6cb6416105edae366e0ab1e57ba0ab977732c0c786fe6908fff7cb2e32f142db19b44582f772470e0df66438fad57ab691a797c2c29c7f0753621cd13ff38fa7c683b76b0ceea0fffebd4f300cc221c6c3cfd782e94372992a114671d689b6047bedb8bc", 0x96}, {&(0x7f0000000600)="e12379c482ccac083797f96254149d73b2acaab5544bd6664e0c562b9321a96013d21b8a1a4d840c7e0671d995a1291927a0e7edb52f794fe041fc7a5abdfab4ec35bc39f678d576b9df454e8401ed15aa91899d57c245d2cb78d3726efcacd161f0a7bc304e836f92b8ae8a6946ec1517fe7296acb2e1ef5c8da334f2488715853e6ca437215acc8a4af0b7ad0c691a3d243fb85dda8f", 0x97}, {&(0x7f00000006c0)="ae57b15f0f6cc47540745d1356e03948ab4ff8f04d507d4b8cb5103ca40154d26ca5d7d1c56952eca732d23a13cec760583eee907ca4a19718e2c4ee8582f7c6a9501c785da0113eedcf09a6f27c68cb12ffb064a18be09d4d1acd6f08c41a0d0f82e1e18d87667c3488", 0x6a}, {0x0}], 0x4, &(0x7f0000000940)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x24000000}], 0x1, 0x20040800) recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) 3.223821638s ago: executing program 5 (id=1328): sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) ioctl$SOUND_MIXER_WRITE_RECSRC(0xffffffffffffffff, 0xc0044dff, &(0x7f0000000480)=0xffff8001) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000007, 0x13, 0xffffffffffffffff, 0x0) ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f00000000c0)={0xc}) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4) sendmmsg$inet(r0, &(0x7f0000000d00)=[{{0x0, 0x0, &(0x7f0000002c00)=[{&(0x7f0000000440)="b25b", 0x2}, {&(0x7f0000002800)="cf", 0x1}, {&(0x7f0000000380)='\b', 0x1}, {&(0x7f0000000100)="2a1b1a4552a31452d5c73c376f8a", 0xe}, {&(0x7f0000002b40)='-', 0x1}], 0x5}}, {{0x0, 0x0, &(0x7f0000002f00)=[{&(0x7f0000001580)="ce", 0x1}, {&(0x7f00000007c0)="f2", 0x1}, {&(0x7f0000002e40)="d4", 0x1}], 0x3}}, {{0x0, 0x0, &(0x7f0000000b40)}}, {{0x0, 0x0, &(0x7f0000000a40)=[{&(0x7f0000000340)}], 0x1}}], 0x4, 0x4000084) setsockopt$sock_int(r0, 0x1, 0x20, &(0x7f0000000000)=0x7fffffff, 0x4) 3.188102776s ago: executing program 0 (id=1329): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="c9b7"], 0x20}, 0x1, 0x0, 0x0, 0x2000008c}, 0x80) sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x20004855) socket$nl_route(0x10, 0x3, 0x0) r0 = socket$kcm(0x29, 0x5, 0x0) sendmsg$kcm(r0, 0x0, 0x4000) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x6) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = syz_open_dev$usbfs(&(0x7f0000000140), 0x77, 0x3501) ioctl$USBDEVFS_GETDRIVER(r4, 0x41045508, 0x0) capset(0x0, &(0x7f0000000080)={0x6, 0x6, 0x2, 0x87, 0xffffffff, 0x40}) r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000480)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x4000000}, 0x50) r6 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r6, &(0x7f00000000c0)='asymmetric\x00', &(0x7f0000000300)) keyctl$search(0xa, r6, &(0x7f0000000280)='user\x00', 0x0, r6) keyctl$setperm(0x5, r6, 0x101008) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000340)={0x1b, 0x0, 0x0, 0x40000, 0x0, r5, 0xfff}, 0x50) sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x4000) r7 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000006000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d6c2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0) 3.026401934s ago: executing program 5 (id=1330): sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{0x0}], 0x1}, 0x0) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0xfdef) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000080)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x5, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x100008}, 0x94) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b1a, &(0x7f0000000000)={'wlan1\x00', @random="0000230c1100"}) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fed007907001175f37538e486dd6317ce2200"], 0xcfa4) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xff00}, 0x48) 2.006979965s ago: executing program 4 (id=1331): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000700)=@newqdisc={0x138, 0x24, 0xd0f, 0x200000, 0x0, {0x60, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x108, 0x2, [@TCA_GRED_STAB={0x104, 0x2, "1fcc61b4e508c02286f1bafc7a22c407a52b0e13291c865d493f15736245f220cd4e40006df455836aa3bd3aaa2c9b95578719c46f89e01798d28b6d63cf7465ea95bd97b018b7afaccdcb0000000000000009e790f0875fb4b795ca95b7dd712d2c5d69945535f92f74a71236743acdf902703c7bd07f2df5989ee40e409b077cc85e96554beb53c986a216051bd5979a8cfcfe9f98be58ffcf44f6cfda8579dbaedceee578bfd1fb554b6e185e9315425ef0a3fc69d17ede93fc7c46357990f7acfdb8216ea52f604b9f12033688caa4b04adecfc926b3f6ca25bcb5432905e3f30ccbf10cf0f2d00858ba2bbd2702b8d4a7a7c744fbaa2fa35b1c586020d6"}]}}]}, 0x138}, 0x1, 0x0, 0x0, 0x845}, 0x24008004) 1.958569791s ago: executing program 0 (id=1332): set_mempolicy(0x4005, 0x0, 0x7) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001940)=@newtaction={0xe98, 0x30, 0x871a15abc695fa3d, 0xfffffffd, 0x25dfdbfc, {}, [{0xe84, 0x1, [@m_pedit={0xe80, 0x1, 0x0, 0x0, {{0xa}, {0xe54, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe50, 0x2, {{{}, 0x97, 0x0, [{}, {}]}, [{}, {}, {}, {}, {}, {0x448eade7, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x80000000}, {}, {}, {}, {}, {}, {}, {0x2}, {}, {}, {0x0, 0x20000000, 0x0, 0xffffffff, 0x3}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {0xfffffffc, 0x0, 0x0, 0x0, 0x2}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xffffffff}, {0x0, 0x4}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, {0xfffffffd}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {0x0, 0x9}, {}, {}, {}, {}, {}, {}, {0xfffffffe}, {}, {0xd5}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {0x0, 0x0, 0x4}, {0x0, 0x10}, {0x80000000}, {0x8eb9, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, {0x4, 0x0, 0x4, 0x0, 0x7ee}, {}, {}, {}, {0x0, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x1}, {0x9}, {}, {}, {0x7}, {}, {0x3, 0x0, 0x0, 0x0, 0x0, 0x8}, {}, {0x0, 0x0, 0x0, 0x0, 0xffffffff, 0xfffffffb}, {}, {0x0, 0x9, 0xfffffffc, 0x0, 0x0, 0xfffffffd}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {0x0, 0x2}, {}, {}, {}, {}, {0xd5a0}, {}, {}, {}, {}, {}, {0x4, 0xfffffffc}, {0x0, 0x0, 0x0, 0x8}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x2}, {}, {}, {}, {}, {}, {0x10000}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xb}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x3}, {}, {}, {}, {}, {}, {0x0, 0x1}, {0x7}, {0x0, 0x1}, {0x0, 0x1}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {0x0, 0x1}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {0x2}, {0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe98}}, 0x0) 1.82311975s ago: executing program 5 (id=1334): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ee}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000002380)={r0, 0x0, 0x2d, 0x0, @val=@netfilter={0x2, 0x4, 0x600}}, 0x20) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e22}, 0x1c) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000000)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x1, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0) syz_emit_ethernet(0x36, &(0x7f0000000080)={@local, @empty, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2, 0xfffe, 0x0, 0x8000}}}}}}, 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0), 0xffffffffffffffff) unshare(0x24060400) socket(0x1e, 0x4, 0x0) r2 = socket$rds(0x15, 0x5, 0x0) bind$rds(r2, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10) sendmsg$inet(r2, &(0x7f0000000480)={&(0x7f0000000000)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f0000000380)=[{&(0x7f00000001c0)="91cfdf", 0x3}], 0x1}, 0x0) pselect6(0x40, &(0x7f0000000100)={0x0, 0x9, 0x0, 0x80000001, 0x7fb, 0x8, 0x100200}, 0x0, &(0x7f0000000240)={0x1e, 0x3, 0xfffffffffffffffe, 0x0, 0x0, 0xa}, &(0x7f0000000280)={0x0, 0x3938700}, 0x0) 1.645715365s ago: executing program 4 (id=1335): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, 0x0) write$tun(r0, &(0x7f0000000380)=ANY=[@ANYBLOB="1c0000f500000000000000862dfdff000000"], 0x78) 1.620223579s ago: executing program 0 (id=1336): connect$can_j1939(0xffffffffffffffff, 0x0, 0x0) socket$inet6(0xa, 0x2, 0x0) socket$packet(0x11, 0x2, 0x300) r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) tkill(r0, 0xf) wait4(r0, 0x0, 0x2, 0x0) prlimit64(r0, 0xe, 0x0, 0x0) r1 = socket$can_raw(0x1d, 0x3, 0x1) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=0x0) read(r1, &(0x7f00000001c0)=""/170, 0xaa) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r2, 0x1, &(0x7f0000000040)={{0x77359400}, {0x77359400}}, 0x0) 1.39675617s ago: executing program 4 (id=1337): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4) sendmmsg$inet(r0, &(0x7f0000000d00)=[{{0x0, 0x0, &(0x7f0000002c00)=[{&(0x7f0000000440)="b25b", 0x2}, {&(0x7f0000002800)="cf", 0x1}, {&(0x7f0000000380)='\b', 0x1}, {&(0x7f0000002b40)='-', 0x1}], 0x4}}, {{0x0, 0x0, &(0x7f0000002f00)=[{&(0x7f0000001580)="ce", 0x1}, {&(0x7f00000007c0)="f2", 0x1}, {&(0x7f0000002e40)="d4", 0x1}], 0x3}}, {{0x0, 0x0, &(0x7f0000000b40)}}, {{0x0, 0x0, &(0x7f0000000a40)=[{&(0x7f0000000340)='\x00', 0x1}], 0x1}}], 0x4, 0x4000084) setsockopt$sock_int(r0, 0x1, 0x20, &(0x7f0000000000)=0x7fffffff, 0x4) 1.395271728s ago: executing program 5 (id=1338): r0 = syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581", @ANYBLOB="f7", @ANYRESDEC], 0x0) syz_usb_ep_write(r0, 0x81, 0x8, &(0x7f0000000080)="00012c615bc20000") syz_open_dev$char_usb(0xc, 0xb4, 0x0) 1.338467198s ago: executing program 4 (id=1339): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETSETELEM(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB], 0x40}, 0x1, 0x0, 0x0, 0x4000805}, 0x8000) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9) setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(r1, 0x84, 0x23, &(0x7f0000000040)={0x0, 0x43}, 0x8) 1.276009085s ago: executing program 1 (id=1340): sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) ioctl$SOUND_MIXER_WRITE_RECSRC(0xffffffffffffffff, 0xc0044dff, &(0x7f0000000480)=0xffff8001) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000007, 0x13, 0xffffffffffffffff, 0x0) ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f00000000c0)={0xc}) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4) sendmmsg$inet(r0, &(0x7f0000000d00)=[{{0x0, 0x0, &(0x7f0000002c00)=[{&(0x7f0000000440)="b25b", 0x2}, {&(0x7f0000002800)="cf", 0x1}, {&(0x7f0000000380)='\b', 0x1}, {&(0x7f0000000100)="2a1b1a4552a31452d5c73c376f8a", 0xe}, {&(0x7f0000002b40)='-', 0x1}], 0x5}}, {{0x0, 0x0, &(0x7f0000002f00)=[{&(0x7f0000001580)="ce", 0x1}, {&(0x7f00000007c0)="f2", 0x1}, {&(0x7f0000002e40)="d4", 0x1}], 0x3}}, {{0x0, 0x0, &(0x7f0000000b40)}}, {{0x0, 0x0, &(0x7f0000000a40)=[{&(0x7f0000000340)}], 0x1}}], 0x4, 0x4000084) setsockopt$sock_int(r0, 0x1, 0x20, &(0x7f0000000000)=0x7fffffff, 0x4) 1.147966215s ago: executing program 4 (id=1341): socket$inet6_mptcp(0xa, 0x1, 0x106) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000180)=@delpolicy={0x50, 0x14, 0x1, 0xffffffff, 0x25dfdbf9, {{@in=@private=0xa010101, @in6=@loopback, 0x0, 0x80, 0x7, 0x0, 0x2}, 0x20}}, 0x50}}, 0x4004040) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000300000a48000000060a010400000000000000000a0000040900010073797a31000000000900020073797a32000000001c000480180001800d00010073796e70726f7879000000000400028014000000110001"], 0x70}, 0x1, 0x0, 0x0, 0x4000850}, 0x24044010) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x94) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907001175f37538e486dd63"], 0xfdef) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 1.14255621s ago: executing program 1 (id=1342): r0 = gettid() timer_create(0x1, &(0x7f0000000080)={0x0, 0x21, 0x4, @tid=r0}, &(0x7f0000000000)) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='task\x00') fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(0x0, 0x1, &(0x7f0000000040), 0x0) getdents(r1, &(0x7f0000000100)=""/67, 0x43) 874.129023ms ago: executing program 1 (id=1343): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88) setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000940)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000500000002000000e00000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000064010102000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000e000000200"/575], 0x310) 712.310819ms ago: executing program 3 (id=1344): sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{0x0}], 0x1}, 0x0) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0xfdef) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000080)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x5, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x100008}, 0x94) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b1a, &(0x7f0000000000)={'wlan1\x00', @random="0000230c1100"}) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fed007907001175f37538e486dd6317ce2200"], 0xcfa4) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xff00}, 0x48) 613.157028ms ago: executing program 1 (id=1345): syz_emit_ethernet(0x42, &(0x7f0000000080)={@local, @broadcast, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x34, 0xfffe, 0x0, 0x7f, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x8, 0x84, 0xca, 0x0, 0x1000, {[@timestamp={0x8, 0xa, 0x1ff, 0x56}]}}}}}}}, 0x0) 505.487838ms ago: executing program 1 (id=1346): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4) r1 = gettid() timer_create(0x1, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4) sendmmsg$inet(r0, &(0x7f0000000d00)=[{{0x0, 0x0, &(0x7f0000002c00)=[{&(0x7f0000001500)='\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x9}, {&(0x7f0000002800)="cf", 0x1}, {&(0x7f0000000380)="08e0ac8fb1d99df61d7b518d0a62", 0xe}, {&(0x7f0000000180)="8a", 0x1}, {&(0x7f00000005c0)="f5fbfd4f1595317700ff55f1f960ff70fba64053ef1c952b8561071ccfbed96b7227eaaf92a1358afc148a8aafa58b2444561acf9a5114b207019da8518fea9fd189e3616ec0ad37f86f431d6f4f1fbe1b0e3e640ac2b1f7ff33cf28d27c40513b6cee87fbd144c842c5c7b6752ea19efcfca738ac5207318c1bc30db2a727ce9a82303920eb2a3b0aa99902f8423e754843e7d6ceb06048a8d918680c042a42370dc807a398af793f4b1a3107c3771474ba13d826ce5634d33c485f3f97cffc9ea1e026f4327e96d5a40268c75358061e75633ebe43e946f2bad55973c81fff7d4843dd1db36180dd3b5692f98ace6805c67a9e20216aac908b9a6111c6", 0xfe}], 0x5}}, {{0x0, 0x0, &(0x7f0000002f00)=[{&(0x7f0000001580)="ce90bfdb", 0x4}, {&(0x7f00000007c0)="f2e659", 0x3}, {&(0x7f0000002e40)="d4", 0x1}], 0x3}}, {{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000003000)="e1", 0x1}, {&(0x7f00000010c0)="fa", 0x1}, {&(0x7f0000001680)="d8", 0x1}, {&(0x7f0000001600)="f2964dd1", 0x4}, {&(0x7f0000000580)="b8a2f6", 0x3}, {&(0x7f00000002c0)="7940e900e0377757a9edc0d9376c21328ad2f7584fe4c8b712b3e5e08ecff5258151bd9eea7b4ce21f67ab51922ce035987127fda5812df903188e321419610f4beb6cdf6fa073876157c4f1d2054439d8db3f4d937872de928b62741fd60e6b56979ad883f89a02e24a577275bfb498b7a127abd0eb099e704d18d63dad611b45acfc3b8dc5457c8383d7d8621942e8e2ce6e4017dd6e5ed9732e739be6593c3b033524669ce17c3b822a6953eb11a20921220000000000000000", 0xbb}, {&(0x7f0000000280)="87", 0x1}], 0x7}}, {{0x0, 0x0, &(0x7f0000000a40)=[{0x0}, {&(0x7f0000000900)="11e09017", 0x4}], 0x2}}], 0x4, 0x4000000) 477.86378ms ago: executing program 0 (id=1347): sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d8000000180081064e81f782db44b904021d080006067c09e8fe55a10a0015400500142603600e120800060000001001a8001600a40001400300000003", 0x3d}], 0x1}, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000080)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x5, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x100008}, 0x94) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fed007907001175f37538e486dd6317ce2200"], 0xcfa4) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xff00}, 0x48) 306.37209ms ago: executing program 1 (id=1348): ioprio_set$uid(0x3, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, 0x0) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=0x0) fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000080)={[0x2]}, 0x8, 0x80000) readv(r1, &(0x7f00000001c0)=[{&(0x7f0000000140)=""/128, 0x80}], 0x1) 202.039139ms ago: executing program 3 (id=1349): setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000300)={@in={{0x2, 0x4e22, @loopback}}, 0x0, 0x0, 0x3b, 0x0, "bb02a3c364ca41d6357e54452401400400941292f4925a1e1ea6324d6193fcf19b49f3eefb1f56c54dc46d8b6d2ccd118aa0cc1dc2767bbe000100060000010100"}, 0xd8) r0 = socket$kcm(0x23, 0x5, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f0000000240)=0x9, 0x4) listen(r0, 0x800) accept4(r0, 0x0, 0x0, 0x80000) r2 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r1, &(0x7f0000000380)=ANY=[@ANYBLOB="1c0000f500000000000000862dfdff0000"], 0x78) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x4e20, 0x7, @remote, 0xb}, 0x1c) 180.344198ms ago: executing program 4 (id=1350): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000080)={0x54, r1, 0x1, 0x70bd25, 0x25dfdbff, {}, [@WGDEVICE_A_LISTEN_PORT={0x6, 0x6, 0x4e23}, @WGDEVICE_A_PRIVATE_KEY={0x24, 0x3, @a}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg2\x00'}]}, 0x54}, 0x1, 0x0, 0x0, 0x40060040}, 0x880) 0s ago: executing program 3 (id=1351): sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000080)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="180000000200000000"], 0x0, 0x5, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x100008}, 0x94) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b1a, &(0x7f0000000000)={'wlan1\x00', @random="0000230c1100"}) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fed007907001175f37538e486dd6317ce2200"], 0xcfa4) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xff00}, 0x48) kernel console output (not intermixed with test programs): =0, SerialNumber=0 [ 110.564449][ T5716] usb 2-1: USB disconnect, device number 3 [ 110.879363][ T9] usb 3-1: USB disconnect, device number 3 [ 110.956085][ T6027] loop2: detected capacity change from 0 to 7 [ 111.076063][ T6030] tipc: Started in network mode [ 111.076094][ T6030] tipc: Node identity 6e08a007d003, cluster identity 4711 [ 111.150607][ T6027] Dev loop2: unable to read RDB block 7 [ 111.150650][ T6027] loop2: AHDI p1 p2 p3 [ 111.150679][ T6027] loop2: partition table partially beyond EOD, truncated [ 111.155244][ T6030] tipc: Enabled bearer , priority 0 [ 111.180177][ T6027] loop2: p1 start 1601398130 is beyond EOD, truncated [ 111.180206][ T6027] loop2: p2 start 1702059890 is beyond EOD, truncated [ 111.348228][ T6028] tipc: Disabling bearer [ 111.683031][ T6045] loop2: detected capacity change from 0 to 7 [ 111.698206][ T6045] Dev loop2: unable to read RDB block 7 [ 111.698254][ T6045] loop2: unable to read partition table [ 111.698380][ T6041] binder: 6040:6041 ioctl 4008f50a 0 returned -22 [ 111.698459][ T6045] loop2: partition table beyond EOD, truncated [ 111.698490][ T6045] loop_reread_partitions: partition scan of loop2 (被x ) failed (rc=-5) [ 112.355428][ T6062] netlink: 4 bytes leftover after parsing attributes in process `syz.3.87'. [ 112.359487][ T6062] netlink: 4 bytes leftover after parsing attributes in process `syz.3.87'. [ 112.551759][ T5843] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 112.702981][ T5843] usb 2-1: Using ep0 maxpacket: 16 [ 112.705656][ T5843] usb 2-1: config index 0 descriptor too short (expected 16456, got 72) [ 112.705682][ T5843] usb 2-1: config 0 has an invalid interface number: 125 but max is 1 [ 112.705701][ T5843] usb 2-1: config 0 has an invalid interface number: 125 but max is 1 [ 112.705718][ T5843] usb 2-1: config 0 has an invalid descriptor of length 160, skipping remainder of the config [ 112.705735][ T5843] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 112.705747][ T5843] usb 2-1: config 0 has no interface number 0 [ 112.705772][ T5843] usb 2-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64 [ 112.705785][ T5843] usb 2-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0 [ 112.705796][ T5843] usb 2-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0 [ 112.705868][ T5843] usb 2-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 112.706232][ T5843] usb 2-1: config 0 interface 125 has no altsetting 0 [ 112.709967][ T5843] usb 2-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27 [ 112.709994][ T5843] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 112.710004][ T5843] usb 2-1: Product: syz [ 112.710011][ T5843] usb 2-1: Manufacturer: syz [ 112.710018][ T5843] usb 2-1: SerialNumber: syz [ 113.394320][ T5608] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 113.426505][ T5608] Bluetooth: hci3: Injecting HCI hardware error event [ 113.428250][ T5610] Bluetooth: hci3: hardware error 0x00 [ 113.517009][ T6069] IPv6: syztnl0: Disabled Multicast RS [ 113.604574][ T5843] usb 2-1: config 0 descriptor?? [ 113.883005][ T6080] binder: 6077:6080 ioctl c0306201 200000000080 returned -14 [ 113.891104][ T10] usb 2-1: USB disconnect, device number 4 [ 113.901885][ T6080] binder: 6077:6080 ioctl c0306201 2000000003c0 returned -14 [ 113.956357][ T5608] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201' [ 113.956400][ T5608] CPU: 0 UID: 0 PID: 5608 Comm: kworker/u9:3 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 113.956425][ T5608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 113.956438][ T5608] Workqueue: hci4 hci_rx_work [ 113.956485][ T5608] Call Trace: [ 113.956493][ T5608] [ 113.956502][ T5608] dump_stack_lvl+0xe8/0x150 [ 113.956529][ T5608] sysfs_create_dir_ns+0x271/0x2a0 [ 113.956654][ T5608] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 113.956691][ T5608] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 113.956725][ T5608] ? rt_spin_unlock+0x160/0x200 [ 113.956752][ T5608] kobject_add_internal+0x631/0xd10 [ 113.956782][ T5608] kobject_add+0x163/0x240 [ 113.956819][ T5608] ? __pfx_kobject_add+0x10/0x10 [ 113.956846][ T5608] ? get_device_parent+0x370/0x3a0 [ 113.956871][ T5608] device_add+0x408/0xbb0 [ 113.956896][ T5608] hci_conn_add_sysfs+0xd5/0x210 [ 113.956930][ T5608] le_conn_complete_evt+0x10e6/0x16b0 [ 113.956967][ T5608] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 113.956993][ T5608] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 113.957024][ T5608] ? lockdep_hardirqs_on+0x7a/0x110 [ 113.957054][ T5608] ? skb_pull_data+0xfb/0x200 [ 113.957086][ T5608] hci_le_conn_complete_evt+0x187/0x470 [ 113.957118][ T5608] hci_event_packet+0x659/0xef0 [ 113.957155][ T5608] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 113.957178][ T5608] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 113.957198][ T5608] ? __pfx_hci_event_packet+0x10/0x10 [ 113.957228][ T5608] ? rt_spin_unlock+0x14f/0x200 [ 113.957263][ T5608] ? hci_send_to_monitor+0xe2/0x590 [ 113.957290][ T5608] hci_rx_work+0x3ee/0x1040 [ 113.957316][ T5608] ? process_scheduled_works+0xa70/0x1860 [ 113.957341][ T5608] process_scheduled_works+0xb5d/0x1860 [ 113.957390][ T5608] ? __pfx_process_scheduled_works+0x10/0x10 [ 113.957418][ T5608] ? assign_work+0x3d5/0x5e0 [ 113.957445][ T5608] worker_thread+0xa53/0xfc0 [ 113.957492][ T5608] kthread+0x388/0x470 [ 113.957520][ T5608] ? __pfx_worker_thread+0x10/0x10 [ 113.957541][ T5608] ? __pfx_kthread+0x10/0x10 [ 113.957568][ T5608] ret_from_fork+0x514/0xb70 [ 113.957594][ T5608] ? __pfx_ret_from_fork+0x10/0x10 [ 113.957616][ T5608] ? __switch_to+0xc79/0x1410 [ 113.957651][ T5608] ? __pfx_kthread+0x10/0x10 [ 113.957677][ T5608] ret_from_fork_asm+0x1a/0x30 [ 113.957718][ T5608] [ 113.957752][ T5608] kobject: kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 113.957793][ T5608] Bluetooth: hci4: failed to register connection device [ 114.701014][ T59] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201' [ 114.701040][ T59] CPU: 0 UID: 0 PID: 59 Comm: kworker/u9:0 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 114.701066][ T59] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 114.701080][ T59] Workqueue: hci1 hci_rx_work [ 114.701104][ T59] Call Trace: [ 114.701112][ T59] [ 114.701121][ T59] dump_stack_lvl+0xe8/0x150 [ 114.701149][ T59] sysfs_create_dir_ns+0x271/0x2a0 [ 114.701180][ T59] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 114.701208][ T59] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 114.701242][ T59] ? rt_spin_unlock+0x160/0x200 [ 114.701270][ T59] kobject_add_internal+0x631/0xd10 [ 114.701303][ T59] kobject_add+0x163/0x240 [ 114.701331][ T59] ? __pfx_kobject_add+0x10/0x10 [ 114.701360][ T59] ? get_device_parent+0x370/0x3a0 [ 114.701385][ T59] device_add+0x408/0xbb0 [ 114.701411][ T59] hci_conn_add_sysfs+0xd5/0x210 [ 114.701445][ T59] le_conn_complete_evt+0x10e6/0x16b0 [ 114.701479][ T59] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 114.701502][ T59] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 114.701534][ T59] ? lockdep_hardirqs_on+0x7a/0x110 [ 114.701563][ T59] ? skb_pull_data+0xfb/0x200 [ 114.701592][ T59] hci_le_conn_complete_evt+0x187/0x470 [ 114.701622][ T59] hci_event_packet+0x659/0xef0 [ 114.701667][ T59] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 114.701691][ T59] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 114.701712][ T59] ? __pfx_hci_event_packet+0x10/0x10 [ 114.701742][ T59] ? rt_spin_unlock+0x14f/0x200 [ 114.701776][ T59] ? hci_send_to_monitor+0xe2/0x590 [ 114.701806][ T59] hci_rx_work+0x3ee/0x1040 [ 114.701834][ T59] ? process_scheduled_works+0xa70/0x1860 [ 114.701858][ T59] process_scheduled_works+0xb5d/0x1860 [ 114.701913][ T59] ? __pfx_process_scheduled_works+0x10/0x10 [ 114.701942][ T59] ? assign_work+0x3d5/0x5e0 [ 114.701969][ T59] worker_thread+0xa53/0xfc0 [ 114.702021][ T59] kthread+0x388/0x470 [ 114.702048][ T59] ? __pfx_worker_thread+0x10/0x10 [ 114.702068][ T59] ? __pfx_kthread+0x10/0x10 [ 114.702096][ T59] ret_from_fork+0x514/0xb70 [ 114.702122][ T59] ? __pfx_ret_from_fork+0x10/0x10 [ 114.702145][ T59] ? __switch_to+0xc79/0x1410 [ 114.702178][ T59] ? __pfx_kthread+0x10/0x10 [ 114.702206][ T59] ret_from_fork_asm+0x1a/0x30 [ 114.702249][ T59] [ 114.703821][ T59] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 114.703864][ T59] Bluetooth: hci1: failed to register connection device [ 114.970096][ T6102] overlayfs: overlapping lowerdir path [ 115.278554][ T6105] netlink: 4 bytes leftover after parsing attributes in process `syz.4.105'. [ 115.280560][ T6105] netlink: 4 bytes leftover after parsing attributes in process `syz.4.105'. [ 115.629759][ T36] audit: type=1326 audit(1777243866.800:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6119 comm="syz.0.110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa72e97cdd9 code=0x7ffc0000 [ 115.629806][ T36] audit: type=1326 audit(1777243866.800:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6119 comm="syz.0.110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa72e97cdd9 code=0x7ffc0000 [ 115.693437][ T36] audit: type=1326 audit(1777243866.810:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6119 comm="syz.0.110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa72e97cdd9 code=0x7ffc0000 [ 115.698415][ T36] audit: type=1326 audit(1777243866.870:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6119 comm="syz.0.110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa72e97cdd9 code=0x7ffc0000 [ 115.698461][ T36] audit: type=1326 audit(1777243866.870:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6119 comm="syz.0.110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa72e97cdd9 code=0x7ffc0000 [ 115.698498][ T36] audit: type=1326 audit(1777243866.870:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6119 comm="syz.0.110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa72e97cdd9 code=0x7ffc0000 [ 115.698534][ T36] audit: type=1326 audit(1777243866.870:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6119 comm="syz.0.110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fa72e97cdd9 code=0x7ffc0000 [ 115.698576][ T36] audit: type=1326 audit(1777243866.870:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6119 comm="syz.0.110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa72e97cdd9 code=0x7ffc0000 [ 115.698613][ T36] audit: type=1326 audit(1777243866.870:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6119 comm="syz.0.110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa72e97cdd9 code=0x7ffc0000 [ 115.703177][ T36] audit: type=1326 audit(1777243866.870:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6119 comm="syz.0.110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa72e97cdd9 code=0x7ffc0000 [ 115.882501][ T5610] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 116.558117][ T6137] Zero length message leads to an empty skb [ 116.831693][ T9] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 116.981685][ T9] usb 4-1: Using ep0 maxpacket: 16 [ 116.984111][ T9] usb 4-1: config index 0 descriptor too short (expected 16456, got 72) [ 116.984138][ T9] usb 4-1: config 0 has an invalid interface number: 125 but max is 1 [ 116.984158][ T9] usb 4-1: config 0 has an invalid interface number: 125 but max is 1 [ 116.984175][ T9] usb 4-1: config 0 has an invalid descriptor of length 160, skipping remainder of the config [ 116.984201][ T9] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 116.984220][ T9] usb 4-1: config 0 has no interface number 0 [ 116.984263][ T9] usb 4-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64 [ 116.984289][ T9] usb 4-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0 [ 116.984310][ T9] usb 4-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0 [ 116.984343][ T9] usb 4-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 116.984369][ T9] usb 4-1: config 0 interface 125 has no altsetting 0 [ 116.988311][ T9] usb 4-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27 [ 116.988340][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 116.988359][ T9] usb 4-1: Product: syz [ 116.988373][ T9] usb 4-1: Manufacturer: syz [ 116.988386][ T9] usb 4-1: SerialNumber: syz [ 117.025342][ T9] usb 4-1: config 0 descriptor?? [ 117.330283][ T5716] usb 4-1: USB disconnect, device number 2 [ 119.469394][ T6176] serio: Serial port ttyprintk [ 119.523346][ T6192] netlink: 8 bytes leftover after parsing attributes in process `syz.4.132'. [ 120.206855][ T5610] Bluetooth: hci4: command 0x0406 tx timeout [ 120.534445][ T59] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201' [ 120.534482][ T59] CPU: 0 UID: 0 PID: 59 Comm: kworker/u9:0 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 120.534506][ T59] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 120.534519][ T59] Workqueue: hci2 hci_rx_work [ 120.534558][ T59] Call Trace: [ 120.534565][ T59] [ 120.534574][ T59] dump_stack_lvl+0xe8/0x150 [ 120.534601][ T59] sysfs_create_dir_ns+0x271/0x2a0 [ 120.534636][ T59] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 120.534665][ T59] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 120.534697][ T59] ? rt_spin_unlock+0x160/0x200 [ 120.534725][ T59] kobject_add_internal+0x631/0xd10 [ 120.534758][ T59] kobject_add+0x163/0x240 [ 120.534786][ T59] ? __pfx_kobject_add+0x10/0x10 [ 120.534816][ T59] ? get_device_parent+0x370/0x3a0 [ 120.534843][ T59] device_add+0x408/0xbb0 [ 120.534867][ T59] hci_conn_add_sysfs+0xd5/0x210 [ 120.534901][ T59] le_conn_complete_evt+0x10e6/0x16b0 [ 120.534936][ T59] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 120.534960][ T59] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 120.534989][ T59] ? lockdep_hardirqs_on+0x7a/0x110 [ 120.535023][ T59] ? skb_pull_data+0xfb/0x200 [ 120.535054][ T59] hci_le_conn_complete_evt+0x187/0x470 [ 120.535094][ T59] hci_event_packet+0x659/0xef0 [ 120.535132][ T59] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 120.535157][ T59] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 120.535179][ T59] ? __pfx_hci_event_packet+0x10/0x10 [ 120.535210][ T59] ? rt_spin_unlock+0x14f/0x200 [ 120.535245][ T59] ? hci_send_to_monitor+0xe2/0x590 [ 120.535275][ T59] hci_rx_work+0x3ee/0x1040 [ 120.535301][ T59] ? process_scheduled_works+0xa70/0x1860 [ 120.535323][ T59] process_scheduled_works+0xb5d/0x1860 [ 120.535375][ T59] ? __pfx_process_scheduled_works+0x10/0x10 [ 120.535402][ T59] ? assign_work+0x3d5/0x5e0 [ 120.535429][ T59] worker_thread+0xa53/0xfc0 [ 120.535482][ T59] kthread+0x388/0x470 [ 120.535510][ T59] ? __pfx_worker_thread+0x10/0x10 [ 120.535530][ T59] ? __pfx_kthread+0x10/0x10 [ 120.535559][ T59] ret_from_fork+0x514/0xb70 [ 120.535585][ T59] ? __pfx_ret_from_fork+0x10/0x10 [ 120.535608][ T59] ? __switch_to+0xc79/0x1410 [ 120.535641][ T59] ? __pfx_kthread+0x10/0x10 [ 120.535669][ T59] ret_from_fork_asm+0x1a/0x30 [ 120.535713][ T59] [ 120.535848][ T59] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 120.535887][ T59] Bluetooth: hci2: failed to register connection device [ 120.841962][ T59] Bluetooth: hci1: command 0x0406 tx timeout [ 120.988584][ T6225] netlink: 8 bytes leftover after parsing attributes in process `syz.4.145'. [ 121.017655][ T6228] overlayfs: failed to resolve './file1/file0': -2 [ 121.158538][ T36] kauditd_printk_skb: 67 callbacks suppressed [ 121.158555][ T36] audit: type=1804 audit(1777243872.250:79): pid=6229 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.3.144" name="/newroot/34/file0" dev="tmpfs" ino=206 res=1 errno=0 [ 121.644366][ T5608] Bluetooth: hci4: Ignoring HCI_Connection_Complete for existing connection [ 122.283586][ T6267] loop2: detected capacity change from 0 to 7 [ 122.304891][ T6267] Dev loop2: unable to read RDB block 7 [ 122.304928][ T6267] loop2: AHDI p1 p2 p3 [ 122.304958][ T6267] loop2: partition table partially beyond EOD, truncated [ 122.305792][ T6267] loop2: p1 start 1601398130 is beyond EOD, truncated [ 122.305812][ T6267] loop2: p2 start 1702059890 is beyond EOD, truncated [ 123.257025][ T6292] tipc: Enabled bearer , priority 0 [ 123.355086][ T6285] tipc: Disabling bearer [ 124.071770][ T6308] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 124.797275][ T36] audit: type=1804 audit(1777243875.960:80): pid=6333 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.3.183" name="/newroot/44/file0" dev="tmpfs" ino=267 res=1 errno=0 [ 125.157487][ T59] Bluetooth: hci4: Ignoring HCI_Connection_Complete for existing connection [ 126.704037][ T6357] IPv6: syztnl0: Disabled Multicast RS [ 127.102866][ T6371] netlink: 8 bytes leftover after parsing attributes in process `syz.1.197'. [ 127.102900][ T6371] netlink: 20 bytes leftover after parsing attributes in process `syz.1.197'. [ 127.180437][ T1421] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 127.180559][ T6371] netlink: 8 bytes leftover after parsing attributes in process `syz.1.197'. [ 127.180585][ T6371] netlink: 20 bytes leftover after parsing attributes in process `syz.1.197'. [ 127.222943][ T1421] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 127.223354][ T1421] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 127.223390][ T1421] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 127.392421][ T5608] Bluetooth: hci2: unexpected subevent 0x01 length: 2 < 18 [ 127.492865][ T6381] overlayfs: failed to resolve './file1': -2 [ 129.111263][ T6408] IPv6: syztnl0: Disabled Multicast RS [ 129.662311][ T6407] syz.4.206: vmalloc error: size 17179873280, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 129.662623][ T6407] CPU: 1 UID: 0 PID: 6407 Comm: syz.4.206 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 129.662648][ T6407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 129.662660][ T6407] Call Trace: [ 129.662668][ T6407] [ 129.662676][ T6407] dump_stack_lvl+0xe8/0x150 [ 129.662705][ T6407] warn_alloc+0x263/0x3e0 [ 129.662739][ T6407] ? __pfx_warn_alloc+0x10/0x10 [ 129.662762][ T6407] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 129.662803][ T6407] ? kasan_save_track+0x4f/0x80 [ 129.662825][ T6407] ? kasan_save_track+0x3e/0x80 [ 129.662843][ T6407] ? __kasan_kmalloc+0x93/0xb0 [ 129.662871][ T6407] ? xskq_create+0x56/0x170 [ 129.662897][ T6407] ? xsk_init_queue+0x8a/0xe0 [ 129.662921][ T6407] ? xsk_setsockopt+0x603/0x990 [ 129.662945][ T6407] ? do_sock_setsockopt+0x17c/0x1b0 [ 129.662971][ T6407] __vmalloc_node_range_noprof+0x132/0x1750 [ 129.663026][ T6407] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 129.663057][ T6407] ? __kasan_kmalloc+0x93/0xb0 [ 129.663084][ T6407] vmalloc_user_noprof+0xad/0xe0 [ 129.663106][ T6407] ? xskq_create+0xbf/0x170 [ 129.663134][ T6407] xskq_create+0xbf/0x170 [ 129.663163][ T6407] xsk_init_queue+0x8a/0xe0 [ 129.663192][ T6407] xsk_setsockopt+0x603/0x990 [ 129.663220][ T6407] ? __pfx_xsk_setsockopt+0x10/0x10 [ 129.663251][ T6407] ? __fget_files+0x2a/0x420 [ 129.663283][ T6407] ? __fget_files+0x2a/0x420 [ 129.663311][ T6407] ? bpf_lsm_socket_setsockopt+0x9/0x20 [ 129.663331][ T6407] ? __pfx_xsk_setsockopt+0x10/0x10 [ 129.663359][ T6407] do_sock_setsockopt+0x17c/0x1b0 [ 129.663385][ T6407] __x64_sys_setsockopt+0x143/0x1b0 [ 129.663409][ T6407] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 129.663431][ T6407] do_syscall_64+0x15f/0xf80 [ 129.663449][ T6407] ? trace_irq_disable+0x3b/0x140 [ 129.663472][ T6407] ? clear_bhb_loop+0x40/0x90 [ 129.663497][ T6407] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 129.663517][ T6407] RIP: 0033:0x7f36f0a8cdd9 [ 129.663540][ T6407] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 129.663557][ T6407] RSP: 002b:00007f36eecde028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 129.663577][ T6407] RAX: ffffffffffffffda RBX: 00007f36f0d05fa0 RCX: 00007f36f0a8cdd9 [ 129.663593][ T6407] RDX: 0000000000000003 RSI: 000000000000011b RDI: 0000000000000003 [ 129.663605][ T6407] RBP: 00007f36f0b22d69 R08: 0000000000000004 R09: 0000000000000000 [ 129.663618][ T6407] R10: 00002000000001c0 R11: 0000000000000246 R12: 0000000000000000 [ 129.663631][ T6407] R13: 00007f36f0d06038 R14: 00007f36f0d05fa0 R15: 00007ffcf4c84d68 [ 129.663663][ T6407] [ 129.769486][ T6407] Mem-Info: [ 129.769501][ T6407] active_anon:206 inactive_anon:6093 isolated_anon:0 [ 129.769501][ T6407] active_file:5274 inactive_file:38080 isolated_file:0 [ 129.769501][ T6407] unevictable:768 dirty:365 writeback:0 [ 129.769501][ T6407] slab_reclaimable:11716 slab_unreclaimable:103633 [ 129.769501][ T6407] mapped:29739 shmem:1312 pagetables:1281 [ 129.769501][ T6407] sec_pagetables:3 bounce:0 [ 129.769501][ T6407] kernel_misc_reclaimable:0 [ 129.769501][ T6407] free:1327164 free_pcp:6722 free_cma:0 [ 129.769561][ T6407] Node 0 active_anon:824kB inactive_anon:24372kB active_file:20904kB inactive_file:152320kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:118956kB dirty:1456kB writeback:0kB shmem:3712kB kernel_stack:12992kB pagetables:4988kB sec_pagetables:12kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB [ 129.769612][ T6407] Node 1 active_anon:0kB inactive_anon:0kB active_file:192kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB kernel_stack:32kB pagetables:136kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB [ 129.769664][ T6407] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 129.769719][ T6407] lowmem_reserve[]: 0 2506 2506 2506 2506 [ 129.769751][ T6407] Node 0 DMA32 free:1364864kB boost:0kB min:3928kB low:6464kB high:9000kB reserved_highatomic:0KB free_highatomic:0KB active_anon:824kB inactive_anon:24372kB active_file:20904kB inactive_file:152320kB unevictable:1536kB writepending:1456kB zspages:0kB present:3129332kB managed:2566640kB mlocked:0kB bounce:0kB free_pcp:26888kB local_pcp:24980kB free_cma:0kB [ 129.769813][ T6407] lowmem_reserve[]: 0 0 0 0 0 [ 129.769843][ T6407] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:216kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 129.769898][ T6407] lowmem_reserve[]: 0 0 0 0 0 [ 129.769929][ T6407] Node 1 Normal free:3928432kB boost:0kB min:6368kB low:10476kB high:14584kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:192kB inactive_file:0kB unevictable:1536kB writepending:4kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 129.769986][ T6407] lowmem_reserve[]: 0 0 0 0 0 [ 129.770016][ T6407] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 129.770516][ T6407] Node 0 DMA32: 509*4kB (UME) 1172*8kB (UE) 582*16kB (UME) 276*32kB (UME) 50*64kB (UME) 29*128kB (UME) 19*256kB (UM) 7*512kB (UM) 3*1024kB (ME) 3*2048kB (M) 320*4096kB (M) = 1364852kB [ 129.770665][ T6407] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 129.770758][ T6407] Node 1 Normal: 0*4kB 4*8kB (UM) 5*16kB (UM) 8*32kB (UM) 8*64kB (UM) 2*128kB (UM) 3*256kB (UM) 3*512kB (UM) 1*1024kB (M) 0*2048kB 958*4096kB (M) = 3928432kB [ 129.770890][ T6407] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 129.770906][ T6407] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 129.832985][ T6407] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 129.833009][ T6407] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 129.833025][ T6407] 44662 total pagecache pages [ 129.833047][ T6407] 0 pages in swap cache [ 129.833053][ T6407] Free swap = 124996kB [ 129.833058][ T6407] Total swap = 124996kB [ 129.833068][ T6407] 2097051 pages RAM [ 129.833074][ T6407] 0 pages HighMem/MovableOnly [ 129.833081][ T6407] 423722 pages reserved [ 129.833094][ T6407] 0 pages cma reserved [ 129.886605][ T6413] netlink: 'syz.2.209': attribute type 16 has an invalid length. [ 129.886624][ T6413] netlink: 8 bytes leftover after parsing attributes in process `syz.2.209'. [ 130.496329][ T5608] Bluetooth: hci4: unexpected subevent 0x01 length: 2 < 18 [ 130.526108][ T6423] overlayfs: missing 'lowerdir' [ 131.196599][ T6444] : renamed from team_slave_1 (while UP) [ 131.389560][ T36] audit: type=1804 audit(1777243882.560:81): pid=6445 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.2.217" name="/newroot/37/file0" dev="tmpfs" ino=228 res=1 errno=0 [ 131.864429][ T6459] netlink: 'syz.2.222': attribute type 16 has an invalid length. [ 131.864464][ T6459] netlink: 8 bytes leftover after parsing attributes in process `syz.2.222'. [ 132.255460][ T6475] syz.1.228 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 132.864842][ T1335] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.864940][ T1335] ieee802154 phy1 wpan1: encryption failed: -22 [ 136.482158][ T6534] loop2: detected capacity change from 0 to 7 [ 136.596324][ T6534] Dev loop2: unable to read RDB block 7 [ 136.596357][ T6534] loop2: AHDI p1 p2 p3 [ 136.596615][ T6534] loop2: partition table partially beyond EOD, truncated [ 136.596872][ T6534] loop2: p1 start 1601398130 is beyond EOD, truncated [ 136.596891][ T6534] loop2: p2 start 1702059890 is beyond EOD, truncated [ 137.222856][ T48] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 137.372272][ T48] usb 4-1: Using ep0 maxpacket: 16 [ 137.379747][ T48] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 137.413458][ T48] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 137.413487][ T48] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 137.413505][ T48] usb 4-1: Product: syz [ 137.413519][ T48] usb 4-1: Manufacturer: syz [ 137.413531][ T48] usb 4-1: SerialNumber: syz [ 137.510226][ T48] usb 4-1: config 0 descriptor?? [ 137.529706][ T48] em28xx 4-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 137.529740][ T48] em28xx 4-1:0.0: DVB interface 0 found: bulk [ 138.126663][ T48] em28xx 4-1:0.0: unknown em28xx chip ID (0) [ 139.527230][ T5608] Bluetooth: hci1: unexpected event for opcode 0x1003 [ 139.584704][ T48] em28xx 4-1:0.0: failed to get i2c transfer status from bridge register (error=-5) [ 139.584734][ T48] em28xx 4-1:0.0: board has no eeprom [ 139.698447][ T6593] fuse: Bad value for 'user_id' [ 139.698466][ T6593] fuse: Bad value for 'user_id' [ 139.711785][ T48] em28xx 4-1:0.0: Identified as PCTV tripleStick (292e) (card=94) [ 139.711822][ T48] em28xx 4-1:0.0: dvb set to bulk mode. [ 139.719059][ T5606] em28xx 4-1:0.0: Binding DVB extension [ 139.788885][ T48] usb 4-1: USB disconnect, device number 3 [ 139.801392][ T48] em28xx 4-1:0.0: Disconnecting em28xx [ 139.848449][ T5606] em28xx 4-1:0.0: Registering input extension [ 139.860460][ T48] em28xx 4-1:0.0: Closing input extension [ 140.236332][ T48] em28xx 4-1:0.0: Freeing device [ 140.646045][ T5608] Bluetooth: hci1: unexpected event for opcode 0x1003 [ 142.602026][ T6638] fuse: Bad value for 'fd' [ 143.572393][ T5608] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 143.572665][ T5608] Bluetooth: hci1: Injecting HCI hardware error event [ 143.574746][ T59] Bluetooth: hci1: hardware error 0x00 [ 145.045448][ T6673] overlayfs: workdir and upperdir must reside under the same mount [ 145.230404][ T6678] : renamed from team_slave_1 (while UP) [ 146.367917][ T6682] fuse: Bad value for 'fd' [ 148.283230][ T59] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 148.338744][ T1054] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 148.715597][ T5608] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 148.779943][ T5608] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 148.799626][ T5608] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 148.826258][ T5608] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 148.840192][ T5608] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 149.204845][ T6732] overlayfs: failed to set uuid (71/file1, err=-1); falling back to uuid=null. [ 149.204908][ T6732] overlayfs: failed to verify upper root origin [ 149.326605][ T6737] fuse: Bad value for 'fd' [ 149.614400][ T1054] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 150.186665][ T1054] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 150.786593][ T1054] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 150.992490][ T6772] overlayfs: overlapping lowerdir path [ 151.005023][ T59] Bluetooth: hci4: command tx timeout [ 151.042731][ T6777] overlayfs: failed to resolve './file0': -2 [ 151.498089][ T36] audit: type=1804 audit(1777243902.670:82): pid=6784 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.4.334" name="/newroot/79/file0" dev="tmpfs" ino=446 res=1 errno=0 [ 151.951239][ T6781] input: syz1 as /devices/virtual/input/input6 [ 152.048024][ T36] audit: type=1326 audit(1777243903.190:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6789 comm="syz.1.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f463812cdd9 code=0x7ffc0000 [ 152.048170][ T36] audit: type=1326 audit(1777243903.220:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6789 comm="syz.1.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f463812cdd9 code=0x7ffc0000 [ 152.049228][ T36] audit: type=1326 audit(1777243903.220:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6789 comm="syz.1.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f463812cdd9 code=0x7ffc0000 [ 152.049441][ T36] audit: type=1326 audit(1777243903.220:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6789 comm="syz.1.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f463812cdd9 code=0x7ffc0000 [ 152.049834][ T36] audit: type=1326 audit(1777243903.220:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6789 comm="syz.1.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f463812cdd9 code=0x7ffc0000 [ 152.049960][ T36] audit: type=1326 audit(1777243903.220:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6789 comm="syz.1.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f463812cdd9 code=0x7ffc0000 [ 152.053339][ T36] audit: type=1326 audit(1777243903.230:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6789 comm="syz.1.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f463812cdd9 code=0x7ffc0000 [ 152.055471][ T36] audit: type=1326 audit(1777243903.230:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6789 comm="syz.1.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f463812cdd9 code=0x7ffc0000 [ 152.061019][ T36] audit: type=1326 audit(1777243903.230:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6789 comm="syz.1.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f463812cdd9 code=0x7ffc0000 [ 152.389129][ T6798] overlayfs: missing 'lowerdir' [ 152.500070][ T6802] binder: 6799:6802 ioctl c0306201 200000000080 returned -14 [ 152.512738][ T6802] binder: 6799:6802 ioctl c0306201 2000000003c0 returned -14 [ 153.059425][ T6813] overlayfs: failed to resolve './file0': -2 [ 153.081662][ T59] Bluetooth: hci4: command tx timeout [ 154.096385][ T6829] netlink: 'syz.0.347': attribute type 4 has an invalid length. [ 154.402426][ T1054] bridge_slave_1: left allmulticast mode [ 154.402593][ T1054] bridge_slave_1: left promiscuous mode [ 154.411423][ T1054] bridge0: port 2(bridge_slave_1) entered disabled state [ 154.517336][ T1054] bridge_slave_0: left allmulticast mode [ 154.517441][ T1054] bridge_slave_0: left promiscuous mode [ 154.517657][ T1054] bridge0: port 1(bridge_slave_0) entered disabled state [ 155.165611][ T59] Bluetooth: hci4: command tx timeout [ 155.452381][ T1054] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 155.514123][ T1054] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 155.561827][ T1054] bond0 (unregistering): Released all slaves [ 155.724928][ T5261] 8021q: adding VLAN 0 to HW filter on device eth1 [ 156.051235][ T6854] overlayfs: failed to resolve './file0': -2 [ 156.730942][ T36] kauditd_printk_skb: 201 callbacks suppressed [ 156.730959][ T36] audit: type=1326 audit(1777243907.900:293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6876 comm="syz.4.358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36f0a8cdd9 code=0x7ffc0000 [ 156.774681][ T36] audit: type=1326 audit(1777243907.900:294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6876 comm="syz.4.358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36f0a8cdd9 code=0x7ffc0000 [ 156.774730][ T36] audit: type=1326 audit(1777243907.950:295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6876 comm="syz.4.358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36f0a8cdd9 code=0x7ffc0000 [ 156.774768][ T36] audit: type=1326 audit(1777243907.950:296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6876 comm="syz.4.358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f36f0a8cdd9 code=0x7ffc0000 [ 156.774804][ T36] audit: type=1326 audit(1777243907.950:297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6876 comm="syz.4.358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36f0a8cdd9 code=0x7ffc0000 [ 156.774840][ T36] audit: type=1326 audit(1777243907.950:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6876 comm="syz.4.358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36f0a8cdd9 code=0x7ffc0000 [ 156.776617][ T36] audit: type=1326 audit(1777243907.950:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6876 comm="syz.4.358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36f0a8cdd9 code=0x7ffc0000 [ 156.776660][ T36] audit: type=1326 audit(1777243907.950:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6876 comm="syz.4.358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36f0a8cdd9 code=0x7ffc0000 [ 156.776710][ T36] audit: type=1326 audit(1777243907.950:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6876 comm="syz.4.358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36f0a8cdd9 code=0x7ffc0000 [ 156.776746][ T36] audit: type=1326 audit(1777243907.950:302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6876 comm="syz.4.358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f36f0a8cdd9 code=0x7ffc0000 [ 156.807943][ T6881] netlink: 'syz.1.362': attribute type 4 has an invalid length. [ 157.253571][ T59] Bluetooth: hci4: command tx timeout [ 157.763146][ T5261] 8021q: adding VLAN 0 to HW filter on device eth2 [ 157.767033][ T6722] bridge0: port 1(bridge_slave_0) entered blocking state [ 157.767149][ T6722] bridge0: port 1(bridge_slave_0) entered disabled state [ 157.767488][ T6722] bridge_slave_0: entered allmulticast mode [ 157.777795][ T6722] bridge_slave_0: entered promiscuous mode [ 157.795617][ T6722] bridge0: port 2(bridge_slave_1) entered blocking state [ 157.796496][ T6722] bridge0: port 2(bridge_slave_1) entered disabled state [ 157.796709][ T6722] bridge_slave_1: entered allmulticast mode [ 157.813725][ T6722] bridge_slave_1: entered promiscuous mode [ 158.051883][ T6911] netlink: 8 bytes leftover after parsing attributes in process `syz.1.368'. [ 158.051918][ T6911] netlink: 8 bytes leftover after parsing attributes in process `syz.1.368'. [ 158.129916][ T6915] netlink: 8 bytes leftover after parsing attributes in process `syz.4.370'. [ 158.129948][ T6915] netlink: 20 bytes leftover after parsing attributes in process `syz.4.370'. [ 158.254521][ T6908] bridge0: port 2(bridge_slave_1) entered listening state [ 158.270198][ T6908] bridge0: port 2(bridge_slave_1) entered disabled state [ 158.426508][ T6915] netlink: 8 bytes leftover after parsing attributes in process `syz.4.370'. [ 158.426544][ T6915] netlink: 20 bytes leftover after parsing attributes in process `syz.4.370'. [ 158.433753][ T6920] overlayfs: overlapping lowerdir path [ 158.739265][ T6930] input: syz1 as /devices/virtual/input/input7 [ 160.145134][ T6948] netlink: 8 bytes leftover after parsing attributes in process `syz.0.381'. [ 160.145168][ T6948] netlink: 8 bytes leftover after parsing attributes in process `syz.0.381'. [ 160.185824][ T6951] fuse: Invalid rootmode [ 160.242336][ T147] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 160.300624][ T6722] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 160.322989][ T147] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 160.323036][ T147] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 160.323068][ T147] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 160.358867][ T6722] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 160.827578][ T6963] input: syz1 as /devices/virtual/input/input9 [ 161.725200][ T6722] team0: Port device team_slave_0 added [ 161.739139][ T6722] team0: Port device team_slave_1 added [ 162.295761][ T6722] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 162.295777][ T6722] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 162.295802][ T6722] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 162.491760][ T1054] hsr_slave_0: left promiscuous mode [ 162.548073][ T1054] hsr_slave_1: left promiscuous mode [ 162.644289][ T6994] overlayfs: overlapping lowerdir path [ 162.650702][ T1054] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 162.650804][ T1054] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 162.807063][ T7007] fuse: Invalid rootmode [ 162.975652][ T1054] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 162.976293][ T1054] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 163.641041][ T1054] veth1_macvtap: left promiscuous mode [ 163.641388][ T1054] veth0_macvtap: left promiscuous mode [ 163.677078][ T1054] veth1_vlan: left promiscuous mode [ 163.677623][ T1054] veth0_vlan: left promiscuous mode [ 163.722600][ T7025] tipc: Failed to remove unknown binding: 66,0,0/0:2370794998/2370794999 [ 164.191692][ T5606] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 164.363950][ T5606] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 164.364081][ T5606] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 164.364119][ T5606] usb 1-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.80 [ 164.364142][ T5606] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 164.388984][ T5606] usb 1-1: config 0 descriptor?? [ 164.969814][ T7039] overlayfs: failed to resolve './file0': -2 [ 165.929195][ T7041] overlayfs: workdir and upperdir must reside under the same mount [ 166.260854][ T7050] fuse: Bad value for 'rootmode' [ 166.261708][ T5744] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 166.290995][ T7052] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 166.411736][ T5744] usb 2-1: Using ep0 maxpacket: 16 [ 166.416628][ T5744] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 166.420117][ T5744] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 166.420144][ T5744] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 166.420168][ T5744] usb 2-1: Product: syz [ 166.420181][ T5744] usb 2-1: Manufacturer: syz [ 166.420194][ T5744] usb 2-1: SerialNumber: syz [ 166.491031][ T5744] usb 2-1: config 0 descriptor?? [ 166.506725][ T5744] em28xx 2-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 166.506758][ T5744] em28xx 2-1:0.0: DVB interface 0 found: bulk [ 166.916607][ T5606] usbhid 1-1:0.0: can't add hid device: -71 [ 166.916730][ T5606] usbhid 1-1:0.0: probe with driver usbhid failed with error -71 [ 166.967632][ T5606] usb 1-1: USB disconnect, device number 3 [ 167.188632][ T5744] em28xx 2-1:0.0: unknown em28xx chip ID (0) [ 168.234265][ T59] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 168.234492][ T59] Bluetooth: hci2: Injecting HCI hardware error event [ 168.239598][ T5608] Bluetooth: hci2: hardware error 0x00 [ 168.300614][ T1054] team0 (unregistering): Port device team_slave_1 removed [ 168.394006][ T1054] team0 (unregistering): Port device team_slave_0 removed [ 168.742436][ T6722] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 168.742452][ T6722] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 168.742476][ T6722] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 168.807774][ T5261] 8021q: adding VLAN 0 to HW filter on device eth3 [ 168.897933][ T5744] em28xx 2-1:0.0: reading from i2c device at 0xa0 failed (error=-5) [ 168.897952][ T5744] em28xx 2-1:0.0: board has no eeprom [ 169.532555][ T5744] em28xx 2-1:0.0: Identified as PCTV tripleStick (292e) (card=94) [ 169.532583][ T5744] em28xx 2-1:0.0: dvb set to bulk mode. [ 169.536034][ T10] em28xx 2-1:0.0: Binding DVB extension [ 169.569729][ T6722] hsr_slave_0: entered promiscuous mode [ 169.578654][ T6722] hsr_slave_1: entered promiscuous mode [ 169.581290][ T6722] debugfs: 'hsr0' already exists in 'hsr' [ 169.581315][ T6722] Cannot create hsr debugfs directory [ 169.625813][ T5744] usb 2-1: USB disconnect, device number 5 [ 169.832627][ T5744] em28xx 2-1:0.0: Disconnecting em28xx [ 170.801679][ T9] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 170.865531][ T10] em28xx 2-1:0.0: Registering input extension [ 170.961850][ T9] usb 4-1: Using ep0 maxpacket: 16 [ 170.965196][ T9] usb 4-1: config 6 has an invalid interface number: 5 but max is 0 [ 170.965223][ T9] usb 4-1: config 6 has no interface number 0 [ 171.017886][ T5744] em28xx 2-1:0.0: Closing input extension [ 171.045607][ T9] usb 4-1: config 6 interface 5 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0 [ 171.045636][ T9] usb 4-1: config 6 interface 5 altsetting 0 endpoint 0x3 has invalid maxpacket 512, setting to 64 [ 171.045661][ T9] usb 4-1: config 6 interface 5 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 171.094840][ T9] usb 4-1: New USB device found, idVendor=05c6, idProduct=9037, bcdDevice=66.55 [ 171.094869][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 171.094888][ T9] usb 4-1: Product: ⠁ [ 171.094901][ T9] usb 4-1: Manufacturer: 倊 [ 171.094914][ T9] usb 4-1: SerialNumber: ᩩ䤾᫳删톣 [ 171.345109][ T7101] input: syz1 as /devices/virtual/input/input12 [ 171.352563][ T7088] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 171.416203][ T5608] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 171.967931][ T5744] em28xx 2-1:0.0: Freeing device [ 172.224760][ T9] usb 4-1: USB disconnect, device number 4 [ 172.530320][ T7118] netlink: 4 bytes leftover after parsing attributes in process `syz.3.427'. [ 172.882382][ T9] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 173.091676][ T9] usb 4-1: Using ep0 maxpacket: 16 [ 173.099904][ T9] usb 4-1: config 0 has an invalid interface number: 64 but max is 0 [ 173.099930][ T9] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 173.099949][ T9] usb 4-1: config 0 has no interface number 0 [ 173.100079][ T9] usb 4-1: New USB device found, idVendor=0bd3, idProduct=0555, bcdDevice= 0.5b [ 173.100104][ T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 173.208591][ T9] usb 4-1: config 0 descriptor?? [ 173.272021][ T9] uvcvideo 4-1:0.64: probe with driver uvcvideo failed with error -22 [ 173.745837][ T7137] input: syz1 as /devices/virtual/input/input13 [ 174.185315][ T5261] 8021q: adding VLAN 0 to HW filter on device eth4 [ 174.251957][ T48] usb 4-1: USB disconnect, device number 5 [ 175.929213][ T7165] input: syz1 as /devices/virtual/input/input14 [ 176.513362][ T48] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 176.672163][ T48] usb 2-1: Using ep0 maxpacket: 8 [ 176.691887][ T48] usb 2-1: config index 0 descriptor too short (expected 301, got 45) [ 176.691915][ T48] usb 2-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config [ 176.691962][ T48] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 176.691983][ T48] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 176.692005][ T48] usb 2-1: config 16 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 176.692047][ T48] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 176.692069][ T48] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 176.856761][ T48] usbtmc 2-1:16.0: bulk endpoints not found [ 177.806916][ T7194] netlink: 4 bytes leftover after parsing attributes in process `syz.4.451'. [ 178.121706][ T5606] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 178.311706][ T5606] usb 5-1: Using ep0 maxpacket: 16 [ 178.316834][ T5606] usb 5-1: config 0 has an invalid interface number: 64 but max is 0 [ 178.316860][ T5606] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 178.316878][ T5606] usb 5-1: config 0 has no interface number 0 [ 178.316919][ T5606] usb 5-1: New USB device found, idVendor=0bd3, idProduct=0555, bcdDevice= 0.5b [ 178.316941][ T5606] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 178.332517][ T5606] usb 5-1: config 0 descriptor?? [ 178.344745][ T5606] uvcvideo 5-1:0.64: probe with driver uvcvideo failed with error -22 [ 178.477243][ T6722] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 178.546074][ T6722] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 178.553299][ T48] usb 5-1: USB disconnect, device number 2 [ 178.555081][ T6722] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 178.687210][ T6722] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 178.688789][ T6722] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 178.728157][ T7202] netlink: 36 bytes leftover after parsing attributes in process `syz.3.453'. [ 178.769586][ T6722] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 178.865395][ T6722] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 178.918439][ T6722] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 179.097899][ T7214] loop2: detected capacity change from 0 to 7 [ 179.109682][ T7214] Dev loop2: unable to read RDB block 7 [ 179.109722][ T7214] loop2: unable to read partition table [ 179.109925][ T7214] loop2: partition table beyond EOD, truncated [ 179.109964][ T7214] loop_reread_partitions: partition scan of loop2 (被x ) failed (rc=-5) [ 179.301195][ T5843] usb 2-1: USB disconnect, device number 6 [ 179.312711][ T5744] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 179.469183][ T5744] usb 1-1: no configurations [ 179.469201][ T5744] usb 1-1: can't read configurations, error -22 [ 179.626542][ T6722] 8021q: adding VLAN 0 to HW filter on device bond0 [ 179.692627][ T5744] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 179.719298][ T6722] 8021q: adding VLAN 0 to HW filter on device team0 [ 179.800657][ T1421] bridge0: port 1(bridge_slave_0) entered blocking state [ 179.800787][ T1421] bridge0: port 1(bridge_slave_0) entered forwarding state [ 179.843104][ T5744] usb 1-1: no configurations [ 179.843122][ T5744] usb 1-1: can't read configurations, error -22 [ 179.875261][ T5744] usb usb1-port1: attempt power cycle [ 179.900032][ T1458] bridge0: port 2(bridge_slave_1) entered blocking state [ 179.900158][ T1458] bridge0: port 2(bridge_slave_1) entered forwarding state [ 179.981207][ T7231] netlink: 8 bytes leftover after parsing attributes in process `syz.3.462'. [ 180.224090][ T5744] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 180.247172][ T5744] usb 1-1: no configurations [ 180.247191][ T5744] usb 1-1: can't read configurations, error -22 [ 180.371802][ T5744] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 180.393336][ T5744] usb 1-1: no configurations [ 180.393354][ T5744] usb 1-1: can't read configurations, error -22 [ 180.394051][ T5744] usb usb1-port1: unable to enumerate USB device [ 180.946819][ T48] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 181.102105][ T48] usb 4-1: Using ep0 maxpacket: 16 [ 181.119239][ T48] usb 4-1: config 6 has an invalid interface number: 5 but max is 0 [ 181.119265][ T48] usb 4-1: config 6 has no interface number 0 [ 181.119308][ T48] usb 4-1: config 6 interface 5 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0 [ 181.119331][ T48] usb 4-1: config 6 interface 5 altsetting 0 endpoint 0x3 has invalid maxpacket 512, setting to 64 [ 181.119355][ T48] usb 4-1: config 6 interface 5 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 181.148267][ T48] usb 4-1: New USB device found, idVendor=05c6, idProduct=9037, bcdDevice=66.55 [ 181.148296][ T48] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 181.148315][ T48] usb 4-1: Product: ⠁ [ 181.148328][ T48] usb 4-1: Manufacturer: 倊 [ 181.148340][ T48] usb 4-1: SerialNumber: ᩩ䤾᫳删톣 [ 181.227129][ T7249] netlink: 4 bytes leftover after parsing attributes in process `syz.1.466'. [ 181.242103][ T7241] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 181.600928][ T48] usb 4-1: USB disconnect, device number 6 [ 181.751922][ T5744] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 181.915478][ T5744] usb 2-1: Using ep0 maxpacket: 16 [ 181.920999][ T5744] usb 2-1: config 0 has an invalid interface number: 64 but max is 0 [ 181.921025][ T5744] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 181.921041][ T5744] usb 2-1: config 0 has no interface number 0 [ 181.921068][ T5744] usb 2-1: New USB device found, idVendor=0bd3, idProduct=0555, bcdDevice= 0.5b [ 181.921080][ T5744] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 181.980967][ T5744] usb 2-1: config 0 descriptor?? [ 182.027150][ T5744] uvcvideo 2-1:0.64: probe with driver uvcvideo failed with error -22 [ 182.364926][ T48] usb 2-1: USB disconnect, device number 7 [ 183.199464][ T36] kauditd_printk_skb: 63 callbacks suppressed [ 183.199480][ T36] audit: type=1326 audit(1777243934.360:366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7279 comm="syz.1.472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f463812cdd9 code=0x7ffc0000 [ 183.199528][ T36] audit: type=1326 audit(1777243934.370:367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7279 comm="syz.1.472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f463812cdd9 code=0x7ffc0000 [ 183.210578][ T36] audit: type=1326 audit(1777243934.380:368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7279 comm="syz.1.472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f463812cdd9 code=0x7ffc0000 [ 183.210622][ T36] audit: type=1326 audit(1777243934.380:369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7279 comm="syz.1.472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f463812cdd9 code=0x7ffc0000 [ 183.211509][ T36] audit: type=1326 audit(1777243934.380:370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7279 comm="syz.1.472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f463812cdd9 code=0x7ffc0000 [ 183.212678][ T36] audit: type=1326 audit(1777243934.380:371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7279 comm="syz.1.472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f463812cdd9 code=0x7ffc0000 [ 183.212718][ T36] audit: type=1326 audit(1777243934.380:372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7279 comm="syz.1.472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f463812cdd9 code=0x7ffc0000 [ 183.215131][ T36] audit: type=1326 audit(1777243934.390:373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7279 comm="syz.1.472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f463812cdd9 code=0x7ffc0000 [ 183.215505][ T36] audit: type=1326 audit(1777243934.390:374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7279 comm="syz.1.472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f463812cdd9 code=0x7ffc0000 [ 183.215542][ T36] audit: type=1326 audit(1777243934.390:375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7279 comm="syz.1.472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f463812cdd9 code=0x7ffc0000 [ 183.596821][ T6722] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 183.845402][ T7291] input: syz1 as /devices/virtual/input/input15 [ 184.191718][ T5843] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 184.362481][ T5843] usb 1-1: Using ep0 maxpacket: 16 [ 184.377666][ T5843] usb 1-1: config 6 has an invalid interface number: 5 but max is 0 [ 184.377692][ T5843] usb 1-1: config 6 has no interface number 0 [ 184.377748][ T5843] usb 1-1: config 6 interface 5 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0 [ 184.377770][ T5843] usb 1-1: config 6 interface 5 altsetting 0 endpoint 0x3 has invalid maxpacket 512, setting to 64 [ 184.377795][ T5843] usb 1-1: config 6 interface 5 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 184.387763][ T5843] usb 1-1: New USB device found, idVendor=05c6, idProduct=9037, bcdDevice=66.55 [ 184.387790][ T5843] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 184.387809][ T5843] usb 1-1: Product: ⠁ [ 184.387821][ T5843] usb 1-1: Manufacturer: 倊 [ 184.387834][ T5843] usb 1-1: SerialNumber: ᩩ䤾᫳删톣 [ 184.489260][ T7296] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 184.872524][ T5843] usb 1-1: USB disconnect, device number 8 [ 185.108326][ T7314] netlink: 4 bytes leftover after parsing attributes in process `syz.1.481'. [ 185.248189][ T6722] veth0_vlan: entered promiscuous mode [ 185.292672][ T6722] veth1_vlan: entered promiscuous mode [ 185.391841][ T5744] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 185.437986][ T6722] veth0_macvtap: entered promiscuous mode [ 185.543105][ T5744] usb 2-1: Using ep0 maxpacket: 16 [ 185.545665][ T6722] veth1_macvtap: entered promiscuous mode [ 185.580568][ T5744] usb 2-1: config 0 has an invalid interface number: 64 but max is 0 [ 185.580596][ T5744] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 185.580614][ T5744] usb 2-1: config 0 has no interface number 0 [ 185.580656][ T5744] usb 2-1: New USB device found, idVendor=0bd3, idProduct=0555, bcdDevice= 0.5b [ 185.580678][ T5744] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 185.655237][ T5744] usb 2-1: config 0 descriptor?? [ 185.683823][ T5744] uvcvideo 2-1:0.64: probe with driver uvcvideo failed with error -22 [ 185.724479][ T6722] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 185.835890][ T6722] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 185.879696][ T5843] usb 2-1: USB disconnect, device number 8 [ 185.944542][ T3088] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 185.946416][ T3088] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 185.946955][ T3088] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 185.948588][ T3088] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 186.459939][ T7350] batadv0: entered promiscuous mode [ 187.284863][ T7350] batadv0: left promiscuous mode [ 187.975019][ T7372] syz.1.495 uses obsolete (PF_INET,SOCK_PACKET) [ 188.279320][ T1421] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 188.279340][ T1421] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 188.514220][ T1054] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 188.514240][ T1054] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 188.681788][ T48] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 188.841807][ T48] usb 1-1: Using ep0 maxpacket: 32 [ 188.844348][ T48] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 188.844376][ T48] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 188.844412][ T48] usb 1-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00 [ 188.844434][ T48] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 188.953603][ T48] usb 1-1: config 0 descriptor?? [ 189.012197][ T48] usbhid 1-1:0.0: fixing wrong optional hid class descriptors count [ 189.395497][ C1] raw-gadget.0 gadget.0: ignoring, device is not running [ 189.395904][ C1] raw-gadget.0 gadget.0: ignoring, device is not running [ 189.396398][ C1] raw-gadget.0 gadget.0: ignoring, device is not running [ 189.398598][ T48] usbhid 1-1:0.0: can't add hid device: -32 [ 189.398721][ T48] usbhid 1-1:0.0: probe with driver usbhid failed with error -32 [ 189.490654][ T48] usb 1-1: USB disconnect, device number 9 [ 189.539894][ T36] kauditd_printk_skb: 152 callbacks suppressed [ 189.539911][ T36] audit: type=1326 audit(1777243940.710:528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7407 comm="syz.3.505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01c90ecdd9 code=0x7ffc0000 [ 189.540186][ T36] audit: type=1326 audit(1777243940.710:529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7407 comm="syz.3.505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01c90ecdd9 code=0x7ffc0000 [ 189.591527][ T36] audit: type=1326 audit(1777243940.760:530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7407 comm="syz.3.505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01c90ecdd9 code=0x7ffc0000 [ 189.591621][ T36] audit: type=1326 audit(1777243940.760:531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7407 comm="syz.3.505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01c90ecdd9 code=0x7ffc0000 [ 189.591792][ T36] audit: type=1326 audit(1777243940.770:532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7407 comm="syz.3.505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f01c90ecdd9 code=0x7ffc0000 [ 189.592165][ T36] audit: type=1326 audit(1777243940.770:533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7407 comm="syz.3.505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01c90ecdd9 code=0x7ffc0000 [ 189.592311][ T36] audit: type=1326 audit(1777243940.770:534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7407 comm="syz.3.505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01c90ecdd9 code=0x7ffc0000 [ 189.592629][ T36] audit: type=1326 audit(1777243940.770:535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7407 comm="syz.3.505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01c90ecdd9 code=0x7ffc0000 [ 189.592744][ T36] audit: type=1326 audit(1777243940.770:536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7407 comm="syz.3.505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01c90ecdd9 code=0x7ffc0000 [ 189.596601][ T36] audit: type=1326 audit(1777243940.770:537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7407 comm="syz.3.505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f01c90ecdd9 code=0x7ffc0000 [ 190.084311][ T7418] overlayfs: missing 'lowerdir' [ 192.912764][ T5843] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 193.141688][ T5843] usb 5-1: Using ep0 maxpacket: 16 [ 193.150839][ T5843] usb 5-1: config 6 has an invalid interface number: 5 but max is 0 [ 193.150866][ T5843] usb 5-1: config 6 has no interface number 0 [ 193.150908][ T5843] usb 5-1: config 6 interface 5 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0 [ 193.150929][ T5843] usb 5-1: config 6 interface 5 altsetting 0 endpoint 0x3 has invalid maxpacket 512, setting to 64 [ 193.150952][ T5843] usb 5-1: config 6 interface 5 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 193.264485][ T5843] usb 5-1: New USB device found, idVendor=05c6, idProduct=9037, bcdDevice=66.55 [ 193.264514][ T5843] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 193.264533][ T5843] usb 5-1: Product: ⠁ [ 193.264546][ T5843] usb 5-1: Manufacturer: 倊 [ 193.264560][ T5843] usb 5-1: SerialNumber: ᩩ䤾᫳删톣 [ 193.352933][ T7463] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 193.746712][ T5843] usb 5-1: USB disconnect, device number 3 [ 194.244437][ T7496] warn_alloc: 1 callbacks suppressed [ 194.244455][ T7496] syz.3.531: vmalloc error: size 17179873280, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 194.244516][ T7496] CPU: 0 UID: 0 PID: 7496 Comm: syz.3.531 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 194.244539][ T7496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 194.244550][ T7496] Call Trace: [ 194.244562][ T7496] [ 194.244570][ T7496] dump_stack_lvl+0xe8/0x150 [ 194.244600][ T7496] warn_alloc+0x263/0x3e0 [ 194.244630][ T7496] ? stack_trace_save+0xa9/0x100 [ 194.244656][ T7496] ? __pfx_warn_alloc+0x10/0x10 [ 194.244687][ T7496] ? kasan_save_track+0x4f/0x80 [ 194.244706][ T7496] ? kasan_save_track+0x3e/0x80 [ 194.244722][ T7496] ? __kasan_kmalloc+0x93/0xb0 [ 194.244741][ T7496] ? xskq_create+0x56/0x170 [ 194.244766][ T7496] ? xsk_init_queue+0x8a/0xe0 [ 194.244790][ T7496] ? xsk_setsockopt+0x603/0x990 [ 194.244813][ T7496] ? do_sock_setsockopt+0x17c/0x1b0 [ 194.244838][ T7496] __vmalloc_node_range_noprof+0x132/0x1750 [ 194.244889][ T7496] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 194.244916][ T7496] ? __kasan_kmalloc+0x93/0xb0 [ 194.244940][ T7496] vmalloc_user_noprof+0xad/0xe0 [ 194.244961][ T7496] ? xskq_create+0xbf/0x170 [ 194.244984][ T7496] xskq_create+0xbf/0x170 [ 194.245011][ T7496] xsk_init_queue+0x8a/0xe0 [ 194.245048][ T7496] xsk_setsockopt+0x603/0x990 [ 194.245074][ T7496] ? __pfx_xsk_setsockopt+0x10/0x10 [ 194.245105][ T7496] ? __fget_files+0x2a/0x420 [ 194.245136][ T7496] ? __fget_files+0x2a/0x420 [ 194.245162][ T7496] ? bpf_lsm_socket_setsockopt+0x9/0x20 [ 194.245182][ T7496] ? __pfx_xsk_setsockopt+0x10/0x10 [ 194.245207][ T7496] do_sock_setsockopt+0x17c/0x1b0 [ 194.245233][ T7496] __x64_sys_setsockopt+0x143/0x1b0 [ 194.245257][ T7496] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 194.245278][ T7496] do_syscall_64+0x15f/0xf80 [ 194.245298][ T7496] ? clear_bhb_loop+0x40/0x90 [ 194.245322][ T7496] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 194.245341][ T7496] RIP: 0033:0x7f01c90ecdd9 [ 194.245360][ T7496] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 194.245377][ T7496] RSP: 002b:00007f01c7346028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 194.245397][ T7496] RAX: ffffffffffffffda RBX: 00007f01c9365fa0 RCX: 00007f01c90ecdd9 [ 194.245412][ T7496] RDX: 0000000000000003 RSI: 000000000000011b RDI: 0000000000000003 [ 194.245424][ T7496] RBP: 00007f01c9182d69 R08: 0000000000000004 R09: 0000000000000000 [ 194.245437][ T7496] R10: 00002000000001c0 R11: 0000000000000246 R12: 0000000000000000 [ 194.245449][ T7496] R13: 00007f01c9366038 R14: 00007f01c9365fa0 R15: 00007ffe79a148e8 [ 194.245481][ T7496] [ 194.248629][ T7496] Mem-Info: [ 194.248643][ T7496] active_anon:188 inactive_anon:8283 isolated_anon:0 [ 194.248643][ T7496] active_file:5471 inactive_file:37980 isolated_file:0 [ 194.248643][ T7496] unevictable:768 dirty:315 writeback:0 [ 194.248643][ T7496] slab_reclaimable:11660 slab_unreclaimable:104319 [ 194.248643][ T7496] mapped:29953 shmem:1296 pagetables:1411 [ 194.248643][ T7496] sec_pagetables:0 bounce:0 [ 194.248643][ T7496] kernel_misc_reclaimable:0 [ 194.248643][ T7496] free:1317894 free_pcp:6436 free_cma:0 [ 194.248700][ T7496] Node 0 active_anon:752kB inactive_anon:33132kB active_file:21692kB inactive_file:151920kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:119812kB dirty:1256kB writeback:0kB shmem:3648kB kernel_stack:13352kB pagetables:5508kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB [ 194.248749][ T7496] Node 1 active_anon:0kB inactive_anon:0kB active_file:192kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB kernel_stack:32kB pagetables:136kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB [ 194.248804][ T7496] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 194.248862][ T7496] lowmem_reserve[]: 0 2506 2506 2506 2506 [ 194.248894][ T7496] Node 0 DMA32 free:1327788kB boost:0kB min:3928kB low:6464kB high:9000kB reserved_highatomic:0KB free_highatomic:0KB active_anon:752kB inactive_anon:33132kB active_file:21692kB inactive_file:151920kB unevictable:1536kB writepending:1256kB zspages:0kB present:3129332kB managed:2566640kB mlocked:0kB bounce:0kB free_pcp:25744kB local_pcp:19408kB free_cma:0kB [ 194.250474][ T7496] lowmem_reserve[]: 0 0 0 0 0 [ 194.250515][ T7496] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:216kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 194.250572][ T7496] lowmem_reserve[]: 0 0 0 0 0 [ 194.250605][ T7496] Node 1 Normal free:3928428kB boost:0kB min:6368kB low:10476kB high:14584kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:192kB inactive_file:0kB unevictable:1536kB writepending:4kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 194.250664][ T7496] lowmem_reserve[]: 0 0 0 0 0 [ 194.250697][ T7496] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 194.250805][ T7496] Node 0 DMA32: 1491*4kB (UM) 1208*8kB (UME) 496*16kB (UE) 1*32kB (M) 13*64kB (UME) 40*128kB (UME) 17*256kB (UME) 9*512kB (UM) 5*1024kB (U) 3*2048kB (U) 312*4096kB (UM) = 1327724kB [ 194.250951][ T7496] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 194.251075][ T7496] Node 1 Normal: 1*4kB (U) 3*8kB (UM) 5*16kB (UM) 8*32kB (UM) 8*64kB (UM) 2*128kB (UM) 3*256kB (UM) 3*512kB (UM) 1*1024kB (M) 0*2048kB 958*4096kB (M) = 3928428kB [ 194.251223][ T7496] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 194.251240][ T7496] Node 0 hugepages_total=6 hugepages_free=0 hugepages_surp=4 hugepages_size=2048kB [ 194.251256][ T7496] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 194.251272][ T7496] Node 1 hugepages_total=2 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 194.251288][ T7496] 44743 total pagecache pages [ 194.251296][ T7496] 0 pages in swap cache [ 194.251302][ T7496] Free swap = 124996kB [ 194.251310][ T7496] Total swap = 124996kB [ 194.251318][ T7496] 2097051 pages RAM [ 194.251325][ T7496] 0 pages HighMem/MovableOnly [ 194.251331][ T7496] 423722 pages reserved [ 194.251338][ T7496] 0 pages cma reserved [ 194.295243][ T1335] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.295314][ T1335] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.551845][ T5744] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 195.722187][ T5744] usb 5-1: Using ep0 maxpacket: 16 [ 195.725310][ T5744] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 195.750226][ T5744] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 195.750254][ T5744] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 195.750271][ T5744] usb 5-1: Product: syz [ 195.750284][ T5744] usb 5-1: Manufacturer: syz [ 195.750297][ T5744] usb 5-1: SerialNumber: syz [ 195.805003][ T5744] usb 5-1: config 0 descriptor?? [ 195.844154][ T5744] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 195.844189][ T5744] em28xx 5-1:0.0: DVB interface 0 found: bulk [ 196.346344][ T36] kauditd_printk_skb: 237 callbacks suppressed [ 196.346361][ T36] audit: type=1326 audit(1777243947.520:775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7552 comm="syz.1.546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f463812cdd9 code=0x7ffc0000 [ 196.346402][ T36] audit: type=1326 audit(1777243947.520:776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7552 comm="syz.1.546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f463812cdd9 code=0x7ffc0000 [ 196.351399][ T36] audit: type=1326 audit(1777243947.520:777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7552 comm="syz.1.546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f463812cdd9 code=0x7ffc0000 [ 196.351447][ T36] audit: type=1326 audit(1777243947.520:778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7552 comm="syz.1.546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f463812cdd9 code=0x7ffc0000 [ 196.351942][ T36] audit: type=1326 audit(1777243947.530:779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7552 comm="syz.1.546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f463812cdd9 code=0x7ffc0000 [ 196.352140][ T36] audit: type=1326 audit(1777243947.530:780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7552 comm="syz.1.546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f463812cdd9 code=0x7ffc0000 [ 196.352322][ T36] audit: type=1326 audit(1777243947.530:781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7552 comm="syz.1.546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f463812cdd9 code=0x7ffc0000 [ 196.361656][ T36] audit: type=1326 audit(1777243947.530:782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7552 comm="syz.1.546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f463812cdd9 code=0x7ffc0000 [ 196.361704][ T36] audit: type=1326 audit(1777243947.530:783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7552 comm="syz.1.546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f463812cdd9 code=0x7ffc0000 [ 196.361739][ T36] audit: type=1326 audit(1777243947.530:784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7552 comm="syz.1.546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f463812cdd9 code=0x7ffc0000 [ 196.461847][ T5744] em28xx 5-1:0.0: unknown em28xx chip ID (0) [ 197.567882][ T9] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 197.626902][ T5744] em28xx 5-1:0.0: reading from i2c device at 0xa0 failed (error=-5) [ 197.626931][ T5744] em28xx 5-1:0.0: board has no eeprom [ 197.678064][ T7561] IPv6: syztnl0: Disabled Multicast RS [ 197.766193][ T5744] em28xx 5-1:0.0: Identified as PCTV tripleStick (292e) (card=94) [ 197.766220][ T5744] em28xx 5-1:0.0: dvb set to bulk mode. [ 197.767591][ T837] em28xx 5-1:0.0: Binding DVB extension [ 197.791181][ T9] usb 1-1: Using ep0 maxpacket: 16 [ 197.815132][ T9] usb 1-1: config 6 has an invalid interface number: 5 but max is 0 [ 197.815163][ T9] usb 1-1: config 6 has no interface number 0 [ 197.815207][ T9] usb 1-1: config 6 interface 5 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0 [ 197.815229][ T9] usb 1-1: config 6 interface 5 altsetting 0 endpoint 0x3 has invalid maxpacket 512, setting to 64 [ 197.815252][ T9] usb 1-1: config 6 interface 5 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 197.830404][ T9] usb 1-1: New USB device found, idVendor=05c6, idProduct=9037, bcdDevice=66.55 [ 197.830432][ T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 197.830450][ T9] usb 1-1: Product: ⠁ [ 197.830463][ T9] usb 1-1: Manufacturer: 倊 [ 197.830476][ T9] usb 1-1: SerialNumber: ᩩ䤾᫳删톣 [ 197.932055][ T7546] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 197.998081][ T5744] usb 5-1: USB disconnect, device number 4 [ 198.018373][ T5744] em28xx 5-1:0.0: Disconnecting em28xx [ 198.204916][ T837] em28xx 5-1:0.0: Registering input extension [ 198.205218][ T5744] em28xx 5-1:0.0: Closing input extension [ 198.259100][ T9] usb 1-1: USB disconnect, device number 10 [ 198.488188][ T5744] em28xx 5-1:0.0: Freeing device [ 199.239255][ T7600] netlink: 8 bytes leftover after parsing attributes in process `syz.4.564'. [ 199.239289][ T7600] netlink: 20 bytes leftover after parsing attributes in process `syz.4.564'. [ 199.240072][ T7600] netlink: 8 bytes leftover after parsing attributes in process `syz.4.564'. [ 199.240098][ T7600] netlink: 20 bytes leftover after parsing attributes in process `syz.4.564'. [ 201.243841][ T7620] netlink: 20 bytes leftover after parsing attributes in process `syz.4.568'. [ 201.867185][ T7647] netlink: 8 bytes leftover after parsing attributes in process `syz.0.578'. [ 201.867221][ T7647] netlink: 8 bytes leftover after parsing attributes in process `syz.0.578'. [ 202.108060][ T7650] netlink: 8 bytes leftover after parsing attributes in process `syz.5.579'. [ 202.108093][ T7650] netlink: 20 bytes leftover after parsing attributes in process `syz.5.579'. [ 202.401176][ T1054] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 202.401302][ T7650] netlink: 8 bytes leftover after parsing attributes in process `syz.5.579'. [ 203.104639][ T1054] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 203.105477][ T1054] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 203.105634][ T1054] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 204.354065][ T7662] binder: 7659:7662 ioctl c0306201 2000000003c0 returned -14 [ 204.625279][ T7675] input: syz1 as /devices/virtual/input/input21 [ 205.300164][ T7692] input: syz1 as /devices/virtual/input/input22 [ 206.648774][ T5608] Bluetooth: hci0: command 0x0406 tx timeout [ 206.963000][ T7717] __nla_validate_parse: 1 callbacks suppressed [ 206.963018][ T7717] netlink: 8 bytes leftover after parsing attributes in process `syz.5.598'. [ 206.963044][ T7717] netlink: 8 bytes leftover after parsing attributes in process `syz.5.598'. [ 207.186093][ T7711] bridge0: port 2(bridge_slave_1) entered listening state [ 207.269446][ T7711] bridge0: port 2(bridge_slave_1) entered disabled state [ 207.972715][ T7739] IPv6: syztnl0: Disabled Multicast RS [ 209.011673][ T9] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 209.174143][ T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 209.174177][ T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 209.174215][ T9] usb 6-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.80 [ 209.174238][ T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 209.286303][ T9] usb 6-1: config 0 descriptor?? [ 210.402905][ T7732] overlayfs: failed to resolve './file0': -2 [ 211.869621][ T7777] loop2: detected capacity change from 0 to 7 [ 211.912880][ T7777] Dev loop2: unable to read RDB block 7 [ 211.912913][ T7777] loop2: AHDI p1 p2 p3 [ 211.912939][ T7777] loop2: partition table partially beyond EOD, truncated [ 211.913164][ T7777] loop2: p1 start 1601398130 is beyond EOD, truncated [ 211.913198][ T7777] loop2: p2 start 1702059890 is beyond EOD, truncated [ 212.041078][ T9] usbhid 6-1:0.0: can't add hid device: -71 [ 212.041220][ T9] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 212.054966][ T9] usb 6-1: USB disconnect, device number 2 [ 213.866904][ T7815] loop2: detected capacity change from 0 to 7 [ 213.901116][ T7815] Dev loop2: unable to read RDB block 7 [ 213.901148][ T7815] loop2: AHDI p1 p2 p3 [ 213.901174][ T7815] loop2: partition table partially beyond EOD, truncated [ 213.919687][ T7815] loop2: p1 start 1601398130 is beyond EOD, truncated [ 213.919714][ T7815] loop2: p2 start 1702059890 is beyond EOD, truncated [ 213.939972][ T7818] serio: Serial port ttyprintk [ 214.264841][ T7826] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 214.264897][ T7826] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 214.371688][ T48] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 214.409474][ T7830] netlink: 27 bytes leftover after parsing attributes in process `syz.5.633'. [ 215.096880][ T48] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 215.097349][ T48] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 215.097535][ T48] usb 1-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.80 [ 215.097558][ T48] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 215.479062][ T48] usb 1-1: config 0 descriptor?? [ 215.631955][ T36] kauditd_printk_skb: 151 callbacks suppressed [ 215.631972][ T36] audit: type=1326 audit(1777243966.800:936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7842 comm="syz.3.638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01c90ecdd9 code=0x7ffc0000 [ 215.632014][ T36] audit: type=1326 audit(1777243966.800:937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7842 comm="syz.3.638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01c90ecdd9 code=0x7ffc0000 [ 215.639368][ T36] audit: type=1326 audit(1777243966.810:938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7842 comm="syz.3.638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7f01c90edbc9 code=0x7ffc0000 [ 215.639729][ T36] audit: type=1326 audit(1777243966.810:939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7842 comm="syz.3.638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f01c90a9b3b code=0x7ffc0000 [ 215.639980][ T36] audit: type=1326 audit(1777243966.810:940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7842 comm="syz.3.638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01c90ecdd9 code=0x7ffc0000 [ 215.640017][ T36] audit: type=1326 audit(1777243966.810:941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7842 comm="syz.3.638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01c90ecdd9 code=0x7ffc0000 [ 215.640215][ T36] audit: type=1326 audit(1777243966.810:942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7842 comm="syz.3.638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=273 compat=0 ip=0x7f01c90a922c code=0x7ffc0000 [ 215.640313][ T36] audit: type=1326 audit(1777243966.810:943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7842 comm="syz.3.638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f01c90a928e code=0x7ffc0000 [ 215.640452][ T36] audit: type=1326 audit(1777243966.810:944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7842 comm="syz.3.638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f01c90eca6b code=0x7ffc0000 [ 215.640706][ T36] audit: type=1326 audit(1777243966.810:945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7842 comm="syz.3.638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f01c90ecdd9 code=0x7ffc0000 [ 215.966148][ T7851] batadv0: entered promiscuous mode [ 216.164370][ T7852] overlayfs: failed to resolve './file0': -2 [ 217.891932][ T7851] batadv0: left promiscuous mode [ 218.368438][ T7861] netlink: 20 bytes leftover after parsing attributes in process `syz.5.644'. [ 218.491715][ T5843] usb 2-1: new full-speed USB device number 9 using dummy_hcd [ 218.726008][ T5843] usb 2-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43 [ 218.726093][ T5843] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 218.780163][ T5843] usb 2-1: config 0 descriptor?? [ 218.901468][ T5843] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state. [ 219.011947][ T48] usbhid 1-1:0.0: can't add hid device: -71 [ 219.012068][ T48] usbhid 1-1:0.0: probe with driver usbhid failed with error -71 [ 219.111700][ T48] usb 1-1: USB disconnect, device number 11 [ 219.117579][ T5843] gp8psk: usb in 128 operation failed. [ 219.135658][ T5702] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 219.284046][ T5702] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 219.284074][ T5702] usb 6-1: config 1 has an invalid descriptor of length 247, skipping remainder of the config [ 219.284092][ T5702] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 219.284138][ T5702] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 219.286250][ T5702] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 219.286277][ T5702] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 219.286297][ T5702] usb 6-1: Product: syz [ 219.286310][ T5702] usb 6-1: Manufacturer: syz [ 219.408272][ T5843] gp8psk: usb in 146 operation failed. [ 219.408290][ T5843] gp8psk: failed to get FW version [ 220.274985][ T5702] cdc_wdm 6-1:1.0: probe with driver cdc_wdm failed with error -22 [ 220.315842][ T5843] gp8psk: FPGA Version = 32 [ 220.676783][ T36] kauditd_printk_skb: 78 callbacks suppressed [ 220.676800][ T36] audit: type=1326 audit(1777243971.850:1024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7893 comm="syz.3.657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01c90ecdd9 code=0x7ffc0000 [ 220.680896][ T36] audit: type=1326 audit(1777243971.850:1025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7893 comm="syz.3.657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01c90ecdd9 code=0x7ffc0000 [ 220.681970][ T36] audit: type=1326 audit(1777243971.850:1026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7893 comm="syz.3.657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01c90ecdd9 code=0x7ffc0000 [ 220.682012][ T36] audit: type=1326 audit(1777243971.860:1027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7893 comm="syz.3.657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01c90ecdd9 code=0x7ffc0000 [ 220.682959][ T36] audit: type=1326 audit(1777243971.860:1028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7893 comm="syz.3.657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f01c90ecdd9 code=0x7ffc0000 [ 220.683496][ T36] audit: type=1326 audit(1777243971.860:1029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7893 comm="syz.3.657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01c90ecdd9 code=0x7ffc0000 [ 220.693524][ T36] audit: type=1326 audit(1777243971.860:1030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7893 comm="syz.3.657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01c90ecdd9 code=0x7ffc0000 [ 220.754925][ T36] audit: type=1326 audit(1777243971.870:1031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7893 comm="syz.3.657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01c90ecdd9 code=0x7ffc0000 [ 220.755018][ T36] audit: type=1326 audit(1777243971.930:1032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7893 comm="syz.3.657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01c90ecdd9 code=0x7ffc0000 [ 220.755054][ T36] audit: type=1326 audit(1777243971.930:1033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7893 comm="syz.3.657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f01c90ecdd9 code=0x7ffc0000 [ 222.744550][ T5843] gp8psk: usb out operation failed. [ 222.744580][ T5843] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 222.744624][ T5843] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19) [ 222.758503][ T5843] usb 2-1: USB disconnect, device number 9 [ 222.872093][ T5744] usb 6-1: USB disconnect, device number 3 [ 223.039629][ T7925] netlink: 20 bytes leftover after parsing attributes in process `syz.5.669'. [ 224.071782][ T5744] usb 6-1: new full-speed USB device number 4 using dummy_hcd [ 224.225030][ T5744] usb 6-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43 [ 224.225061][ T5744] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 224.254194][ T5744] usb 6-1: config 0 descriptor?? [ 224.293821][ T5744] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state. [ 224.511222][ T7959] netlink: 4 bytes leftover after parsing attributes in process `syz.1.679'. [ 224.527318][ T7959] netlink: 4 bytes leftover after parsing attributes in process `syz.1.679'. [ 225.291647][ T5744] gp8psk: usb in 128 operation failed. [ 225.496640][ T5744] gp8psk: usb in 146 operation failed. [ 225.496657][ T5744] gp8psk: failed to get FW version [ 225.564927][ T5744] gp8psk: FPGA Version = 32 [ 225.623977][ T59] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201' [ 225.624002][ T59] CPU: 1 UID: 0 PID: 59 Comm: kworker/u9:0 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 225.624025][ T59] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 225.624038][ T59] Workqueue: hci0 hci_rx_work [ 225.624062][ T59] Call Trace: [ 225.624069][ T59] [ 225.624077][ T59] dump_stack_lvl+0xe8/0x150 [ 225.624104][ T59] sysfs_create_dir_ns+0x271/0x2a0 [ 225.624134][ T59] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 225.624163][ T59] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 225.624197][ T59] ? rt_spin_unlock+0x160/0x200 [ 225.624226][ T59] kobject_add_internal+0x631/0xd10 [ 225.624257][ T59] kobject_add+0x163/0x240 [ 225.624284][ T59] ? __pfx_kobject_add+0x10/0x10 [ 225.624313][ T59] ? get_device_parent+0x370/0x3a0 [ 225.624340][ T59] device_add+0x408/0xbb0 [ 225.624366][ T59] hci_conn_add_sysfs+0xd5/0x210 [ 225.624399][ T59] le_conn_complete_evt+0x10e6/0x16b0 [ 225.624437][ T59] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 225.624467][ T59] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 225.624497][ T59] ? lockdep_hardirqs_on+0x7a/0x110 [ 225.624527][ T59] ? skb_pull_data+0xfb/0x200 [ 225.624557][ T59] hci_le_conn_complete_evt+0x187/0x470 [ 225.624588][ T59] hci_event_packet+0x659/0xef0 [ 225.624625][ T59] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 225.624649][ T59] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 225.624671][ T59] ? __pfx_hci_event_packet+0x10/0x10 [ 225.624700][ T59] ? rt_spin_unlock+0x14f/0x200 [ 225.624734][ T59] ? hci_send_to_monitor+0xe2/0x590 [ 225.624772][ T59] hci_rx_work+0x3ee/0x1040 [ 225.624798][ T59] ? process_scheduled_works+0xa70/0x1860 [ 225.624822][ T59] process_scheduled_works+0xb5d/0x1860 [ 225.624878][ T59] ? __pfx_process_scheduled_works+0x10/0x10 [ 225.624906][ T59] ? assign_work+0x3d5/0x5e0 [ 225.624932][ T59] worker_thread+0xa53/0xfc0 [ 225.624984][ T59] kthread+0x388/0x470 [ 225.625011][ T59] ? __pfx_worker_thread+0x10/0x10 [ 225.625031][ T59] ? __pfx_kthread+0x10/0x10 [ 225.625058][ T59] ret_from_fork+0x514/0xb70 [ 225.625084][ T59] ? __pfx_ret_from_fork+0x10/0x10 [ 225.625106][ T59] ? __switch_to+0xc79/0x1410 [ 225.625139][ T59] ? __pfx_kthread+0x10/0x10 [ 225.625166][ T59] ret_from_fork_asm+0x1a/0x30 [ 225.625208][ T59] [ 225.625302][ T59] kobject: kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 225.625343][ T59] Bluetooth: hci0: failed to register connection device [ 226.118930][ T7981] loop2: detected capacity change from 0 to 7 [ 226.120177][ T7981] Dev loop2: unable to read RDB block 7 [ 226.120201][ T7981] loop2: AHDI p1 p2 p3 [ 226.120222][ T7981] loop2: partition table partially beyond EOD, truncated [ 226.120389][ T7981] loop2: p1 start 1601398130 is beyond EOD, truncated [ 226.120403][ T7981] loop2: p2 start 1702059890 is beyond EOD, truncated [ 227.464681][ T5744] gp8psk: usb out operation failed. [ 227.464698][ T5744] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 227.464737][ T5744] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19) [ 227.605891][ T5744] usb 6-1: USB disconnect, device number 4 [ 227.914051][ T5608] Bluetooth: hci0: command 0x0406 tx timeout [ 229.961705][ T5608] Bluetooth: hci0: command 0x0406 tx timeout [ 234.336562][ T8091] netlink: 4 bytes leftover after parsing attributes in process `syz.4.723'. [ 234.349917][ T8091] netlink: 4 bytes leftover after parsing attributes in process `syz.4.723'. [ 236.705426][ T8111] overlayfs: missing 'lowerdir' [ 237.055574][ T8121] overlayfs: missing 'lowerdir' [ 237.496755][ T8136] netlink: 4 bytes leftover after parsing attributes in process `syz.5.735'. [ 237.514494][ T8136] netlink: 4 bytes leftover after parsing attributes in process `syz.5.735'. [ 238.443291][ T8143] netlink: 8 bytes leftover after parsing attributes in process `syz.1.740'. [ 239.601162][ T8153] overlayfs: missing 'lowerdir' [ 242.448654][ T8189] netlink: 8 bytes leftover after parsing attributes in process `syz.5.754'. [ 242.448692][ T8189] netlink: 8 bytes leftover after parsing attributes in process `syz.5.754'. [ 244.831218][ T36] kauditd_printk_skb: 243 callbacks suppressed [ 244.831235][ T36] audit: type=1326 audit(1777243996.000:1277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8214 comm="syz.0.763" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa72e97cdd9 code=0x7ffc0000 [ 244.831376][ T36] audit: type=1326 audit(1777243996.000:1278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8214 comm="syz.0.763" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa72e97cdd9 code=0x7ffc0000 [ 244.842591][ T36] audit: type=1326 audit(1777243996.010:1279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8214 comm="syz.0.763" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa72e97cdd9 code=0x7ffc0000 [ 244.842638][ T36] audit: type=1326 audit(1777243996.020:1280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8214 comm="syz.0.763" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa72e97cdd9 code=0x7ffc0000 [ 244.843803][ T36] audit: type=1326 audit(1777243996.020:1281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8214 comm="syz.0.763" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa72e97cdd9 code=0x7ffc0000 [ 244.843844][ T36] audit: type=1326 audit(1777243996.020:1282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8214 comm="syz.0.763" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa72e97cdd9 code=0x7ffc0000 [ 244.843879][ T36] audit: type=1326 audit(1777243996.020:1283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8214 comm="syz.0.763" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa72e97cdd9 code=0x7ffc0000 [ 244.847175][ T36] audit: type=1326 audit(1777243996.020:1284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8214 comm="syz.0.763" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa72e97cdd9 code=0x7ffc0000 [ 244.847217][ T36] audit: type=1326 audit(1777243996.020:1285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8214 comm="syz.0.763" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa72e97cdd9 code=0x7ffc0000 [ 244.847657][ T36] audit: type=1326 audit(1777243996.020:1286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8214 comm="syz.0.763" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fa72e97cdd9 code=0x7ffc0000 [ 246.359888][ T8243] netlink: 8 bytes leftover after parsing attributes in process `syz.0.768'. [ 246.359922][ T8243] netlink: 8 bytes leftover after parsing attributes in process `syz.0.768'. [ 246.484187][ T5744] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 246.634907][ T5744] usb 4-1: Using ep0 maxpacket: 16 [ 246.641525][ T5744] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 246.648557][ T5744] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 246.648584][ T5744] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 246.648603][ T5744] usb 4-1: Product: syz [ 246.648616][ T5744] usb 4-1: Manufacturer: syz [ 246.648629][ T5744] usb 4-1: SerialNumber: syz [ 246.667904][ T5744] usb 4-1: config 0 descriptor?? [ 246.734251][ T5744] em28xx 4-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 246.734284][ T5744] em28xx 4-1:0.0: DVB interface 0 found: bulk [ 247.343450][ T5744] em28xx 4-1:0.0: unknown em28xx chip ID (0) [ 247.677555][ T8260] loop2: detected capacity change from 0 to 7 [ 247.681011][ T8260] Dev loop2: unable to read RDB block 7 [ 247.681055][ T8260] loop2: unable to read partition table [ 247.681266][ T8260] loop2: partition table beyond EOD, truncated [ 247.681286][ T8260] loop_reread_partitions: partition scan of loop2 (被x ) failed (rc=-5) [ 247.856812][ T8265] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 247.856883][ T8265] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 248.150045][ T8267] netlink: 12 bytes leftover after parsing attributes in process `syz.0.781'. [ 248.309183][ T5744] em28xx 4-1:0.0: reading from i2c device at 0xa0 failed (error=-5) [ 248.368103][ T5744] em28xx 4-1:0.0: board has no eeprom [ 248.560089][ T5744] em28xx 4-1:0.0: Identified as PCTV tripleStick (292e) (card=94) [ 248.560116][ T5744] em28xx 4-1:0.0: dvb set to bulk mode. [ 248.561881][ T9] em28xx 4-1:0.0: Binding DVB extension [ 248.736512][ T5744] usb 4-1: USB disconnect, device number 7 [ 248.784001][ T5744] em28xx 4-1:0.0: Disconnecting em28xx [ 248.850591][ T8279] netlink: 8 bytes leftover after parsing attributes in process `syz.4.785'. [ 248.850625][ T8279] netlink: 8 bytes leftover after parsing attributes in process `syz.4.785'. [ 248.881235][ T9] em28xx 4-1:0.0: Registering input extension [ 248.932473][ T5744] em28xx 4-1:0.0: Closing input extension [ 250.014660][ T5744] em28xx 4-1:0.0: Freeing device [ 250.170222][ T8308] overlayfs: missing 'lowerdir' [ 250.903753][ T8320] bridge0: port 3(netdevsim0) entered blocking state [ 250.909311][ T8320] bridge0: port 3(netdevsim0) entered disabled state [ 250.924943][ T8320] netdevsim netdevsim0 netdevsim0: entered allmulticast mode [ 251.077803][ T8320] netdevsim netdevsim0 netdevsim0: entered promiscuous mode [ 251.134209][ T8320] bridge0: port 3(netdevsim0) entered blocking state [ 251.137312][ T8320] bridge0: port 3(netdevsim0) entered forwarding state [ 252.871649][ T9] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 253.002830][ T9] usb 1-1: device descriptor read/64, error -71 [ 253.351822][ T9] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 253.481711][ T9] usb 1-1: device descriptor read/64, error -71 [ 253.978717][ T9] usb usb1-port1: attempt power cycle [ 254.036765][ T8364] overlayfs: missing 'lowerdir' [ 254.351723][ T9] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 254.374178][ T9] usb 1-1: device descriptor read/8, error -71 [ 254.621668][ T9] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 254.645456][ T9] usb 1-1: device descriptor read/8, error -71 [ 254.755023][ T9] usb usb1-port1: unable to enumerate USB device [ 255.980562][ T1335] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.999802][ T1335] ieee802154 phy1 wpan1: encryption failed: -22 [ 259.157840][ T8427] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 259.374803][ T8417] serio: Serial port ttyprintk [ 259.601491][ T8438] bridge0: port 3(netdevsim0) entered blocking state [ 259.602277][ T8438] bridge0: port 3(netdevsim0) entered disabled state [ 259.603568][ T8438] netdevsim netdevsim1 netdevsim0: entered allmulticast mode [ 259.636461][ T8438] netdevsim netdevsim1 netdevsim0: entered promiscuous mode [ 259.649161][ T8438] bridge0: port 3(netdevsim0) entered blocking state [ 259.650882][ T8438] bridge0: port 3(netdevsim0) entered forwarding state [ 260.394206][ T10] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 260.463602][ T8440] netlink: 36 bytes leftover after parsing attributes in process `syz.5.838'. [ 260.671643][ T10] usb 1-1: Using ep0 maxpacket: 16 [ 260.679588][ T10] usb 1-1: config 6 has an invalid interface number: 5 but max is 0 [ 260.679615][ T10] usb 1-1: config 6 has no interface number 0 [ 260.679673][ T10] usb 1-1: config 6 interface 5 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0 [ 260.688192][ T10] usb 1-1: New USB device found, idVendor=05c6, idProduct=9037, bcdDevice=66.55 [ 260.688222][ T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 260.688240][ T10] usb 1-1: Product: ⠁ [ 260.688254][ T10] usb 1-1: Manufacturer: 倊 [ 260.688267][ T10] usb 1-1: SerialNumber: ᩩ䤾᫳删톣 [ 261.551232][ T10] usb 1-1: USB disconnect, device number 16 [ 261.796822][ T8460] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 266.099148][ T36] kauditd_printk_skb: 59 callbacks suppressed [ 266.099189][ T36] audit: type=1804 audit(1777244017.280:1346): pid=8514 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.5.866" name="/newroot/64/file0" dev="tmpfs" ino=355 res=1 errno=0 [ 268.586026][ T36] audit: type=1804 audit(1777244019.760:1347): pid=8554 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.4.879" name="file0" dev="tmpfs" ino=1077 res=1 errno=0 [ 268.862396][ T8562] : renamed from vlan0 (while UP) [ 270.701904][ T8579] netlink: 40 bytes leftover after parsing attributes in process `syz.3.886'. [ 272.308613][ T8613] netlink: 40 bytes leftover after parsing attributes in process `syz.0.899'. [ 272.425626][ T5744] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 272.529427][ T8619] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 272.588922][ T5744] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 272.588951][ T5744] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 272.588970][ T5744] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 272.589004][ T5744] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 272.591804][ T5744] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 272.591829][ T5744] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 272.591847][ T5744] usb 2-1: Product: syz [ 272.591860][ T5744] usb 2-1: Manufacturer: syz [ 272.749142][ T5744] cdc_wdm 2-1:1.0: skipping garbage [ 272.749159][ T5744] cdc_wdm 2-1:1.0: skipping garbage [ 272.749513][ T5744] cdc_wdm 2-1:1.0: probe with driver cdc_wdm failed with error -22 [ 272.949199][ T48] usb 2-1: USB disconnect, device number 10 [ 273.221669][ T5729] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 273.241183][ T8641] netlink: 40 bytes leftover after parsing attributes in process `syz.3.911'. [ 273.575808][ T5729] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 273.575833][ T5729] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 273.575869][ T5729] usb 1-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.80 [ 273.575888][ T5729] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 273.622208][ T5729] usb 1-1: config 0 descriptor?? [ 274.057331][ T5608] Bluetooth: hci4: command 0x0406 tx timeout [ 274.249228][ T8655] overlayfs: failed to resolve './file0': -2 [ 275.714817][ T36] audit: type=1326 audit(1777244026.890:1348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8676 comm="syz.3.923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01c90ecdd9 code=0x7ffc0000 [ 275.715105][ T36] audit: type=1326 audit(1777244026.890:1349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8676 comm="syz.3.923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01c90ecdd9 code=0x7ffc0000 [ 275.723164][ T36] audit: type=1326 audit(1777244026.900:1350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8676 comm="syz.3.923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01c90ecdd9 code=0x7ffc0000 [ 275.724231][ T36] audit: type=1326 audit(1777244026.900:1351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8676 comm="syz.3.923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01c90ecdd9 code=0x7ffc0000 [ 275.725002][ T36] audit: type=1326 audit(1777244026.900:1352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8676 comm="syz.3.923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f01c90ecdd9 code=0x7ffc0000 [ 275.725041][ T36] audit: type=1326 audit(1777244026.900:1353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8676 comm="syz.3.923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01c90ecdd9 code=0x7ffc0000 [ 275.725078][ T36] audit: type=1326 audit(1777244026.900:1354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8676 comm="syz.3.923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01c90ecdd9 code=0x7ffc0000 [ 275.726507][ T36] audit: type=1326 audit(1777244026.900:1355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8676 comm="syz.3.923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01c90ecdd9 code=0x7ffc0000 [ 275.726636][ T36] audit: type=1326 audit(1777244026.900:1356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8676 comm="syz.3.923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01c90ecdd9 code=0x7ffc0000 [ 275.726889][ T36] audit: type=1326 audit(1777244026.900:1357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8676 comm="syz.3.923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f01c90ecdd9 code=0x7ffc0000 [ 276.160217][ T5606] usb 1-1: USB disconnect, device number 17 [ 281.325923][ T8783] netlink: 8 bytes leftover after parsing attributes in process `syz.1.965'. [ 281.325946][ T8783] netlink: 4 bytes leftover after parsing attributes in process `syz.1.965'. [ 281.639598][ T8783] netlink: 8 bytes leftover after parsing attributes in process `syz.1.965'. [ 281.639621][ T8783] netlink: 4 bytes leftover after parsing attributes in process `syz.1.965'. [ 282.276396][ T8805] netlink: 596 bytes leftover after parsing attributes in process `syz.3.974'. [ 282.299414][ T8806] netlink: 104 bytes leftover after parsing attributes in process `syz.4.975'. [ 282.391883][ T10] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 282.464412][ T8812] netlink: 52 bytes leftover after parsing attributes in process `syz.4.977'. [ 282.541658][ T10] usb 2-1: Using ep0 maxpacket: 16 [ 282.543863][ T10] usb 2-1: config 0 has an invalid interface number: 64 but max is 0 [ 282.543888][ T10] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 282.543907][ T10] usb 2-1: config 0 has no interface number 0 [ 282.543949][ T10] usb 2-1: New USB device found, idVendor=0bd3, idProduct=0555, bcdDevice= 0.5b [ 282.543971][ T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 282.621130][ T10] usb 2-1: config 0 descriptor?? [ 282.705991][ T10] uvcvideo 2-1:0.64: probe with driver uvcvideo failed with error -22 [ 282.835346][ T10] usb 2-1: USB disconnect, device number 11 [ 282.951370][ T8826] netlink: 48 bytes leftover after parsing attributes in process `syz.5.982'. [ 283.891947][ T8841] netlink: 52 bytes leftover after parsing attributes in process `syz.4.988'. [ 286.561723][ T5606] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 286.571235][ T8878] netlink: 52 bytes leftover after parsing attributes in process `syz.3.1000'. [ 286.615392][ T8881] netlink: 79 bytes leftover after parsing attributes in process `syz.4.1002'. [ 286.711708][ T5606] usb 2-1: Using ep0 maxpacket: 16 [ 286.714009][ T5606] usb 2-1: config 0 has an invalid interface number: 64 but max is 0 [ 286.714034][ T5606] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 286.714053][ T5606] usb 2-1: config 0 has no interface number 0 [ 286.714095][ T5606] usb 2-1: New USB device found, idVendor=0bd3, idProduct=0555, bcdDevice= 0.5b [ 286.714118][ T5606] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 286.806935][ T5606] usb 2-1: config 0 descriptor?? [ 287.802682][ T5606] uvcvideo 2-1:0.64: probe with driver uvcvideo failed with error -22 [ 287.982199][ T5606] usb 2-1: USB disconnect, device number 12 [ 288.306541][ T8913] netlink: 52 bytes leftover after parsing attributes in process `syz.5.1014'. [ 288.481522][ T8920] netlink: 79 bytes leftover after parsing attributes in process `syz.3.1016'. [ 288.658534][ T8928] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 289.226329][ T8948] netlink: 79 bytes leftover after parsing attributes in process `syz.0.1028'. [ 289.611698][ T10] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 289.688969][ T36] kauditd_printk_skb: 75 callbacks suppressed [ 289.688987][ T36] audit: type=1804 audit(1777244040.860:1433): pid=8959 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.1.1033" name="/newroot/202/file0" dev="tmpfs" ino=1110 res=1 errno=0 [ 289.765388][ T10] usb 1-1: Using ep0 maxpacket: 16 [ 289.767552][ T10] usb 1-1: config 0 has an invalid interface number: 64 but max is 0 [ 289.767577][ T10] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 289.767595][ T10] usb 1-1: config 0 has no interface number 0 [ 289.767638][ T10] usb 1-1: New USB device found, idVendor=0bd3, idProduct=0555, bcdDevice= 0.5b [ 289.767662][ T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 289.796901][ T10] usb 1-1: config 0 descriptor?? [ 289.829387][ T10] uvcvideo 1-1:0.64: probe with driver uvcvideo failed with error -22 [ 290.015857][ T48] usb 1-1: USB disconnect, device number 18 [ 290.358434][ T8976] netlink: 79 bytes leftover after parsing attributes in process `syz.3.1040'. [ 291.191807][ T8983] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1042'. [ 291.191842][ T8983] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1042'. [ 293.980272][ T36] audit: type=1804 audit(1777244045.150:1434): pid=9019 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.5.1055" name="/newroot/94/file0" dev="tmpfs" ino=510 res=1 errno=0 [ 294.958918][ T36] audit: type=1326 audit(1777244046.130:1435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9030 comm="syz.1.1060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f463812cdd9 code=0x7ffc0000 [ 294.958966][ T36] audit: type=1326 audit(1777244046.130:1436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9030 comm="syz.1.1060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f463812cdd9 code=0x7ffc0000 [ 294.961091][ T36] audit: type=1326 audit(1777244046.130:1437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9030 comm="syz.1.1060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f463812cdd9 code=0x7ffc0000 [ 294.961137][ T36] audit: type=1326 audit(1777244046.130:1438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9030 comm="syz.1.1060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f463812cdd9 code=0x7ffc0000 [ 294.963237][ T36] audit: type=1326 audit(1777244046.130:1439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9030 comm="syz.1.1060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f463812cdd9 code=0x7ffc0000 [ 294.963277][ T36] audit: type=1326 audit(1777244046.140:1440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9030 comm="syz.1.1060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f463812cdd9 code=0x7ffc0000 [ 294.963311][ T36] audit: type=1326 audit(1777244046.140:1441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9030 comm="syz.1.1060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f463812cdd9 code=0x7ffc0000 [ 294.963344][ T36] audit: type=1326 audit(1777244046.140:1442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9030 comm="syz.1.1060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f463812cdd9 code=0x7ffc0000 [ 294.963672][ T36] audit: type=1326 audit(1777244046.140:1443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9030 comm="syz.1.1060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f463812cdd9 code=0x7ffc0000 [ 294.963930][ T36] audit: type=1326 audit(1777244046.140:1444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9030 comm="syz.1.1060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f463812cdd9 code=0x7ffc0000 [ 295.065063][ T9034] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1056'. [ 295.065098][ T9034] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1056'. [ 296.235663][ T9047] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 299.529676][ T9087] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1077'. [ 299.529710][ T9087] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1077'. [ 301.264917][ T9124] : renamed from team_slave_1 (while UP) [ 302.473393][ T9132] netlink: 6032 bytes leftover after parsing attributes in process `syz.0.1093'. [ 308.394194][ T9202] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 309.758180][ T36] kauditd_printk_skb: 144 callbacks suppressed [ 309.758199][ T36] audit: type=1326 audit(1777244060.930:1589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9213 comm="syz.3.1120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01c90ecdd9 code=0x7ffc0000 [ 309.758242][ T36] audit: type=1326 audit(1777244060.930:1590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9213 comm="syz.3.1120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01c90ecdd9 code=0x7ffc0000 [ 309.766898][ T36] audit: type=1326 audit(1777244060.940:1591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9213 comm="syz.3.1120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01c90ecdd9 code=0x7ffc0000 [ 309.766946][ T36] audit: type=1326 audit(1777244060.940:1592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9213 comm="syz.3.1120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01c90ecdd9 code=0x7ffc0000 [ 309.769168][ T36] audit: type=1326 audit(1777244060.940:1593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9213 comm="syz.3.1120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f01c90ecdd9 code=0x7ffc0000 [ 309.769211][ T36] audit: type=1326 audit(1777244060.940:1594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9213 comm="syz.3.1120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01c90ecdd9 code=0x7ffc0000 [ 309.769248][ T36] audit: type=1326 audit(1777244060.940:1595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9213 comm="syz.3.1120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01c90ecdd9 code=0x7ffc0000 [ 309.873847][ T36] audit: type=1326 audit(1777244061.050:1596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9213 comm="syz.3.1120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01c90ecdd9 code=0x7ffc0000 [ 309.873891][ T36] audit: type=1326 audit(1777244061.050:1597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9213 comm="syz.3.1120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01c90ecdd9 code=0x7ffc0000 [ 309.893155][ T36] audit: type=1326 audit(1777244061.050:1598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9213 comm="syz.3.1120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f01c90ecdd9 code=0x7ffc0000 [ 312.349102][ T9269] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 312.656611][ T9276] netlink: 1319 bytes leftover after parsing attributes in process `syz.3.1145'. [ 312.927266][ T9282] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1148'. [ 313.015567][ T9282] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1148'. [ 313.261653][ T9] usb 1-1: new high-speed USB device number 19 using dummy_hcd [ 313.422527][ T9] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 313.422557][ T9] usb 1-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 313.422575][ T9] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 313.422615][ T9] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 313.422640][ T9] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 313.429550][ T9] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 313.429578][ T9] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 313.429597][ T9] usb 1-1: Product: syz [ 313.429610][ T9] usb 1-1: Manufacturer: syz [ 313.542650][ T9] cdc_wdm 1-1:1.0: skipping garbage [ 313.542671][ T9] cdc_wdm 1-1:1.0: skipping garbage [ 313.638608][ T9] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device [ 313.638642][ T9] cdc_wdm 1-1:1.0: Unknown control protocol [ 313.977914][ T9303] bridge0: port 3(netdevsim0) entered blocking state [ 313.978558][ T9303] bridge0: port 3(netdevsim0) entered disabled state [ 313.979808][ T9303] netdevsim netdevsim4 netdevsim0: entered allmulticast mode [ 314.007017][ T9303] netdevsim netdevsim4 netdevsim0: entered promiscuous mode [ 314.016167][ T9303] bridge0: port 3(netdevsim0) entered blocking state [ 314.016787][ T9303] bridge0: port 3(netdevsim0) entered forwarding state [ 315.226857][ T9] usb 1-1: USB disconnect, device number 19 [ 315.655789][ T9318] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 315.833745][ T9321] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1162'. [ 315.899308][ T9321] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1162'. [ 316.019522][ T9328] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 317.179885][ T1335] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.179953][ T1335] ieee802154 phy1 wpan1: encryption failed: -22 [ 318.363102][ T9360] batadv0: entered promiscuous mode [ 318.472872][ T9360] batadv0: left promiscuous mode [ 321.546171][ T9414] netlink: 596 bytes leftover after parsing attributes in process `syz.3.1191'. [ 321.705117][ T9421] netlink: 596 bytes leftover after parsing attributes in process `syz.5.1194'. [ 324.250564][ T36] kauditd_printk_skb: 74 callbacks suppressed [ 324.250588][ T36] audit: type=1326 audit(1777244075.420:1673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9454 comm="syz.4.1206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36f0a8cdd9 code=0x7ffc0000 [ 324.250630][ T36] audit: type=1326 audit(1777244075.420:1674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9454 comm="syz.4.1206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36f0a8cdd9 code=0x7ffc0000 [ 324.259419][ T36] audit: type=1326 audit(1777244075.430:1675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9454 comm="syz.4.1206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36f0a8cdd9 code=0x7ffc0000 [ 324.259478][ T36] audit: type=1326 audit(1777244075.430:1676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9454 comm="syz.4.1206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36f0a8cdd9 code=0x7ffc0000 [ 324.261746][ T36] audit: type=1326 audit(1777244075.430:1677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9454 comm="syz.4.1206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f36f0a8cdd9 code=0x7ffc0000 [ 324.261788][ T36] audit: type=1326 audit(1777244075.430:1678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9454 comm="syz.4.1206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36f0a8cdd9 code=0x7ffc0000 [ 324.261825][ T36] audit: type=1326 audit(1777244075.430:1679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9454 comm="syz.4.1206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36f0a8cdd9 code=0x7ffc0000 [ 324.264540][ T36] audit: type=1326 audit(1777244075.440:1680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9454 comm="syz.4.1206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36f0a8cdd9 code=0x7ffc0000 [ 324.266241][ T36] audit: type=1326 audit(1777244075.440:1681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9454 comm="syz.4.1206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36f0a8cdd9 code=0x7ffc0000 [ 324.266708][ T36] audit: type=1326 audit(1777244075.440:1682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9454 comm="syz.4.1206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f36f0a8cdd9 code=0x7ffc0000 [ 329.813706][ T36] kauditd_printk_skb: 155 callbacks suppressed [ 329.813723][ T36] audit: type=1326 audit(1777244080.990:1838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9530 comm="syz.3.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01c90ecdd9 code=0x7ffc0000 [ 329.813765][ T36] audit: type=1326 audit(1777244080.990:1839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9530 comm="syz.3.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01c90ecdd9 code=0x7ffc0000 [ 329.824907][ T36] audit: type=1326 audit(1777244081.000:1840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9530 comm="syz.3.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01c90ecdd9 code=0x7ffc0000 [ 329.824952][ T36] audit: type=1326 audit(1777244081.000:1841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9530 comm="syz.3.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01c90ecdd9 code=0x7ffc0000 [ 329.826577][ T36] audit: type=1326 audit(1777244081.000:1842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9530 comm="syz.3.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f01c90ecdd9 code=0x7ffc0000 [ 329.826620][ T36] audit: type=1326 audit(1777244081.000:1843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9530 comm="syz.3.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01c90ecdd9 code=0x7ffc0000 [ 329.828114][ T36] audit: type=1326 audit(1777244081.000:1844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9530 comm="syz.3.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01c90ecdd9 code=0x7ffc0000 [ 329.828154][ T36] audit: type=1326 audit(1777244081.000:1845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9530 comm="syz.3.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01c90ecdd9 code=0x7ffc0000 [ 329.829156][ T36] audit: type=1326 audit(1777244081.000:1846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9530 comm="syz.3.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01c90ecdd9 code=0x7ffc0000 [ 329.831234][ T36] audit: type=1326 audit(1777244081.000:1847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9530 comm="syz.3.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f01c90ecdd9 code=0x7ffc0000 [ 331.071738][ T9559] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 332.317684][ T162] tipc: Subscription rejected, illegal request [ 333.444717][ T9596] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 334.773664][ T162] tipc: Subscription rejected, illegal request [ 335.949967][ T48] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 336.784947][ T48] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 336.784977][ T48] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 336.784996][ T48] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 336.785042][ T48] usb 4-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 336.819593][ T48] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 336.819624][ T48] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 336.819644][ T48] usb 4-1: Product: syz [ 336.819657][ T48] usb 4-1: Manufacturer: syz [ 337.151802][ T48] usb 4-1: USB disconnect, device number 8 [ 339.917627][ T9684] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 339.943251][ T9681] netlink: 1004 bytes leftover after parsing attributes in process `syz.1.1286'. [ 340.038896][ T9687] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1288'. [ 342.243273][ T9728] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 343.095663][ T9744] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1307'. [ 343.095688][ T9744] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1307'. [ 343.770153][ T9744] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1307'. [ 343.770177][ T9744] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1307'. [ 344.195860][ T9757] netlink: 6060 bytes leftover after parsing attributes in process `syz.5.1310'. [ 350.020971][ T9825] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 350.561772][ T10] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 350.720319][ T10] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 350.720349][ T10] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 350.720368][ T10] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 350.720416][ T10] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 350.720443][ T10] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 350.731208][ T10] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 350.731236][ T10] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 350.731255][ T10] usb 6-1: Product: syz [ 350.731268][ T10] usb 6-1: Manufacturer: syz [ 350.829603][ T10] cdc_wdm 6-1:1.0: skipping garbage [ 350.829624][ T10] cdc_wdm 6-1:1.0: skipping garbage [ 351.058960][ T10] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device [ 351.058982][ T10] cdc_wdm 6-1:1.0: Unknown control protocol [ 351.219550][ T5729] usb 6-1: USB disconnect, device number 5 [ 351.736955][ T9835] ------------[ cut here ]------------ [ 351.736970][ T9835] kcov->t != t [ 351.736985][ T9835] WARNING: kernel/kcov.c:483 at kcov_task_exit+0xf5/0x160, CPU#1: syz.5.1338/9835 [ 351.737027][ T9835] Modules linked in: [ 351.737051][ T9835] CPU: 1 UID: 0 PID: 9835 Comm: syz.5.1338 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 351.737076][ T9835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 351.737090][ T9835] RIP: 0010:kcov_task_exit+0xf5/0x160 [ 351.737113][ T9835] Code: 10 00 00 48 8b bb 90 00 00 00 e8 c6 b0 55 00 48 89 df 5b 41 5e 41 5f e9 e9 6d 5b 00 7c 1c 5b 41 5e 41 5f c3 cc cc cc cc cc 90 <0f> 0b 90 4c 89 f7 5b 41 5e 41 5f e9 0b d0 59 09 48 89 df be 03 00 [ 351.737130][ T9835] RSP: 0018:ffffc90005fa7d20 EFLAGS: 00010287 [ 351.737148][ T9835] RAX: 77db317d1008ab00 RBX: ffff88802602b800 RCX: 0000000000000000 [ 351.737163][ T9835] RDX: 00000000a7f15e65 RSI: ffffffff8ba74b40 RDI: 00000000ffffffff [ 351.737197][ T9835] RBP: ffffc90005fa7e78 R08: ffffffff8b1e3760 R09: ffffffff8dfc8140 [ 351.737214][ T9835] R10: dffffc0000000000 R11: fffffbfff1f11a3f R12: dffffc0000000000 [ 351.737229][ T9835] R13: 0000000000000000 R14: ffff88802602b808 R15: ffff88802e3a9ec0 [ 351.737244][ T9835] FS: 000055557ce80500(0000) GS:ffff88812627d000(0000) knlGS:0000000000000000 [ 351.737262][ T9835] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 351.737276][ T9835] CR2: 00007f01c91564f0 CR3: 00000000289ba000 CR4: 00000000003526f0 [ 351.737295][ T9835] Call Trace: [ 351.737302][ T9835] [ 351.737313][ T9835] do_exit+0x150/0x22c0 [ 351.737344][ T9835] ? lockdep_hardirqs_on+0x7a/0x110 [ 351.737376][ T9835] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 351.737408][ T9835] ? reacquire_held_locks+0x104/0x190 [ 351.737438][ T9835] ? rt_spin_lock+0x1e0/0x400 [ 351.737463][ T9835] ? __pfx_do_exit+0x10/0x10 [ 351.737489][ T9835] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 351.737523][ T9835] ? rt_spin_unlock+0x160/0x200 [ 351.737551][ T9835] do_group_exit+0x21b/0x2d0 [ 351.737581][ T9835] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 351.737604][ T9835] __x64_sys_exit_group+0x3f/0x40 [ 351.737631][ T9835] x64_sys_call+0x221a/0x2240 [ 351.737665][ T9835] do_syscall_64+0x15f/0xf80 [ 351.737684][ T9835] ? trace_irq_disable+0x3b/0x140 [ 351.737709][ T9835] ? clear_bhb_loop+0x40/0x90 [ 351.737735][ T9835] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 351.737755][ T9835] RIP: 0033:0x7fab3584cdd9 [ 351.737773][ T9835] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 351.737790][ T9835] RSP: 002b:00007ffc6bb95838 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 351.737811][ T9835] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fab3584cdd9 [ 351.737825][ T9835] RDX: 00007fab34aa1000 RSI: 0000000000000000 RDI: 0000000000000000 [ 351.737839][ T9835] RBP: 00007ffc6bb9589c R08: 0000000000000000 R09: 00000000000927c0 [ 351.737852][ T9835] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000093 [ 351.737865][ T9835] R13: 00000000000927c0 R14: 000000000005571c R15: 00007ffc6bb958f0 [ 351.737898][ T9835] [ 351.737907][ T9835] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 351.737923][ T9835] CPU: 1 UID: 0 PID: 9835 Comm: syz.5.1338 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 351.737946][ T9835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 351.737958][ T9835] Call Trace: [ 351.737966][ T9835] [ 351.737974][ T9835] vpanic+0x56c/0xa60 [ 351.738001][ T9835] ? __pfx__printk+0x10/0x10 [ 351.738029][ T9835] ? __pfx_vpanic+0x10/0x10 [ 351.738051][ T9835] ? is_bpf_text_address+0x292/0x2b0 [ 351.738078][ T9835] ? is_bpf_text_address+0x26/0x2b0 [ 351.738113][ T9835] panic+0xc5/0xd0 [ 351.738136][ T9835] ? __pfx_panic+0x10/0x10 [ 351.738177][ T9835] __warn+0x315/0x4c0 [ 351.738200][ T9835] ? kcov_task_exit+0xf5/0x160 [ 351.738222][ T9835] ? kcov_task_exit+0xf5/0x160 [ 351.738244][ T9835] __report_bug+0x29a/0x540 [ 351.738279][ T9835] ? kcov_task_exit+0xf5/0x160 [ 351.738298][ T9835] ? __pfx___report_bug+0x10/0x10 [ 351.738330][ T9835] ? __pfx_rtlock_slowlock_locked+0x10/0x10 [ 351.738361][ T9835] ? rt_spin_lock+0x1e0/0x400 [ 351.738387][ T9835] ? rt_spin_lock+0x1e0/0x400 [ 351.738415][ T9835] ? kcov_task_exit+0xf5/0x160 [ 351.738435][ T9835] report_bug+0x16a/0x220 [ 351.738465][ T9835] ? kcov_task_exit+0xf5/0x160 [ 351.738484][ T9835] ? kcov_task_exit+0xf7/0x160 [ 351.738508][ T9835] handle_bug+0x9c/0x200 [ 351.738530][ T9835] exc_invalid_op+0x1a/0x50 [ 351.738552][ T9835] asm_exc_invalid_op+0x1a/0x20 [ 351.738571][ T9835] RIP: 0010:kcov_task_exit+0xf5/0x160 [ 351.738592][ T9835] Code: 10 00 00 48 8b bb 90 00 00 00 e8 c6 b0 55 00 48 89 df 5b 41 5e 41 5f e9 e9 6d 5b 00 7c 1c 5b 41 5e 41 5f c3 cc cc cc cc cc 90 <0f> 0b 90 4c 89 f7 5b 41 5e 41 5f e9 0b d0 59 09 48 89 df be 03 00 [ 351.738610][ T9835] RSP: 0018:ffffc90005fa7d20 EFLAGS: 00010287 [ 351.738628][ T9835] RAX: 77db317d1008ab00 RBX: ffff88802602b800 RCX: 0000000000000000 [ 351.738643][ T9835] RDX: 00000000a7f15e65 RSI: ffffffff8ba74b40 RDI: 00000000ffffffff [ 351.738665][ T9835] RBP: ffffc90005fa7e78 R08: ffffffff8b1e3760 R09: ffffffff8dfc8140 [ 351.738680][ T9835] R10: dffffc0000000000 R11: fffffbfff1f11a3f R12: dffffc0000000000 [ 351.738695][ T9835] R13: 0000000000000000 R14: ffff88802602b808 R15: ffff88802e3a9ec0 [ 351.738718][ T9835] ? rt_spin_lock+0x1e0/0x400 [ 351.738753][ T9835] do_exit+0x150/0x22c0 [ 351.738779][ T9835] ? lockdep_hardirqs_on+0x7a/0x110 [ 351.738810][ T9835] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 351.738842][ T9835] ? reacquire_held_locks+0x104/0x190 [ 351.738872][ T9835] ? rt_spin_lock+0x1e0/0x400 [ 351.738896][ T9835] ? __pfx_do_exit+0x10/0x10 [ 351.738922][ T9835] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 351.738956][ T9835] ? rt_spin_unlock+0x160/0x200 [ 351.738984][ T9835] do_group_exit+0x21b/0x2d0 [ 351.739014][ T9835] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 351.739036][ T9835] __x64_sys_exit_group+0x3f/0x40 [ 351.739063][ T9835] x64_sys_call+0x221a/0x2240 [ 351.739087][ T9835] do_syscall_64+0x15f/0xf80 [ 351.739105][ T9835] ? trace_irq_disable+0x3b/0x140 [ 351.739128][ T9835] ? clear_bhb_loop+0x40/0x90 [ 351.739153][ T9835] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 351.739173][ T9835] RIP: 0033:0x7fab3584cdd9 [ 351.739191][ T9835] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 351.739208][ T9835] RSP: 002b:00007ffc6bb95838 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 351.739229][ T9835] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fab3584cdd9 [ 351.739244][ T9835] RDX: 00007fab34aa1000 RSI: 0000000000000000 RDI: 0000000000000000 [ 351.739258][ T9835] RBP: 00007ffc6bb9589c R08: 0000000000000000 R09: 00000000000927c0 [ 351.739272][ T9835] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000093 [ 351.739285][ T9835] R13: 00000000000927c0 R14: 000000000005571c R15: 00007ffc6bb958f0 [ 351.739318][ T9835] [ 351.739468][ T9835] Kernel Offset: disabled