last executing test programs: 15.919666372s ago: executing program 4 (id=1542): mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000001, 0x12, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) syz_usb_connect(0x0, 0x5f, 0x0, 0x0) write$tun(0xffffffffffffffff, 0x0, 0xffe) r2 = socket$packet(0x11, 0x3, 0x300) set_mempolicy(0x3, &(0x7f0000000100)=0x3, 0x9) setsockopt$packet_tx_ring(r2, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x808000, 0x4, 0x20300, 0xfc, 0x2000000}, 0x1c) 12.719680398s ago: executing program 0 (id=1555): bind$inet6(0xffffffffffffffff, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x396, @empty}, 0x1c) r2 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[], 0x0) syz_usb_control_io(r2, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r2, 0x0, &(0x7f0000000f80)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000e40)={0x20, 0x80, 0x1c, {0x1, 0x2, 0x5, 0x5, 0xaac6, 0x2, 0x1ff, 0x4, 0x856f, 0x1, 0x0, 0x2}}, 0x0, 0x0, 0x0, 0x0}) r3 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$EVIOCGMASK(r3, 0x80015b12, 0x0) pipe(&(0x7f0000000040)) r4 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x11, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc)) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x80008, 0xc, 0x414}, 0x50) r5 = syz_open_procfs(0x0, &(0x7f0000000040)='stat\x00') preadv(r5, &(0x7f0000000340)=[{&(0x7f00000013c0)=""/125, 0x7d}], 0x1, 0x0, 0xffffffff) unshare(0x68040200) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0xfffff000) syz_usb_connect$uac1(0x6, 0x71, 0x0, 0x0) syz_clone(0x800000, 0x0, 0x0, &(0x7f0000000080), &(0x7f0000000380), &(0x7f00000003c0)) 9.172416019s ago: executing program 3 (id=1571): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, &(0x7f0000000080)=ANY=[@ANYBLOB="00020201"], 0x18) sendmmsg$inet6(r0, &(0x7f0000000700)=[{{&(0x7f0000000000)={0xa, 0x4e21, 0x4d7, @private2}, 0x1c, &(0x7f0000000900)=[{&(0x7f00000003c0)="fc", 0x1}], 0x1}}], 0x1, 0x4c040) 8.99979007s ago: executing program 0 (id=1573): ioctl$IMADDTIMER(0xffffffffffffffff, 0x80044940, 0x0) socket(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0) setsockopt$inet6_IPV6_PKTINFO(0xffffffffffffffff, 0x29, 0x32, 0x0, 0x4c) r2 = creat(&(0x7f0000000580)='./file1\x00', 0x0) r3 = fanotify_init(0xf00, 0x1) fanotify_mark(r3, 0x105, 0x40009975, r2, 0x0) fallocate(r1, 0x0, 0x1000000, 0x3) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x6, 0x4, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp}, 0x94) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r1, 0x0) 8.89737682s ago: executing program 3 (id=1575): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x4e20, @local}]}, &(0x7f0000000100)=0x10) sendmmsg$inet6(r0, &(0x7f0000003f00)=[{{0x0, 0xf, &(0x7f0000000300)=[{&(0x7f0000000140)="a2", 0x1a058}], 0x1}}], 0x1, 0x0) 8.649997158s ago: executing program 1 (id=1576): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d"], &(0x7f0000000100)='syzkaller\x00', 0x4, 0x0, 0x0, 0x41100, 0x43, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7fff}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x40001e0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000480)={0x1b, 0x0, 0x0, 0x9, 0x0, 0xffffffffffffffff, 0x48c2, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x2}, 0x50) openat(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0x103042, 0x0) r1 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r1, 0x402, 0x5) fcntl$notify(r1, 0x402, 0x8000003d) 8.599672096s ago: executing program 4 (id=1577): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f00000003c0)={0x4, 0x80100008b}, 0x0) sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_NEIGHBORS(r1, &(0x7f0000004340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x1c, r2, 0x331, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r3}]}, 0x1c}}, 0x0) 8.02369242s ago: executing program 1 (id=1578): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x2c, 0x2c, 0x2, [@func_proto={0x0, 0x4, 0x0, 0xd, 0x0, [{0xa, 0x5}, {0x6, 0x2}, {0x6, 0x5}, {0x6, 0xfffffffd}]}]}}, &(0x7f0000000100)=""/141, 0x46, 0x8d, 0x1, 0x7}, 0x28) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xb, &(0x7f0000000100)=ANY=[@ANYBLOB="180800ec0c0000000000000000000000180100002020"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000100)=ANY=[@ANYRES8, @ANYRES32, @ANYBLOB="0000000000000000400012800c0001"], 0x68}}, 0x0) r1 = socket$igmp6(0xa, 0x3, 0x2) r2 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000300)={0x0, 'syzkaller1\x00', {0x2}}) write$tun(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="06000000bbbbbbbbbbbbaaaaaaaaaabb88f5"], 0x72) 7.721638899s ago: executing program 3 (id=1579): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r2, 0x6, 0x80000000000002, &(0x7f0000000180)=0x7a, 0x4) r3 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$IP6T_SO_SET_ADD_COUNTERS(r3, 0x29, 0x41, &(0x7f00000004c0)=ANY=[], 0x68) syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x20201) r4 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0), 0x88602, 0x0) r5 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_int(r5, 0x107, 0xa, 0x0, 0x0) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000004000)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab0300817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697a8ad004eea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014751c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa407e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a0c93d47018c12e7ba8188a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab188dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b4896c7aabf4df517d90bdc01e73835d50200a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987595ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e547f7ad33850d9feccd0111a2e3700845dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005202000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a12489c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db08407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af14915f29b719f54926fc32468f65bd06b4092140faed0c329be610c3082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b4c8787361f3289f86ae826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa520000afe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da357f9e93ce055019c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c672b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981fd9086e4000000000000646174b55d251f7f8ca5ccc22a5efb33b237eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db41474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1bdfc64b9121bbf07099def5c0ce3c861ae4b5cad8bba5a0b6059b9ef90c2f96a59320309e25df89484522bb1d6eaa92164f9e4042cb689a45a898354c17b08705205a9189772bcbcb6414e44b33a2470d3bc16f761c33f565b9da5e7991ad8482579cc1b16c1fcec815a5482ae8b1779c5e339971a6ec1217bcfd1ef24284de8a0a9f068f297037d6478c2434a9a18dcc6c7c791e444a79d7ce37f9cf2826b47ad8ca6a2fa254aa02cd098026798a6d336348af0fc11fa2809a5ebbe17ca4d0f889d518f64ee50f562b5fdb1f76d4a7fe14701f8ed0c6a55d66a6efea3e449e6b478abc5b196dd5308cb20c4e2a0bd702651bb39f10523102dcd8ece692159028f314e0d6bfa400475c6699fdc40efe0948e3cef7419a7f113134e5ee20fd87c4521ccfbd32d6f147f743d30866bdd86ca8bf0c7bcc475f4ed53517aaa51f1c151d859a7f0b53abd332c84bdad313e82ac3777a6f7f649ff8a25f6dfe09cb29213896b49a825257bf143e9fa3bbd47009e66fe5705b3ef2b40a182e408c680727d64e00e1ce508f8fd64ac6c84ccc28fc333067de63b9bb5daaa12ce60ee3779ded79651be69d2a413cd948a873dd7ad7017b150828cf100d3df8537f22aff58343c9ee966fceb594bbe10b911427f76a25a219be2f85287b7f83d323a30991067ad1369792166062085ff20c5fb9f6e4f78dd09c7d2d6ca3c8a5d0d26ccbe576f44a1bc94194817"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r6, 0x18000000000002a0, 0xe80, 0x6000, &(0x7f0000000640)="b9ff03076844268cb89e14f088a847e088641100050000210283ac141440e0", 0x0, 0x11, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x48) ioctl$SNDCTL_DSP_GETODELAY(r4, 0x80045017, 0x0) r7 = syz_open_dev$sndpcmp(&(0x7f0000001200), 0x0, 0xa2c65) write$snddsp(r7, &(0x7f0000000200), 0x0) bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r2, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4) getpeername$packet(0xffffffffffffffff, 0x0, 0x0) sendto$inet(r2, &(0x7f0000000300)="0906c422e0243219ff7b440e76a1b51b82ba23599f81b52c9d4db4486cec105e4b9f0f859f8a43eef6352f1e46e3145089b6a22f618ca14e288029b613a329c422481c6b7aff6806bce699cea461ecf591d9018b2a1d84e389a8d3127fd35913fe69754435c2", 0xffffffffffffffbb, 0x40040011, 0x0, 0x0) 7.676164469s ago: executing program 1 (id=1580): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000008c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000980)={&(0x7f0000000080)={0x48, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x4d}, @val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'nicvf0\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x6}, @mon_options=[@NL80211_ATTR_MNTR_FLAGS={0x8, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_ACTIVE={0x4}]}]]}, 0x48}, 0x1, 0x0, 0x0, 0x8050}, 0x240048c0) 6.796028439s ago: executing program 1 (id=1583): sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x7) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020700000000000002030207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000100850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_clone3(&(0x7f00000005c0)={0x102102180, 0x0, 0x0, 0x0, {0x39}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x4000) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000000c0)=@newsa={0x104, 0x10, 0x7, 0x0, 0x0, {{@in6=@mcast2, @in=@multicast2, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xee00}, {@in6=@mcast1, 0x0, 0x2b}, @in6=@private0, {0x0, 0x0, 0x2}, {0x0, 0x200000, 0x7}, {0x40000, 0x0, 0xae8}, 0x0, 0x0, 0xa, 0x2, 0x0, 0x70}, [@coaddr={0x14, 0xe, @in6=@remote}]}, 0x104}}, 0x0) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000000c0)=ANY=[@ANYBLOB="040100001a000700", @ANYRES32=0x0], 0x104}}, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000001c0)={@mcast1, 0x50}) r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TCSBRKP(r5, 0x542e, 0xfffffffeffffffff) 6.754531174s ago: executing program 0 (id=1584): inotify_add_watch(0xffffffffffffffff, 0x0, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='syz_tun\x00', 0x10) syz_usb_connect$uac1(0x2, 0xa5, &(0x7f0000000380)=ANY=[@ANYBLOB="12010000000000106b1d01014000010203010902"], 0x0) syz_emit_ethernet(0x2a, &(0x7f0000000080)=ANY=[@ANYBLOB="bbbbbbbbbbbb5a01f3c2f13608060001080006040002aaaaaaaaaaaaac1414bb"], 0x0) pselect6(0x40, &(0x7f0000000340)={0x0, 0x3ffffffffffffffc, 0xffffffffffffffff, 0x100, 0xfffffffffffffffd, 0x200000000000010, 0xfffc}, &(0x7f0000000580)={0x10, 0x3, 0x7, 0x1, 0x0, 0x6, 0x6, 0x3}, 0x0, 0x0, 0x0) socket$inet6_sctp(0xa, 0x801, 0x84) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000005c0)={0x28, 0x3c, 0x107, 0x0, 0x0, {0x2, 0x7c}, [@nested={0x4, 0xfc}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}]}, @nested={0x4, 0x2}]}, 0x28}, 0x1, 0x0, 0x0, 0xc000}, 0x4040) 5.22710642s ago: executing program 0 (id=1588): r0 = openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$swradio(&(0x7f0000000000), 0x1, 0x2) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) seccomp$SECCOMP_GET_ACTION_AVAIL(0x2, 0x0, 0x0) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x5d031, 0xffffffffffffffff, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$sock_inet_udp_SIOCOUTQ(0xffffffffffffffff, 0x5411, &(0x7f00000002c0)) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60) ioctl$KVM_CAP_SPLIT_IRQCHIP(r6, 0x4068aea3, &(0x7f00000001c0)) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1) ioctl$KVM_SET_VCPU_EVENTS(r7, 0x4138ae84, &(0x7f0000000080)=@x86={0x6, 0xa, 0x7, 0x0, 0x3, 0x8d, 0xce, 0x1c, 0x89, 0xa0, 0x7, 0x8, 0x0, 0x8000, 0xb, 0x2, 0x8, 0x2, 0x1, '\x00', 0x9, 0x3fb}) ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) syz_usb_connect(0x4, 0x80b, &(0x7f0000000f40)=ANY=[], &(0x7f0000000e00)={0xa, &(0x7f0000000180)={0xa, 0x6, 0x251, 0x0, 0x15, 0x66, 0x40, 0x8b}, 0x19, &(0x7f0000000340)=ANY=[@ANYBLOB="050ff9ff010a1003020c000821f0f3cbe89fa7495f4f"], 0x4, [{0xa7, &(0x7f0000000cc0)=ANY=[@ANYBLOB]}, {0x27, &(0x7f0000000e80)=ANY=[]}, {0x78, &(0x7f0000000d80)=@string={0x78, 0x3, "9811916e11b45c33212fbd5e5df6395154736cb0a1dd20331bf488eec9cdbbb55ffd429bd18a295b26cfcfa1293f80607100384d032c4ff2ed22d8f15f8a212adc33223813ae40d67a9e6712566e390dd57c654bbf57fd2b040caddfe0cc4e0246af824b72fb0ddf48d83daa2299ecfe21af62ffe1f5"}}, {0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x1001}}]}) close_range(r0, 0xffffffffffffffff, 0x0) 5.143836427s ago: executing program 3 (id=1589): socket$nl_route(0x10, 0x3, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) ioctl$RTC_UIE_OFF(0xffffffffffffffff, 0x7004) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) sched_setattr(0x0, 0x0, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65) ioctl$SNDCTL_DSP_GETOSPACE(r2, 0x8010500c, &(0x7f0000000040)) ioctl$SNDRV_PCM_IOCTL_HW_FREE(r3, 0x4112, 0x0) ioctl$SNDCTL_DSP_POST(r2, 0x5008, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) r4 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r4, &(0x7f0000000440)={0x900, 0x0, 0x0}, 0x40408c0) r5 = syz_open_dev$vim2m(&(0x7f00000002c0), 0xf, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f0000000040)={0x80000001, 0x1, 0x4}) ioctl$vim2m_VIDIOC_STREAMOFF(r5, 0x40045612, &(0x7f0000000240)=0x1) 5.116432629s ago: executing program 4 (id=1590): sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x0) socket$can_raw(0x1d, 0x3, 0x1) bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x60, 0x3fd}, 0x25) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) unshare(0x8000000) semget$private(0x0, 0x4000, 0x121) semtimedop(0x0, &(0x7f0000000040)=[{0x3, 0x8, 0x1800}, {0x3, 0xfffb, 0xc00}], 0x2, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSKBENT(r1, 0x4b47, &(0x7f0000000080)={0x0, 0x7d, 0x20f}) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x3000002, 0x110, 0xffffffffffffffff, 0x8000000) socket$kcm(0x11, 0x3, 0x0) r2 = socket(0x28, 0x5, 0x0) getpeername$l2tp(r2, 0x0, 0x0) r3 = socket$inet_tcp(0x2, 0x1, 0x0) mknod$loop(&(0x7f0000000140)='./file0\x00', 0x8fff, 0x0) execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) listen(r3, 0x0) listen(0xffffffffffffffff, 0xfffffffc) 4.307834649s ago: executing program 2 (id=1591): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0xa101, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x3, 0x0, 0x0, "0062ba7d82000000000000000000f7fffeff00"}) r1 = syz_open_pts(r0, 0x8182) r2 = dup3(r1, r0, 0x0) write$UHID_INPUT(r2, 0x0, 0x0) 4.307103133s ago: executing program 4 (id=1592): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2) r0 = socket$inet6(0xa, 0x80001, 0x0) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, 0x0, 0x20000) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000002000)=""/102400, 0x19000) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) write$binfmt_aout(r2, 0x0, 0xff2e) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz0\x00', 0x200002, 0x0) openat$cgroup(r3, &(0x7f00000002c0)='syz1\x00', 0x200002, 0x0) ioctl$TCSETS(r2, 0x40045431, 0x0) r4 = syz_open_pts(r2, 0x191200) dup3(r4, r2, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r6, 0x65, 0x1, 0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r6, 0x8933, &(0x7f0000000180)={'vxcan1\x00', 0x0}) bind$can_raw(r6, &(0x7f0000000000)={0x1d, r7}, 0x10) sendmsg$nl_route_sched(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@getchain={0x24, 0x11, 0x839, 0x70bd25, 0x0, {0x0, 0x0, 0x0, r7, {0x1, 0x6}, {0xffff}, {0x1}}}, 0x24}}, 0x0) openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi3\x00', 0x2000, 0x0) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(0xffffffffffffffff, 0xc01064b5, &(0x7f0000000140)={0x0}) lseek(0xffffffffffffffff, 0x4, 0x3) r8 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$IPT_SO_SET_REPLACE(r8, 0x8001000000000000, 0x40, &(0x7f0000001080)=@raw={'raw\x00', 0x8, 0x3, 0x2f8, 0x0, 0x5, 0x148, 0x0, 0x0, 0x260, 0x2a8, 0x2a8, 0x260, 0x2a8, 0x3, 0x0, {[{{@ip={@private=0xa010102, @remote, 0xffffffff, 0xffffffff, 'macvlan0\x00', 'bond_slave_0\x00', {}, {}, 0x8, 0x0, 0x65}, 0x0, 0x110, 0x138, 0x0, {0x0, 0x6002}, [@common=@unspec=@statistic={{0x38}, {0x1, 0x0, 0x581b, 0x0, 0x3, {0x4}}}, @common=@unspec=@physdev={{0x68}, {'veth1_to_batadv\x00', {}, 'wlan1\x00', {}, 0x4, 0x6}}]}, @common=@inet=@SYNPROXY={0x28, 'SYNPROXY\x00', 0x0, {0x1d, 0x3, 0x1}}}, {{@ip={@dev={0xac, 0x14, 0x14, 0x1b}, @multicast2, 0x0, 0xffffff00, 'xfrm0\x00', 'veth0_to_hsr\x00'}, 0x0, 0xc8, 0x128, 0x0, {}, [@inet=@rpfilter={{0x28}, {0xd}}, @common=@addrtype={{0x30}, {0x100, 0x949, 0x1}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @random="6f79fb339557", 0x0, 0x0, [0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd, 0x0, 0xffff, 0x1, 0x0, 0x26]}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x358) 4.052321806s ago: executing program 2 (id=1593): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}}, 0x0) r0 = socket(0x2a, 0x2, 0x0) getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000600)=@newqdisc={0x34, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0x34}}, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0) 3.232643593s ago: executing program 2 (id=1594): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112}) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000240)=ANY=[@ANYBLOB="e80000006c00010029bd7000fcdbdf250000", @ANYRES32, @ANYBLOB="001000008000000008000f002000000014003500726f7365300000000000000000000000a40034801400350070696d367265673000000020000000001400350076657468305f6d614176746170000000140035006d61637674617030020000000000000014003500677265300000000000000000000000001400350076657468305f746f5f626174616476001400350001657468315f6d6163767461700000001400350067726530000000000000000000000000140035006261746164765f736c6176655f31000008000f"], 0xe8}}, 0x0) r2 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000080)=@newlink={0x34, 0x10, 0xff05, 0x70bd28, 0x0, {0x0, 0x0, 0x4a00, 0x0, 0x42c0}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @veth={{0x9}, {0x4, 0x2, 0x0, 0x1, @void}}}]}, 0x34}}, 0x0) 3.064946132s ago: executing program 4 (id=1595): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$vicodec0(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0) migrate_pages(0x0, 0x7, &(0x7f0000000000)=0x6, 0x0) setsockopt(0xffffffffffffffff, 0x84, 0x82, 0x0, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) mknodat(0xffffffffffffffff, &(0x7f0000000200)='./file1\x00', 0x800, 0x0) sendmsg(r3, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) sched_setattr(0x0, 0x0, 0x0) openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0) r4 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000940)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r4, 0xc05064a7, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000008c0), 0x0, 0x0, 0x0, 0x0, 0x0, r5}) ioctl$DRM_IOCTL_MODE_SETPROPERTY(r4, 0xc01064ab, &(0x7f0000000240)={0x6, 0x0, r5}) syz_open_procfs(0x0, 0x0) r6 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r6, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c) ioctl$VIDIOC_PREPARE_BUF(r1, 0xc058565d, &(0x7f0000000180)=@multiplanar_userptr={0x7, 0xa, 0x4, 0x0, 0x89, {}, {0x5, 0x8, 0xc1, 0x6a, 0x9, 0x5, "a8ed9837"}, 0xfff, 0x2, {&(0x7f00000000c0)=[{0x0, 0x8000, {0x0}, 0xa}, {0x9fb, 0xd4, {0x0}, 0xfff}]}, 0x5}) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@filter={'filter\x00', 0x4, 0x4, 0x490, 0xffffffff, 0x218, 0xe8, 0x0, 0xfeffffff, 0xffffffff, 0x3c0, 0x3c0, 0x3c0, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@empty, @mcast1, [0xff, 0xff, 0xff, 0xff000000], [0x0, 0xff, 0xff, 0xffffff00], 'macvtap0\x00', 'veth1_to_hsr\x00', {}, {}, 0x3c, 0x6, 0x4, 0x30}, 0x2f2, 0xa8, 0xe8}, @common=@unspec=@ERROR={0x40, 'ERROR\x00', 0x0, "976c194d2b51f927f69ddde86922f2c77ef862dce4322c0d2b26e17c6831"}}, {{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @empty, [0x0, 0xff000000], [], 'wg2\x00', 'batadv_slave_1\x00', {}, {0xff}}, 0x0, 0xf0, 0x130, 0x0, {}, [@common=@dst={{0x48}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0xfffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x2, 0x57, {0x2000000}}}}, {{@ipv6={@empty, @mcast1, [], [0x0, 0xffffff00], 'ip6tnl0\x00', 'dvmrp0\x00', {}, {}, 0x0, 0x0, 0x0, 0x40}, 0x0, 0x180, 0x1a8, 0x0, {}, [@common=@dst={{0x48}, {0x1, 0x0, 0x0, [0x5, 0x1, 0xfff, 0x5, 0x6, 0x9, 0x81, 0x2, 0xe0, 0xfffc, 0x10, 0x3, 0x1, 0x0, 0x7, 0x6]}}, @common=@srh1={{0x90}, {0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @local, @private1, [0x0, 0x0, 0xff000000], [0xffffff00, 0x0, 0xffffff00], [], 0x843, 0x1420}}]}, @REJECT={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4f0) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x101040, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0xe2881, 0x0) ioctl$SNDCTL_DSP_CHANNELS(r9, 0xc0045006, &(0x7f0000000000)=0x7) ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r10 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x7) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r10, &(0x7f0000bd1000/0x18000)=nil, &(0x7f0000000500)=[@text64={0x40, &(0x7f00000000c0)="2ef2dd050080000048b844410000000000000f23d00f21f8460f01c80f23f836362e6726af440f20c0350e000000440f22c0b805000000b9009800000f01d90f01c965470f01c4410f79d226450f01cb660f013b", 0x54}], 0x1, 0x0, 0x0, 0x0) 2.561770417s ago: executing program 2 (id=1596): socket(0x80000000000000a, 0x2, 0x0) r0 = syz_io_uring_setup(0x7440, &(0x7f00000004c0)={0x0, 0xa6e9, 0x10100, 0x2, 0xfffffffb}, &(0x7f0000000140)=0x0, &(0x7f0000000280)=0x0) syz_io_uring_submit(r1, 0x0, &(0x7f00000001c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x40, 0x0, 0x3, 0x1, 0x0, 0xce, 0x0, 0x1}) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB='.'], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_MKDIRAT={0x25, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}) io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0) 2.491777435s ago: executing program 1 (id=1597): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r1) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0) close(r3) r4 = socket$unix(0x1, 0x1, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x0, 0x7, 0x6361, 0x5, 0xffffffff, 0x6}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x240080c1}, 0x0) ioctl$SIOCSIFHWADDR(r3, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"}) 2.382485274s ago: executing program 3 (id=1598): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$TIPC_NL_PEER_REMOVE(r0, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000000)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="3902000000000000000014000000"], 0x30}}, 0x4000000) 2.275980864s ago: executing program 2 (id=1599): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000190001030000000000000000fc0100000000000000000000000000003ed3000000000000000000000000000000000000000000000200"], 0xb8}}, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="8801000014"], 0x188}}, 0x0) 2.059877823s ago: executing program 2 (id=1600): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_emit_ethernet(0x56, &(0x7f0000000340)=ANY=[], 0x0) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0) socket$nl_route(0x10, 0x3, 0x0) openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000a40), 0x2, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="1400000015000103000000000000000001"], 0x14}}, 0x0) read(r2, &(0x7f0000000080)=""/186, 0xba) unshare(0x26020480) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[], 0x20}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, 0x0) mq_open(0x0, 0x6e93ebbbcc0884f2, 0x2, &(0x7f0000000300)={0x0, 0x1, 0x6}) 1.866227693s ago: executing program 3 (id=1601): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x256c, 0x6d, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000100)={0x18, &(0x7f0000000180)={0x0, 0x10, 0x51, {0x51, 0xc, "74f18fc06dda0afc1659e7e497029cf1e22916373547abc6ca74da0a20664bddeae6fd8dc570db8f0fa6ba1d7fb3dc559bb46f513ce0e67eb30900001996485cffc8e8d57eea750f7fca0c734859aa"}}, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0x2, 0x0, 0xe, 0x7, 0x4, 0xa, 0xfa}}}, &(0x7f0000000a00)={0x44, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000740)={0x40, 0x9, 0x1, 0x8}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000)) timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) syz_usb_control_io(r0, &(0x7f0000000480)={0x2c, 0x0, &(0x7f0000000240)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x3445}}, 0x0, 0x0, 0x0}, 0x0) 1.712380074s ago: executing program 1 (id=1602): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000000)=0x9, 0x8, 0x0) syz_usb_connect(0x0, 0x24, &(0x7f0000004200)=ANY=[@ANYBLOB="12010000e2793b10d1050120002901020301090212"], 0x0) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) 787.920605ms ago: executing program 0 (id=1603): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)=@newlink={0x40, 0x10, 0x437, 0xfefffffe, 0xfffffffd, {0x0, 0x0, 0x0, 0x0, 0x4048b, 0x2}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}, @IFLA_MTU={0x8, 0x4, 0x1ce}]}, 0x40}}, 0x0) 530.984456ms ago: executing program 0 (id=1604): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) sched_setattr(0x0, &(0x7f0000000340)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0xc, 0x8, 0x4, 0x3}, 0x0) openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = syz_open_dev$media(&(0x7f0000000380), 0x0, 0x0) r3 = openat$uinput(0xffffffffffffff9c, &(0x7f00000010c0), 0x403, 0x0) ioctl$UI_SET_EVBIT(r3, 0x40045564, 0x1) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x8, 0x4, &(0x7f0000000100)=@framed={{0x18, 0x2, 0x0, 0x0, 0x1ff}, [@call={0x85, 0x0, 0x0, 0x81}]}, &(0x7f0000000040)='syzkaller\x00', 0x4}, 0x94) ioctl$UI_DEV_SETUP(r3, 0x405c5503, &(0x7f0000000480)={{0x0, 0x3, 0x0, 0x3}, 'syz0\x00', 0x2}) ioctl$UI_SET_KEYBIT(r3, 0x40045565, 0x2c0) ioctl$UI_DEV_CREATE(r3, 0x5501) ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0x4008ae90, &(0x7f0000000240)=ANY=[]) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="010000000000fdff85"]) r4 = openat$sndseq(0xffffffffffffff9c, 0x0, 0xe0c81) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r4, 0xc08c5332, &(0x7f00000000c0)={0x0, 0x4, 0x0, 'queue0\x00'}) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440), r5) sendmsg$ETHTOOL_MSG_LINKINFO_SET(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x3c, r6, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_LINKINFO_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKINFO_PHYADDR={0x5, 0x3, 0x5f}, @ETHTOOL_A_LINKINFO_PORT={0x5, 0x2, 0x4}]}, 0x3c}}, 0x0) write$sndseq(r4, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8) ioctl$MEDIA_IOC_ENUM_LINKS(r2, 0xc0287c02, &(0x7f0000000100)={0x80000000, 0x0, &(0x7f0000000200)=[{{}, {0x80000000, 0x0}}, {{}, {0x80000000, 0x0}}]}) r10 = add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f0000000340), 0x584, 0xfffffffffffffffd) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x1, 0x2, &(0x7f0000000140)=@raw=[@ldst={0x1, 0x2, 0x4, 0x0, 0x1, 0xaa}, @exit], &(0x7f00000000c0)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffede}, 0x94) keyctl$read(0xb, r10, &(0x7f0000000000)=""/2, 0x2) ioctl$MEDIA_IOC_SETUP_LINK(r2, 0xc0347c03, &(0x7f00000001c0)={{r8, r7, 0x1, [0x0, 0xf7df]}, {r8, r9, 0x4, [0x6]}, 0x1, [0x8, 0x3df]}) 0s ago: executing program 4 (id=1605): socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800006509dc5f558d29ca679cf6070000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400295a00000085000000820000009500000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1, 0x0, 0x2}) ioctl$vim2m_VIDIOC_QBUF(r5, 0xc058560f, &(0x7f0000000440)=@mmap={0x1, 0x2, 0x4, 0x100000, 0x9, {}, {0x2, 0x2, 0x4, 0xc0, 0x0, 0x5, "18a6fc23"}, 0x1, 0x1, {}, 0x7}) close_range(r4, 0xffffffffffffffff, 0x0) kernel console output (not intermixed with test programs): isconnect, device number 7 [ 278.926575][ T7830] wlan0 speed is unknown, defaulting to 1000 [ 278.965477][ T6386] usb 5-1: Using ep0 maxpacket: 16 [ 279.000435][ T6386] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 279.039236][ T7830] wlan0 speed is unknown, defaulting to 1000 [ 279.085289][ T6386] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 279.131599][ T6386] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 279.141127][ T7830] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 279.183709][ T6386] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 279.206681][ T6386] usb 5-1: Product: syz [ 279.219374][ T7830] wlan0 speed is unknown, defaulting to 1000 [ 279.229666][ T6386] usb 5-1: Manufacturer: syz [ 279.237096][ T6386] usb 5-1: SerialNumber: syz [ 279.276772][ T6386] usb 5-1: config 0 descriptor?? [ 279.301837][ T7830] wlan0 speed is unknown, defaulting to 1000 [ 279.326547][ T7830] wlan0 speed is unknown, defaulting to 1000 [ 279.336531][ T6386] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 279.354746][ T7830] wlan0 speed is unknown, defaulting to 1000 [ 279.377329][ T6386] em28xx 5-1:0.0: Audio interface 0 found (Vendor Class) [ 279.383140][ T7830] wlan0 speed is unknown, defaulting to 1000 [ 279.656956][ T7842] syz_tun: entered allmulticast mode [ 279.700025][ T7842] syz_tun: left allmulticast mode [ 279.963661][ T6386] em28xx 5-1:0.0: unknown em28xx chip ID (159) [ 280.337366][ T6386] em28xx 5-1:0.0: Config register raw data: 0x9f [ 280.523336][ T6386] em28xx 5-1:0.0: AC97 chip type couldn't be determined [ 280.763219][ T6386] em28xx 5-1:0.0: No AC97 audio processor [ 280.990306][ T6386] usb 5-1: USB disconnect, device number 7 [ 281.214364][ T6386] em28xx 5-1:0.0: Disconnecting em28xx [ 281.233811][ T6386] em28xx 5-1:0.0: Freeing device [ 282.352153][ T7871] veth0_vlan: left promiscuous mode [ 282.358520][ T7871] veth0_vlan: entered promiscuous mode [ 284.134492][ T6290] vlan2: left promiscuous mode [ 285.938721][ T5940] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 286.290954][ T5940] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 286.315613][ T5940] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 286.339240][ T5940] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 286.382508][ T5940] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 287.042382][ T5940] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 287.054258][ T5940] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 287.112643][ T5940] usb 5-1: config 0 descriptor?? [ 287.610798][ T7925] Bluetooth: MGMT ver 1.23 [ 288.195985][ T5940] plantronics 0003:047F:FFFF.0001: ignoring exceeding usage max [ 288.205784][ T5940] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 288.217693][ T5940] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 288.232701][ T5940] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 288.240181][ T5940] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 288.247780][ T5940] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 288.279057][ T5940] plantronics 0003:047F:FFFF.0001: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 288.328879][ T5940] usb 5-1: USB disconnect, device number 8 [ 289.490758][ T7928] fido_id[7928]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory [ 289.582005][ T7936] netlink: 'syz.2.578': attribute type 21 has an invalid length. [ 289.590116][ T7936] netlink: 'syz.2.578': attribute type 15 has an invalid length. [ 289.598652][ T7936] netlink: 156 bytes leftover after parsing attributes in process `syz.2.578'. [ 289.608426][ T7936] IPv6: NLM_F_CREATE should be specified when creating new route [ 289.694382][ T51] Bluetooth: hci0: Opcode 0x0401 failed: -110 [ 289.702782][ T51] Bluetooth: hci0: command 0x0406 tx timeout [ 289.709665][ T7936] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 289.717222][ T7936] IPv6: NLM_F_CREATE should be set when creating new route [ 289.724566][ T7936] IPv6: NLM_F_CREATE should be set when creating new route [ 289.731770][ T7936] IPv6: NLM_F_CREATE should be set when creating new route [ 290.557978][ T7945] netlink: 8 bytes leftover after parsing attributes in process `syz.4.580'. [ 292.529889][ T5900] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 292.872159][ T5900] usb 5-1: Using ep0 maxpacket: 16 [ 292.973728][ T5900] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 293.192961][ T5900] usb 5-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 293.342334][ T5900] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 293.721175][ T5900] usb 5-1: config 0 descriptor?? [ 294.098916][ T5900] usbhid 5-1:0.0: couldn't find an input interrupt endpoint [ 295.017463][ T7962] wlan0 speed is unknown, defaulting to 1000 [ 296.228450][ T5940] usb 5-1: USB disconnect, device number 9 [ 297.658621][ T7993] netlink: 8 bytes leftover after parsing attributes in process `syz.1.594'. [ 301.712191][ T8014] program syz.2.592 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 301.986708][ T30] kauditd_printk_skb: 38 callbacks suppressed [ 301.986724][ T30] audit: type=1326 audit(1752397218.048:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8021 comm="syz.3.604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a22d8e929 code=0x7ffc0000 [ 301.986769][ T30] audit: type=1326 audit(1752397218.048:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8021 comm="syz.3.604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a22d8e929 code=0x7ffc0000 [ 301.987400][ T30] audit: type=1326 audit(1752397218.048:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8021 comm="syz.3.604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=29 compat=0 ip=0x7f1a22d8e929 code=0x7ffc0000 [ 301.987462][ T30] audit: type=1326 audit(1752397218.048:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8021 comm="syz.3.604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a22d8e929 code=0x7ffc0000 [ 301.987507][ T30] audit: type=1326 audit(1752397218.048:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8021 comm="syz.3.604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a22d8e929 code=0x7ffc0000 [ 301.988396][ T30] audit: type=1326 audit(1752397218.048:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8021 comm="syz.3.604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=30 compat=0 ip=0x7f1a22d8e929 code=0x7ffc0000 [ 301.988445][ T30] audit: type=1326 audit(1752397218.048:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8021 comm="syz.3.604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a22d8e929 code=0x7ffc0000 [ 301.988489][ T30] audit: type=1326 audit(1752397218.048:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8021 comm="syz.3.604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a22d8e929 code=0x7ffc0000 [ 301.996326][ T30] audit: type=1326 audit(1752397218.058:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8021 comm="syz.3.604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=30 compat=0 ip=0x7f1a22d8e929 code=0x7ffc0000 [ 302.220368][ T30] audit: type=1326 audit(1752397218.058:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8021 comm="syz.3.604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a22d8e929 code=0x7ffc0000 [ 304.049918][ T8035] tipc: Started in network mode [ 304.055889][ T8035] tipc: Node identity 4, cluster identity 4711 [ 304.062307][ T8035] tipc: Node number set to 4 [ 305.243191][ T8053] random: crng reseeded on system resumption [ 309.631635][ T8093] netlink: 20 bytes leftover after parsing attributes in process `syz.4.625'. [ 310.081621][ T8088] mmap: syz.1.622 (8088) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 311.245421][ T8116] wlan0 speed is unknown, defaulting to 1000 [ 314.685072][ T8158] netlink: 24 bytes leftover after parsing attributes in process `syz.1.646'. [ 315.087981][ T8140] loop4: detected capacity change from 0 to 40427 [ 315.110404][ T8140] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 315.157409][ T8140] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 316.502320][ T8140] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 317.626889][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.638402][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.803975][ T8192] tipc: Enabling of bearer rejected, failed to enable media [ 318.352804][ T8200] netlink: 16 bytes leftover after parsing attributes in process `syz.2.656'. [ 318.970669][ T51] Bluetooth: hci4: command 0x0406 tx timeout [ 319.173109][ T8205] netlink: 'syz.3.659': attribute type 21 has an invalid length. [ 319.240550][ T8205] netlink: 'syz.3.659': attribute type 15 has an invalid length. [ 319.266753][ T8205] netlink: 156 bytes leftover after parsing attributes in process `syz.3.659'. [ 319.283715][ T8205] IPv6: NLM_F_CREATE should be specified when creating new route [ 319.370659][ T8205] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 319.377949][ T8205] IPv6: NLM_F_CREATE should be set when creating new route [ 319.385317][ T8205] IPv6: NLM_F_CREATE should be set when creating new route [ 319.392600][ T8205] IPv6: NLM_F_CREATE should be set when creating new route [ 319.542318][ T8213] netlink: 24 bytes leftover after parsing attributes in process `syz.4.658'. [ 319.622397][ T8217] veth0_vlan: entered allmulticast mode [ 320.313128][ T8229] netlink: 'syz.4.665': attribute type 4 has an invalid length. [ 320.320926][ T8229] netlink: 17 bytes leftover after parsing attributes in process `syz.4.665'. [ 321.071853][ T8231] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0 [ 322.576950][ T8244] netlink: 4 bytes leftover after parsing attributes in process `syz.3.670'. [ 322.627818][ T8249] netlink: 4 bytes leftover after parsing attributes in process `syz.0.667'. [ 323.870246][ T9] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 324.933200][ T9] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 325.020437][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 325.050190][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 325.121703][ T9] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 325.187466][ T9] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 325.248625][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 325.271062][ T9] usb 5-1: config 0 descriptor?? [ 325.783896][ T9] plantronics 0003:047F:FFFF.0002: ignoring exceeding usage max [ 325.813046][ T9] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 326.090378][ T9] usb 5-1: USB disconnect, device number 10 [ 327.033200][ T8276] fido_id[8276]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/5-1/report_descriptor': No such file or directory [ 329.550310][ T24] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 329.720004][ T24] usb 5-1: Using ep0 maxpacket: 8 [ 329.762725][ T24] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 329.800119][ T24] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 329.865347][ T24] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 329.899927][ T24] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 330.015348][ T24] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 330.269905][ T24] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 330.284877][ T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 330.530418][ T24] usb 5-1: usb_control_msg returned -32 [ 330.565346][ T24] usbtmc 5-1:16.0: can't read capabilities [ 332.008177][ T8295] wlan0 speed is unknown, defaulting to 1000 [ 332.344483][ T8334] netlink: 24 bytes leftover after parsing attributes in process `syz.3.695'. [ 332.360891][ T24] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 332.542232][ T24] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 332.570604][ T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 332.609819][ T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 332.630150][ T24] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 332.659839][ T24] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 332.668924][ T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 332.701844][ T24] usb 3-1: config 0 descriptor?? [ 332.719875][ T8342] netlink: 'syz.1.698': attribute type 21 has an invalid length. [ 332.727670][ T8342] netlink: 'syz.1.698': attribute type 15 has an invalid length. [ 332.735585][ T8342] netlink: 156 bytes leftover after parsing attributes in process `syz.1.698'. [ 332.744631][ T8342] IPv6: NLM_F_CREATE should be specified when creating new route [ 332.753146][ T8342] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 332.760379][ T8342] IPv6: NLM_F_CREATE should be set when creating new route [ 332.767598][ T8342] IPv6: NLM_F_CREATE should be set when creating new route [ 332.774866][ T8342] IPv6: NLM_F_CREATE should be set when creating new route [ 333.123520][ T24] plantronics 0003:047F:FFFF.0003: ignoring exceeding usage max [ 333.183478][ T24] plantronics 0003:047F:FFFF.0003: hiddev1,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 333.330122][ T24] usb 3-1: USB disconnect, device number 10 [ 333.531371][ T8349] fido_id[8349]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory [ 334.073289][ T9] usb 5-1: USB disconnect, device number 11 [ 334.242002][ T8371] netlink: 24 bytes leftover after parsing attributes in process `syz.3.709'. [ 335.168489][ T8380] netlink: 'syz.0.711': attribute type 21 has an invalid length. [ 335.206602][ T8380] netlink: 'syz.0.711': attribute type 15 has an invalid length. [ 335.215199][ T8380] netlink: 156 bytes leftover after parsing attributes in process `syz.0.711'. [ 335.224295][ T8380] IPv6: NLM_F_CREATE should be specified when creating new route [ 335.232204][ T8380] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 335.239407][ T8380] IPv6: NLM_F_CREATE should be set when creating new route [ 335.246641][ T8380] IPv6: NLM_F_CREATE should be set when creating new route [ 335.253864][ T8380] IPv6: NLM_F_CREATE should be set when creating new route [ 335.525770][ T8388] veth3: entered allmulticast mode [ 336.196837][ T979] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 336.439869][ T979] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 336.448533][ T979] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 336.478132][ T979] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 336.512350][ T979] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 336.522571][ T979] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 336.700543][ T8413] netlink: 24 bytes leftover after parsing attributes in process `syz.2.723'. [ 336.710251][ T979] usb 1-1: Product: syz [ 336.714443][ T979] usb 1-1: Manufacturer: syz [ 337.389510][ T979] cdc_wdm 1-1:1.0: skipping garbage [ 337.395182][ T979] cdc_wdm 1-1:1.0: probe with driver cdc_wdm failed with error -22 [ 337.691040][ T9] usb 1-1: USB disconnect, device number 5 [ 338.668931][ T8427] netlink: 'syz.2.726': attribute type 21 has an invalid length. [ 338.676892][ T8427] netlink: 'syz.2.726': attribute type 15 has an invalid length. [ 338.684779][ T8427] netlink: 156 bytes leftover after parsing attributes in process `syz.2.726'. [ 338.694379][ T8427] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 339.050367][ T8433] pim6reg: entered allmulticast mode [ 339.981655][ T8452] netlink: 'syz.1.738': attribute type 21 has an invalid length. [ 339.989616][ T8452] netlink: 'syz.1.738': attribute type 15 has an invalid length. [ 340.712676][ T8452] netlink: 156 bytes leftover after parsing attributes in process `syz.1.738'. [ 340.721913][ T8452] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 340.997484][ T8461] capability: warning: `syz.4.739' uses deprecated v2 capabilities in a way that may be insecure [ 341.722003][ T5915] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 342.575395][ T5915] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 342.588504][ T5915] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 342.603317][ T5915] usb 4-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 342.643124][ T5915] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 342.662997][ T5915] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 342.672996][ T5915] usb 4-1: Product: syz [ 342.677202][ T5915] usb 4-1: Manufacturer: syz [ 342.696819][ T5915] cdc_wdm 4-1:1.0: skipping garbage [ 342.710551][ T5915] cdc_wdm 4-1:1.0: skipping garbage [ 342.718197][ T5915] cdc_wdm 4-1:1.0: probe with driver cdc_wdm failed with error -22 [ 343.003290][ T5915] usb 4-1: USB disconnect, device number 8 [ 343.152458][ T8476] netlink: 16 bytes leftover after parsing attributes in process `syz.4.746'. [ 343.162878][ T8488] netlink: 24 bytes leftover after parsing attributes in process `syz.1.749'. [ 345.192125][ T8513] team0: No ports can be present during mode change [ 345.992309][ T8519] netlink: 24 bytes leftover after parsing attributes in process `syz.3.760'. [ 347.583540][ T8538] netlink: zone id is out of range [ 347.612804][ T8538] netlink: set zone limit has 4 unknown bytes [ 352.473956][ T8572] netlink: 8 bytes leftover after parsing attributes in process `syz.4.775'. [ 354.897898][ T8607] loop4: detected capacity change from 0 to 524287999 [ 356.882230][ T8623] netlink: 'syz.4.788': attribute type 21 has an invalid length. [ 356.905030][ T8623] netlink: 'syz.4.788': attribute type 15 has an invalid length. [ 356.918664][ T3097] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 356.926208][ T8623] netlink: 156 bytes leftover after parsing attributes in process `syz.4.788'. [ 356.938115][ T8623] IPv6: NLM_F_CREATE should be specified when creating new route [ 357.001354][ T8623] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 357.009222][ T8623] IPv6: NLM_F_CREATE should be set when creating new route [ 357.016542][ T8623] IPv6: NLM_F_CREATE should be set when creating new route [ 357.023866][ T8623] IPv6: NLM_F_CREATE should be set when creating new route [ 357.139837][ T3097] usb 3-1: Using ep0 maxpacket: 16 [ 357.154004][ T3097] usb 3-1: config 64 has an invalid interface number: 176 but max is 0 [ 357.394926][ T3097] usb 3-1: config 64 has no interface number 0 [ 357.418400][ T3097] usb 3-1: config 64 interface 176 has no altsetting 0 [ 357.474513][ T3097] usb 3-1: New USB device found, idVendor=0c72, idProduct=0014, bcdDevice=14.8d [ 357.536485][ T3097] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 357.570117][ T3097] usb 3-1: Product: syz [ 357.747132][ T3097] usb 3-1: Manufacturer: syz [ 357.815492][ T3097] usb 3-1: SerialNumber: syz [ 358.643732][ T8633] netlink: 'syz.4.791': attribute type 1 has an invalid length. [ 358.788340][ T8635] netlink: 'syz.4.791': attribute type 1 has an invalid length. [ 359.317370][ T3097] peak_usb 3-1:64.176 can0: unable to request usb[type=0 value=1] err=-71 [ 359.354469][ T3097] peak_usb 3-1:64.176: unable to read PCAN-USB X6 firmware info (err -71) [ 360.064510][ T3097] peak_usb 3-1:64.176: probe with driver peak_usb failed with error -71 [ 360.386236][ T3097] usb 3-1: USB disconnect, device number 11 [ 360.931407][ T8666] loop3: detected capacity change from 0 to 128 [ 360.947031][ T8666] affs: No valid root block on device loop3 [ 360.971816][ T8649] : entered promiscuous mode [ 361.385716][ T8666] loop3: detected capacity change from 0 to 40427 [ 361.427883][ T8666] F2FS-fs (loop3): invalid crc value [ 361.575977][ T8666] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 1 [ 361.589176][ T8666] F2FS-fs (loop3): Start checkpoint disabled! [ 361.599758][ T8666] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 365.161655][ T8680] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 365.347959][ T9] usb 4-1: new full-speed USB device number 9 using dummy_hcd [ 365.498021][ T9] usb 4-1: device descriptor read/64, error -71 [ 365.737902][ T9] usb 4-1: new full-speed USB device number 10 using dummy_hcd [ 365.908002][ T9] usb 4-1: device descriptor read/64, error -71 [ 365.977698][ T5983] bio_check_eod: 5 callbacks suppressed [ 365.977718][ T5983] kworker/u8:9: attempt to access beyond end of device [ 365.977718][ T5983] loop3: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 366.038002][ T5983] CPU: 0 UID: 0 PID: 5983 Comm: kworker/u8:9 Not tainted 6.16.0-rc5-next-20250711-syzkaller #0 PREEMPT(full) [ 366.038036][ T5983] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 366.038051][ T5983] Workqueue: writeback wb_workfn (flush-7:3) [ 366.038096][ T5983] Call Trace: [ 366.038104][ T5983] [ 366.038114][ T5983] dump_stack_lvl+0x189/0x250 [ 366.038145][ T5983] ? __pfx_dump_stack_lvl+0x10/0x10 [ 366.038166][ T5983] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 366.038192][ T5983] ? __pfx_queue_work_on+0x10/0x10 [ 366.038217][ T5983] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 366.038241][ T5983] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 366.038267][ T5983] ? f2fs_hw_is_readonly+0x39b/0x470 [ 366.038295][ T5983] f2fs_handle_critical_error+0x37c/0x540 [ 366.038324][ T5983] f2fs_write_end_io+0x495/0x810 [ 366.038347][ T5983] ? blkg_put+0x22/0x240 [ 366.038389][ T5983] __submit_merged_bio+0x27a/0x6a0 [ 366.038417][ T5983] __submit_merged_write_cond+0x255/0x530 [ 366.038459][ T5983] f2fs_write_data_pages+0x261d/0x3000 [ 366.038485][ T5983] ? __pfx___mutex_lock+0x10/0x10 [ 366.038548][ T5983] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 366.038587][ T5983] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 366.038658][ T5983] ? __pfx_f2fs_balance_fs_bg+0x10/0x10 [ 366.038695][ T5983] ? trace_f2fs_writepages+0x7f/0x200 [ 366.038718][ T5983] ? f2fs_write_node_pages+0x478/0x6e0 [ 366.038745][ T5983] ? __pfx_f2fs_write_node_pages+0x10/0x10 [ 366.038782][ T5983] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 366.038808][ T5983] do_writepages+0x32e/0x550 [ 366.038839][ T5983] ? reacquire_held_locks+0x127/0x1d0 [ 366.038861][ T5983] ? writeback_sb_inodes+0x384/0x1010 [ 366.038896][ T5983] __writeback_single_inode+0x145/0xff0 [ 366.038922][ T5983] ? do_raw_spin_unlock+0x122/0x240 [ 366.038953][ T5983] writeback_sb_inodes+0x6c7/0x1010 [ 366.038987][ T5983] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 366.039030][ T5983] ? __pfx_writeback_sb_inodes+0x10/0x10 [ 366.039098][ T5983] ? rcu_is_watching+0x15/0xb0 [ 366.039131][ T5983] wb_writeback+0x43b/0xaf0 [ 366.039164][ T5983] ? queue_io+0x2e1/0x590 [ 366.039192][ T5983] ? __pfx_wb_writeback+0x10/0x10 [ 366.039237][ T5983] ? _raw_spin_unlock_irq+0x23/0x50 [ 366.039263][ T5983] wb_workfn+0x409/0xef0 [ 366.039300][ T5983] ? __pfx_wb_workfn+0x10/0x10 [ 366.039325][ T5983] ? __lock_acquire+0xab9/0xd20 [ 366.039355][ T5983] ? process_scheduled_works+0x9ef/0x17b0 [ 366.039384][ T5983] ? _raw_spin_unlock_irq+0x23/0x50 [ 366.039405][ T5983] ? process_scheduled_works+0x9ef/0x17b0 [ 366.039424][ T5983] ? process_scheduled_works+0x9ef/0x17b0 [ 366.039447][ T5983] process_scheduled_works+0xade/0x17b0 [ 366.039500][ T5983] ? __pfx_process_scheduled_works+0x10/0x10 [ 366.039541][ T5983] worker_thread+0x8a0/0xda0 [ 366.039565][ T5983] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 366.039607][ T5983] ? __kthread_parkme+0x7b/0x200 [ 366.039641][ T5983] kthread+0x711/0x8a0 [ 366.039670][ T5983] ? __pfx_worker_thread+0x10/0x10 [ 366.039691][ T5983] ? __pfx_kthread+0x10/0x10 [ 366.039719][ T5983] ? _raw_spin_unlock_irq+0x23/0x50 [ 366.039741][ T5983] ? lockdep_hardirqs_on+0x9c/0x150 [ 366.039765][ T5983] ? __pfx_kthread+0x10/0x10 [ 366.039791][ T5983] ret_from_fork+0x3f9/0x770 [ 366.039815][ T5983] ? __pfx_ret_from_fork+0x10/0x10 [ 366.039842][ T5983] ? __switch_to_asm+0x39/0x70 [ 366.039867][ T5983] ? __switch_to_asm+0x33/0x70 [ 366.039890][ T5983] ? __pfx_kthread+0x10/0x10 [ 366.039917][ T5983] ret_from_fork_asm+0x1a/0x30 [ 366.039961][ T5983] [ 366.389717][ T5983] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 366.396686][ T5983] CPU: 0 UID: 0 PID: 5983 Comm: kworker/u8:9 Not tainted 6.16.0-rc5-next-20250711-syzkaller #0 PREEMPT(full) [ 366.396718][ T5983] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 366.396734][ T5983] Workqueue: writeback wb_workfn (flush-7:3) [ 366.396766][ T5983] Call Trace: [ 366.396775][ T5983] [ 366.396786][ T5983] dump_stack_lvl+0x189/0x250 [ 366.396821][ T5983] ? __pfx_dump_stack_lvl+0x10/0x10 [ 366.396846][ T5983] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 366.396875][ T5983] ? __pfx_queue_work_on+0x10/0x10 [ 366.396902][ T5983] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 366.396929][ T5983] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 366.396959][ T5983] ? f2fs_hw_is_readonly+0x39b/0x470 [ 366.396991][ T5983] f2fs_handle_critical_error+0x37c/0x540 [ 366.397024][ T5983] f2fs_write_end_io+0x495/0x810 [ 366.397051][ T5983] ? blkg_put+0x22/0x240 [ 366.397098][ T5983] __submit_merged_bio+0x27a/0x6a0 [ 366.397131][ T5983] __submit_merged_write_cond+0x255/0x530 [ 366.397180][ T5983] f2fs_write_data_pages+0x261d/0x3000 [ 366.397207][ T5983] ? __pfx___mutex_lock+0x10/0x10 [ 366.397278][ T5983] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 366.397323][ T5983] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 366.397396][ T5983] ? __pfx_f2fs_balance_fs_bg+0x10/0x10 [ 366.397438][ T5983] ? trace_f2fs_writepages+0x7f/0x200 [ 366.397465][ T5983] ? f2fs_write_node_pages+0x478/0x6e0 [ 366.397495][ T5983] ? __pfx_f2fs_write_node_pages+0x10/0x10 [ 366.397537][ T5983] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 366.397574][ T5983] do_writepages+0x32e/0x550 [ 366.397610][ T5983] ? reacquire_held_locks+0x127/0x1d0 [ 366.397635][ T5983] ? writeback_sb_inodes+0x384/0x1010 [ 366.397674][ T5983] __writeback_single_inode+0x145/0xff0 [ 366.397703][ T5983] ? do_raw_spin_unlock+0x122/0x240 [ 366.397740][ T5983] writeback_sb_inodes+0x6c7/0x1010 [ 366.397781][ T5983] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 366.397829][ T5983] ? __pfx_writeback_sb_inodes+0x10/0x10 [ 366.397911][ T5983] ? rcu_is_watching+0x15/0xb0 [ 366.397948][ T5983] wb_writeback+0x43b/0xaf0 [ 366.397986][ T5983] ? queue_io+0x2e1/0x590 [ 366.398018][ T5983] ? __pfx_wb_writeback+0x10/0x10 [ 366.398058][ T5983] ? _raw_spin_unlock_irq+0x23/0x50 [ 366.398091][ T5983] wb_workfn+0x409/0xef0 [ 366.398133][ T5983] ? __pfx_wb_workfn+0x10/0x10 [ 366.398162][ T5983] ? __lock_acquire+0xab9/0xd20 [ 366.398197][ T5983] ? process_scheduled_works+0x9ef/0x17b0 [ 366.398229][ T5983] ? _raw_spin_unlock_irq+0x23/0x50 [ 366.398255][ T5983] ? process_scheduled_works+0x9ef/0x17b0 [ 366.398277][ T5983] ? process_scheduled_works+0x9ef/0x17b0 [ 366.398303][ T5983] process_scheduled_works+0xade/0x17b0 [ 366.398364][ T5983] ? __pfx_process_scheduled_works+0x10/0x10 [ 366.398412][ T5983] worker_thread+0x8a0/0xda0 [ 366.398440][ T5983] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 366.398478][ T5983] ? __kthread_parkme+0x7b/0x200 [ 366.398518][ T5983] kthread+0x711/0x8a0 [ 366.398560][ T5983] ? __pfx_worker_thread+0x10/0x10 [ 366.398584][ T5983] ? __pfx_kthread+0x10/0x10 [ 366.398616][ T5983] ? _raw_spin_unlock_irq+0x23/0x50 [ 366.398643][ T5983] ? lockdep_hardirqs_on+0x9c/0x150 [ 366.398670][ T5983] ? __pfx_kthread+0x10/0x10 [ 366.398700][ T5983] ret_from_fork+0x3f9/0x770 [ 366.398728][ T5983] ? __pfx_ret_from_fork+0x10/0x10 [ 366.398759][ T5983] ? __switch_to_asm+0x39/0x70 [ 366.398787][ T5983] ? __switch_to_asm+0x33/0x70 [ 366.398815][ T5983] ? __pfx_kthread+0x10/0x10 [ 366.398846][ T5983] ret_from_fork_asm+0x1a/0x30 [ 366.398898][ T5983] [ 366.741372][ T5983] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 366.889868][ T9] usb usb4-port1: attempt power cycle [ 367.097644][ T51] Bluetooth: hci2: unexpected event 0x01 length: 4 > 1 [ 367.127988][ T5858] Bluetooth: hci4: command 0x0406 tx timeout [ 367.280458][ T8689] netlink: 'syz.0.803': attribute type 4 has an invalid length. [ 368.590068][ T30] kauditd_printk_skb: 15 callbacks suppressed [ 368.590085][ T30] audit: type=1326 audit(1752397284.641:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8694 comm="syz.2.808" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe26518e929 code=0x0 [ 370.439769][ T8720] loop4: detected capacity change from 0 to 128 [ 370.461995][ T8720] affs: No valid root block on device loop4 [ 374.594215][ T9] usb 5-1: new full-speed USB device number 12 using dummy_hcd [ 375.347967][ T9] usb 5-1: device descriptor read/64, error -71 [ 376.287337][ T9] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 376.487512][ T9] usb 5-1: Using ep0 maxpacket: 16 [ 376.503951][ T9] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 377.375468][ T9] usb 5-1: New USB device found, idVendor=1b1c, idProduct=1b02, bcdDevice= 0.00 [ 377.385489][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 377.468281][ T9] usb 5-1: config 0 descriptor?? [ 377.662462][ T9] usbhid 5-1:0.0: couldn't find an input interrupt endpoint [ 377.745123][ T30] audit: type=1326 audit(1752397293.802:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8757 comm="syz.1.825" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1183f8e929 code=0x7ffc0000 [ 377.802554][ T30] audit: type=1326 audit(1752397293.832:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8757 comm="syz.1.825" exe="/root/syz-executor" sig=0 arch=c000003e syscall=30 compat=0 ip=0x7f1183f8e929 code=0x7ffc0000 [ 377.972159][ T30] audit: type=1326 audit(1752397293.832:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8757 comm="syz.1.825" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1183f8e929 code=0x7ffc0000 [ 378.638199][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.650020][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.668415][ T30] audit: type=1326 audit(1752397293.832:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8757 comm="syz.1.825" exe="/root/syz-executor" sig=0 arch=c000003e syscall=30 compat=0 ip=0x7f1183f8e929 code=0x7ffc0000 [ 378.691039][ T30] audit: type=1326 audit(1752397293.832:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8757 comm="syz.1.825" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1183f8e929 code=0x7ffc0000 [ 378.714086][ T30] audit: type=1326 audit(1752397293.832:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8757 comm="syz.1.825" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1183f8d290 code=0x7ffc0000 [ 379.064736][ T30] audit: type=1326 audit(1752397293.832:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8757 comm="syz.1.825" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1183f8e929 code=0x7ffc0000 [ 379.096054][ T30] audit: type=1326 audit(1752397293.832:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8757 comm="syz.1.825" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f1183f8e929 code=0x7ffc0000 [ 379.177278][ T30] audit: type=1326 audit(1752397293.832:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8757 comm="syz.1.825" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1183f8e929 code=0x7ffc0000 [ 379.313931][ T30] audit: type=1326 audit(1752397293.832:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8757 comm="syz.1.825" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1183f8e929 code=0x7ffc0000 [ 379.445232][ T8776] usb usb8: usbfs: process 8776 (syz.2.829) did not claim interface 0 before use [ 379.961664][ T8784] netlink: 'syz.3.830': attribute type 5 has an invalid length. [ 380.087565][ T9] usb 5-1: USB disconnect, device number 13 [ 380.808987][ T8791] loop0: detected capacity change from 0 to 512 [ 380.848824][ T8791] EXT4-fs: Ignoring removed bh option [ 380.927930][ T8791] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 382.980447][ T8802] netlink: 24 bytes leftover after parsing attributes in process `syz.2.836'. [ 383.307107][ T3097] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 384.288518][ T3097] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 385.066857][ T3097] usb 5-1: config 1 has an invalid descriptor of length 52, skipping remainder of the config [ 385.084468][ T3097] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 385.094844][ T3097] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 7 [ 385.106254][ T3097] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 9272, setting to 1024 [ 385.120487][ T3097] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 385.130616][ T3097] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 385.146793][ T3097] usb 5-1: Product: syz [ 385.157056][ T3097] usb 5-1: Manufacturer: syz [ 385.173367][ T3097] cdc_wdm 5-1:1.0: skipping garbage [ 385.316848][ T3097] cdc_wdm 5-1:1.0: skipping garbage [ 386.037686][ T3097] cdc_wdm 5-1:1.0: probe with driver cdc_wdm failed with error -22 [ 386.229035][ T9] usb 5-1: USB disconnect, device number 14 [ 386.335890][ T8835] netlink: 'syz.0.846': attribute type 1 has an invalid length. [ 388.564973][ T8851] netlink: 24 bytes leftover after parsing attributes in process `syz.4.851'. [ 389.453608][ T5915] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 389.774321][ T5915] usb 5-1: Using ep0 maxpacket: 8 [ 390.596216][ T5915] usb 5-1: unable to get BOS descriptor or descriptor too short [ 391.506909][ T5915] usb 5-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 391.588451][ T8892] veth0_vlan: left promiscuous mode [ 391.599204][ T8892] veth0_vlan: entered promiscuous mode [ 392.035495][ T5915] usb 5-1: config 1 has 0 interfaces, different from the descriptor's value: 3 [ 392.429558][ T8896] loop2: detected capacity change from 0 to 128 [ 392.452975][ T8896] affs: No valid root block on device loop2 [ 396.594461][ T5915] usb 5-1: string descriptor 0 read error: -71 [ 396.613940][ T5915] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 396.626831][ T5915] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 396.670230][ T5915] usb 5-1: can't set config #1, error -71 [ 396.677547][ T5915] usb 5-1: USB disconnect, device number 15 [ 396.696645][ T8904] netlink: 24 bytes leftover after parsing attributes in process `syz.3.866'. [ 397.150153][ T9] usb 3-1: new full-speed USB device number 12 using dummy_hcd [ 397.406096][ T9] usb 3-1: device descriptor read/64, error -71 [ 398.486063][ T9] usb 3-1: new full-speed USB device number 13 using dummy_hcd [ 399.189085][ T8920] netlink: 'syz.0.868': attribute type 2 has an invalid length. [ 400.475989][ T5855] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 400.910682][ T5855] usb 5-1: Using ep0 maxpacket: 8 [ 401.011919][ T5855] usb 5-1: unable to get BOS descriptor or descriptor too short [ 401.045303][ T5855] usb 5-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 401.065388][ T5855] usb 5-1: config 1 has 0 interfaces, different from the descriptor's value: 3 [ 401.112021][ T5855] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 401.121410][ T5855] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 401.134829][ T5855] usb 5-1: Product: syz [ 401.143638][ T5855] usb 5-1: Manufacturer: syz [ 401.172664][ T5855] usb 5-1: SerialNumber: syz [ 403.532794][ T5858] Bluetooth: hci3: Unable to find connection with handle 0x0000 [ 403.829651][ T5855] usb 5-1: USB disconnect, device number 16 [ 405.624888][ T8988] netlink: 20 bytes leftover after parsing attributes in process `syz.3.893'. [ 405.830659][ T8986] netlink: 'syz.2.891': attribute type 2 has an invalid length. [ 406.151177][ T8993] netlink: 8 bytes leftover after parsing attributes in process `syz.0.894'. [ 410.290240][ T24] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 410.370197][ T9028] veth3: entered allmulticast mode [ 410.495644][ T24] usb 1-1: Using ep0 maxpacket: 16 [ 410.533545][ T24] usb 1-1: New USB device found, idVendor=045e, idProduct=0721, bcdDevice=9c.25 [ 410.591991][ T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 410.628369][ T24] usb 1-1: Product: syz [ 410.632584][ T24] usb 1-1: Manufacturer: syz [ 410.661324][ T24] usb 1-1: SerialNumber: syz [ 410.672306][ T24] usb 1-1: config 0 descriptor?? [ 410.683408][ T24] usb 1-1: Found UVC 0.00 device syz (045e:0721) [ 410.692535][ T24] usb 1-1: No valid video chain found. [ 410.875435][ T979] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 411.131589][ T9050] netlink: 24 bytes leftover after parsing attributes in process `syz.2.910'. [ 411.147976][ T979] usb 5-1: Using ep0 maxpacket: 16 [ 411.375510][ T979] usb 5-1: config 0 has an invalid interface number: 79 but max is 0 [ 411.475927][ T979] usb 5-1: config 0 has no interface number 0 [ 411.523145][ T979] usb 5-1: config 0 interface 79 altsetting 0 endpoint 0xB has invalid maxpacket 1023, setting to 64 [ 411.760048][ T979] usb 5-1: New USB device found, idVendor=0bfd, idProduct=0114, bcdDevice=ae.f9 [ 411.866173][ T979] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 411.874297][ T979] usb 5-1: Product: syz [ 411.879157][ T979] usb 5-1: Manufacturer: syz [ 411.883890][ T979] usb 5-1: SerialNumber: syz [ 411.983094][ T9] usb 1-1: USB disconnect, device number 6 [ 412.074608][ T979] usb 5-1: config 0 descriptor?? [ 412.087785][ T979] kvaser_usb 5-1:0.79: error -ENODEV: Cannot get usb endpoint(s) [ 412.368885][ T9058] netlink: 8 bytes leftover after parsing attributes in process `syz.2.914'. [ 412.399601][ T5915] usb 5-1: USB disconnect, device number 17 [ 412.416905][ T9061] loop3: detected capacity change from 0 to 256 [ 412.495582][ T9064] delete_channel: no stack [ 413.154547][ T9061] FAT-fs (loop3): Directory bread(block 64) failed [ 413.169646][ T9061] FAT-fs (loop3): Directory bread(block 65) failed [ 413.255929][ T9061] FAT-fs (loop3): Directory bread(block 66) failed [ 413.326134][ T9068] netlink: 68 bytes leftover after parsing attributes in process `syz.0.916'. [ 413.337113][ T9061] FAT-fs (loop3): Directory bread(block 67) failed [ 413.343923][ T9061] FAT-fs (loop3): Directory bread(block 68) failed [ 413.386338][ T9061] FAT-fs (loop3): Directory bread(block 69) failed [ 413.393131][ T9061] FAT-fs (loop3): Directory bread(block 70) failed [ 413.400541][ T9061] FAT-fs (loop3): Directory bread(block 71) failed [ 413.408037][ T9061] FAT-fs (loop3): Directory bread(block 72) failed [ 413.414939][ T9061] FAT-fs (loop3): Directory bread(block 73) failed [ 415.352417][ T9084] netlink: 'syz.4.921': attribute type 1 has an invalid length. [ 416.889219][ T9100] netlink: 8 bytes leftover after parsing attributes in process `syz.3.924'. [ 417.683766][ T30] kauditd_printk_skb: 9 callbacks suppressed [ 417.683784][ T30] audit: type=1326 audit(1752397333.734:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9110 comm="syz.1.930" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1183f8e929 code=0x0 [ 417.711913][ C0] vkms_vblank_simulate: vblank timer overrun [ 419.009152][ T9124] sit1: entered allmulticast mode [ 419.130839][ T9124] 8021q: adding VLAN 0 to HW filter on device bond0 [ 419.158524][ T9124] bond0: (slave sit1): The slave device specified does not support setting the MAC address [ 419.301473][ T9124] bond0: (slave sit1): Error -95 calling set_mac_address [ 419.832777][ T9137] syz_tun: entered allmulticast mode [ 419.874178][ T9137] syz_tun: left allmulticast mode [ 422.449891][ T9155] loop4: detected capacity change from 0 to 40427 [ 422.481090][ T9155] F2FS-fs (loop4): build fault injection type: 0x7 [ 422.490580][ T9155] F2FS-fs (loop4): invalid crc value [ 422.582050][ T9155] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 422.597166][ T9155] F2FS-fs (loop4): Start checkpoint disabled! [ 422.651436][ T9155] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6 [ 423.007081][ T5858] Bluetooth: hci3: unexpected event 0x01 length: 4 > 1 [ 423.036638][ T5852] syz-executor: attempt to access beyond end of device [ 423.036638][ T5852] loop4: rw=0, sector=45064, nr_sectors = 8 limit=40427 [ 424.473191][ T9174] netlink: 200 bytes leftover after parsing attributes in process `syz.2.952'. [ 424.570948][ T9174] veth3: entered allmulticast mode [ 426.384512][ T6386] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 426.494167][ T9203] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:bb to non-existent VLAN 2048 [ 426.513755][ T9205] netlink: 24 bytes leftover after parsing attributes in process `syz.3.962'. [ 426.616941][ T6386] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 426.630833][ T6386] usb 5-1: config 1 has an invalid descriptor of length 52, skipping remainder of the config [ 426.665066][ T6386] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 426.674514][ T9] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 426.724593][ T6386] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 7 [ 426.740507][ T6386] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 9272, setting to 1024 [ 426.765090][ T6386] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 426.780688][ T6386] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 426.790391][ T6386] usb 5-1: Product: syz [ 426.801989][ T6386] usb 5-1: Manufacturer: syz [ 426.821657][ T6386] cdc_wdm 5-1:1.0: skipping garbage [ 426.829364][ T6386] cdc_wdm 5-1:1.0: skipping garbage [ 426.846556][ T6386] cdc_wdm 5-1:1.0: probe with driver cdc_wdm failed with error -22 [ 426.976764][ T9218] netlink: 200 bytes leftover after parsing attributes in process `syz.3.968'. [ 427.054600][ T9] usb 3-1: Using ep0 maxpacket: 16 [ 427.069004][ T9] usb 3-1: config 0 has an invalid interface number: 45 but max is 0 [ 427.079981][ T9] usb 3-1: config 0 has no interface number 0 [ 428.089177][ T9218] veth3: entered allmulticast mode [ 428.171661][ T9] usb 3-1: New USB device found, idVendor=0547, idProduct=2720, bcdDevice=85.00 [ 428.201548][ T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 428.242125][ T9] usb 3-1: Product: syz [ 428.317051][ T9] usb 3-1: Manufacturer: syz [ 428.321867][ T9] usb 3-1: SerialNumber: syz [ 428.330323][ T9] usb 3-1: config 0 descriptor?? [ 428.551363][ T9] cdc_subset 3-1:0.45: probe with driver cdc_subset failed with error -71 [ 429.784510][ T9] usb 3-1: USB disconnect, device number 14 [ 429.829615][ T5855] usb 5-1: USB disconnect, device number 18 [ 430.254289][ T979] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 430.524398][ T5855] usb 5-1: new high-speed USB device number 19 using dummy_hcd [ 430.554572][ T979] usb 4-1: device descriptor read/64, error -71 [ 430.619143][ T9245] netlink: 8 bytes leftover after parsing attributes in process `syz.0.975'. [ 430.814912][ T979] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 431.033631][ T5855] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 431.135286][ T5855] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 431.207803][ T5855] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 431.247374][ T5855] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 431.264252][ T979] usb 4-1: device descriptor read/64, error -71 [ 431.274160][ T5855] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 431.295705][ T9251] syz_tun: entered allmulticast mode [ 431.306075][ T5855] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 431.315352][ T5855] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 431.331678][ T5855] usb 5-1: Product: syz [ 431.340401][ T5855] usb 5-1: Manufacturer: syz [ 431.367741][ T5855] cdc_wdm 5-1:1.0: skipping garbage [ 431.388346][ T5855] cdc_wdm 5-1:1.0: skipping garbage [ 431.394531][ T979] usb usb4-port1: attempt power cycle [ 431.416136][ T5855] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device [ 431.416204][ T9251] syz_tun: left allmulticast mode [ 431.422077][ T5855] cdc_wdm 5-1:1.0: Unknown control protocol [ 432.044251][ T979] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 432.151122][ C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 432.157983][ C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 432.166323][ C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 432.172962][ C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 432.180347][ C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 432.186971][ C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 432.193595][ C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 432.200214][ C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 432.206650][ C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 432.213306][ C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 432.219613][ C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 432.226233][ C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 432.232644][ C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 432.239274][ C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 432.245847][ C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 432.252477][ C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 432.258835][ C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 432.265508][ C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 432.272416][ C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 432.279051][ C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 432.290716][ C0] cdc_wdm 5-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19 [ 432.299535][ T9] usb 5-1: USB disconnect, device number 19 [ 432.342895][ T9258] netlink: 200 bytes leftover after parsing attributes in process `syz.1.979'. [ 432.442780][ T9258] veth5: entered allmulticast mode [ 432.451932][ T979] usb 4-1: device descriptor read/8, error -71 [ 432.674403][ T5915] usb 1-1: new low-speed USB device number 7 using dummy_hcd [ 434.155569][ T5915] usb 1-1: config 0 has an invalid interface number: 1 but max is 0 [ 434.163621][ T5915] usb 1-1: config 0 has no interface number 0 [ 434.203083][ T5915] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 434.217290][ T5915] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8 [ 434.229652][ T5915] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 434.239288][ T5915] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 434.271843][ T5915] usb 1-1: config 0 descriptor?? [ 434.297187][ T9259] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 434.304656][ T979] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 434.354501][ T979] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 434.375396][ T5915] iowarrior 1-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 434.389400][ T979] usb 4-1: config 1 has an invalid descriptor of length 52, skipping remainder of the config [ 434.431146][ T979] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 434.448490][ T979] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 7 [ 434.471950][ T979] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 9272, setting to 1024 [ 434.486348][ T979] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 434.495763][ T979] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 434.504068][ T979] usb 4-1: Product: syz [ 434.508417][ T979] usb 4-1: Manufacturer: syz [ 434.527124][ T979] cdc_wdm 4-1:1.0: skipping garbage [ 434.537223][ T979] cdc_wdm 4-1:1.0: skipping garbage [ 434.555438][ T5940] usb 1-1: USB disconnect, device number 7 [ 434.596074][ T979] cdc_wdm 4-1:1.0: probe with driver cdc_wdm failed with error -22 [ 437.872437][ T6386] usb 4-1: USB disconnect, device number 15 [ 439.936717][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 439.943149][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.102438][ T9338] Invalid ELF header len 8 [ 442.232438][ T9353] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1011'. [ 442.531388][ T5858] Bluetooth: hci4: unexpected event for opcode 0x1003 [ 444.746227][ T9360] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1013'. [ 445.020011][ T9385] netlink: 'syz.1.1019': attribute type 6 has an invalid length. [ 446.677264][ T5858] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0 [ 446.686281][ T5858] Bluetooth: hci4: Injecting HCI hardware error event [ 446.695876][ T51] Bluetooth: hci4: hardware error 0x00 [ 447.662037][ T5858] Bluetooth: hci4: unexpected event for opcode 0x1003 [ 447.892797][ T9420] syz_tun: entered allmulticast mode [ 447.943005][ T9420] syz_tun: left allmulticast mode [ 447.974309][ T9423] netlink: 'syz.4.1032': attribute type 6 has an invalid length. [ 449.189040][ T51] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 449.843533][ T5858] Bluetooth: hci0: Opcode 0x0401 failed: -110 [ 449.853202][ T5858] Bluetooth: hci0: command 0x0406 tx timeout [ 450.578469][ T9451] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1039'. [ 452.157055][ T5858] Bluetooth: hci0: unexpected event for opcode 0x200b [ 454.183244][ T9494] syz_tun: entered allmulticast mode [ 454.267201][ T9494] syz_tun: left allmulticast mode [ 456.034300][ T5915] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 456.083620][ T9512] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1059'. [ 456.194931][ T5915] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 456.210443][ T5915] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 456.233968][ T5915] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 456.257185][ T5915] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 456.290889][ T5915] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 456.303683][ T5915] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 456.322570][ T5915] usb 5-1: Manufacturer: syz [ 456.344177][ T5915] usb 5-1: config 0 descriptor?? [ 456.445584][ T9511] veth5: entered allmulticast mode [ 456.543991][ T9516] fuse: Bad value for 'fd' [ 456.774165][ T5915] appleir 0003:05AC:8243.0004: unknown main item tag 0x0 [ 456.883450][ T5915] appleir 0003:05AC:8243.0004: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.4-1/input0 [ 458.050297][ T9533] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9) [ 458.056873][ T9533] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 458.116289][ T9537] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 458.144992][ T3097] usb 5-1: USB disconnect, device number 20 [ 458.223106][ T9533] vhci_hcd vhci_hcd.0: Device attached [ 458.230608][ T9538] vhci_hcd vhci_hcd.0: pdev(3) rhport(2) sockfd(15) [ 458.237243][ T9538] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 458.252783][ T9538] vhci_hcd vhci_hcd.0: Device attached [ 458.257613][ T9536] fido_id[9536]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory [ 458.262465][ T9533] vhci_hcd vhci_hcd.0: pdev(3) rhport(3) sockfd(11) [ 458.279266][ T9533] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 458.512379][ T9533] vhci_hcd vhci_hcd.0: Device attached [ 458.532735][ T5915] vhci_hcd: vhci_device speed not set [ 458.637138][ T9539] vhci_hcd: connection closed [ 458.637970][ T9546] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1067'. [ 458.642423][ T9534] vhci_hcd: connection closed [ 458.644787][ T5915] usb 39-1: new high-speed USB device number 4 using vhci_hcd [ 458.651814][ T9542] vhci_hcd: connection closed [ 458.656767][ T5983] vhci_hcd: stop threads [ 458.717135][ T9535] vhci_hcd: sendmsg failed!, ret=-32 for 48 [ 458.726371][ T5983] vhci_hcd: release socket [ 458.739520][ T5983] vhci_hcd: disconnect device [ 458.755464][ T5983] vhci_hcd: stop threads [ 458.759753][ T5983] vhci_hcd: release socket [ 458.779826][ T5983] vhci_hcd: disconnect device [ 458.818232][ T5983] vhci_hcd: stop threads [ 458.822523][ T5983] vhci_hcd: release socket [ 458.851803][ T5983] vhci_hcd: disconnect device [ 459.936139][ T9554] loop4: detected capacity change from 0 to 512 [ 459.948841][ T9554] EXT4-fs: Ignoring removed bh option [ 460.083204][ T9554] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 461.635329][ T9566] fuse: Bad value for 'fd' [ 461.995799][ T30] audit: type=1400 audit(1752397378.067:187): apparmor="DENIED" operation="setprocattr" info="invalid" error=-22 profile="unconfined" pid=9564 comm="syz.3.1073" [ 462.572586][ T5940] usb 5-1: new high-speed USB device number 21 using dummy_hcd [ 462.751062][ T5940] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 462.767583][ T5940] usb 5-1: config 1 has an invalid descriptor of length 52, skipping remainder of the config [ 462.808398][ T5940] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 462.832391][ T5940] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 7 [ 462.861033][ T5940] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 9272, setting to 1024 [ 462.899622][ T5940] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 462.912257][ T9587] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1081'. [ 462.953786][ T9587] veth7: entered allmulticast mode [ 463.110418][ T5940] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 463.119201][ T5940] usb 5-1: Product: syz [ 463.123452][ T5940] usb 5-1: Manufacturer: syz [ 463.143376][ T5940] cdc_wdm 5-1:1.0: skipping garbage [ 463.148620][ T5940] cdc_wdm 5-1:1.0: skipping garbage [ 463.167677][ T5940] cdc_wdm 5-1:1.0: probe with driver cdc_wdm failed with error -22 [ 464.026318][ T5915] vhci_hcd: vhci_device speed not set [ 464.148693][ T9597] syz_tun: entered allmulticast mode [ 464.230595][ T9597] syz_tun: left allmulticast mode [ 464.545609][ T9603] fuse: Bad value for 'fd' [ 465.231082][ T5858] Bluetooth: hci1: unexpected event for opcode 0x1003 [ 465.443834][ T979] usb 5-1: USB disconnect, device number 21 [ 465.727969][ T9615] loop6: detected capacity change from 0 to 524287999 [ 465.880639][ T9620] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1092'. [ 465.973315][ T9620] syz.0.1092: attempt to access beyond end of device [ 465.973315][ T9620] nbd0: rw=0, sector=64, nr_sectors = 8 limit=0 [ 465.995112][ T9620] syz.0.1092: attempt to access beyond end of device [ 465.995112][ T9620] nbd0: rw=0, sector=120, nr_sectors = 8 limit=0 [ 466.013015][ T9620] Mount JFS Failure: -5 [ 469.313533][ T5858] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 469.323715][ T5858] Bluetooth: hci1: Injecting HCI hardware error event [ 469.333838][ T5858] Bluetooth: hci1: hardware error 0x00 [ 469.862149][ T5855] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 469.922527][ T5915] usb 5-1: new high-speed USB device number 22 using dummy_hcd [ 470.082010][ T5915] usb 5-1: Using ep0 maxpacket: 16 [ 470.092807][ T5915] usb 5-1: New USB device found, idVendor=045e, idProduct=0721, bcdDevice=9c.25 [ 470.106721][ T5915] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 470.122198][ T5915] usb 5-1: Product: syz [ 470.130909][ T5915] usb 5-1: Manufacturer: syz [ 470.141082][ T5915] usb 5-1: SerialNumber: syz [ 470.171014][ T5855] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 470.179216][ T5915] usb 5-1: config 0 descriptor?? [ 470.183911][ T5855] usb 4-1: config 1 has an invalid descriptor of length 52, skipping remainder of the config [ 470.195078][ T5855] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 470.204455][ T5855] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 7 [ 470.209968][ T5915] uvcvideo 5-1:0.0: probe with driver uvcvideo failed with error -22 [ 470.536471][ T5855] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 9272, setting to 1024 [ 470.550239][ T5855] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 470.559813][ T5855] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 470.574346][ T5855] usb 4-1: Product: syz [ 470.579133][ T5855] usb 4-1: Manufacturer: syz [ 470.592048][ T5855] cdc_wdm 4-1:1.0: skipping garbage [ 470.597346][ T5855] cdc_wdm 4-1:1.0: skipping garbage [ 470.603142][ T5855] cdc_wdm 4-1:1.0: probe with driver cdc_wdm failed with error -22 [ 470.611350][ T9676] loop0: detected capacity change from 0 to 512 [ 470.623848][ T9676] EXT4-fs: Ignoring removed bh option [ 470.652333][ T9676] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 472.020370][ T5858] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 472.254165][ T5915] usb 5-1: USB disconnect, device number 22 [ 473.116642][ T5855] usb 4-1: USB disconnect, device number 16 [ 475.489331][ T9713] nvme_fabrics: missing parameter 'transport=%s' [ 475.570358][ T9713] nvme_fabrics: missing parameter 'nqn=%s' [ 476.396556][ T9722] comedi comedi1: dt2801: I/O port conflict (0x8,2) [ 480.171069][ T9763] netdevsim netdevsim3 netdevsim0: entered promiscuous mode [ 480.430687][ T9768] loop3: detected capacity change from 0 to 512 [ 480.618324][ T9768] EXT4-fs: Ignoring removed bh option [ 481.405397][ T9768] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 481.547453][ T9774] wlan0 speed is unknown, defaulting to 1000 [ 482.127225][ T9787] batman_adv: batadv0: Adding interface: dummy0 [ 482.176805][ T9787] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 482.239366][ T9787] batman_adv: batadv0: Interface activated: dummy0 [ 482.340886][ T30] audit: type=1800 audit(1752397398.408:188): pid=9792 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1145" name="nullb0" dev="tmpfs" ino=1254 res=0 errno=0 [ 482.441897][ T9788] batadv0: mtu less than device minimum [ 482.450096][ T9788] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 482.462063][ T9788] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 482.473468][ T9788] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 482.484798][ T9788] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 482.496171][ T9788] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 482.507462][ T9788] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 482.518836][ T9788] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 482.530277][ T9788] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 482.541810][ T9788] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 484.158286][ T30] audit: type=1326 audit(1752397400.228:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9811 comm="syz.3.1150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a22d8e929 code=0x7ffc0000 [ 484.182579][ T24] usb 5-1: new high-speed USB device number 23 using dummy_hcd [ 484.295561][ T30] audit: type=1326 audit(1752397400.268:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9811 comm="syz.3.1150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=29 compat=0 ip=0x7f1a22d8e929 code=0x7ffc0000 [ 484.351370][ T24] usb 5-1: Using ep0 maxpacket: 8 [ 484.365033][ T24] usb 5-1: New USB device found, idVendor=0421, idProduct=0335, bcdDevice=5f.0e [ 484.374446][ T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 484.383081][ T30] audit: type=1326 audit(1752397400.268:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9811 comm="syz.3.1150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a22d8e929 code=0x7ffc0000 [ 484.409110][ T30] audit: type=1326 audit(1752397400.268:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9811 comm="syz.3.1150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a22d8e929 code=0x7ffc0000 [ 484.436909][ T24] usb 5-1: config 0 descriptor?? [ 484.457439][ T24] rndis_host 5-1:0.0: skipping garbage [ 484.624816][ T24] usb 5-1: bad CDC descriptors [ 484.632224][ T24] cdc_acm 5-1:0.0: skipping garbage [ 484.640469][ T30] audit: type=1326 audit(1752397400.268:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9811 comm="syz.3.1150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=30 compat=0 ip=0x7f1a22d8e929 code=0x7ffc0000 [ 484.766704][ T24] usb 5-1: USB disconnect, device number 23 [ 484.789881][ T30] audit: type=1326 audit(1752397400.268:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9811 comm="syz.3.1150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a22d8e929 code=0x7ffc0000 [ 484.830217][ T30] audit: type=1326 audit(1752397400.268:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9811 comm="syz.3.1150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=30 compat=0 ip=0x7f1a22d8e929 code=0x7ffc0000 [ 484.862840][ T30] audit: type=1326 audit(1752397400.268:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9811 comm="syz.3.1150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a22d8e929 code=0x7ffc0000 [ 484.909593][ T30] audit: type=1326 audit(1752397400.268:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9811 comm="syz.3.1150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1a22d8d290 code=0x7ffc0000 [ 486.447765][ T9842] loop2: detected capacity change from 0 to 512 [ 486.474197][ T9842] EXT4-fs: Ignoring removed bh option [ 486.501150][ T9842] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 487.500917][ T30] kauditd_printk_skb: 14 callbacks suppressed [ 487.517863][ T30] audit: type=1326 audit(1752397403.568:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9844 comm="syz.4.1161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f247f18e929 code=0x7ffc0000 [ 487.540318][ T30] audit: type=1326 audit(1752397403.578:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9844 comm="syz.4.1161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f247f18e929 code=0x7ffc0000 [ 487.570848][ T30] audit: type=1326 audit(1752397403.578:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9844 comm="syz.4.1161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=29 compat=0 ip=0x7f247f18e929 code=0x7ffc0000 [ 487.595268][ T30] audit: type=1326 audit(1752397403.578:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9844 comm="syz.4.1161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f247f18e929 code=0x7ffc0000 [ 487.638459][ T30] audit: type=1326 audit(1752397403.578:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9844 comm="syz.4.1161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f247f18e929 code=0x7ffc0000 [ 487.746162][ T30] audit: type=1326 audit(1752397403.578:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9844 comm="syz.4.1161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=30 compat=0 ip=0x7f247f18e929 code=0x7ffc0000 [ 488.287864][ T30] audit: type=1800 audit(1752397403.578:218): pid=9846 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1161" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0 [ 488.342795][ T30] audit: type=1326 audit(1752397403.578:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9844 comm="syz.4.1161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f247f18e929 code=0x7ffc0000 [ 488.379642][ T30] audit: type=1326 audit(1752397403.578:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9844 comm="syz.4.1161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f247f18e929 code=0x7ffc0000 [ 488.901731][ T30] audit: type=1326 audit(1752397403.578:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9844 comm="syz.4.1161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=30 compat=0 ip=0x7f247f18e929 code=0x7ffc0000 [ 491.152581][ T9877] syz_tun: entered allmulticast mode [ 491.172603][ T9877] syz_tun: left allmulticast mode [ 491.450404][ T51] Bluetooth: hci3: command 0x0406 tx timeout [ 492.991090][ T9906] netlink: 'syz.3.1182': attribute type 27 has an invalid length. [ 493.944794][ T9911] netlink: 'syz.3.1183': attribute type 21 has an invalid length. [ 493.952790][ T9911] netlink: 'syz.3.1183': attribute type 15 has an invalid length. [ 493.960826][ T9911] netlink: 156 bytes leftover after parsing attributes in process `syz.3.1183'. [ 493.970487][ T9911] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 494.648340][ T9921] syz.4.1185: attempt to access beyond end of device [ 494.648340][ T9921] nbd4: rw=0, sector=64, nr_sectors = 8 limit=0 [ 494.828749][ T9925] wlan0 speed is unknown, defaulting to 1000 [ 494.966751][ T9921] syz.4.1185: attempt to access beyond end of device [ 494.966751][ T9921] nbd4: rw=0, sector=120, nr_sectors = 8 limit=0 [ 495.071118][ T9921] Mount JFS Failure: -5 [ 498.122004][ T9950] wlan0 speed is unknown, defaulting to 1000 [ 498.334381][ T9961] vxfs: WRONG superblock magic 00000000 at 1 [ 498.342456][ T9961] vxfs: WRONG superblock magic 00000000 at 8 [ 498.348515][ T9961] vxfs: can't find superblock. [ 498.460947][ T5855] libceph: connect (1)[c::]:6789 error -101 [ 498.756739][ T9959] ceph: No mds server is up or the cluster is laggy [ 498.815614][ T5855] libceph: mon0 (1)[c::]:6789 connect error [ 499.073905][ T9965] warning: `syz.1.1199' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 499.253210][ T9970] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1201'. [ 500.583819][ T9979] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(12) [ 500.590470][ T9979] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 500.617349][ T9986] vhci_hcd vhci_hcd.0: pdev(0) rhport(1) sockfd(15) [ 500.623991][ T9986] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 500.726090][ T9986] vhci_hcd vhci_hcd.0: Device attached [ 500.768942][ T9979] vhci_hcd vhci_hcd.0: Device attached [ 500.829676][ T9989] vhci_hcd vhci_hcd.0: pdev(0) rhport(2) sockfd(18) [ 500.836318][ T9989] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 500.843710][ T9979] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 500.883966][ T9989] vhci_hcd vhci_hcd.0: Device attached [ 500.910946][ T9979] vhci_hcd vhci_hcd.0: pdev(0) rhport(4) sockfd(22) [ 500.917564][ T9979] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 500.943543][ T9979] vhci_hcd vhci_hcd.0: Device attached [ 500.962014][ T9986] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(20) [ 500.968628][ T9986] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 501.035447][T10000] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 501.049242][ T9986] vhci_hcd vhci_hcd.0: Device attached [ 501.081664][ T9979] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 501.196445][ T6386] usb 33-1: new low-speed USB device number 2 using vhci_hcd [ 501.205016][ T9986] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 501.229196][ T9979] vhci_hcd vhci_hcd.0: pdev(0) rhport(6) sockfd(26) [ 501.235838][ T9979] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 501.284841][ T9979] vhci_hcd vhci_hcd.0: Device attached [ 501.309215][ T9986] vhci_hcd vhci_hcd.0: port 0 already used [ 501.366845][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.373420][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 501.413471][ T9995] vhci_hcd: connection closed [ 501.414333][ T6290] vhci_hcd: stop threads [ 501.423974][ T9997] vhci_hcd: connection closed [ 501.425290][ T9987] vhci_hcd: connection closed [ 501.425302][ T9991] vhci_hcd: connection closed [ 501.430554][ T9983] vhci_hcd: connection reset by peer [ 501.473804][ T6290] vhci_hcd: release socket [ 501.492315][ T6290] vhci_hcd: disconnect device [ 501.514153][ T6290] vhci_hcd: stop threads [ 501.524389][T10002] vhci_hcd: connection closed [ 501.528515][ T6290] vhci_hcd: release socket [ 501.540686][ T6290] vhci_hcd: disconnect device [ 501.550106][ T6290] vhci_hcd: stop threads [ 501.555528][ T6290] vhci_hcd: release socket [ 501.561702][ T6290] vhci_hcd: disconnect device [ 501.574909][ T6290] vhci_hcd: stop threads [ 501.579576][ T6290] vhci_hcd: release socket [ 501.581284][T10000] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 501.616010][ T6290] vhci_hcd: disconnect device [ 501.623838][ T6290] vhci_hcd: stop threads [ 501.628405][ T6290] vhci_hcd: release socket [ 501.641712][ T6290] vhci_hcd: disconnect device [ 501.668181][ T6290] vhci_hcd: stop threads [ 501.673949][ T6290] vhci_hcd: release socket [ 501.679930][ T6290] vhci_hcd: disconnect device [ 501.684860][ T51] Bluetooth: hci0: command 0x0406 tx timeout [ 501.699668][ T5858] Bluetooth: hci0: Opcode 0x0401 failed: -110 [ 501.923966][T10000] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 502.039863][T10012] loop2: detected capacity change from 0 to 256 [ 502.088754][T10000] bridge0: port 3(netdevsim0) entered disabled state [ 502.145529][T10012] FAT-fs (loop2): Directory bread(block 64) failed [ 502.151723][T10000] netdevsim netdevsim1 netdevsim0 (unregistering): left allmulticast mode [ 502.162302][T10012] FAT-fs (loop2): Directory bread(block 65) failed [ 502.215384][T10012] FAT-fs (loop2): Directory bread(block 66) failed [ 502.222300][T10000] netdevsim netdevsim1 netdevsim0 (unregistering): left promiscuous mode [ 502.231060][T10012] FAT-fs (loop2): Directory bread(block 67) failed [ 502.237689][T10012] FAT-fs (loop2): Directory bread(block 68) failed [ 502.248710][T10000] bridge0: port 3(netdevsim0) entered disabled state [ 502.290701][T10012] FAT-fs (loop2): Directory bread(block 69) failed [ 502.297356][T10012] FAT-fs (loop2): Directory bread(block 70) failed [ 502.304374][T10012] FAT-fs (loop2): Directory bread(block 71) failed [ 502.338860][T10000] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 502.350694][T10012] FAT-fs (loop2): Directory bread(block 72) failed [ 502.359559][T10012] FAT-fs (loop2): Directory bread(block 73) failed [ 502.433496][T10017] netlink: 'syz.4.1212': attribute type 21 has an invalid length. [ 502.441751][T10017] netlink: 'syz.4.1212': attribute type 15 has an invalid length. [ 502.450475][T10017] netlink: 156 bytes leftover after parsing attributes in process `syz.4.1212'. [ 502.460470][T10017] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 503.456478][ T6290] kworker/u8:10: attempt to access beyond end of device [ 503.456478][ T6290] loop2: rw=1, sector=1224, nr_sectors = 32 limit=256 [ 503.476990][ T6290] kworker/u8:10: attempt to access beyond end of device [ 503.476990][ T6290] loop2: rw=1, sector=1288, nr_sectors = 544 limit=256 [ 503.551868][ T6290] kworker/u8:10: attempt to access beyond end of device [ 503.551868][ T6290] loop2: rw=1, sector=1864, nr_sectors = 2048 limit=256 [ 503.607550][ T6290] kworker/u8:10: attempt to access beyond end of device [ 503.607550][ T6290] loop2: rw=1, sector=3912, nr_sectors = 2048 limit=256 [ 503.652656][ T49] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 503.675404][ T6290] kworker/u8:10: attempt to access beyond end of device [ 503.675404][ T6290] loop2: rw=1, sector=5960, nr_sectors = 2464 limit=256 [ 503.718008][ T49] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 503.851292][ T5915] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 503.868574][ T6290] kworker/u8:10: attempt to access beyond end of device [ 503.868574][ T6290] loop2: rw=1, sector=8424, nr_sectors = 4912 limit=256 [ 503.895728][ T6290] kworker/u8:10: attempt to access beyond end of device [ 503.895728][ T6290] loop2: rw=1, sector=13336, nr_sectors = 6184 limit=256 [ 503.985610][ T6290] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 504.013766][ T5915] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 504.033090][ T5915] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 504.073834][ T5915] usb 1-1: Product: syz [ 504.078270][ T5915] usb 1-1: Manufacturer: syz [ 504.090349][ T5915] usb 1-1: SerialNumber: syz [ 504.137964][ T5915] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 504.155874][ T49] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 504.198007][T10032] wlan0 speed is unknown, defaulting to 1000 [ 504.318654][ T979] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 505.029166][ T5915] usb 1-1: USB disconnect, device number 8 [ 505.360848][ T979] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive [ 505.380055][ T9] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 505.409134][ T979] ath9k_htc: Failed to initialize the device [ 505.702480][ T9] usb 3-1: Using ep0 maxpacket: 16 [ 505.795345][ T5915] usb 1-1: ath9k_htc: USB layer deinitialized [ 505.803405][ T9] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 505.820291][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 505.835415][ T9] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 505.844996][ T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 505.865137][ T9] usb 3-1: Product: syz [ 505.869496][ T9] usb 3-1: Manufacturer: syz [ 505.874280][ T9] usb 3-1: SerialNumber: syz [ 506.045140][ T9] usb 3-1: config 0 descriptor?? [ 506.129736][T10047] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1220'. [ 506.868126][ T9] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 506.880405][ T6386] vhci_hcd: vhci_device speed not set [ 506.899583][ T9] em28xx 3-1:0.0: Audio interface 0 found (Vendor Class) [ 507.251375][ T5915] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 507.491829][ T9] em28xx 3-1:0.0: unknown em28xx chip ID (159) [ 507.611966][ T5915] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 507.929488][ T9] em28xx 3-1:0.0: Config register raw data: 0x33 [ 507.936596][ T9] em28xx 3-1:0.0: I2S Audio (5 sample rate(s)) [ 507.980023][ T5915] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 508.016615][ T9] em28xx 3-1:0.0: No AC97 audio processor [ 508.040559][ T5915] usb 1-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00 [ 508.068241][ T5915] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 508.094713][ T5915] usb 1-1: config 0 descriptor?? [ 508.155402][ T9] usb 3-1: USB disconnect, device number 15 [ 508.241145][ T3097] usb usb34-port1: attempt power cycle [ 509.004910][ T5915] cp2112 0003:10C4:EA90.0005: unknown main item tag 0x0 [ 509.028929][ T5915] cp2112 0003:10C4:EA90.0005: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.0-1/input0 [ 509.212842][ T5915] cp2112 0003:10C4:EA90.0005: Part Number: 0x82 Device Version: 0xFE [ 509.427283][ T3097] usb usb34-port1: unable to enumerate USB device [ 510.502113][ T5915] cp2112 0003:10C4:EA90.0005: error reading lock byte: -71 [ 510.569722][ T6386] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 510.885049][T10089] wlan0 speed is unknown, defaulting to 1000 [ 511.286919][ T6386] usb 3-1: Using ep0 maxpacket: 16 [ 512.281243][ T6386] usb 3-1: New USB device found, idVendor=045e, idProduct=0721, bcdDevice=9c.25 [ 512.290778][ T6386] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 512.298972][ T6386] usb 3-1: Product: syz [ 512.303296][ T6386] usb 3-1: Manufacturer: syz [ 512.357291][ T6386] usb 3-1: config 0 descriptor?? [ 512.370783][ T6386] usb 3-1: can't set config #0, error -71 [ 512.389150][ T6386] usb 3-1: USB disconnect, device number 16 [ 512.500352][ T5915] usb 1-1: USB disconnect, device number 9 [ 515.038897][T10133] net_ratelimit: 10 callbacks suppressed [ 515.038920][T10133] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 517.072118][T10148] wlan0 speed is unknown, defaulting to 1000 [ 520.351005][T10167] 9pnet_virtio: no channels available for device syz [ 521.259859][ T5943] Process accounting resumed [ 522.298773][T10185] loop2: detected capacity change from 0 to 256 [ 522.535443][T10187] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 522.641808][T10185] FAT-fs (loop2): Directory bread(block 64) failed [ 522.659307][T10185] FAT-fs (loop2): Directory bread(block 65) failed [ 522.709151][T10185] FAT-fs (loop2): Directory bread(block 66) failed [ 522.759047][T10185] FAT-fs (loop2): Directory bread(block 67) failed [ 522.765850][T10185] FAT-fs (loop2): Directory bread(block 68) failed [ 522.774854][T10185] FAT-fs (loop2): Directory bread(block 69) failed [ 522.784108][T10185] FAT-fs (loop2): Directory bread(block 70) failed [ 522.802250][T10185] FAT-fs (loop2): Directory bread(block 71) failed [ 522.817270][T10185] FAT-fs (loop2): Directory bread(block 72) failed [ 522.869164][T10185] FAT-fs (loop2): Directory bread(block 73) failed [ 526.465480][T10209] binder: BINDER_SET_CONTEXT_MGR already set [ 526.512030][T10209] binder: 10208:10209 ioctl 4018620d 200000000040 returned -16 [ 528.852417][T10224] CUSE: unknown device info "KJ H+ۤ2LhnL1`Ccn80(3նi>f_ٮ,<_eF" [ 528.869275][T10224] CUSE: unknown device info "3ܟ,̘" [ 529.019094][T10224] CUSE: unknown device info "J2S Z !e/J+-na4D|G$5O~q [ 529.019094][T10224] fzXSAxjTǔw xRɐQ(hҏj pVdY0|M?2JIv^R@" [ 529.039197][T10224] CUSE: unknown device info "!To}ݝ&|L+Uoϲ"FstV:׌E gJ<@c4TMM|" [ 529.498536][T10224] CUSE: DEVNAME unspecified [ 530.303780][T10239] netdevsim netdevsim4: Direct firmware load for 0PqD"2NktTWj%N failed with error -2 [ 530.358840][T10239] netdevsim netdevsim4: Falling back to sysfs fallback for: 0PqD"2NktTWj%N [ 530.537854][T10243] netlink: 'syz.2.1281': attribute type 21 has an invalid length. [ 530.547462][T10243] netlink: 'syz.2.1281': attribute type 15 has an invalid length. [ 530.556193][T10243] netlink: 156 bytes leftover after parsing attributes in process `syz.2.1281'. [ 530.569417][T10243] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 531.904740][T10250] binder: BINDER_SET_CONTEXT_MGR already set [ 531.923918][T10250] binder: 10249:10250 ioctl 4018620d 200000000040 returned -16 [ 531.945845][T10254] loop0: detected capacity change from 0 to 256 [ 532.106859][T10254] FAT-fs (loop0): Directory bread(block 64) failed [ 532.145024][T10254] FAT-fs (loop0): Directory bread(block 65) failed [ 532.161015][T10254] FAT-fs (loop0): Directory bread(block 66) failed [ 532.171753][T10254] FAT-fs (loop0): Directory bread(block 67) failed [ 532.180603][T10254] FAT-fs (loop0): Directory bread(block 68) failed [ 532.187483][T10254] FAT-fs (loop0): Directory bread(block 69) failed [ 532.280025][T10254] FAT-fs (loop0): Directory bread(block 70) failed [ 532.288865][T10254] FAT-fs (loop0): Directory bread(block 71) failed [ 532.308698][T10254] FAT-fs (loop0): Directory bread(block 72) failed [ 532.321422][T10254] FAT-fs (loop0): Directory bread(block 73) failed [ 533.800310][T10272] random: crng reseeded on system resumption [ 534.047239][ T51] Bluetooth: hci2: unexpected event for opcode 0x200b [ 536.279096][T10280] veth7: entered allmulticast mode [ 536.745514][T10307] loop2: detected capacity change from 0 to 256 [ 537.661674][T10307] FAT-fs (loop2): Directory bread(block 64) failed [ 537.720394][T10307] FAT-fs (loop2): Directory bread(block 65) failed [ 537.817681][T10307] FAT-fs (loop2): Directory bread(block 66) failed [ 537.913237][T10307] FAT-fs (loop2): Directory bread(block 67) failed [ 537.994878][T10307] FAT-fs (loop2): Directory bread(block 68) failed [ 538.071709][T10307] FAT-fs (loop2): Directory bread(block 69) failed [ 538.154909][T10307] FAT-fs (loop2): Directory bread(block 70) failed [ 538.240836][T10307] FAT-fs (loop2): Directory bread(block 71) failed [ 538.542991][T10307] FAT-fs (loop2): Directory bread(block 72) failed [ 538.564568][T10307] FAT-fs (loop2): Directory bread(block 73) failed [ 539.545201][T10327] syz_tun: entered allmulticast mode [ 539.805525][T10327] syz_tun: left allmulticast mode [ 540.362906][T10344] ubi31: attaching mtd0 [ 540.371196][T10344] ubi31: scanning is finished [ 540.375925][T10344] ubi31: empty MTD device detected [ 540.494435][T10344] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB) [ 540.502146][T10344] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 540.510035][T10344] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 540.517244][T10344] ubi31: VID header offset: 64 (aligned 64), data offset: 128 [ 540.524908][T10344] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 540.531786][T10344] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 540.539892][T10344] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 2158072119 [ 540.549980][T10344] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 540.561472][T10350] ubi31: background thread "ubi_bgt31d" started, PID 10350 [ 542.214888][T10360] loop2: detected capacity change from 0 to 256 [ 542.663434][T10360] FAT-fs (loop2): Directory bread(block 64) failed [ 542.686462][T10360] FAT-fs (loop2): Directory bread(block 65) failed [ 542.710469][T10360] FAT-fs (loop2): Directory bread(block 66) failed [ 542.800880][T10360] FAT-fs (loop2): Directory bread(block 67) failed [ 542.852771][T10360] FAT-fs (loop2): Directory bread(block 68) failed [ 542.889604][T10360] FAT-fs (loop2): Directory bread(block 69) failed [ 542.909259][T10360] FAT-fs (loop2): Directory bread(block 70) failed [ 542.926509][T10360] FAT-fs (loop2): Directory bread(block 71) failed [ 542.980117][T10360] FAT-fs (loop2): Directory bread(block 72) failed [ 543.167373][T10360] FAT-fs (loop2): Directory bread(block 73) failed [ 543.544439][T10370] syz_tun: entered allmulticast mode [ 543.587384][T10370] syz_tun: left allmulticast mode [ 547.043800][T10400] netlink: 'syz.0.1329': attribute type 10 has an invalid length. [ 547.071487][T10398] loop3: detected capacity change from 0 to 256 [ 547.121961][T10400] bridge0: port 2(bridge_slave_1) entered disabled state [ 547.129445][T10400] bridge0: port 1(bridge_slave_0) entered disabled state [ 547.160541][T10398] FAT-fs (loop3): Directory bread(block 64) failed [ 547.178963][T10398] FAT-fs (loop3): Directory bread(block 65) failed [ 547.185794][T10398] FAT-fs (loop3): Directory bread(block 66) failed [ 547.205578][T10408] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1329'. [ 547.214711][T10398] FAT-fs (loop3): Directory bread(block 67) failed [ 547.214851][T10398] FAT-fs (loop3): Directory bread(block 68) failed [ 547.214878][T10398] FAT-fs (loop3): Directory bread(block 69) failed [ 547.214972][T10398] FAT-fs (loop3): Directory bread(block 70) failed [ 547.285963][T10400] bridge0: port 2(bridge_slave_1) entered blocking state [ 547.293263][T10400] bridge0: port 2(bridge_slave_1) entered forwarding state [ 547.301985][T10400] bridge0: port 1(bridge_slave_0) entered blocking state [ 547.309393][T10400] bridge0: port 1(bridge_slave_0) entered forwarding state [ 547.347990][T10398] FAT-fs (loop3): Directory bread(block 71) failed [ 547.354653][T10398] FAT-fs (loop3): Directory bread(block 72) failed [ 547.416540][T10400] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 547.444033][T10398] FAT-fs (loop3): Directory bread(block 73) failed [ 547.667966][T10408] bridge_slave_1: left allmulticast mode [ 547.675740][T10408] bridge_slave_1: left promiscuous mode [ 548.211242][T10408] bridge0: port 2(bridge_slave_1) entered disabled state [ 548.523564][T10408] bridge_slave_0: left allmulticast mode [ 549.233223][T10408] bridge_slave_0: left promiscuous mode [ 549.265705][T10408] bridge0: port 1(bridge_slave_0) entered disabled state [ 549.464829][T10408] bond0: (slave bridge0): Releasing backup interface [ 550.354278][T10442] netlink: 'syz.4.1345': attribute type 21 has an invalid length. [ 550.362502][T10442] netlink: 'syz.4.1345': attribute type 15 has an invalid length. [ 550.371742][T10442] netlink: 156 bytes leftover after parsing attributes in process `syz.4.1345'. [ 550.381730][T10442] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 551.105785][T10451] loop4: detected capacity change from 0 to 256 [ 551.617478][T10451] FAT-fs (loop4): Directory bread(block 64) failed [ 551.660093][T10451] FAT-fs (loop4): Directory bread(block 65) failed [ 551.666749][T10451] FAT-fs (loop4): Directory bread(block 66) failed [ 551.703708][T10451] FAT-fs (loop4): Directory bread(block 67) failed [ 551.710983][T10451] FAT-fs (loop4): Directory bread(block 68) failed [ 551.718816][T10451] FAT-fs (loop4): Directory bread(block 69) failed [ 551.744070][T10451] FAT-fs (loop4): Directory bread(block 70) failed [ 551.807994][T10451] FAT-fs (loop4): Directory bread(block 71) failed [ 551.825933][T10451] FAT-fs (loop4): Directory bread(block 72) failed [ 551.835289][T10458] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1341'. [ 551.873989][T10451] FAT-fs (loop4): Directory bread(block 73) failed [ 552.260456][T10460] loop0: detected capacity change from 0 to 40427 [ 552.315728][T10460] F2FS-fs (loop0): build fault injection type: 0x7 [ 552.330031][T10460] F2FS-fs (loop0): invalid crc value [ 552.459978][T10460] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 552.472647][T10460] F2FS-fs (loop0): Start checkpoint disabled! [ 552.753725][T10470] netlink: 'syz.1.1354': attribute type 9 has an invalid length. [ 553.081618][T10460] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6 [ 557.036381][T10510] random: crng reseeded on system resumption [ 557.043684][ T5915] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 557.128294][T10510] Restarting kernel threads ... [ 557.149493][T10510] Done restarting kernel threads. [ 557.574901][ T5915] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 558.555379][ T5915] usb 1-1: config 1 has an invalid descriptor of length 52, skipping remainder of the config [ 558.576088][ T5915] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 558.588970][ T5915] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 7 [ 558.988548][ T5915] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 9272, setting to 1024 [ 559.002361][ T5915] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 559.011625][ T5915] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 559.020036][ T5915] usb 1-1: Product: syz [ 559.024237][ T5915] usb 1-1: Manufacturer: syz [ 559.040822][ T5915] cdc_wdm 1-1:1.0: skipping garbage [ 559.046512][ T5915] cdc_wdm 1-1:1.0: skipping garbage [ 559.051878][ T5915] cdc_wdm 1-1:1.0: probe with driver cdc_wdm failed with error -22 [ 559.152430][T10529] vivid-007: ================= START STATUS ================= [ 559.163991][T10529] vivid-007: Enable Output Cropping: true [ 559.170559][T10529] vivid-007: Enable Output Composing: true [ 559.176519][T10529] vivid-007: Enable Output Scaler: true [ 559.182305][T10529] vivid-007: Tx RGB Quantization Range: Automatic [ 559.189338][T10529] vivid-007: Transmit Mode: HDMI [ 559.194421][T10529] vivid-007: Hotplug Present: 0x00000000 [ 559.200461][T10529] vivid-007: RxSense Present: 0x00000000 [ 559.306397][T10529] vivid-007: EDID Present: 0x00000000 [ 559.377531][T10529] vivid-007: ================== END STATUS ================== [ 562.343855][ T5940] usb 1-1: USB disconnect, device number 10 [ 562.919135][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 562.925452][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 564.173217][T10561] loop2: detected capacity change from 0 to 256 [ 564.815905][T10561] FAT-fs (loop2): Directory bread(block 64) failed [ 564.832795][T10561] FAT-fs (loop2): Directory bread(block 65) failed [ 564.860053][T10561] FAT-fs (loop2): Directory bread(block 66) failed [ 564.882241][T10561] FAT-fs (loop2): Directory bread(block 67) failed [ 564.892596][T10561] FAT-fs (loop2): Directory bread(block 68) failed [ 564.904848][T10561] FAT-fs (loop2): Directory bread(block 69) failed [ 564.912815][T10561] FAT-fs (loop2): Directory bread(block 70) failed [ 564.925170][T10561] FAT-fs (loop2): Directory bread(block 71) failed [ 564.935267][T10561] FAT-fs (loop2): Directory bread(block 72) failed [ 564.945316][T10561] FAT-fs (loop2): Directory bread(block 73) failed [ 566.126790][T10574] random: crng reseeded on system resumption [ 567.919124][T10585] netlink: 'syz.2.1388': attribute type 21 has an invalid length. [ 567.927075][T10585] netlink: 'syz.2.1388': attribute type 15 has an invalid length. [ 568.694417][T10585] netlink: 156 bytes leftover after parsing attributes in process `syz.2.1388'. [ 568.703568][T10585] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 569.349993][ T979] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 569.636883][ T979] usb 4-1: Using ep0 maxpacket: 8 [ 569.830994][ T979] usb 4-1: config 0 has an invalid interface number: 93 but max is 0 [ 569.872543][ T979] usb 4-1: config 0 has no interface number 0 [ 569.989113][ T979] usb 4-1: config 0 interface 93 has no altsetting 0 [ 570.032390][ T979] usb 4-1: New USB device found, idVendor=0711, idProduct=5200, bcdDevice=45.86 [ 570.041812][ T979] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 570.049937][ T979] usb 4-1: Product: syz [ 570.054747][ T979] usb 4-1: Manufacturer: syz [ 570.064329][ T979] usb 4-1: SerialNumber: syz [ 570.085998][ T979] usb 4-1: config 0 descriptor?? [ 570.107987][ T979] sisusb 4-1:0.93: Invalid USB2VGA device [ 570.133023][ T979] sisusb 4-1:0.93: probe with driver sisusb failed with error -22 [ 570.326059][T10019] usb 4-1: USB disconnect, device number 17 [ 571.947897][T10628] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1400'. [ 572.206489][T10633] gtp0: entered promiscuous mode [ 573.319595][T10645] netlink: 72 bytes leftover after parsing attributes in process `syz.4.1404'. [ 573.511428][T10645] syz.4.1404: attempt to access beyond end of device [ 573.511428][T10645] nbd4: rw=0, sector=64, nr_sectors = 8 limit=0 [ 573.530416][T10645] syz.4.1404: attempt to access beyond end of device [ 573.530416][T10645] nbd4: rw=0, sector=120, nr_sectors = 8 limit=0 [ 573.566267][T10645] Mount JFS Failure: -5 [ 575.968632][T10677] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1414'. [ 579.255851][T10701] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1422'. [ 579.783876][T10710] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1642504120 (13140032960 ns) > initial count (744665392 ns). Using initial count to start timer. [ 579.826179][T10712] netlink: 'syz.0.1420': attribute type 5 has an invalid length. [ 579.906965][T10710] kvm: vcpu 1: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer. [ 580.917287][ T51] Bluetooth: hci0: unexpected event for opcode 0x1003 [ 581.775351][T10725] loop0: detected capacity change from 0 to 40427 [ 581.836648][T10725] F2FS-fs (loop0): build fault injection type: 0x7 [ 581.846152][T10725] F2FS-fs (loop0): invalid crc value [ 582.372458][T10725] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 582.382776][T10725] F2FS-fs (loop0): Start checkpoint disabled! [ 582.396595][T10725] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6 [ 583.925393][T10731] wlan0 speed is unknown, defaulting to 1000 [ 583.966983][ T30] kauditd_printk_skb: 40 callbacks suppressed [ 583.967002][ T30] audit: type=1326 audit(1752397500.023:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10728 comm="syz.2.1430" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe26518e929 code=0x0 [ 584.217218][ T30] audit: type=1326 audit(1752397500.293:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10739 comm="syz.1.1433" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1183f8e929 code=0x0 [ 584.955581][ T51] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 584.965024][ T51] Bluetooth: hci0: Injecting HCI hardware error event [ 584.973410][ T51] Bluetooth: hci0: hardware error 0x00 [ 585.682436][T10756] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1434'. [ 585.684435][T10758] syz.3.1434: attempt to access beyond end of device [ 585.684435][T10758] nbd3: rw=0, sector=64, nr_sectors = 8 limit=0 [ 585.718329][T10758] syz.3.1434: attempt to access beyond end of device [ 585.718329][T10758] nbd3: rw=0, sector=120, nr_sectors = 8 limit=0 [ 585.738194][T10758] Mount JFS Failure: -5 [ 587.282581][ T51] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 588.036059][T10772] netlink: 'syz.3.1439': attribute type 5 has an invalid length. [ 588.288094][T10782] loop4: detected capacity change from 0 to 1024 [ 590.005075][T10782] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 590.794646][ T5852] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 593.153904][T10826] loop4: detected capacity change from 0 to 1024 [ 593.213790][T10826] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 593.315139][T10019] usb 4-1: new high-speed USB device number 18 using dummy_hcd [ 593.705699][T10019] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 593.719192][T10019] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 593.794907][T10019] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 593.808077][T10019] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 593.825125][T10019] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 593.835621][T10019] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 593.888388][T10019] usb 4-1: config 0 descriptor?? [ 594.241811][ T5852] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 594.354013][T10019] plantronics 0003:047F:FFFF.0006: ignoring exceeding usage max [ 594.368439][ T979] usb 1-1: new full-speed USB device number 11 using dummy_hcd [ 594.425183][T10019] plantronics 0003:047F:FFFF.0006: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 594.676117][ T979] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 594.726071][ T979] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 594.768319][ T979] usb 1-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8 [ 594.861068][ T979] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 594.990158][ T979] usb 1-1: config 0 descriptor?? [ 595.120539][ T979] dvb-usb: found a 'Artec T1 USB2.0' in warm state. [ 595.158504][ T979] dvb-usb: bulk message failed: -22 (3/0) [ 595.252231][ T979] dvb-usb: will use the device's hardware PID filter (table count: 16). [ 595.304632][ T979] dvbdev: DVB: registering new adapter (Artec T1 USB2.0) [ 595.369095][ T979] usb 1-1: media controller created [ 595.389005][ T979] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 595.422612][ T979] dvb-usb: bulk message failed: -22 (6/0) [ 595.433873][ T979] dvb-usb: no frontend was attached by 'Artec T1 USB2.0' [ 595.488112][ T979] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb1/1-1/input/input12 [ 595.538919][ T979] dvb-usb: schedule remote query interval to 150 msecs. [ 595.546261][ T979] dvb-usb: Artec T1 USB2.0 successfully initialized and connected. [ 595.601293][ T979] usb 1-1: USB disconnect, device number 11 [ 595.876770][ T979] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected. [ 595.964495][ T30] audit: type=1326 audit(1752397512.034:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10861 comm="syz.0.1464" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3bbbb8e929 code=0x0 [ 596.299761][T10867] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (pcl818) [ 597.315244][T10019] usb 4-1: USB disconnect, device number 18 [ 598.050646][T10019] usb 4-1: new high-speed USB device number 19 using dummy_hcd [ 598.224987][T10019] usb 4-1: Using ep0 maxpacket: 32 [ 598.280477][T10019] usb 4-1: config index 0 descriptor too short (expected 29220, got 36) [ 598.869412][T10019] usb 4-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 598.889236][T10019] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 599.035749][T10019] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 599.045103][T10019] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 18 [ 599.058265][T10019] usb 4-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 599.068755][T10019] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 599.095660][T10019] usb 4-1: config 0 descriptor?? [ 599.314758][ T6386] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 599.329248][T10019] usb 4-1: USB disconnect, device number 19 [ 599.617607][ T24] usb 3-1: new low-speed USB device number 17 using dummy_hcd [ 599.644784][ T6386] usb 1-1: Using ep0 maxpacket: 16 [ 599.673969][ T6386] usb 1-1: New USB device found, idVendor=045e, idProduct=0721, bcdDevice=9c.25 [ 599.687189][ T6386] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 599.699976][ T6386] usb 1-1: Product: syz [ 599.706928][ T6386] usb 1-1: Manufacturer: syz [ 599.711521][ T6386] usb 1-1: SerialNumber: syz [ 599.722973][ T6386] usb 1-1: config 0 descriptor?? [ 599.733297][ T6386] usb 1-1: Found UVC 0.00 device syz (045e:0721) [ 599.739910][ T6386] usb 1-1: No valid video chain found. [ 599.846157][ T24] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 599.876344][T10892] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 599.933633][ T24] usb 3-1: config 0 has no interface number 0 [ 599.942539][ T5940] usb 1-1: USB disconnect, device number 12 [ 599.954153][ T24] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 600.112144][T10886] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 600.123559][ T24] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8 [ 600.139045][ T24] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 600.164686][ T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 600.196897][ T24] usb 3-1: config 0 descriptor?? [ 600.204176][T10889] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22 [ 600.271125][ T24] iowarrior 3-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 600.406320][ T30] audit: type=1326 audit(1752397516.484:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10897 comm="syz.3.1475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a22d8e929 code=0x7ffc0000 [ 600.713567][T10889] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (pcl818) [ 600.720134][ T30] audit: type=1326 audit(1752397516.484:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10897 comm="syz.3.1475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a22d8e929 code=0x7ffc0000 [ 600.759695][ T30] audit: type=1326 audit(1752397516.504:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10897 comm="syz.3.1475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=29 compat=0 ip=0x7f1a22d8e929 code=0x7ffc0000 [ 600.822854][T10902] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1474'. [ 600.944809][ T30] audit: type=1326 audit(1752397516.504:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10897 comm="syz.3.1475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a22d8e929 code=0x7ffc0000 [ 601.104935][ T30] audit: type=1326 audit(1752397516.504:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10897 comm="syz.3.1475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a22d8e929 code=0x7ffc0000 [ 601.298185][ T30] audit: type=1326 audit(1752397516.504:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10897 comm="syz.3.1475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=30 compat=0 ip=0x7f1a22d8e929 code=0x7ffc0000 [ 601.399154][T10019] usb 3-1: USB disconnect, device number 17 [ 601.405357][ C1] iowarrior 3-1:0.1: iowarrior_callback - usb_submit_urb failed with result -19 [ 601.454957][ T30] audit: type=1326 audit(1752397516.504:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10897 comm="syz.3.1475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a22d8e929 code=0x7ffc0000 [ 601.656701][ T30] audit: type=1326 audit(1752397516.504:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10897 comm="syz.3.1475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=30 compat=0 ip=0x7f1a22d8e929 code=0x7ffc0000 [ 601.899497][ T30] audit: type=1326 audit(1752397516.504:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10897 comm="syz.3.1475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a22d8e929 code=0x7ffc0000 [ 602.061375][ T30] audit: type=1326 audit(1752397516.504:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10897 comm="syz.3.1475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1a22d8d290 code=0x7ffc0000 [ 602.904488][ T30] audit: type=1326 audit(1752397516.504:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10897 comm="syz.3.1475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a22d8e929 code=0x7ffc0000 [ 603.140688][ T30] audit: type=1326 audit(1752397516.504:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10897 comm="syz.3.1475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f1a22d8e929 code=0x7ffc0000 [ 603.173747][ T30] audit: type=1326 audit(1752397516.504:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10897 comm="syz.3.1475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a22d8e929 code=0x7ffc0000 [ 603.245640][ T30] audit: type=1326 audit(1752397516.504:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10897 comm="syz.3.1475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a22d8e929 code=0x7ffc0000 [ 603.293704][T10924] netlink: 'syz.0.1480': attribute type 5 has an invalid length. [ 603.880215][T10924] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1480'. [ 603.930751][T10924] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1480'. [ 607.182150][T10961] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1492'. [ 609.587643][T10993] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1503'. [ 609.762118][T10996] netlink: 'syz.3.1502': attribute type 21 has an invalid length. [ 609.770214][T10996] netlink: 'syz.3.1502': attribute type 15 has an invalid length. [ 609.788414][T10996] netlink: 156 bytes leftover after parsing attributes in process `syz.3.1502'. [ 609.802874][T10996] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 610.874440][ T5858] Bluetooth: hci3: command 0x0406 tx timeout [ 611.240088][T11008] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1508'. [ 611.276690][T11008] syz.3.1508: attempt to access beyond end of device [ 611.276690][T11008] nbd3: rw=0, sector=64, nr_sectors = 8 limit=0 [ 611.291010][T11008] syz.3.1508: attempt to access beyond end of device [ 611.291010][T11008] nbd3: rw=0, sector=120, nr_sectors = 8 limit=0 [ 611.307431][T11008] Mount JFS Failure: -5 [ 612.304078][ T979] usb 4-1: new high-speed USB device number 20 using dummy_hcd [ 612.504186][ T979] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 612.514329][ T979] usb 4-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 612.534294][ T979] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 612.546189][ T979] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 612.563907][ T979] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 612.585783][ T979] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 612.604087][ T979] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 612.622323][ T979] usb 4-1: Product: syz [ 612.626717][ T979] usb 4-1: Manufacturer: syz [ 612.634409][T10019] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 612.656513][ T979] cdc_wdm 4-1:1.0: skipping garbage [ 612.661752][ T979] cdc_wdm 4-1:1.0: skipping garbage [ 612.677244][ T979] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device [ 612.683173][ T979] cdc_wdm 4-1:1.0: Unknown control protocol [ 612.734127][ T6386] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 612.795010][T10019] usb 3-1: Using ep0 maxpacket: 8 [ 612.802214][T10019] usb 3-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config [ 612.818517][T10019] usb 3-1: config 16 has 0 interfaces, different from the descriptor's value: 1 [ 612.831026][T10019] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 612.846344][T10019] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 612.894240][ T6386] usb 1-1: Using ep0 maxpacket: 32 [ 612.908400][ T6386] usb 1-1: config 0 has an invalid interface number: 51 but max is 0 [ 612.920337][ T6386] usb 1-1: config 0 has no interface number 0 [ 612.934280][ T6386] usb 1-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 612.960538][ T6386] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 612.969368][ T6386] usb 1-1: Product: syz [ 612.978293][ T6386] usb 1-1: Manufacturer: syz [ 612.984012][ T6386] usb 1-1: SerialNumber: syz [ 613.116789][ T6386] usb 1-1: config 0 descriptor?? [ 613.290506][ T6386] quatech2 1-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 613.716250][T11036] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 613.743222][T11036] CIFS: Unable to determine destination address [ 613.824406][ T6386] usb 1-1: qt2_attach - failed to power on unit: -71 [ 613.831614][ T6386] quatech2 1-1:0.51: probe with driver quatech2 failed with error -71 [ 614.373495][ T6386] usb 1-1: USB disconnect, device number 13 [ 614.416068][ T5943] usb 4-1: USB disconnect, device number 20 [ 614.564776][T11045] netlink: 'syz.4.1518': attribute type 21 has an invalid length. [ 614.573272][T11045] netlink: 'syz.4.1518': attribute type 15 has an invalid length. [ 614.581729][T11045] netlink: 156 bytes leftover after parsing attributes in process `syz.4.1518'. [ 614.597460][T11045] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 615.259072][T11047] veth7: entered allmulticast mode [ 616.223070][T11057] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1523'. [ 617.740947][ T979] usb 3-1: USB disconnect, device number 18 [ 619.524315][T11093] netlink: 'syz.0.1534': attribute type 21 has an invalid length. [ 619.532613][T11093] netlink: 'syz.0.1534': attribute type 15 has an invalid length. [ 619.540794][T11093] netlink: 156 bytes leftover after parsing attributes in process `syz.0.1534'. [ 619.550538][T11093] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 621.171376][T11102] device ioctl magic numbers don't match! Did you rebuild pvfs2-client-core/libpvfs2? [cmd 5441, magic 54 != 6b] [ 621.433645][T11108] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1540'. [ 622.066474][ T30] kauditd_printk_skb: 34 callbacks suppressed [ 622.066493][ T30] audit: type=1326 audit(1752397538.145:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11117 comm="syz.1.1543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1183f8e929 code=0x7ffc0000 [ 622.205474][ T30] audit: type=1326 audit(1752397538.145:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11117 comm="syz.1.1543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1183f8e929 code=0x7ffc0000 [ 622.383385][ T30] audit: type=1326 audit(1752397538.175:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11117 comm="syz.1.1543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=29 compat=0 ip=0x7f1183f8e929 code=0x7ffc0000 [ 622.472064][ T30] audit: type=1326 audit(1752397538.175:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11117 comm="syz.1.1543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1183f8e929 code=0x7ffc0000 [ 622.542355][ T30] audit: type=1326 audit(1752397538.175:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11117 comm="syz.1.1543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1183f8e929 code=0x7ffc0000 [ 622.564849][ C1] vkms_vblank_simulate: vblank timer overrun [ 622.623584][ T30] audit: type=1326 audit(1752397538.185:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11117 comm="syz.1.1543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=30 compat=0 ip=0x7f1183f8e929 code=0x7ffc0000 [ 622.645869][ C1] vkms_vblank_simulate: vblank timer overrun [ 622.654778][ T30] audit: type=1800 audit(1752397538.185:319): pid=11119 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1543" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0 [ 622.748719][ T30] audit: type=1326 audit(1752397538.185:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11117 comm="syz.1.1543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1183f8e929 code=0x7ffc0000 [ 622.794544][ T30] audit: type=1326 audit(1752397538.185:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11117 comm="syz.1.1543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1183f8e929 code=0x7ffc0000 [ 622.817087][ C1] vkms_vblank_simulate: vblank timer overrun [ 622.823922][ T30] audit: type=1326 audit(1752397538.185:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11117 comm="syz.1.1543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=30 compat=0 ip=0x7f1183f8e929 code=0x7ffc0000 [ 622.846353][ C1] vkms_vblank_simulate: vblank timer overrun [ 624.077530][T11144] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1552'. [ 624.239510][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.245916][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 624.566452][T11151] vcan0: tx drop: invalid da for name 0x00000000000000c7 [ 624.875228][T11136] syz.4.1542: vmalloc error: size 16777216, failed to allocated page array size 32768, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 624.941906][T11136] CPU: 1 UID: 0 PID: 11136 Comm: syz.4.1542 Not tainted 6.16.0-rc5-next-20250711-syzkaller #0 PREEMPT(full) [ 624.941929][T11136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 624.941940][T11136] Call Trace: [ 624.941946][T11136] [ 624.941953][T11136] dump_stack_lvl+0x189/0x250 [ 624.941980][T11136] ? __pfx_dump_stack_lvl+0x10/0x10 [ 624.941998][T11136] ? __pfx__printk+0x10/0x10 [ 624.942020][T11136] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 624.942038][T11136] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 624.942058][T11136] ? cpuset_print_current_mems_allowed+0x2ee/0x360 [ 624.942078][T11136] warn_alloc+0x214/0x310 [ 624.942105][T11136] ? __pfx_warn_alloc+0x10/0x10 [ 624.942133][T11136] ? __get_vm_area_node+0x28f/0x300 [ 624.942153][T11136] ? packet_set_ring+0x6f4/0x2380 [ 624.942180][T11136] __vmalloc_node_range_noprof+0x67e/0x12f0 [ 624.942224][T11136] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 624.942246][T11136] ? alloc_pages_mpol+0x3c4/0x4a0 [ 624.942269][T11136] ? packet_set_ring+0x6f4/0x2380 [ 624.942292][T11136] vzalloc_noprof+0xb2/0xf0 [ 624.942313][T11136] ? packet_set_ring+0x6f4/0x2380 [ 624.942338][T11136] packet_set_ring+0x6f4/0x2380 [ 624.942378][T11136] ? __pfx_packet_set_ring+0x10/0x10 [ 624.942417][T11136] ? _copy_from_user+0x94/0xb0 [ 624.942440][T11136] packet_setsockopt+0xc5a/0x12c0 [ 624.942466][T11136] ? __pfx_packet_setsockopt+0x10/0x10 [ 624.942489][T11136] ? rcu_is_watching+0x15/0xb0 [ 624.942505][T11136] ? trace_irq_disable+0x37/0x110 [ 624.942532][T11136] ? preempt_schedule_irq+0xde/0x150 [ 624.942559][T11136] ? irqentry_exit+0x74/0x90 [ 624.942578][T11136] ? lockdep_hardirqs_on+0x9c/0x150 [ 624.942606][T11136] ? do_sock_setsockopt+0x194/0x3e0 [ 624.942632][T11136] ? __pfx_packet_setsockopt+0x10/0x10 [ 624.942657][T11136] do_sock_setsockopt+0x25a/0x3e0 [ 624.942683][T11136] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 624.942710][T11136] ? __fget_files+0x2a/0x420 [ 624.942739][T11136] __x64_sys_setsockopt+0x18b/0x220 [ 624.942769][T11136] do_syscall_64+0xfa/0x3b0 [ 624.942790][T11136] ? lockdep_hardirqs_on+0x9c/0x150 [ 624.942810][T11136] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 624.942825][T11136] ? clear_bhb_loop+0x60/0xb0 [ 624.942843][T11136] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 624.942869][T11136] RIP: 0033:0x7f247f18e929 [ 624.942884][T11136] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 624.942897][T11136] RSP: 002b:00007f247ffdc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 624.942913][T11136] RAX: ffffffffffffffda RBX: 00007f247f3b6080 RCX: 00007f247f18e929 [ 624.942927][T11136] RDX: 0000000000000005 RSI: 0000000000000107 RDI: 0000000000000005 [ 624.942937][T11136] RBP: 00007f247f210b39 R08: 000000000000001c R09: 0000000000000000 [ 624.942946][T11136] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000000 [ 624.942956][T11136] R13: 0000000000000000 R14: 00007f247f3b6080 R15: 00007ffc395f3758 [ 624.942979][T11136] [ 624.943041][T11136] Mem-Info: [ 625.374409][T11162] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1557'. [ 625.414002][T11136] active_anon:15504 inactive_anon:0 isolated_anon:0 [ 625.414002][T11136] active_file:13068 inactive_file:40077 isolated_file:0 [ 625.414002][T11136] unevictable:2816 dirty:135 writeback:0 [ 625.414002][T11136] slab_reclaimable:11088 slab_unreclaimable:98367 [ 625.414002][T11136] mapped:33868 shmem:11211 pagetables:1267 [ 625.414002][T11136] sec_pagetables:0 bounce:0 [ 625.414002][T11136] kernel_misc_reclaimable:0 [ 625.414002][T11136] free:1280961 free_pcp:16517 free_cma:0 [ 625.552795][T11136] Node 0 active_anon:62416kB inactive_anon:0kB active_file:52116kB inactive_file:160104kB unevictable:9728kB isolated(anon):0kB isolated(file):0kB mapped:136220kB dirty:540kB writeback:0kB shmem:43308kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:12244kB pagetables:4916kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 625.602961][T11136] Node 1 active_anon:0kB inactive_anon:0kB active_file:156kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:60kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:160kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 625.633214][ C1] vkms_vblank_simulate: vblank timer overrun [ 625.756944][T11136] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 625.763608][ T5940] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 625.785811][ C1] vkms_vblank_simulate: vblank timer overrun [ 625.839632][T11136] lowmem_reserve[]: 0 2497 2499 2499 2499 [ 625.857625][T11136] Node 0 DMA32 free:1243040kB boost:0kB min:34248kB low:42808kB high:51368kB reserved_highatomic:0KB free_highatomic:0KB active_anon:63044kB inactive_anon:0kB active_file:52116kB inactive_file:158536kB unevictable:9728kB writepending:548kB present:3129332kB managed:2557696kB mlocked:8192kB bounce:0kB free_pcp:40976kB local_pcp:14808kB free_cma:0kB [ 625.985851][T11136] lowmem_reserve[]: 0 0 1 1 1 [ 625.990754][T11136] Node 0 Normal free:24kB boost:0kB min:20kB low:24kB high:28kB reserved_highatomic:0KB free_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1568kB unevictable:0kB writepending:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB [ 626.019740][ C1] vkms_vblank_simulate: vblank timer overrun [ 626.063231][T11136] lowmem_reserve[]: 0 0 0 0 0 [ 626.068257][T11136] Node 1 Normal free:3867672kB boost:0kB min:55632kB low:69540kB high:83448kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:156kB inactive_file:204kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:21168kB local_pcp:16500kB free_cma:0kB [ 626.103330][ T5940] usb 1-1: device descriptor read/64, error -71 [ 626.193256][T11136] lowmem_reserve[]: 0 0 0 0 0 [ 626.198016][T11136] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 626.353412][ T5940] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 626.363384][T11136] Node 0 DMA32: 66*4kB (UME) 89*8kB (UE) 19*16kB (UE) 58*32kB (UME) 240*64kB (UME) 71*128kB (UME) 45*256kB (UM) 15*512kB (UME) 10*1024kB (UM) 7*2048kB (UME) 286*4096kB (M) = 1242816kB [ 626.473316][T11136] Node 0 Normal: 0*4kB 1*8kB (M) 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 24kB [ 626.503790][T11136] Node 1 Normal: 4*4kB (ME) 3*8kB (UME) 7*16kB (ME) 4*32kB (UE) 4*64kB (UE) 2*128kB (UM) 3*256kB (UM) 3*512kB (ME) 2*1024kB (ME) 2*2048kB (UE) 942*4096kB (M) = 3867672kB [ 626.521298][ T5940] usb 1-1: device descriptor read/64, error -71 [ 626.633494][ T5940] usb usb1-port1: attempt power cycle [ 626.655084][T11136] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 626.701049][T11136] Node 0 hugepages_total=6 hugepages_free=4 hugepages_surp=4 hugepages_size=2048kB [ 626.740307][T11175] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1563'. [ 626.775434][T11136] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 626.804608][T11136] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 626.842488][T11136] 64348 total pagecache pages [ 626.852332][T11136] 0 pages in swap cache [ 626.879885][T11136] Free swap = 124996kB [ 626.973213][ T5940] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 627.039212][T11136] Total swap = 124996kB [ 627.046132][T11136] 2097051 pages RAM [ 627.050016][T11136] 0 pages HighMem/MovableOnly [ 627.303764][T11136] 425585 pages reserved [ 627.307968][T11136] 0 pages cma reserved [ 627.316478][ T5940] usb 1-1: device descriptor read/8, error -71 [ 627.433544][T11183] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1565'. [ 627.646061][ T5940] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 627.697437][ T5940] usb 1-1: device descriptor read/8, error -71 [ 627.873546][ T5940] usb usb1-port1: unable to enumerate USB device [ 630.334893][T11225] netlink: 'syz.2.1581': attribute type 21 has an invalid length. [ 630.343192][T11225] netlink: 'syz.2.1581': attribute type 15 has an invalid length. [ 630.351091][T11225] netlink: 156 bytes leftover after parsing attributes in process `syz.2.1581'. [ 630.361243][T11225] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 631.134036][ T6386] usb 1-1: new full-speed USB device number 18 using dummy_hcd [ 631.314916][ T6386] usb 1-1: config 0 has no interfaces? [ 631.322453][ T6386] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 631.362585][ T6386] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 631.383385][ T6386] usb 1-1: Product: syz [ 631.402970][ T6386] usb 1-1: Manufacturer: syz [ 631.432955][ T6386] usb 1-1: SerialNumber: syz [ 631.469571][ T6386] usb 1-1: config 0 descriptor?? [ 631.699713][ T3097] usb 1-1: USB disconnect, device number 18 [ 633.350443][T11269] vimc link validate: Sensor B:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 1:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 633.633506][T11271] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1592'. [ 633.713794][T11272] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic [ 634.574612][T11276] netlink: 'syz.2.1594': attribute type 32 has an invalid length. [ 634.790824][T11277] veth5: entered allmulticast mode [ 635.243655][T11289] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1598'. [ 635.418181][T11293] netlink: 312 bytes leftover after parsing attributes in process `syz.2.1599'. [ 636.163899][ T6386] usb 4-1: new high-speed USB device number 21 using dummy_hcd [ 636.463035][ T6386] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 636.481823][ T6386] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 636.637759][ T6386] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 636.662577][ T6386] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 636.743805][ T6386] usb 4-1: config 0 descriptor?? [ 638.071641][T11316] input: syz0 as /devices/virtual/input/input13 [ 638.782305][T11318] ------------[ cut here ]------------ [ 638.787922][T11318] verifier bug: error during ctx access conversion(1) [ 638.795088][T11318] WARNING: kernel/bpf/verifier.c:21405 at bpf_check+0x1b6ec/0x1d2e0, CPU#0: syz.0.1604/11318 [ 638.805416][T11318] Modules linked in: [ 638.809609][T11318] CPU: 0 UID: 0 PID: 11318 Comm: syz.0.1604 Not tainted 6.16.0-rc5-next-20250711-syzkaller #0 PREEMPT(full) [ 638.821292][T11318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 638.831435][T11318] RIP: 0010:bpf_check+0x1b6ec/0x1d2e0 [ 638.836982][T11318] Code: 8b e8 68 6f af ff 90 0f 0b 90 90 e9 6b 60 ff ff e8 a9 a6 eb ff c6 05 a3 8b b9 0d 01 90 48 c7 c7 40 01 92 8b e8 45 6f af ff 90 <0f> 0b 90 90 e9 b5 bd ff ff e8 86 a6 eb ff c6 05 85 8b b9 0d 01 90 [ 638.856925][T11318] RSP: 0018:ffffc9001d95f600 EFLAGS: 00010246 [ 638.863080][T11318] RAX: 1040424f729de300 RBX: 0000000000000004 RCX: 0000000000080000 [ 638.871076][T11318] RDX: ffffc90011ecf000 RSI: 0000000000004289 RDI: 000000000000428a [ 638.879180][T11318] RBP: ffffc9001d95fb50 R08: 0000000000000003 R09: 0000000000000004 [ 638.887237][T11318] R10: dffffc0000000000 R11: fffffbfff1bfa4d8 R12: 0000000000000000 [ 638.895309][T11318] R13: dffffc0000000000 R14: ffff888048798000 R15: dffffc0000000000 [ 638.903655][T11318] FS: 00007f3bbca5d6c0(0000) GS:ffff888125bc6000(0000) knlGS:0000000000000000 [ 638.913009][T11318] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 638.919662][T11318] CR2: 000000110c3ffb08 CR3: 0000000029986000 CR4: 00000000003526f0 [ 638.927801][T11318] Call Trace: [ 638.931104][T11318] [ 638.934107][T11318] ? is_bpf_text_address+0x26/0x2b0 [ 638.939450][T11318] ? __pfx_bpf_convert_ctx_access+0x10/0x10 [ 638.945637][T11318] ? __pfx_bpf_check+0x10/0x10 [ 638.950447][T11318] ? ktime_get_with_offset+0x8c/0x2a0 [ 638.956231][T11318] ? seqcount_lockdep_reader_access+0x123/0x1c0 [ 638.962651][T11318] ? ktime_get_with_offset+0x8c/0x2a0 [ 638.968064][T11318] ? __pfx_seqcount_lockdep_reader_access+0x10/0x10 [ 638.974757][T11318] ? __asan_memset+0x22/0x50 [ 638.979378][T11318] ? bpf_obj_name_cpy+0x194/0x1e0 [ 638.984559][T11318] ? bpf_lsm_bpf_prog_load+0x9/0x20 [ 638.989789][T11318] ? security_bpf_prog_load+0x7f/0x310 [ 638.995350][T11318] bpf_prog_load+0x1318/0x1930 [ 639.000184][T11318] ? __pfx_bpf_prog_load+0x10/0x10 [ 639.005399][T11318] ? bpf_lsm_bpf+0x9/0x20 [ 639.009791][T11318] ? security_bpf+0x7e/0x300 [ 639.014727][T11318] __sys_bpf+0x528/0x870 [ 639.019033][T11318] ? __pfx___sys_bpf+0x10/0x10 [ 639.023896][T11318] ? rcu_is_watching+0x15/0xb0 [ 639.028688][T11318] __x64_sys_bpf+0x7c/0x90 [ 639.033272][T11318] do_syscall_64+0xfa/0x3b0 [ 639.037805][T11318] ? lockdep_hardirqs_on+0x9c/0x150 [ 639.043076][T11318] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 639.049168][T11318] ? clear_bhb_loop+0x60/0xb0 [ 639.053935][T11318] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 639.059869][T11318] RIP: 0033:0x7f3bbbb8e929 [ 639.064340][T11318] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 639.084059][T11318] RSP: 002b:00007f3bbca5d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 639.092540][T11318] RAX: ffffffffffffffda RBX: 00007f3bbbdb6320 RCX: 00007f3bbbb8e929 [ 639.100536][T11318] RDX: 0000000000000094 RSI: 0000200000000000 RDI: 0000000000000005 [ 639.108717][T11318] RBP: 00007f3bbbc10b39 R08: 0000000000000000 R09: 0000000000000000 [ 639.117006][T11318] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 639.125029][T11318] R13: 0000000000000000 R14: 00007f3bbbdb6320 R15: 00007ffefbe72d48 [ 639.133109][T11318] [ 639.136143][T11318] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 639.143440][T11318] CPU: 0 UID: 0 PID: 11318 Comm: syz.0.1604 Not tainted 6.16.0-rc5-next-20250711-syzkaller #0 PREEMPT(full) [ 639.154995][T11318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 639.165048][T11318] Call Trace: [ 639.168338][T11318] [ 639.171284][T11318] dump_stack_lvl+0x99/0x250 [ 639.175914][T11318] ? __asan_memcpy+0x40/0x70 [ 639.180540][T11318] ? __pfx_dump_stack_lvl+0x10/0x10 [ 639.185759][T11318] ? __pfx__printk+0x10/0x10 [ 639.190416][T11318] vpanic+0x281/0x750 [ 639.194421][T11318] ? __pfx_vpanic+0x10/0x10 [ 639.198944][T11318] ? is_bpf_text_address+0x292/0x2b0 [ 639.204246][T11318] ? is_bpf_text_address+0x26/0x2b0 [ 639.209473][T11318] panic+0xb9/0xc0 [ 639.213212][T11318] ? __pfx_panic+0x10/0x10 [ 639.217652][T11318] __warn+0x334/0x4c0 [ 639.221658][T11318] ? bpf_check+0x1b6ec/0x1d2e0 [ 639.226444][T11318] ? bpf_check+0x1b6ec/0x1d2e0 [ 639.231215][T11318] report_bug+0x2be/0x4f0 [ 639.235569][T11318] ? bpf_check+0x1b6ec/0x1d2e0 [ 639.240355][T11318] ? bpf_check+0x1b6ec/0x1d2e0 [ 639.245138][T11318] ? bpf_check+0x1b6ee/0x1d2e0 [ 639.249915][T11318] handle_bug+0x84/0x160 [ 639.254267][T11318] exc_invalid_op+0x1a/0x50 [ 639.258816][T11318] asm_exc_invalid_op+0x1a/0x20 [ 639.263679][T11318] RIP: 0010:bpf_check+0x1b6ec/0x1d2e0 [ 639.269069][T11318] Code: 8b e8 68 6f af ff 90 0f 0b 90 90 e9 6b 60 ff ff e8 a9 a6 eb ff c6 05 a3 8b b9 0d 01 90 48 c7 c7 40 01 92 8b e8 45 6f af ff 90 <0f> 0b 90 90 e9 b5 bd ff ff e8 86 a6 eb ff c6 05 85 8b b9 0d 01 90 [ 639.288862][T11318] RSP: 0018:ffffc9001d95f600 EFLAGS: 00010246 [ 639.294958][T11318] RAX: 1040424f729de300 RBX: 0000000000000004 RCX: 0000000000080000 [ 639.302948][T11318] RDX: ffffc90011ecf000 RSI: 0000000000004289 RDI: 000000000000428a [ 639.310934][T11318] RBP: ffffc9001d95fb50 R08: 0000000000000003 R09: 0000000000000004 [ 639.318913][T11318] R10: dffffc0000000000 R11: fffffbfff1bfa4d8 R12: 0000000000000000 [ 639.326991][T11318] R13: dffffc0000000000 R14: ffff888048798000 R15: dffffc0000000000 [ 639.334981][T11318] ? is_bpf_text_address+0x26/0x2b0 [ 639.340221][T11318] ? __pfx_bpf_convert_ctx_access+0x10/0x10 [ 639.346176][T11318] ? __pfx_bpf_check+0x10/0x10 [ 639.350957][T11318] ? ktime_get_with_offset+0x8c/0x2a0 [ 639.356346][T11318] ? seqcount_lockdep_reader_access+0x123/0x1c0 [ 639.362599][T11318] ? ktime_get_with_offset+0x8c/0x2a0 [ 639.367996][T11318] ? __pfx_seqcount_lockdep_reader_access+0x10/0x10 [ 639.374605][T11318] ? __asan_memset+0x22/0x50 [ 639.379210][T11318] ? bpf_obj_name_cpy+0x194/0x1e0 [ 639.384253][T11318] ? bpf_lsm_bpf_prog_load+0x9/0x20 [ 639.389483][T11318] ? security_bpf_prog_load+0x7f/0x310 [ 639.394965][T11318] bpf_prog_load+0x1318/0x1930 [ 639.399753][T11318] ? __pfx_bpf_prog_load+0x10/0x10 [ 639.404897][T11318] ? bpf_lsm_bpf+0x9/0x20 [ 639.409229][T11318] ? security_bpf+0x7e/0x300 [ 639.413834][T11318] __sys_bpf+0x528/0x870 [ 639.418099][T11318] ? __pfx___sys_bpf+0x10/0x10 [ 639.422904][T11318] ? rcu_is_watching+0x15/0xb0 [ 639.427689][T11318] __x64_sys_bpf+0x7c/0x90 [ 639.432131][T11318] do_syscall_64+0xfa/0x3b0 [ 639.436665][T11318] ? lockdep_hardirqs_on+0x9c/0x150 [ 639.441879][T11318] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 639.448122][T11318] ? clear_bhb_loop+0x60/0xb0 [ 639.452822][T11318] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 639.458719][T11318] RIP: 0033:0x7f3bbbb8e929 [ 639.463139][T11318] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 639.482760][T11318] RSP: 002b:00007f3bbca5d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 639.491198][T11318] RAX: ffffffffffffffda RBX: 00007f3bbbdb6320 RCX: 00007f3bbbb8e929 [ 639.499202][T11318] RDX: 0000000000000094 RSI: 0000200000000000 RDI: 0000000000000005 [ 639.507203][T11318] RBP: 00007f3bbbc10b39 R08: 0000000000000000 R09: 0000000000000000 [ 639.515183][T11318] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 639.523336][T11318] R13: 0000000000000000 R14: 00007f3bbbdb6320 R15: 00007ffefbe72d48 [ 639.531343][T11318] [ 639.534746][T11318] Kernel Offset: disabled [ 639.539078][T11318] Rebooting in 86400 seconds..