last executing test programs: 1m21.927007531s ago: executing program 4 (id=463): add_key(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000140)={0x0, 0xdffffffe, 0x80, 0xffffffff, 0x0, "8100e1c8e80b598c36ff000800"}) r1 = syz_open_pts(r0, 0x141601) write(r1, &(0x7f0000000000)="d5", 0xfffffedf) ioctl$TCFLSH(r0, 0x540b, 0x2) 1m20.017804421s ago: executing program 0 (id=471): syz_open_dev$ttys(0xc, 0x2, 0x0) r0 = syz_open_dev$ptys(0xc, 0x3, 0x0) ioctl$TIOCSWINSZ(r0, 0x5414, 0x0) 1m18.987580626s ago: executing program 4 (id=472): kexec_load(0x0, 0x1, &(0x7f0000000000)=[{0x0, 0x0, 0x7ffdd000, 0x8000}], 0x320000) 1m18.7260849s ago: executing program 0 (id=473): r0 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0) write$sysctl(r0, &(0x7f0000000580)='1\x00', 0x2) write$sysctl(r0, &(0x7f00000000c0)='2\x00', 0x2) 1m18.584808313s ago: executing program 4 (id=475): r0 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000006040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001440)=@delchain={0x24, 0x64, 0x425, 0x70bd2c, 0x25dfdbff, {0x0, 0x0, 0x0, r1, {0x0, 0xfffb}, {}, {0xb, 0x7}}}, 0x24}, 0x1, 0x0, 0x0, 0x8808}, 0x40) 1m18.455428439s ago: executing program 4 (id=476): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) bind$pptp(0xffffffffffffffff, &(0x7f0000000200)={0x18, 0x2, {0xfeff, @local}}, 0x1e) 1m18.393418607s ago: executing program 0 (id=477): syz_emit_ethernet(0x3e, &(0x7f0000000880)={@local, @random="a22ccb570461", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @rand_addr=0x64010100, @remote}, @time_exceeded={0xb, 0x0, 0x0, 0x3, 0x2c, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x89, 0x0, @private=0x1, @local}}}}}}, 0x0) 1m18.314284675s ago: executing program 0 (id=478): pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x6, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0) 1m18.162047861s ago: executing program 4 (id=479): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_LIST(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000001c0)={0x1c, 0x7, 0x6, 0x401, 0x0, 0x0, {0x5, 0x0, 0xa}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20004055}, 0x48000) 1m16.641637459s ago: executing program 0 (id=482): r0 = socket$inet_sctp(0x2, 0x1, 0x84) add_key$fscrypt_v1(&(0x7f0000000440), &(0x7f0000000480)={'fscrypt:', @auto=[0x0, 0x0, 0x0, 0x62, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x32]}, &(0x7f00000004c0)={0x0, "3e82554dc8ccfbc2e85ec82d4ee9df60f6ae16b1a5f2c848722ba3b132e4fde178c945bd950b0477e801fc8a1be9b4ebbe9c2289a6b0aa00"}, 0x48, 0xfffffffffffffffe) setsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, 0x0, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/custom1\x00', 0x802, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) socket$nl_netfilter(0x10, 0x3, 0xc) r2 = syz_io_uring_setup(0x8d2, &(0x7f0000001400)={0x0, 0xd80e, 0x3010, 0xfffffffc}, &(0x7f00000001c0)=0x0, &(0x7f0000000080)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$KVM_XEN_HVM_CONFIG(r6, 0x4038ae7a, &(0x7f0000000040)={0x2, 0x40000105, 0x0, 0x0}) syz_open_dev$sndctrl(&(0x7f0000000100), 0x1, 0x0) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x4) ioctl$KVM_SET_CPUID2(r9, 0x4048aecb, &(0x7f0000000080)=ANY=[@ANYBLOB='\a']) ioctl$KVM_RUN(r9, 0xae80, 0x0) r10 = socket$igmp6(0xa, 0x3, 0x2) syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r10, 0x0, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0, 0x14008045, 0x1}) quotactl_fd$Q_QUOTAOFF(r2, 0xffffffff80000300, 0x0, 0x0) socket(0x10, 0x3, 0x0) io_uring_enter(r2, 0x47ba, 0x3e80, 0x0, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x20004880) 1m16.592530421s ago: executing program 4 (id=484): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000500)={'syzkaller0\x00', 0x7101}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa802, 0x0) close(r1) socket$netlink(0x10, 0x3, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast}) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0xb, 0xd}, {}, {0x8, 0xfff1}}}, 0x24}}, 0x40004) 1m11.304042382s ago: executing program 0 (id=490): setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000004a00010000000000000000000a", @ANYRES8], 0x24}}, 0x0) close(0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x11, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) timer_create(0x0, 0x0, &(0x7f0000bbdffc)) mount(&(0x7f0000000140)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080)='xfs\x00', 0x2208004, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(0xffffffffffffffff, &(0x7f0000000200)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c) setsockopt$inet6_IPV6_ADDRFORM(0xffffffffffffffff, 0x29, 0x1, &(0x7f0000000080), 0x4) setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f00000000c0), 0x4) sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=@newlink={0x40, 0x10, 0x44b, 0x0, 0x0, {0x7a, 0x0, 0x0, 0x0, 0x1840}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xfffffffffffffcad}}}, @IFLA_AF_SPEC={0xc, 0x1a, 0x0, 0x1, [@AF_INET6={0x0, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x0, 0x7, @mcast1}, @IFLA_INET6_ADDR_GEN_MODE={0x0, 0x8, 0x7}, @IFLA_INET6_ADDR_GEN_MODE={0x0, 0x8, 0x4}, @IFLA_INET6_TOKEN={0x0, 0x7, @mcast2}, @IFLA_INET6_TOKEN={0x0, 0x7, @remote}, @IFLA_INET6_ADDR_GEN_MODE={0x0, 0x8, 0x4}, @IFLA_INET6_TOKEN={0x0, 0x7, @loopback}]}, @AF_MPLS, @AF_BRIDGE, @AF_BRIDGE]}]}, 0x40}}, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) ioctl$HCIINQUIRY(r3, 0x400448ca, 0x0) unshare(0x40020000) 1m1.331837265s ago: executing program 32 (id=484): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000500)={'syzkaller0\x00', 0x7101}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa802, 0x0) close(r1) socket$netlink(0x10, 0x3, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast}) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0xb, 0xd}, {}, {0x8, 0xfff1}}}, 0x24}}, 0x40004) 55.752746306s ago: executing program 33 (id=490): setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000004a00010000000000000000000a", @ANYRES8], 0x24}}, 0x0) close(0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x11, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) timer_create(0x0, 0x0, &(0x7f0000bbdffc)) mount(&(0x7f0000000140)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080)='xfs\x00', 0x2208004, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(0xffffffffffffffff, &(0x7f0000000200)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c) setsockopt$inet6_IPV6_ADDRFORM(0xffffffffffffffff, 0x29, 0x1, &(0x7f0000000080), 0x4) setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f00000000c0), 0x4) sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=@newlink={0x40, 0x10, 0x44b, 0x0, 0x0, {0x7a, 0x0, 0x0, 0x0, 0x1840}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xfffffffffffffcad}}}, @IFLA_AF_SPEC={0xc, 0x1a, 0x0, 0x1, [@AF_INET6={0x0, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x0, 0x7, @mcast1}, @IFLA_INET6_ADDR_GEN_MODE={0x0, 0x8, 0x7}, @IFLA_INET6_ADDR_GEN_MODE={0x0, 0x8, 0x4}, @IFLA_INET6_TOKEN={0x0, 0x7, @mcast2}, @IFLA_INET6_TOKEN={0x0, 0x7, @remote}, @IFLA_INET6_ADDR_GEN_MODE={0x0, 0x8, 0x4}, @IFLA_INET6_TOKEN={0x0, 0x7, @loopback}]}, @AF_MPLS, @AF_BRIDGE, @AF_BRIDGE]}]}, 0x40}}, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) ioctl$HCIINQUIRY(r3, 0x400448ca, 0x0) unshare(0x40020000) 37.631578969s ago: executing program 1 (id=543): fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0) 35.478333353s ago: executing program 1 (id=546): pipe(&(0x7f00000000c0)) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) socket$inet6_tcp(0xa, 0x1, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) r0 = open(&(0x7f0000000380)='./bus\x00', 0xeb40, 0x11a) r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0) write$FUSE_NOTIFY_STORE(0xffffffffffffffff, &(0x7f0000000240)=ANY=[@ANYBLOB='+\x00\x00\x00', @ANYRES32=r0], 0x2b) sendfile(r1, r0, 0x0, 0x4000000053d2) 35.375467644s ago: executing program 1 (id=548): socket$netlink(0x10, 0x3, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000b00)={0x0, 0x0, 0x0}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14) sendmsg$nl_route(r0, 0x0, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r2 = syz_open_dev$vim2m(&(0x7f0000000040), 0x2, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1}) ioctl$vim2m_VIDIOC_QBUF(r2, 0xc044560f, &(0x7f00000001c0)=@mmap={0x0, 0x2, 0x4, 0x0, 0x0, {}, {}, 0x0, 0x1, {}, 0x2000000}) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r3, 0x8983, &(0x7f0000000040)={0x0, 'vxcan1\x00', {0x1}, 0xe}) ioctl$IOC_PR_RELEASE(0xffffffffffffffff, 0x401070ca, 0x0) r4 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_INIT(r4, 0x0, 0xc8, &(0x7f0000003d40), 0x4) ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, 0x0) setsockopt$MRT_ADD_VIF(r4, 0x0, 0xca, &(0x7f0000003d80)={0x0, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev}, 0x10) r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_ADD_VIF(r4, 0x0, 0xca, &(0x7f00000000c0)={0x3, 0x0, 0x2, 0x0, @vifc_lcl_addr=@loopback, @local}, 0x10) setsockopt$inet_mreq(r5, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8) syz_emit_ethernet(0x2a, &(0x7f0000000180)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x1000, 0x0, 0x80, 0x2, 0x0, @empty, @multicast1=0xe0000300}, @address_request={0x11, 0x0, 0x0, 0x6}}}}}, 0x0) setsockopt$MRT_ADD_MFC_PROXY(r6, 0x0, 0xd2, &(0x7f0000000200)={@empty, @multicast2=0xe0000300, 0x0, "028a3f6c58b274e6d8451697efe42811ee1df06e9264f7d866b1970548fc3c7b", 0xb2, 0xfffffff7, 0x4, 0x40000006}, 0x3c) syz_usbip_server_init(0x1) 29.3763528s ago: executing program 1 (id=550): r0 = socket$inet_sctp(0x2, 0x1, 0x84) r1 = dup(r0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x3, &(0x7f0000000300)=ANY=[], &(0x7f0000000280)='GPL\x00', 0xa, 0xb9, &(0x7f0000000140)=""/185, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$inet_smc(0x2b, 0x1, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x106, 0x2}}, 0x20) r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r5, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0x10}, 0x18) syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff) 28.202563486s ago: executing program 1 (id=552): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) sendto$packet(0xffffffffffffffff, &(0x7f0000000000)='O', 0x1, 0x0, 0x0, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r0, &(0x7f0000000000), 0xd) 28.073219199s ago: executing program 1 (id=554): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0xfbf, @empty}, 0x1c) listen(r0, 0x0) fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000) mount$9p_tcp(&(0x7f0000000640), &(0x7f0000000680)='.\x00', &(0x7f00000006c0), 0x8010, &(0x7f00000000c0)=ANY=[@ANYBLOB='trans=tcp,port=0x0000000000004e22']) 22.525834491s ago: executing program 2 (id=558): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket$netlink(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000400)=@newqdisc={0x34, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r3, {0xffff}, {0xffff, 0xffff}, {0x2, 0xa}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x400dc}, 0x0) 15.545208988s ago: executing program 2 (id=566): shmget$private(0x0, 0x4000, 0x800, &(0x7f0000007000/0x4000)=nil) 15.467255882s ago: executing program 2 (id=567): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f00000000c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x5000000, 0xc, 0xc, 0x2, [@struct={0x5, 0x0, 0x0, 0xf, 0x0, 0x5}]}}, 0x0, 0x26, 0x0, 0xa}, 0x28) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8000, 0x20000000019}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) pipe2(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) write$binfmt_script(r3, &(0x7f0000000080)={'#! ', './file0'}, 0xfffffffe) r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='mlxsw_sp_acl_tcam_vregion_migrate\x00', r2, 0x0, 0xffffffffffffffff}, 0x18) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000280)={r0, r4, 0x0, 0x2, &(0x7f0000000240)=']\x00'}, 0x30) write$binfmt_misc(r3, &(0x7f0000000100)="87534757ab", 0x5) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r5, &(0x7f00000010c0)=""/102400, 0x19000) eventfd(0xfffffff9) socket$inet_udp(0x2, 0x2, 0x0) syz_pidfd_open(r1, 0x0) r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r6, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port0\x00', 0x72, 0x11cfa, 0x0, 0x8000008, 0x3, 0x4, 0x1, 0x0, 0x7cce8c743ee810df}) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0) read(r6, &(0x7f0000000840)=""/40, 0x28) mount_setattr(0xffffffffffffff9c, &(0x7f0000000180)='.\x00', 0x0, &(0x7f00000001c0)={0x8, 0x74, 0x80000}, 0x20) 13.691945689s ago: executing program 2 (id=568): writev(0xffffffffffffffff, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x7fff, 0x0, 0x1}}, 0x40) r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0) r2 = eventfd(0x0) ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r2) ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000540)=""/67, 0x0, 0x4}) ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/70, 0x100000}) ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0x73, &(0x7f00000001c0)=""/115}]}) ioctl$VHOST_SET_VRING_ERR(r1, 0x4008af22, &(0x7f00000002c0)={0x1, r2}) ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x1) 12.876818839s ago: executing program 34 (id=554): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0xfbf, @empty}, 0x1c) listen(r0, 0x0) fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000) mount$9p_tcp(&(0x7f0000000640), &(0x7f0000000680)='.\x00', &(0x7f00000006c0), 0x8010, &(0x7f00000000c0)=ANY=[@ANYBLOB='trans=tcp,port=0x0000000000004e22']) 12.825990101s ago: executing program 2 (id=571): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) semctl$GETPID(0x0, 0x3, 0xb, 0x0) bind$alg(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) 11.623142845s ago: executing program 2 (id=572): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000700), 0xffffffffffffffff) recvmmsg(r0, &(0x7f0000001a00)=[{{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000540)=""/143, 0x8f}, {&(0x7f00000007c0)=""/190, 0xbe}, {&(0x7f0000000880)=""/139, 0x8b}, {&(0x7f0000000940)=""/200, 0xc8}, {&(0x7f0000002f00)=""/4094, 0xffe}], 0x5}, 0xc}], 0x1, 0x40010080, 0x0) sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000080)=ANY=[@ANYBLOB="18000000", @ANYRES16=r1, @ANYBLOB="030704707900000000000100040004000180"], 0x18}}, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r0) 1.58595992s ago: executing program 3 (id=591): openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0) 1.485042119s ago: executing program 3 (id=592): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26}, 0x20) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0) ioctl$sock_SIOCSIFVLAN_SET_VLAN_NAME_TYPE_CMD(0xffffffffffffffff, 0x8983, &(0x7f0000000000)={0x6, 'wlan1\x00', {}, 0x108}) r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x0, 0x10000, 0x2, 0x4002004c4, 0xffe, 0x0, 0x0, 0xfffffffffffffffd, 0x900f, 0x0, 0xd57b, 0x0, 0x7], 0xeeee8000, 0x2113c0}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 1.28118458s ago: executing program 3 (id=593): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00'}) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)=ANY=[], 0x50}, 0x1, 0xba01}, 0x0) 1.169745963s ago: executing program 3 (id=594): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) connect$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe) sendmsg(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000036c0)=[{&(0x7f00000004c0)}], 0x1}, 0x24008800) 1.085321893s ago: executing program 3 (id=595): prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) bind$inet(0xffffffffffffffff, &(0x7f0000000400)={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='rcu_utilization\x00'}, 0x18) r3 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r3, 0x0, 0x27, &(0x7f0000000740)={@multicast2, @loopback}, 0xc) setsockopt$inet_msfilter(r3, 0x0, 0x29, &(0x7f00000000c0)={@multicast2, @loopback, 0x0, 0x1, [@rand_addr=0x64010100]}, 0x14) 0s ago: executing program 3 (id=596): r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4e24, 0x3, @dev={0xfe, 0x80, '\x00', 0x3c}, 0x3}, 0x1c) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x10, 0xe, &(0x7f0000000b00)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x3, 0x0, 0x7fffffff}]}) select(0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)) r1 = socket$nl_route(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2) openat$random(0xffffffffffffff9c, 0x0, 0x80100, 0x0) timer_create(0x5, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) socket(0x10, 0x2, 0x0) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@ipv6_getroute={0x24, 0x1a, 0x1, 0x0, 0x0, {}, [@RTA_OIF={0x8, 0x19}]}, 0x24}, 0x1, 0x0, 0x0, 0x20044810}, 0x0) r3 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r3, 0xc1105517, 0x0) sendmmsg$inet6(r0, &(0x7f0000001980)=[{{&(0x7f0000000100)={0xa, 0x4e20, 0x0, @dev={0xfe, 0x80, '\x00', 0x64}, 0x10}, 0x1c, 0x0}}], 0x40000000000024e, 0x20002040) ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000000000)) kernel console output (not intermixed with test programs): 0] type 2 family 0 port 6081 - 0 [ 100.361104][ T1465] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.418261][ T1465] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.443330][ T5816] veth1_vlan: entered promiscuous mode [ 100.462473][ T5813] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 100.558966][ T5813] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 100.617655][ T160] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.617676][ T160] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.834067][ T1465] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.863680][ T1465] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.866114][ T1465] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.580094][ T1465] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.656694][ T1123] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.656713][ T1123] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.712376][ T5921] PKCS7: Unknown OID: [5] (bad) [ 101.712399][ T5921] PKCS7: Only support pkcs7_signedData type [ 101.831621][ T1135] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.831641][ T1135] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.840627][ T5816] veth0_macvtap: entered promiscuous mode [ 101.924874][ T5816] veth1_macvtap: entered promiscuous mode [ 101.997360][ T5924] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 102.012538][ T1135] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.012557][ T1135] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.028348][ T10] usb 1-1: new full-speed USB device number 2 using dummy_hcd [ 102.171666][ T5816] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 102.180154][ T1135] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.180173][ T1135] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.205797][ T5816] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 102.233780][ T10] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA4, changing to 0x84 [ 102.233816][ T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid maxpacket 47999, setting to 64 [ 102.233845][ T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 102.242413][ T10] usb 1-1: New USB device found, idVendor=1bc7, idProduct=1040, bcdDevice=b5.b1 [ 102.242444][ T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 102.242464][ T10] usb 1-1: Product: syz [ 102.242478][ T10] usb 1-1: Manufacturer: syz [ 102.242493][ T10] usb 1-1: SerialNumber: syz [ 102.294783][ T10] usb 1-1: config 0 descriptor?? [ 102.344360][ T5921] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 103.176734][ T1135] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.180379][ T1135] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.189595][ T1135] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.208289][ T1135] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.211204][ T10] option 1-1:0.0: GSM modem (1-port) converter detected [ 103.260596][ T10] usb 1-1: USB disconnect, device number 2 [ 103.281047][ T10] option 1-1:0.0: device disconnected [ 103.402853][ T1465] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 103.402878][ T1465] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 105.113751][ T93] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 105.113771][ T93] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 105.917803][ T5866] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 106.108766][ T5866] usb 2-1: Using ep0 maxpacket: 8 [ 106.113350][ T5866] usb 2-1: unable to get BOS descriptor or descriptor too short [ 106.114867][ T5866] usb 2-1: config 9 has an invalid interface number: 156 but max is 0 [ 106.114892][ T5866] usb 2-1: config 9 has no interface number 0 [ 106.114925][ T5866] usb 2-1: config 9 interface 156 has no altsetting 0 [ 106.155669][ T5866] usb 2-1: New USB device found, idVendor=04e8, idProduct=6889, bcdDevice=99.8b [ 106.155699][ T5866] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 106.155719][ T5866] usb 2-1: Product: syz [ 106.155734][ T5866] usb 2-1: Manufacturer: syz [ 106.155748][ T5866] usb 2-1: SerialNumber: syz [ 106.326236][ T58] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 106.326255][ T58] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 106.659769][ T5910] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 106.703772][ T5957] bond0: option ad_select: unable to set because the bond device is up [ 106.809027][ T5910] usb 1-1: Using ep0 maxpacket: 8 [ 106.816294][ T5910] usb 1-1: config 0 has an invalid interface number: 52 but max is 0 [ 106.816320][ T5910] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 106.816339][ T5910] usb 1-1: config 0 has no interface number 0 [ 106.816389][ T5910] usb 1-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 106.816416][ T5910] usb 1-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 106.816442][ T5910] usb 1-1: config 0 interface 52 has no altsetting 0 [ 106.821438][ T5910] usb 1-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice=e8.00 [ 106.821466][ T5910] usb 1-1: New USB device strings: Mfr=22, Product=0, SerialNumber=0 [ 106.821485][ T5910] usb 1-1: Manufacturer: syz [ 106.890914][ T5910] usb 1-1: config 0 descriptor?? [ 107.346096][ T5910] input: syz as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.52/input/input5 [ 107.668799][ T5866] kalmia 2-1:9.156: probe with driver kalmia failed with error -22 [ 107.705792][ T5866] option 2-1:9.156: GSM modem (1-port) converter detected [ 107.815755][ T5866] usb 2-1: USB disconnect, device number 2 [ 107.841960][ T5866] option 2-1:9.156: device disconnected [ 108.325234][ C0] vkms_vblank_simulate: vblank timer overrun [ 109.154233][ C0] vkms_vblank_simulate: vblank timer overrun [ 109.455513][ T5873] usb 1-1: USB disconnect, device number 3 [ 109.455527][ C1] synaptics_usb 1-1:0.52: synusb_irq - usb_submit_urb failed with result: -19 [ 109.838132][ C0] vkms_vblank_simulate: vblank timer overrun [ 110.632306][ C0] vkms_vblank_simulate: vblank timer overrun [ 110.738439][ T5987] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 110.915852][ C0] vkms_vblank_simulate: vblank timer overrun [ 111.107827][ C0] vkms_vblank_simulate: vblank timer overrun [ 111.846633][ T31] usb 4-1: new full-speed USB device number 2 using dummy_hcd [ 113.127408][ T31] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 113.131098][ T31] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 113.131126][ T31] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 113.131146][ T31] usb 4-1: SerialNumber: syz [ 113.788997][ T31] cdc_acm 4-1:1.0: skipping garbage [ 113.790858][ T31] cdc_acm 4-1:1.0: probe with driver cdc_acm failed with error -12 [ 114.056286][ T5873] usb 4-1: USB disconnect, device number 2 [ 115.246546][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 115.246588][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 115.246622][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 115.246655][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 115.246687][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 115.246720][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 115.246758][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 115.246791][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 115.246824][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 115.246857][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 120.944713][ T5873] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 121.136975][ T5873] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 121.137003][ T5873] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0 [ 121.137027][ T5873] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 121.137065][ T5873] usb 3-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b [ 121.137089][ T5873] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 121.218885][ T5873] usb 3-1: config 0 descriptor?? [ 121.254235][ T5873] hdpvr 3-1:0.0: Could not find bulk-in endpoint [ 121.254334][ T5873] hdpvr 3-1:0.0: probe with driver hdpvr failed with error -12 [ 121.361919][ T37] audit: type=1326 audit(1762300078.436:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6064 comm="syz.0.38" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71948ff6c9 code=0x7ffc0000 [ 121.361974][ T37] audit: type=1326 audit(1762300078.436:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6064 comm="syz.0.38" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71948ff6c9 code=0x7ffc0000 [ 121.362015][ T37] audit: type=1326 audit(1762300078.446:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6064 comm="syz.0.38" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7f71948ff6c9 code=0x7ffc0000 [ 121.440031][ T37] audit: type=1326 audit(1762300078.526:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6064 comm="syz.0.38" exe="/root/syz-executor" sig=0 arch=c000003e syscall=96 compat=0 ip=0xffffffffff600000 code=0x7ffc0000 [ 121.440079][ T37] audit: type=1326 audit(1762300078.526:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6064 comm="syz.0.38" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71948ff6c9 code=0x7ffc0000 [ 121.440119][ T37] audit: type=1326 audit(1762300078.526:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6064 comm="syz.0.38" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71948ff6c9 code=0x7ffc0000 [ 121.450040][ T44] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 121.926001][ T37] audit: type=1326 audit(1762300078.636:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6064 comm="syz.0.38" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f71948ff6c9 code=0x7ffc0000 [ 121.926301][ T37] audit: type=1326 audit(1762300078.636:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6064 comm="syz.0.38" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71948ff6c9 code=0x7ffc0000 [ 121.927278][ T37] audit: type=1326 audit(1762300078.636:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6064 comm="syz.0.38" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71948ff6c9 code=0x7ffc0000 [ 122.323074][ T44] usb 4-1: Using ep0 maxpacket: 16 [ 122.325633][ T44] usb 4-1: config 0 has an invalid interface number: 48 but max is 0 [ 122.325657][ T44] usb 4-1: config 0 has no interface number 0 [ 122.325687][ T44] usb 4-1: config 0 interface 48 has no altsetting 0 [ 122.332129][ T37] audit: type=1326 audit(1762300079.416:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6064 comm="syz.0.38" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f71948ff6c9 code=0x7ffc0000 [ 122.417570][ T44] usb 4-1: New USB device found, idVendor=1199, idProduct=b000, bcdDevice=a8.98 [ 122.417600][ T44] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=24 [ 122.417620][ T44] usb 4-1: Product: syz [ 122.417634][ T44] usb 4-1: Manufacturer: syz [ 122.417649][ T44] usb 4-1: SerialNumber: syz [ 122.428699][ T44] usb 4-1: config 0 descriptor?? [ 122.655220][ T6052] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 122.655803][ T6052] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 122.680748][ T992] usb 3-1: USB disconnect, device number 2 [ 122.776603][ T9] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 122.813136][ T6060] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 122.813678][ T6060] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 122.835461][ T6060] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 122.836040][ T6060] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 122.854492][ T6060] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 122.855085][ T6060] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 122.916745][ T9] usb 1-1: device descriptor read/64, error -71 [ 122.975133][ T5910] usb 4-1: USB disconnect, device number 3 [ 122.993041][ T6079] warning: `syz.4.42' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 123.018745][ T6079] smc: net device bond0 applied user defined pnetid S [ 123.186811][ T9] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 123.327514][ T9] usb 1-1: device descriptor read/64, error -71 [ 123.453858][ T9] usb usb1-port1: attempt power cycle [ 124.550586][ C0] vkms_vblank_simulate: vblank timer overrun [ 124.585739][ T61] Bluetooth: hci0: SCO packet for unknown connection handle 0 [ 124.606678][ T9] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 124.636980][ T9] usb 1-1: device descriptor read/8, error -71 [ 125.234706][ C0] vkms_vblank_simulate: vblank timer overrun [ 126.178758][ C0] vkms_vblank_simulate: vblank timer overrun [ 126.338130][ C0] vkms_vblank_simulate: vblank timer overrun [ 126.510201][ T6104] netlink: 'syz.0.49': attribute type 1 has an invalid length. [ 126.548224][ T6104] Zero length message leads to an empty skb [ 126.627392][ C0] vkms_vblank_simulate: vblank timer overrun [ 127.446729][ C0] vkms_vblank_simulate: vblank timer overrun [ 127.942536][ C0] vkms_vblank_simulate: vblank timer overrun [ 129.003417][ T37] kauditd_printk_skb: 73 callbacks suppressed [ 129.003435][ T37] audit: type=1326 audit(1762300086.046:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6116 comm="syz.2.52" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde67f4f6c9 code=0x7ffc0000 [ 129.003478][ T37] audit: type=1326 audit(1762300086.046:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6116 comm="syz.2.52" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde67f4f6c9 code=0x7ffc0000 [ 129.003519][ T37] audit: type=1326 audit(1762300086.046:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6116 comm="syz.2.52" exe="/root/syz-executor" sig=0 arch=c000003e syscall=305 compat=0 ip=0x7fde67f4f6c9 code=0x7ffc0000 [ 129.003565][ T37] audit: type=1326 audit(1762300086.064:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6116 comm="syz.2.52" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde67f4f6c9 code=0x7ffc0000 [ 129.003612][ T37] audit: type=1326 audit(1762300086.064:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6116 comm="syz.2.52" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde67f4f6c9 code=0x7ffc0000 [ 129.003652][ T37] audit: type=1326 audit(1762300086.064:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6116 comm="syz.2.52" exe="/root/syz-executor" sig=0 arch=c000003e syscall=327 compat=0 ip=0x7fde67f4f6c9 code=0x7ffc0000 [ 129.003692][ T37] audit: type=1326 audit(1762300086.084:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6116 comm="syz.2.52" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde67f4f6c9 code=0x7ffc0000 [ 129.003732][ T37] audit: type=1326 audit(1762300086.084:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6116 comm="syz.2.52" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde67f4f6c9 code=0x7ffc0000 [ 129.291559][ T37] audit: type=1326 audit(1762300086.374:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6116 comm="syz.2.52" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fde67f4f6c9 code=0x7ffc0000 [ 129.291610][ T37] audit: type=1326 audit(1762300086.374:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6116 comm="syz.2.52" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde67f4f6c9 code=0x7ffc0000 [ 132.368673][ T6140] QAT: failed to copy from user cfg_data. [ 132.533416][ T6149] 9pnet_fd: Insufficient options for proto=fd [ 132.753144][ T1324] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.753238][ T1324] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.415325][ T6151] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 133.446508][ C0] vkms_vblank_simulate: vblank timer overrun [ 134.799484][ C0] vkms_vblank_simulate: vblank timer overrun [ 134.879919][ T9] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 135.056294][ T9] usb 2-1: Using ep0 maxpacket: 16 [ 135.090142][ T9] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 135.090201][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0 [ 135.090224][ T9] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 0 [ 135.090248][ T9] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 135.100352][ T9] usb 2-1: New USB device found, idVendor=04d8, idProduct=0a30, bcdDevice=ce.47 [ 135.100381][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 135.100403][ T9] usb 2-1: Product: syz [ 135.100417][ T9] usb 2-1: Manufacturer: syz [ 135.100432][ T9] usb 2-1: SerialNumber: syz [ 135.180592][ T9] usb 2-1: config 0 descriptor?? [ 135.190896][ T9] mcba_usb 2-1:0.0: Can't find endpoints [ 135.385454][ T37] kauditd_printk_skb: 58 callbacks suppressed [ 135.385471][ T37] audit: type=1326 audit(1762300092.612:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6143 comm="syz.3.64" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb91dcef6c9 code=0x7ffc0000 [ 135.385515][ T37] audit: type=1326 audit(1762300092.622:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6143 comm="syz.3.64" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb91dcef6c9 code=0x7ffc0000 [ 135.413648][ T37] audit: type=1326 audit(1762300092.653:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6143 comm="syz.3.64" exe="/root/syz-executor" sig=0 arch=c000003e syscall=40 compat=0 ip=0x7fb91dcef6c9 code=0x7ffc0000 [ 135.413698][ T37] audit: type=1326 audit(1762300092.653:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6143 comm="syz.3.64" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb91dcef6c9 code=0x7ffc0000 [ 135.413735][ T37] audit: type=1326 audit(1762300092.653:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6143 comm="syz.3.64" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fb91dcef6c9 code=0x7ffc0000 [ 135.413772][ T37] audit: type=1326 audit(1762300092.653:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6143 comm="syz.3.64" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb91dcef6c9 code=0x7ffc0000 [ 135.413812][ T37] audit: type=1326 audit(1762300092.653:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6143 comm="syz.3.64" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fb91dcef6c9 code=0x7ffc0000 [ 135.413851][ T37] audit: type=1326 audit(1762300092.653:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6143 comm="syz.3.64" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb91dcef6c9 code=0x7ffc0000 [ 135.441207][ T37] audit: type=1326 audit(1762300092.683:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6143 comm="syz.3.64" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb91dcef6c9 code=0x7ffc0000 [ 135.460040][ T5887] usb 2-1: USB disconnect, device number 3 [ 135.662328][ T5866] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 135.751118][ T44] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 135.828729][ T5866] usb 5-1: Using ep0 maxpacket: 32 [ 135.832225][ T5866] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 135.832257][ T5866] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 135.832288][ T5866] usb 5-1: New USB device found, idVendor=0e8f, idProduct=0003, bcdDevice= 0.00 [ 135.832300][ T5866] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 135.836162][ T5866] usb 5-1: config 0 descriptor?? [ 135.909412][ T44] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 113, changing to 10 [ 135.909446][ T44] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 33024, setting to 1024 [ 135.909489][ T44] usb 3-1: New USB device found, idVendor=046d, idProduct=c626, bcdDevice= 0.00 [ 135.909510][ T44] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 135.938886][ T44] usb 3-1: config 0 descriptor?? [ 135.964077][ T5887] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 136.112630][ T5887] usb 1-1: Using ep0 maxpacket: 16 [ 136.119353][ T5887] usb 1-1: config 0 has an invalid interface number: 48 but max is 0 [ 136.119380][ T5887] usb 1-1: config 0 has no interface number 0 [ 136.119414][ T5887] usb 1-1: config 0 interface 48 has no altsetting 0 [ 136.126950][ T5887] usb 1-1: New USB device found, idVendor=1199, idProduct=b000, bcdDevice=a8.98 [ 136.126979][ T5887] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=24 [ 136.126999][ T5887] usb 1-1: Product: syz [ 136.127013][ T5887] usb 1-1: Manufacturer: syz [ 136.127037][ T5887] usb 1-1: SerialNumber: syz [ 136.189105][ T5887] usb 1-1: config 0 descriptor?? [ 136.302416][ T5866] pantherlord 0003:0E8F:0003.0001: hidraw0: USB HID v0.00 Device [HID 0e8f:0003] on usb-dummy_hcd.4-1/input0 [ 136.302450][ T5866] pantherlord 0003:0E8F:0003.0001: no output reports found [ 136.405152][ T6181] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 136.405683][ T6181] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 136.411761][ T6181] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 136.412300][ T6181] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 136.432361][ T44] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 136.482841][ T5969] usb 1-1: USB disconnect, device number 8 [ 136.690409][ T44] usb 2-1: Using ep0 maxpacket: 16 [ 136.692430][ T44] usb 2-1: config 0 has an invalid interface number: 48 but max is 0 [ 136.692456][ T44] usb 2-1: config 0 has no interface number 0 [ 136.692485][ T44] usb 2-1: config 0 interface 48 has no altsetting 0 [ 136.695199][ T44] usb 2-1: New USB device found, idVendor=1199, idProduct=b000, bcdDevice=a8.98 [ 136.695225][ T44] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=24 [ 136.695245][ T44] usb 2-1: Product: syz [ 136.695253][ T44] usb 2-1: Manufacturer: syz [ 136.695261][ T44] usb 2-1: SerialNumber: syz [ 136.912312][ T44] usb 2-1: config 0 descriptor?? [ 137.509283][ T44] usb 5-1: USB disconnect, device number 2 [ 137.749094][ T6185] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 137.750851][ T6185] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 137.777830][ T6185] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 137.787746][ T6185] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 137.801609][ T6185] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 137.802160][ T6185] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 137.945023][ T6198] overlayfs: workdir and upperdir must be separate subtrees [ 138.083242][ T5866] usb 2-1: USB disconnect, device number 4 [ 139.105118][ T5866] usb 3-1: USB disconnect, device number 4 [ 139.331448][ T6213] netlink: 100 bytes leftover after parsing attributes in process `syz.0.85'. [ 139.402198][ T6215] cgroup: release_agent respecified [ 139.469758][ T6215] netlink: 12 bytes leftover after parsing attributes in process `syz.4.86'. [ 140.421785][ T37] audit: type=1326 audit(1762300097.748:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6248 comm="syz.1.96" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0efa6ff6c9 code=0x7ffc0000 [ 140.422525][ T37] audit: type=1326 audit(1762300097.748:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6248 comm="syz.1.96" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0efa6ff6c9 code=0x7ffc0000 [ 140.423601][ T37] audit: type=1326 audit(1762300097.758:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6248 comm="syz.1.96" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f0efa6ff6c9 code=0x7ffc0000 [ 140.423796][ T37] audit: type=1326 audit(1762300097.758:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6248 comm="syz.1.96" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0efa6ff6c9 code=0x7ffc0000 [ 140.423934][ T37] audit: type=1326 audit(1762300097.758:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6248 comm="syz.1.96" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0efa6ff6c9 code=0x7ffc0000 [ 140.424839][ T37] audit: type=1326 audit(1762300097.758:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6248 comm="syz.1.96" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f0efa6ff6c9 code=0x7ffc0000 [ 140.449636][ T37] audit: type=1326 audit(1762300097.779:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6248 comm="syz.1.96" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0efa6ff6c9 code=0x7ffc0000 [ 140.452605][ T37] audit: type=1326 audit(1762300097.779:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6248 comm="syz.1.96" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0efa6ff6c9 code=0x7ffc0000 [ 140.455709][ T37] audit: type=1326 audit(1762300097.789:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6248 comm="syz.1.96" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f0efa6ff6c9 code=0x7ffc0000 [ 140.455751][ T37] audit: type=1326 audit(1762300097.789:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6248 comm="syz.1.96" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0efa6ff6c9 code=0x7ffc0000 [ 140.814220][ C1] vkms_vblank_simulate: vblank timer overrun [ 141.009211][ C1] vkms_vblank_simulate: vblank timer overrun [ 141.166667][ C1] vkms_vblank_simulate: vblank timer overrun [ 141.487957][ C1] vkms_vblank_simulate: vblank timer overrun [ 141.797850][ C1] vkms_vblank_simulate: vblank timer overrun [ 141.809080][ T6273] Bluetooth: MGMT ver 1.23 [ 142.199540][ T6249] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 142.519594][ C1] vkms_vblank_simulate: vblank timer overrun [ 143.255116][ C1] vkms_vblank_simulate: vblank timer overrun [ 144.106948][ C1] vkms_vblank_simulate: vblank timer overrun [ 144.220228][ C1] vkms_vblank_simulate: vblank timer overrun [ 144.389715][ T6295] XFS (nbd2): SB validate failed with error -5. [ 144.652542][ C1] vkms_vblank_simulate: vblank timer overrun [ 145.411051][ C1] vkms_vblank_simulate: vblank timer overrun [ 145.587078][ C1] vkms_vblank_simulate: vblank timer overrun [ 145.755884][ C1] vkms_vblank_simulate: vblank timer overrun [ 146.095753][ C1] vkms_vblank_simulate: vblank timer overrun [ 146.320085][ C1] vkms_vblank_simulate: vblank timer overrun [ 146.744420][ C1] vkms_vblank_simulate: vblank timer overrun [ 147.431597][ T5866] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 147.570227][ T31] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 147.585056][ T5866] usb 1-1: config 160 has an invalid interface number: 200 but max is 0 [ 147.585161][ T5866] usb 1-1: config 160 has no interface number 0 [ 147.585364][ T5866] usb 1-1: config 160 interface 200 has no altsetting 0 [ 147.594331][ T5866] usb 1-1: New USB device found, idVendor=21bb, idProduct=2070, bcdDevice=87.0b [ 147.594360][ T5866] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 147.594378][ T5866] usb 1-1: Product: syz [ 147.594392][ T5866] usb 1-1: Manufacturer: syz [ 147.594406][ T5866] usb 1-1: SerialNumber: syz [ 147.718767][ T31] usb 3-1: Using ep0 maxpacket: 16 [ 147.721246][ T31] usb 3-1: config 0 has an invalid interface number: 48 but max is 0 [ 147.721272][ T31] usb 3-1: config 0 has no interface number 0 [ 147.721304][ T31] usb 3-1: config 0 interface 48 has no altsetting 0 [ 147.726195][ T31] usb 3-1: New USB device found, idVendor=1199, idProduct=b000, bcdDevice=a8.98 [ 147.726222][ T31] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=24 [ 147.726241][ T31] usb 3-1: Product: syz [ 147.726255][ T31] usb 3-1: Manufacturer: syz [ 147.726270][ T31] usb 3-1: SerialNumber: syz [ 147.793379][ T31] usb 3-1: config 0 descriptor?? [ 148.839551][ T6333] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 148.842660][ T6333] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 148.908713][ T9] usb 3-1: USB disconnect, device number 5 [ 149.086388][ T5866] usb 1-1: Quirk or no altset; falling back to MIDI 1.0 [ 149.086499][ T5866] usb 1-1: MIDIStreaming interface descriptor not found [ 149.401949][ T5866] usb 1-1: USB disconnect, device number 9 [ 149.532091][ T5956] udevd[5956]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:160.200/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 157.717360][ T6418] process 'syz.1.146' launched './file2' with NULL argv: empty string added [ 158.740434][ T61] Bluetooth: hci4: SCO packet for unknown connection handle 0 [ 160.869825][ T6444] overlayfs: failed to resolve './file0': -2 [ 162.344077][ T37] kauditd_printk_skb: 13 callbacks suppressed [ 162.344096][ T37] audit: type=1326 audit(1762300119.776:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6461 comm="syz.0.158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71948ff6c9 code=0x7ffc0000 [ 162.344139][ T37] audit: type=1326 audit(1762300119.776:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6461 comm="syz.0.158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71948ff6c9 code=0x7ffc0000 [ 162.344177][ T37] audit: type=1326 audit(1762300119.786:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6461 comm="syz.0.158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=305 compat=0 ip=0x7f71948ff6c9 code=0x7ffc0000 [ 162.344215][ T37] audit: type=1326 audit(1762300119.795:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6461 comm="syz.0.158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71948ff6c9 code=0x7ffc0000 [ 162.344266][ T37] audit: type=1326 audit(1762300119.795:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6461 comm="syz.0.158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71948ff6c9 code=0x7ffc0000 [ 162.344304][ T37] audit: type=1326 audit(1762300119.795:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6461 comm="syz.0.158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=327 compat=0 ip=0x7f71948ff6c9 code=0x7ffc0000 [ 162.344342][ T37] audit: type=1326 audit(1762300119.815:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6461 comm="syz.0.158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71948ff6c9 code=0x7ffc0000 [ 162.344469][ T37] audit: type=1326 audit(1762300119.815:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6461 comm="syz.0.158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71948ff6c9 code=0x7ffc0000 [ 162.347747][ T37] audit: type=1326 audit(1762300119.865:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6461 comm="syz.0.158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f71948ff6c9 code=0x7ffc0000 [ 162.347794][ T37] audit: type=1326 audit(1762300119.865:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6461 comm="syz.0.158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71948ff6c9 code=0x7ffc0000 [ 163.028590][ T6472] usb usb8: usbfs: process 6472 (syz.2.163) did not claim interface 0 before use [ 163.503246][ T9] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 164.224239][ T9] usb 1-1: device descriptor read/64, error -71 [ 164.484485][ T9] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 164.640145][ T9] usb 1-1: device descriptor read/64, error -71 [ 164.656980][ T6489] QAT: failed to copy from user cfg_data. [ 164.757504][ T9] usb usb1-port1: attempt power cycle [ 165.024873][ T5961] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 165.213191][ T5961] usb 2-1: device descriptor read/64, error -71 [ 165.550582][ T5961] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 165.984244][ T5961] usb 2-1: device descriptor read/64, error -71 [ 166.176157][ T5961] usb usb2-port1: attempt power cycle [ 166.484687][ C0] vkms_vblank_simulate: vblank timer overrun [ 166.530230][ T5961] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 166.530606][ C0] vkms_vblank_simulate: vblank timer overrun [ 166.561633][ T5961] usb 2-1: device descriptor read/8, error -71 [ 166.673292][ C0] vkms_vblank_simulate: vblank timer overrun [ 167.402293][ C0] vkms_vblank_simulate: vblank timer overrun [ 167.415398][ T5961] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 167.444743][ T6515] overlayfs: workdir and upperdir must be separate subtrees [ 167.665762][ T5961] usb 2-1: device descriptor read/8, error -71 [ 167.774555][ T5961] usb usb2-port1: unable to enumerate USB device [ 168.075580][ T5910] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 168.220789][ T5910] usb 3-1: Using ep0 maxpacket: 16 [ 168.223237][ T5910] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 168.223265][ T5910] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 168.223301][ T5910] usb 3-1: New USB device found, idVendor=1b1c, idProduct=1b02, bcdDevice= 0.00 [ 168.223324][ T5910] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 168.510443][ T5910] usb 3-1: config 0 descriptor?? [ 169.299172][ T61] Bluetooth: hci1: SCO packet for unknown connection handle 0 [ 169.421442][ C0] vkms_vblank_simulate: vblank timer overrun [ 169.701309][ T6550] FAULT_INJECTION: forcing a failure. [ 169.701309][ T6550] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 169.701370][ T6550] CPU: 0 UID: 0 PID: 6550 Comm: syz.0.190 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 169.701391][ T6550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 169.701409][ T6550] Call Trace: [ 169.701419][ T6550] [ 169.701428][ T6550] dump_stack_lvl+0x189/0x250 [ 169.701464][ T6550] ? __pfx____ratelimit+0x10/0x10 [ 169.701488][ T6550] ? __pfx_dump_stack_lvl+0x10/0x10 [ 169.701521][ T6550] ? __pfx__printk+0x10/0x10 [ 169.701557][ T6550] should_fail_ex+0x46c/0x600 [ 169.701587][ T6550] strncpy_from_user+0x36/0x290 [ 169.701613][ T6550] getname_flags+0xf3/0x540 [ 169.701644][ T6550] user_path_at+0x24/0x60 [ 169.701664][ T6550] do_fchmodat+0xef/0x200 [ 169.701687][ T6550] ? __pfx_do_fchmodat+0x10/0x10 [ 169.701706][ T6550] ? __pfx_ksys_write+0x10/0x10 [ 169.701735][ T6550] __x64_sys_fchmodat+0x7d/0x90 [ 169.701760][ T6550] do_syscall_64+0xfa/0xfa0 [ 169.701783][ T6550] ? lockdep_hardirqs_on+0x9c/0x150 [ 169.701805][ T6550] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 169.701823][ T6550] ? clear_bhb_loop+0x60/0xb0 [ 169.701845][ T6550] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 169.701863][ T6550] RIP: 0033:0x7f71948ff6c9 [ 169.701885][ T6550] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 169.701901][ T6550] RSP: 002b:00007f7192b3d038 EFLAGS: 00000246 ORIG_RAX: 000000000000010c [ 169.701921][ T6550] RAX: ffffffffffffffda RBX: 00007f7194b56090 RCX: 00007f71948ff6c9 [ 169.701934][ T6550] RDX: 00000000fffffffb RSI: 0000200000000000 RDI: ffffffffffffff9c [ 169.701947][ T6550] RBP: 00007f7192b3d090 R08: 0000000000000000 R09: 0000000000000000 [ 169.701959][ T6550] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 169.701969][ T6550] R13: 00007f7194b56128 R14: 00007f7194b56090 R15: 00007ffd866673d8 [ 169.702001][ T6550] [ 170.649344][ T6560] FAULT_INJECTION: forcing a failure. [ 170.649344][ T6560] name failslab, interval 1, probability 0, space 0, times 0 [ 170.649376][ T6560] CPU: 1 UID: 0 PID: 6560 Comm: syz.4.193 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 170.649401][ T6560] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 170.649412][ T6560] Call Trace: [ 170.649418][ T6560] [ 170.649425][ T6560] dump_stack_lvl+0x189/0x250 [ 170.649451][ T6560] ? __pfx____ratelimit+0x10/0x10 [ 170.649470][ T6560] ? __pfx_dump_stack_lvl+0x10/0x10 [ 170.649490][ T6560] ? __pfx__printk+0x10/0x10 [ 170.649512][ T6560] ? __pfx___might_resched+0x10/0x10 [ 170.649532][ T6560] should_fail_ex+0x46c/0x600 [ 170.649555][ T6560] should_failslab+0xa8/0x100 [ 170.649578][ T6560] __kmalloc_noprof+0xcc/0x7d0 [ 170.649597][ T6560] ? tomoyo_init_log+0x1a6f/0x1f70 [ 170.649620][ T6560] tomoyo_init_log+0x1a6f/0x1f70 [ 170.649654][ T6560] ? __pfx_tomoyo_init_log+0x10/0x10 [ 170.649671][ T6560] ? tomoyo_profile+0x11/0x50 [ 170.649687][ T6560] ? tomoyo_domain_quota_is_ok+0x42b/0x570 [ 170.649712][ T6560] tomoyo_supervisor+0x340/0x1480 [ 170.649741][ T6560] ? __pfx_tomoyo_supervisor+0x10/0x10 [ 170.649765][ T6560] ? lockdep_hardirqs_on+0x9c/0x150 [ 170.649790][ T6560] ? tomoyo_check_path_acl+0x137/0x1d0 [ 170.649813][ T6560] ? tomoyo_check_acl+0x386/0x400 [ 170.649834][ T6560] ? __pfx_tomoyo_check_path_acl+0x10/0x10 [ 170.649858][ T6560] tomoyo_path_permission+0x25a/0x380 [ 170.649883][ T6560] tomoyo_check_open_permission+0x24d/0x3b0 [ 170.649906][ T6560] ? tomoyo_check_open_permission+0x16a/0x3b0 [ 170.649927][ T6560] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 170.649976][ T6560] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 170.649995][ T6560] ? tomoyo_file_open+0x169/0x230 [ 170.650017][ T6560] security_file_open+0xb1/0x270 [ 170.650033][ T6560] do_dentry_open+0x378/0x1350 [ 170.650057][ T6560] vfs_open+0x3b/0x350 [ 170.650068][ T6560] ? path_openat+0x2ed9/0x3840 [ 170.650086][ T6560] path_openat+0x2ef1/0x3840 [ 170.650108][ T6560] ? try_to_take_rt_mutex+0x840/0xb00 [ 170.650145][ T6560] ? __pfx_path_openat+0x10/0x10 [ 170.650161][ T6560] ? do_raw_spin_lock+0x121/0x290 [ 170.650186][ T6560] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 170.650205][ T6560] ? lockdep_hardirqs_on+0x9c/0x150 [ 170.650224][ T6560] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 170.650249][ T6560] do_filp_open+0x1fa/0x410 [ 170.650267][ T6560] ? __pfx_do_filp_open+0x10/0x10 [ 170.650281][ T6560] ? rt_mutex_slowunlock+0x493/0x8a0 [ 170.650315][ T6560] ? alloc_fd+0x64f/0x6c0 [ 170.650351][ T6560] do_sys_openat2+0x121/0x1c0 [ 170.650368][ T6560] ? __pfx_do_sys_openat2+0x10/0x10 [ 170.650389][ T6560] ? ksys_write+0x230/0x260 [ 170.650413][ T6560] __x64_sys_openat+0x138/0x170 [ 170.650431][ T6560] do_syscall_64+0xfa/0xfa0 [ 170.650449][ T6560] ? lockdep_hardirqs_on+0x9c/0x150 [ 170.650467][ T6560] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 170.650482][ T6560] ? clear_bhb_loop+0x60/0xb0 [ 170.650499][ T6560] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 170.650513][ T6560] RIP: 0033:0x7fe1fb10f6c9 [ 170.650533][ T6560] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 170.650545][ T6560] RSP: 002b:00007fe1f9376038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 170.650562][ T6560] RAX: ffffffffffffffda RBX: 00007fe1fb365fa0 RCX: 00007fe1fb10f6c9 [ 170.650572][ T6560] RDX: 0000000000000000 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 170.650583][ T6560] RBP: 00007fe1f9376090 R08: 0000000000000000 R09: 0000000000000000 [ 170.650592][ T6560] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 170.650600][ T6560] R13: 00007fe1fb366038 R14: 00007fe1fb365fa0 R15: 00007ffda3800c78 [ 170.650625][ T6560] [ 171.783373][ T6574] FAULT_INJECTION: forcing a failure. [ 171.783373][ T6574] name failslab, interval 1, probability 0, space 0, times 0 [ 171.783405][ T6574] CPU: 0 UID: 0 PID: 6574 Comm: syz.4.198 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 171.783427][ T6574] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 171.783438][ T6574] Call Trace: [ 171.783446][ T6574] [ 171.783454][ T6574] dump_stack_lvl+0x189/0x250 [ 171.783485][ T6574] ? __pfx____ratelimit+0x10/0x10 [ 171.783509][ T6574] ? __pfx_dump_stack_lvl+0x10/0x10 [ 171.783535][ T6574] ? __pfx__printk+0x10/0x10 [ 171.783562][ T6574] ? __pfx___might_resched+0x10/0x10 [ 171.783583][ T6574] ? fs_reclaim_acquire+0x7d/0x100 [ 171.783612][ T6574] should_fail_ex+0x46c/0x600 [ 171.783640][ T6574] ? mas_alloc_nodes+0x291/0x350 [ 171.783660][ T6574] should_failslab+0xa8/0x100 [ 171.783684][ T6574] ? mas_alloc_nodes+0x291/0x350 [ 171.783702][ T6574] kmem_cache_alloc_noprof+0x6f/0x6b0 [ 171.783733][ T6574] mas_alloc_nodes+0x291/0x350 [ 171.783760][ T6574] mas_preallocate+0x2e0/0x670 [ 171.783787][ T6574] ? __pfx_mas_preallocate+0x10/0x10 [ 171.783823][ T6574] ? __mas_set_range+0x12f/0x3c0 [ 171.783850][ T6574] __split_vma+0x2fd/0x9e0 [ 171.783882][ T6574] ? __pfx___split_vma+0x10/0x10 [ 171.783918][ T6574] ? rtlock_slowlock_locked+0xd8/0x4010 [ 171.783938][ T6574] ? lockdep_hardirqs_on+0x9c/0x150 [ 171.783964][ T6574] vms_gather_munmap_vmas+0x2e2/0x12e0 [ 171.783983][ T6574] ? __lock_acquire+0xab9/0xd20 [ 171.784020][ T6574] ? mtree_range_walk+0x6aa/0x840 [ 171.784048][ T6574] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 171.784079][ T6574] ? mas_find+0xa7d/0xd30 [ 171.784107][ T6574] mmap_region+0x727/0x20f0 [ 171.784147][ T6574] ? __lock_acquire+0xab9/0xd20 [ 171.784169][ T6574] ? __pfx_mmap_region+0x10/0x10 [ 171.784280][ T6574] ? __pfx_arch_get_unmapped_area_topdown+0x10/0x10 [ 171.784310][ T6574] ? do_raw_spin_lock+0x121/0x290 [ 171.784336][ T6574] ? cap_mmap_addr+0xb0/0x100 [ 171.784356][ T6574] ? bpf_lsm_mmap_addr+0x9/0x20 [ 171.784373][ T6574] ? security_mmap_addr+0x71/0x270 [ 171.784393][ T6574] ? shmem_mapping+0xd/0x50 [ 171.784414][ T6574] ? memfd_check_seals_mmap+0x16e/0x210 [ 171.784437][ T6574] do_mmap+0xc23/0x10c0 [ 171.784469][ T6574] ? __pfx_do_mmap+0x10/0x10 [ 171.784487][ T6574] ? rwbase_write_lock+0x56f/0x750 [ 171.784518][ T6574] ? __lock_acquire+0xab9/0xd20 [ 171.784548][ T6574] vm_mmap_pgoff+0x2a9/0x4d0 [ 171.784579][ T6574] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 171.784601][ T6574] ? __fget_files+0x2a/0x420 [ 171.784631][ T6574] ? __fget_files+0x3a6/0x420 [ 171.784654][ T6574] ? __fget_files+0x2a/0x420 [ 171.784682][ T6574] ksys_mmap_pgoff+0x4e9/0x720 [ 171.784707][ T6574] ? __x64_sys_mmap+0x7f/0x140 [ 171.784732][ T6574] do_syscall_64+0xfa/0xfa0 [ 171.784758][ T6574] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 171.784776][ T6574] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 171.784794][ T6574] ? clear_bhb_loop+0x60/0xb0 [ 171.784817][ T6574] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 171.784835][ T6574] RIP: 0033:0x7fe1fb10f6c9 [ 171.784853][ T6574] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 171.784867][ T6574] RSP: 002b:00007fe1f9376038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 171.784886][ T6574] RAX: ffffffffffffffda RBX: 00007fe1fb365fa0 RCX: 00007fe1fb10f6c9 [ 171.784900][ T6574] RDX: 0000000000000001 RSI: 0000000000001000 RDI: 0000200000ffc000 [ 171.784912][ T6574] RBP: 00007fe1f9376090 R08: 0000000000000006 R09: 0000000000000000 [ 171.784924][ T6574] R10: 0000000000010012 R11: 0000000000000246 R12: 0000000000000001 [ 171.784936][ T6574] R13: 00007fe1fb366038 R14: 00007fe1fb365fa0 R15: 00007ffda3800c78 [ 171.784970][ T6574] [ 171.837543][ T61] Bluetooth: hci1: SCO packet for unknown connection handle 0 [ 173.046609][ C0] vkms_vblank_simulate: vblank timer overrun [ 173.482212][ C0] vkms_vblank_simulate: vblank timer overrun [ 173.860669][ C0] vkms_vblank_simulate: vblank timer overrun [ 174.417692][ T5910] usbhid 3-1:0.0: can't add hid device: -32 [ 174.417772][ T5910] usbhid 3-1:0.0: probe with driver usbhid failed with error -32 [ 175.518595][ T9] usb 3-1: USB disconnect, device number 6 [ 175.917643][ T5969] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 176.085371][ T5969] usb 5-1: Using ep0 maxpacket: 16 [ 176.087643][ T5969] usb 5-1: config 0 has an invalid interface number: 48 but max is 0 [ 176.087670][ T5969] usb 5-1: config 0 has no interface number 0 [ 176.087704][ T5969] usb 5-1: config 0 interface 48 has no altsetting 0 [ 176.090823][ T5969] usb 5-1: New USB device found, idVendor=1199, idProduct=b000, bcdDevice=a8.98 [ 176.090851][ T5969] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=24 [ 176.090872][ T5969] usb 5-1: Product: syz [ 176.090885][ T5969] usb 5-1: Manufacturer: syz [ 176.090900][ T5969] usb 5-1: SerialNumber: syz [ 176.161283][ T5969] usb 5-1: config 0 descriptor?? [ 177.310011][ C0] vkms_vblank_simulate: vblank timer overrun [ 177.328676][ T6619] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 177.331629][ T6619] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 177.497639][ C0] vkms_vblank_simulate: vblank timer overrun [ 177.973523][ T5866] usb 5-1: USB disconnect, device number 3 [ 178.868050][ T6676] overlayfs: workdir and upperdir must be separate subtrees [ 179.643925][ T6696] netlink: 104 bytes leftover after parsing attributes in process `syz.2.243'. [ 179.723076][ C0] vkms_vblank_simulate: vblank timer overrun [ 180.010795][ T6707] FAULT_INJECTION: forcing a failure. [ 180.010795][ T6707] name failslab, interval 1, probability 0, space 0, times 0 [ 180.010838][ T6707] CPU: 0 UID: 0 PID: 6707 Comm: syz.1.245 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 180.010860][ T6707] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 180.010870][ T6707] Call Trace: [ 180.010878][ T6707] [ 180.010886][ T6707] dump_stack_lvl+0x189/0x250 [ 180.010916][ T6707] ? __pfx____ratelimit+0x10/0x10 [ 180.010940][ T6707] ? __pfx_dump_stack_lvl+0x10/0x10 [ 180.010966][ T6707] ? __pfx__printk+0x10/0x10 [ 180.010990][ T6707] ? __lock_acquire+0xab9/0xd20 [ 180.011026][ T6707] should_fail_ex+0x46c/0x600 [ 180.011055][ T6707] ? __alloc_skb+0x112/0x2d0 [ 180.011073][ T6707] should_failslab+0xa8/0x100 [ 180.011100][ T6707] ? __alloc_skb+0x112/0x2d0 [ 180.011116][ T6707] kmem_cache_alloc_node_noprof+0x78/0x6e0 [ 180.011149][ T6707] __alloc_skb+0x112/0x2d0 [ 180.011172][ T6707] mr6_netlink_event+0xb6/0x190 [ 180.011201][ T6707] ip6mr_mfc_delete+0xed8/0x13d0 [ 180.011222][ T6707] ? ip6mr_mfc_delete+0xac/0x13d0 [ 180.011256][ T6707] ? __pfx_ip6mr_mfc_delete+0x10/0x10 [ 180.011280][ T6707] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 180.011316][ T6707] ? mutex_lock_nested+0x154/0x1d0 [ 180.011334][ T6707] ? ip6_mroute_setsockopt+0x956/0xf00 [ 180.011359][ T6707] ip6_mroute_setsockopt+0x993/0xf00 [ 180.011389][ T6707] ? __pfx_ip6_mroute_setsockopt+0x10/0x10 [ 180.011446][ T6707] do_ipv6_setsockopt+0x35a/0x2eb0 [ 180.011479][ T6707] ? __pfx_do_ipv6_setsockopt+0x10/0x10 [ 180.011520][ T6707] ? get_pid_task+0x20/0x1f0 [ 180.011553][ T6707] ? __lock_acquire+0xab9/0xd20 [ 180.011585][ T6707] ? do_raw_spin_lock+0x121/0x290 [ 180.011617][ T6707] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 180.011642][ T6707] ? lockdep_hardirqs_on+0x9c/0x150 [ 180.011670][ T6707] ? __lock_acquire+0xab9/0xd20 [ 180.011701][ T6707] ipv6_setsockopt+0x59/0x170 [ 180.011727][ T6707] rawv6_setsockopt+0x23b/0x5b0 [ 180.011753][ T6707] ? __pfx_rawv6_setsockopt+0x10/0x10 [ 180.011774][ T6707] ? __fget_files+0x2a/0x420 [ 180.011801][ T6707] ? sock_common_setsockopt+0x36/0xc0 [ 180.011827][ T6707] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 180.011855][ T6707] do_sock_setsockopt+0x17c/0x1b0 [ 180.011880][ T6707] __x64_sys_setsockopt+0x145/0x1b0 [ 180.011907][ T6707] do_syscall_64+0xfa/0xfa0 [ 180.011929][ T6707] ? lockdep_hardirqs_on+0x9c/0x150 [ 180.011951][ T6707] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 180.011970][ T6707] ? clear_bhb_loop+0x60/0xb0 [ 180.011993][ T6707] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 180.012011][ T6707] RIP: 0033:0x7f0efa6ff6c9 [ 180.012027][ T6707] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 180.012042][ T6707] RSP: 002b:00007f0ef8966038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 180.012066][ T6707] RAX: ffffffffffffffda RBX: 00007f0efa955fa0 RCX: 00007f0efa6ff6c9 [ 180.012080][ T6707] RDX: 00000000000000d3 RSI: 0000000000000029 RDI: 0000000000000003 [ 180.012091][ T6707] RBP: 00007f0ef8966090 R08: 000000000000005c R09: 0000000000000000 [ 180.012103][ T6707] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000001 [ 180.012115][ T6707] R13: 00007f0efa956038 R14: 00007f0efa955fa0 R15: 00007fffa32d9478 [ 180.012149][ T6707] [ 180.537206][ T6713] FAULT_INJECTION: forcing a failure. [ 180.537206][ T6713] name failslab, interval 1, probability 0, space 0, times 0 [ 180.537238][ T6713] CPU: 1 UID: 0 PID: 6713 Comm: syz.1.247 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 180.537259][ T6713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 180.537269][ T6713] Call Trace: [ 180.537276][ T6713] [ 180.537285][ T6713] dump_stack_lvl+0x189/0x250 [ 180.537314][ T6713] ? __pfx____ratelimit+0x10/0x10 [ 180.537336][ T6713] ? __pfx_dump_stack_lvl+0x10/0x10 [ 180.537361][ T6713] ? __pfx__printk+0x10/0x10 [ 180.537388][ T6713] ? __pfx___might_resched+0x10/0x10 [ 180.537406][ T6713] ? fs_reclaim_acquire+0x7d/0x100 [ 180.537443][ T6713] should_fail_ex+0x46c/0x600 [ 180.537470][ T6713] should_failslab+0xa8/0x100 [ 180.537496][ T6713] __kmalloc_noprof+0xcc/0x7d0 [ 180.537517][ T6713] ? tomoyo_encode+0x28b/0x550 [ 180.537543][ T6713] tomoyo_encode+0x28b/0x550 [ 180.537568][ T6713] tomoyo_realpath_from_path+0x58d/0x5d0 [ 180.537601][ T6713] ? tomoyo_path_number_perm+0x1bc/0x5a0 [ 180.537627][ T6713] tomoyo_path_number_perm+0x1e8/0x5a0 [ 180.537656][ T6713] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 180.537687][ T6713] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 180.537711][ T6713] ? lockdep_hardirqs_on+0x9c/0x150 [ 180.537763][ T6713] ? __fget_files+0x2a/0x420 [ 180.537792][ T6713] ? __fget_files+0x3a6/0x420 [ 180.537814][ T6713] ? __fget_files+0x2a/0x420 [ 180.537841][ T6713] security_file_ioctl+0xcb/0x2d0 [ 180.537864][ T6713] __se_sys_ioctl+0x47/0x170 [ 180.537887][ T6713] do_syscall_64+0xfa/0xfa0 [ 180.537910][ T6713] ? lockdep_hardirqs_on+0x9c/0x150 [ 180.537932][ T6713] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 180.537949][ T6713] ? clear_bhb_loop+0x60/0xb0 [ 180.537970][ T6713] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 180.537988][ T6713] RIP: 0033:0x7f0efa6ff6c9 [ 180.538004][ T6713] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 180.538018][ T6713] RSP: 002b:00007f0ef8966038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 180.538038][ T6713] RAX: ffffffffffffffda RBX: 00007f0efa955fa0 RCX: 00007f0efa6ff6c9 [ 180.538050][ T6713] RDX: 0000200000000400 RSI: 0000000040096102 RDI: 0000000000000003 [ 180.538063][ T6713] RBP: 00007f0ef8966090 R08: 0000000000000000 R09: 0000000000000000 [ 180.538074][ T6713] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 180.538085][ T6713] R13: 00007f0efa956038 R14: 00007f0efa955fa0 R15: 00007fffa32d9478 [ 180.538117][ T6713] [ 180.538135][ T6713] ERROR: Out of memory at tomoyo_realpath_from_path. [ 180.834715][ T37] kauditd_printk_skb: 54 callbacks suppressed [ 180.834732][ T37] audit: type=1326 audit(1762300138.698:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6714 comm="syz.0.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71948ff6c9 code=0x7ffc0000 [ 180.835046][ T37] audit: type=1326 audit(1762300138.698:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6714 comm="syz.0.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=306 compat=0 ip=0x7f71948ff6c9 code=0x7ffc0000 [ 180.835295][ T37] audit: type=1326 audit(1762300138.698:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6714 comm="syz.0.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71948ff6c9 code=0x7ffc0000 [ 180.835768][ T37] audit: type=1326 audit(1762300138.698:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6714 comm="syz.0.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f71948ff6c9 code=0x7ffc0000 [ 180.881656][ T37] audit: type=1326 audit(1762300138.748:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6714 comm="syz.0.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71948ff6c9 code=0x7ffc0000 [ 180.881707][ T37] audit: type=1326 audit(1762300138.748:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6714 comm="syz.0.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71948ff6c9 code=0x7ffc0000 [ 180.911458][ T37] audit: type=1326 audit(1762300138.778:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6714 comm="syz.0.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f71948ff6c9 code=0x7ffc0000 [ 180.911510][ T37] audit: type=1326 audit(1762300138.778:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6714 comm="syz.0.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71948ff6c9 code=0x7ffc0000 [ 180.911548][ T37] audit: type=1326 audit(1762300138.778:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6714 comm="syz.0.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71948ff6c9 code=0x7ffc0000 [ 180.912790][ T37] audit: type=1326 audit(1762300138.778:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6714 comm="syz.0.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=304 compat=0 ip=0x7f71948ff6c9 code=0x7ffc0000 [ 183.059761][ T6746] FAULT_INJECTION: forcing a failure. [ 183.059761][ T6746] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 183.059792][ T6746] CPU: 1 UID: 0 PID: 6746 Comm: syz.1.254 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 183.059813][ T6746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 183.059824][ T6746] Call Trace: [ 183.059831][ T6746] [ 183.059840][ T6746] dump_stack_lvl+0x189/0x250 [ 183.059869][ T6746] ? __pfx____ratelimit+0x10/0x10 [ 183.059893][ T6746] ? __pfx_dump_stack_lvl+0x10/0x10 [ 183.059918][ T6746] ? __pfx__printk+0x10/0x10 [ 183.059940][ T6746] ? __might_fault+0xb0/0x130 [ 183.059973][ T6746] should_fail_ex+0x46c/0x600 [ 183.060002][ T6746] _copy_from_user+0x2d/0xb0 [ 183.060024][ T6746] __sys_sendto+0x262/0x520 [ 183.060045][ T6746] ? __pfx___sys_sendto+0x10/0x10 [ 183.060087][ T6746] ? ksys_write+0x230/0x260 [ 183.060109][ T6746] ? __pfx_ksys_write+0x10/0x10 [ 183.060133][ T6746] __x64_sys_sendto+0xde/0x100 [ 183.060155][ T6746] do_syscall_64+0xfa/0xfa0 [ 183.060177][ T6746] ? lockdep_hardirqs_on+0x9c/0x150 [ 183.060200][ T6746] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 183.060218][ T6746] ? clear_bhb_loop+0x60/0xb0 [ 183.060241][ T6746] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 183.060258][ T6746] RIP: 0033:0x7f0efa6ff6c9 [ 183.060275][ T6746] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 183.060290][ T6746] RSP: 002b:00007f0ef8966038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 183.060309][ T6746] RAX: ffffffffffffffda RBX: 00007f0efa955fa0 RCX: 00007f0efa6ff6c9 [ 183.060323][ T6746] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 183.060334][ T6746] RBP: 00007f0ef8966090 R08: 0000200000000100 R09: 000000000000001c [ 183.060347][ T6746] R10: 0000000000000040 R11: 0000000000000246 R12: 0000000000000001 [ 183.060358][ T6746] R13: 00007f0efa956038 R14: 00007f0efa955fa0 R15: 00007fffa32d9478 [ 183.060390][ T6746] [ 183.108250][ T6748] ======================================================= [ 183.108250][ T6748] WARNING: The mand mount option has been deprecated and [ 183.108250][ T6748] and is ignored by this kernel. Remove the mand [ 183.108250][ T6748] option from the mount to silence this warning. [ 183.108250][ T6748] ======================================================= [ 183.722185][ T6756] QAT: failed to copy from user cfg_data. [ 183.857344][ T6761] overlayfs: workdir and upperdir must be separate subtrees [ 184.495312][ C1] vkms_vblank_simulate: vblank timer overrun [ 184.833890][ C1] vkms_vblank_simulate: vblank timer overrun [ 185.055270][ T6759] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 185.907037][ C1] vkms_vblank_simulate: vblank timer overrun [ 186.316039][ C1] vkms_vblank_simulate: vblank timer overrun [ 190.293632][ T44] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 190.425933][ C1] vkms_vblank_simulate: vblank timer overrun [ 190.442199][ T37] kauditd_printk_skb: 51 callbacks suppressed [ 190.442217][ T37] audit: type=1326 audit(1762300148.367:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6835 comm="syz.2.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde67f4f6c9 code=0x7ffc0000 [ 190.442262][ T37] audit: type=1326 audit(1762300148.367:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6835 comm="syz.2.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde67f4f6c9 code=0x7ffc0000 [ 190.453256][ T37] audit: type=1326 audit(1762300148.387:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6835 comm="syz.2.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=305 compat=0 ip=0x7fde67f4f6c9 code=0x7ffc0000 [ 190.453307][ T37] audit: type=1326 audit(1762300148.395:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6835 comm="syz.2.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde67f4f6c9 code=0x7ffc0000 [ 190.453346][ T37] audit: type=1326 audit(1762300148.395:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6835 comm="syz.2.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde67f4f6c9 code=0x7ffc0000 [ 190.489327][ C1] vkms_vblank_simulate: vblank timer overrun [ 190.595150][ C1] vkms_vblank_simulate: vblank timer overrun [ 190.600289][ T37] audit: type=1326 audit(1762300148.395:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6835 comm="syz.2.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=327 compat=0 ip=0x7fde67f4f6c9 code=0x7ffc0000 [ 190.600335][ T37] audit: type=1326 audit(1762300148.415:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6835 comm="syz.2.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde67f4f6c9 code=0x7ffc0000 [ 190.600371][ T37] audit: type=1326 audit(1762300148.415:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6835 comm="syz.2.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde67f4f6c9 code=0x7ffc0000 [ 190.631535][ T37] audit: type=1326 audit(1762300148.555:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6835 comm="syz.2.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fde67f4f6c9 code=0x7ffc0000 [ 190.631583][ T37] audit: type=1326 audit(1762300148.555:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6835 comm="syz.2.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde67f4f6c9 code=0x7ffc0000 [ 190.635072][ T44] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 190.635095][ T44] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 190.636869][ T44] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 190.636895][ T44] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 190.636915][ T44] usb 1-1: SerialNumber: syz [ 190.863208][ T10] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 190.884910][ T6843] overlayfs: workdir and upperdir must be separate subtrees [ 191.048365][ T10] usb 3-1: device descriptor read/64, error -71 [ 191.076591][ T44] usb 1-1: 0:2 : does not exist [ 191.084067][ T6847] veth0: entered promiscuous mode [ 191.111239][ T44] usb 1-1: USB disconnect, device number 13 [ 191.737563][ T6846] veth0: left promiscuous mode [ 191.799965][ T10] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 191.831104][ T61] Bluetooth: hci0: SCO packet for unknown connection handle 0 [ 191.842963][ T6848] udevd[6848]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 191.925991][ T10] usb 3-1: device descriptor read/64, error -71 [ 192.032872][ T10] usb usb3-port1: attempt power cycle [ 192.217140][ T6866] netlink: 24 bytes leftover after parsing attributes in process `syz.0.294'. [ 192.231665][ T6866] xfrm1: entered allmulticast mode [ 193.335137][ T10] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 193.352420][ T1324] ieee802154 phy0 wpan0: encryption failed: -22 [ 193.352496][ T1324] ieee802154 phy1 wpan1: encryption failed: -22 [ 193.366928][ T10] usb 3-1: device descriptor read/8, error -71 [ 210.514313][ T6872] Bluetooth: hci4: command 0x0406 tx timeout [ 210.514351][ T6872] Bluetooth: hci3: command 0x0406 tx timeout [ 210.514370][ T6872] Bluetooth: hci1: command 0x0406 tx timeout [ 210.581771][ T6871] Bluetooth: hci0: command 0x0406 tx timeout [ 210.582403][ T6872] Bluetooth: hci2: command 0x0406 tx timeout [ 220.237869][ C1] vkms_vblank_simulate: vblank timer overrun [ 220.558715][ T6903] sg_write: data in/out 8156/251 bytes for SCSI command 0x0-- guessing data in; [ 220.558715][ T6903] program syz.3.303 not setting count and/or reply_len properly [ 220.592787][ T6903] capability: warning: `syz.3.303' uses deprecated v2 capabilities in a way that may be insecure [ 220.827302][ T37] kauditd_printk_skb: 28 callbacks suppressed [ 220.827321][ T37] audit: type=1326 audit(1762300179.175:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6911 comm="syz.4.305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1fb10f6c9 code=0x7ffc0000 [ 220.827364][ T37] audit: type=1326 audit(1762300179.175:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6911 comm="syz.4.305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1fb10f6c9 code=0x7ffc0000 [ 220.827402][ T37] audit: type=1326 audit(1762300179.175:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6911 comm="syz.4.305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=305 compat=0 ip=0x7fe1fb10f6c9 code=0x7ffc0000 [ 220.827440][ T37] audit: type=1326 audit(1762300179.189:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6911 comm="syz.4.305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1fb10f6c9 code=0x7ffc0000 [ 220.827480][ T37] audit: type=1326 audit(1762300179.189:352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6911 comm="syz.4.305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1fb10f6c9 code=0x7ffc0000 [ 220.864441][ C1] vkms_vblank_simulate: vblank timer overrun [ 220.867560][ T37] audit: type=1326 audit(1762300179.189:353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6911 comm="syz.4.305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=327 compat=0 ip=0x7fe1fb10f6c9 code=0x7ffc0000 [ 220.867609][ T37] audit: type=1326 audit(1762300179.219:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6911 comm="syz.4.305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1fb10f6c9 code=0x7ffc0000 [ 220.867648][ T37] audit: type=1326 audit(1762300179.219:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6911 comm="syz.4.305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1fb10f6c9 code=0x7ffc0000 [ 220.877742][ T37] audit: type=1326 audit(1762300179.229:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6911 comm="syz.4.305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe1fb10f6c9 code=0x7ffc0000 [ 220.877790][ T37] audit: type=1326 audit(1762300179.229:357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6911 comm="syz.4.305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1fb10f6c9 code=0x7ffc0000 [ 220.977608][ T6916] FAULT_INJECTION: forcing a failure. [ 220.977608][ T6916] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 220.977641][ T6916] CPU: 1 UID: 0 PID: 6916 Comm: syz.3.308 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 220.977662][ T6916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 220.977672][ T6916] Call Trace: [ 220.977679][ T6916] [ 220.977687][ T6916] dump_stack_lvl+0x189/0x250 [ 220.977717][ T6916] ? __pfx____ratelimit+0x10/0x10 [ 220.977741][ T6916] ? __pfx_dump_stack_lvl+0x10/0x10 [ 220.977765][ T6916] ? __pfx__printk+0x10/0x10 [ 220.977802][ T6916] should_fail_ex+0x46c/0x600 [ 220.977831][ T6916] _copy_to_user+0x31/0xb0 [ 220.977854][ T6916] simple_read_from_buffer+0xe1/0x170 [ 220.977883][ T6916] proc_fail_nth_read+0x1b6/0x220 [ 220.977905][ T6916] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 220.977927][ T6916] ? rw_verify_area+0x2ac/0x4e0 [ 220.977948][ T6916] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 220.977969][ T6916] vfs_read+0x206/0xa30 [ 220.978003][ T6916] ? __pfx_vfs_read+0x10/0x10 [ 220.978021][ T6916] ? try_to_take_rt_mutex+0x7fd/0xac0 [ 220.978050][ T6916] ? mutex_lock_nested+0x154/0x1d0 [ 220.978067][ T6916] ? fdget_pos+0x253/0x320 [ 220.978099][ T6916] ksys_read+0x14b/0x260 [ 220.978123][ T6916] ? __pfx_ksys_read+0x10/0x10 [ 220.978148][ T6916] ? do_syscall_64+0xbe/0xfa0 [ 220.978174][ T6916] do_syscall_64+0xfa/0xfa0 [ 220.978195][ T6916] ? lockdep_hardirqs_on+0x9c/0x150 [ 220.978217][ T6916] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 220.978235][ T6916] ? clear_bhb_loop+0x60/0xb0 [ 220.978257][ T6916] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 220.978274][ T6916] RIP: 0033:0x7fb91dcee0dc [ 220.978290][ T6916] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 220.978304][ T6916] RSP: 002b:00007fb91bf56030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 220.978323][ T6916] RAX: ffffffffffffffda RBX: 00007fb91df45fa0 RCX: 00007fb91dcee0dc [ 220.978336][ T6916] RDX: 000000000000000f RSI: 00007fb91bf560a0 RDI: 0000000000000005 [ 220.978347][ T6916] RBP: 00007fb91bf56090 R08: 0000000000000000 R09: 0000000000000000 [ 220.978358][ T6916] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 220.978368][ T6916] R13: 00007fb91df46038 R14: 00007fb91df45fa0 R15: 00007ffc3f174fd8 [ 220.978399][ T6916] [ 221.045422][ T6918] ref_tracker: memory allocation failure, unreliable refcount tracker. [ 221.292157][ C1] vkms_vblank_simulate: vblank timer overrun [ 221.398056][ C1] vkms_vblank_simulate: vblank timer overrun [ 221.406134][ T5910] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 221.538958][ C1] vkms_vblank_simulate: vblank timer overrun [ 221.829171][ C1] vkms_vblank_simulate: vblank timer overrun [ 221.830806][ T5910] usb 5-1: device descriptor read/64, error -71 [ 221.960635][ C1] vkms_vblank_simulate: vblank timer overrun [ 222.193695][ C1] vkms_vblank_simulate: vblank timer overrun [ 222.454008][ C1] vkms_vblank_simulate: vblank timer overrun [ 222.706372][ C1] vkms_vblank_simulate: vblank timer overrun [ 222.724348][ T5910] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 222.757818][ T9] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 222.874116][ T5910] usb 5-1: device descriptor read/64, error -71 [ 222.883934][ T9] usb 4-1: device descriptor read/64, error -71 [ 222.985729][ T5910] usb usb5-port1: attempt power cycle [ 223.127414][ T9] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 223.252981][ T9] usb 4-1: device descriptor read/64, error -71 [ 223.320974][ T5910] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 223.350857][ T5910] usb 5-1: device descriptor read/8, error -71 [ 223.360849][ T9] usb usb4-port1: attempt power cycle [ 223.634274][ C1] vkms_vblank_simulate: vblank timer overrun [ 223.663790][ C1] vkms_vblank_simulate: vblank timer overrun [ 223.720604][ T5910] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 223.898171][ C1] vkms_vblank_simulate: vblank timer overrun [ 223.930246][ T5910] usb 5-1: device descriptor read/8, error -71 [ 224.048177][ T5910] usb usb5-port1: unable to enumerate USB device [ 224.619192][ C1] vkms_vblank_simulate: vblank timer overrun [ 224.663943][ T9] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 224.686619][ T9] usb 4-1: device descriptor read/8, error -71 [ 224.708308][ C1] vkms_vblank_simulate: vblank timer overrun [ 224.917263][ T9] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 224.939127][ T9] usb 4-1: device descriptor read/8, error -71 [ 225.044391][ T9] usb usb4-port1: unable to enumerate USB device [ 225.502221][ T5910] usb 5-1: new full-speed USB device number 8 using dummy_hcd [ 226.689050][ T5910] usb 5-1: unable to get BOS descriptor or descriptor too short [ 226.693238][ T5910] usb 5-1: not running at top speed; connect to a high speed hub [ 226.695536][ T5910] usb 5-1: config 0 has an invalid interface number: 13 but max is 0 [ 226.695562][ T5910] usb 5-1: config 0 has no interface number 0 [ 226.734064][ T5910] usb 5-1: New USB device found, idVendor=090c, idProduct=2000, bcdDevice=83.35 [ 226.734094][ T5910] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 226.734115][ T5910] usb 5-1: Product: syz [ 226.734129][ T5910] usb 5-1: Manufacturer: syz [ 226.734144][ T5910] usb 5-1: SerialNumber: syz [ 226.777527][ T5910] usb 5-1: config 0 descriptor?? [ 226.789089][ T5910] usb-storage 5-1:0.13: USB Mass Storage device detected [ 226.818451][ T5910] usb-storage 5-1:0.13: Quirks match for vid 090c pid 2000: 800000 [ 226.832623][ T6974] Driver unsupported XDP return value 0 on prog (id 49) dev N/A, expect packet loss! [ 226.954984][ T6979] overlayfs: workdir and upperdir must be separate subtrees [ 227.027872][ T6961] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 227.028406][ T6961] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 227.031639][ T9] usb 5-1: USB disconnect, device number 8 [ 227.499461][ T6988] bridge0: port 1(bridge_slave_0) entered disabled state [ 227.539922][ T6988] bridge0: port 2(bridge_slave_1) entered disabled state [ 227.703049][ T6994] FAULT_INJECTION: forcing a failure. [ 227.703049][ T6994] name failslab, interval 1, probability 0, space 0, times 0 [ 227.703089][ T6994] CPU: 1 UID: 0 PID: 6994 Comm: syz.4.335 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 227.703110][ T6994] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 227.703120][ T6994] Call Trace: [ 227.703127][ T6994] [ 227.703135][ T6994] dump_stack_lvl+0x189/0x250 [ 227.703162][ T6994] ? __pfx____ratelimit+0x10/0x10 [ 227.703184][ T6994] ? __pfx_dump_stack_lvl+0x10/0x10 [ 227.703207][ T6994] ? __pfx__printk+0x10/0x10 [ 227.703232][ T6994] ? __pfx___might_resched+0x10/0x10 [ 227.703250][ T6994] ? fs_reclaim_acquire+0x7d/0x100 [ 227.703278][ T6994] should_fail_ex+0x46c/0x600 [ 227.703305][ T6994] ? __d_alloc+0x36/0x7b0 [ 227.703321][ T6994] should_failslab+0xa8/0x100 [ 227.703346][ T6994] ? __d_alloc+0x36/0x7b0 [ 227.703361][ T6994] kmem_cache_alloc_lru_noprof+0x74/0x6b0 [ 227.703388][ T6994] ? inode_set_ctime_current+0x277/0xb40 [ 227.703410][ T6994] __d_alloc+0x36/0x7b0 [ 227.703427][ T6994] ? __pfx_inode_set_ctime_current+0x10/0x10 [ 227.703449][ T6994] d_alloc_pseudo+0x21/0xc0 [ 227.703469][ T6994] alloc_file_pseudo+0xcc/0x210 [ 227.703485][ T6994] ? inode_init_owner+0x1ee/0x3a0 [ 227.703506][ T6994] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 227.703524][ T6994] ? __pfx_hugetlb_reserve_pages+0x10/0x10 [ 227.703561][ T6994] hugetlb_file_setup+0x3f0/0x640 [ 227.703589][ T6994] ksys_mmap_pgoff+0x22f/0x720 [ 227.703614][ T6994] ? __x64_sys_mmap+0x7f/0x140 [ 227.703648][ T6994] do_syscall_64+0xfa/0xfa0 [ 227.703670][ T6994] ? lockdep_hardirqs_on+0x9c/0x150 [ 227.703693][ T6994] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 227.703711][ T6994] ? clear_bhb_loop+0x60/0xb0 [ 227.703734][ T6994] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 227.703752][ T6994] RIP: 0033:0x7fe1fb10f6c9 [ 227.703769][ T6994] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 227.703784][ T6994] RSP: 002b:00007fe1f9376038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 227.703804][ T6994] RAX: ffffffffffffffda RBX: 00007fe1fb365fa0 RCX: 00007fe1fb10f6c9 [ 227.703818][ T6994] RDX: 0000000002800001 RSI: 0000000000400000 RDI: 0000200000000000 [ 227.703829][ T6994] RBP: 00007fe1f9376090 R08: ffffffffffffffff R09: 0000000000000000 [ 227.703842][ T6994] R10: 00000000000c3072 R11: 0000000000000246 R12: 0000000000000001 [ 227.703853][ T6994] R13: 00007fe1fb366038 R14: 00007fe1fb365fa0 R15: 00007ffda3800c78 [ 227.703886][ T6994] [ 229.597608][ T37] kauditd_printk_skb: 30 callbacks suppressed [ 229.597627][ T37] audit: type=1400 audit(1762300188.138:388): lsm=SMACK fn=smack_inode_removexattr action=denied subject="w" object="_" requested=w pid=7026 comm="syz.3.345" name="file1" dev="tmpfs" ino=448 [ 229.685199][ T37] audit: type=1400 audit(1762300188.229:389): lsm=SMACK fn=smack_inode_setattr action=denied subject="w" object="_" requested=w pid=7026 comm="syz.3.345" name="75" dev="tmpfs" ino=443 [ 229.696417][ T37] audit: type=1400 audit(1762300188.250:390): lsm=SMACK fn=smack_file_ioctl action=denied subject="w" object="_" requested=w pid=7026 comm="syz.3.345" path="/proc/223/task/224/attr/current" dev="proc" ino=12976 [ 229.986965][ T37] audit: type=1326 audit(1762300188.545:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7032 comm="syz.0.348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71948ff6c9 code=0x7ffc0000 [ 229.987008][ T37] audit: type=1326 audit(1762300188.545:392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7032 comm="syz.0.348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f71948ff6c9 code=0x7ffc0000 [ 229.994275][ T37] audit: type=1326 audit(1762300188.545:393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7032 comm="syz.0.348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71948ff6c9 code=0x7ffc0000 [ 229.996587][ T37] audit: type=1326 audit(1762300188.545:394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7032 comm="syz.0.348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f71948ff6c9 code=0x7ffc0000 [ 229.996634][ T37] audit: type=1326 audit(1762300188.545:395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7032 comm="syz.0.348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71948ff6c9 code=0x7ffc0000 [ 229.996674][ T37] audit: type=1326 audit(1762300188.555:396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7032 comm="syz.0.348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f71948ff6c9 code=0x7ffc0000 [ 229.996714][ T37] audit: type=1326 audit(1762300188.555:397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7032 comm="syz.0.348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71948ff6c9 code=0x7ffc0000 [ 230.677466][ T7033] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 231.242883][ T44] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 231.267859][ T7053] netlink: 28 bytes leftover after parsing attributes in process `syz.4.358'. [ 231.409921][ T44] usb 2-1: Using ep0 maxpacket: 16 [ 231.412373][ T44] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 231.412404][ T44] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 231.412443][ T44] usb 2-1: New USB device found, idVendor=1b1c, idProduct=1b02, bcdDevice= 0.00 [ 231.412466][ T44] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 231.463201][ T44] usb 2-1: config 0 descriptor?? [ 232.971687][ C0] vkms_vblank_simulate: vblank timer overrun [ 234.260208][ C0] vkms_vblank_simulate: vblank timer overrun [ 234.314407][ T7057] syz.4.358 (7057) used greatest stack depth: 17712 bytes left [ 234.724471][ T7082] netlink: 80 bytes leftover after parsing attributes in process `syz.2.362'. [ 235.005052][ T7085] netlink: 24 bytes leftover after parsing attributes in process `syz.4.364'. [ 235.580626][ T995] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 235.666995][ T5910] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 235.746790][ T995] usb 1-1: Using ep0 maxpacket: 16 [ 235.768330][ T995] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 235.768346][ T995] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 235.792480][ T995] usb 1-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28 [ 235.792500][ T995] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=21 [ 235.792511][ T995] usb 1-1: Product: syz [ 235.792519][ T995] usb 1-1: Manufacturer: syz [ 235.792526][ T995] usb 1-1: SerialNumber: syz [ 235.911515][ T5910] usb 4-1: config 158 has an invalid interface number: 88 but max is 2 [ 235.911533][ T5910] usb 4-1: config 158 has an invalid interface number: 45 but max is 2 [ 235.911544][ T5910] usb 4-1: config 158 has an invalid interface number: 11 but max is 2 [ 235.911555][ T5910] usb 4-1: config 158 contains an unexpected descriptor of type 0x2, skipping [ 235.911565][ T5910] usb 4-1: config 158 has no interface number 0 [ 235.911573][ T5910] usb 4-1: config 158 has no interface number 1 [ 235.911582][ T5910] usb 4-1: config 158 has no interface number 2 [ 235.911954][ T5910] usb 4-1: config 158 interface 88 altsetting 4 has an invalid descriptor for endpoint zero, skipping [ 235.911970][ T5910] usb 4-1: config 158 interface 88 altsetting 4 has a duplicate endpoint with address 0x3, skipping [ 235.911982][ T5910] usb 4-1: config 158 interface 88 altsetting 4 endpoint 0x2 has invalid maxpacket 1023, setting to 64 [ 235.911996][ T5910] usb 4-1: config 158 interface 88 altsetting 4 has a duplicate endpoint with address 0x3, skipping [ 235.912007][ T5910] usb 4-1: config 158 interface 88 altsetting 4 endpoint 0xF has invalid maxpacket 1024, setting to 64 [ 235.912030][ T5910] usb 4-1: config 158 interface 11 altsetting 2 has a duplicate endpoint with address 0x3, skipping [ 235.912697][ T5910] usb 4-1: config 158 interface 11 altsetting 2 has a duplicate endpoint with address 0xF, skipping [ 235.912711][ T5910] usb 4-1: config 158 interface 11 altsetting 2 has an invalid descriptor for endpoint zero, skipping [ 235.912722][ T5910] usb 4-1: config 158 interface 11 altsetting 2 has an endpoint descriptor with address 0xFC, changing to 0x8C [ 235.912735][ T5910] usb 4-1: config 158 interface 11 altsetting 2 endpoint 0x8C has invalid maxpacket 1024, setting to 64 [ 235.912749][ T5910] usb 4-1: config 158 interface 11 altsetting 2 has a duplicate endpoint with address 0x1, skipping [ 235.912762][ T5910] usb 4-1: config 158 interface 11 altsetting 2 has a duplicate endpoint with address 0x2, skipping [ 235.912775][ T5910] usb 4-1: config 158 interface 11 altsetting 2 endpoint 0xD has invalid maxpacket 1024, setting to 64 [ 235.912789][ T5910] usb 4-1: config 158 interface 88 has no altsetting 0 [ 235.912798][ T5910] usb 4-1: config 158 interface 45 has no altsetting 0 [ 235.913137][ T5910] usb 4-1: config 158 interface 11 has no altsetting 0 [ 235.919960][ T5910] usb 4-1: New USB device found, idVendor=0bda, idProduct=817a, bcdDevice=41.e0 [ 235.919978][ T5910] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 235.919988][ T5910] usb 4-1: Product: syz [ 235.919996][ T5910] usb 4-1: Manufacturer: syz [ 235.920003][ T5910] usb 4-1: SerialNumber: syz [ 235.988407][ T37] kauditd_printk_skb: 9 callbacks suppressed [ 235.988425][ T37] audit: type=1326 audit(1762300194.617:407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7096 comm="syz.4.368" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1fb10f6c9 code=0x7ffc0000 [ 235.991864][ T37] audit: type=1326 audit(1762300194.637:408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7096 comm="syz.4.368" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7fe1fb10f6c9 code=0x7ffc0000 [ 235.998445][ T995] usb 1-1: config 0 descriptor?? [ 236.011606][ T37] audit: type=1326 audit(1762300194.647:409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7096 comm="syz.4.368" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1fb10f6c9 code=0x7ffc0000 [ 236.088156][ T37] audit: type=1326 audit(1762300194.729:410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7096 comm="syz.4.368" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe1fb10f6c9 code=0x7ffc0000 [ 236.090833][ T37] audit: type=1326 audit(1762300194.739:411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7096 comm="syz.4.368" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1fb10f6c9 code=0x7ffc0000 [ 236.093718][ T37] audit: type=1326 audit(1762300194.739:412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7096 comm="syz.4.368" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1fb10f6c9 code=0x7ffc0000 [ 236.108415][ T37] audit: type=1326 audit(1762300194.749:413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7096 comm="syz.4.368" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7fe1fb10f6c9 code=0x7ffc0000 [ 236.112412][ T37] audit: type=1326 audit(1762300194.759:414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7096 comm="syz.4.368" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1fb10f6c9 code=0x7ffc0000 [ 236.113770][ T37] audit: type=1326 audit(1762300194.769:415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7096 comm="syz.4.368" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1fb10f6c9 code=0x7ffc0000 [ 236.126210][ T37] audit: type=1326 audit(1762300194.769:416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7096 comm="syz.4.368" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe1fb10f6c9 code=0x7ffc0000 [ 236.220354][ T995] usb 1-1: USB disconnect, device number 14 [ 236.408495][ T5910] usb 4-1: USB disconnect, device number 8 [ 236.617704][ T44] usbhid 2-1:0.0: can't add hid device: -32 [ 236.617829][ T44] usbhid 2-1:0.0: probe with driver usbhid failed with error -32 [ 238.923166][ C0] vkms_vblank_simulate: vblank timer overrun [ 239.360466][ T9] usb 2-1: USB disconnect, device number 9 [ 239.998781][ T9] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 240.148373][ T9] usb 3-1: Using ep0 maxpacket: 32 [ 240.181079][ T9] usb 3-1: config 0 has an invalid interface number: 196 but max is 0 [ 240.181107][ T9] usb 3-1: config 0 has no interface number 0 [ 240.181154][ T9] usb 3-1: config 0 interface 196 altsetting 1 bulk endpoint 0x2 has invalid maxpacket 528 [ 240.181178][ T9] usb 3-1: config 0 interface 196 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 240.181206][ T9] usb 3-1: config 0 interface 196 has no altsetting 0 [ 240.184667][ T9] usb 3-1: New USB device found, idVendor=05ac, idProduct=77c2, bcdDevice=eb.3a [ 240.184694][ T9] usb 3-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3 [ 240.184716][ T9] usb 3-1: Product: syz [ 240.184730][ T9] usb 3-1: Manufacturer: syz [ 240.184743][ T9] usb 3-1: SerialNumber: syz [ 240.255935][ T7110] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 240.314087][ T9] usb 3-1: config 0 descriptor?? [ 240.320950][ T7131] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 240.549722][ T9] ipheth 3-1:0.196: Unable to find endpoints [ 240.594504][ T9] usb 3-1: USB disconnect, device number 11 [ 243.591350][ T7188] comedi comedi0: Minor 3 could not be opened [ 244.253035][ T7197] netlink: 4 bytes leftover after parsing attributes in process `syz.4.398'. [ 244.838882][ T7209] netlink: 4 bytes leftover after parsing attributes in process `syz.3.402'. [ 244.838971][ T7209] bridge_slave_1: left allmulticast mode [ 244.838993][ T7209] bridge_slave_1: left promiscuous mode [ 244.839273][ T7209] bridge0: port 2(bridge_slave_1) entered disabled state [ 245.029218][ T7209] bridge_slave_0: left allmulticast mode [ 245.029248][ T7209] bridge_slave_0: left promiscuous mode [ 245.029506][ T7209] bridge0: port 1(bridge_slave_0) entered disabled state [ 246.089973][ T37] kauditd_printk_skb: 37 callbacks suppressed [ 246.089990][ T37] audit: type=1326 audit(1762300204.820:454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7222 comm="syz.2.405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde67f4f6c9 code=0x7ffc0000 [ 246.090035][ T37] audit: type=1326 audit(1762300204.820:455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7222 comm="syz.2.405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde67f4f6c9 code=0x7ffc0000 [ 246.090070][ T37] audit: type=1326 audit(1762300204.830:456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7222 comm="syz.2.405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fde67f4f6c9 code=0x7ffc0000 [ 246.090107][ T37] audit: type=1326 audit(1762300204.830:457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7222 comm="syz.2.405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde67f4f6c9 code=0x7ffc0000 [ 246.090143][ T37] audit: type=1326 audit(1762300204.830:458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7222 comm="syz.2.405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fde67f4f6c9 code=0x7ffc0000 [ 246.096164][ T37] audit: type=1326 audit(1762300204.840:459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7222 comm="syz.2.405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde67f4f6c9 code=0x7ffc0000 [ 246.096215][ T37] audit: type=1326 audit(1762300204.840:460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7222 comm="syz.2.405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7fde67f4f6c9 code=0x7ffc0000 [ 246.096253][ T37] audit: type=1326 audit(1762300204.840:461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7222 comm="syz.2.405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde67f4f6c9 code=0x7ffc0000 [ 246.145402][ T37] audit: type=1326 audit(1762300204.891:462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7222 comm="syz.2.405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fde67f4f6c9 code=0x7ffc0000 [ 246.145451][ T37] audit: type=1326 audit(1762300204.891:463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7222 comm="syz.2.405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde67f4f6c9 code=0x7ffc0000 [ 246.687933][ T7231] bond0: entered allmulticast mode [ 246.687958][ T7231] bond_slave_0: entered allmulticast mode [ 246.687979][ T7231] bond_slave_1: entered allmulticast mode [ 246.702294][ T7238] netlink: 12 bytes leftover after parsing attributes in process `syz.4.410'. [ 246.711602][ T7237] syzkaller0: entered promiscuous mode [ 246.711627][ T7237] syzkaller0: entered allmulticast mode [ 247.349781][ T7252] 9pnet_fd: p9_fd_create_tcp (7252): problem connecting socket to 127.0.0.1 [ 247.445602][ T7252] 9pnet_fd: p9_fd_create_tcp (7252): problem connecting socket to 127.0.0.1 [ 247.474520][ T7252] 9pnet_fd: p9_fd_create_tcp (7252): problem connecting socket to 127.0.0.1 [ 247.485839][ T7252] 9pnet_fd: p9_fd_create_tcp (7252): problem connecting socket to 127.0.0.1 [ 247.496756][ T7252] 9pnet_fd: p9_fd_create_tcp (7252): problem connecting socket to 127.0.0.1 [ 247.498542][ T7252] 9pnet_fd: p9_fd_create_tcp (7252): problem connecting socket to 127.0.0.1 [ 247.584512][ T7252] 9pnet_fd: p9_fd_create_tcp (7252): problem connecting socket to 127.0.0.1 [ 247.588542][ T7252] 9pnet_fd: p9_fd_create_tcp (7252): problem connecting socket to 127.0.0.1 [ 247.794338][ T7252] 9pnet_fd: p9_fd_create_tcp (7252): problem connecting socket to 127.0.0.1 [ 247.805881][ T7252] 9pnet_fd: p9_fd_create_tcp (7252): problem connecting socket to 127.0.0.1 [ 247.823316][ T7252] 9pnet_fd: p9_fd_create_tcp (7252): problem connecting socket to 127.0.0.1 [ 247.824435][ T7252] 9pnet_fd: p9_fd_create_tcp (7252): problem connecting socket to 127.0.0.1 [ 247.852290][ T7252] 9pnet_fd: p9_fd_create_tcp (7252): problem connecting socket to 127.0.0.1 [ 247.854574][ T7252] 9pnet_fd: p9_fd_create_tcp (7252): problem connecting socket to 127.0.0.1 [ 247.856393][ T7252] 9pnet_fd: p9_fd_create_tcp (7252): problem connecting socket to 127.0.0.1 [ 247.886795][ T7252] 9pnet_fd: p9_fd_create_tcp (7252): problem connecting socket to 127.0.0.1 [ 247.903909][ T7252] 9pnet_fd: p9_fd_create_tcp (7252): problem connecting socket to 127.0.0.1 [ 247.941968][ T7252] 9pnet_fd: p9_fd_create_tcp (7252): problem connecting socket to 127.0.0.1 [ 247.963788][ T7252] 9pnet_fd: p9_fd_create_tcp (7252): problem connecting socket to 127.0.0.1 [ 247.997094][ T7252] 9pnet_fd: p9_fd_create_tcp (7252): problem connecting socket to 127.0.0.1 [ 248.013494][ T7252] 9pnet_fd: p9_fd_create_tcp (7252): problem connecting socket to 127.0.0.1 [ 248.021867][ T7252] 9pnet_fd: p9_fd_create_tcp (7252): problem connecting socket to 127.0.0.1 [ 248.060340][ T7252] 9pnet_fd: p9_fd_create_tcp (7252): problem connecting socket to 127.0.0.1 [ 248.071749][ T7252] 9pnet_fd: p9_fd_create_tcp (7252): problem connecting socket to 127.0.0.1 [ 248.087914][ T7252] 9pnet_fd: p9_fd_create_tcp (7252): problem connecting socket to 127.0.0.1 [ 248.121263][ T7252] 9pnet_fd: p9_fd_create_tcp (7252): problem connecting socket to 127.0.0.1 [ 248.137807][ T7252] 9pnet_fd: p9_fd_create_tcp (7252): problem connecting socket to 127.0.0.1 [ 248.142621][ T7252] 9pnet_fd: p9_fd_create_tcp (7252): problem connecting socket to 127.0.0.1 [ 248.148368][ T7252] 9pnet_fd: p9_fd_create_tcp (7252): problem connecting socket to 127.0.0.1 [ 248.178047][ T7252] 9pnet_fd: p9_fd_create_tcp (7252): problem connecting socket to 127.0.0.1 [ 248.179818][ T7252] 9pnet_fd: p9_fd_create_tcp (7252): problem connecting socket to 127.0.0.1 [ 248.184245][ T7252] 9pnet_fd: p9_fd_create_tcp (7252): problem connecting socket to 127.0.0.1 [ 248.217140][ T7252] 9pnet_fd: p9_fd_create_tcp (7252): problem connecting socket to 127.0.0.1 [ 248.226042][ T7252] 9pnet_fd: p9_fd_create_tcp (7252): problem connecting socket to 127.0.0.1 [ 248.252895][ T7252] 9pnet_fd: p9_fd_create_tcp (7252): problem connecting socket to 127.0.0.1 [ 248.255148][ T7252] 9pnet_fd: p9_fd_create_tcp (7252): problem connecting socket to 127.0.0.1 [ 248.277672][ T7252] 9pnet_fd: p9_fd_create_tcp (7252): problem connecting socket to 127.0.0.1 [ 248.310775][ T7252] 9pnet_fd: p9_fd_create_tcp (7252): problem connecting socket to 127.0.0.1 [ 248.331893][ T7252] 9pnet_fd: p9_fd_create_tcp (7252): problem connecting socket to 127.0.0.1 [ 248.344332][ T7252] 9pnet_fd: p9_fd_create_tcp (7252): problem connecting socket to 127.0.0.1 [ 248.374252][ T7252] 9pnet_fd: p9_fd_create_tcp (7252): problem connecting socket to 127.0.0.1 [ 248.387150][ T7252] 9pnet_fd: p9_fd_create_tcp (7252): problem connecting socket to 127.0.0.1 [ 248.404283][ T7252] 9pnet_fd: p9_fd_create_tcp (7252): problem connecting socket to 127.0.0.1 [ 248.416570][ T7252] 9pnet_fd: p9_fd_create_tcp (7252): problem connecting socket to 127.0.0.1 [ 248.418325][ T7252] 9pnet_fd: p9_fd_create_tcp (7252): problem connecting socket to 127.0.0.1 [ 248.419786][ T7252] 9pnet_fd: p9_fd_create_tcp (7252): problem connecting socket to 127.0.0.1 [ 248.445206][ T7252] 9pnet_fd: p9_fd_create_tcp (7252): problem connecting socket to 127.0.0.1 [ 248.459659][ T7252] 9pnet_fd: p9_fd_create_tcp (7252): problem connecting socket to 127.0.0.1 [ 248.485927][ T7252] 9pnet_fd: p9_fd_create_tcp (7252): problem connecting socket to 127.0.0.1 [ 248.497116][ T7252] 9pnet_fd: p9_fd_create_tcp (7252): problem connecting socket to 127.0.0.1 [ 248.531430][ T7252] 9pnet_fd: p9_fd_create_tcp (7252): problem connecting socket to 127.0.0.1 [ 248.533026][ T7252] 9pnet_fd: p9_fd_create_tcp (7252): problem connecting socket to 127.0.0.1 [ 248.538937][ T7264] netlink: 4 bytes leftover after parsing attributes in process `syz.3.417'. [ 248.574247][ T7252] 9pnet_fd: p9_fd_create_tcp (7252): problem connecting socket to 127.0.0.1 [ 248.720666][ T7266] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 252.415094][ T7302] netlink: 12 bytes leftover after parsing attributes in process `syz.1.425'. [ 252.581731][ T7305] vhci_hcd vhci_hcd.0: pdev(3) rhport(1) sockfd(14) [ 252.581760][ T7305] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 252.654517][ T7305] vhci_hcd vhci_hcd.0: Device attached [ 252.657365][ T7301] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(11) [ 252.657389][ T7301] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 252.683595][ T7301] vhci_hcd vhci_hcd.0: Device attached [ 252.704315][ T7305] vhci_hcd vhci_hcd.0: pdev(3) rhport(2) sockfd(16) [ 252.704344][ T7305] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 252.705109][ T7305] vhci_hcd vhci_hcd.0: Device attached [ 252.736996][ T7301] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 252.761947][ T7301] vhci_hcd vhci_hcd.0: pdev(3) rhport(4) sockfd(19) [ 252.763090][ T7301] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 252.766093][ T7301] vhci_hcd vhci_hcd.0: Device attached [ 252.798968][ T7301] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(21) [ 252.798988][ T7301] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 252.799050][ T7301] vhci_hcd vhci_hcd.0: Device attached [ 252.800690][ T7301] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 252.801601][ T7301] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 252.843682][ T7301] vhci_hcd vhci_hcd.0: pdev(3) rhport(7) sockfd(27) [ 252.843700][ T7301] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 252.870358][ T7301] vhci_hcd vhci_hcd.0: Device attached [ 252.914231][ T5866] usb 39-2: new low-speed USB device number 2 using vhci_hcd [ 253.019255][ T7301] vhci_hcd vhci_hcd.0: port 0 already used [ 253.260538][ T7314] vhci_hcd: connection closed [ 253.265512][ T7307] vhci_hcd: connection reset by peer [ 253.272019][ T7312] vhci_hcd: connection closed [ 253.272302][ T7306] vhci_hcd: connection closed [ 253.272552][ T7310] vhci_hcd: connection closed [ 253.291272][ T68] vhci_hcd: stop threads [ 253.292722][ T68] vhci_hcd: release socket [ 253.300112][ T7316] vhci_hcd: connection closed [ 253.303910][ T68] vhci_hcd: disconnect device [ 253.310817][ T68] vhci_hcd: stop threads [ 253.310828][ T68] vhci_hcd: release socket [ 253.310901][ T68] vhci_hcd: disconnect device [ 253.316997][ T68] vhci_hcd: stop threads [ 253.317014][ T68] vhci_hcd: release socket [ 253.318416][ T68] vhci_hcd: disconnect device [ 253.323210][ T68] vhci_hcd: stop threads [ 253.323220][ T68] vhci_hcd: release socket [ 253.323288][ T68] vhci_hcd: disconnect device [ 253.326687][ T68] vhci_hcd: stop threads [ 253.326696][ T68] vhci_hcd: release socket [ 253.326761][ T68] vhci_hcd: disconnect device [ 253.335840][ T68] vhci_hcd: stop threads [ 253.335857][ T68] vhci_hcd: release socket [ 253.335977][ T68] vhci_hcd: disconnect device [ 253.463741][ T7328] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6) [ 253.463768][ T7328] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 253.463866][ T7328] vhci_hcd vhci_hcd.0: Device attached [ 253.683152][ T7329] vhci_hcd: connection closed [ 253.689901][ T1465] vhci_hcd: stop threads [ 253.689919][ T1465] vhci_hcd: release socket [ 253.689992][ T1465] vhci_hcd: disconnect device [ 253.701485][ T5910] vhci_hcd: vhci_device speed not set [ 254.014320][ T1324] ieee802154 phy0 wpan0: encryption failed: -22 [ 254.014411][ T1324] ieee802154 phy1 wpan1: encryption failed: -22 [ 254.410948][ T5886] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 254.417484][ T7343] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 254.602456][ C1] vkms_vblank_simulate: vblank timer overrun [ 254.687269][ T5886] usb 4-1: Using ep0 maxpacket: 8 [ 254.691536][ T5886] usb 4-1: config 0 has an invalid interface number: 55 but max is 0 [ 254.691553][ T5886] usb 4-1: config 0 has no interface number 0 [ 254.691579][ T5886] usb 4-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 254.691592][ T5886] usb 4-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 254.691605][ T5886] usb 4-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 254.691619][ T5886] usb 4-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 254.691642][ T5886] usb 4-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 254.691655][ T5886] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 254.701572][ T5886] usb 4-1: config 0 descriptor?? [ 254.988027][ T5886] ldusb 4-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 254.999068][ T5886] usb 4-1: USB disconnect, device number 9 [ 255.032829][ T5886] ldusb 4-1:0.55: LD USB Device #0 now disconnected [ 256.271443][ T7359] netlink: 20 bytes leftover after parsing attributes in process `syz.3.439'. [ 256.471085][ T10] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 257.062207][ T10] usb 3-1: config index 0 descriptor too short (expected 28277, got 36) [ 257.062226][ T10] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 257.062236][ T10] usb 3-1: config 0 has no interfaces? [ 257.062254][ T10] usb 3-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00 [ 257.062266][ T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 257.168378][ T10] usb 3-1: config 0 descriptor?? [ 257.939877][ T6895] udevd[6895]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory [ 257.987027][ T5866] vhci_hcd: vhci_device speed not set [ 258.538568][ T5886] usb 1-1: new full-speed USB device number 15 using dummy_hcd [ 258.688242][ T5886] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 258.688271][ T5886] usb 1-1: config 1 has an invalid descriptor of length 48, skipping remainder of the config [ 258.688291][ T5886] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 258.688343][ T5886] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 12336, setting to 64 [ 258.692148][ T5886] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 258.692178][ T5886] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 258.692197][ T5886] usb 1-1: Product: syz [ 258.692212][ T5886] usb 1-1: Manufacturer: syz [ 258.713562][ T5886] cdc_wdm 1-1:1.0: skipping garbage [ 258.713582][ T5886] cdc_wdm 1-1:1.0: skipping garbage [ 258.742981][ T5886] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device [ 258.743015][ T5886] cdc_wdm 1-1:1.0: Unknown control protocol [ 259.150281][ T5886] usb 1-1: USB disconnect, device number 15 [ 259.407694][ T44] usb usb40-port1: attempt power cycle [ 259.817481][ T10] usb 3-1: USB disconnect, device number 12 [ 259.977451][ T44] usb usb40-port1: unable to enumerate USB device [ 260.437657][ T7411] netlink: 8 bytes leftover after parsing attributes in process `syz.1.457'. [ 260.521937][ T7411] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 260.902608][ T37] kauditd_printk_skb: 4 callbacks suppressed [ 260.902678][ T37] audit: type=1800 audit(1762300219.542:468): pid=7413 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.0.456" name="bus" dev="overlay" ino=523 res=0 errno=0 [ 261.756236][ T37] audit: type=1326 audit(1762300220.554:469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7428 comm="syz.3.464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb91dcef6c9 code=0x7ffc0000 [ 261.756585][ T37] audit: type=1326 audit(1762300220.564:470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7428 comm="syz.3.464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb91dcef6c9 code=0x7ffc0000 [ 261.761413][ T37] audit: type=1326 audit(1762300220.564:471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7428 comm="syz.3.464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb91dcef6c9 code=0x7ffc0000 [ 261.761896][ T37] audit: type=1326 audit(1762300220.564:472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7428 comm="syz.3.464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb91dcef6c9 code=0x7ffc0000 [ 261.762174][ T37] audit: type=1326 audit(1762300220.564:473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7428 comm="syz.3.464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb91dcef6c9 code=0x7ffc0000 [ 261.790467][ T37] audit: type=1326 audit(1762300220.594:474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7428 comm="syz.3.464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fb91dcef6c9 code=0x7ffc0000 [ 261.790517][ T37] audit: type=1326 audit(1762300220.594:475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7428 comm="syz.3.464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb91dcef6c9 code=0x7ffc0000 [ 261.790563][ T37] audit: type=1326 audit(1762300220.594:476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7428 comm="syz.3.464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb91dcef6c9 code=0x7ffc0000 [ 264.667853][ T7441] syz.3.467 (7441) used greatest stack depth: 17560 bytes left [ 265.283085][ T37] audit: type=1326 audit(1762300224.102:477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7463 comm="syz.4.476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1fb10f6c9 code=0x7ffc0000 [ 271.795088][ T7487] syzkaller0: entered promiscuous mode [ 271.795106][ T7487] syzkaller0: entered allmulticast mode [ 273.025819][ T7507] netlink: 4 bytes leftover after parsing attributes in process `syz.0.490'. [ 273.557086][ T7506] workqueue: Failed to create a rescuer kthread for wq "xfs-inodegc/nullb0": -EINTR [ 282.765318][ T5810] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 282.774339][ T5810] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 282.776552][ T5810] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 282.785529][ T5810] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 282.787160][ T5810] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 284.326597][ T7540] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 284.836855][ T5810] Bluetooth: hci4: command tx timeout [ 286.918463][ T5810] Bluetooth: hci4: command tx timeout [ 288.189875][ T7549] vxcan1: entered allmulticast mode [ 288.364812][ T12] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 288.495570][ T5806] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 288.515071][ T5806] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 288.523333][ T5806] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 288.526585][ T5806] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 288.533601][ T5806] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 288.592938][ T37] kauditd_printk_skb: 1 callbacks suppressed [ 288.592956][ T37] audit: type=1326 audit(1762300247.424:479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7564 comm="syz.3.505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb91dcef6c9 code=0x7ffc0000 [ 288.593253][ T37] audit: type=1326 audit(1762300247.424:480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7564 comm="syz.3.505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb91dcef6c9 code=0x7ffc0000 [ 288.593705][ T37] audit: type=1326 audit(1762300247.424:481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7564 comm="syz.3.505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb91dcef6c9 code=0x7ffc0000 [ 288.593963][ T37] audit: type=1326 audit(1762300247.424:482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7564 comm="syz.3.505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb91dcef6c9 code=0x7ffc0000 [ 288.594554][ T37] audit: type=1326 audit(1762300247.424:483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7564 comm="syz.3.505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fb91dcef6c9 code=0x7ffc0000 [ 288.594873][ T37] audit: type=1326 audit(1762300247.424:484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7564 comm="syz.3.505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb91dcef6c9 code=0x7ffc0000 [ 288.595122][ T37] audit: type=1326 audit(1762300247.424:485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7564 comm="syz.3.505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb91dcef6c9 code=0x7ffc0000 [ 288.595500][ T37] audit: type=1326 audit(1762300247.424:486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7564 comm="syz.3.505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7fb91dcef6c9 code=0x7ffc0000 [ 288.597944][ T37] audit: type=1326 audit(1762300247.424:487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7564 comm="syz.3.505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb91dcef6c9 code=0x7ffc0000 [ 288.598324][ T37] audit: type=1326 audit(1762300247.434:488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7564 comm="syz.3.505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb91dcef6c9 code=0x7ffc0000 [ 288.629624][ T7566] netlink: 4 bytes leftover after parsing attributes in process `syz.2.506'. [ 288.868756][ T12] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 288.986145][ T5806] Bluetooth: hci4: command tx timeout [ 290.657101][ T5806] Bluetooth: hci5: command tx timeout [ 291.075156][ T5806] Bluetooth: hci4: command tx timeout [ 291.089942][ T7588] netlink: 24 bytes leftover after parsing attributes in process `syz.1.514'. [ 291.410338][ T12] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 291.457684][ T7598] program syz.3.517 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 291.922032][ T12] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 292.782954][ T5806] Bluetooth: hci5: command tx timeout [ 293.994903][ T12] bridge_slave_1: left allmulticast mode [ 293.995110][ T12] bridge_slave_1: left promiscuous mode [ 293.998290][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 294.136033][ T12] bridge_slave_0: left allmulticast mode [ 294.136063][ T12] bridge_slave_0: left promiscuous mode [ 294.136309][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 294.824153][ T5806] Bluetooth: hci5: command tx timeout [ 296.043716][ T37] kauditd_printk_skb: 21 callbacks suppressed [ 296.043736][ T37] audit: type=1326 audit(1762300254.877:510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7626 comm="syz.1.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0efa6ff6c9 code=0x7ffc0000 [ 296.044416][ T37] audit: type=1326 audit(1762300254.887:511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7626 comm="syz.1.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0efa6ff6c9 code=0x7ffc0000 [ 296.046436][ T37] audit: type=1326 audit(1762300254.887:512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7626 comm="syz.1.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f0efa6ff6c9 code=0x7ffc0000 [ 296.046877][ T37] audit: type=1326 audit(1762300254.887:513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7626 comm="syz.1.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0efa6ff6c9 code=0x7ffc0000 [ 296.047494][ T37] audit: type=1326 audit(1762300254.887:514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7626 comm="syz.1.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0efa6ff6c9 code=0x7ffc0000 [ 296.047761][ T37] audit: type=1326 audit(1762300254.887:515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7626 comm="syz.1.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f0efa6ff6c9 code=0x7ffc0000 [ 296.048012][ T37] audit: type=1326 audit(1762300254.887:516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7626 comm="syz.1.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0efa6ff6c9 code=0x7ffc0000 [ 296.048438][ T37] audit: type=1326 audit(1762300254.887:517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7626 comm="syz.1.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0efa6ff6c9 code=0x7ffc0000 [ 296.048661][ T37] audit: type=1326 audit(1762300254.887:518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7626 comm="syz.1.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0efa6ff6c9 code=0x7ffc0000 [ 296.049164][ T37] audit: type=1326 audit(1762300254.887:519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7626 comm="syz.1.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0efa6ff6c9 code=0x7ffc0000 [ 296.916198][ T5806] Bluetooth: hci5: command tx timeout [ 298.799450][ T7648] Bluetooth: MGMT ver 1.23 [ 300.683750][ C0] vkms_vblank_simulate: vblank timer overrun [ 300.833309][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 300.893119][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 300.915110][ T12] bond0 (unregistering): Released all slaves [ 301.146925][ T7664] hub 2-0:1.0: USB hub found [ 301.168895][ T7664] hub 2-0:1.0: 1 port detected [ 301.234348][ T37] kauditd_printk_skb: 6 callbacks suppressed [ 301.234364][ T37] audit: type=1326 audit(1762300260.078:526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7663 comm="syz.1.533" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0efa6ff6c9 code=0x0 [ 301.398659][ T7519] chnl_net:caif_netlink_parms(): no params data found [ 301.687320][ T7678] random: crng reseeded on system resumption [ 304.467786][ C0] vkms_vblank_simulate: vblank timer overrun [ 307.343887][ T7719] random: crng reseeded on system resumption [ 313.551502][ T7560] chnl_net:caif_netlink_parms(): no params data found [ 314.394089][ T7742] 9pnet_virtio: no channels available for device syz [ 315.388113][ T1324] ieee802154 phy0 wpan0: encryption failed: -22 [ 315.388184][ T1324] ieee802154 phy1 wpan1: encryption failed: -22 [ 322.043237][ T12] hsr_slave_0: left promiscuous mode [ 322.082158][ T12] hsr_slave_1: left promiscuous mode [ 322.083489][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 322.083627][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 322.135559][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 322.135586][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 322.586253][ T12] veth1_macvtap: left promiscuous mode [ 322.590055][ T12] veth0_macvtap: left promiscuous mode [ 322.625677][ T12] veth1_vlan: left promiscuous mode [ 322.629733][ T12] veth0_vlan: left promiscuous mode [ 325.052875][ T12] team0 (unregistering): Port device team_slave_1 removed [ 325.280821][ T12] team0 (unregistering): Port device team_slave_0 removed [ 327.695511][ T7519] bridge0: port 1(bridge_slave_0) entered blocking state [ 327.695720][ T7519] bridge0: port 1(bridge_slave_0) entered disabled state [ 327.695917][ T7519] bridge_slave_0: entered allmulticast mode [ 327.698696][ T7519] bridge_slave_0: entered promiscuous mode [ 327.837111][ T7794] netlink: 4 bytes leftover after parsing attributes in process `syz.3.564'. [ 327.890744][ T7519] bridge0: port 2(bridge_slave_1) entered blocking state [ 327.890848][ T7519] bridge0: port 2(bridge_slave_1) entered disabled state [ 327.891012][ T7519] bridge_slave_1: entered allmulticast mode [ 327.892578][ T7519] bridge_slave_1: entered promiscuous mode [ 328.095274][ T37] audit: type=1326 audit(1762300286.940:527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7797 comm="syz.3.565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb91dcef6c9 code=0x7ffc0000 [ 328.097719][ T37] audit: type=1326 audit(1762300286.940:528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7797 comm="syz.3.565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7fb91dcef6c9 code=0x7ffc0000 [ 328.097768][ T37] audit: type=1326 audit(1762300286.940:529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7797 comm="syz.3.565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb91dcef6c9 code=0x7ffc0000 [ 328.097809][ T37] audit: type=1326 audit(1762300286.940:530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7797 comm="syz.3.565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fb91dcef6c9 code=0x7ffc0000 [ 328.131406][ T37] audit: type=1326 audit(1762300286.980:531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7797 comm="syz.3.565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb91dcef6c9 code=0x7ffc0000 [ 328.131457][ T37] audit: type=1326 audit(1762300286.980:532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7797 comm="syz.3.565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb91dcef6c9 code=0x7ffc0000 [ 328.152929][ T37] audit: type=1326 audit(1762300287.000:533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7797 comm="syz.3.565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=300 compat=0 ip=0x7fb91dcef6c9 code=0x7ffc0000 [ 328.153342][ T37] audit: type=1326 audit(1762300287.000:534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7797 comm="syz.3.565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb91dcef6c9 code=0x7ffc0000 [ 328.153793][ T37] audit: type=1326 audit(1762300287.000:535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7797 comm="syz.3.565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb91dcef6c9 code=0x7ffc0000 [ 329.352836][ C1] vkms_vblank_simulate: vblank timer overrun [ 329.749128][ C1] vkms_vblank_simulate: vblank timer overrun [ 329.845134][ C1] vkms_vblank_simulate: vblank timer overrun [ 330.094363][ T7519] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 330.095225][ T7560] bridge0: port 1(bridge_slave_0) entered blocking state [ 330.095368][ T7560] bridge0: port 1(bridge_slave_0) entered disabled state [ 330.095548][ T7560] bridge_slave_0: entered allmulticast mode [ 330.097954][ T7560] bridge_slave_0: entered promiscuous mode [ 330.142104][ T7519] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 330.142483][ T7560] bridge0: port 2(bridge_slave_1) entered blocking state [ 330.142686][ T7560] bridge0: port 2(bridge_slave_1) entered disabled state [ 330.142865][ T7560] bridge_slave_1: entered allmulticast mode [ 330.145909][ T7560] bridge_slave_1: entered promiscuous mode [ 330.586153][ T7519] team0: Port device team_slave_0 added [ 330.633207][ T7560] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 330.650670][ T7519] team0: Port device team_slave_1 added [ 330.667382][ T7560] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 331.026228][ C1] vkms_vblank_simulate: vblank timer overrun [ 331.230207][ C1] vkms_vblank_simulate: vblank timer overrun [ 331.687355][ T5810] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 331.698623][ C1] vkms_vblank_simulate: vblank timer overrun [ 331.778198][ T5810] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 331.779512][ T5810] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 331.796735][ T5810] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 331.809632][ T5810] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 332.118893][ T7832] netlink: 4 bytes leftover after parsing attributes in process `syz.3.574'. [ 332.334896][ T7519] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 332.334909][ T7519] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 332.334924][ T7519] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 332.390273][ T7560] team0: Port device team_slave_0 added [ 332.393473][ T7519] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 332.393488][ T7519] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 332.393513][ T7519] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 332.433658][ T7560] team0: Port device team_slave_1 added [ 332.719472][ T7846] random: crng reseeded on system resumption [ 333.867297][ T5806] Bluetooth: hci1: command tx timeout [ 333.920240][ T7560] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 333.920257][ T7560] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 333.920285][ T7560] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 334.778705][ T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 334.814301][ T7560] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 334.814313][ T7560] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 334.814329][ T7560] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 334.819548][ T7519] hsr_slave_0: entered promiscuous mode [ 334.824281][ T7519] hsr_slave_1: entered promiscuous mode [ 334.825173][ T7519] debugfs: 'hsr0' already exists in 'hsr' [ 334.825195][ T7519] Cannot create hsr debugfs directory [ 334.867703][ C1] Unknown status report in ack skb [ 335.447907][ T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 335.592170][ T7560] hsr_slave_0: entered promiscuous mode [ 335.593047][ T7560] hsr_slave_1: entered promiscuous mode [ 335.593644][ T7560] debugfs: 'hsr0' already exists in 'hsr' [ 335.593664][ T7560] Cannot create hsr debugfs directory [ 335.874518][ T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 335.939966][ T5806] Bluetooth: hci1: command tx timeout [ 335.956711][ T7870] netlink: 4 bytes leftover after parsing attributes in process `syz.3.582'. [ 337.204256][ T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 338.019907][ T5806] Bluetooth: hci1: command tx timeout [ 339.812572][ T7822] chnl_net:caif_netlink_parms(): no params data found [ 339.857610][ T12] bridge_slave_1: left allmulticast mode [ 339.857629][ T12] bridge_slave_1: left promiscuous mode [ 339.857778][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 339.902863][ T7916] netlink: 4 bytes leftover after parsing attributes in process `syz.3.590'. [ 339.920029][ T12] bridge_slave_0: left allmulticast mode [ 339.920056][ T12] bridge_slave_0: left promiscuous mode [ 339.920218][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 340.100045][ T5806] Bluetooth: hci1: command tx timeout [ 341.490182][ T6850] wlan1: Selected IBSS BSSID 50:50:50:50:50:50 based on configured SSID [ 341.630718][ T7289] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 341.630736][ T7289] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 341.700314][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 341.700336][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 341.741522][ T12] bond0 (unregistering): left allmulticast mode [ 341.741548][ T12] bond_slave_0: left allmulticast mode [ 341.741568][ T12] bond_slave_1: left allmulticast mode [ 341.767140][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 341.800163][ T6850] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 341.800184][ T6850] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 341.825592][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 341.863373][ T12] bond0 (unregistering): Released all slaves [ 341.931570][ T68] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 341.931592][ T68] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 342.030381][ T6850] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 342.030402][ T6850] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 342.141411][ T68] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 342.141430][ T68] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 342.217550][ T7519] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 342.241964][ T58] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 342.241982][ T58] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 342.331454][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 342.331475][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 342.443860][ T1169] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 342.443882][ T1169] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 342.540018][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 342.540045][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 343.471924][ T1465] wlan1: Selected IBSS BSSID 50:50:50:50:50:50 based on configured SSID [ 343.542411][ T7519] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 343.607289][ T1465] wlan1: Selected IBSS BSSID 50:50:50:50:50:50 based on configured SSID [ 343.657682][ T5810] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 343.673582][ T5810] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 343.674691][ T5810] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 343.675748][ T5810] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 343.676708][ T5810] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 343.873978][ T68] wlan1: Selected IBSS BSSID 50:50:50:50:50:50 based on configured SSID [ 343.950339][ T68] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 343.950361][ T68] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 344.080787][ T7289] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 344.080802][ T7289] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 344.186501][ T7289] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 344.186523][ T7289] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 344.260748][ T7289] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 344.260763][ T7289] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 344.380535][ T68] ------------[ cut here ]------------ [ 344.380549][ T68] WARNING: CPU: 0 PID: 68 at net/wireless/ibss.c:37 __cfg80211_ibss_joined+0x3ca/0x440 [ 344.380576][ T68] Modules linked in: [ 344.380588][ T68] CPU: 0 UID: 0 PID: 68 Comm: kworker/u8:4 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 344.380605][ T68] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 344.380616][ T68] Workqueue: cfg80211 cfg80211_event_work [ 344.380632][ T68] RIP: 0010:__cfg80211_ibss_joined+0x3ca/0x440 [ 344.380646][ T68] Code: 00 00 00 75 69 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc e8 a2 61 9f f7 90 0f 0b 90 eb bd e8 97 61 9f f7 90 <0f> 0b 90 4c 8b 6c 24 18 eb ad e8 87 61 9f f7 90 0f 0b 90 e9 de fd [ 344.380656][ T68] RSP: 0018:ffffc9000153f8c0 EFLAGS: 00010293 [ 344.380665][ T68] RAX: ffffffff8a1f5e89 RBX: dffffc0000000000 RCX: ffff88801c355a00 [ 344.380673][ T68] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 344.380679][ T68] RBP: ffffc9000153f990 R08: ffffffff8ed62f77 R09: 1ffffffff1dac5ee [ 344.380687][ T68] R10: dffffc0000000000 R11: fffffbfff1dac5ef R12: ffff88805dcecf10 [ 344.380694][ T68] R13: 1ffff920002a7f20 R14: ffff88805dfe3e98 R15: 0000000000000006 [ 344.380702][ T68] FS: 0000000000000000(0000) GS:ffff888126df9000(0000) knlGS:0000000000000000 [ 344.380710][ T68] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 344.380717][ T68] CR2: 00007f2ccc17aa34 CR3: 000000003f45e000 CR4: 00000000003526f0 [ 344.380727][ T68] Call Trace: [ 344.380733][ T68] [ 344.380741][ T68] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 344.380756][ T68] ? __pfx___cfg80211_ibss_joined+0x10/0x10 [ 344.380767][ T68] ? rt_spin_unlock+0x150/0x200 [ 344.380781][ T68] ? rt_spin_unlock+0x161/0x200 [ 344.380793][ T68] cfg80211_process_wdev_events+0x37b/0x4e0 [ 344.380810][ T68] cfg80211_process_rdev_events+0xa1/0x110 [ 344.380822][ T68] cfg80211_event_work+0x31/0x70 [ 344.380835][ T68] ? process_scheduled_works+0x9ef/0x17b0 [ 344.380855][ T68] process_scheduled_works+0xae1/0x17b0 [ 344.380884][ T68] ? __pfx_process_scheduled_works+0x10/0x10 [ 344.380906][ T68] worker_thread+0x8a0/0xda0 [ 344.380921][ T68] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 344.380940][ T68] ? __kthread_parkme+0x7b/0x200 [ 344.380959][ T68] kthread+0x711/0x8a0 [ 344.380976][ T68] ? __pfx_worker_thread+0x10/0x10 [ 344.380989][ T68] ? __pfx_kthread+0x10/0x10 [ 344.381002][ T68] ? rt_spin_unlock+0x150/0x200 [ 344.381015][ T68] ? rt_spin_unlock+0x161/0x200 [ 344.381025][ T68] ? __pfx_kthread+0x10/0x10 [ 344.381041][ T68] ret_from_fork+0x4bc/0x870 [ 344.381055][ T68] ? __pfx_ret_from_fork+0x10/0x10 [ 344.381092][ T68] ? __switch_to_asm+0x39/0x70 [ 344.381103][ T68] ? __switch_to_asm+0x33/0x70 [ 344.381113][ T68] ? __pfx_kthread+0x10/0x10 [ 344.381128][ T68] ret_from_fork_asm+0x1a/0x30 [ 344.381149][ T68] [ 344.381154][ T68] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 344.381162][ T68] CPU: 0 UID: 0 PID: 68 Comm: kworker/u8:4 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 344.381174][ T68] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 344.381181][ T68] Workqueue: cfg80211 cfg80211_event_work [ 344.381194][ T68] Call Trace: [ 344.381198][ T68] [ 344.381202][ T68] dump_stack_lvl+0x99/0x250 [ 344.381218][ T68] ? __asan_memcpy+0x40/0x70 [ 344.381231][ T68] ? __pfx_dump_stack_lvl+0x10/0x10 [ 344.381247][ T68] ? __pfx__printk+0x10/0x10 [ 344.381267][ T68] vpanic+0x237/0x6d0 [ 344.381277][ T68] ? __pfx_vpanic+0x10/0x10 [ 344.381292][ T68] panic+0xb9/0xc0 [ 344.381302][ T68] ? __pfx_panic+0x10/0x10 [ 344.381320][ T68] __warn+0x31b/0x4b0 [ 344.381329][ T68] ? __cfg80211_ibss_joined+0x3ca/0x440 [ 344.381343][ T68] ? __cfg80211_ibss_joined+0x3ca/0x440 [ 344.381355][ T68] report_bug+0x2be/0x4f0 [ 344.381368][ T68] ? __cfg80211_ibss_joined+0x3ca/0x440 [ 344.381381][ T68] ? __cfg80211_ibss_joined+0x3ca/0x440 [ 344.381393][ T68] ? __cfg80211_ibss_joined+0x3cc/0x440 [ 344.381406][ T68] handle_bug+0x84/0x160 [ 344.381422][ T68] exc_invalid_op+0x1a/0x50 [ 344.381437][ T68] asm_exc_invalid_op+0x1a/0x20 [ 344.381447][ T68] RIP: 0010:__cfg80211_ibss_joined+0x3ca/0x440 [ 344.381460][ T68] Code: 00 00 00 75 69 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc e8 a2 61 9f f7 90 0f 0b 90 eb bd e8 97 61 9f f7 90 <0f> 0b 90 4c 8b 6c 24 18 eb ad e8 87 61 9f f7 90 0f 0b 90 e9 de fd [ 344.381469][ T68] RSP: 0018:ffffc9000153f8c0 EFLAGS: 00010293 [ 344.381486][ T68] RAX: ffffffff8a1f5e89 RBX: dffffc0000000000 RCX: ffff88801c355a00 [ 344.381494][ T68] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 344.381500][ T68] RBP: ffffc9000153f990 R08: ffffffff8ed62f77 R09: 1ffffffff1dac5ee [ 344.381508][ T68] R10: dffffc0000000000 R11: fffffbfff1dac5ef R12: ffff88805dcecf10 [ 344.381515][ T68] R13: 1ffff920002a7f20 R14: ffff88805dfe3e98 R15: 0000000000000006 [ 344.381527][ T68] ? __cfg80211_ibss_joined+0x3c9/0x440 [ 344.381546][ T68] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 344.381558][ T68] ? __pfx___cfg80211_ibss_joined+0x10/0x10 [ 344.381569][ T68] ? rt_spin_unlock+0x150/0x200 [ 344.381582][ T68] ? rt_spin_unlock+0x161/0x200 [ 344.381597][ T68] cfg80211_process_wdev_events+0x37b/0x4e0 [ 344.381613][ T68] cfg80211_process_rdev_events+0xa1/0x110 [ 344.381625][ T68] cfg80211_event_work+0x31/0x70 [ 344.381637][ T68] ? process_scheduled_works+0x9ef/0x17b0 [ 344.381650][ T68] process_scheduled_works+0xae1/0x17b0 [ 344.381677][ T68] ? __pfx_process_scheduled_works+0x10/0x10 [ 344.381699][ T68] worker_thread+0x8a0/0xda0 [ 344.381713][ T68] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 344.381731][ T68] ? __kthread_parkme+0x7b/0x200 [ 344.381750][ T68] kthread+0x711/0x8a0 [ 344.381767][ T68] ? __pfx_worker_thread+0x10/0x10 [ 344.381779][ T68] ? __pfx_kthread+0x10/0x10 [ 344.381793][ T68] ? rt_spin_unlock+0x150/0x200 [ 344.381806][ T68] ? rt_spin_unlock+0x161/0x200 [ 344.381816][ T68] ? __pfx_kthread+0x10/0x10 [ 344.381831][ T68] ret_from_fork+0x4bc/0x870 [ 344.381849][ T68] ? __pfx_ret_from_fork+0x10/0x10 [ 344.381865][ T68] ? __switch_to_asm+0x39/0x70 [ 344.381875][ T68] ? __switch_to_asm+0x33/0x70 [ 344.381884][ T68] ? __pfx_kthread+0x10/0x10 [ 344.381900][ T68] ret_from_fork_asm+0x1a/0x30 [ 344.381920][ T68] [ 344.382181][ T68] Kernel Offset: disabled