last executing test programs: 3.237229681s ago: executing program 0 (id=1060): socket(0x10, 0x803, 0x4) bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000007b00000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) epoll_create(0x988f) socket$inet6_tcp(0xa, 0x1, 0x0) socket$phonet_pipe(0x23, 0x5, 0x2) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.swap.current\x00', 0x275a, 0x0) socket(0x2, 0x80805, 0x0) syz_clone3(&(0x7f00000003c0)={0xac021080, &(0x7f0000000040), 0x0, 0x0, {0x3c}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000001400), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000300), 0x111, 0x2}}, 0x20) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0xffffffff}, 0x8) writev(r1, &(0x7f0000000040)=[{&(0x7f0000000100), 0x86}], 0x2) 3.124219506s ago: executing program 0 (id=1062): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) ioctl$TIOCSPGRP(0xffffffffffffffff, 0x5410, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) getpid() write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x15, &(0x7f0000000100)={@remote}, 0x14) r2 = socket(0x10, 0x803, 0x0) sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r3, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c000200080001"], 0x3c}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000004c0)=ANY=[@ANYBLOB="5800000010001fff000000000100008000000000", @ANYRES32=0x0, @ANYBLOB="0000000008440000300012800b00010067656e6576650000200002800500090001000000140007000000000000000000000000000000000108000a00", @ANYRES32=r3, @ANYBLOB="282ee12a75702e2de93177407842bfab3fb88f0aadede4d840a2283b6c9651c5c932d2da6a8f855a5be531239858f8e1b80226f75b1ece90481717e67fbedcfb215e28c9bb772137891632094f"], 0x58}, 0x1, 0x0, 0x0, 0x40000}, 0x80) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000000)={0x20, 0x0, &(0x7f0000000140)=[@clear_death={0x400c630f, 0x3}, @request_death={0x400c630e, 0x1}], 0x0, 0x0, 0x0}) r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r5 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r4, &(0x7f0000000480)={0x2, 0x4e24, @multicast1}, 0x10) sendmmsg$inet(r5, &(0x7f0000001140)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000001c40)="03", 0x1}], 0x1}}], 0x1, 0xc010) write$binfmt_misc(r4, &(0x7f0000000000), 0x6) 2.563023851s ago: executing program 2 (id=1068): r0 = socket$kcm(0xa, 0x1, 0x106) sendmsg$kcm(r0, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x4001, 0x0, @empty}, 0x80, 0x0}, 0x20000001) r1 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000280)}], 0x1}, 0x0) 2.436001056s ago: executing program 2 (id=1069): r0 = io_uring_setup(0x1195, &(0x7f0000000040)={0x0, 0x100c8a2, 0xc000, 0x8, 0x328}) io_uring_enter(r0, 0x2219, 0xcf74, 0x16, 0x0, 0x0) 2.197147056s ago: executing program 2 (id=1071): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="640000000206010200000000000000000000000015000300686173683a69702c706f72742c6e6574000000000900020073797a32000000000500040000000000140007800800124000000000050015002200000005000500020000000500010006"], 0x64}}, 0x0) sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000640)={0x1c, 0x3, 0x6, 0x401, 0x0, 0x0, {0x7, 0x0, 0x2}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8ff20c2c10f0093d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000180)={'syztnl2\x00', &(0x7f0000000340)={'ip6tnl0\x00', 0x0, 0x2f, 0x7, 0x0, 0x90, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, @loopback, 0x0, 0x0, 0xb, 0x67a}}) 2.179290187s ago: executing program 3 (id=1072): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='contention_begin\x00', r0}, 0x18) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000120000007f00000001"], 0x48) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000200)={r1, 0x0, 0x0}, 0x20) 2.075774701s ago: executing program 2 (id=1073): socket$kcm(0x10, 0x5, 0x10) r0 = socket$kcm(0x10, 0x2, 0x10) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r1}, 0x18) recvmsg(r0, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x20) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000000)="d80000001c0081044e81f782db44b904021d080304000000e8fe03a118001500", 0x20}], 0x1, 0x0, 0x0, 0x7400}, 0x5) socket$kcm(0x10, 0x2, 0x0) socket$kcm(0x10, 0x2, 0x0) socket$kcm(0xa, 0x922000000003, 0x11) bpf$MAP_CREATE(0x0, 0x0, 0x48) socketpair(0x1, 0x20000000000001, 0x0, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r3 = openat$cgroup_int(r2, &(0x7f0000000800)='cpuset.mems\x00', 0x2, 0x0) r4 = openat$cgroup_procs(r2, &(0x7f0000000840)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r4, &(0x7f0000000380), 0x12) write$cgroup_int(r3, &(0x7f0000000040), 0x1) 1.87311979s ago: executing program 3 (id=1074): syz_genetlink_get_family_id$nl80211(&(0x7f000000b500), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_TID_CONFIG(r0, &(0x7f000000d040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x0) 1.807049472s ago: executing program 3 (id=1075): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000001000000000000000000851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000100006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x8}, 0x94) socket$nl_route(0x10, 0x3, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000a80)='kfree\x00', r0, 0x0, 0xfffffffffffffffe}, 0x18) add_key$keyring(&(0x7f0000000000), &(0x7f0000000100)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$TOKEN_CREATE(0x24, &(0x7f00000002c0), 0x8) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'hsr0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x839, 0x70bd25, 0x0, {0x0, 0x0, 0x0, r3, {0x3, 0x6}, {0x7}, {0x3}}}, 0x24}}, 0x0) 1.569938713s ago: executing program 0 (id=1077): r0 = socket$kcm(0xa, 0x1, 0x106) sendmsg$kcm(r0, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x4001, 0x0, @empty}, 0x80, 0x0}, 0x20000001) r1 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000280)}], 0x1}, 0x0) 1.465219828s ago: executing program 3 (id=1078): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x2c, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x10040057}, 0x240008c4) 1.464729308s ago: executing program 0 (id=1079): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) close(r1) socket$nl_generic(0x10, 0x3, 0x10) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0xd, 0xfffffffb, 0x7fffffff}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040084) sendmsg$nl_route_sched(r3, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=@newqdisc={0x48, 0x28, 0x4ee4e6a52ff56541, 0x4003, 0xfffffdfc, {0x0, 0x0, 0x0, r5, {0x10}, {}, {0x2, 0x1}}, [@qdisc_kind_options=@q_cbq={{0x8}, {0x1c, 0x2, [@TCA_CBS_PARMS={0x18, 0x1, {0x3, '\x00', 0x5, 0x6, 0x3, 0x8}}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x40098}, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) r7 = socket$packet(0x11, 0x3, 0x300) sendto$packet(r7, &(0x7f0000000140)="bad330fbc9b5544972e7a5ea0756", 0xe, 0x40, &(0x7f00000001c0)={0x11, 0x1a, r6, 0x1, 0xd8, 0x6, @random="98c8ca7122df"}, 0x14) r8 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_CMD_ENABLE_BEARER(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0) 1.388997401s ago: executing program 3 (id=1080): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10) capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000000140)={0x0, 0x0, 0xf, 0x81, 0xfffffffb}) bind$bt_hci(r0, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6) io_setup(0x8f0, &(0x7f0000002400)=0x0) io_submit(r3, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2002000000, 0x4, 0x0, 0x1, 0x0, r0, &(0x7f0000000040)="5400ffff0000", 0x6, 0x0, 0x0, 0x2}]) 1.357239862s ago: executing program 1 (id=1081): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x32, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21000000}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r1}, 0x9) r2 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000300)={'vxcan1\x00', 0x0}) bind$can_raw(r2, &(0x7f0000000000)={0x1d, r3}, 0x10) bind$can_raw(r2, &(0x7f0000000080), 0x10) 1.201336829s ago: executing program 1 (id=1082): r0 = socket(0x10, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000080)={'syztnl1\x00', 0x0}) 1.17081126s ago: executing program 1 (id=1083): syz_genetlink_get_family_id$nl80211(&(0x7f000000b500), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_TID_CONFIG(r0, &(0x7f000000d040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x0) 1.086837424s ago: executing program 0 (id=1084): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000480)="5c00000012006bab9a3fe3d86e17aa0b046b876c1d0048380019001931a0e69ee517d34460bc06000000a701251e6182949a3651f60a84c9f4d4938037e70e4509c51c268811000000000000000000002571cd53b9851b", 0x57}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) recvmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000004a40)=""/4081, 0xff1}, {&(0x7f0000001880)=""/4105, 0x1009}, {&(0x7f00000030c0)=""/180, 0xb4}, {&(0x7f0000000380)=""/103, 0x67}], 0x4}, 0x40002000) 1.086203134s ago: executing program 2 (id=1085): syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4) syz_emit_ethernet(0x42, &(0x7f0000000340)={@broadcast, @random="0000060000ff", @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0xc, 0x11, 0x0, @remote, @local, {[], {0x4e21, 0x4e21, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}}, 0x0) syz_open_dev$dri(0x0, 0x9, 0x4d0200) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$kcm(0x2, 0x200000000000001, 0x0) setsockopt$sock_attach_bpf(r3, 0x1, 0x50, 0x0, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a300000dd000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001380)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x8}}, [@NFT_MSG_NEWRULE={0x40, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x14, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @cmp={{0x8}, @val={0x4}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x452369c81ff10127}}}, 0x68}}, 0x0) 1.009152687s ago: executing program 3 (id=1086): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) ioctl$TIOCSPGRP(0xffffffffffffffff, 0x5410, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) getpid() write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x15, &(0x7f0000000100)={@remote}, 0x14) r2 = socket(0x10, 0x803, 0x0) sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r3, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c000200080001"], 0x3c}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000004c0)=ANY=[@ANYBLOB="5800000010001fff000000000100008000000000", @ANYRES32=0x0, @ANYBLOB="0000000008440000300012800b00010067656e6576650000200002800500090001000000140007000000000000000000000000000000000108000a00", @ANYRES32=r3, @ANYBLOB="282ee12a75702e2de93177407842bfab3fb88f0aadede4d840a2283b6c9651c5c932d2da6a8f855a5be531239858f8e1b80226f75b1ece90481717e67fbedcfb215e28c9bb772137891632094f"], 0x58}, 0x1, 0x0, 0x0, 0x40000}, 0x80) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000000)={0x20, 0x0, &(0x7f0000000140)=[@clear_death={0x400c630f, 0x3}, @request_death={0x400c630e, 0x1}], 0x0, 0x0, 0x0}) r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r5 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r4, &(0x7f0000000480)={0x2, 0x4e24, @multicast1}, 0x10) sendmmsg$inet(r5, &(0x7f0000001140)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000001c40)="03", 0x1}], 0x1}}], 0x1, 0xc010) write$binfmt_misc(r4, &(0x7f0000000000), 0x6) 1.008778557s ago: executing program 1 (id=1087): r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={0x0, r0}, 0x18) r1 = getpgrp(0x0) r2 = syz_pidfd_open(r1, 0x0) setns(r2, 0x34020000) 872.699723ms ago: executing program 1 (id=1088): r0 = socket$kcm(0xa, 0x1, 0x106) sendmsg$kcm(r0, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x4001, 0x0, @empty}, 0x80, 0x0}, 0x20000001) r1 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000280)="89000000120081ae08061cdc030ec080000000060000000100e2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32ef", 0x45}], 0x1}, 0x0) 68.427287ms ago: executing program 2 (id=1089): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xc94284a3061bb7fe, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0xffffffffffffffff}, 0x18) socket$nl_route(0x10, 0x3, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f00000007c0)={[{@nodioread_nolock}, {@errors_remount}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5a}}, {@nouid32}, {@resgid}, {@acl}, {@init_itable_val={'init_itable', 0x3d, 0x3}}]}, 0x1, 0x46f, &(0x7f0000000bc0)="$eJzs281rHOUfAPDvTF7a/vqS/Gp9aa0aLUJQTJq0ag9eFAWRioIe6jEm2xK6baSJYmuxqYgnQQp6Fo+if4E3EUQ9CV49eZJC0V7aeorM7Ey62WYTazaZ2P18YLPPM/PszvebeXv2eXYD6FpD2Z8kYkdE/BoRA43q0gZDjafrV89P3rh6fjKJhYXX/kjydteunp8sm5av215UhtOI9MOk2MhSs2fPnZyo12tnivro3Km3RmfPnnvinVMTJ2onaqfHjxw5fGjs6afGn+xInlle1/a9P7N/74tvXHp58tilN3/8Oot3R7G+OY9OGcoS/3Mh17ru0U5vrGI7m8pJb4WBcFt6IiLbXX35+T8QPXFz5w3ECx9UGhywrrJ705b2q+cXgDtYElVHAFSjvNFnn3/LxwZ1PTaFK882PgBleV8vHo01vZEWbfpaPt920lBEHJv/6/PsEes0DgEA0Ozjyc+O9kfEeze+einrewwsrknjnvz5t/zvrmIOZTAi/h8RuyPirojYExF3R+Rt742I+9YYz639n/TyGt9yRVn/75libmtp/6/s/cVgT1HbmefflxyfrtcOFv+T4ejbktXHVtjGt8//8km7dc39v+yRbb/sCxZxXO5tGaCbmpibyDulHXDlYsS+3uXyTxZnApKI2BsR+27vrXeVhenHvtzfrtHq+a+gA/NMC19k6c1n+c9HS/6lpHl+cvqW+cnRrVGvHRwtj4pb/fTzR6+22/6a8u+AK7XGc9P+b20ymDTP1852dvv/8vhP+5PX83nm/mLZuxNzc2fGIvqTo3l9yfLxm68t62X77PgfPrD8+b+7eE2W//0RkR3ED0TEgxHxUBH7wxHxSEQcWCHHH55bPf9IK9r/FyOmlr3+LR7/Lfv/9gs9J7//pt32/9n+P5yXhosl+fVvFcuFk10uWgNcy/8OAAAA/ivS/DvwSTqyWE7TkZHGd/j3xP/S+szs3OPHZ94+PdX4rvxg9KXlSNdAMR5an67XxpL54h0b46PjxVhxOV56qBg3/rRnW14fmZypT1WcO3S77W3O/8zvPVVHB6yzbcsuHe/f8ECACrTOo6dLqxdeCRcDuFP5vTZ0r1XO/3Sj4gA2nvs/dK/lzv8LLXVzAXBncv+H7uX8hy6Vfld1BECF3P+hK63ld/3rWNi6OcKoprBZd0peiCgL6aaIR2GdClVfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADrj7wAAAP//KFzmgQ==") 719.07µs ago: executing program 0 (id=1090): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='kfree\x00', r1, 0x0, 0x115}, 0x18) r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000001400), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000380)={0xffffffffffffffff}, 0x106, 0x8}}, 0x20) write$RDMA_USER_CM_CMD_QUERY(r2, &(0x7f0000000000)={0x13, 0x10, 0xfa00, {&(0x7f0000000180), r3, 0x1}}, 0x18) 0s ago: executing program 1 (id=1091): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x8d40, 0x0) ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0xfffffffa) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) setpgid(0xffffffffffffffff, 0x0) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000004040), 0x40000000000016e, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) bpf$MAP_CREATE(0x0, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, 0x0, 0x0) sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x40}, 0x1, 0x0, 0x0, 0x4004}, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) r7 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r7, 0x1, 0x25, &(0x7f0000000540)=0x550, 0x4) setsockopt$inet6_int(r7, 0x29, 0x2, 0x0, 0x0) setsockopt$inet6_int(r7, 0x29, 0x8, &(0x7f0000000040)=0x3de8e7ea, 0x4) sendmsg$NL80211_CMD_SET_INTERFACE(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r5, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.239' (ED25519) to the list of known hosts. syzkaller login: [ 64.056881][ T5771] cgroup: Unknown subsys name 'net' [ 64.220280][ T5771] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 65.619483][ T5771] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 67.617547][ T5783] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 67.634562][ T5783] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 67.643066][ T5797] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 67.650869][ T5797] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 67.659197][ T5797] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 67.666576][ T5797] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 67.675113][ T5797] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 67.675345][ T5791] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 67.683062][ T5797] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 67.697920][ T5797] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 67.706171][ T5791] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 67.707001][ T5786] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 67.720704][ T5795] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 67.722914][ T5786] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 67.736023][ T5786] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 67.741800][ T5795] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 67.743135][ T5798] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 67.758389][ T5795] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 67.766134][ T5795] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 67.774612][ T5104] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 67.774708][ T5795] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 67.782238][ T5104] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 67.796264][ T5104] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 67.796813][ T5795] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 68.220594][ T5784] chnl_net:caif_netlink_parms(): no params data found [ 68.271670][ T5781] chnl_net:caif_netlink_parms(): no params data found [ 68.367658][ T5789] chnl_net:caif_netlink_parms(): no params data found [ 68.422511][ T5780] chnl_net:caif_netlink_parms(): no params data found [ 68.432109][ T5784] bridge0: port 1(bridge_slave_0) entered blocking state [ 68.440928][ T5784] bridge0: port 1(bridge_slave_0) entered disabled state [ 68.448238][ T5784] bridge_slave_0: entered allmulticast mode [ 68.455571][ T5784] bridge_slave_0: entered promiscuous mode [ 68.490579][ T5784] bridge0: port 2(bridge_slave_1) entered blocking state [ 68.497908][ T5784] bridge0: port 2(bridge_slave_1) entered disabled state [ 68.505092][ T5784] bridge_slave_1: entered allmulticast mode [ 68.511703][ T5784] bridge_slave_1: entered promiscuous mode [ 68.603150][ T5781] bridge0: port 1(bridge_slave_0) entered blocking state [ 68.610502][ T5781] bridge0: port 1(bridge_slave_0) entered disabled state [ 68.617885][ T5781] bridge_slave_0: entered allmulticast mode [ 68.625229][ T5781] bridge_slave_0: entered promiscuous mode [ 68.636224][ T5789] bridge0: port 1(bridge_slave_0) entered blocking state [ 68.643331][ T5789] bridge0: port 1(bridge_slave_0) entered disabled state [ 68.650678][ T5789] bridge_slave_0: entered allmulticast mode [ 68.658055][ T5789] bridge_slave_0: entered promiscuous mode [ 68.666361][ T5789] bridge0: port 2(bridge_slave_1) entered blocking state [ 68.673487][ T5789] bridge0: port 2(bridge_slave_1) entered disabled state [ 68.680733][ T5789] bridge_slave_1: entered allmulticast mode [ 68.687366][ T5789] bridge_slave_1: entered promiscuous mode [ 68.696966][ T5784] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 68.706474][ T5781] bridge0: port 2(bridge_slave_1) entered blocking state [ 68.713575][ T5781] bridge0: port 2(bridge_slave_1) entered disabled state [ 68.721200][ T5781] bridge_slave_1: entered allmulticast mode [ 68.728447][ T5781] bridge_slave_1: entered promiscuous mode [ 68.767312][ T5784] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 68.819777][ T5781] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 68.833325][ T5781] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 68.854421][ T5789] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 68.879258][ T5784] team0: Port device team_slave_0 added [ 68.893062][ T5780] bridge0: port 1(bridge_slave_0) entered blocking state [ 68.900838][ T5780] bridge0: port 1(bridge_slave_0) entered disabled state [ 68.908604][ T5780] bridge_slave_0: entered allmulticast mode [ 68.915798][ T5780] bridge_slave_0: entered promiscuous mode [ 68.924458][ T5789] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 68.933644][ T5780] bridge0: port 2(bridge_slave_1) entered blocking state [ 68.941041][ T5780] bridge0: port 2(bridge_slave_1) entered disabled state [ 68.948486][ T5780] bridge_slave_1: entered allmulticast mode [ 68.955924][ T5780] bridge_slave_1: entered promiscuous mode [ 68.964290][ T5784] team0: Port device team_slave_1 added [ 69.013138][ T5781] team0: Port device team_slave_0 added [ 69.034894][ T5789] team0: Port device team_slave_0 added [ 69.062098][ T5781] team0: Port device team_slave_1 added [ 69.071318][ T5789] team0: Port device team_slave_1 added [ 69.090191][ T5780] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 69.100224][ T5784] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 69.107240][ T5784] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.133184][ T5784] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 69.146974][ T5784] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 69.154080][ T5784] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.180125][ T5784] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 69.211193][ T5780] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 69.251579][ T5789] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 69.258927][ T5789] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.285163][ T5789] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 69.311559][ T5780] team0: Port device team_slave_0 added [ 69.318828][ T5781] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 69.325873][ T5781] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.354081][ T5781] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 69.367041][ T5781] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 69.374245][ T5781] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.404074][ T5781] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 69.420163][ T5789] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 69.427172][ T5789] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.453434][ T5789] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 69.476764][ T5780] team0: Port device team_slave_1 added [ 69.501552][ T5784] hsr_slave_0: entered promiscuous mode [ 69.508120][ T5784] hsr_slave_1: entered promiscuous mode [ 69.583517][ T5780] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 69.590537][ T5780] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.616841][ T5780] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 69.630113][ T5780] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 69.637460][ T5780] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.663569][ T5780] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 69.722986][ T5789] hsr_slave_0: entered promiscuous mode [ 69.729374][ T5789] hsr_slave_1: entered promiscuous mode [ 69.736430][ T5789] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 69.745139][ T5789] Cannot create hsr debugfs directory [ 69.775473][ T5781] hsr_slave_0: entered promiscuous mode [ 69.781680][ T5781] hsr_slave_1: entered promiscuous mode [ 69.788102][ T5781] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 69.795781][ T5781] Cannot create hsr debugfs directory [ 69.815761][ T51] Bluetooth: hci3: command tx timeout [ 69.815774][ T5795] Bluetooth: hci0: command tx timeout [ 69.894461][ T51] Bluetooth: hci1: command tx timeout [ 69.894478][ T5795] Bluetooth: hci2: command tx timeout [ 69.929369][ T5780] hsr_slave_0: entered promiscuous mode [ 69.935779][ T5780] hsr_slave_1: entered promiscuous mode [ 69.941827][ T5780] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 69.949512][ T5780] Cannot create hsr debugfs directory [ 70.197900][ T5784] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 70.217563][ T5784] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 70.228511][ T5784] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 70.247954][ T5784] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 70.298403][ T5789] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 70.318668][ T5789] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 70.328335][ T5789] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 70.347632][ T5789] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 70.395992][ T5781] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 70.432554][ T5781] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 70.443553][ T5781] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 70.462514][ T5781] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 70.512263][ T5780] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 70.538376][ T5780] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 70.553754][ T5780] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 70.570411][ T5780] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 70.660639][ T5784] 8021q: adding VLAN 0 to HW filter on device bond0 [ 70.688462][ T5789] 8021q: adding VLAN 0 to HW filter on device bond0 [ 70.702498][ T5784] 8021q: adding VLAN 0 to HW filter on device team0 [ 70.733832][ T5789] 8021q: adding VLAN 0 to HW filter on device team0 [ 70.760435][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.767759][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 70.779481][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.786595][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 70.809126][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.816227][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 70.831895][ T2963] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.839062][ T2963] bridge0: port 2(bridge_slave_1) entered forwarding state [ 70.893754][ T5781] 8021q: adding VLAN 0 to HW filter on device bond0 [ 70.955233][ T5780] 8021q: adding VLAN 0 to HW filter on device bond0 [ 70.977778][ T5780] 8021q: adding VLAN 0 to HW filter on device team0 [ 71.023544][ T2963] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.030722][ T2963] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.048631][ T2963] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.055812][ T2963] bridge0: port 2(bridge_slave_1) entered forwarding state [ 71.075332][ T5781] 8021q: adding VLAN 0 to HW filter on device team0 [ 71.092441][ T2963] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.099621][ T2963] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.173537][ T2963] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.180717][ T2963] bridge0: port 2(bridge_slave_1) entered forwarding state [ 71.278459][ T5784] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 71.433244][ T5784] veth0_vlan: entered promiscuous mode [ 71.463129][ T5789] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 71.482817][ T5784] veth1_vlan: entered promiscuous mode [ 71.501068][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.509094][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.605266][ T5784] veth0_macvtap: entered promiscuous mode [ 71.636083][ T5789] veth0_vlan: entered promiscuous mode [ 71.644267][ T5784] veth1_macvtap: entered promiscuous mode [ 71.687573][ T5784] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 71.700587][ T5784] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 71.718853][ T5780] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 71.733397][ T5784] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.744874][ T5784] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.754522][ T5784] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.763236][ T5784] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.783658][ T5789] veth1_vlan: entered promiscuous mode [ 71.848370][ T5789] veth0_macvtap: entered promiscuous mode [ 71.880750][ T5781] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 71.893059][ T5789] veth1_macvtap: entered promiscuous mode [ 71.899048][ T51] Bluetooth: hci0: command tx timeout [ 71.904774][ T5795] Bluetooth: hci3: command tx timeout [ 71.933635][ T5780] veth0_vlan: entered promiscuous mode [ 71.939782][ T48] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 71.949306][ T5780] veth1_vlan: entered promiscuous mode [ 71.956909][ T48] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.974672][ T51] Bluetooth: hci2: command tx timeout [ 71.974716][ T5795] Bluetooth: hci1: command tx timeout [ 72.026938][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 72.039035][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.050308][ T5789] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 72.061079][ T2970] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.066448][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 72.079516][ T2970] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 72.088212][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.100585][ T5789] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 72.118634][ T5789] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.127831][ T5789] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.137846][ T5789] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.146629][ T5789] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.221434][ T5781] veth0_vlan: entered promiscuous mode [ 72.240900][ T5780] veth0_macvtap: entered promiscuous mode [ 72.288106][ T5780] veth1_macvtap: entered promiscuous mode [ 72.328115][ T5781] veth1_vlan: entered promiscuous mode [ 72.377633][ T5780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 72.388720][ T5780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.399521][ T5780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 72.410859][ T5780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.423546][ T5780] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 72.464600][ T48] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.472424][ T48] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 72.496230][ T5780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 72.513503][ T5780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.523874][ T5780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 72.542799][ T5780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.565601][ T5780] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 72.636084][ T5780] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.645095][ T2963] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.649498][ T5780] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.662665][ T5780] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.671556][ T2963] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 72.679092][ T5780] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.697867][ T5781] veth0_macvtap: entered promiscuous mode [ 72.733387][ T5781] veth1_macvtap: entered promiscuous mode [ 72.809258][ T5781] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 72.833341][ T5781] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.877889][ T5781] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 72.902767][ T5781] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.938277][ T5781] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 72.956430][ T5781] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.968608][ T5781] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 72.987631][ T5781] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 72.998450][ T5781] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.008753][ T5781] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 73.019718][ T5781] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.030235][ T5781] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 73.041774][ T5781] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.060377][ T5781] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 73.118548][ T5781] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.157192][ T5781] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.262721][ T5781] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.356242][ T5781] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.614486][ T5888] xt_CT: No such helper "pptp" [ 73.785394][ T5854] usb 4-1: new full-speed USB device number 2 using dummy_hcd [ 73.850280][ T2970] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.859559][ T2970] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.905187][ T2970] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.913002][ T2970] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.960173][ T2963] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.970632][ T2963] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.979672][ T5795] Bluetooth: hci3: command tx timeout [ 73.984531][ T51] Bluetooth: hci0: command tx timeout [ 74.008115][ T5854] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0 [ 74.018790][ T5854] usb 4-1: config 0 interface 0 has no altsetting 0 [ 74.033187][ T5854] usb 4-1: New USB device found, idVendor=15c2, idProduct=0041, bcdDevice=1f.20 [ 74.044883][ T5854] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 74.053010][ T5854] usb 4-1: Product: syz [ 74.058245][ T5795] Bluetooth: hci1: command tx timeout [ 74.063834][ T5854] usb 4-1: Manufacturer: syz [ 74.068852][ T5795] Bluetooth: hci2: command tx timeout [ 74.076065][ T5854] usb 4-1: SerialNumber: syz [ 74.090958][ T5854] usb 4-1: config 0 descriptor?? [ 74.096204][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 74.098993][ T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.120950][ T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 74.453593][ T5897] syz.3.4[5897]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 74.493946][ T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!! [ 75.424483][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 75.433091][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 75.964277][ T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!! [ 76.073825][ T5795] Bluetooth: hci3: command tx timeout [ 76.073835][ T51] Bluetooth: hci0: command tx timeout [ 76.134711][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 76.136339][ T5795] Bluetooth: hci2: command tx timeout [ 76.143257][ T51] Bluetooth: hci1: command tx timeout [ 76.177463][ T5905] netlink: 'syz.1.9': attribute type 10 has an invalid length. [ 76.193474][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 76.247235][ T27] audit: type=1800 audit(1763744672.915:2): pid=5896 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.3" name="bus" dev="ramfs" ino=7030 res=0 errno=0 [ 76.265017][ T5905] 8021q: adding VLAN 0 to HW filter on device team0 [ 76.277985][ T5905] bond0: (slave team0): Enslaving as an active interface with an up link [ 76.296160][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 76.423975][ T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!! [ 76.673942][ T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!! [ 77.719856][ T5918] macvlan2: entered promiscuous mode [ 77.725477][ T5918] macvlan2: entered allmulticast mode [ 77.769869][ T5923] bridge0: port 3(ip6gretap1) entered blocking state [ 77.783625][ T5923] bridge0: port 3(ip6gretap1) entered disabled state [ 77.811061][ T5923] ip6gretap1: entered allmulticast mode [ 77.824537][ T5923] ip6gretap1: entered promiscuous mode [ 77.895245][ T5854] imon:imon_find_endpoints: no valid input (IR) endpoint found [ 77.955313][ T5854] imon 4-1:0.0: unable to initialize intf0, err -19 [ 78.013151][ T5854] imon:imon_probe: failed to initialize context! [ 78.063243][ T5854] imon 4-1:0.0: unable to register, err -19 [ 78.182511][ T5854] usb 4-1: USB disconnect, device number 2 [ 79.497854][ T5942] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 81.739790][ T2284] cfg80211: failed to load regulatory.db [ 81.817171][ T5958] mmap: syz.0.25 (5958) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 83.846852][ T5981] netlink: 'syz.1.30': attribute type 7 has an invalid length. [ 84.186376][ T5986] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 87.964184][ T6017] netlink: 'syz.0.41': attribute type 1 has an invalid length. [ 88.793769][ T2284] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 89.106672][ T2284] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 89.110248][ T6025] netlink: 'syz.1.44': attribute type 10 has an invalid length. [ 89.138152][ T2284] usb 1-1: New USB device found, idVendor=04d8, idProduct=c002, bcdDevice= 0.00 [ 89.154576][ T2284] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 89.188703][ T2284] usb 1-1: config 0 descriptor?? [ 89.498121][ T27] audit: type=1326 audit(1763744686.165:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6026 comm="syz.2.45" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22f878f749 code=0x7ffc0000 [ 89.636511][ T27] audit: type=1326 audit(1763744686.195:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6026 comm="syz.2.45" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22f878f749 code=0x7ffc0000 [ 89.931129][ T27] audit: type=1326 audit(1763744686.195:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6026 comm="syz.2.45" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7f22f878f749 code=0x7ffc0000 [ 90.055724][ T27] audit: type=1326 audit(1763744686.225:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6026 comm="syz.2.45" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22f878f749 code=0x7ffc0000 [ 90.077006][ T6034] Zero length message leads to an empty skb [ 90.085995][ T27] audit: type=1326 audit(1763744686.225:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6026 comm="syz.2.45" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22f878f749 code=0x7ffc0000 [ 90.133571][ T27] audit: type=1326 audit(1763744686.355:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6026 comm="syz.2.45" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f22f878f749 code=0x7ffc0000 [ 90.276571][ T27] audit: type=1326 audit(1763744686.365:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6026 comm="syz.2.45" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22f878f749 code=0x7ffc0000 [ 90.357671][ T27] audit: type=1326 audit(1763744686.365:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6026 comm="syz.2.45" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22f878f749 code=0x7ffc0000 [ 90.390519][ T27] audit: type=1326 audit(1763744686.545:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6026 comm="syz.2.45" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f22f878f749 code=0x7ffc0000 [ 90.431623][ T27] audit: type=1326 audit(1763744686.845:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6026 comm="syz.2.45" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22f878f749 code=0x7ffc0000 [ 91.239711][ T2284] usbhid 1-1:0.0: can't add hid device: -71 [ 91.247382][ T2284] usbhid: probe of 1-1:0.0 failed with error -71 [ 91.261905][ T2284] usb 1-1: USB disconnect, device number 2 [ 92.383321][ T6046] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 92.482751][ T6051] tipc: Started in network mode [ 92.494118][ T6051] tipc: Node identity fe80000000000000000000000000001, cluster identity 4711 [ 92.523813][ T6051] tipc: Enabled bearer , priority 10 [ 92.934086][ T789] usb 3-1: new full-speed USB device number 2 using dummy_hcd [ 93.127320][ T789] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0 [ 93.143268][ T789] usb 3-1: config 0 interface 0 has no altsetting 0 [ 93.169581][ T789] usb 3-1: New USB device found, idVendor=15c2, idProduct=0041, bcdDevice=1f.20 [ 93.188726][ T789] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 93.203603][ T789] usb 3-1: Product: syz [ 93.209916][ T789] usb 3-1: Manufacturer: syz [ 93.218473][ T789] usb 3-1: SerialNumber: syz [ 93.227327][ T789] usb 3-1: config 0 descriptor?? [ 93.526547][ T28] tipc: Node number set to 4269801488 [ 95.273995][ T5792] usb 2-1: new low-speed USB device number 2 using dummy_hcd [ 95.477344][ T5792] usb 2-1: config 0 has an invalid interface number: 1 but max is 0 [ 95.495955][ T5792] usb 2-1: config 0 has no interface number 0 [ 95.513424][ T5792] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 95.552288][ T5792] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8 [ 95.567848][ T5792] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 95.582194][ T5792] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 95.642175][ T5792] usb 2-1: config 0 descriptor?? [ 95.678939][ T6074] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 95.743050][ T789] imon:imon_find_endpoints: no valid input (IR) endpoint found [ 95.748871][ T5792] iowarrior 2-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 95.888274][ T789] imon 3-1:0.0: unable to initialize intf0, err -19 [ 95.897501][ T789] imon:imon_probe: failed to initialize context! [ 95.904260][ T789] imon 3-1:0.0: unable to register, err -19 [ 96.643994][ T6075] usb 2-1: USB disconnect, device number 2 [ 96.662565][ T6081] netlink: 'syz.2.59': attribute type 10 has an invalid length. [ 96.684373][ T789] usb 3-1: USB disconnect, device number 2 [ 96.688624][ T6081] 8021q: adding VLAN 0 to HW filter on device team0 [ 96.728022][ T6081] bond0: (slave team0): Enslaving as an active interface with an up link [ 96.906218][ T6084] syz.2.60 uses obsolete (PF_INET,SOCK_PACKET) [ 96.914804][ T6084] syzkaller1: entered promiscuous mode [ 96.920348][ T6084] syzkaller1: entered allmulticast mode [ 96.964185][ T28] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 97.156212][ T28] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 97.167673][ T28] usb 1-1: New USB device found, idVendor=04d8, idProduct=c002, bcdDevice= 0.00 [ 97.193940][ T28] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 97.214744][ T28] usb 1-1: config 0 descriptor?? [ 97.575114][ T6099] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 98.917693][ T28] usbhid 1-1:0.0: can't add hid device: -71 [ 98.969908][ T28] usbhid: probe of 1-1:0.0 failed with error -71 [ 98.981560][ T28] usb 1-1: USB disconnect, device number 3 [ 100.010889][ T6117] netlink: 'syz.1.69': attribute type 10 has an invalid length. [ 101.725343][ T23] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 102.041270][ T23] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 102.704001][ T23] usb 1-1: New USB device found, idVendor=04d8, idProduct=c002, bcdDevice= 0.00 [ 102.713087][ T23] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 102.764737][ T23] usb 1-1: config 0 descriptor?? [ 103.049207][ T6149] tipc: Started in network mode [ 103.055635][ T6149] tipc: Node identity fe80000000000000000000000000001, cluster identity 4711 [ 103.078378][ T6149] tipc: Enabled bearer , priority 10 [ 103.328253][ T6154] netlink: 'syz.1.80': attribute type 10 has an invalid length. [ 103.770489][ T5854] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 103.957448][ T5854] usb 2-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping [ 103.983001][ T5854] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 103.996703][ T5854] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 104.006162][ T5854] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 104.020479][ T5854] usb 2-1: config 0 descriptor?? [ 104.074671][ T6075] tipc: Node number set to 4269801488 [ 104.220359][ T5854] usbhid 2-1:0.0: couldn't find an input interrupt endpoint [ 104.511630][ T23] usbhid 1-1:0.0: can't add hid device: -71 [ 104.540483][ T23] usbhid: probe of 1-1:0.0 failed with error -71 [ 104.589627][ T23] usb 1-1: USB disconnect, device number 4 [ 104.744031][ T5792] usb 4-1: new full-speed USB device number 3 using dummy_hcd [ 105.217370][ T5792] usb 4-1: config 0 interface 0 altsetting 251 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 105.230724][ T5792] usb 4-1: config 0 interface 0 has no altsetting 0 [ 105.240357][ T5792] usb 4-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 105.260412][ T5792] usb 4-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 105.269709][ T5792] usb 4-1: Product: syz [ 105.276599][ T5792] usb 4-1: Manufacturer: syz [ 105.281370][ T5792] usb 4-1: SerialNumber: syz [ 105.299970][ T5792] usb 4-1: config 0 descriptor?? [ 105.435483][ T5792] snd-usb-audio: probe of 4-1:0.0 failed with error -22 [ 105.534938][ T5785] udevd[5785]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 106.081409][ T2284] usb 4-1: USB disconnect, device number 3 [ 106.106471][ T6187] netlink: 'syz.0.89': attribute type 10 has an invalid length. [ 106.129133][ T6187] 8021q: adding VLAN 0 to HW filter on device team0 [ 106.138742][ T6187] bond0: (slave team0): Enslaving as an active interface with an up link [ 106.558707][ T23] usb 2-1: USB disconnect, device number 3 [ 108.643925][ C0] hrtimer: interrupt took 47442 ns [ 109.684210][ T23] usb 4-1: new full-speed USB device number 4 using dummy_hcd [ 109.727215][ T6239] 8021q: adding VLAN 0 to HW filter on device bond1 [ 109.752757][ T6239] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link [ 109.906529][ T23] usb 4-1: config 0 interface 0 altsetting 251 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 109.922192][ T23] usb 4-1: config 0 interface 0 has no altsetting 0 [ 109.938044][ T23] usb 4-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 109.947497][ T23] usb 4-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 109.955989][ T23] usb 4-1: Product: syz [ 109.960487][ T23] usb 4-1: Manufacturer: syz [ 109.965383][ T23] usb 4-1: SerialNumber: syz [ 109.973461][ T23] usb 4-1: config 0 descriptor?? [ 110.250848][ T23] snd-usb-audio: probe of 4-1:0.0 failed with error -22 [ 110.311022][ T5785] udevd[5785]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 110.668796][ T27] kauditd_printk_skb: 4 callbacks suppressed [ 110.668809][ T27] audit: type=1326 audit(1763744707.335:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6248 comm="syz.1.109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f886a78f749 code=0x7ffc0000 [ 110.752126][ T27] audit: type=1326 audit(1763744707.375:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6248 comm="syz.1.109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f886a78f749 code=0x7ffc0000 [ 110.796737][ T27] audit: type=1326 audit(1763744707.375:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6248 comm="syz.1.109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7f886a78f749 code=0x7ffc0000 [ 110.845667][ T27] audit: type=1326 audit(1763744707.515:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6248 comm="syz.1.109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f886a78f749 code=0x7ffc0000 [ 110.882593][ T23] usb 4-1: USB disconnect, device number 4 [ 110.907272][ T27] audit: type=1326 audit(1763744707.515:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6248 comm="syz.1.109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f886a78f749 code=0x7ffc0000 [ 110.998167][ T27] audit: type=1326 audit(1763744707.535:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6248 comm="syz.1.109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f886a78f749 code=0x7ffc0000 [ 111.053451][ T27] audit: type=1326 audit(1763744707.535:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6248 comm="syz.1.109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f886a78f749 code=0x7ffc0000 [ 111.344490][ T27] audit: type=1326 audit(1763744707.535:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6248 comm="syz.1.109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f886a78f749 code=0x7ffc0000 [ 111.366519][ C0] vkms_vblank_simulate: vblank timer overrun [ 111.373433][ T27] audit: type=1326 audit(1763744707.535:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6248 comm="syz.1.109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f886a78f749 code=0x7ffc0000 [ 111.404344][ T27] audit: type=1326 audit(1763744707.535:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6248 comm="syz.1.109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f886a78f749 code=0x7ffc0000 [ 113.590554][ T6285] tipc: Enabling of bearer rejected, already enabled [ 113.904783][ T6290] Bluetooth: MGMT ver 1.22 [ 114.706106][ T6294] netlink: 'syz.3.123': attribute type 1 has an invalid length. [ 114.821017][ T6294] 8021q: adding VLAN 0 to HW filter on device bond1 [ 114.997343][ T6300] bond1: (slave geneve2): making interface the new active one [ 115.011571][ T6300] bond1: (slave geneve2): Enslaving as an active interface with an up link [ 115.716320][ T5854] usb 2-1: new full-speed USB device number 4 using dummy_hcd [ 115.944540][ T5854] usb 2-1: config 0 interface 0 altsetting 251 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 116.001704][ T5854] usb 2-1: config 0 interface 0 has no altsetting 0 [ 116.035491][ T5854] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 116.055416][ T5854] usb 2-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 116.082793][ T5854] usb 2-1: Product: syz [ 116.088800][ T5854] usb 2-1: Manufacturer: syz [ 116.093534][ T5854] usb 2-1: SerialNumber: syz [ 116.102061][ T5854] usb 2-1: config 0 descriptor?? [ 116.126851][ T5854] snd-usb-audio: probe of 2-1:0.0 failed with error -22 [ 116.151453][ T5785] udevd[5785]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 116.490959][ T5854] usb 2-1: USB disconnect, device number 4 [ 120.102213][ T28] usb 2-1: new full-speed USB device number 5 using dummy_hcd [ 120.326068][ T28] usb 2-1: config 0 interface 0 altsetting 251 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 120.409798][ T28] usb 2-1: config 0 interface 0 has no altsetting 0 [ 120.420926][ T28] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 120.440198][ T28] usb 2-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 120.457218][ T28] usb 2-1: Product: syz [ 120.466974][ T28] usb 2-1: Manufacturer: syz [ 120.476095][ T28] usb 2-1: SerialNumber: syz [ 120.494473][ T28] usb 2-1: config 0 descriptor?? [ 120.540769][ T28] snd-usb-audio: probe of 2-1:0.0 failed with error -22 [ 120.650742][ T5785] udevd[5785]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 122.375669][ T51] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 122.384749][ T51] Bluetooth: hci3: Injecting HCI hardware error event [ 122.392970][ T5795] Bluetooth: hci3: hardware error 0x00 [ 123.596260][ T5854] usb 2-1: USB disconnect, device number 5 [ 124.454325][ T5795] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 124.828854][ T789] usb 2-1: new full-speed USB device number 6 using dummy_hcd [ 125.158648][ T789] usb 2-1: config 0 has no interfaces? [ 125.168704][ T789] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 125.188233][ T789] usb 2-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 125.203962][ T789] usb 2-1: Product: syz [ 125.213490][ T789] usb 2-1: Manufacturer: syz [ 125.218687][ T789] usb 2-1: SerialNumber: syz [ 125.230361][ T789] usb 2-1: config 0 descriptor?? [ 127.025483][ T6415] netlink: 8 bytes leftover after parsing attributes in process `syz.0.153'. [ 127.035525][ T6415] netlink: 4 bytes leftover after parsing attributes in process `syz.0.153'. [ 127.939277][ T6416] delete_channel: no stack [ 128.071117][ T5792] usb 2-1: USB disconnect, device number 6 [ 128.298911][ T6406] hub 9-0:1.0: USB hub found [ 128.319092][ T6406] hub 9-0:1.0: 1 port detected [ 128.377941][ T6426] netlink: 4 bytes leftover after parsing attributes in process `syz.2.161'. [ 129.751964][ T6441] netlink: 'syz.2.166': attribute type 1 has an invalid length. [ 130.088314][ T6441] 8021q: adding VLAN 0 to HW filter on device bond1 [ 130.361838][ T6445] bond1: (slave geneve2): making interface the new active one [ 130.539877][ T6445] bond1: (slave geneve2): Enslaving as an active interface with an up link [ 132.045234][ T5795] Bluetooth: Wrong link type (-71) [ 132.940721][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.947340][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 134.094079][ T6085] usb 3-1: new full-speed USB device number 3 using dummy_hcd [ 134.286265][ T6085] usb 3-1: config 0 interface 0 altsetting 251 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 134.402642][ T6485] netlink: 8 bytes leftover after parsing attributes in process `syz.3.178'. [ 134.411629][ T6485] netlink: 4 bytes leftover after parsing attributes in process `syz.3.178'. [ 134.430034][ T6085] usb 3-1: config 0 interface 0 has no altsetting 0 [ 134.455769][ T6085] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 134.481370][ T6085] usb 3-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 134.491734][ T6085] usb 3-1: Product: syz [ 134.496381][ T6085] usb 3-1: Manufacturer: syz [ 134.501003][ T6085] usb 3-1: SerialNumber: syz [ 134.508155][ T6085] usb 3-1: config 0 descriptor?? [ 134.539998][ T6085] snd-usb-audio: probe of 3-1:0.0 failed with error -22 [ 134.630794][ T5785] udevd[5785]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 134.808892][ T6485] hub 9-0:1.0: USB hub found [ 134.814608][ T6485] hub 9-0:1.0: 1 port detected [ 137.325012][ T2284] usb 3-1: USB disconnect, device number 3 [ 137.459434][ T6524] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 138.814888][ T6532] 8021q: adding VLAN 0 to HW filter on device bond2 [ 139.364070][ T23] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 140.285693][ T6557] netlink: 8 bytes leftover after parsing attributes in process `syz.0.199'. [ 140.386555][ T23] usb 3-1: New USB device found, idVendor=04f2, idProduct=1123, bcdDevice= 0.00 [ 140.407461][ T23] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 140.567965][ T23] usb 3-1: config 0 descriptor?? [ 141.409618][ T23] chicony 0003:04F2:1123.0001: item fetching failed at offset 0/1 [ 141.424464][ T23] chicony 0003:04F2:1123.0001: Chicony hid parse failed: -22 [ 141.431982][ T23] chicony: probe of 0003:04F2:1123.0001 failed with error -22 [ 141.463650][ T6557] hub 9-0:1.0: USB hub found [ 141.512062][ T6557] hub 9-0:1.0: 1 port detected [ 141.650957][ T5792] usb 3-1: USB disconnect, device number 4 [ 142.369838][ T6572] netlink: 'syz.1.206': attribute type 10 has an invalid length. [ 142.742341][ T6572] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 142.841885][ T6575] 8021q: adding VLAN 0 to HW filter on device bond2 [ 143.030656][ T6580] input: syz1 as /devices/virtual/input/input5 [ 143.385327][ T6575] bond2: (slave ip6gretap1): Enslaving as an active interface with an up link [ 143.611706][ T6582] tipc: Started in network mode [ 143.616916][ T6582] tipc: Node identity fe80000000000000000000000000001, cluster identity 4711 [ 143.627023][ T6582] tipc: Enabled bearer , priority 10 [ 144.745328][ T5854] tipc: Node number set to 4269801488 [ 145.414173][ T5795] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 145.423612][ T5795] Bluetooth: hci0: Injecting HCI hardware error event [ 145.431725][ T51] Bluetooth: hci0: hardware error 0x00 [ 146.202409][ T6611] input: syz1 as /devices/virtual/input/input6 [ 146.329975][ T6621] netlink: 4 bytes leftover after parsing attributes in process `syz.2.216'. [ 146.985145][ T6619] netlink: 8 bytes leftover after parsing attributes in process `syz.3.220'. [ 147.119815][ T6619] hub 9-0:1.0: USB hub found [ 147.131510][ T6619] hub 9-0:1.0: 1 port detected [ 147.654052][ T51] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 147.884156][ T2284] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 148.094438][ T2284] usb 2-1: Using ep0 maxpacket: 8 [ 148.110689][ T2284] usb 2-1: no configurations [ 148.130016][ T2284] usb 2-1: can't read configurations, error -22 [ 148.815115][ T2284] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 149.103957][ T2284] usb 2-1: Using ep0 maxpacket: 8 [ 149.133336][ T2284] usb 2-1: no configurations [ 149.138589][ T2284] usb 2-1: can't read configurations, error -22 [ 149.170170][ T2284] usb usb2-port1: attempt power cycle [ 149.604067][ T2284] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 149.657645][ T2284] usb 2-1: Using ep0 maxpacket: 8 [ 149.674061][ T2284] usb 2-1: no configurations [ 149.694332][ T2284] usb 2-1: can't read configurations, error -22 [ 151.692991][ T2284] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 151.934178][ T2284] usb 2-1: device not accepting address 10, error -71 [ 151.952046][ T2284] usb usb2-port1: unable to enumerate USB device [ 152.324022][ T2284] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 152.699359][ T2284] usb 2-1: New USB device found, idVendor=04f2, idProduct=1123, bcdDevice= 0.00 [ 152.757141][ T2284] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 153.078264][ T2284] usb 2-1: config 0 descriptor?? [ 153.738657][ T2284] chicony 0003:04F2:1123.0002: item fetching failed at offset 0/1 [ 153.773441][ T2284] chicony 0003:04F2:1123.0002: Chicony hid parse failed: -22 [ 155.274035][ T2284] chicony: probe of 0003:04F2:1123.0002 failed with error -22 [ 155.333249][ T2284] usb 2-1: USB disconnect, device number 11 [ 156.527838][ T6695] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 162.303972][ T5792] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 162.496041][ T5792] usb 4-1: New USB device found, idVendor=04f2, idProduct=1123, bcdDevice= 0.00 [ 162.509738][ T5792] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 162.526857][ T5792] usb 4-1: config 0 descriptor?? [ 162.565086][ T6777] netlink: 'syz.1.265': attribute type 16 has an invalid length. [ 162.976377][ T6777] hub 9-0:1.0: USB hub found [ 163.020081][ T6777] hub 9-0:1.0: 1 port detected [ 163.028076][ T5792] chicony 0003:04F2:1123.0003: item fetching failed at offset 0/1 [ 163.034696][ T51] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 163.044472][ T51] Bluetooth: hci2: Injecting HCI hardware error event [ 163.052425][ T5795] Bluetooth: hci2: hardware error 0x00 [ 163.067038][ T5792] chicony 0003:04F2:1123.0003: Chicony hid parse failed: -22 [ 163.100790][ T5792] chicony: probe of 0003:04F2:1123.0003 failed with error -22 [ 163.239760][ T5792] usb 4-1: USB disconnect, device number 5 [ 165.418090][ T5795] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 165.998698][ T27] kauditd_printk_skb: 23 callbacks suppressed [ 165.998711][ T27] audit: type=1326 audit(1763744762.665:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6789 comm="syz.2.269" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f22f878f749 code=0x0 [ 167.142666][ T5792] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 168.806260][ T5854] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 168.844184][ T5792] usb 4-1: Using ep0 maxpacket: 16 [ 168.884575][ T5792] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 168.933811][ T5792] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 168.991163][ T5792] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 169.051938][ T5792] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 169.129838][ T5792] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 169.222939][ T5792] usb 4-1: string descriptor 0 read error: -71 [ 169.258830][ T5792] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 169.295038][ T6824] netlink: 14 bytes leftover after parsing attributes in process `syz.3.276'. [ 169.304554][ T5792] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 169.355713][ T5792] usb 4-1: config 0 descriptor?? [ 169.394134][ T5792] usb 4-1: can't set config #0, error -71 [ 169.444269][ T5792] usb 4-1: USB disconnect, device number 6 [ 169.661580][ T6827] tipc: Enabling of bearer rejected, already enabled [ 169.690153][ T6832] netlink: 'syz.2.278': attribute type 1 has an invalid length. [ 169.863499][ T6832] 8021q: adding VLAN 0 to HW filter on device bond3 [ 170.210543][ T6838] hub 9-0:1.0: USB hub found [ 170.304502][ T6838] hub 9-0:1.0: 1 port detected [ 170.364202][ T28] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 170.454124][ T6847] netlink: 'syz.0.279': attribute type 7 has an invalid length. [ 170.612987][ T28] usb 2-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config [ 170.623467][ T28] usb 2-1: config 27 has 0 interfaces, different from the descriptor's value: 1 [ 170.657491][ T28] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 170.683921][ T28] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 171.403888][ T6854] fuse: Unknown parameter 'group_00000000000000000000' [ 171.498887][ T5792] usb 2-1: USB disconnect, device number 12 [ 172.992609][ T6872] 8021q: adding VLAN 0 to HW filter on device batadv3 [ 173.037075][ T6872] team0: Port device batadv3 added [ 173.077627][ T6875] tipc: Started in network mode [ 173.082524][ T6875] tipc: Node identity fe80000000000000000000000000001, cluster identity 4711 [ 173.091849][ T6875] tipc: Enabled bearer , priority 10 [ 173.324639][ T6878] netlink: 'syz.3.291': attribute type 1 has an invalid length. [ 173.388054][ T6873] hub 9-0:1.0: USB hub found [ 173.407797][ T6873] hub 9-0:1.0: 1 port detected [ 173.480274][ T6878] 8021q: adding VLAN 0 to HW filter on device bond2 [ 174.083996][ T5854] tipc: Node number set to 4269801488 [ 174.769782][ T27] audit: type=1326 audit(1763744771.435:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6895 comm="syz.3.296" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f82ea78f749 code=0x0 [ 174.854936][ T5854] libceph: connect (1)[c::]:6789 error -101 [ 174.864000][ T5854] libceph: mon0 (1)[c::]:6789 connect error [ 175.135302][ T5854] libceph: connect (1)[c::]:6789 error -101 [ 175.147251][ T5854] libceph: mon0 (1)[c::]:6789 connect error [ 175.357402][ T6897] ceph: No mds server is up or the cluster is laggy [ 175.423528][ T6909] kvm: pic: non byte write [ 175.446233][ T6909] kvm: pic: non byte write [ 175.730944][ T6918] netlink: 'syz.2.302': attribute type 1 has an invalid length. [ 175.932718][ T6918] 8021q: adding VLAN 0 to HW filter on device bond4 [ 176.474653][ T6937] netlink: 8 bytes leftover after parsing attributes in process `syz.2.309'. [ 177.997651][ T6956] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 180.124578][ T6971] input: syz1 as /devices/virtual/input/input7 [ 181.616554][ T6992] tipc: Enabled bearer , priority 0 [ 181.654825][ T6992] mac80211_hwsim hwsim5 syzkaller0: entered promiscuous mode [ 181.662262][ T6992] mac80211_hwsim hwsim5 syzkaller0: entered allmulticast mode [ 181.738092][ T6992] tipc: Resetting bearer [ 184.695960][ T7011] tipc: Enabling of bearer rejected, already enabled [ 185.169794][ T7019] syz.2.334: attempt to access beyond end of device [ 185.169794][ T7019] nbd2: rw=0, sector=0, nr_sectors = 1 limit=0 [ 185.187496][ T7019] FAT-fs (nbd2): unable to read boot sector [ 185.556631][ T5891] IPVS: starting estimator thread 0... [ 185.728661][ T7023] IPVS: using max 16 ests per chain, 38400 per kthread [ 185.804004][ T7030] netlink: 12 bytes leftover after parsing attributes in process `syz.1.337'. [ 186.037375][ T7026] 8021q: adding VLAN 0 to HW filter on device bond5 [ 186.948899][ T7044] tipc: Enabling of bearer rejected, already enabled [ 187.125528][ T7051] hugetlbfs: Bad value 'Ï' for mount option 'size' [ 187.125528][ T7051] [ 187.188154][ T7054] netlink: 'syz.3.346': attribute type 1 has an invalid length. [ 187.297280][ T7054] 8021q: adding VLAN 0 to HW filter on device bond3 [ 189.860461][ T7094] netlink: 'syz.3.358': attribute type 1 has an invalid length. [ 189.948779][ T7094] 8021q: adding VLAN 0 to HW filter on device bond4 [ 191.334242][ T51] Bluetooth: hci1: command 0x0406 tx timeout [ 191.645015][ T7114] netlink: 4 bytes leftover after parsing attributes in process `syz.3.361'. [ 191.892132][ T7114] hub 9-0:1.0: USB hub found [ 191.927985][ T7114] hub 9-0:1.0: 1 port detected [ 193.458168][ T7150] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 194.387039][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.393382][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.989206][ T7181] netlink: 'syz.1.385': attribute type 13 has an invalid length. [ 196.733141][ T7174] netlink: 4 bytes leftover after parsing attributes in process `syz.3.382'. [ 196.899511][ T7178] hub 9-0:1.0: USB hub found [ 196.904697][ T7178] hub 9-0:1.0: 1 port detected [ 198.932921][ T7209] vxcan1: tx drop: invalid da for name 0x0000000000000016 [ 202.933723][ T7252] tipc: Enabling of bearer rejected, already enabled [ 203.179684][ T7255] capability: warning: `syz.0.408' uses deprecated v2 capabilities in a way that may be insecure [ 203.473862][ C1] sched: RT throttling activated [ 207.144308][ T23] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 207.484657][ T23] usb 2-1: config 0 interface 0 altsetting 11 endpoint 0x81 has an invalid bInterval 253, changing to 11 [ 207.536835][ T23] usb 2-1: config 0 interface 0 altsetting 11 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 207.598221][ T23] usb 2-1: config 0 interface 0 has no altsetting 0 [ 207.627246][ T23] usb 2-1: New USB device found, idVendor=1038, idProduct=12c2, bcdDevice= 0.00 [ 207.666692][ T23] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 207.695437][ T23] usb 2-1: config 0 descriptor?? [ 209.433009][ T7316] tipc: Enabling of bearer rejected, already enabled [ 209.496966][ T23] hid-generic 0003:1038:12C2.0004: item fetching failed at offset 0/3 [ 209.506491][ T23] hid-generic: probe of 0003:1038:12C2.0004 failed with error -22 [ 209.692188][ T23] usb 2-1: USB disconnect, device number 13 [ 209.721363][ T7319] netlink: 'syz.0.426': attribute type 7 has an invalid length. [ 211.968300][ T2284] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 213.065868][ T2284] usb 1-1: Using ep0 maxpacket: 32 [ 213.073221][ T2284] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 213.084506][ T2284] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 213.095927][ T23] usb 4-1: new full-speed USB device number 7 using dummy_hcd [ 213.204309][ T2284] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d51, bcdDevice= 0.00 [ 213.213392][ T2284] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 213.231766][ T2284] usb 1-1: config 0 descriptor?? [ 213.289025][ T23] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 213.304008][ T23] usb 4-1: config 0 interface 0 altsetting 251 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 213.338617][ T23] usb 4-1: config 0 interface 0 has no altsetting 0 [ 213.356777][ T23] usb 4-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 213.386151][ T23] usb 4-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 213.402985][ T7354] netlink: 'syz.2.437': attribute type 4 has an invalid length. [ 213.456230][ T2284] usbhid 1-1:0.0: can't add hid device: -71 [ 213.462118][ T23] usb 4-1: Product: syz [ 213.462158][ T23] usb 4-1: Manufacturer: syz [ 213.462172][ T23] usb 4-1: SerialNumber: syz [ 213.725590][ T23] usb 4-1: config 0 descriptor?? [ 214.291098][ T2284] usbhid: probe of 1-1:0.0 failed with error -71 [ 214.301763][ T2284] usb 1-1: USB disconnect, device number 5 [ 214.587806][ T23] snd-usb-audio: probe of 4-1:0.0 failed with error -22 [ 215.265183][ T7369] tipc: Enabling of bearer rejected, already enabled [ 215.275310][ T5785] udevd[5785]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 216.739980][ T6085] usb 4-1: USB disconnect, device number 7 [ 219.261415][ T7407] tipc: Enabling of bearer rejected, already enabled [ 219.809310][ T7410] netlink: 'syz.2.452': attribute type 6 has an invalid length. [ 221.035507][ T7416] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on [ 221.176224][ T7416] bond6: entered allmulticast mode [ 221.181809][ T7416] 8021q: adding VLAN 0 to HW filter on device bond6 [ 224.100518][ T7448] process 'syz.2.460' launched '/dev/fd/-1' with NULL argv: empty string added [ 226.023941][ T789] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 226.226074][ T789] usb 4-1: New USB device found, idVendor=04f2, idProduct=1123, bcdDevice= 0.00 [ 226.243299][ T789] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 226.275052][ T789] usb 4-1: config 0 descriptor?? [ 226.884937][ T789] usbhid 4-1:0.0: can't add hid device: -71 [ 227.030281][ T789] usbhid: probe of 4-1:0.0 failed with error -71 [ 227.372654][ T789] usb 4-1: USB disconnect, device number 8 [ 229.249031][ T7498] overlayfs: failed to resolve './file1': -2 [ 230.135924][ T7505] bridge0: port 2(bridge_slave_1) entered disabled state [ 230.144933][ T7505] bridge0: port 1(bridge_slave_0) entered disabled state [ 232.729709][ T7521] netlink: 'syz.2.475': attribute type 7 has an invalid length. [ 235.734144][ T5792] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 235.931278][ T5792] usb 4-1: config 0 has an invalid interface number: 204 but max is 0 [ 236.018469][ T5792] usb 4-1: config 0 has no interface number 0 [ 236.140006][ T5792] usb 4-1: New USB device found, idVendor=12d6, idProduct=0444, bcdDevice=29.3d [ 236.274078][ T5792] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 236.302908][ T5792] usb 4-1: Product: syz [ 236.320961][ T5792] usb 4-1: Manufacturer: syz [ 236.352145][ T5792] usb 4-1: SerialNumber: syz [ 236.372195][ T5792] usb 4-1: config 0 descriptor?? [ 236.406245][ T5792] ems_usb 4-1:0.204 (unnamed net_device) (uninitialized): couldn't initialize controller: -22 [ 236.434954][ T5792] ems_usb: probe of 4-1:0.204 failed with error -22 [ 236.953273][ T789] usb 4-1: USB disconnect, device number 9 [ 239.031151][ T7601] netlink: 'syz.2.498': attribute type 7 has an invalid length. [ 239.204354][ T789] usb 2-1: new full-speed USB device number 14 using dummy_hcd [ 240.021800][ T789] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 240.046685][ T789] usb 2-1: New USB device found, idVendor=0566, idProduct=3004, bcdDevice= 0.00 [ 240.066319][ T789] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 240.134926][ T789] usb 2-1: config 0 descriptor?? [ 240.153160][ T7598] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 240.519534][ T7609] hub 9-0:1.0: USB hub found [ 240.524625][ T7609] hub 9-0:1.0: 1 port detected [ 241.341517][ T789] usbhid 2-1:0.0: can't add hid device: -71 [ 241.364269][ T789] usbhid: probe of 2-1:0.0 failed with error -71 [ 241.395212][ T789] usb 2-1: USB disconnect, device number 14 [ 243.224767][ T7622] DRBG: could not allocate digest TFM handle: hmac(sha512) [ 244.391097][ T7664] netlink: 'syz.0.519': attribute type 13 has an invalid length. [ 246.804234][ T7687] hub 9-0:1.0: USB hub found [ 246.903068][ T7687] hub 9-0:1.0: 1 port detected [ 248.053924][ T51] Bluetooth: hci1: command 0x0406 tx timeout [ 248.061824][ T7700] netlink: 12 bytes leftover after parsing attributes in process `syz.0.531'. [ 248.135618][ T7692] bridge0: port 2(bridge_slave_1) entered disabled state [ 248.144083][ T7692] bridge0: port 1(bridge_slave_0) entered disabled state [ 249.742893][ T7692] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 249.991955][ T7692] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 250.582341][ T7692] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 250.592078][ T7692] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 250.601399][ T7692] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 250.610387][ T7692] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 250.646617][ T7716] netlink: 'syz.1.535': attribute type 13 has an invalid length. [ 250.812368][ T28] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 250.962546][ T28] hid-generic 0000:0000:0000.0005: hidraw0: HID v0.00 Device [syz1] on syz0 [ 251.918258][ T7737] netlink: 12 bytes leftover after parsing attributes in process `syz.2.540'. [ 252.320453][ T7745] syz_tun: entered allmulticast mode [ 252.482212][ T7741] syz_tun: left allmulticast mode [ 252.864216][ T7735] netlink: 'syz.3.538': attribute type 7 has an invalid length. [ 253.594334][ T7764] hub 9-0:1.0: USB hub found [ 253.629602][ T7764] hub 9-0:1.0: 1 port detected [ 254.997586][ T7770] netlink: 12 bytes leftover after parsing attributes in process `syz.3.549'. [ 255.454036][ T23] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 255.795907][ T23] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 255.826770][ T23] usb 4-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0 [ 255.845148][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.851533][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.912176][ T23] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 255.922935][ T23] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 255.931180][ T23] usb 4-1: Product: syz [ 255.935689][ T23] usb 4-1: Manufacturer: syz [ 255.943908][ T23] usb 4-1: SerialNumber: syz [ 257.135138][ T7774] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 257.316076][ T7774] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 257.338219][ T23] cdc_ether: probe of 4-1:1.0 failed with error -22 [ 257.357802][ T23] usb 4-1: USB disconnect, device number 10 [ 258.003964][ T23] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 258.223934][ T23] usb 4-1: Using ep0 maxpacket: 8 [ 258.243206][ T23] usb 4-1: config index 0 descriptor too short (expected 301, got 72) [ 258.285095][ T23] usb 4-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config [ 258.317327][ T23] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 258.339529][ T23] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 258.369150][ T23] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 258.387143][ T23] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 117, changing to 10 [ 258.404007][ T23] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 33552, setting to 1024 [ 258.423928][ T23] usb 4-1: config 16 interface 0 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3 [ 258.477854][ T23] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 258.502278][ T23] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 258.544565][ T7801] netlink: 'syz.2.556': attribute type 7 has an invalid length. [ 258.729710][ T23] usb 4-1: usb_control_msg returned -32 [ 258.755907][ T23] usbtmc 4-1:16.0: can't read capabilities [ 258.762001][ C1] usbtmc 4-1:16.0: overflow with length 1024, actual length is 1024 [ 258.977062][ T28] usb 4-1: USB disconnect, device number 11 [ 259.107102][ T7807] netlink: 28 bytes leftover after parsing attributes in process `syz.0.562'. [ 259.495714][ T7812] hub 9-0:1.0: USB hub found [ 259.529026][ T7812] hub 9-0:1.0: 1 port detected [ 260.567720][ T7820] mac80211_hwsim hwsim9 syzkaller0: entered promiscuous mode [ 260.622548][ T7820] mac80211_hwsim hwsim9 syzkaller0: entered allmulticast mode [ 261.143940][ T23] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 262.616385][ T23] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 262.637234][ T23] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0xB has invalid maxpacket 24623, setting to 1024 [ 262.692710][ T23] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 1024 [ 262.726527][ T23] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 262.761175][ T23] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 262.807201][ T7829] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 262.837652][ T23] usb 3-1: Quirk or no altest; falling back to MIDI 1.0 [ 263.630119][ T5792] usb 3-1: USB disconnect, device number 6 [ 264.839333][ T7855] netlink: 6 bytes leftover after parsing attributes in process `syz.3.580'. [ 266.677351][ T7864] netlink: 'syz.0.576': attribute type 7 has an invalid length. [ 269.960626][ T7892] mac80211_hwsim hwsim9 syzkaller0: left promiscuous mode [ 269.967855][ T7892] mac80211_hwsim hwsim9 syzkaller0: left allmulticast mode [ 270.564375][ T7902] netlink: 60 bytes leftover after parsing attributes in process `syz.0.595'. [ 270.604041][ T7902] netlink: 60 bytes leftover after parsing attributes in process `syz.0.595'. [ 270.644789][ T7899] netlink: 60 bytes leftover after parsing attributes in process `syz.0.595'. [ 270.837050][ T7907] netlink: 60 bytes leftover after parsing attributes in process `syz.0.597'. [ 270.865007][ T7907] netlink: 60 bytes leftover after parsing attributes in process `syz.0.597'. [ 270.884620][ T7906] netlink: 60 bytes leftover after parsing attributes in process `syz.0.597'. [ 270.909850][ T7907] netlink: 60 bytes leftover after parsing attributes in process `syz.0.597'. [ 273.274543][ T7936] netlink: 60 bytes leftover after parsing attributes in process `syz.0.604'. [ 273.283500][ T7936] netlink: 60 bytes leftover after parsing attributes in process `syz.0.604'. [ 273.314568][ T7931] netlink: 60 bytes leftover after parsing attributes in process `syz.0.604'. [ 274.813932][ T7966] warning: `syz.3.617' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 279.281589][ T8032] netlink: 40 bytes leftover after parsing attributes in process `syz.1.648'. [ 279.293987][ T8032] netlink: 40 bytes leftover after parsing attributes in process `syz.1.648'. [ 279.339650][ T8037] netlink: 40 bytes leftover after parsing attributes in process `syz.1.648'. [ 279.533474][ T8045] netlink: 60 bytes leftover after parsing attributes in process `syz.3.654'. [ 279.553586][ T8045] netlink: 60 bytes leftover after parsing attributes in process `syz.3.654'. [ 279.573588][ T8045] netlink: 60 bytes leftover after parsing attributes in process `syz.3.654'. [ 283.440514][ T8094] netlink: 'syz.3.673': attribute type 16 has an invalid length. [ 283.471022][ T8094] netlink: 48 bytes leftover after parsing attributes in process `syz.3.673'. [ 288.688972][ T27] audit: type=1326 audit(1763744884.357:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8185 comm="syz.3.710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82ea78f749 code=0x7ffc0000 [ 288.732918][ T27] audit: type=1326 audit(1763744884.357:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8185 comm="syz.3.710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82ea78f749 code=0x7ffc0000 [ 288.808050][ T27] audit: type=1326 audit(1763744884.387:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8185 comm="syz.3.710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f82ea78f749 code=0x7ffc0000 [ 288.872376][ T27] audit: type=1326 audit(1763744884.387:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8185 comm="syz.3.710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82ea78f749 code=0x7ffc0000 [ 288.901370][ T27] audit: type=1326 audit(1763744884.387:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8185 comm="syz.3.710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82ea78f749 code=0x7ffc0000 [ 288.924164][ T27] audit: type=1326 audit(1763744884.397:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8185 comm="syz.3.710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f82ea78f749 code=0x7ffc0000 [ 288.975079][ T27] audit: type=1326 audit(1763744884.397:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8185 comm="syz.3.710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82ea78f749 code=0x7ffc0000 [ 289.018911][ T27] audit: type=1326 audit(1763744884.397:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8185 comm="syz.3.710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82ea78f749 code=0x7ffc0000 [ 289.059308][ T27] audit: type=1326 audit(1763744884.397:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8185 comm="syz.3.710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f82ea78f749 code=0x7ffc0000 [ 289.160656][ T27] audit: type=1326 audit(1763744884.397:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8185 comm="syz.3.710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82ea78f749 code=0x7ffc0000 [ 290.623143][ T8212] netlink: 40 bytes leftover after parsing attributes in process `syz.3.718'. [ 290.700329][ T8214] tipc: Enabling of bearer rejected, already enabled [ 290.746638][ T8211] loop2: detected capacity change from 0 to 1024 [ 290.802006][ T8211] ======================================================= [ 290.802006][ T8211] WARNING: The mand mount option has been deprecated and [ 290.802006][ T8211] and is ignored by this kernel. Remove the mand [ 290.802006][ T8211] option from the mount to silence this warning. [ 290.802006][ T8211] ======================================================= [ 291.012407][ T8211] EXT4-fs: Ignoring removed i_version option [ 291.029521][ T8211] journal_path: Lookup failure for './file1' [ 291.065215][ T8211] EXT4-fs: error: could not find journal device path [ 291.950528][ T8233] tipc: Enabling of bearer rejected, already enabled [ 293.188046][ T8247] 9pnet_fd: Insufficient options for proto=fd [ 293.583180][ T8260] syz.2.738[8260] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 293.583314][ T8260] syz.2.738[8260] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 293.690115][ T8260] syz.2.738[8260] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 293.748866][ T8260] syz.2.738[8260] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 299.167765][ T8321] loop0: detected capacity change from 0 to 512 [ 299.286081][ T8321] FAT-fs (loop0): error, corrupted directory (invalid entries) [ 301.489029][ T8358] netlink: 'syz.1.765': attribute type 13 has an invalid length. [ 302.332170][ T8368] netlink: 28 bytes leftover after parsing attributes in process `syz.2.769'. [ 302.347606][ T27] kauditd_printk_skb: 23 callbacks suppressed [ 302.347620][ T27] audit: type=1326 audit(1763744898.017:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8366 comm="syz.3.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82ea78f749 code=0x7ffc0000 [ 303.620573][ T27] audit: type=1326 audit(1763744898.017:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8366 comm="syz.3.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82ea78f749 code=0x7ffc0000 [ 303.643969][ T27] audit: type=1326 audit(1763744899.287:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8366 comm="syz.3.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f82ea78f749 code=0x7ffc0000 [ 303.666378][ T27] audit: type=1326 audit(1763744899.287:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8366 comm="syz.3.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82ea78f749 code=0x7ffc0000 [ 303.688789][ T27] audit: type=1326 audit(1763744899.287:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8366 comm="syz.3.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82ea78f749 code=0x7ffc0000 [ 303.712434][ T27] audit: type=1326 audit(1763744899.287:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8366 comm="syz.3.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f82ea78f749 code=0x7ffc0000 [ 303.815733][ T27] audit: type=1326 audit(1763744899.287:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8366 comm="syz.3.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82ea78f749 code=0x7ffc0000 [ 303.839170][ T8374] hub 9-0:1.0: USB hub found [ 303.864260][ T8374] hub 9-0:1.0: 1 port detected [ 303.878505][ T27] audit: type=1326 audit(1763744899.337:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8366 comm="syz.3.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=97 compat=0 ip=0x7f82ea78f749 code=0x7ffc0000 [ 303.942308][ T27] audit: type=1326 audit(1763744899.337:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8366 comm="syz.3.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82ea78f749 code=0x7ffc0000 [ 303.991514][ T27] audit: type=1326 audit(1763744899.337:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8366 comm="syz.3.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82ea78f749 code=0x7ffc0000 [ 306.566712][ T8403] tipc: Enabling of bearer rejected, already enabled [ 306.603000][ T8406] netlink: 'syz.2.781': attribute type 13 has an invalid length. [ 307.980850][ T8426] netlink: 28 bytes leftover after parsing attributes in process `syz.2.787'. [ 308.135261][ T8427] hub 9-0:1.0: USB hub found [ 308.161747][ T8427] hub 9-0:1.0: 1 port detected [ 309.121789][ T8445] loop0: detected capacity change from 0 to 128 [ 309.230321][ T8445] pim6reg: entered allmulticast mode [ 309.283529][ T8445] pim6reg: left allmulticast mode [ 309.357609][ T8448] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(10) [ 309.364536][ T8448] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 309.378408][ T8448] vhci_hcd vhci_hcd.0: Device attached [ 309.419317][ T27] kauditd_printk_skb: 5 callbacks suppressed [ 309.419330][ T27] audit: type=1804 audit(1763744905.087:100): pid=8445 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.795" name="/newroot/217/file7/bus" dev="loop0" ino=1048606 res=1 errno=0 [ 309.504504][ T27] audit: type=1800 audit(1763744905.087:101): pid=8445 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.795" name="bus" dev="loop0" ino=1048606 res=0 errno=0 [ 309.574068][ T5840] vhci_hcd: vhci_device speed not set [ 309.644859][ T5840] usb 33-1: new full-speed USB device number 2 using vhci_hcd [ 309.891825][ T8449] vhci_hcd: connection reset by peer [ 309.901675][ T2963] vhci_hcd: stop threads [ 309.928427][ T2963] vhci_hcd: release socket [ 309.941335][ T2963] vhci_hcd: disconnect device [ 310.092035][ T8471] netlink: 20 bytes leftover after parsing attributes in process `syz.1.801'. [ 310.348596][ T8475] loop1: detected capacity change from 0 to 512 [ 310.407585][ T8475] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 310.461154][ T8475] ext4 filesystem being mounted at /198/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 310.733513][ T5781] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 311.143937][ T27] audit: type=1326 audit(1763744906.807:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8489 comm="syz.1.809" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f886a78f749 code=0x7ffc0000 [ 311.199250][ T27] audit: type=1326 audit(1763744906.807:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8489 comm="syz.1.809" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f886a78f749 code=0x7ffc0000 [ 311.269913][ T27] audit: type=1326 audit(1763744906.807:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8489 comm="syz.1.809" exe="/root/syz-executor" sig=0 arch=c000003e syscall=65 compat=0 ip=0x7f886a78f749 code=0x7ffc0000 [ 311.329858][ T27] audit: type=1326 audit(1763744906.807:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8489 comm="syz.1.809" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f886a78f749 code=0x7ffc0000 [ 311.352046][ C1] vkms_vblank_simulate: vblank timer overrun [ 312.012958][ T8505] netlink: 4 bytes leftover after parsing attributes in process `syz.2.814'. [ 312.149420][ T8510] loop0: detected capacity change from 0 to 256 [ 312.169682][ T8510] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 312.868519][ T8523] netlink: 'syz.0.819': attribute type 7 has an invalid length. [ 313.150972][ T8527] netlink: 'syz.3.820': attribute type 13 has an invalid length. [ 313.496142][ T8531] loop1: detected capacity change from 0 to 164 [ 313.566558][ T8531] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 313.673055][ T8531] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 313.963847][ T27] audit: type=1326 audit(1763744909.627:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8540 comm="syz.1.827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f886a78f749 code=0x7ffc0000 [ 313.981255][ T8541] loop1: detected capacity change from 0 to 512 [ 314.008505][ T27] audit: type=1326 audit(1763744909.627:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8540 comm="syz.1.827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f886a78f749 code=0x7ffc0000 [ 314.034472][ T27] audit: type=1326 audit(1763744909.637:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8540 comm="syz.1.827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f886a78f749 code=0x7ffc0000 [ 314.083152][ T8541] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 314.102009][ T27] audit: type=1326 audit(1763744909.637:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8540 comm="syz.1.827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f886a78f749 code=0x7ffc0000 [ 314.181471][ T8541] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e002e028, mo2=0002] [ 314.196864][ T8541] System zones: 0-2, 18-18, 34-34 [ 314.263205][ T8541] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 42 vs 41 free clusters [ 314.300504][ T8541] EXT4-fs (loop1): Remounting filesystem read-only [ 314.322978][ T8541] EXT4-fs (loop1): 1 truncate cleaned up [ 314.333553][ T8541] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 314.352786][ T2963] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 314.389046][ T8541] ext4 filesystem being mounted at /206/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 314.414199][ T2963] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 314.457682][ T27] kauditd_printk_skb: 24 callbacks suppressed [ 314.457696][ T27] audit: type=1326 audit(1763744910.117:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8540 comm="syz.1.827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f886a78df90 code=0x7ffc0000 [ 314.462757][ T2963] Quota error (device loop1): write_blk: dquota write failed [ 314.489988][ T27] audit: type=1326 audit(1763744910.117:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8540 comm="syz.1.827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7f886a78e497 code=0x7ffc0000 [ 314.493673][ T2963] Quota error (device loop1): free_dqentry: Can't move quota data block (5) to free list [ 314.525812][ T8551] netlink: 'syz.2.832': attribute type 13 has an invalid length. [ 314.584648][ T2963] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started [ 314.605524][ T2963] Quota error (device loop1): v2_write_file_info: Can't write info structure [ 314.620503][ T27] audit: type=1326 audit(1763744910.117:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8540 comm="syz.1.827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f886a78df90 code=0x7ffc0000 [ 314.647935][ T2963] Quota error (device loop1): dquot_write_dquot: Can't write quota structure (error -5). Quota may get out of sync! [ 314.692539][ T2963] Quota error (device loop1): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 314.717415][ T27] audit: type=1326 audit(1763744910.117:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8540 comm="syz.1.827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f886a78f34b code=0x7ffc0000 [ 314.768889][ T5781] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 314.782789][ T27] audit: type=1326 audit(1763744910.117:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8540 comm="syz.1.827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f886a78e3aa code=0x7ffc0000 [ 314.786686][ T8558] netlink: 4 bytes leftover after parsing attributes in process `syz.0.833'. [ 314.805653][ T5840] vhci_hcd: vhci_device speed not set [ 315.017582][ T8558] team0: Port device team_slave_1 removed [ 315.160226][ T8570] loop3: detected capacity change from 0 to 512 [ 315.236309][ T8570] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 315.304931][ T8570] EXT4-fs error (device loop3): ext4_validate_block_bitmap:430: comm gtp: bg 0: block 5: invalid block bitmap [ 315.321737][ T8570] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6637: Corrupt filesystem [ 315.331724][ T8570] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm gtp: invalid indirect mapped block 3 (level 2) [ 315.357800][ T8570] EXT4-fs (loop3): 2 truncates cleaned up [ 315.395213][ T8570] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 315.603493][ T8580] IPv6: Can't replace route, no match found [ 315.622990][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 316.902447][ T8607] netlink: 'syz.2.854': attribute type 4 has an invalid length. [ 316.925719][ T8607] netlink: 'syz.2.854': attribute type 4 has an invalid length. [ 317.259369][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.557880][ T8627] netlink: 28 bytes leftover after parsing attributes in process `syz.0.859'. [ 318.548876][ T8635] netlink: 'syz.2.864': attribute type 4 has an invalid length. [ 318.667713][ T8635] netlink: 'syz.2.864': attribute type 4 has an invalid length. [ 324.091772][ T8697] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 324.100988][ T8697] team0: Port device batadv1 added [ 324.343411][ T8706] loop1: detected capacity change from 0 to 512 [ 324.516457][ T7723] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 324.529464][ T8702] hub 9-0:1.0: USB hub found [ 324.576540][ T8702] hub 9-0:1.0: 1 port detected [ 324.610316][ T8706] loop1: detected capacity change from 0 to 1024 [ 324.614241][ T7723] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 324.635501][ T7723] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 324.654071][ T7723] Buffer I/O error on dev loop1, logical block 0, async page read [ 324.729941][ T8706] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 324.874191][ T5781] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 327.221393][ T27] kauditd_printk_skb: 62 callbacks suppressed [ 327.221406][ T27] audit: type=1326 audit(1763744922.887:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8741 comm="syz.1.904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f886a78f749 code=0x7ffc0000 [ 327.288304][ T27] audit: type=1326 audit(1763744922.927:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8741 comm="syz.1.904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f886a78f749 code=0x7ffc0000 [ 327.353491][ T27] audit: type=1326 audit(1763744923.017:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8741 comm="syz.1.904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f886a78f749 code=0x7ffc0000 [ 327.379317][ T27] audit: type=1326 audit(1763744923.017:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8741 comm="syz.1.904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f886a78f749 code=0x7ffc0000 [ 327.402890][ T27] audit: type=1326 audit(1763744923.017:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8741 comm="syz.1.904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f886a78f749 code=0x7ffc0000 [ 327.433096][ T27] audit: type=1326 audit(1763744923.017:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8741 comm="syz.1.904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f886a78f749 code=0x7ffc0000 [ 327.513737][ T27] audit: type=1326 audit(1763744923.147:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8741 comm="syz.1.904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f886a78f749 code=0x7ffc0000 [ 327.536948][ T27] audit: type=1326 audit(1763744923.157:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8741 comm="syz.1.904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f886a78f749 code=0x7ffc0000 [ 327.601476][ T27] audit: type=1326 audit(1763744923.177:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8741 comm="syz.1.904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f886a78f749 code=0x7ffc0000 [ 327.671548][ T27] audit: type=1326 audit(1763744923.177:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8741 comm="syz.1.904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f886a78f749 code=0x7ffc0000 [ 329.485084][ T8760] batadv4: mtu greater than device maximum [ 329.673379][ T8774] hub 9-0:1.0: USB hub found [ 329.690114][ T8774] hub 9-0:1.0: 1 port detected [ 331.363131][ T8805] IPv6: Can't replace route, no match found [ 332.774170][ T8832] netlink: 96 bytes leftover after parsing attributes in process `syz.0.937'. [ 333.899755][ T8850] netlink: 12 bytes leftover after parsing attributes in process `syz.1.945'. [ 334.851320][ T27] kauditd_printk_skb: 224 callbacks suppressed [ 334.851333][ T27] audit: type=1326 audit(1763744930.517:432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8869 comm="syz.3.953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82ea78f749 code=0x7ffc0000 [ 334.944302][ T27] audit: type=1326 audit(1763744930.557:433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8869 comm="syz.3.953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82ea78f749 code=0x7ffc0000 [ 334.966653][ T27] audit: type=1326 audit(1763744930.557:434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8869 comm="syz.3.953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f82ea78f749 code=0x7ffc0000 [ 334.989077][ T27] audit: type=1326 audit(1763744930.557:435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8869 comm="syz.3.953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82ea78f749 code=0x7ffc0000 [ 335.011330][ T27] audit: type=1326 audit(1763744930.557:436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8869 comm="syz.3.953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82ea78f749 code=0x7ffc0000 [ 335.033561][ T27] audit: type=1326 audit(1763744930.557:437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8869 comm="syz.3.953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f82ea791667 code=0x7ffc0000 [ 335.055800][ T27] audit: type=1326 audit(1763744930.557:438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8869 comm="syz.3.953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82ea78f749 code=0x7ffc0000 [ 335.078063][ T27] audit: type=1326 audit(1763744930.567:439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8869 comm="syz.3.953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f82ea78f749 code=0x7ffc0000 [ 335.100288][ T27] audit: type=1326 audit(1763744930.567:440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8869 comm="syz.3.953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82ea78f749 code=0x7ffc0000 [ 335.134078][ T27] audit: type=1326 audit(1763744930.567:441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8869 comm="syz.3.953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82ea78f749 code=0x7ffc0000 [ 335.157511][ T8871] loop3: detected capacity change from 0 to 512 [ 335.489170][ T8871] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 335.583353][ T8871] ext4 filesystem being mounted at /227/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 337.524483][ T8893] 8021q: adding VLAN 0 to HW filter on device bond7 [ 337.586980][ T8902] netlink: 'syz.0.961': attribute type 13 has an invalid length. [ 337.862160][ T8912] loop1: detected capacity change from 0 to 512 [ 337.883061][ T8912] EXT4-fs: Ignoring removed oldalloc option [ 337.944302][ T8912] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 338.018014][ T8912] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2872: Unable to expand inode 11. Delete some EAs or run e2fsck. [ 338.046318][ T8912] EXT4-fs (loop1): 1 truncate cleaned up [ 338.141174][ T8912] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 338.892408][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 338.986051][ T8912] loop1: detected capacity change from 512 to 64 [ 339.171121][ T5781] EXT4-fs error (device loop1): mb_free_blocks:1938: group 0, inode 16: block 35:freeing already freed block (bit 34); block bitmap corrupt. [ 339.215935][ T5781] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 340.765651][ T27] kauditd_printk_skb: 14 callbacks suppressed [ 340.765665][ T27] audit: type=1326 audit(1763744936.437:456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8949 comm="syz.2.978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22f878f749 code=0x7ffc0000 [ 340.822825][ T8950] loop2: detected capacity change from 0 to 1024 [ 340.857133][ T27] audit: type=1326 audit(1763744936.437:457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8949 comm="syz.2.978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22f878f749 code=0x7ffc0000 [ 340.876257][ T8950] EXT4-fs: Ignoring removed orlov option [ 340.929101][ T27] audit: type=1326 audit(1763744936.467:458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8949 comm="syz.2.978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f22f878f749 code=0x7ffc0000 [ 340.983456][ T27] audit: type=1326 audit(1763744936.467:459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8949 comm="syz.2.978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f22f878f783 code=0x7ffc0000 [ 341.044205][ T27] audit: type=1326 audit(1763744936.487:460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8949 comm="syz.2.978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f22f878e1ff code=0x7ffc0000 [ 341.069227][ T27] audit: type=1326 audit(1763744936.487:461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8949 comm="syz.2.978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f22f878f7d7 code=0x7ffc0000 [ 341.105120][ T8950] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 341.142109][ T27] audit: type=1326 audit(1763744936.487:462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8949 comm="syz.2.978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f22f878df90 code=0x7ffc0000 [ 341.180286][ T27] audit: type=1326 audit(1763744936.487:463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8949 comm="syz.2.978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f22f878f34b code=0x7ffc0000 [ 341.207140][ T27] audit: type=1326 audit(1763744936.527:464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8949 comm="syz.2.978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f22f878e3aa code=0x7ffc0000 [ 341.232580][ T27] audit: type=1326 audit(1763744936.527:465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8949 comm="syz.2.978" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f22f878e3aa code=0x7ffc0000 [ 341.392430][ T8971] netlink: 8 bytes leftover after parsing attributes in process `+}[@'. [ 341.608512][ T8967] 8021q: adding VLAN 0 to HW filter on device bond1 [ 341.701835][ T8980] loop3: detected capacity change from 0 to 512 [ 341.791686][ T8980] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 341.810583][ T8974] bond1: (slave geneve2): Enslaving as an active interface with an up link [ 341.847582][ T8980] ext4 filesystem being mounted at /234/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 341.868687][ T8971] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12 [ 341.901676][ T8971] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12 [ 341.923950][ T8971] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 342.000187][ T5780] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 342.276993][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 342.344230][ T8990] netlink: 'syz.2.989': attribute type 13 has an invalid length. [ 342.381899][ T8992] syz_tun: entered allmulticast mode [ 342.388114][ T8992] syz_tun: left allmulticast mode [ 343.452066][ T9020] netlink: 'syz.1.1002': attribute type 4 has an invalid length. [ 343.486105][ T9020] netlink: 'syz.1.1002': attribute type 4 has an invalid length. [ 343.780644][ T9028] loop1: detected capacity change from 0 to 512 [ 343.791458][ T9028] EXT4-fs: Ignoring removed orlov option [ 343.823122][ T9028] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 343.933908][ T9028] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2249: inode #15: comm syz.1.1006: corrupted in-inode xattr: e_value size too large [ 343.960071][ T9028] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.1006: couldn't read orphan inode 15 (err -117) [ 343.980597][ T9028] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 344.340527][ T5781] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 344.549745][ T9033] 8021q: adding VLAN 0 to HW filter on device bond5 [ 344.680082][ T9047] netlink: 'syz.1.1012': attribute type 4 has an invalid length. [ 344.753536][ T9047] netlink: 'syz.1.1012': attribute type 4 has an invalid length. [ 345.453657][ T9063] mac80211_hwsim hwsim9 syzkaller0: entered promiscuous mode [ 345.472886][ T9063] mac80211_hwsim hwsim9 syzkaller0: entered allmulticast mode [ 345.609805][ T9063] tipc: Enabled bearer , priority 0 [ 345.953146][ T9079] netlink: 'syz.0.1024': attribute type 4 has an invalid length. [ 347.337467][ T9079] netlink: 'syz.0.1024': attribute type 4 has an invalid length. [ 350.376848][ T9103] 8021q: adding VLAN 0 to HW filter on device bond8 [ 350.754853][ T9114] Driver unsupported XDP return value 0 on prog (id 244) dev N/A, expect packet loss! [ 350.969708][ T9116] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1037'. [ 351.045825][ T9116] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1037'. [ 351.706055][ T27] kauditd_printk_skb: 34 callbacks suppressed [ 351.706068][ T27] audit: type=1326 audit(1763744947.377:500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9122 comm="syz.1.1039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f886a78f749 code=0x7ffc0000 [ 351.746503][ T27] audit: type=1326 audit(1763744947.407:501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9122 comm="syz.1.1039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f886a78f749 code=0x7ffc0000 [ 351.804115][ T27] audit: type=1326 audit(1763744947.407:502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9122 comm="syz.1.1039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f886a78f749 code=0x7ffc0000 [ 351.851831][ T27] audit: type=1326 audit(1763744947.407:503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9122 comm="syz.1.1039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f886a78f783 code=0x7ffc0000 [ 351.917835][ T27] audit: type=1326 audit(1763744947.407:504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9122 comm="syz.1.1039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f886a78f783 code=0x7ffc0000 [ 351.960997][ T27] audit: type=1326 audit(1763744947.427:505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9122 comm="syz.1.1039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f886a78f749 code=0x7ffc0000 [ 351.998337][ T27] audit: type=1326 audit(1763744947.427:506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9122 comm="syz.1.1039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f886a78f749 code=0x7ffc0000 [ 352.079593][ T27] audit: type=1326 audit(1763744947.437:507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9122 comm="syz.1.1039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f886a7865e7 code=0x7ffc0000 [ 352.121950][ T27] audit: type=1326 audit(1763744947.437:508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9122 comm="syz.1.1039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f886a72b829 code=0x7ffc0000 [ 352.144934][ T27] audit: type=1326 audit(1763744947.437:509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9122 comm="syz.1.1039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=427 compat=0 ip=0x7f886a78f749 code=0x7ffc0000 [ 352.181790][ T9133] loop2: detected capacity change from 0 to 4096 [ 352.236379][ T9133] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 352.816435][ T9139] ext4: Unknown parameter 'nr_inodes' [ 353.023078][ T5780] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 353.257986][ T9152] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1050'. [ 353.290431][ T9152] IPVS: Error connecting to the multicast addr [ 353.873995][ T5855] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 354.061440][ T5855] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 354.070932][ T5855] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 354.091130][ T5855] usb 4-1: Product: syz [ 354.100777][ T5855] usb 4-1: Manufacturer: syz [ 354.110939][ T5855] usb 4-1: SerialNumber: syz [ 354.141596][ T5855] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 354.203458][ T6075] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 354.424876][ T5792] usb 4-1: USB disconnect, device number 12 [ 354.723032][ T9183] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 354.799501][ T9186] netlink: 'syz.0.1062': attribute type 1 has an invalid length. [ 354.981971][ T9186] 8021q: adding VLAN 0 to HW filter on device bond3 [ 355.180474][ T9189] bond3: (slave geneve2): Enslaving as an active interface with an up link [ 355.207101][ T9198] tipc: Enabling of bearer rejected, already enabled [ 355.254077][ T6075] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive [ 355.281958][ T6075] ath9k_htc: Failed to initialize the device [ 355.331608][ T5792] usb 4-1: ath9k_htc: USB layer deinitialized [ 356.027568][ T9218] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1075'. [ 356.074986][ T9218] hsr_slave_0: left promiscuous mode [ 356.111410][ T9218] hsr_slave_1: left promiscuous mode [ 356.369531][ T9228] syzkaller0: entered promiscuous mode [ 356.384701][ T9228] syzkaller0: entered allmulticast mode [ 356.525994][ T9232] capability: warning: `syz.3.1080' uses 32-bit capabilities (legacy support in use) [ 357.690416][ T9251] netlink: 'syz.3.1086': attribute type 1 has an invalid length. [ 357.873465][ T9255] loop2: detected capacity change from 0 to 512 [ 357.923898][ T9251] 8021q: adding VLAN 0 to HW filter on device bond6 [ 358.713703][ T9255] ------------[ cut here ]------------ [ 358.719959][ T9255] EA inode 11 i_nlink=2 [ 358.720208][ T9255] WARNING: CPU: 0 PID: 9255 at fs/ext4/xattr.c:1075 ext4_xattr_inode_update_ref+0x4fb/0x550 [ 358.734718][ T9255] Modules linked in: [ 358.738646][ T9255] CPU: 0 PID: 9255 Comm: syz.2.1089 Not tainted syzkaller #0 [ 358.746191][ T9255] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 358.756323][ T9255] RIP: 0010:ext4_xattr_inode_update_ref+0x4fb/0x550 [ 358.762917][ T9255] Code: 8d 7e 50 4c 89 f8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ff e8 c6 3b 9a ff 49 8b 37 48 c7 c7 a0 c3 be 8a 89 da e8 c5 5d 0d ff <0f> 0b 4c 8b 74 24 08 4c 8b 7c 24 10 e9 b9 fe ff ff e8 6f 1d 2c 08 [ 358.782611][ T9255] RSP: 0018:ffffc9000c8971c0 EFLAGS: 00010246 [ 358.788871][ T9255] RAX: 55949280d89ef400 RBX: 0000000000000002 RCX: 0000000000080000 [ 358.797568][ T9255] RDX: ffffc9000d42b000 RSI: 0000000000048407 RDI: 0000000000048408 [ 358.805638][ T9255] RBP: ffffc9000c8972b8 R08: ffff8880b8e28c13 R09: 1ffff110171c5182 [ 358.813620][ T9255] R10: dffffc0000000000 R11: ffffed10171c5183 R12: dffffc0000000000 [ 358.822110][ T9255] R13: ffff88805e378ea8 R14: ffff88805e378cb0 R15: ffff88805e378d00 [ 358.830167][ T9255] FS: 00007f22f97126c0(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 358.839224][ T9255] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 358.845901][ T9255] CR2: 0000200000404030 CR3: 0000000031312000 CR4: 00000000003506f0 [ 358.854982][ T9255] Call Trace: [ 358.858312][ T9255] [ 358.861314][ T9255] ? ext4_xattr_list_entries+0x3d0/0x3d0 [ 358.867134][ T9255] ? ext4_xattr_inode_iget+0x3df/0x600 [ 358.872654][ T9255] ext4_xattr_set_entry+0xcda/0x1e90 [ 358.878141][ T9255] ext4_xattr_ibody_set+0x254/0x6a0 [ 358.883399][ T9255] ext4_expand_extra_isize_ea+0x113a/0x19e0 [ 358.889515][ T9255] __ext4_expand_extra_isize+0x306/0x400 [ 358.895286][ T9255] __ext4_mark_inode_dirty+0x45d/0x6e0 [ 358.900792][ T9255] ext4_evict_inode+0x7ed/0xea0 [ 358.905735][ T9255] ? _raw_spin_unlock+0x28/0x40 [ 358.910630][ T9255] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 358.916640][ T9255] ? do_raw_spin_unlock+0x121/0x230 [ 358.921971][ T9255] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 358.927992][ T9255] evict+0x486/0x870 [ 358.931881][ T9255] ? __lock_acquire+0x7c80/0x7c80 [ 358.936938][ T9255] ? proc_nr_inodes+0x230/0x230 [ 358.941785][ T9255] ? _raw_spin_unlock+0x3a/0x40 [ 358.946707][ T9255] ? iput+0x70a/0x920 [ 358.950705][ T9255] ext4_orphan_cleanup+0xbd4/0x1400 [ 358.955953][ T9255] ? ext4_orphan_del+0xba0/0xba0 [ 358.960889][ T9255] ? ext4_register_li_request+0x183/0x940 [ 358.966680][ T9255] ? errseq_check_and_advance+0x66/0x120 [ 358.972333][ T9255] ext4_fill_super+0x5de4/0x66c0 [ 358.977353][ T9255] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 358.983587][ T9255] ? __might_sleep+0xe0/0xe0 [ 358.988209][ T9255] ? read_lock_is_recursive+0x20/0x20 [ 358.993576][ T9255] ? snprintf+0xdb/0x120 [ 358.997862][ T9255] ? vscnprintf+0x80/0x80 [ 359.002185][ T9255] ? down_write+0x162/0x1f0 [ 359.006722][ T9255] ? down_read_killable+0x340/0x340 [ 359.011921][ T9255] ? setup_bdev_super+0x56b/0x660 [ 359.017077][ T9255] get_tree_bdev+0x3e4/0x510 [ 359.021782][ T9255] ? vfs_parse_fs_string+0x160/0x160 [ 359.027107][ T9255] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 359.033342][ T9255] ? setup_bdev_super+0x660/0x660 [ 359.038388][ T9255] ? apparmor_capable+0x137/0x1a0 [ 359.043404][ T9255] ? bpf_lsm_capable+0x9/0x10 [ 359.048121][ T9255] ? security_capable+0x89/0xb0 [ 359.052979][ T9255] vfs_get_tree+0x8c/0x280 [ 359.057434][ T9255] do_new_mount+0x24b/0xa40 [ 359.061933][ T9255] __se_sys_mount+0x2da/0x3c0 [ 359.066627][ T9255] ? __x64_sys_mount+0xc0/0xc0 [ 359.071383][ T9255] ? lockdep_hardirqs_on+0x98/0x150 [ 359.076624][ T9255] ? __x64_sys_mount+0x20/0xc0 [ 359.081383][ T9255] do_syscall_64+0x55/0xb0 [ 359.085828][ T9255] ? clear_bhb_loop+0x40/0x90 [ 359.090495][ T9255] ? clear_bhb_loop+0x40/0x90 [ 359.095237][ T9255] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 359.101122][ T9255] RIP: 0033:0x7f22f8790eea [ 359.105575][ T9255] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 359.125338][ T9255] RSP: 002b:00007f22f9711e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 359.133749][ T9255] RAX: ffffffffffffffda RBX: 00007f22f9711ef0 RCX: 00007f22f8790eea [ 359.141758][ T9255] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f22f9711eb0 [ 359.149767][ T9255] RBP: 0000200000000180 R08: 00007f22f9711ef0 R09: 0000000000800700 [ 359.157794][ T9255] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0 [ 359.165795][ T9255] R13: 00007f22f9711eb0 R14: 000000000000046f R15: 000000000000002c [ 359.173857][ T9255] [ 359.176883][ T9255] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 359.184143][ T9255] CPU: 0 PID: 9255 Comm: syz.2.1089 Not tainted syzkaller #0 [ 359.191492][ T9255] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 359.201528][ T9255] Call Trace: [ 359.204796][ T9255] [ 359.207714][ T9255] dump_stack_lvl+0x16c/0x230 [ 359.212388][ T9255] ? show_regs_print_info+0x20/0x20 [ 359.217572][ T9255] ? load_image+0x3b0/0x3b0 [ 359.222062][ T9255] panic+0x2c0/0x710 [ 359.225944][ T9255] ? bpf_jit_dump+0xd0/0xd0 [ 359.230437][ T9255] __warn+0x2e0/0x470 [ 359.234399][ T9255] ? ext4_xattr_inode_update_ref+0x4fb/0x550 [ 359.240362][ T9255] ? ext4_xattr_inode_update_ref+0x4fb/0x550 [ 359.246324][ T9255] report_bug+0x2be/0x4f0 [ 359.250639][ T9255] ? ext4_xattr_inode_update_ref+0x4fb/0x550 [ 359.256601][ T9255] ? ext4_xattr_inode_update_ref+0x4fb/0x550 [ 359.262563][ T9255] ? ext4_xattr_inode_update_ref+0x4fd/0x550 [ 359.268528][ T9255] handle_bug+0xcf/0x120 [ 359.272778][ T9255] exc_invalid_op+0x1a/0x50 [ 359.277362][ T9255] asm_exc_invalid_op+0x1a/0x20 [ 359.282200][ T9255] RIP: 0010:ext4_xattr_inode_update_ref+0x4fb/0x550 [ 359.288784][ T9255] Code: 8d 7e 50 4c 89 f8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ff e8 c6 3b 9a ff 49 8b 37 48 c7 c7 a0 c3 be 8a 89 da e8 c5 5d 0d ff <0f> 0b 4c 8b 74 24 08 4c 8b 7c 24 10 e9 b9 fe ff ff e8 6f 1d 2c 08 [ 359.308380][ T9255] RSP: 0018:ffffc9000c8971c0 EFLAGS: 00010246 [ 359.314434][ T9255] RAX: 55949280d89ef400 RBX: 0000000000000002 RCX: 0000000000080000 [ 359.322389][ T9255] RDX: ffffc9000d42b000 RSI: 0000000000048407 RDI: 0000000000048408 [ 359.330347][ T9255] RBP: ffffc9000c8972b8 R08: ffff8880b8e28c13 R09: 1ffff110171c5182 [ 359.338305][ T9255] R10: dffffc0000000000 R11: ffffed10171c5183 R12: dffffc0000000000 [ 359.346261][ T9255] R13: ffff88805e378ea8 R14: ffff88805e378cb0 R15: ffff88805e378d00 [ 359.354234][ T9255] ? ext4_xattr_list_entries+0x3d0/0x3d0 [ 359.359858][ T9255] ? ext4_xattr_inode_iget+0x3df/0x600 [ 359.365304][ T9255] ext4_xattr_set_entry+0xcda/0x1e90 [ 359.370587][ T9255] ext4_xattr_ibody_set+0x254/0x6a0 [ 359.375784][ T9255] ext4_expand_extra_isize_ea+0x113a/0x19e0 [ 359.381679][ T9255] __ext4_expand_extra_isize+0x306/0x400 [ 359.387304][ T9255] __ext4_mark_inode_dirty+0x45d/0x6e0 [ 359.392749][ T9255] ext4_evict_inode+0x7ed/0xea0 [ 359.397587][ T9255] ? _raw_spin_unlock+0x28/0x40 [ 359.402425][ T9255] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 359.408304][ T9255] ? do_raw_spin_unlock+0x121/0x230 [ 359.413486][ T9255] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 359.419365][ T9255] evict+0x486/0x870 [ 359.423243][ T9255] ? __lock_acquire+0x7c80/0x7c80 [ 359.428258][ T9255] ? proc_nr_inodes+0x230/0x230 [ 359.433094][ T9255] ? _raw_spin_unlock+0x3a/0x40 [ 359.437929][ T9255] ? iput+0x70a/0x920 [ 359.441893][ T9255] ext4_orphan_cleanup+0xbd4/0x1400 [ 359.447090][ T9255] ? ext4_orphan_del+0xba0/0xba0 [ 359.452020][ T9255] ? ext4_register_li_request+0x183/0x940 [ 359.457727][ T9255] ? errseq_check_and_advance+0x66/0x120 [ 359.463350][ T9255] ext4_fill_super+0x5de4/0x66c0 [ 359.468287][ T9255] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 359.474514][ T9255] ? __might_sleep+0xe0/0xe0 [ 359.479114][ T9255] ? read_lock_is_recursive+0x20/0x20 [ 359.484468][ T9255] ? snprintf+0xdb/0x120 [ 359.488698][ T9255] ? vscnprintf+0x80/0x80 [ 359.493009][ T9255] ? down_write+0x162/0x1f0 [ 359.497500][ T9255] ? down_read_killable+0x340/0x340 [ 359.502685][ T9255] ? setup_bdev_super+0x56b/0x660 [ 359.507692][ T9255] get_tree_bdev+0x3e4/0x510 [ 359.512264][ T9255] ? vfs_parse_fs_string+0x160/0x160 [ 359.517532][ T9255] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 359.523761][ T9255] ? setup_bdev_super+0x660/0x660 [ 359.528776][ T9255] ? apparmor_capable+0x137/0x1a0 [ 359.533793][ T9255] ? bpf_lsm_capable+0x9/0x10 [ 359.538470][ T9255] ? security_capable+0x89/0xb0 [ 359.543304][ T9255] vfs_get_tree+0x8c/0x280 [ 359.547706][ T9255] do_new_mount+0x24b/0xa40 [ 359.552194][ T9255] __se_sys_mount+0x2da/0x3c0 [ 359.556855][ T9255] ? __x64_sys_mount+0xc0/0xc0 [ 359.561599][ T9255] ? lockdep_hardirqs_on+0x98/0x150 [ 359.566778][ T9255] ? __x64_sys_mount+0x20/0xc0 [ 359.571523][ T9255] do_syscall_64+0x55/0xb0 [ 359.575926][ T9255] ? clear_bhb_loop+0x40/0x90 [ 359.580589][ T9255] ? clear_bhb_loop+0x40/0x90 [ 359.585250][ T9255] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 359.591126][ T9255] RIP: 0033:0x7f22f8790eea [ 359.595523][ T9255] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 359.615110][ T9255] RSP: 002b:00007f22f9711e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 359.623509][ T9255] RAX: ffffffffffffffda RBX: 00007f22f9711ef0 RCX: 00007f22f8790eea [ 359.631465][ T9255] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f22f9711eb0 [ 359.639423][ T9255] RBP: 0000200000000180 R08: 00007f22f9711ef0 R09: 0000000000800700 [ 359.647375][ T9255] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0 [ 359.655328][ T9255] R13: 00007f22f9711eb0 R14: 000000000000046f R15: 000000000000002c [ 359.663293][ T9255] [ 359.666549][ T9255] Kernel Offset: disabled [ 359.671008][ T9255] Rebooting in 86400 seconds..