last executing test programs: 16.80111375s ago: executing program 1 (id=1383): mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) r0 = landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x3}, 0x10, 0x0) landlock_restrict_self(r0, 0x0) landlock_restrict_self(r0, 0x0) landlock_restrict_self(r0, 0x0) landlock_restrict_self(r0, 0x0) landlock_restrict_self(r0, 0x0) landlock_restrict_self(r0, 0x0) landlock_restrict_self(r0, 0x0) landlock_restrict_self(r0, 0x0) landlock_restrict_self(r0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1/file4\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000003c0)='./file1/file4/file6\x00', 0x104) mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file1/file4/file7\x00', 0x0) renameat2(0xffffffffffffff9c, &(0x7f0000000580)='./file1/file4/file6\x00', 0xffffffffffffff9c, &(0x7f00000005c0)='./file1/file4/file7/file6\x00', 0x0) 15.868693071s ago: executing program 1 (id=1375): syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_WRITE={0x17, 0x0, 0x4004, @fd_index=0x2, 0xffffffffffffffff, 0x0, 0x0, 0xc}) socket$inet6_tcp(0xa, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x4041080) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NBD_CMD_CONNECT(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f00000001c0)={0x14, r2, 0x1, 0x4}, 0x14}, 0x1, 0x0, 0x0, 0x20044885}, 0x0) io_uring_enter(0xffffffffffffffff, 0x7a98, 0x0, 0x0, 0x0, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='comm\x00') connect$pptp(r3, &(0x7f0000000000)={0x18, 0x2, {0x3, @broadcast}}, 0x1e) 13.480339307s ago: executing program 1 (id=1380): mount(0x0, 0x0, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce) sched_setscheduler(0x0, 0x1, &(0x7f00000002c0)=0x1) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8) mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0) r1 = syz_open_dev$sndmidi(&(0x7f00000002c0), 0x2, 0x141101) dup(r1) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040301, 0x0) syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_le_meta={{0x3e, 0xfffffda2}, @hci_evt_le_ext_adv_set_term={{}, {0x0, 0x0, 0xc9, 0x8}}}}, 0x9) 6.812894433s ago: executing program 3 (id=1396): socket(0x840000000002, 0x3, 0xfa) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) io_uring_setup(0x6506, &(0x7f0000001300)={0x0, 0x0, 0x1046, 0x1000000}) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0), 0xffffffffffffffff) sendmsg$IPVS_CMD_GET_INFO(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000580)={0x14, r4, 0x1}, 0x14}}, 0x0) 5.82152059s ago: executing program 3 (id=1397): syz_usb_connect$cdc_ncm(0x2, 0x6e, 0x0, 0x0) syz_io_uring_setup(0x7ee9, 0x0, &(0x7f00000003c0), &(0x7f0000000580)) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40) r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) r1 = eventfd(0xffffffff) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1) unshare(0x64000600) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) 5.802636832s ago: executing program 1 (id=1398): sched_setscheduler(0x0, 0x2, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) 5.533071032s ago: executing program 2 (id=1400): bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="050000005f000000050000000100000000000000", @ANYRES32, @ANYBLOB="00000000000000000000000000789e", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/27], 0x48) bpf$MAP_CREATE(0x0, 0x0, 0x50) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0xfffffffffffffe01, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={0x0, r2}, 0x18) fgetxattr(0xffffffffffffffff, 0x0, 0x0, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x64, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @target={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_TARGET_NAME={0x10, 0x1, 'CONNSECMARK\x00'}, @NFTA_TARGET_INFO={0x5, 0x3, "ef"}, @NFTA_TARGET_REV={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x2}}}, 0x8c}}, 0x14b6deac033214c2) 5.273223742s ago: executing program 2 (id=1401): syz_open_procfs$pagemap(0x0, &(0x7f0000000140)) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) openat$binfmt_register(0xffffff9c, &(0x7f0000000040), 0x1, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cpuacct.usage_user\x00', 0x26e1, 0x0) socket$nl_route(0x10, 0x3, 0x0) pipe(&(0x7f0000000380)) socket$inet_tcp(0x2, 0x1, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) fsopen(&(0x7f0000000280)='ceph\x00', 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) syz_usb_connect$uac1(0x3, 0xdc, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010000000000106b1d01014000010203010902ca0003010070000904000000010100000a24010800000201020d24060000030800000000000000240803960c03112d9cd2ce0c240208000103000000ff000924060506020100000924030003030005490c240206", @ANYRES8=r1, @ANYRES16=r0], 0x0) 5.105278027s ago: executing program 0 (id=1402): mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000000)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0) write$FUSE_GETXATTR(r2, &(0x7f00000004c0)={0x18}, 0x18) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f00000003c0), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r3, &(0x7f00000021c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r2, &(0x7f0000000200)={0x50, 0x0, r4, {0x7, 0x29, 0x20200, 0x1000, 0x0, 0xee50, 0x0, 0x0, 0x0, 0x0, 0x40}}, 0x50) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_fscache}]}}) r5 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0) writev(r5, &(0x7f0000000000)=[{&(0x7f00000000c0)="14", 0x1f68}], 0x2) 5.089356693s ago: executing program 1 (id=1403): r0 = socket$inet(0xa, 0x801, 0x84) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10) connect$inet(r1, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000240)=[@mss, @sack_perm, @timestamp, @mss={0x2, 0x1}, @window, @window={0x3, 0x0, 0xfffc}, @timestamp, @timestamp], 0x8) setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000040)='nv\x00', 0x3) setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000001c0), 0xc7) sendto$inet(r1, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0) recvfrom$inet(r1, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x700, 0x0, 0xfffffffffffffd25) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0xffffffff, 0x25dfdbfc, {0x0, 0x0, 0x0, r4, {0x0, 0x3}, {0xffff, 0xffff}, {0x5}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x800, 0x200000, 0x88, 0x0, 0xffffffff, 0x8003}}}}]}, 0x4c}}, 0x0) accept4(r0, 0x0, 0x0, 0x0) 4.932913666s ago: executing program 0 (id=1404): pipe2$9p(0x0, 0x0) mount$tmpfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)={[{@nr_blocks={'nr_blocks', 0x3d, [0x65, 0x25]}}]}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) shmget(0x0, 0x2000, 0x800, &(0x7f0000439000/0x2000)=nil) fadvise64(0xffffffffffffffff, 0x20002, 0xfffffffffffffac8, 0x5) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8) bpf$MAP_CREATE(0x0, 0x0, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha384-generic\x00'}, 0x58) r2 = accept4(r1, 0x0, 0x0, 0x0) sendmmsg$unix(r2, &(0x7f0000005400)=[{{0x0, 0x8, &(0x7f0000000ac0)=[{&(0x7f0000000080)="3b464c3bcd2bd7d2b1a92eca79c286a06dffdfeb623ea9e40a2c95cd702350d944237596556c9479bf1521276d845eb45d2cd8e6380fc6ce9c3451c4c197909a89cc640607df2e7a07", 0x2ff80}, {&(0x7f0000000180)="fa302c5276f60e090ecdcd2ab8152552e0ec74a69db872f09ac999fb27496391dbf3d0bc94611c29a7ddbe0b2b272911544465bb22aa", 0x36}, {&(0x7f00000002c0)="87c3752dd3dafc", 0x1ed}], 0x3}}], 0x4000000000001ee, 0x0) 4.912697113s ago: executing program 4 (id=1405): write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x6149, 0x294a, 0x8, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce) sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8) fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)=@newtaction={0x9c, 0x30, 0x48b, 0x0, 0x0, {}, [{0x88, 0x1, [@m_ctinfo={0x30, 0x2, 0x0, 0x0, {{0xb}, {0xe}, {0xfffffffffffffe07}, {0xc}, {0xc}}}, @m_nat={0x54, 0x1, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0x0, 0x1000004}, @multicast2, @remote}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x9c}, 0x1, 0x0, 0x0, 0x20008000}, 0x0) 4.835851479s ago: executing program 0 (id=1406): close(0xffffffffffffffff) sendmsg$TIPC_CMD_SHOW_NAME_TABLE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x24000001}, 0x1004) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$sock_timeval(r0, 0x1, 0x15, 0x0, 0x0) socket$inet6(0xa, 0x80000, 0xf9c8) sendmmsg$inet6(r0, 0x0, 0x0, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f00000000c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) socket$inet_dccp(0x2, 0x6, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001180)={0x0}, 0x1, 0x0, 0x0, 0x24000000}, 0x2000400c) getsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x53, &(0x7f0000000000)={@dev, @local, @broadcast}, &(0x7f0000000300)=0xc) writev(r1, &(0x7f0000000840), 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='ext4_es_lookup_extent_enter\x00', r1, 0x0, 0x10001}, 0x18) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r2) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x1c, r3, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@val={0x33}, @void}}}, 0x1c}}, 0x4000054) 4.759604142s ago: executing program 4 (id=1407): socket$pppl2tp(0x18, 0x1, 0x1) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0) r1 = creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) r2 = fanotify_init(0xf00, 0x0) fanotify_mark(r2, 0x105, 0x40009975, r1, 0x0) fallocate(r0, 0x0, 0x1000000, 0x3) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) openat$sequencer2(0xffffffffffffff9c, 0x0, 0x1, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(0xffffffffffffffff, 0xc4c85513, 0x0) 4.629327302s ago: executing program 2 (id=1408): r0 = socket$vsock_stream(0x28, 0x1, 0x0) bind$vsock_stream(r0, &(0x7f0000000940), 0x10) listen(r0, 0x0) r1 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r1, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, 0x0, 0x0) socket$tipc(0x1e, 0x5, 0x0) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0xe}, 0x0, &(0x7f0000000300)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff, 0x3f8}, 0x0, 0x0) writev(r1, &(0x7f00000002c0)=[{&(0x7f0000000080)='?', 0x20000081}], 0x1) setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT_OLD(r1, 0x28, 0x6, 0x0, 0x0) 4.357967468s ago: executing program 3 (id=1409): socket$inet6_sctp(0xa, 0x1, 0x84) io_uring_enter(0xffffffffffffffff, 0x2d3e, 0x0, 0x0, 0x0, 0x0) mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1) openat(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000680)={0x8, 0x874}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x6) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000004cc0), 0x0, 0x10) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) mount(&(0x7f0000000240), &(0x7f0000000040)='.\x00', &(0x7f0000000140)='f2fs\x00', 0x0, 0x0) mount(0x0, 0x0, &(0x7f0000000140)='f2fs\x00', 0x0, 0x0) 4.195448035s ago: executing program 1 (id=1410): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt(r0, 0x84, 0x11, &(0x7f0000000040), 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000480)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r4 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r4, 0x84, 0x10, 0x0, 0x0) 3.599732271s ago: executing program 4 (id=1411): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10) r3 = socket$inet(0x2, 0x1, 0x0) clock_gettime(0x2, 0x0) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000000380)=@raw={'raw\x00', 0x2, 0x3, 0x290, 0xb, 0x0, 0xf0, 0xf8, 0xf0, 0x1f8, 0x1f8, 0x1f8, 0x1f8, 0x1f8, 0x3, 0x0, {[{{@ip={@multicast1, @multicast1, 0x0, 0x0, 'ip6gretap0\x00', 'syzkaller1\x00', {}, {}, 0x11}, 0xb000000, 0xd8, 0xf8, 0x0, {}, [@common=@inet=@l2tp={{0x30}, {0x0, 0x0, 0x0, 0x0, 0x8}}, @common=@unspec=@quota={{0x38}}]}, @unspec=@NOTRACK={0x20}}, {{@uncond, 0x0, 0x98, 0x100, 0x0, {}, [@common=@ttl={{0x28}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2f0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) 3.598936883s ago: executing program 2 (id=1412): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) ioctl$SIOCGSTAMP(0xffffffffffffffff, 0x8906, &(0x7f0000000000)) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x2, 0x16, &(0x7f0000000180)=ANY=[@ANYBLOB="611230000000000061134c0000000000bf2000000000000016001000071b48013d120100000000001f02000000000000bc26100000000000bf67200000000000160200000fff0700670200000a000000360600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a83683d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf5fe7030586"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0xfffffffffffffeb8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) 3.598735573s ago: executing program 3 (id=1413): sched_setscheduler(0x0, 0x2, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) 3.540137571s ago: executing program 0 (id=1414): mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) bind$netlink(0xffffffffffffffff, 0x0, 0x0) socket$kcm(0x10, 0x2, 0x0) r1 = userfaultfd(0x1) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0)) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2}) ioctl$UFFDIO_COPY(r1, 0xc028aa05, &(0x7f0000000180)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00003ab000/0x2000)=nil, 0x400000, 0x2, 0x2}) 2.112227542s ago: executing program 4 (id=1415): r0 = gettid() socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ppoll(0x0, 0x0, 0x0, &(0x7f00000000c0)={[0x8001a0ffffffff]}, 0x8) ioctl$int_in(r1, 0x5452, &(0x7f0000000180)=0xffffffffffffffff) fcntl$setsig(r1, 0xa, 0x12) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYBLOB='\x00\x00\b\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00'/28], 0x50) mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x50) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) fchownat(0xffffffffffffffff, &(0x7f0000000040)='\x00', 0x0, 0x0, 0x1000) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) ppoll(&(0x7f0000000100)=[{r2}], 0x1, 0x0, &(0x7f0000000080)={[0x8001a0ffffffff]}, 0x8) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x13) 2.023929583s ago: executing program 2 (id=1416): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1) r3 = creat(&(0x7f00000000c0)='./file0\x00', 0xc9028ba210c11f48) ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000000)={'\x00', 0x8, 0x2, 0x80400, 0x2004, 0x800}) 1.963538272s ago: executing program 0 (id=1417): mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='mmap_lock_acquire_returned\x00', r0}, 0x10) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15) r3 = dup(r2) write$FUSE_BMAP(r3, &(0x7f0000000000)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r3, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0) write$FUSE_GETXATTR(r3, &(0x7f0000000480)={0x18}, 0x18) write$FUSE_INIT(r3, &(0x7f0000000600)={0x50, 0x0, 0x0, {0x7, 0x29, 0x3, 0x0, 0x4, 0x772, 0x7, 0x0, 0x0, 0x0, 0xa0, 0x200}}, 0x50) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r3}}) r4 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0xe0) mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x1, 0x12, r4, 0x75e7f000) write$FUSE_INIT(r4, &(0x7f0000000200)={0x50, 0x0, 0x0, {0x7, 0x29, 0x1282, 0x400c6001, 0x5, 0x8, 0x10, 0xc40b, 0x0, 0x0, 0x40, 0x6}}, 0x50) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) 1.837955626s ago: executing program 3 (id=1418): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)={0x64, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2=0xe0000001}, {0x8, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}]}, 0x64}}, 0x0) 1.196773372s ago: executing program 0 (id=1419): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) writev(r0, &(0x7f0000000180)=[{&(0x7f0000000540)="4647b4f310d036b398bd576db787e7b4202ee16a0af1563bf3b021ec13c349eb6c1ed386de2085218c1cc9fb2decdb2a5f89154999df0aeebf9b9c41add84afb988eeb8fee205f4c5ead67ebd46eae9f240d566809645d0b34a2bf92443c795b58407a0800000059a90e", 0x6a}], 0x1) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r1) r2 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) listen(r2, 0xfffffffc) r3 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x30, r5, 0x1, 0x0, 0x80000000, {}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x6}]}]}, 0x30}, 0x1, 0x0, 0x0, 0xaa34a4cfdf933201}, 0x10) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)={0x28, r7, 0x1, 0x0, 0x0, {0x7}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1f}]}]}, 0x28}}, 0x0) 1.19627998s ago: executing program 4 (id=1420): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) r3 = syz_io_uring_setup(0x110, &(0x7f00000003c0), &(0x7f0000000000)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0}) io_uring_enter(r3, 0x3f70, 0x0, 0x0, 0x0, 0x0) mount$afs(&(0x7f0000000540)=ANY=[@ANYBLOB='#syz1:'], &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0) 937.093329ms ago: executing program 2 (id=1421): sched_setscheduler(0x0, 0x2, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000444ff8)={0x0, 0x7}, 0x8) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000000)={0x0, 0xca}, 0x8) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) sendmmsg$inet6(r1, &(0x7f0000003c40)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000140)="03", 0x1}], 0x1}}], 0x1, 0x0) setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r1, 0x84, 0x79, &(0x7f00000000c0)={0x0, 0x100, 0x9f7b}, 0x8) 923.196909ms ago: executing program 3 (id=1422): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000003180)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x7ff, 0xf84, 0x3}, 0x1c) syz_emit_ethernet(0x36, 0x0, 0x0) r1 = gettid() bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) r2 = userfaultfd(0x80801) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000080)={0xaa, 0x100}) remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0xf0ffffff) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4}) ioctl$UFFDIO_COPY(r2, 0xc028aa03, &(0x7f0000000000)={&(0x7f0000800000/0x800000)=nil, &(0x7f0000199000/0x800000)=nil, 0x800000}) syz_io_uring_submit(r3, 0x0, 0x0) syz_io_uring_submit(r3, 0x0, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) 0s ago: executing program 4 (id=1423): socket(0x10, 0x803, 0x0) r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000180)={{{@in6=@remote, @in6=@remote, 0x0, 0x0, 0xfffc, 0x41, 0x2}, {0x5, 0x3, 0xfffffffffffffffe, 0x8, 0x400000000004, 0x0, 0x80000000000000}, {0x400, 0x3, 0x0, 0x800}, 0x8, 0x0, 0x1, 0x0, 0x2}, {{@in=@dev={0xac, 0x14, 0x14, 0xe}, 0x10000000, 0x2b}, 0x2, @in=@empty, 0xffffffff, 0x1, 0x0, 0x0, 0xfffffffe, 0x0, 0xfffffffe}}, 0xe8) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) openat$dsp(0xffffffffffffff9c, 0x0, 0x42f82, 0x0) r2 = userfaultfd(0x80001) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', 0x0}) r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001800)={0x6, 0x3, &(0x7f00000006c0)=@framed, &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r4, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000240)={r5, r4, 0x25, 0x8, @val=@iter={0x0}}, 0x20) close_range(r2, 0xffffffffffffffff, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.120' (ED25519) to the list of known hosts. [ 58.529686][ T5807] cgroup: Unknown subsys name 'net' [ 58.654563][ T5807] cgroup: Unknown subsys name 'cpuset' [ 58.662484][ T5807] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 60.022560][ T5807] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 62.152761][ T5829] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 62.166756][ T5827] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 62.175177][ T5828] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 62.183800][ T5827] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 62.191430][ T5827] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 62.200515][ T5827] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 62.207740][ T5830] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 62.207867][ T5827] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 62.216092][ T5830] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 62.222637][ T5827] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 62.229482][ T5836] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 62.237586][ T5827] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 62.244100][ T5830] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 62.251571][ T5827] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 62.258262][ T5836] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 62.264523][ T5827] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 62.271731][ T5830] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 62.279372][ T5827] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 62.285624][ T5836] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 62.298966][ T5135] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 62.301535][ T5836] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 62.313775][ T5836] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 62.323005][ T5830] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 62.330584][ T5836] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 62.339449][ T5829] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 62.671268][ T5817] chnl_net:caif_netlink_parms(): no params data found [ 62.684599][ T5831] chnl_net:caif_netlink_parms(): no params data found [ 62.743669][ T5818] chnl_net:caif_netlink_parms(): no params data found [ 62.765481][ T5834] chnl_net:caif_netlink_parms(): no params data found [ 62.836265][ T5831] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.843922][ T5831] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.851240][ T5831] bridge_slave_0: entered allmulticast mode [ 62.858312][ T5831] bridge_slave_0: entered promiscuous mode [ 62.887591][ T5831] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.894998][ T5831] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.902201][ T5831] bridge_slave_1: entered allmulticast mode [ 62.908666][ T5831] bridge_slave_1: entered promiscuous mode [ 62.918524][ T5817] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.925919][ T5817] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.933130][ T5817] bridge_slave_0: entered allmulticast mode [ 62.939668][ T5817] bridge_slave_0: entered promiscuous mode [ 62.948533][ T5817] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.955642][ T5817] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.962804][ T5817] bridge_slave_1: entered allmulticast mode [ 62.969387][ T5817] bridge_slave_1: entered promiscuous mode [ 63.000155][ T5820] chnl_net:caif_netlink_parms(): no params data found [ 63.052438][ T5817] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 63.068656][ T5831] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 63.080050][ T5831] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 63.104291][ T5817] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 63.120606][ T5834] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.128388][ T5834] bridge0: port 1(bridge_slave_0) entered disabled state [ 63.136046][ T5834] bridge_slave_0: entered allmulticast mode [ 63.142917][ T5834] bridge_slave_0: entered promiscuous mode [ 63.149856][ T5834] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.157342][ T5834] bridge0: port 2(bridge_slave_1) entered disabled state [ 63.164726][ T5834] bridge_slave_1: entered allmulticast mode [ 63.171269][ T5834] bridge_slave_1: entered promiscuous mode [ 63.189276][ T5818] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.196771][ T5818] bridge0: port 1(bridge_slave_0) entered disabled state [ 63.204052][ T5818] bridge_slave_0: entered allmulticast mode [ 63.210607][ T5818] bridge_slave_0: entered promiscuous mode [ 63.218098][ T5818] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.225647][ T5818] bridge0: port 2(bridge_slave_1) entered disabled state [ 63.233390][ T5818] bridge_slave_1: entered allmulticast mode [ 63.240304][ T5818] bridge_slave_1: entered promiscuous mode [ 63.271294][ T5831] team0: Port device team_slave_0 added [ 63.279124][ T5831] team0: Port device team_slave_1 added [ 63.295145][ T5817] team0: Port device team_slave_0 added [ 63.303124][ T5834] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 63.328054][ T5817] team0: Port device team_slave_1 added [ 63.340555][ T5834] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 63.351526][ T5818] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 63.380913][ T5817] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 63.388008][ T5817] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 63.415329][ T5817] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 63.441548][ T5818] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 63.451113][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 63.458202][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 63.484115][ T5831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 63.501664][ T5817] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 63.508653][ T5817] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 63.535311][ T5817] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 63.551746][ T5834] team0: Port device team_slave_0 added [ 63.559377][ T5834] team0: Port device team_slave_1 added [ 63.571429][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 63.578415][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 63.604536][ T5831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 63.615620][ T5820] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.622978][ T5820] bridge0: port 1(bridge_slave_0) entered disabled state [ 63.630133][ T5820] bridge_slave_0: entered allmulticast mode [ 63.636696][ T5820] bridge_slave_0: entered promiscuous mode [ 63.644134][ T5820] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.651213][ T5820] bridge0: port 2(bridge_slave_1) entered disabled state [ 63.659341][ T5820] bridge_slave_1: entered allmulticast mode [ 63.666010][ T5820] bridge_slave_1: entered promiscuous mode [ 63.718851][ T5818] team0: Port device team_slave_0 added [ 63.726373][ T5818] team0: Port device team_slave_1 added [ 63.745043][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 63.754500][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 63.780773][ T5834] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 63.792893][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 63.800027][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 63.826053][ T5834] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 63.854637][ T5817] hsr_slave_0: entered promiscuous mode [ 63.860796][ T5817] hsr_slave_1: entered promiscuous mode [ 63.868747][ T5820] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 63.879682][ T5820] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 63.906631][ T5818] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 63.913699][ T5818] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 63.942103][ T5818] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 63.963815][ T5831] hsr_slave_0: entered promiscuous mode [ 63.969830][ T5831] hsr_slave_1: entered promiscuous mode [ 63.975901][ T5831] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 63.983723][ T5831] Cannot create hsr debugfs directory [ 64.005085][ T5818] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 64.012120][ T5818] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 64.038460][ T5818] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 64.074121][ T5834] hsr_slave_0: entered promiscuous mode [ 64.080298][ T5834] hsr_slave_1: entered promiscuous mode [ 64.086331][ T5834] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 64.093928][ T5834] Cannot create hsr debugfs directory [ 64.114470][ T5820] team0: Port device team_slave_0 added [ 64.148157][ T5820] team0: Port device team_slave_1 added [ 64.180727][ T5818] hsr_slave_0: entered promiscuous mode [ 64.186920][ T5818] hsr_slave_1: entered promiscuous mode [ 64.193448][ T5818] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 64.201010][ T5818] Cannot create hsr debugfs directory [ 64.230268][ T5820] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 64.240094][ T5820] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 64.266661][ T5820] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 64.296305][ T5820] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 64.303320][ T5820] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 64.329928][ T5820] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 64.329928][ T5828] Bluetooth: hci0: command tx timeout [ 64.392508][ T5829] Bluetooth: hci3: command tx timeout [ 64.398227][ T5828] Bluetooth: hci2: command tx timeout [ 64.404119][ T5836] Bluetooth: hci1: command tx timeout [ 64.409893][ T5829] Bluetooth: hci4: command tx timeout [ 64.466485][ T5820] hsr_slave_0: entered promiscuous mode [ 64.473513][ T5820] hsr_slave_1: entered promiscuous mode [ 64.480065][ T5820] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 64.487893][ T5820] Cannot create hsr debugfs directory [ 64.576532][ T5817] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 64.599464][ T5817] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 64.615043][ T5817] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 64.638294][ T5817] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 64.681238][ T5834] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 64.708140][ T5834] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 64.717541][ T5834] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 64.727609][ T5834] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 64.764955][ T5831] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 64.776825][ T5831] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 64.805170][ T5831] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 64.827119][ T5831] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 64.840332][ T5818] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 64.849327][ T5818] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 64.859973][ T5818] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 64.869933][ T5818] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 64.926348][ T5820] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 64.938334][ T5820] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 64.962730][ T5820] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 64.971781][ T5820] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 65.026098][ T5817] 8021q: adding VLAN 0 to HW filter on device bond0 [ 65.051766][ T5834] 8021q: adding VLAN 0 to HW filter on device bond0 [ 65.094520][ T5817] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.121104][ T4995] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.128307][ T4995] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.146050][ T4995] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.153155][ T4995] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.173176][ T5834] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.205179][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0 [ 65.222448][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.229514][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.245140][ T5818] 8021q: adding VLAN 0 to HW filter on device bond0 [ 65.260456][ T5820] 8021q: adding VLAN 0 to HW filter on device bond0 [ 65.273396][ T3420] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.280451][ T3420] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.306151][ T5818] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.318556][ T5820] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.331710][ T5831] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.351622][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.358728][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.390557][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.397879][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.407365][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.414482][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.433415][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.440481][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.460406][ T3420] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.467511][ T3420] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.479435][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.486627][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.601784][ T5818] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 65.614094][ T5818] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 65.666945][ T5817] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 65.834336][ T5820] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 65.887110][ T5834] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 65.940870][ T5820] veth0_vlan: entered promiscuous mode [ 66.010059][ T5818] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 66.025632][ T5834] veth0_vlan: entered promiscuous mode [ 66.036367][ T5820] veth1_vlan: entered promiscuous mode [ 66.049047][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 66.061629][ T5834] veth1_vlan: entered promiscuous mode [ 66.110304][ T5820] veth0_macvtap: entered promiscuous mode [ 66.126678][ T5817] veth0_vlan: entered promiscuous mode [ 66.143798][ T5818] veth0_vlan: entered promiscuous mode [ 66.155522][ T5820] veth1_macvtap: entered promiscuous mode [ 66.171662][ T5834] veth0_macvtap: entered promiscuous mode [ 66.186410][ T5818] veth1_vlan: entered promiscuous mode [ 66.197071][ T5817] veth1_vlan: entered promiscuous mode [ 66.217203][ T5834] veth1_macvtap: entered promiscuous mode [ 66.231140][ T5831] veth0_vlan: entered promiscuous mode [ 66.249312][ T5818] veth0_macvtap: entered promiscuous mode [ 66.257636][ T5820] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 66.275044][ T5818] veth1_macvtap: entered promiscuous mode [ 66.283919][ T5820] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 66.305653][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.316705][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.331227][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 66.339391][ T5831] veth1_vlan: entered promiscuous mode [ 66.346268][ T5820] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.357593][ T5820] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.367215][ T5820] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.377887][ T5820] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.388973][ T5817] veth0_macvtap: entered promiscuous mode [ 66.395647][ T5829] Bluetooth: hci0: command tx timeout [ 66.419882][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.430430][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.444418][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 66.460822][ T5817] veth1_macvtap: entered promiscuous mode [ 66.472158][ T5829] Bluetooth: hci4: command tx timeout [ 66.477575][ T5828] Bluetooth: hci2: command tx timeout [ 66.477666][ T5830] Bluetooth: hci3: command tx timeout [ 66.486934][ T5834] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.488608][ T5836] Bluetooth: hci1: command tx timeout [ 66.498394][ T5834] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.511555][ T5834] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.520391][ T5834] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.531488][ T5818] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.542223][ T5818] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.553584][ T5818] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.564367][ T5818] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.575619][ T5818] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 66.596548][ T5817] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.614307][ T5817] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.625229][ T5817] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.636177][ T5817] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.646259][ T5817] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.656724][ T5817] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.667935][ T5817] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 66.679531][ T5817] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.691723][ T5817] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.701682][ T5817] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.713739][ T5817] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.724767][ T5817] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 66.748965][ T5818] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.760392][ T5818] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.770685][ T5818] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.781326][ T5818] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.792667][ T5818] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.803296][ T5818] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.814116][ T5818] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 66.834505][ T5817] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.843501][ T5817] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.852619][ T5817] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.861299][ T5817] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.884839][ T5818] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.896984][ T5818] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.906036][ T5818] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.914876][ T5818] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.937189][ T5831] veth0_macvtap: entered promiscuous mode [ 66.965842][ T54] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.971150][ T5831] veth1_macvtap: entered promiscuous mode [ 66.978254][ T54] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.010664][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.027223][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.049659][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 67.060773][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.071484][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 67.083274][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.093204][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 67.103992][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.114414][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 67.125679][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.136315][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 67.151385][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.163359][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 67.174718][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.183490][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.185451][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 67.202516][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.212425][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 67.222938][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.232830][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 67.243453][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.254581][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 67.264431][ T5831] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.273299][ T5831] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.284286][ T5831] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.293072][ T5831] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.308687][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.316929][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.384929][ T54] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.401800][ T54] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.404477][ T5820] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 67.456812][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.497009][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.519147][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.535880][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.571694][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.587370][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.637944][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.646796][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.657724][ T5907] netlink: 'syz.1.2': attribute type 10 has an invalid length. [ 67.709121][ T5907] team0: Port device netdevsim0 added [ 67.782072][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.809376][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.895504][ T5913] Zero length message leads to an empty skb [ 68.475477][ T5836] Bluetooth: hci0: command tx timeout [ 68.553081][ T5830] Bluetooth: hci4: command tx timeout [ 68.553369][ T5828] Bluetooth: hci1: command tx timeout [ 68.558501][ T5830] Bluetooth: hci3: command tx timeout [ 68.569709][ T5836] Bluetooth: hci2: command tx timeout [ 68.674473][ T5928] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 68.774509][ T5931] syz_tun: entered allmulticast mode [ 68.805350][ T5925] syz_tun: left allmulticast mode [ 69.101816][ T5943] dns_resolver: Unsupported content type (254) [ 69.804931][ T5939] netlink: 16 bytes leftover after parsing attributes in process `syz.3.11'. [ 69.912285][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 69.922538][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 70.686054][ T5836] Bluetooth: hci0: command tx timeout [ 70.706694][ T5828] Bluetooth: hci2: command tx timeout [ 70.712471][ T5829] Bluetooth: hci4: command tx timeout [ 70.717880][ T5829] Bluetooth: hci3: command tx timeout [ 70.723363][ T5830] Bluetooth: hci1: command tx timeout [ 71.204575][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.233060][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.554269][ T5962] fuse: root generation should be zero [ 72.931700][ T5982] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 74.676243][ T6010] netlink: 28 bytes leftover after parsing attributes in process `syz.2.32'. [ 75.562065][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 75.851924][ T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!! [ 76.745661][ T6028] netlink: 'syz.2.38': attribute type 30 has an invalid length. [ 77.285151][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 77.842139][ T6034] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 80.962258][ T5821] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 81.161961][ T5821] usb 1-1: Using ep0 maxpacket: 8 [ 81.176200][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 81.281819][ T5821] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 81.944352][ T96] cfg80211: failed to load regulatory.db [ 81.950596][ T5821] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 81.986264][ T5821] usb 1-1: New USB device found, idVendor=2040, idProduct=2950, bcdDevice=85.f1 [ 82.011903][ T5821] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 82.115673][ T5821] usb 1-1: Product: syz [ 82.119866][ T5821] usb 1-1: Manufacturer: syz [ 82.281816][ T5821] usb 1-1: SerialNumber: syz [ 82.379572][ T5821] usb 1-1: config 0 descriptor?? [ 83.062801][ T5821] pvrusb2: Hardware description: WinTV PVR USB2 Model 29xxx [ 83.167234][ T2343] usb 1-1: Direct firmware load for v4l-pvrusb2-29xxx-01.fw failed with error -2 [ 83.168347][ T5821] usb 1-1: USB disconnect, device number 2 [ 83.188319][ T2343] usb 1-1: Falling back to sysfs fallback for: v4l-pvrusb2-29xxx-01.fw [ 83.875321][ T6105] netlink: 12 bytes leftover after parsing attributes in process `syz.3.57'. [ 84.862676][ T0] NOHZ tick-stop error: local softirq work is pending, handler #1c0!!! [ 84.871141][ T0] NOHZ tick-stop error: local softirq work is pending, handler #1c0!!! [ 84.879668][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 84.901969][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 86.773221][ T6124] netlink: 56 bytes leftover after parsing attributes in process `syz.0.66'. [ 89.211629][ T6147] orangefs_mount: mount request failed with -4 [ 90.005372][ T30] audit: type=1326 audit(1743104291.643:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6161 comm="syz.1.79" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb1ddb8d169 code=0x0 [ 93.169573][ T30] audit: type=1800 audit(1743104294.813:3): pid=6187 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.3.85" name="/" dev="9p" ino=2 res=0 errno=0 [ 93.512199][ T6197] tipc: Started in network mode [ 93.531236][ T6197] tipc: Node identity fe80000000000000000000000000001, cluster identity 4711 [ 93.582854][ T6197] tipc: Enabled bearer , priority 10 [ 94.482770][ T6205] netlink: 256 bytes leftover after parsing attributes in process `syz.4.91'. [ 94.758754][ T5902] tipc: Node number set to 4269801488 [ 95.185078][ T6218] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 95.508133][ T6218] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 95.542040][ T5902] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 95.634746][ T6222] kernel read not supported for file /  (pid: 6222 comm: syz.4.99) [ 95.643537][ T30] audit: type=1800 audit(1743104297.293:4): pid=6222 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.4.99" name=200120 dev="mqueue" ino=8830 res=0 errno=0 [ 96.380744][ T5902] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 96.391770][ T5902] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 96.418519][ T5902] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 96.441652][ T5902] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 96.451103][ T5902] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 96.470620][ T5902] usb 3-1: config 0 descriptor?? [ 96.636173][ T5825] Bluetooth: hci2: command 0x0406 tx timeout [ 96.675367][ T6241] netlink: 4 bytes leftover after parsing attributes in process `syz.3.104'. [ 96.702653][ T6241] netlink: 4 bytes leftover after parsing attributes in process `syz.3.104'. [ 96.888653][ T6209] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 96.904957][ T6209] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 97.039755][ T5902] plantronics 0003:047F:FFFF.0001: No inputs registered, leaving [ 97.082085][ T5902] plantronics 0003:047F:FFFF.0001: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 98.155303][ T5902] usb 3-1: USB disconnect, device number 2 [ 99.722444][ T6278] ip6t_rpfilter: unknown options [ 100.562558][ T6282] gtp0: entered promiscuous mode [ 100.567691][ T6282] gtp0: entered allmulticast mode [ 102.688374][ T6313] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 105.071252][ T6342] netlink: 'syz.1.133': attribute type 21 has an invalid length. [ 105.086745][ T6342] netlink: 'syz.1.133': attribute type 6 has an invalid length. [ 105.097166][ T6342] netlink: 132 bytes leftover after parsing attributes in process `syz.1.133'. [ 105.109865][ T6342] netlink: 'syz.1.133': attribute type 21 has an invalid length. [ 105.124515][ T6342] netlink: 'syz.1.133': attribute type 6 has an invalid length. [ 105.146743][ T6342] netlink: 132 bytes leftover after parsing attributes in process `syz.1.133'. [ 106.867787][ T6375] netlink: 16 bytes leftover after parsing attributes in process `syz.4.143'. [ 108.057950][ T6388] netlink: 4 bytes leftover after parsing attributes in process `syz.1.147'. [ 111.778660][ T6432] input: syz1 as /devices/virtual/input/input6 [ 111.857474][ T6434] Dead loop on virtual device ip6_vti0, fix it urgently! [ 115.638551][ T6459] delete_channel: no stack [ 115.690055][ T6466] netlink: 'syz.1.171': attribute type 1 has an invalid length. [ 115.783879][ T6466] 8021q: adding VLAN 0 to HW filter on device bond1 [ 115.953698][ T6470] bond1: (slave ip6gretap1): making interface the new active one [ 116.049895][ T6470] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link [ 116.516624][ T6473] bond1: (slave ip6erspan0): Enslaving as an active interface with an up link [ 116.848650][ T6491] netlink: 16 bytes leftover after parsing attributes in process `syz.3.177'. [ 117.725834][ T6491] team0: entered promiscuous mode [ 117.730918][ T6491] team_slave_0: entered promiscuous mode [ 117.792172][ T6491] team_slave_1: entered promiscuous mode [ 118.236247][ T6502] Unknown options in mask 5 [ 118.265727][ T6491] 8021q: adding VLAN 0 to HW filter on device macvlan0 [ 118.397171][ T6491] team0: left promiscuous mode [ 118.422070][ T6491] team_slave_0: left promiscuous mode [ 118.442052][ T6491] team_slave_1: left promiscuous mode [ 119.854349][ T6534] netlink: 'syz.4.186': attribute type 10 has an invalid length. [ 119.862505][ T6534] netlink: 40 bytes leftover after parsing attributes in process `syz.4.186'. [ 119.984132][ T6535] batman_adv: batadv0: Adding interface: dummy0 [ 120.015053][ T6535] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 120.149030][ T6535] batman_adv: batadv0: Interface activated: dummy0 [ 120.252314][ T6534] batadv0: entered promiscuous mode [ 120.257565][ T6534] batadv0: entered allmulticast mode [ 120.270358][ T6534] bridge0: port 3(batadv0) entered blocking state [ 120.277261][ T6534] bridge0: port 3(batadv0) entered disabled state [ 120.320394][ T6534] bridge0: port 3(batadv0) entered blocking state [ 120.327072][ T6534] bridge0: port 3(batadv0) entered forwarding state [ 120.373626][ T3420] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 120.377391][ T6538] batadv0: mtu less than device minimum [ 120.383066][ T3420] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 120.390286][ T6538] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 120.409478][ T6538] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 120.421366][ T6538] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 120.433092][ T6538] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 120.444686][ T6538] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 120.456375][ T6538] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 120.468021][ T6538] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 120.479614][ T6538] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 120.482294][ C0] batman_adv: batadv0: Local translation table size (68) exceeds maximum packet size (-320); Ignoring new local tt entry: aa:aa:aa:aa:aa:0c [ 120.518606][ T6545] tipc: Started in network mode [ 120.537037][ T6545] tipc: Node identity 4, cluster identity 4711 [ 120.543336][ T6545] tipc: Node number set to 4 [ 120.640070][ T6552] netlink: 8 bytes leftover after parsing attributes in process `syz.2.191'. [ 123.909365][ T6585] bridge0: port 3(batadv0) entered disabled state [ 123.916046][ T6585] bridge0: port 2(bridge_slave_1) entered disabled state [ 123.924261][ T6585] bridge0: port 1(bridge_slave_0) entered disabled state [ 123.969635][ T6585] batman_adv: batadv0: Interface deactivated: dummy0 [ 124.059220][ T6585] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 124.077581][ T6585] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 124.207292][ T6585] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 124.227107][ T6585] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 124.248433][ T6585] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 124.259813][ T6585] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 124.302394][ T6589] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 124.352157][ T6590] netlink: 12 bytes leftover after parsing attributes in process `syz.0.203'. [ 124.580335][ T6593] netlink: 8 bytes leftover after parsing attributes in process `syz.3.204'. [ 125.151697][ T6625] cgroup: Unknown subsys name 'noxattr' [ 125.260397][ T6633] netlink: 2036 bytes leftover after parsing attributes in process `syz.0.212'. [ 125.296267][ T6633] netlink: 24 bytes leftover after parsing attributes in process `syz.0.212'. [ 127.628387][ T6660] input: syz0 as /devices/virtual/input/input7 [ 128.809892][ T5825] Bluetooth: hci0: command 0x0406 tx timeout [ 131.918115][ T30] audit: type=1326 audit(1743104786.546:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6690 comm="syz.4.232" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f09f158d169 code=0x0 [ 132.850574][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.856984][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.619612][ T6702] netlink: 'syz.3.233': attribute type 1 has an invalid length. [ 135.262508][ T6736] netlink: 4 bytes leftover after parsing attributes in process `syz.2.244'. [ 135.301042][ T6737] netlink: 'syz.1.246': attribute type 4 has an invalid length. [ 135.578931][ T6743] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 136.007028][ T6743] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 136.364965][ T6743] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 136.628957][ T6764] netlink: 4 bytes leftover after parsing attributes in process `syz.1.254'. [ 137.456644][ T6743] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 138.120630][ T6772] netlink: 48 bytes leftover after parsing attributes in process `syz.2.258'. [ 138.783794][ T6743] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 139.256648][ T6743] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 139.418863][ T6743] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 139.460162][ T6743] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 141.254680][ T30] audit: type=1326 audit(1743104795.896:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6810 comm="syz.2.271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec26d8d169 code=0x7fc00000 [ 141.412601][ T6825] capability: warning: `syz.1.274' uses deprecated v2 capabilities in a way that may be insecure [ 141.926673][ T30] audit: type=1326 audit(1743104796.566:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6810 comm="syz.2.271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fec26d8d169 code=0x7fc00000 [ 142.270635][ T30] audit: type=1326 audit(1743104796.906:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6835 comm="syz.2.279" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fec26d8d169 code=0x0 [ 142.327484][ T30] audit: type=1326 audit(1743104796.966:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6837 comm="syz.3.281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f651fb8d169 code=0x7ffc0000 [ 142.350531][ T6838] xt_hashlimit: size too large, truncated to 1048576 [ 142.365051][ T6838] xt_hashlimit: max too large, truncated to 1048576 [ 142.390931][ T30] audit: type=1326 audit(1743104796.966:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6837 comm="syz.3.281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f651fb8d169 code=0x7ffc0000 [ 142.445105][ T30] audit: type=1326 audit(1743104796.966:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6837 comm="syz.3.281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f651fb8d169 code=0x7ffc0000 [ 142.564344][ T30] audit: type=1326 audit(1743104796.966:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6837 comm="syz.3.281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f651fb8d169 code=0x7ffc0000 [ 142.587938][ T30] audit: type=1326 audit(1743104796.966:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6837 comm="syz.3.281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f651fb8d169 code=0x7ffc0000 [ 142.609897][ T30] audit: type=1326 audit(1743104796.966:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6837 comm="syz.3.281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f651fb8d169 code=0x7ffc0000 [ 142.641972][ T30] audit: type=1326 audit(1743104796.966:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6837 comm="syz.3.281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f651fb8d169 code=0x7ffc0000 [ 144.958330][ T6875] xt_hashlimit: max too large, truncated to 1048576 [ 148.599776][ T5195] udevd[5195]: worker [5819] /devices/platform/dummy_hcd.0/usb1/1-1 is taking a long time [ 148.622232][ T2343] pvrusb2: request_firmware fatal error with code=-110 [ 148.653326][ T2343] pvrusb2: Failure uploading firmware1 [ 148.685296][ T6920] netlink: 56 bytes leftover after parsing attributes in process `syz.3.303'. [ 149.131677][ T2343] pvrusb2: Device initialization was not successful. [ 149.138961][ T2343] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 149.149342][ T2343] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 150.131338][ T5872] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 150.178897][ T5821] pvrusb2: Device being rendered inoperable [ 151.051875][ T5872] usb 2-1: Using ep0 maxpacket: 8 [ 151.062712][ T5872] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xEE, changing to 0x8E [ 151.075963][ T5872] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0 [ 151.085949][ T5872] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 151.226087][ T5872] usb 2-1: string descriptor 0 read error: -71 [ 151.263246][ T5872] usb 2-1: New USB device found, idVendor=187f, idProduct=0200, bcdDevice=6b.ad [ 151.281923][ T5872] usb 2-1: New USB device strings: Mfr=55, Product=237, SerialNumber=3 [ 151.308257][ T5872] usb 2-1: config 0 descriptor?? [ 151.346585][ T5872] usb 2-1: can't set config #0, error -71 [ 151.375835][ T5872] usb 2-1: USB disconnect, device number 2 [ 151.402572][ T6937] netlink: 'syz.3.314': attribute type 1 has an invalid length. [ 151.460308][ T6937] bond1: (slave ip6gretap1): Enslaving as a backup interface with an up link [ 151.928735][ T6937] veth3: entered promiscuous mode [ 151.950403][ T6937] bond1: (slave veth3): Enslaving as a backup interface with a down link [ 153.736001][ T6954] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 155.472818][ T6969] netlink: 'syz.3.322': attribute type 2 has an invalid length. [ 155.765800][ T6981] netlink: 56 bytes leftover after parsing attributes in process `syz.4.324'. [ 159.615566][ T7061] netlink: 'syz.1.348': attribute type 10 has an invalid length. [ 159.674148][ T7061] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 160.288473][ T30] kauditd_printk_skb: 15 callbacks suppressed [ 160.288491][ T30] audit: type=1326 audit(1743104814.926:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7067 comm="syz.4.350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09f158d169 code=0x7ffc0000 [ 160.315940][ C0] vkms_vblank_simulate: vblank timer overrun [ 160.324871][ T30] audit: type=1326 audit(1743104814.926:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7067 comm="syz.4.350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09f158d169 code=0x7ffc0000 [ 160.346146][ C0] vkms_vblank_simulate: vblank timer overrun [ 160.354261][ T30] audit: type=1326 audit(1743104814.966:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7067 comm="syz.4.350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f09f158d169 code=0x7ffc0000 [ 160.380006][ T30] audit: type=1326 audit(1743104814.966:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7067 comm="syz.4.350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09f158d169 code=0x7ffc0000 [ 160.404161][ T30] audit: type=1326 audit(1743104814.966:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7067 comm="syz.4.350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09f158d169 code=0x7ffc0000 [ 160.429154][ T30] audit: type=1326 audit(1743104814.966:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7067 comm="syz.4.350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=440 compat=0 ip=0x7f09f158d169 code=0x7ffc0000 [ 160.457837][ T30] audit: type=1326 audit(1743104814.966:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7067 comm="syz.4.350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09f158d169 code=0x7ffc0000 [ 160.479140][ C0] vkms_vblank_simulate: vblank timer overrun [ 160.489888][ T30] audit: type=1326 audit(1743104814.966:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7067 comm="syz.4.350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=300 compat=0 ip=0x7f09f158d169 code=0x7ffc0000 [ 160.515033][ T30] audit: type=1326 audit(1743104814.966:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7067 comm="syz.4.350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09f158d169 code=0x7ffc0000 [ 160.541726][ T30] audit: type=1326 audit(1743104814.966:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7067 comm="syz.4.350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7f09f158d169 code=0x7ffc0000 [ 160.562941][ C0] vkms_vblank_simulate: vblank timer overrun [ 160.677516][ T7072] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 162.682010][ T5821] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 162.806662][ T7105] Driver unsupported XDP return value 0 on prog (id 72) dev N/A, expect packet loss! [ 163.306149][ T5821] usb 4-1: Using ep0 maxpacket: 16 [ 163.329228][ T5821] usb 4-1: config 0 interface 0 has no altsetting 0 [ 163.352429][ T5821] usb 4-1: New USB device found, idVendor=05ac, idProduct=0304, bcdDevice= 0.00 [ 163.361748][ T5821] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 163.406735][ T5821] usb 4-1: config 0 descriptor?? [ 164.094359][ T5821] usbhid 4-1:0.0: can't add hid device: -71 [ 164.100445][ T5821] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 164.110540][ T5821] usb 4-1: USB disconnect, device number 2 [ 169.192098][ T5871] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 169.953391][ T5871] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x5 has an invalid bInterval 0, changing to 7 [ 169.997514][ T5871] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 170.797460][ T5871] usb 2-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=7e.66 [ 170.833168][ T5871] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 170.931888][ T5871] usb 2-1: Product: syz [ 170.954267][ T5871] usb 2-1: Manufacturer: syz [ 170.969063][ T5871] usb 2-1: SerialNumber: syz [ 170.976299][ T7201] 9pnet: p9_errstr2errno: server reported unknown error 1844674407370 [ 171.011933][ T5871] usb 2-1: config 0 descriptor?? [ 171.030381][ T5871] snd-usb-audio 2-1:0.0: probe with driver snd-usb-audio failed with error -90 [ 171.139902][ T7206] overlayfs: failed to clone upperpath [ 171.296716][ T5871] hid (null): unknown global tag 0x64 [ 171.318194][ T5871] hid (null): unknown global tag 0xe [ 171.354191][ T5871] hid (null): global environment stack underflow [ 171.439704][ T5871] hid (null): unknown global tag 0xc [ 172.055171][ T5871] hid (null): bogus close delimiter [ 172.060430][ T5871] hid (null): report_id 3964 is invalid [ 172.073319][ T5871] hid-generic 0100:0002:3774.0002: unknown main item tag 0x4 [ 172.082291][ T5871] hid-generic 0100:0002:3774.0002: unexpected long global item [ 172.092679][ T5871] hid-generic 0100:0002:3774.0002: probe with driver hid-generic failed with error -22 [ 172.116286][ T5871] usb 2-1: USB disconnect, device number 3 [ 177.194266][ T30] kauditd_printk_skb: 26 callbacks suppressed [ 177.194284][ T30] audit: type=1326 audit(1743104831.836:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7286 comm="syz.3.421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f651fb8d169 code=0x7ffc0000 [ 177.707143][ T30] audit: type=1326 audit(1743104831.876:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7286 comm="syz.3.421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=64 compat=0 ip=0x7f651fb8d169 code=0x7ffc0000 [ 177.728509][ T30] audit: type=1326 audit(1743104831.876:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7286 comm="syz.3.421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f651fb8d169 code=0x7ffc0000 [ 178.031307][ T7297] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 178.070977][ T7297] batadv_slave_0: entered promiscuous mode [ 178.102231][ T48] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 178.282009][ T48] usb 4-1: Using ep0 maxpacket: 32 [ 178.293243][ T48] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 178.314755][ T48] usb 4-1: config 0 has no interfaces? [ 178.330504][ T48] usb 4-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64 [ 178.351962][ T48] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 178.393652][ T48] usb 4-1: config 0 descriptor?? [ 180.205549][ T30] audit: type=1326 audit(1743104834.846:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7294 comm="syz.3.424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f651fb8d169 code=0x7ffc0000 [ 180.280976][ T7316] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 180.301482][ T30] audit: type=1326 audit(1743104834.846:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7294 comm="syz.3.424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f651fb8d169 code=0x7ffc0000 [ 180.323609][ T7321] tipc: Can't bind to reserved service type 1 [ 180.359328][ T30] audit: type=1326 audit(1743104834.846:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7294 comm="syz.3.424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f651fb8d169 code=0x7ffc0000 [ 180.381083][ T7316] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 180.461343][ T30] audit: type=1326 audit(1743104834.846:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7294 comm="syz.3.424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f651fb8d169 code=0x7ffc0000 [ 180.485210][ T30] audit: type=1326 audit(1743104834.866:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7294 comm="syz.3.424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f651fb8d169 code=0x7ffc0000 [ 180.507830][ T30] audit: type=1326 audit(1743104834.866:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7294 comm="syz.3.424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f651fb8d169 code=0x7ffc0000 [ 180.530066][ T30] audit: type=1326 audit(1743104834.866:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7294 comm="syz.3.424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f651fb8d169 code=0x7ffc0000 [ 180.548281][ T5871] usb 4-1: USB disconnect, device number 3 [ 181.800973][ T7342] syz.0.438 uses obsolete (PF_INET,SOCK_PACKET) [ 182.950166][ T7360] netlink: 24 bytes leftover after parsing attributes in process `syz.3.444'. [ 186.033713][ T56] Bluetooth: hci1: command 0x0406 tx timeout [ 186.043307][ T5830] Bluetooth: hci4: command 0x0406 tx timeout [ 186.049337][ T5830] Bluetooth: hci2: command 0x0406 tx timeout [ 186.055994][ T56] Bluetooth: hci0: command 0x0406 tx timeout [ 186.062277][ T5135] Bluetooth: hci3: command 0x0406 tx timeout [ 188.041429][ T7446] netlink: 4 bytes leftover after parsing attributes in process `syz.1.476'. [ 188.063782][ T7446] bridge0: port 2(bridge_slave_1) entered disabled state [ 188.111226][ T7446] bridge_slave_1 (unregistering): left allmulticast mode [ 188.118416][ T7446] bridge_slave_1 (unregistering): left promiscuous mode [ 188.125892][ T7446] bridge0: port 2(bridge_slave_1) entered disabled state [ 188.532074][ T5836] Bluetooth: hci0: unexpected event for opcode 0x2024 [ 188.991648][ T7468] netlink: 44 bytes leftover after parsing attributes in process `syz.2.483'. [ 191.288039][ T7490] warning: `syz.1.490' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 192.522557][ T7515] mmap: syz.2.500 (7515) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 193.675599][ T36] wlan1: Trigger new scan to find an IBSS to join [ 193.696965][ T7505] fuse: Bad value for 'fd' [ 194.082883][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.089324][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.576518][ T7546] netlink: 544 bytes leftover after parsing attributes in process `syz.2.510'. [ 195.585568][ T7546] netlink: 100 bytes leftover after parsing attributes in process `syz.2.510'. [ 195.985053][ T5836] Bluetooth: hci2: ACL packet for unknown connection handle 201 [ 196.367261][ T7560] kvm: kvm [7559]: vcpu0, guest rIP: 0x1a3 Unhandled WRMSR(0xc2) = 0x8000 [ 197.754335][ T5952] wlan1: Trigger new scan to find an IBSS to join [ 198.271999][ T48] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 198.385460][ T7597] netlink: 'syz.3.526': attribute type 1 has an invalid length. [ 199.521914][ T48] usb 2-1: Using ep0 maxpacket: 16 [ 199.538262][ T48] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 199.548762][ T48] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 199.812901][ T48] usb 2-1: config 1 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 199.863783][ T48] usb 2-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 22 [ 199.926991][ T48] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 200.104598][ T48] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 200.116227][ T48] usb 2-1: SerialNumber: syz [ 200.124527][ T48] cdc_acm 2-1:1.0: skipping garbage [ 200.146267][ T65] wlan1: Creating new IBSS network, BSSID 00:00:00:8d:00:00 [ 201.568277][ T5871] usb 2-1: USB disconnect, device number 4 [ 201.641738][ T7627] netlink: 4 bytes leftover after parsing attributes in process `syz.3.535'. [ 201.653782][ T7627] bridge0: port 2(bridge_slave_1) entered disabled state [ 201.735638][ T7627] bridge_slave_1 (unregistering): left allmulticast mode [ 201.742959][ T7627] bridge_slave_1 (unregistering): left promiscuous mode [ 201.750095][ T7627] bridge0: port 2(bridge_slave_1) entered disabled state [ 201.923001][ T7636] netlink: 24 bytes leftover after parsing attributes in process `syz.4.538'. [ 203.964919][ T7656] netlink: 'syz.4.543': attribute type 1 has an invalid length. [ 204.010513][ T7656] 8021q: adding VLAN 0 to HW filter on device bond1 [ 204.816010][ T7656] bond1: (slave ip6gretap1): making interface the new active one [ 204.958057][ T7656] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link [ 205.077755][ T7662] bond1: (slave ip6erspan0): Enslaving as an active interface with an up link [ 206.732116][ T7688] netlink: 1276 bytes leftover after parsing attributes in process `syz.3.551'. [ 206.866700][ T7694] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 208.864642][ T7716] netlink: 64 bytes leftover after parsing attributes in process `syz.3.560'. [ 209.243475][ T7711] netlink: 'syz.2.559': attribute type 1 has an invalid length. [ 209.363552][ T7725] xt_TPROXY: Can be used only with -p tcp or -p udp [ 209.512500][ T7727] ip6t_srh: unknown srh invflags 7D00 [ 211.151385][ T30] kauditd_printk_skb: 85 callbacks suppressed [ 211.151402][ T30] audit: type=1326 audit(1743104865.776:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7732 comm="syz.3.565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f651fb8d169 code=0x7ffc0000 [ 211.187240][ T30] audit: type=1326 audit(1743104865.776:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7732 comm="syz.3.565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f651fb8d169 code=0x7ffc0000 [ 211.208998][ T30] audit: type=1326 audit(1743104865.776:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7732 comm="syz.3.565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=229 compat=0 ip=0x7f651fb8d169 code=0x7ffc0000 [ 211.243100][ T30] audit: type=1326 audit(1743104865.776:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7732 comm="syz.3.565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f651fb8d169 code=0x7ffc0000 [ 211.272233][ T30] audit: type=1326 audit(1743104865.776:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7732 comm="syz.3.565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f651fb8d169 code=0x7ffc0000 [ 211.296509][ T30] audit: type=1326 audit(1743104865.776:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7732 comm="syz.3.565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f651fb8d169 code=0x7ffc0000 [ 211.318374][ T30] audit: type=1326 audit(1743104865.776:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7732 comm="syz.3.565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f651fb8d169 code=0x7ffc0000 [ 211.340362][ T30] audit: type=1326 audit(1743104865.776:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7732 comm="syz.3.565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=311 compat=0 ip=0x7f651fb8d169 code=0x7ffc0000 [ 211.373731][ T30] audit: type=1326 audit(1743104865.776:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7732 comm="syz.3.565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f651fb8d169 code=0x7ffc0000 [ 211.398908][ T30] audit: type=1326 audit(1743104865.786:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7732 comm="syz.3.565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f651fb8d169 code=0x7ffc0000 [ 211.748570][ T7751] netlink: 24 bytes leftover after parsing attributes in process `syz.2.570'. [ 215.271620][ T7774] netlink: 8 bytes leftover after parsing attributes in process `syz.2.579'. [ 215.399248][ T7775] syzkaller1: entered promiscuous mode [ 215.406264][ T7775] syzkaller1: entered allmulticast mode [ 216.457870][ T7784] 9pnet_fd: Insufficient options for proto=fd [ 217.917327][ T7814] process 'syz.1.591' launched '/dev/fd/5' with NULL argv: empty string added [ 218.588226][ T7804] DRBG: could not allocate CTR cipher TFM handle: ctr(aes) [ 218.601489][ T7813] DRBG: could not allocate CTR cipher TFM handle: ctr(aes) [ 224.818894][ T7904] netlink: 'syz.2.614': attribute type 1 has an invalid length. [ 224.862465][ T7904] 8021q: adding VLAN 0 to HW filter on device bond1 [ 224.918973][ T7904] bond1: (slave ip6gretap1): making interface the new active one [ 224.929743][ T7904] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link [ 225.761556][ T7904] bond1: (slave ip6erspan0): Enslaving as an active interface with an up link [ 230.167796][ T6508] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 230.650009][ T7967] netlink: 4 bytes leftover after parsing attributes in process `syz.2.629'. [ 230.707493][ T7952] netlink: 'syz.0.626': attribute type 11 has an invalid length. [ 230.897442][ T7972] sctp: [Deprecated]: syz.1.631 (pid 7972) Use of struct sctp_assoc_value in delayed_ack socket option. [ 230.897442][ T7972] Use struct sctp_sack_info instead [ 231.960459][ T7979] syz.1.632: attempt to access beyond end of device [ 231.960459][ T7979] loop3: rw=0, sector=0, nr_sectors = 1 limit=0 [ 231.973475][ T7979] FAT-fs (loop3): unable to read boot sector [ 234.513926][ T30] kauditd_printk_skb: 3 callbacks suppressed [ 234.513944][ T30] audit: type=1326 audit(1743104889.156:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7997 comm="syz.4.637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09f158d169 code=0x7ffc0000 [ 234.552279][ T7988] wireguard0: entered promiscuous mode [ 234.557784][ T7988] wireguard0: entered allmulticast mode [ 234.563758][ T30] audit: type=1326 audit(1743104889.156:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7997 comm="syz.4.637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09f158d169 code=0x7ffc0000 [ 234.590143][ T30] audit: type=1326 audit(1743104889.236:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7997 comm="syz.4.637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=239 compat=0 ip=0x7f09f158d169 code=0x7ffc0000 [ 234.642333][ T30] audit: type=1326 audit(1743104889.236:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7997 comm="syz.4.637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09f158d169 code=0x7ffc0000 [ 234.653618][ T8004] netlink: 8 bytes leftover after parsing attributes in process `syz.2.641'. [ 234.664601][ T30] audit: type=1326 audit(1743104889.266:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7997 comm="syz.4.637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f09f158d169 code=0x7ffc0000 [ 234.680221][ T8004] netlink: 16 bytes leftover after parsing attributes in process `syz.2.641'. [ 234.716135][ T30] audit: type=1326 audit(1743104889.266:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7997 comm="syz.4.637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09f158d169 code=0x7ffc0000 [ 234.796942][ T30] audit: type=1326 audit(1743104889.266:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7997 comm="syz.4.637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09f158d169 code=0x7ffc0000 [ 234.819040][ T30] audit: type=1326 audit(1743104889.266:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7997 comm="syz.4.637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f09f158d169 code=0x7ffc0000 [ 234.848026][ T30] audit: type=1326 audit(1743104889.266:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7997 comm="syz.4.637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09f158d169 code=0x7ffc0000 [ 235.014125][ T30] audit: type=1326 audit(1743104889.266:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7997 comm="syz.4.637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09f158d169 code=0x7ffc0000 [ 235.338419][ T5836] Bluetooth: Frame is too long (len 16, expected len 4) [ 235.858028][ T8025] netlink: 64 bytes leftover after parsing attributes in process `syz.0.648'. [ 236.751943][ T1207] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 237.332003][ T1207] usb 4-1: Using ep0 maxpacket: 8 [ 237.401139][ T8046] xt_TCPMSS: Only works on TCP SYN packets [ 237.966985][ T1207] usb 4-1: config index 0 descriptor too short (expected 5924, got 36) [ 237.976067][ T1207] usb 4-1: config 250 has an invalid interface number: 228 but max is -1 [ 237.986720][ T1207] usb 4-1: config 250 has 1 interface, different from the descriptor's value: 0 [ 237.995879][ T1207] usb 4-1: config 250 has no interface number 0 [ 238.002196][ T1207] usb 4-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024 [ 238.031850][ T1207] usb 4-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024 [ 238.076900][ T1207] usb 4-1: config 250 interface 228 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 238.165601][ T1207] usb 4-1: config 250 interface 228 has no altsetting 0 [ 238.303573][ T1207] usb 4-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07 [ 238.322350][ T1207] usb 4-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59 [ 238.344366][ T1207] usb 4-1: Product: syz [ 238.370898][ T1207] usb 4-1: SerialNumber: syz [ 238.516373][ T8058] xt_limit: Overflow, try lower: 687865856/40 [ 239.089635][ T1207] usb 4-1: can't set config #250, error -71 [ 239.117078][ T1207] usb 4-1: USB disconnect, device number 4 [ 239.434404][ T8079] overlayfs: failed to clone upperpath [ 240.132503][ T8092] pim6reg: entered allmulticast mode [ 240.139509][ T8092] pim6reg: left allmulticast mode [ 240.345090][ T8094] netlink: 132 bytes leftover after parsing attributes in process `syz.2.671'. [ 240.950148][ T8103] geneve2: entered promiscuous mode [ 240.971166][ T8103] netlink: 156 bytes leftover after parsing attributes in process `syz.2.673'. [ 242.534654][ T8117] netlink: 8 bytes leftover after parsing attributes in process `syz.1.676'. [ 244.277681][ T8138] netlink: 'syz.1.682': attribute type 3 has an invalid length. [ 247.479142][ T8165] tipc: Enabling of bearer rejected, failed to enable media [ 247.696645][ T8169] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 247.705698][ T8169] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 247.714574][ T8169] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 247.723400][ T8169] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 247.824628][ T8169] bond0: (slave vxlan0): Enslaving as an active interface with an up link [ 253.952594][ T8209] netlink: 4 bytes leftover after parsing attributes in process `syz.4.705'. [ 254.734432][ T5836] Bluetooth: hci1: unexpected event for opcode 0x2006 [ 255.736601][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.745414][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.984390][ T8245] netlink: 8 bytes leftover after parsing attributes in process `syz.4.717'. [ 255.993274][ T8245] net_ratelimit: 13 callbacks suppressed [ 255.993284][ T8245] openvswitch: netlink: Missing key (keys=40, expected=200000) [ 256.199247][ T5836] Bluetooth: Frame is too long (len 16, expected len 4) [ 264.143180][ T6510] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 268.401907][ T5872] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 268.442795][ T5821] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 268.551986][ T5872] usb 4-1: Using ep0 maxpacket: 32 [ 268.559198][ T5872] usb 4-1: New USB device found, idVendor=13d8, idProduct=0020, bcdDevice=f7.31 [ 268.569186][ T5872] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 268.579926][ T5872] usb 4-1: config 0 descriptor?? [ 268.591020][ T5872] usb 4-1: selecting invalid altsetting 3 [ 268.596940][ T5821] usb 2-1: Using ep0 maxpacket: 8 [ 268.602024][ T5872] comedi comedi0: could not set alternate setting 3 in high speed [ 268.609821][ T5872] usbduxsigma 4-1:0.0: driver 'usbduxsigma' failed to auto-configure device. [ 268.620941][ T5821] usb 2-1: config 0 has no interfaces? [ 268.628091][ T5872] usbduxsigma 4-1:0.0: probe with driver usbduxsigma failed with error -22 [ 268.640902][ T5821] usb 2-1: New USB device found, idVendor=0979, idProduct=0270, bcdDevice=3a.17 [ 268.651018][ T5821] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 268.659163][ T5821] usb 2-1: Product: syz [ 268.663385][ T5821] usb 2-1: Manufacturer: syz [ 268.667994][ T5821] usb 2-1: SerialNumber: syz [ 268.678009][ T5821] usb 2-1: config 0 descriptor?? [ 268.796011][ T5902] usb 4-1: USB disconnect, device number 5 [ 268.888811][ T5821] usb 2-1: USB disconnect, device number 5 [ 270.562044][ T30] kauditd_printk_skb: 2 callbacks suppressed [ 270.562061][ T30] audit: type=1326 audit(1743104925.166:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8413 comm="syz.2.764" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec26d8d169 code=0x7ffc0000 [ 271.299162][ T30] audit: type=1326 audit(1743104925.166:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8413 comm="syz.2.764" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec26d8d169 code=0x7ffc0000 [ 271.320718][ T30] audit: type=1326 audit(1743104925.166:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8413 comm="syz.2.764" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fec26d8d169 code=0x7ffc0000 [ 271.435946][ T30] audit: type=1326 audit(1743104925.166:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8413 comm="syz.2.764" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec26d8d169 code=0x7ffc0000 [ 271.474919][ T30] audit: type=1326 audit(1743104925.166:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8413 comm="syz.2.764" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7fec26d8d169 code=0x7ffc0000 [ 271.541541][ T30] audit: type=1326 audit(1743104925.166:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8413 comm="syz.2.764" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec26d8d169 code=0x7ffc0000 [ 271.565292][ T30] audit: type=1326 audit(1743104925.166:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8413 comm="syz.2.764" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7fec26d8d169 code=0x7ffc0000 [ 271.586978][ T30] audit: type=1326 audit(1743104925.166:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8413 comm="syz.2.764" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec26d8d169 code=0x7ffc0000 [ 271.618294][ T8426] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 271.657252][ T30] audit: type=1326 audit(1743104925.166:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8413 comm="syz.2.764" exe="/root/syz-executor" sig=0 arch=c000003e syscall=290 compat=0 ip=0x7fec26d8d169 code=0x7ffc0000 [ 271.689588][ T30] audit: type=1326 audit(1743104925.166:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8413 comm="syz.2.764" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec26d8d169 code=0x7ffc0000 [ 271.841122][ T8439] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 271.841122][ T8439] The task syz.1.767 (8439) triggered the difference, watch for misbehavior. [ 273.809184][ T8457] netlink: 8 bytes leftover after parsing attributes in process `syz.3.778'. [ 273.831527][ T8457] netlink: 4 bytes leftover after parsing attributes in process `syz.3.778'. [ 273.859501][ T8457] netlink: 'syz.3.778': attribute type 1 has an invalid length. [ 273.877805][ T8457] netlink: 10 bytes leftover after parsing attributes in process `syz.3.778'. [ 274.073833][ T5836] block nbd0: Receive control failed (result -107) [ 275.935667][ T8475] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 276.697999][ T8492] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 278.073369][ T8510] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 278.080871][ T8510] IPv6: NLM_F_CREATE should be set when creating new route [ 278.221966][ T8484] syz.0.784 (8484) used greatest stack depth: 19792 bytes left [ 279.719167][ T8537] xt_CT: You must specify a L4 protocol and not use inversions on it [ 281.366036][ T8554] netlink: 8 bytes leftover after parsing attributes in process `syz.2.811'. [ 282.685788][ T8560] kvm: pic: single mode not supported [ 282.686019][ T8560] kvm: pic: non byte read [ 282.918006][ T8570] netlink: 20 bytes leftover after parsing attributes in process `syz.2.817'. [ 282.955913][ T8579] ref_ctr_offset mismatch. inode: 0x39a offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x6 [ 283.073700][ T8570] bridge0: port 2(bridge_slave_1) entered disabled state [ 283.082233][ T8570] bridge0: port 1(bridge_slave_0) entered disabled state [ 284.610800][ T8608] netlink: 550 bytes leftover after parsing attributes in process `syz.1.827'. [ 284.635241][ T8603] No control pipe specified [ 285.171222][ T8615] kvm: pic: non byte read [ 286.296538][ T8637] netlink: 36 bytes leftover after parsing attributes in process `syz.0.834'. [ 286.307659][ T8637] netlink: 16 bytes leftover after parsing attributes in process `syz.0.834'. [ 286.533166][ T8637] netlink: 36 bytes leftover after parsing attributes in process `syz.0.834'. [ 286.721517][ T8637] netlink: 36 bytes leftover after parsing attributes in process `syz.0.834'. [ 288.479477][ T5836] Bluetooth: hci4: unexpected event for opcode 0x0411 [ 292.901301][ T30] kauditd_printk_skb: 13 callbacks suppressed [ 292.901329][ T30] audit: type=1326 audit(1743104947.426:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8707 comm="syz.0.857" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd3cf38d169 code=0x0 [ 293.316361][ T8714] syz_tun: entered allmulticast mode [ 293.482792][ T8713] syz_tun: left allmulticast mode [ 294.797461][ T8729] xt_hashlimit: size too large, truncated to 1048576 [ 298.208133][ T3420] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 298.936624][ T8782] IPVS: Error connecting to the multicast addr [ 300.536290][ T8796] team0: Port device virt_wifi0 added [ 300.582611][ T8796] syz.2.880 (8796) used greatest stack depth: 18672 bytes left [ 302.835943][ T8815] netlink: 8 bytes leftover after parsing attributes in process `syz.4.885'. [ 306.452759][ T8875] netlink: 332 bytes leftover after parsing attributes in process `syz.2.900'. [ 306.597822][ T8883] netlink: 12 bytes leftover after parsing attributes in process `syz.3.899'. [ 306.699461][ T30] audit: type=1326 audit(1743104961.336:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8881 comm="syz.2.903" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fec26d8d169 code=0x0 [ 307.878487][ T8898] netlink: 4 bytes leftover after parsing attributes in process `syz.2.907'. [ 308.176350][ T8898] bond0: (slave bond_slave_0): Releasing backup interface [ 308.752927][ T8916] xt_l2tp: v2 doesn't support IP mode [ 308.786003][ T8918] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0 [ 309.039658][ T8923] xt_CT: You must specify a L4 protocol and not use inversions on it [ 313.139652][ T8966] netlink: 36 bytes leftover after parsing attributes in process `syz.4.928'. [ 314.364737][ T8990] Smack: duplicate mount options [ 317.346259][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.352699][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 324.396885][ T5836] Bluetooth: hci0: ACL packet for unknown connection handle 201 [ 325.811339][ T9139] mac80211_hwsim hwsim7 syzkaller0: entered promiscuous mode [ 325.841027][ T9139] mac80211_hwsim hwsim7 syzkaller0: entered allmulticast mode [ 327.160033][ T9168] netlink: 28 bytes leftover after parsing attributes in process `syz.4.990'. [ 327.325867][ T9181] netlink: 4 bytes leftover after parsing attributes in process `syz.3.989'. [ 329.496050][ T6504] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 330.052149][ T9212] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1000'. [ 330.451848][ T5872] usb 2-1: new full-speed USB device number 6 using dummy_hcd [ 330.633571][ T5872] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 330.655230][ T5872] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 330.677051][ T5872] usb 2-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8 [ 330.689593][ T5872] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 330.705551][ T5872] usb 2-1: config 0 descriptor?? [ 330.711935][ T5821] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 330.792813][ T5872] dvb-usb: found a 'Artec T1 USB2.0' in warm state. [ 330.813643][ T5872] dvb-usb: bulk message failed: -22 (3/0) [ 331.808981][ T5872] dvb-usb: will use the device's hardware PID filter (table count: 16). [ 331.822631][ T5872] dvbdev: DVB: registering new adapter (Artec T1 USB2.0) [ 331.830614][ T5872] usb 2-1: media controller created [ 331.836191][ T5821] usb 4-1: Using ep0 maxpacket: 8 [ 331.853704][ T5872] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 331.915276][ T9234] Bluetooth: MGMT ver 1.23 [ 332.149336][ T5821] usb 4-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 332.160059][ T5821] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 332.198621][ T5872] dvb-usb: bulk message failed: -22 (6/0) [ 332.206909][ T5821] usb 4-1: Product: syz [ 332.211167][ T5821] usb 4-1: Manufacturer: syz [ 332.222804][ T5872] dvb-usb: no frontend was attached by 'Artec T1 USB2.0' [ 332.239774][ T5821] usb 4-1: SerialNumber: syz [ 332.279964][ T5821] usb 4-1: config 0 descriptor?? [ 332.290576][ T5872] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb2/2-1/input/input8 [ 332.649504][ T5872] dvb-usb: schedule remote query interval to 150 msecs. [ 332.777008][ T5821] usb 4-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 332.785652][ T5872] dvb-usb: Artec T1 USB2.0 successfully initialized and connected. [ 332.806167][ T9247] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 332.815011][ T9247] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 332.823810][ T9247] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 332.832557][ T9247] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 332.844618][ T5872] usb 2-1: USB disconnect, device number 6 [ 333.437689][ T9247] bond0: (slave vxlan0): Enslaving as an active interface with an up link [ 333.458260][ T5872] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected. [ 335.660667][ T5821] dvb_usb_rtl28xxu 4-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -110 [ 335.856161][ T5872] usb 4-1: USB disconnect, device number 6 [ 337.109438][ T9319] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 341.663252][ T9357] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1043'. [ 341.689710][ T9362] ======================================================= [ 341.689710][ T9362] WARNING: The mand mount option has been deprecated and [ 341.689710][ T9362] and is ignored by this kernel. Remove the mand [ 341.689710][ T9362] option from the mount to silence this warning. [ 341.689710][ T9362] ======================================================= [ 341.795968][ T9367] overlayfs: failed to clone upperpath [ 341.882539][ T9372] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1053'. [ 343.065766][ T9403] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1059'. [ 343.652957][ T9412] 9pnet_fd: Insufficient options for proto=fd [ 344.831858][ T9428] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 344.937310][ T9427] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1071'. [ 345.068204][ T9442] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1078'. [ 345.950666][ T9447] ptrace attach of "./syz-executor exec"[5820] was attempted by "./syz-executor exec"[9447] [ 354.065073][ T9561] No control pipe specified [ 354.181860][ T5836] Bluetooth: hci1: unexpected event for opcode 0x0411 [ 355.407793][ T30] audit: type=1326 audit(1743105010.046:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9579 comm="syz.0.1107" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd3cf38d169 code=0x0 [ 355.658623][ T9587] Cannot find add_set index 0 as target [ 357.367586][ T9628] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1117'. [ 358.360608][ T9661] pimreg: entered allmulticast mode [ 360.494853][ T9719] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1137'. [ 360.507269][ T9719] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1137'. [ 360.517031][ T9719] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1137'. [ 360.579631][ T9723] netlink: 'syz.4.1138': attribute type 25 has an invalid length. [ 361.111085][ T3420] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 361.579217][ T5821] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 362.599266][ T5821] usb 2-1: Using ep0 maxpacket: 16 [ 362.762239][ T5821] usb 2-1: config 8 has an invalid interface number: 211 but max is 0 [ 362.801003][ T5821] usb 2-1: config 8 has no interface number 0 [ 362.818181][ T5821] usb 2-1: config 8 interface 211 has no altsetting 0 [ 362.838794][ T5821] usb 2-1: New USB device found, idVendor=0763, idProduct=1015, bcdDevice=81.87 [ 362.868682][ T5821] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 362.894766][ T5821] usb 2-1: Product: syz [ 362.909487][ T5821] usb 2-1: Manufacturer: syz [ 362.922094][ T5821] usb 2-1: SerialNumber: syz [ 363.225445][ T9725] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 365.609720][ T5821] usb 2-1: Quirk or no altset; falling back to MIDI 1.0 [ 366.888025][ T5821] snd-usb-audio 2-1:8.211: probe with driver snd-usb-audio failed with error -2 [ 366.922136][ T5821] usb 2-1: USB disconnect, device number 7 [ 367.092840][ T9800] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1158'. [ 367.104704][ T9800] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1158'. [ 367.114467][ T9800] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1158'. [ 367.125549][ T9795] udevd[9795]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:8.211/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 367.143195][ T9800] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1158'. [ 367.543836][ T9808] kvm: pic: single mode not supported [ 367.543984][ T9808] kvm: pic: non byte read [ 367.773653][ T30] audit: type=1800 audit(1743105022.416:213): pid=9816 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.0.1162" name="SYSV00000000" dev="tmpfs" ino=2 res=0 errno=0 [ 370.475527][ T9838] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1167'. [ 370.494854][ T9838] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1167'. [ 370.519362][ T9838] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1167'. [ 370.545648][ T9844] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1167'. [ 370.656611][ T9844] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1167'. [ 375.432922][ T5836] Bluetooth: hci3: unexpected cc 0x042f length: 1 < 7 [ 375.442434][ T5836] Bluetooth: hci3: unexpected event for opcode 0x042f [ 376.002112][ T1207] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 376.201888][ T1207] usb 4-1: Using ep0 maxpacket: 16 [ 376.220049][ T1207] usb 4-1: config 0 has no interfaces? [ 376.245574][ T1207] usb 4-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4 [ 376.630697][ T1207] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 376.649214][ T1207] usb 4-1: config 0 descriptor?? [ 376.863839][ T5821] usb 4-1: USB disconnect, device number 7 [ 378.088977][ T9910] /dev/nullb0: Can't lookup blockdev [ 378.244621][ T9929] netlink: 'syz.0.1194': attribute type 10 has an invalid length. [ 378.419331][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.431206][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.184001][ T9941] xt_CONNSECMARK: invalid mode: 0 [ 380.577474][ T9959] xt_limit: Overflow, try lower: 687865856/40 [ 381.290334][ T9969] ip6gretap0: entered promiscuous mode [ 381.396133][ T9969] macsec1: entered promiscuous mode [ 381.402444][ T9969] macsec1: entered allmulticast mode [ 381.425624][ T9969] ip6gretap0: entered allmulticast mode [ 381.950140][ T9969] ip6gretap0: left allmulticast mode [ 381.982218][ T9969] ip6gretap0: left promiscuous mode [ 383.609993][ T9989] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1213'. [ 383.625529][ T9989] ipvlan2: entered promiscuous mode [ 383.633495][ T9989] 8021q: adding VLAN 0 to HW filter on device ipvlan2 [ 383.641009][ T9989] bond0: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 385.602268][ T9987] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1212'. [ 389.766239][T10070] PKCS7: Unknown OID: [5] (bad) [ 389.771275][T10070] PKCS7: Only support pkcs7_signedData type [ 391.081937][ T30] audit: type=1107 audit(1743105044.916:214): pid=10079 uid=0 auid=4294967295 ses=4294967295 subj=_ msg='aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 391.189586][T10083] sctp: [Deprecated]: syz.2.1241 (pid 10083) Use of int in max_burst socket option deprecated. [ 391.189586][T10083] Use struct sctp_assoc_value instead [ 391.652810][T10093] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 394.418617][ T6508] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 394.457948][T10114] overlayfs: failed to clone upperpath [ 394.476338][T10113] netlink: 'syz.3.1249': attribute type 13 has an invalid length. [ 403.500293][T10211] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1278'. [ 403.792233][T10217] overlayfs: failed to clone upperpath [ 405.602416][T10250] SET target dimension over the limit! [ 406.013711][T10252] pim6reg: entered allmulticast mode [ 406.021099][T10252] pim6reg: left allmulticast mode [ 407.550658][T10270] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 407.566519][T10270] batadv_slave_0: entered promiscuous mode [ 407.645792][T10273] netlink: zone id is out of range [ 407.655069][T10273] netlink: zone id is out of range [ 407.693050][T10273] netlink: zone id is out of range [ 407.710202][T10273] netlink: zone id is out of range [ 407.717615][T10273] netlink: zone id is out of range [ 407.724373][T10273] netlink: zone id is out of range [ 407.734645][T10273] netlink: zone id is out of range [ 407.753778][T10273] netlink: zone id is out of range [ 407.780212][T10273] netlink: zone id is out of range [ 407.785692][T10273] netlink: zone id is out of range [ 410.197473][T10305] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1309'. [ 411.326784][T10334] netlink: 'syz.4.1316': attribute type 1 has an invalid length. [ 411.538533][T10334] 8021q: adding VLAN 0 to HW filter on device bond2 [ 411.631394][T10339] veth5: entered promiscuous mode [ 411.646165][T10339] bond2: (slave veth5): Enslaving as an active interface with a down link [ 411.693255][T10340] bond2: (slave vlan2): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened) [ 411.774553][T10348] overlayfs: overlapping lowerdir path [ 412.145508][T10359] netlink: 76 bytes leftover after parsing attributes in process `syz.2.1323'. [ 412.230385][T10363] xt_CONNSECMARK: invalid mode: 0 [ 414.117405][T10392] netlink: 168864 bytes leftover after parsing attributes in process `syz.4.1334'. [ 414.137714][T10392] net_ratelimit: 49 callbacks suppressed [ 414.137731][T10392] openvswitch: netlink: Message has 44053 unknown bytes. [ 414.801823][ T5902] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 415.759219][ T5902] usb 2-1: Using ep0 maxpacket: 16 [ 415.945261][ T5902] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 416.162053][ T5902] usb 2-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00 [ 417.261756][ T5902] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 417.280915][ T5902] usb 2-1: config 0 descriptor?? [ 417.287645][ T5902] usb 2-1: can't set config #0, error -71 [ 417.324129][ T5902] usb 2-1: USB disconnect, device number 8 [ 418.240560][T10421] new mount options do not match the existing superblock, will be ignored [ 419.582096][T10439] netlink: 'syz.0.1345': attribute type 1 has an invalid length. [ 419.891064][T10442] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1347'. [ 419.919583][T10443] overlayfs: failed to resolve './file0': -2 [ 420.131498][T10447] netlink: 'syz.2.1349': attribute type 1 has an invalid length. [ 420.172827][T10442] bond0: (slave bond_slave_0): Releasing backup interface [ 423.046931][T10469] netlink: 52 bytes leftover after parsing attributes in process `syz.3.1354'. [ 423.430997][T10470] trusted_key: syz.2.1356 sent an empty control message without MSG_MORE. [ 426.998266][ T5952] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 427.946168][T10506] ptrace attach of "./syz-executor exec"[5831] was attempted by "./syz-executor exec"[10506] [ 429.075831][T10516] netlink: 'syz.0.1370': attribute type 2 has an invalid length. [ 429.406684][T10523] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1372'. [ 431.275702][T10541] nbd: must specify at least one socket [ 433.732487][ T30] audit: type=1326 audit(1743105088.316:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10550 comm="syz.4.1382" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f09f158d169 code=0x0 [ 434.799381][ T30] audit: type=1326 audit(1743105089.426:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10563 comm="syz.0.1377" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd3cf38d169 code=0x0 [ 439.201019][T10601] dvmrp0: entered allmulticast mode [ 440.312143][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.318591][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.745056][T10623] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'syz0' [ 441.359463][T10638] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1405'. [ 441.369223][T10638] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1405'. [ 441.378215][T10638] netlink: 10 bytes leftover after parsing attributes in process `syz.4.1405'. [ 441.449643][T10640] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1406'. [ 441.471466][T10640] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 441.499690][T10640] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 442.096785][T10652] F2FS-fs (loop7): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 442.105008][T10652] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock [ 442.115368][T10652] F2FS-fs (loop7): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 442.123382][T10652] F2FS-fs (loop7): Can't find valid F2FS filesystem in 2th superblock [ 443.502139][T10665] xt_CT: You must specify a L4 protocol and not use inversions on it [ 446.315846][T10701] ------------[ cut here ]------------ [ 446.321412][T10701] WARNING: CPU: 1 PID: 10701 at ./include/net/netdev_lock.h:54 dev_xdp_install+0x5e6/0x760 [ 446.331816][T10701] Modules linked in: [ 446.335962][T10701] CPU: 1 UID: 0 PID: 10701 Comm: syz.4.1423 Not tainted 6.14.0-syzkaller-05877-g1a9239bb4253 #0 PREEMPT(full) [ 446.347828][T10701] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 446.357901][T10701] RIP: 0010:dev_xdp_install+0x5e6/0x760 [ 446.363558][T10701] Code: 06 48 3b 84 24 a0 00 00 00 0f 85 8e 01 00 00 89 d8 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc e8 9b c0 ea f7 90 <0f> 0b 90 e9 2d fc ff ff e8 8d c0 ea f7 c6 05 3f 86 4d 06 01 90 48 [ 446.383270][T10701] RSP: 0018:ffffc9000c957980 EFLAGS: 00010283 [ 446.389420][T10701] RAX: ffffffff89d8a5c5 RBX: 0000000000000000 RCX: 0000000000080000 [ 446.397477][T10701] RDX: ffffc9000cfaa000 RSI: 0000000000000107 RDI: 0000000000000108 [ 446.405469][T10701] RBP: ffffc9000c957a80 R08: ffffffff89d8a1a9 R09: 0000000000000000 [ 446.413475][T10701] R10: ffffc9000c9579e0 R11: fffff5200192af40 R12: ffffc9001a5f7000 [ 446.421447][T10701] R13: 1ffff9200192af38 R14: dffffc0000000000 R15: ffff888011e34000 [ 446.429444][T10701] FS: 00007f09f23ae6c0(0000) GS:ffff888125343000(0000) knlGS:0000000000000000 [ 446.438608][T10701] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 446.445242][T10701] CR2: 0000000000000000 CR3: 00000000344fc000 CR4: 00000000003526f0 [ 446.453274][T10701] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 446.461275][T10701] DR3: 000000000000000e DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 446.469280][T10701] Call Trace: [ 446.472587][T10701] [ 446.475519][T10701] ? __warn+0x165/0x4d0 [ 446.479690][T10701] ? dev_xdp_install+0x5e6/0x760 [ 446.484667][T10701] ? report_bug+0x2b3/0x500 [ 446.489188][T10701] ? dev_xdp_install+0x5e6/0x760 [ 446.494144][T10701] ? dev_xdp_install+0x5e6/0x760 [ 446.499081][T10701] ? dev_xdp_install+0x5e8/0x760 [ 446.504088][T10701] ? handle_bug+0x89/0x170 [ 446.508511][T10701] ? exc_invalid_op+0x1a/0x50 [ 446.513217][T10701] ? asm_exc_invalid_op+0x1a/0x20 [ 446.518266][T10701] ? dev_xdp_install+0x1c9/0x760 [ 446.523249][T10701] ? dev_xdp_install+0x5e5/0x760 [ 446.528223][T10701] ? dev_xdp_install+0x5e6/0x760 [ 446.533222][T10701] ? __pfx_nsim_bpf+0x10/0x10 [ 446.537908][T10701] ? __pfx_dev_xdp_install+0x10/0x10 [ 446.543383][T10701] ? bpf_offload_dev_match+0x37/0x50 [ 446.548687][T10701] ? __pfx_nsim_bpf+0x10/0x10 [ 446.553434][T10701] dev_xdp_attach+0xc5d/0xfe0 [ 446.558123][T10701] bpf_xdp_link_attach+0x3a2/0x760 [ 446.563296][T10701] ? __pfx_bpf_xdp_link_attach+0x10/0x10 [ 446.568943][T10701] ? __fget_files+0x39d/0x420 [ 446.573643][T10701] ? __fget_files+0x2a/0x420 [ 446.578292][T10701] ? attach_type_to_prog_type+0x316/0x460 [ 446.584067][T10701] ? bpf_prog_attach_check_attach_type+0x2cb/0x4f0 [ 446.590585][T10701] link_create+0x440/0x870 [ 446.595042][T10701] __sys_bpf+0x559/0x850 [ 446.599287][T10701] ? __pfx___sys_bpf+0x10/0x10 [ 446.604099][T10701] __x64_sys_bpf+0x7c/0x90 [ 446.608522][T10701] do_syscall_64+0xf3/0x230 [ 446.613045][T10701] ? clear_bhb_loop+0x45/0xa0 [ 446.617729][T10701] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 446.623702][T10701] RIP: 0033:0x7f09f158d169 [ 446.628132][T10701] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 446.648001][T10701] RSP: 002b:00007f09f23ae038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 446.656529][T10701] RAX: ffffffffffffffda RBX: 00007f09f17a5fa0 RCX: 00007f09f158d169 [ 446.664544][T10701] RDX: 0000000000000020 RSI: 0000200000000240 RDI: 000000000000001c [ 446.672537][T10701] RBP: 00007f09f160e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 446.680514][T10701] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 446.688519][T10701] R13: 0000000000000000 R14: 00007f09f17a5fa0 R15: 00007fff5bab4578 [ 446.696525][T10701] [ 446.699556][T10701] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 446.706834][T10701] CPU: 1 UID: 0 PID: 10701 Comm: syz.4.1423 Not tainted 6.14.0-syzkaller-05877-g1a9239bb4253 #0 PREEMPT(full) [ 446.718539][T10701] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 446.728621][T10701] Call Trace: [ 446.731895][T10701] [ 446.734848][T10701] dump_stack_lvl+0x241/0x360 [ 446.739525][T10701] ? __pfx_dump_stack_lvl+0x10/0x10 [ 446.744745][T10701] ? __pfx__printk+0x10/0x10 [ 446.749362][T10701] ? vscnprintf+0x5d/0x90 [ 446.753704][T10701] panic+0x349/0x880 [ 446.757592][T10701] ? __warn+0x174/0x4d0 [ 446.761758][T10701] ? __pfx_panic+0x10/0x10 [ 446.766232][T10701] __warn+0x344/0x4d0 [ 446.770219][T10701] ? dev_xdp_install+0x5e6/0x760 [ 446.775156][T10701] report_bug+0x2b3/0x500 [ 446.779482][T10701] ? dev_xdp_install+0x5e6/0x760 [ 446.784422][T10701] ? dev_xdp_install+0x5e6/0x760 [ 446.789447][T10701] ? dev_xdp_install+0x5e8/0x760 [ 446.794379][T10701] handle_bug+0x89/0x170 [ 446.798634][T10701] exc_invalid_op+0x1a/0x50 [ 446.803133][T10701] asm_exc_invalid_op+0x1a/0x20 [ 446.807990][T10701] RIP: 0010:dev_xdp_install+0x5e6/0x760 [ 446.813561][T10701] Code: 06 48 3b 84 24 a0 00 00 00 0f 85 8e 01 00 00 89 d8 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc e8 9b c0 ea f7 90 <0f> 0b 90 e9 2d fc ff ff e8 8d c0 ea f7 c6 05 3f 86 4d 06 01 90 48 [ 446.833231][T10701] RSP: 0018:ffffc9000c957980 EFLAGS: 00010283 [ 446.839296][T10701] RAX: ffffffff89d8a5c5 RBX: 0000000000000000 RCX: 0000000000080000 [ 446.847275][T10701] RDX: ffffc9000cfaa000 RSI: 0000000000000107 RDI: 0000000000000108 [ 446.855260][T10701] RBP: ffffc9000c957a80 R08: ffffffff89d8a1a9 R09: 0000000000000000 [ 446.863231][T10701] R10: ffffc9000c9579e0 R11: fffff5200192af40 R12: ffffc9001a5f7000 [ 446.871224][T10701] R13: 1ffff9200192af38 R14: dffffc0000000000 R15: ffff888011e34000 [ 446.879215][T10701] ? dev_xdp_install+0x1c9/0x760 [ 446.884157][T10701] ? dev_xdp_install+0x5e5/0x760 [ 446.889145][T10701] ? __pfx_nsim_bpf+0x10/0x10 [ 446.893831][T10701] ? __pfx_dev_xdp_install+0x10/0x10 [ 446.899130][T10701] ? bpf_offload_dev_match+0x37/0x50 [ 446.904425][T10701] ? __pfx_nsim_bpf+0x10/0x10 [ 446.909128][T10701] dev_xdp_attach+0xc5d/0xfe0 [ 446.913818][T10701] bpf_xdp_link_attach+0x3a2/0x760 [ 446.918930][T10701] ? __pfx_bpf_xdp_link_attach+0x10/0x10 [ 446.924577][T10701] ? __fget_files+0x39d/0x420 [ 446.929260][T10701] ? __fget_files+0x2a/0x420 [ 446.933846][T10701] ? attach_type_to_prog_type+0x316/0x460 [ 446.939590][T10701] ? bpf_prog_attach_check_attach_type+0x2cb/0x4f0 [ 446.946111][T10701] link_create+0x440/0x870 [ 446.950563][T10701] __sys_bpf+0x559/0x850 [ 446.954823][T10701] ? __pfx___sys_bpf+0x10/0x10 [ 446.959599][T10701] __x64_sys_bpf+0x7c/0x90 [ 446.964017][T10701] do_syscall_64+0xf3/0x230 [ 446.968525][T10701] ? clear_bhb_loop+0x45/0xa0 [ 446.973202][T10701] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 446.979088][T10701] RIP: 0033:0x7f09f158d169 [ 446.983507][T10701] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 447.003129][T10701] RSP: 002b:00007f09f23ae038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 447.011552][T10701] RAX: ffffffffffffffda RBX: 00007f09f17a5fa0 RCX: 00007f09f158d169 [ 447.019519][T10701] RDX: 0000000000000020 RSI: 0000200000000240 RDI: 000000000000001c [ 447.027487][T10701] RBP: 00007f09f160e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 447.035466][T10701] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 447.043557][T10701] R13: 0000000000000000 R14: 00007f09f17a5fa0 R15: 00007fff5bab4578 [ 447.051637][T10701] [ 447.055025][T10701] Kernel Offset: disabled [ 447.059373][T10701] Rebooting in 86400 seconds..