last executing test programs: 12.461067804s ago: executing program 0 (id=1361): socket(0x10, 0x803, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000600)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r1 = syz_io_uring_setup(0x110, &(0x7f0000000200)={0x0, 0xfec9, 0x8, 0x5, 0x3d4}, 0x0, &(0x7f0000000140)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r1, 0xdb4, 0x0, 0x0, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) io_submit(0x0, 0x0, 0x0) r3 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='autofs\x00', 0x0, &(0x7f0000000100)) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r3, 0xc018937e, 0x0) exit(0x7) io_uring_register$IORING_REGISTER_SYNC_CANCEL(r1, 0x18, &(0x7f0000000000)={0x8, 0xffffffffffffffff, 0x4, {0x1000000000004, 0xfffffffffffffffd}, 0x8}, 0x1) r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000940)=ANY=[@ANYBLOB="1401000027000100000000000000000003"], 0x114}], 0x1}, 0x0) ioctl$VIDIOC_QUERYMENU(0xffffffffffffffff, 0xc02c5625, &(0x7f00000000c0)={0xfffffffe, 0x6, @value=0x9b}) 11.564379839s ago: executing program 4 (id=1364): openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='blkio.bfq.io_wait_time_recursive\x00', 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x1f, 0x7, 0xc, 0xffffffff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000940)=ANY=[@ANYBLOB="b4050000200080066110000000000000c6000000000000009500d800000000009f33ef60916e55893f1eeb0b2ae13d922e6235592ce847e2566c43d72918a897323fd0723043c47c896ce0bce66a245ad9d6817fd98cd824498949714ffaac8a6f77ef0000ca5d82054d54d53cd2b6db714e75d9bdae214fa68a0557eb2c5ca683a4b6fcfcff0bffffffffffd47042eaebfa6fa26fa7a347c7faa8e700458c60897d4a6148a1c11428427c40de60beacf871ab5c2ff88a02084e5b5271e45f00003826fb8579c1fb01d2c5553d2ccb5fc5b51fe6b174ebd9907dcff414ed55b0c20cdbe7009a6fe7cc78762f1d4dcdbca64920db9a50f86c21632f7a4bd344e0bd74ff05d37ef68e3b9db863c758ffffffffabe90ac5d08dd9d4e0359c41cf3626e1230bc1cd4c02c460ceb44276e9bd94d1c2e6d17dc5c2edf332a62f5fe68fbbbbfcfd00000000000fbf940e6652d357474ed5f816f66ac3027460ae66317f83cdd7a7eb2a7003d1a6cf5478533584961c329fcf5a43e05c92bfef0dcd28000000003f2915a3039c9a78f63b8ec7e60a0000fed7d67c440e23d130e51eea1e085bebabe7059de9cbfc5117c024185a062acb6b8eec31c21b3af8b9eedb4660ed2deb7acf2a33a376a5cb7d4266d5b0be14488d14b473502486ad8dd600000000000000000000c7766ea7c581782c0d90f42a85303835fc291c25d29e6bead5d7360f2e1929d7736ebc8558c4506407d3046022bdf25485bd5442169e9b4c1278343581b7a06f65e8ea6b042c4fd08381e5000000000000006398d6480000001a723b91030000006480304c66b217aea0156ce9eef911fe5b7370f79987303ecb3aabc53c60014a0101ab766754f596b41da9534d12b8306a1b36cf3b03f0d790879f523eabfbee83d8bd472ef69660cf6ec897106c51e54a17497f384c4956b41f3843e7c878b1e11316d8ddae1c6c3b85aaf7a9fcaf8f5d6186c42542d68ba72682c938d3c0a2e6e10eed71b1d31c9f300b41745329bf34495c63e43fb896e4903fb0fae54a8f0fe3b48a5b29d279070647e65097c8ecf32a15080000000000000001007ba4a70a084bd994ac5e00000000000000000000000000351a30cd97f83d72631d0fe92efa974a53f4dc1eb9a86df632a6d463688123f64d42a919bcfc44a90ffd680200000091f842a91c977f6075d07e39e669b0713af0498a99bf5261cb3269d499a5202d7a08b33ade7b38829b9bd39619688d5e9af22170ef83e5b92cbb32b655c45de1c154aad81bf64351668a3f76d5afa958aff76249e0ffdf8e45155536a1a44bfcbfbfd232af0000"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="12000000040000000400000012"], 0x48) syz_io_uring_setup(0xc2c, &(0x7f0000000100)={0x0, 0x35b4, 0x4000, 0x0, 0x9}, &(0x7f0000000180), &(0x7f00000001c0)) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/arp\x00') preadv(r0, &(0x7f0000000040)=[{&(0x7f0000000200)=""/233, 0xe9}], 0x1, 0xfff, 0x0) 11.34397222s ago: executing program 1 (id=1365): r0 = socket$inet(0x2b, 0x801, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000033bc0e00000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r1}, 0x18) setsockopt$IP_VS_SO_SET_TIMEOUT(r0, 0x0, 0x48a, &(0x7f0000000040)={0x147ae14, 0x800}, 0xc) 10.703681849s ago: executing program 0 (id=1366): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x64, 0x2, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_MAXELEM={0x8, 0x13, 0x0}, @IPSET_ATTR_HASHSIZE={0x8}]}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}]}, 0x64}, 0x1, 0x0, 0x0, 0x20000884}, 0x0) 10.652396399s ago: executing program 2 (id=1368): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000100)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) read(r0, 0x0, 0x0) 10.561120532s ago: executing program 4 (id=1369): syz_emit_ethernet(0x52, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb08004c"], 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x40}}, 0x0) r0 = add_key$user(&(0x7f00000001c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000080)="bc5d", 0x2, 0xfffffffffffffffe) sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000080)={0x48, 0x0, 0xb97534d5fe9704cf, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_STA_SUPPORTED_RATES={0x4}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x2c9}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_STA_WME={0xc, 0x81, [@NL80211_STA_WME_MAX_SP={0x5, 0x2, 0x8}]}]}, 0x48}}, 0x0) r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0) add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = dup(r3) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil}) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0) syz_kvm_setup_cpu$x86(r3, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) 10.560699712s ago: executing program 0 (id=1370): r0 = fsopen(&(0x7f0000000180)='proc\x00', 0x1) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = socket$igmp(0x2, 0x3, 0x2) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) geteuid() r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) openat$binder_debug(0xffffffffffffff9c, &(0x7f0000003480)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) fchown(r6, 0x0, 0x0) fsetxattr$system_posix_acl(r6, &(0x7f0000000000)='system.posix_acl_access\x00', &(0x7f0000000080)={{}, {0x1, 0x4}, [], {0x4, 0x4}, [{}], {0x10, 0x1}, {0x20, 0x5}}, 0x2c, 0x2) socket(0x1, 0x2, 0x0) setresuid(0x0, 0x0, 0x0) getresgid(0x0, &(0x7f0000002d80), &(0x7f0000002dc0)) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000240)=@bpf_lsm={0xd, 0x7, &(0x7f0000000180)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x4}, @exit, @initr0, @exit, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffc}, @exit], &(0x7f00000000c0)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10, @void, @value}, 0x94) setsockopt$MRT_ADD_VIF(r1, 0x0, 0xca, &(0x7f00000000c0)={0x8, 0x1, 0x9, 0x0, @vifc_lcl_addr=@local, @multicast1=0xe0000300}, 0x10) 10.560340834s ago: executing program 1 (id=1371): dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000000c0), 0xffffffffffffffff) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeea, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_buf(r4, 0x1, 0x3d, 0x0, &(0x7f0000000040)) bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[], 0x50) socket$vsock_stream(0x28, 0x1, 0x0) rt_sigaction(0x19, &(0x7f0000000000)={0xfffffffffffffffc, 0x44000006, 0x0}, 0x0, 0x8, &(0x7f0000000780)) r5 = memfd_create(&(0x7f00000006c0)='\x00\xac=\x9d\xd2\xdb\xe6\xbf\xb4\xf2\xed\x04\x00\x00\x00\xd4N\x12\x9b\x1f\t\xd1Z+\x86T\x16\xf8\x01\x00\x00\x00\x9f+\x8d!\x0fG\xab\xc2\xdc\xa3\xb3\xae8\x9f9?\xefo\xa4k\x01\xb2>\xa1\x9c\x86xm\xe6\x9bZ4\x91\x1a\xdb\xdd\x89\xb9\xc0LF;\xd6\x84\x195\x06\x00\x00\x00~\xf3S\x12\"p^\xc1jP\x8a\xc6[\xbd\xe7q]\xdd\r\x1aZS\x01*\x1b\xfd\xbcMA\xdcq\xa1\x00\xb3\xf9\x91r\x7f\xdc\xf1\xc3G,\xdb\xccS\x15\x95b\x17\xab\xe4?\x96\x95\xa4kP\x99YO\xb8V\xd5p\x90X\xaaf', 0x0) fallocate(r5, 0x0, 0x400000000000000, 0x2) 10.465489711s ago: executing program 2 (id=1372): ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, 0x0}) r1 = socket$kcm(0x11, 0x3, 0x0) sendmsg$kcm(r1, &(0x7f0000000180)={&(0x7f0000000100)=@hci={0x1f, 0x0, 0x3}, 0x80, &(0x7f0000000040)=[{&(0x7f00000000c0)}], 0x1}, 0x9cdc2384256b08bc) ioctl$IOMMU_IOAS_UNMAP$ALL(0xffffffffffffffff, 0x3b86, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) socket$pppl2tp(0x18, 0x1, 0x1) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r6 = socket(0x10, 0x3, 0x0) setsockopt$MRT6_ADD_MFC_PROXY(r6, 0x29, 0xd2, &(0x7f0000000300)={{0xa, 0x4e21, 0x7f, @mcast1, 0x5}, {0xa, 0x4e23, 0x80000000, @private1, 0x8}, 0x1, {[0x3ff, 0x9, 0x196d, 0x400, 0x8, 0x81, 0x6, 0x8]}}, 0x5c) write(r6, &(0x7f0000000140)="2600000022004701050000070000000000000020002b1f000a4a51f1ee839cd53400", 0x22) ioctl$IOMMU_OPTION$IOMMU_OPTION_HUGE_PAGES(0xffffffffffffffff, 0x3b87, &(0x7f0000000600)={0x18, 0x1, 0x0, 0x0, r0}) ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(0xffffffffffffffff, 0x3ba0, &(0x7f0000000740)={0x48, 0x2, r0}) 9.563427687s ago: executing program 0 (id=1373): r0 = open(&(0x7f0000000300)='./bus\x00', 0x169042, 0x0) ftruncate(r0, 0x88801) dup(0xffffffffffffffff) bpf$PROG_LOAD(0x5, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) r5 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x180300, 0x0) ioctl$FBIOPUTCMAP(r5, 0x4605, &(0x7f0000000200)={0x0, 0x3, &(0x7f0000000100)=[0x4, 0xf1c1, 0x9], &(0x7f0000000140)=[0x4], &(0x7f0000000180)=[0x2, 0x2, 0x5, 0x5, 0x7, 0x84f3], &(0x7f00000001c0)}) ioctl$FBIOPUT_VSCREENINFO(r5, 0x4601, 0x0) openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x20040008, &(0x7f00008d4fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) mount$bpf(0x0, &(0x7f0000000000)='./bus\x00', &(0x7f0000000240), 0x400, &(0x7f0000000340)={[], [{@obj_role={'obj_role', 0x3d, '*'}}, {@smackfsroot={'smackfsroot', 0x3d, '&+-'}}, {@flag='lazytime'}, {@func={'func', 0x3d, 'FILE_MMAP'}}]}) 9.503489267s ago: executing program 3 (id=1374): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x15) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000540)=0x9) 9.214073086s ago: executing program 2 (id=1375): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) setsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f0000000000)={0x0, 0x747, 0x0, 0x3}, 0xc) openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) socket(0x10, 0x803, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYRESHEX=0x0]) chdir(&(0x7f0000000080)='./file1\x00') r2 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x4, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x50, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x40049366, &(0x7f0000000180)) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r0) sendmsg$inet(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000180)="88e656695c", 0x5}], 0x1}, 0x4000804) shutdown(r0, 0x1) 8.981743541s ago: executing program 1 (id=1376): socket(0x10, 0x803, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000600)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r1 = syz_io_uring_setup(0x110, &(0x7f0000000200)={0x0, 0xfec9, 0x8, 0x5, 0x3d4}, 0x0, &(0x7f0000000140)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r1, 0xdb4, 0x0, 0x0, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) io_submit(0x0, 0x0, 0x0) r3 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='autofs\x00', 0x0, &(0x7f0000000100)) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r3, 0xc018937e, 0x0) exit(0x7) io_uring_register$IORING_REGISTER_SYNC_CANCEL(r1, 0x18, &(0x7f0000000000)={0x8, 0xffffffffffffffff, 0x4, {0x1000000000004, 0xfffffffffffffffd}, 0x8}, 0x1) r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000940)=ANY=[@ANYBLOB="1401000027000100000000000000000003"], 0x114}], 0x1}, 0x0) ioctl$VIDIOC_QUERYMENU(0xffffffffffffffff, 0xc02c5625, &(0x7f00000000c0)={0xfffffffe, 0x6, @value=0x9b}) 8.945855256s ago: executing program 3 (id=1377): socket$inet_tcp(0x2, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x8}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) syz_usb_connect$cdc_ncm(0x5, 0x0, 0x0, &(0x7f0000000640)={0x0, 0x0, 0xf7, &(0x7f0000000040)=ANY=[@ANYBLOB="050ff700045c1003c0d1eb591478e88b528f63c0059f5893fe9a3de657d3b8fae959f0c4631c89a5366dbc355e983bb506942d465df040"]}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0xea100, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x8000000000000000, 0x100000000, 0x0, 0x20, 0x0, 0x0, 0x2004cc, 0x8000002, 0x0, 0x0, 0xfffffffffffffffb, 0x0, 0x0, 0x0, 0x4000000000000004, 0x767], 0xeeef0000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 8.395464848s ago: executing program 4 (id=1378): syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00') socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r1, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000000c0), 0x4) setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x2, &(0x7f0000000680)=@gcm_128={{0x303}, "000037d7009400", "c0b6c5b29ca2b838d41ac2fc7ddf972d", "e9be1eae", "bb10000000000001"}, 0x28) r2 = getpid() syz_pidfd_open(r2, 0x0) pselect6(0x40, &(0x7f0000000000)={0x0, 0x40000000002, 0x8000000000000000, 0x8000f, 0x2, 0x0, 0x100, 0x10001000}, 0x0, &(0x7f00000002c0)={0x3ff, 0x6, 0x0, 0x4, 0x2, 0x0, 0x2, 0x7}, 0x0, 0x0) 6.677554251s ago: executing program 1 (id=1379): openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10) getpid() r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x100}, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r3 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) write$uinput_user_dev(r3, &(0x7f0000000100)={'syz0\x00', {0x0, 0x1000, 0x80, 0xfffc}, 0x7, [0x0, 0x80000000, 0x0, 0x0, 0x8, 0x0, 0x0, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x20000, 0x0, 0x3], [0xffffffff, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x3d, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x1, 0x200, 0x0, 0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9], [0x0, 0x401, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], [0x0, 0x0, 0x0, 0x6, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x3, 0x100000, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000]}, 0x45c) ioctl$UI_DEV_SETUP(r3, 0x5501, 0x0) readv(r3, &(0x7f0000000080)=[{&(0x7f0000001340)=""/104, 0x68}], 0x1) write$input_event(r3, &(0x7f0000000000)={{0x77359400}, 0x15}, 0xfe4f) 6.676290045s ago: executing program 4 (id=1380): openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x200002, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x12, 0xc, 0x0, &(0x7f0000000180)='syzkaller\x00', 0x7, 0x0, 0x0, 0x40f00, 0x2a, '\x00', 0x0, @cgroup_sock_addr=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @void, @value}, 0x94) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0x200, 0x0, 0x4) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000380)=@raw={'raw\x00', 0x8, 0x3, 0x240, 0xd8, 0xa, 0xd0e0000, 0xd8, 0x100, 0x1a8, 0x1d8, 0x1d8, 0x1a8, 0x1d8, 0x3, 0x0, {[{{@ip={@local, @multicast2, 0xffffff00, 0xff, 'veth0\x00', 'team0\x00', {}, {}, 0x2, 0x3, 0x40}, 0x0, 0x70, 0xd8}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x1, 0xffff, 0x800, 0x1, 'syz1\x00', 'syz0\x00', {0x3}}}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x1, [0x4, 0x2, 0x4, 0x3, 0x5, 0x3], 0x5, 0x5}, {0x0, [0x6, 0x6, 0x1, 0x7, 0x5, 0x5], 0x3, 0x3}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2a0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) r2 = io_uring_setup(0x71b9, &(0x7f00000000c0)={0x0, 0xc63b}) io_uring_enter(r2, 0x0, 0x6, 0x20, 0x0, 0x0) shmget$private(0x0, 0x3000, 0x200, &(0x7f0000ffd000/0x3000)=nil) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r5, 0x0, 0x0) ioprio_set$uid(0x3, 0x0, 0x0) r6 = openat$random(0xffffffffffffff9c, &(0x7f00000003c0), 0x40202, 0x0) sendfile(r6, r6, 0x0, 0x4800000009) 6.513929007s ago: executing program 2 (id=1381): r0 = inotify_init() r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000380)='ns/time\x00') ioctl$TUNGETVNETHDRSZ(r1, 0x8004b709, 0x0) creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca) inotify_add_watch(r0, &(0x7f0000000240)='./file0\x00', 0x8c7) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000ec0)={'batadv0\x00', 0x0}) r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000440)={0x1c, r4, 0x303, 0x0, 0xfffffffc, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x0) 3.727904309s ago: executing program 4 (id=1382): socket$nl_route(0x10, 0x3, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x50009404, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3, &(0x7f0000000000)=0x5, 0x8, 0x0) get_mempolicy(0x0, 0x0, 0x0, &(0x7f00005e2000/0x3000)=nil, 0x3) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB]) 3.67048383s ago: executing program 3 (id=1383): r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) bind$ax25(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'}) r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0x10) ioctl$sock_netdev_private(r2, 0x8914, 0x0) r3 = syz_init_net_socket$ax25(0x3, 0x2, 0xcc) setsockopt$ax25_SO_BINDTODEVICE(r3, 0x101, 0x19, &(0x7f00000001c0)=@bpq0, 0x10) bind$ax25(r3, &(0x7f0000000f00)={{0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x3}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @default, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x48) ioctl$sock_netrom_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000000)={0x0, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bpq0, 0x1, 'syz0\x00', @default, 0x4, 0x0, [@null, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @default]}) setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0xfffffffffffffe1d) ioctl$sock_netdev_private(r0, 0x8914, &(0x7f0000000000)) 3.519230822s ago: executing program 3 (id=1384): r0 = fsopen(&(0x7f0000000180)='proc\x00', 0x1) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = socket$igmp(0x2, 0x3, 0x2) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) geteuid() r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) openat$binder_debug(0xffffffffffffff9c, &(0x7f0000003480)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) fchown(r6, 0x0, 0x0) fsetxattr$system_posix_acl(r6, &(0x7f0000000000)='system.posix_acl_access\x00', &(0x7f0000000080)={{}, {0x1, 0x4}, [], {0x4, 0x4}, [{}], {0x10, 0x1}, {0x20, 0x5}}, 0x2c, 0x2) socket(0x1, 0x2, 0x0) setresuid(0x0, 0x0, 0x0) getresgid(0x0, &(0x7f0000002d80), &(0x7f0000002dc0)) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000240)=@bpf_lsm={0xd, 0x7, &(0x7f0000000180)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x4}, @exit, @initr0, @exit, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffc}, @exit], &(0x7f00000000c0)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10, @void, @value}, 0x94) setsockopt$MRT_ADD_VIF(r1, 0x0, 0xca, &(0x7f00000000c0)={0x8, 0x1, 0x9, 0x0, @vifc_lcl_addr=@local, @multicast1=0xe0000300}, 0x10) 3.389042008s ago: executing program 0 (id=1385): r0 = openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, 0x0}) r2 = socket$kcm(0x11, 0x3, 0x0) sendmsg$kcm(r2, &(0x7f0000000180)={&(0x7f0000000100)=@hci={0x1f, 0x0, 0x3}, 0x80, &(0x7f0000000040)=[{&(0x7f00000000c0)}], 0x1}, 0x9cdc2384256b08bc) ioctl$IOMMU_IOAS_UNMAP$ALL(r0, 0x3b86, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r4 = getpid() sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) socket$pppl2tp(0x18, 0x1, 0x1) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r7 = socket(0x10, 0x3, 0x0) setsockopt$MRT6_ADD_MFC_PROXY(r7, 0x29, 0xd2, &(0x7f0000000300)={{0xa, 0x4e21, 0x7f, @mcast1, 0x5}, {0xa, 0x4e23, 0x80000000, @private1, 0x8}, 0x1, {[0x3ff, 0x9, 0x196d, 0x400, 0x8, 0x81, 0x6, 0x8]}}, 0x5c) write(r7, &(0x7f0000000140)="2600000022004701050000070000000000000020002b1f000a4a51f1ee839cd53400", 0x22) ioctl$IOMMU_OPTION$IOMMU_OPTION_HUGE_PAGES(r0, 0x3b87, &(0x7f0000000600)={0x18, 0x1, 0x0, 0x0, r1}) ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r0, 0x3ba0, &(0x7f0000000740)={0x48, 0x2, r1}) 3.36586242s ago: executing program 1 (id=1386): mq_open(0x0, 0x40, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000180)={0xc, 0x8b}, 0x0) sendmsg$netlink(0xffffffffffffffff, 0x0, 0x846) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = openat$fb0(0xffffffffffffff9c, &(0x7f00000006c0), 0x80000, 0x0) ioctl$FBIOPUT_CON2FBMAP(r3, 0x4610, &(0x7f0000000700)={0x35}) socket$can_bcm(0x1d, 0x2, 0x2) socket$kcm(0x10, 0x400000002, 0x0) 3.031946277s ago: executing program 2 (id=1387): prlimit64(0x0, 0x4, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)}, {0x0}], 0x2) r1 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$inet_int(r1, 0x0, 0x33, &(0x7f0000000040)=0x80000001, 0x4) listen(r1, 0x0) r2 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$inet_int(r2, 0x0, 0x33, &(0x7f0000000000)=0x80000000, 0x4) listen(r2, 0x9) ioctl$EXT4_IOC_GROUP_ADD(0xffffffffffffffff, 0x80186e83, 0x0) 2.408564092s ago: executing program 3 (id=1388): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002100)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x10) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000001000/0x4000)=nil) r4 = syz_open_procfs(0x0, &(0x7f0000002700)='cmdline\x00') read$FUSE(r4, &(0x7f0000000000)={0x2020}, 0xfffffc7a) 1.154173176s ago: executing program 0 (id=1389): socket(0x10, 0x803, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000600)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r1 = syz_io_uring_setup(0x110, &(0x7f0000000200)={0x0, 0xfec9, 0x8, 0x5, 0x3d4}, 0x0, &(0x7f0000000140)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r1, 0xdb4, 0x0, 0x0, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) io_submit(0x0, 0x0, 0x0) r3 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='autofs\x00', 0x0, &(0x7f0000000100)) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r3, 0xc018937e, 0x0) exit(0x7) io_uring_register$IORING_REGISTER_SYNC_CANCEL(r1, 0x18, &(0x7f0000000000)={0x8, 0xffffffffffffffff, 0x4, {0x1000000000004, 0xfffffffffffffffd}, 0x8}, 0x1) r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000940)=ANY=[@ANYBLOB="1401000027000100000000000000000003"], 0x114}], 0x1}, 0x0) ioctl$VIDIOC_QUERYMENU(0xffffffffffffffff, 0xc02c5625, &(0x7f00000000c0)={0xfffffffe, 0x6, @value=0x9b}) 1.152918631s ago: executing program 4 (id=1390): socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff) openat$dma_heap(0xffffffffffffff9c, 0x0, 0x0, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) rseq(0x0, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8d}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x3) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = creat(0x0, 0x10) ioctl$MEDIA_IOC_REQUEST_ALLOC(0xffffffffffffffff, 0x80047c05, &(0x7f0000000140)=0xffffffffffffffff) ioctl$VIDIOC_G_EXT_CTRLS(r2, 0xc0205647, &(0x7f00000001c0)={0x0, 0x8bc, 0x10001, r3, 0x0, &(0x7f0000000180)={0x9b0907, 0x2, '\x00', @value64=0x4}}) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=@newlink={0x50, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x5b5d}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET6={0x18, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}]}]}, @IFLA_ALT_IFNAME={0x14, 0x35, 'batadv0\x00'}]}, 0x50}}, 0x0) 1.113781311s ago: executing program 1 (id=1391): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) setsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f0000000000)={0x0, 0x747, 0x0, 0x3}, 0xc) openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) socket(0x10, 0x803, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYRESHEX=0x0]) chdir(&(0x7f0000000080)='./file1\x00') r2 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x4, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x50, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x40049366, &(0x7f0000000180)) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r0) sendmsg$inet(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000180)="88e656695c", 0x5}], 0x1}, 0x4000804) shutdown(r0, 0x1) 1.087187887s ago: executing program 2 (id=1392): r0 = fsopen(&(0x7f0000000180)='proc\x00', 0x1) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) fsmount(r0, 0x0, 0x6) r1 = socket$igmp(0x2, 0x3, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) geteuid() r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) openat$binder_debug(0xffffffffffffff9c, &(0x7f0000003480)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) fchown(r5, 0x0, 0x0) fsetxattr$system_posix_acl(r5, &(0x7f0000000000)='system.posix_acl_access\x00', &(0x7f0000000080)={{}, {0x1, 0x4}, [], {0x4, 0x4}, [{}], {0x10, 0x1}, {0x20, 0x5}}, 0x2c, 0x2) socket(0x1, 0x2, 0x0) setresuid(0x0, 0x0, 0x0) getresgid(0x0, &(0x7f0000002d80), &(0x7f0000002dc0)) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000240)=@bpf_lsm={0xd, 0x7, &(0x7f0000000180)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x4}, @exit, @initr0, @exit, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffc}, @exit], &(0x7f00000000c0)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10, @void, @value}, 0x94) setsockopt$MRT_ADD_VIF(r1, 0x0, 0xca, &(0x7f00000000c0)={0x8, 0x1, 0x9, 0x0, @vifc_lcl_addr=@local, @multicast1=0xe0000300}, 0x10) 0s ago: executing program 3 (id=1393): syz_usb_connect(0x0, 0x24, &(0x7f0000000140)={{0x12, 0x1, 0x0, 0x4b, 0x41, 0x46, 0x8, 0x1660, 0x932, 0x80ea, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x5, 0x10, 0xf}}]}}]}}, 0x0) r0 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000040)={&(0x7f0000000380)=[{0x4, 0x1200, 0x0, 0x0}], 0x1}) r1 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402) ioctl$I2C_RDWR(r1, 0x707, &(0x7f0000002580)={&(0x7f00000002c0)=[{0x63, 0xa801, 0x0, 0x0}], 0x1}) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.83' (ED25519) to the list of known hosts. [ 87.431672][ T5806] cgroup: Unknown subsys name 'net' [ 87.549905][ T5806] cgroup: Unknown subsys name 'cpuset' [ 87.559805][ T5806] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 89.190970][ T5806] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 91.897787][ T9] cfg80211: failed to load regulatory.db [ 91.948597][ T5824] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 91.959597][ T5834] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 91.967310][ T5834] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 91.978954][ T5834] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 91.988070][ T5834] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 91.995484][ T5834] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 92.002939][ T5834] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 92.010710][ T5834] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 92.018026][ T5834] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 92.026334][ T5834] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 92.029093][ T5836] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 92.034956][ T5834] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 92.047165][ T5836] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 92.048926][ T5834] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 92.054826][ T5836] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 92.073875][ T5836] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 92.074705][ T5834] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 92.091509][ T5834] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 92.098905][ T5841] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 92.116772][ T5841] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 92.128469][ T5834] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 92.144738][ T5841] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 92.156609][ T5841] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 92.172160][ T5832] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 92.183790][ T5832] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 92.778443][ T5821] chnl_net:caif_netlink_parms(): no params data found [ 92.858875][ T5818] chnl_net:caif_netlink_parms(): no params data found [ 93.019456][ T5820] chnl_net:caif_netlink_parms(): no params data found [ 93.092442][ T5819] chnl_net:caif_netlink_parms(): no params data found [ 93.205336][ T5831] chnl_net:caif_netlink_parms(): no params data found [ 93.223132][ T5818] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.231430][ T5818] bridge0: port 1(bridge_slave_0) entered disabled state [ 93.239817][ T5818] bridge_slave_0: entered allmulticast mode [ 93.247308][ T5818] bridge_slave_0: entered promiscuous mode [ 93.268800][ T5821] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.276203][ T5821] bridge0: port 1(bridge_slave_0) entered disabled state [ 93.283374][ T5821] bridge_slave_0: entered allmulticast mode [ 93.290989][ T5821] bridge_slave_0: entered promiscuous mode [ 93.312655][ T5818] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.319989][ T5818] bridge0: port 2(bridge_slave_1) entered disabled state [ 93.327315][ T5818] bridge_slave_1: entered allmulticast mode [ 93.334579][ T5818] bridge_slave_1: entered promiscuous mode [ 93.348552][ T5821] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.355793][ T5821] bridge0: port 2(bridge_slave_1) entered disabled state [ 93.363092][ T5821] bridge_slave_1: entered allmulticast mode [ 93.370910][ T5821] bridge_slave_1: entered promiscuous mode [ 93.527703][ T5821] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 93.540813][ T5821] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 93.561735][ T5820] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.569477][ T5820] bridge0: port 1(bridge_slave_0) entered disabled state [ 93.577430][ T5820] bridge_slave_0: entered allmulticast mode [ 93.588676][ T5820] bridge_slave_0: entered promiscuous mode [ 93.598272][ T5820] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.605396][ T5820] bridge0: port 2(bridge_slave_1) entered disabled state [ 93.613089][ T5820] bridge_slave_1: entered allmulticast mode [ 93.621174][ T5820] bridge_slave_1: entered promiscuous mode [ 93.630970][ T5818] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 93.644515][ T5818] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 93.745901][ T5819] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.753034][ T5819] bridge0: port 1(bridge_slave_0) entered disabled state [ 93.760550][ T5819] bridge_slave_0: entered allmulticast mode [ 93.768794][ T5819] bridge_slave_0: entered promiscuous mode [ 93.779738][ T5821] team0: Port device team_slave_0 added [ 93.788615][ T5821] team0: Port device team_slave_1 added [ 93.830020][ T5818] team0: Port device team_slave_0 added [ 93.850751][ T5819] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.858383][ T5819] bridge0: port 2(bridge_slave_1) entered disabled state [ 93.866586][ T5819] bridge_slave_1: entered allmulticast mode [ 93.873823][ T5819] bridge_slave_1: entered promiscuous mode [ 93.912389][ T5820] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 93.924132][ T5818] team0: Port device team_slave_1 added [ 93.956732][ T5831] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.963879][ T5831] bridge0: port 1(bridge_slave_0) entered disabled state [ 93.973761][ T5831] bridge_slave_0: entered allmulticast mode [ 93.986468][ T5831] bridge_slave_0: entered promiscuous mode [ 93.996949][ T5820] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 94.020679][ T5821] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 94.027750][ T5821] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.054053][ T5821] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 94.081217][ T5831] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.088574][ T5831] bridge0: port 2(bridge_slave_1) entered disabled state [ 94.096257][ T5831] bridge_slave_1: entered allmulticast mode [ 94.103518][ T5831] bridge_slave_1: entered promiscuous mode [ 94.136556][ T5828] Bluetooth: hci3: command tx timeout [ 94.136556][ T5832] Bluetooth: hci0: command tx timeout [ 94.149659][ T5821] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 94.156713][ T5821] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.182728][ T5821] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 94.197630][ T5819] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 94.216370][ T5828] Bluetooth: hci2: command tx timeout [ 94.221020][ T5832] Bluetooth: hci4: command tx timeout [ 94.243252][ T5818] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 94.250449][ T5818] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.276669][ T5818] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 94.295760][ T5832] Bluetooth: hci1: command tx timeout [ 94.303921][ T5819] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 94.330380][ T5820] team0: Port device team_slave_0 added [ 94.340408][ T5820] team0: Port device team_slave_1 added [ 94.347307][ T5818] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 94.354272][ T5818] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.380654][ T5818] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 94.447639][ T5831] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 94.461367][ T5831] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 94.532409][ T5819] team0: Port device team_slave_0 added [ 94.552189][ T5820] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 94.559513][ T5820] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.586144][ T5820] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 94.599583][ T5820] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 94.606884][ T5820] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.633451][ T5820] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 94.663725][ T5821] hsr_slave_0: entered promiscuous mode [ 94.671048][ T5821] hsr_slave_1: entered promiscuous mode [ 94.680655][ T5819] team0: Port device team_slave_1 added [ 94.726117][ T5818] hsr_slave_0: entered promiscuous mode [ 94.732549][ T5818] hsr_slave_1: entered promiscuous mode [ 94.739761][ T5818] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 94.747554][ T5818] Cannot create hsr debugfs directory [ 94.770848][ T5831] team0: Port device team_slave_0 added [ 94.811667][ T5819] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 94.818700][ T5819] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.844791][ T5819] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 94.857545][ T5819] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 94.864528][ T5819] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.890613][ T5819] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 94.915815][ T5831] team0: Port device team_slave_1 added [ 94.958130][ T5820] hsr_slave_0: entered promiscuous mode [ 94.964578][ T5820] hsr_slave_1: entered promiscuous mode [ 94.971505][ T5820] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 94.979524][ T5820] Cannot create hsr debugfs directory [ 95.071476][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 95.078602][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 95.105246][ T5831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 95.164381][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 95.175118][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 95.201534][ T5831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 95.263347][ T5819] hsr_slave_0: entered promiscuous mode [ 95.270144][ T5819] hsr_slave_1: entered promiscuous mode [ 95.276848][ T5819] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 95.284420][ T5819] Cannot create hsr debugfs directory [ 95.474730][ T5831] hsr_slave_0: entered promiscuous mode [ 95.481237][ T5831] hsr_slave_1: entered promiscuous mode [ 95.487686][ T5831] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 95.495266][ T5831] Cannot create hsr debugfs directory [ 95.797911][ T5818] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 95.830226][ T5818] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 95.862787][ T5818] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 95.884347][ T5818] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 95.956865][ T5821] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 95.967492][ T5821] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 96.002452][ T5821] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 96.014313][ T5821] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 96.080195][ T5819] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 96.120747][ T5819] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 96.149306][ T5819] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 96.161626][ T5819] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 96.216691][ T5832] Bluetooth: hci0: command tx timeout [ 96.217177][ T5828] Bluetooth: hci3: command tx timeout [ 96.271485][ T5820] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 96.295902][ T5828] Bluetooth: hci4: command tx timeout [ 96.296981][ T5832] Bluetooth: hci2: command tx timeout [ 96.326233][ T5820] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 96.355680][ T5820] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 96.370205][ T5820] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 96.377781][ T5832] Bluetooth: hci1: command tx timeout [ 96.432278][ T5818] 8021q: adding VLAN 0 to HW filter on device bond0 [ 96.445174][ T5831] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 96.459911][ T5831] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 96.471885][ T5831] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 96.484224][ T5831] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 96.530251][ T5818] 8021q: adding VLAN 0 to HW filter on device team0 [ 96.560196][ T4175] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.567457][ T4175] bridge0: port 1(bridge_slave_0) entered forwarding state [ 96.608413][ T4175] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.615682][ T4175] bridge0: port 2(bridge_slave_1) entered forwarding state [ 96.667394][ T5819] 8021q: adding VLAN 0 to HW filter on device bond0 [ 96.703316][ T5821] 8021q: adding VLAN 0 to HW filter on device bond0 [ 96.770858][ T5819] 8021q: adding VLAN 0 to HW filter on device team0 [ 96.801078][ T3736] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.808361][ T3736] bridge0: port 1(bridge_slave_0) entered forwarding state [ 96.834667][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.841860][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 96.862369][ T5821] 8021q: adding VLAN 0 to HW filter on device team0 [ 96.879274][ T5820] 8021q: adding VLAN 0 to HW filter on device bond0 [ 96.911173][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.918368][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 96.929941][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.937108][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 96.993532][ T5820] 8021q: adding VLAN 0 to HW filter on device team0 [ 97.060767][ T4175] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.068100][ T4175] bridge0: port 1(bridge_slave_0) entered forwarding state [ 97.109588][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.116822][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 97.209049][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0 [ 97.336654][ T5831] 8021q: adding VLAN 0 to HW filter on device team0 [ 97.374052][ T3736] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.381278][ T3736] bridge0: port 1(bridge_slave_0) entered forwarding state [ 97.465224][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.472445][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 97.583240][ T5818] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 97.799676][ T5819] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 97.822692][ T5818] veth0_vlan: entered promiscuous mode [ 97.892110][ T5818] veth1_vlan: entered promiscuous mode [ 97.932116][ T5821] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 97.993900][ T5820] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 98.092739][ T5818] veth0_macvtap: entered promiscuous mode [ 98.158157][ T5818] veth1_macvtap: entered promiscuous mode [ 98.220951][ T5820] veth0_vlan: entered promiscuous mode [ 98.252709][ T5821] veth0_vlan: entered promiscuous mode [ 98.285144][ T5818] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 98.297629][ T5832] Bluetooth: hci0: command tx timeout [ 98.301451][ T5828] Bluetooth: hci3: command tx timeout [ 98.333051][ T5820] veth1_vlan: entered promiscuous mode [ 98.352440][ T5818] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 98.365308][ T5821] veth1_vlan: entered promiscuous mode [ 98.380619][ T5828] Bluetooth: hci2: command tx timeout [ 98.380695][ T5832] Bluetooth: hci4: command tx timeout [ 98.401765][ T5818] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.411317][ T5818] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.421088][ T5818] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.430725][ T5818] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.450134][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 98.455763][ T5832] Bluetooth: hci1: command tx timeout [ 98.555199][ T5819] veth0_vlan: entered promiscuous mode [ 98.619180][ T5819] veth1_vlan: entered promiscuous mode [ 98.641823][ T5831] veth0_vlan: entered promiscuous mode [ 98.671399][ T5821] veth0_macvtap: entered promiscuous mode [ 98.683125][ T5820] veth0_macvtap: entered promiscuous mode [ 98.707375][ T5821] veth1_macvtap: entered promiscuous mode [ 98.714957][ T5820] veth1_macvtap: entered promiscuous mode [ 98.727615][ T5831] veth1_vlan: entered promiscuous mode [ 98.742769][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.761079][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.804991][ T5821] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 98.841371][ T5831] veth0_macvtap: entered promiscuous mode [ 98.870183][ T5821] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 98.881538][ T5819] veth0_macvtap: entered promiscuous mode [ 98.896308][ T5820] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 98.904002][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.908929][ T5819] veth1_macvtap: entered promiscuous mode [ 98.915145][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.920589][ T5831] veth1_macvtap: entered promiscuous mode [ 98.949511][ T5820] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 98.970077][ T5821] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.979486][ T5821] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.988365][ T5821] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.998033][ T5821] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.025112][ T5820] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.034222][ T5820] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.044238][ T5820] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.054492][ T5820] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.099695][ T5819] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 99.130026][ T5818] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 99.134975][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 99.176643][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 99.194228][ T5819] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 99.228919][ T5831] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.244541][ T5831] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.255117][ T5831] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.276470][ T5831] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.300750][ T5819] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.313816][ T5819] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.323279][ T5819] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.332426][ T5819] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.452873][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.485923][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.573041][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.590752][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.644223][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.659108][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.733092][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.754016][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.840159][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.857188][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.985143][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.035488][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.074828][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.086511][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.377435][ T5832] Bluetooth: hci0: command tx timeout [ 100.383456][ T5832] Bluetooth: hci3: command tx timeout [ 100.456372][ T5828] Bluetooth: hci4: command tx timeout [ 100.462407][ T5832] Bluetooth: hci2: command tx timeout [ 100.537100][ T5832] Bluetooth: hci1: command tx timeout [ 100.750112][ T5918] dvmrp8: entered allmulticast mode [ 100.941170][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.952107][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.143780][ T978] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 101.205826][ T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!! [ 101.239366][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 102.239415][ T978] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 102.478103][ T978] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 102.525825][ T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!! [ 102.569706][ T5934] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 102.613442][ T978] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 102.645010][ T978] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 102.735082][ T978] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 102.768262][ T978] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 102.812401][ T978] usb 1-1: Product: syz [ 102.840226][ T978] usb 1-1: Manufacturer: syz [ 102.895944][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 102.913055][ T978] cdc_wdm 1-1:1.0: skipping garbage [ 103.009738][ T978] cdc_wdm 1-1:1.0: probe with driver cdc_wdm failed with error -22 [ 103.413853][ T5922] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 103.475840][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 103.816626][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 103.816689][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 103.856868][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 103.857045][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 104.357018][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 105.030813][ T5833] usb 1-1: USB disconnect, device number 2 [ 106.279162][ T5973] hugetlbfs: syz.3.14 (5973): Using mlock ulimits for SHM_HUGETLB is obsolete [ 108.286410][ T5996] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 109.702157][ T6012] fuse: Bad value for 'fd' [ 109.897386][ T6020] sp0: Synchronizing with TNC [ 110.180889][ T30] audit: type=1326 audit(1748593767.561:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6011 comm="syz.4.31" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f831e78e969 code=0x0 [ 110.758366][ T6013] [U] è` [ 113.929992][ T6041] warning: `syz.1.35' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 114.950864][ T6053] xt_CT: No such helper "pptp" [ 115.425222][ T5832] block nbd1: Receive control failed (result -107) [ 115.497175][ T6068] erofs (device nbd1): cannot find valid erofs superblock [ 115.595826][ T6064] nbd1: detected capacity change from 0 to 12 [ 115.659311][ T6063] block nbd1: shutting down sockets [ 116.199565][ T24] IPVS: starting estimator thread 0... [ 116.741397][ T6077] IPVS: using max 30 ests per chain, 72000 per kthread [ 116.886470][ T6088] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 117.955872][ T5907] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 118.056379][ T24] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 118.136633][ T5907] usb 4-1: Using ep0 maxpacket: 32 [ 118.158180][ T5907] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xD has an invalid bInterval 0, changing to 7 [ 118.179514][ T5907] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xD has invalid wMaxPacketSize 0 [ 118.201993][ T5907] usb 4-1: New USB device found, idVendor=17dd, idProduct=5500, bcdDevice=f3.5e [ 118.212483][ T5907] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 118.221142][ T5907] usb 4-1: Product: syz [ 118.226339][ T5907] usb 4-1: Manufacturer: syz [ 118.247079][ T24] usb 2-1: config 0 has no interfaces? [ 118.253974][ T5907] usb 4-1: SerialNumber: syz [ 118.270185][ T5907] usb 4-1: config 0 descriptor?? [ 118.289078][ T24] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 118.305186][ T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 118.309227][ T5907] cypress_m8 4-1:0.0: HID->COM RS232 Adapter converter detected [ 118.322139][ T24] usb 2-1: Product: syz [ 118.332440][ T5907] cyphidcom ttyUSB0: required endpoint is missing [ 118.344010][ T24] usb 2-1: Manufacturer: syz [ 118.356876][ T24] usb 2-1: SerialNumber: syz [ 118.386196][ T24] usb 2-1: config 0 descriptor?? [ 118.446286][ T6126] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 118.562218][ T5879] usb 4-1: USB disconnect, device number 2 [ 118.579895][ T5879] cypress_m8 4-1:0.0: device disconnected [ 119.015911][ T5833] usb 5-1: new full-speed USB device number 2 using dummy_hcd [ 119.231307][ T5833] usb 5-1: config 135 has an invalid interface number: 230 but max is 0 [ 119.766897][ T5833] usb 5-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config [ 120.868033][ T5833] usb 5-1: config 135 has no interface number 0 [ 120.892538][ T5833] usb 5-1: config 135 interface 230 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 121.258075][ T5833] usb 5-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a [ 121.306219][ T5833] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 121.346314][ T5833] usb 5-1: Product: syz [ 121.355915][ T5833] usb 5-1: Manufacturer: syz [ 121.360571][ T5833] usb 5-1: SerialNumber: syz [ 121.416962][ T5833] usb 5-1: Found UVC 0.00 device syz (18ec:3288) [ 121.450316][ T5833] usb 5-1: No valid video chain found. [ 121.853610][ T24] usb 2-1: USB disconnect, device number 2 [ 121.864945][ T5807] usb 5-1: USB disconnect, device number 2 [ 122.067065][ T6157] syz.1.77 uses obsolete (PF_INET,SOCK_PACKET) [ 122.466457][ T5807] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 122.656050][ T5807] usb 4-1: Using ep0 maxpacket: 32 [ 122.677670][ T5807] usb 4-1: config index 0 descriptor too short (expected 156, got 27) [ 122.721187][ T5807] usb 4-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 122.766084][ T5807] usb 4-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 122.818241][ T5807] usb 4-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 122.885640][ T5807] usb 4-1: config 0 interface 0 has no altsetting 0 [ 122.947111][ T5807] usb 4-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 122.975637][ T5807] usb 4-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 123.014806][ T5807] usb 4-1: Product: syz [ 123.035051][ T5807] usb 4-1: Manufacturer: syz [ 123.063097][ T5807] usb 4-1: SerialNumber: syz [ 123.116656][ T5807] usb 4-1: config 0 descriptor?? [ 123.157970][ T5807] ldusb 4-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 123.240178][ T5807] ldusb 4-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 123.349081][ T6178] fuse: Invalid rootmode [ 123.389650][ T30] audit: type=1326 audit(1748593781.211:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6177 comm="syz.2.74" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f17e798e969 code=0x0 [ 123.750911][ T6161] ldusb 4-1:0.0: Couldn't submit HID_REQ_SET_REPORT -71 [ 124.111957][ T5807] usb 4-1: USB disconnect, device number 3 [ 124.117920][ C0] ldusb 4-1:0.0: usb_submit_urb failed (-19) [ 124.148194][ T5807] ldusb 4-1:0.0: LD USB Device #0 now disconnected [ 126.250636][ T6245] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 126.405935][ T6252] fuse: Invalid rootmode [ 126.440775][ T30] audit: type=1326 audit(1748593784.241:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6250 comm="syz.3.96" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff9aab8e969 code=0x0 [ 126.985781][ T5907] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 127.168481][ T5907] usb 3-1: Using ep0 maxpacket: 32 [ 127.181459][ T5907] usb 3-1: config index 0 descriptor too short (expected 156, got 27) [ 127.196662][ T5907] usb 3-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 127.261932][ T5907] usb 3-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 127.300029][ T5907] usb 3-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 127.368906][ T5907] usb 3-1: config 0 interface 0 has no altsetting 0 [ 127.436071][ T5907] usb 3-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 127.445263][ T5907] usb 3-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 127.485736][ T5907] usb 3-1: Product: syz [ 127.490082][ T5907] usb 3-1: Manufacturer: syz [ 127.494710][ T5907] usb 3-1: SerialNumber: syz [ 127.539683][ T5907] usb 3-1: config 0 descriptor?? [ 127.561231][ T5907] ldusb 3-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 127.611306][ T5907] ldusb 3-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 127.633284][ T6276] Illegal XDP return value 4294967274 on prog (id 18) dev N/A, expect packet loss! [ 127.919101][ T5878] usb 3-1: USB disconnect, device number 2 [ 127.919892][ T6259] ldusb 3-1:0.0: Couldn't submit HID_REQ_SET_REPORT -71 [ 127.932089][ C0] ldusb 3-1:0.0: usb_submit_urb failed (-19) [ 127.975421][ T5878] ldusb 3-1:0.0: LD USB Device #0 now disconnected [ 128.261363][ T6290] netlink: 8 bytes leftover after parsing attributes in process `syz.1.105'. [ 128.529767][ T30] audit: type=1800 audit(1748593786.321:5): pid=6289 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.1.105" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 129.986547][ T5878] usb 4-1: new low-speed USB device number 4 using dummy_hcd [ 130.860935][ T5878] usb 4-1: device descriptor read/64, error -71 [ 131.213216][ T5878] usb 4-1: new low-speed USB device number 5 using dummy_hcd [ 131.435713][ T5878] usb 4-1: device descriptor read/64, error -71 [ 131.581112][ T5878] usb usb4-port1: attempt power cycle [ 132.269000][ T5878] usb 4-1: new low-speed USB device number 6 using dummy_hcd [ 132.298163][ T5878] usb 4-1: device descriptor read/8, error -71 [ 132.345916][ T194] Ignoring NSS change in VHT Operating Mode Notification from 08:02:11:00:00:00 with invalid nss 2 [ 132.566019][ T5878] usb 4-1: new low-speed USB device number 7 using dummy_hcd [ 132.636623][ T5878] usb 4-1: device descriptor read/8, error -71 [ 132.760048][ T5878] usb usb4-port1: unable to enumerate USB device [ 132.862786][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.871925][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.251128][ T5878] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 134.075701][ T5878] usb 4-1: Using ep0 maxpacket: 32 [ 134.151644][ T6350] netlink: 28 bytes leftover after parsing attributes in process `syz.2.123'. [ 134.161003][ T6350] netlink: 28 bytes leftover after parsing attributes in process `syz.2.123'. [ 134.176416][ T5878] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32 [ 134.233731][ T5878] usb 4-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 134.250302][ T5878] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 134.298134][ T5878] usb 4-1: Product: syz [ 134.302368][ T5878] usb 4-1: Manufacturer: syz [ 134.358042][ T5878] usb 4-1: SerialNumber: syz [ 134.385103][ T5878] usb 4-1: config 0 descriptor?? [ 134.440598][ T6344] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 134.478592][ T5878] hub 4-1:0.0: bad descriptor, ignoring hub [ 134.484578][ T5878] hub 4-1:0.0: probe with driver hub failed with error -5 [ 134.531484][ T5878] input: syz syz as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input5 [ 134.540885][ T5913] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 134.705748][ T5913] usb 1-1: Using ep0 maxpacket: 32 [ 134.881070][ T5913] usb 1-1: config index 0 descriptor too short (expected 156, got 27) [ 134.910612][ T5907] usb 4-1: USB disconnect, device number 8 [ 134.910780][ C1] usbtouchscreen 4-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19 [ 135.794243][ T5913] usb 1-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 135.825639][ T5913] usb 1-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 135.859408][ T5913] usb 1-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 135.935668][ T5913] usb 1-1: config 0 interface 0 has no altsetting 0 [ 135.963055][ T5913] usb 1-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 135.982935][ T5913] usb 1-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 136.038949][ T5913] usb 1-1: Product: syz [ 136.043179][ T5913] usb 1-1: Manufacturer: syz [ 136.086579][ T5913] usb 1-1: SerialNumber: syz [ 136.134673][ T5913] usb 1-1: config 0 descriptor?? [ 136.280341][ T5913] ldusb 1-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 136.360952][ T5913] ldusb 1-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 136.679856][ T5913] usb 1-1: USB disconnect, device number 3 [ 136.802783][ T5913] ldusb 1-1:0.0: LD USB Device #0 now disconnected [ 136.915661][ T5879] usb 5-1: new low-speed USB device number 3 using dummy_hcd [ 137.070091][ T5879] usb 5-1: device descriptor read/64, error -71 [ 137.213380][ T6390] sp0: Synchronizing with TNC [ 137.918783][ T5879] usb 5-1: new low-speed USB device number 4 using dummy_hcd [ 137.967373][ T6388] [U] è` [ 138.348694][ T6374] loop6: detected capacity change from 0 to 63 [ 138.367908][ T6374] Buffer I/O error on dev loop6, logical block 0, lost async page write [ 138.376510][ T6374] Buffer I/O error on dev loop6, logical block 1, lost async page write [ 138.384951][ T6374] Buffer I/O error on dev loop6, logical block 2, lost async page write [ 138.393518][ T6374] Buffer I/O error on dev loop6, logical block 3, lost async page write [ 138.402471][ T6374] Buffer I/O error on dev loop6, logical block 4, lost async page write [ 138.410957][ T6374] Buffer I/O error on dev loop6, logical block 5, lost async page write [ 138.419473][ T6374] Buffer I/O error on dev loop6, logical block 6, lost async page write [ 138.985611][ T5879] usb 5-1: device descriptor read/64, error -71 [ 139.105671][ T5879] usb usb5-port1: attempt power cycle [ 139.504243][ T6403] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 141.121996][ T6414] bridge_slave_0: left allmulticast mode [ 141.136138][ T6414] bridge_slave_0: left promiscuous mode [ 141.186134][ T6414] bridge0: port 1(bridge_slave_0) entered disabled state [ 141.240420][ T6414] bridge_slave_1: left allmulticast mode [ 141.277719][ T6414] bridge_slave_1: left promiscuous mode [ 141.306432][ T6414] bridge0: port 2(bridge_slave_1) entered disabled state [ 141.482998][ T6414] bond0: (slave bond_slave_0): Releasing backup interface [ 141.591615][ T6414] bond0: (slave bond_slave_1): Releasing backup interface [ 142.112438][ T6429] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 142.650138][ T6414] team0: Port device team_slave_0 removed [ 142.710109][ T6414] team0: Port device team_slave_1 removed [ 142.729892][ T6414] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 142.750850][ T6414] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 142.772701][ T6436] Bluetooth: MGMT ver 1.23 [ 142.811688][ T6414] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 142.831173][ T6414] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 143.046158][ T6434] sp0: Synchronizing with TNC [ 143.076006][ T6414] syz.1.140 (6414) used greatest stack depth: 19992 bytes left [ 143.088579][ T6433] [U] è` [ 143.365590][ T5878] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 144.375826][ T5878] usb 5-1: Using ep0 maxpacket: 32 [ 145.165612][ T5878] usb 5-1: config index 0 descriptor too short (expected 156, got 27) [ 145.173933][ T5878] usb 5-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 145.192496][ T5878] usb 5-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 145.244645][ T5878] usb 5-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 145.339188][ T5878] usb 5-1: config 0 interface 0 has no altsetting 0 [ 145.378876][ T5878] usb 5-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 145.619366][ T5878] usb 5-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 146.293039][ T5878] usb 5-1: Product: syz [ 146.321492][ T5878] usb 5-1: Manufacturer: syz [ 146.340315][ T5878] usb 5-1: SerialNumber: syz [ 146.439068][ T5878] usb 5-1: config 0 descriptor?? [ 146.466665][ T5878] usb 5-1: can't set config #0, error -71 [ 146.505071][ T5878] usb 5-1: USB disconnect, device number 6 [ 146.520792][ T6470] netlink: 28 bytes leftover after parsing attributes in process `syz.2.153'. [ 146.529854][ T6470] netlink: 108 bytes leftover after parsing attributes in process `syz.2.153'. [ 146.545960][ T6470] netlink: 28 bytes leftover after parsing attributes in process `syz.2.153'. [ 146.564257][ T6470] netlink: 108 bytes leftover after parsing attributes in process `syz.2.153'. [ 146.573699][ T6470] netlink: 84 bytes leftover after parsing attributes in process `syz.2.153'. [ 150.664061][ T6502] [U] [ 150.805742][ T5879] usb 4-1: new low-speed USB device number 9 using dummy_hcd [ 150.945650][ T5879] usb 4-1: device descriptor read/64, error -71 [ 150.971577][ T5832] Bluetooth: hci4: link tx timeout [ 150.977071][ T5832] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 151.025720][ T981] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 151.216517][ T5879] usb 4-1: new low-speed USB device number 10 using dummy_hcd [ 151.245668][ T981] usb 5-1: Using ep0 maxpacket: 32 [ 151.263044][ T981] usb 5-1: config index 0 descriptor too short (expected 156, got 27) [ 151.301494][ T981] usb 5-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 151.353689][ T981] usb 5-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 151.365618][ T5879] usb 4-1: device descriptor read/64, error -71 [ 151.390021][ T981] usb 5-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 151.496883][ T5879] usb usb4-port1: attempt power cycle [ 151.711362][ T981] usb 5-1: config 0 interface 0 has no altsetting 0 [ 151.734008][ T981] usb 5-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 151.743774][ T981] usb 5-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 151.761098][ T981] usb 5-1: Product: syz [ 151.776441][ T981] usb 5-1: Manufacturer: syz [ 151.841883][ T981] usb 5-1: SerialNumber: syz [ 151.902592][ T981] usb 5-1: config 0 descriptor?? [ 151.920631][ T981] ldusb 5-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 151.956112][ T5879] usb 4-1: new low-speed USB device number 11 using dummy_hcd [ 151.978792][ T981] ldusb 5-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 151.992507][ T5879] usb 4-1: device descriptor read/8, error -71 [ 152.247876][ T5879] usb 4-1: new low-speed USB device number 12 using dummy_hcd [ 152.300153][ T5879] usb 4-1: device descriptor read/8, error -71 [ 152.427777][ T5879] usb usb4-port1: unable to enumerate USB device [ 153.016020][ T5828] Bluetooth: hci4: command 0x0406 tx timeout [ 155.259894][ T6570] [U] [ 156.041971][ T6585] xt_TPROXY: Can be used only with -p tcp or -p udp [ 157.273482][ T6505] ldusb 5-1:0.0: Couldn't submit HID_REQ_SET_REPORT -110 [ 157.405340][ T5833] usb 5-1: USB disconnect, device number 7 [ 157.405427][ C0] ldusb 5-1:0.0: usb_submit_urb failed (-19) [ 157.441444][ T5833] ldusb 5-1:0.0: LD USB Device #0 now disconnected [ 159.553714][ T6617] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 159.580013][ T6617] xt_hashlimit: size too large, truncated to 1048576 [ 160.445686][ T5879] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 160.627190][ T5879] usb 2-1: Using ep0 maxpacket: 32 [ 160.654044][ T5879] usb 2-1: config index 0 descriptor too short (expected 156, got 27) [ 160.682957][ T5879] usb 2-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 160.751907][ T5879] usb 2-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 160.982834][ T5879] usb 2-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 161.063485][ T5879] usb 2-1: config 0 interface 0 has no altsetting 0 [ 161.113199][ T5879] usb 2-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 161.144712][ T5879] usb 2-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 161.323908][ T5879] usb 2-1: Product: syz [ 161.328630][ T5879] usb 2-1: Manufacturer: syz [ 161.333364][ T5879] usb 2-1: SerialNumber: syz [ 161.347250][ T5879] usb 2-1: config 0 descriptor?? [ 161.355726][ T5879] ldusb 2-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 161.556084][ T30] audit: type=1326 audit(1748593819.301:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6632 comm="syz.3.204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9aab8e969 code=0x7ffc0000 [ 162.182481][ T5879] ldusb 2-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 162.256886][ T30] audit: type=1326 audit(1748593819.301:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6632 comm="syz.3.204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7ff9aab8e969 code=0x7ffc0000 [ 162.664210][ T5879] usb 2-1: USB disconnect, device number 3 [ 162.710389][ T5879] ldusb 2-1:0.0: LD USB Device #0 now disconnected [ 162.733602][ T30] audit: type=1326 audit(1748593819.311:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6632 comm="syz.3.204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9aab8e969 code=0x7ffc0000 [ 162.824322][ T30] audit: type=1326 audit(1748593819.311:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6632 comm="syz.3.204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff9aab8e969 code=0x7ffc0000 [ 162.845523][ C1] vkms_vblank_simulate: vblank timer overrun [ 162.917914][ T30] audit: type=1326 audit(1748593819.311:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6632 comm="syz.3.204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9aab8e969 code=0x7ffc0000 [ 162.975269][ T30] audit: type=1326 audit(1748593819.311:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6632 comm="syz.3.204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7ff9aab8e969 code=0x7ffc0000 [ 163.038237][ T30] audit: type=1326 audit(1748593819.311:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6632 comm="syz.3.204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9aab8e969 code=0x7ffc0000 [ 163.085632][ T30] audit: type=1326 audit(1748593819.311:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6632 comm="syz.3.204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7ff9aab8e969 code=0x7ffc0000 [ 163.118004][ T30] audit: type=1326 audit(1748593819.321:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6632 comm="syz.3.204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=96 compat=0 ip=0xffffffffff600000 code=0x7ffc0000 [ 163.144420][ T30] audit: type=1326 audit(1748593819.321:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6632 comm="syz.3.204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9aab8e969 code=0x7ffc0000 [ 163.165734][ C1] vkms_vblank_simulate: vblank timer overrun [ 163.844563][ T6658] netlink: 28 bytes leftover after parsing attributes in process `syz.0.215'. [ 164.498183][ T6658] netlink: 28 bytes leftover after parsing attributes in process `syz.0.215'. [ 167.446047][ T5913] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 167.584872][ T6700] netlink: 28 bytes leftover after parsing attributes in process `syz.4.229'. [ 167.603101][ T6700] netlink: 28 bytes leftover after parsing attributes in process `syz.4.229'. [ 167.619032][ T5913] usb 3-1: Using ep0 maxpacket: 32 [ 167.628728][ T5913] usb 3-1: config index 0 descriptor too short (expected 156, got 27) [ 167.641106][ T5913] usb 3-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 167.751754][ T5913] usb 3-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 167.901879][ T5913] usb 3-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 167.974438][ T6705] netlink: 'syz.0.231': attribute type 1 has an invalid length. [ 168.099114][ T5913] usb 3-1: config 0 interface 0 has no altsetting 0 [ 168.259258][ T5913] usb 3-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 168.418038][ T5913] usb 3-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 168.568226][ T5913] usb 3-1: Product: syz [ 168.637852][ T5913] usb 3-1: Manufacturer: syz [ 168.716697][ T5913] usb 3-1: SerialNumber: syz [ 168.777542][ T5913] usb 3-1: config 0 descriptor?? [ 168.804222][ T6712] netlink: 16 bytes leftover after parsing attributes in process `syz.4.234'. [ 168.807921][ T5913] ldusb 3-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 168.835708][ T6712] netlink: 24 bytes leftover after parsing attributes in process `syz.4.234'. [ 168.868395][ T5913] ldusb 3-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 169.229033][ T5833] usb 3-1: USB disconnect, device number 3 [ 169.229165][ C1] ldusb 3-1:0.0: usb_submit_urb failed (-19) [ 169.424990][ T5833] ldusb 3-1:0.0: LD USB Device #0 now disconnected [ 169.968809][ T6733] netlink: 8 bytes leftover after parsing attributes in process `syz.1.240'. [ 170.049336][ T6733] netlink: 24 bytes leftover after parsing attributes in process `syz.1.240'. [ 170.254647][ T6742] netlink: 28 bytes leftover after parsing attributes in process `syz.4.244'. [ 170.330142][ T6742] netlink: 28 bytes leftover after parsing attributes in process `syz.4.244'. [ 171.233172][ T6752] netlink: 56 bytes leftover after parsing attributes in process `syz.1.247'. [ 173.129214][ T5833] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 173.212765][ T30] kauditd_printk_skb: 1 callbacks suppressed [ 173.219058][ T30] audit: type=1326 audit(1748593830.991:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6766 comm="syz.3.254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9aab8e969 code=0x7ffc0000 [ 173.715963][ T30] audit: type=1326 audit(1748593831.001:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6766 comm="syz.3.254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7ff9aab8e969 code=0x7ffc0000 [ 173.825644][ T30] audit: type=1326 audit(1748593831.001:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6766 comm="syz.3.254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9aab8e969 code=0x7ffc0000 [ 173.902749][ T30] audit: type=1326 audit(1748593831.001:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6766 comm="syz.3.254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff9aab8e969 code=0x7ffc0000 [ 174.112962][ T30] audit: type=1326 audit(1748593831.001:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6766 comm="syz.3.254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9aab8e969 code=0x7ffc0000 [ 174.125648][ T5833] usb 2-1: Using ep0 maxpacket: 32 [ 174.143052][ T30] audit: type=1326 audit(1748593831.001:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6766 comm="syz.3.254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7ff9aab8e969 code=0x7ffc0000 [ 174.206801][ T30] audit: type=1326 audit(1748593831.001:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6766 comm="syz.3.254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9aab8e969 code=0x7ffc0000 [ 174.915701][ T30] audit: type=1326 audit(1748593831.001:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6766 comm="syz.3.254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9aab8e969 code=0x7ffc0000 [ 174.962791][ T5833] usb 2-1: config index 0 descriptor too short (expected 156, got 27) [ 174.975084][ T5833] usb 2-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 174.987085][ T5833] usb 2-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 175.005930][ T5833] usb 2-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 175.291833][ T6783] ======================================================= [ 175.291833][ T6783] WARNING: The mand mount option has been deprecated and [ 175.291833][ T6783] and is ignored by this kernel. Remove the mand [ 175.291833][ T6783] option from the mount to silence this warning. [ 175.291833][ T6783] ======================================================= [ 175.883709][ T5833] usb 2-1: config 0 interface 0 has no altsetting 0 [ 176.339790][ T5833] usb 2-1: string descriptor 0 read error: -71 [ 176.353405][ T5833] usb 2-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 177.030673][ T5833] usb 2-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 177.089857][ T5833] usb 2-1: config 0 descriptor?? [ 177.141994][ T5833] usb 2-1: can't set config #0, error -71 [ 177.165967][ T5833] usb 2-1: USB disconnect, device number 4 [ 177.197185][ T6796] netlink: 28 bytes leftover after parsing attributes in process `syz.4.261'. [ 177.492785][ T6796] netlink: 28 bytes leftover after parsing attributes in process `syz.4.261'. [ 178.936646][ T30] audit: type=1326 audit(1748593836.751:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6804 comm="syz.0.266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda7938e969 code=0x7ffc0000 [ 179.546282][ T30] audit: type=1326 audit(1748593836.751:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6804 comm="syz.0.266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fda7938e969 code=0x7ffc0000 [ 180.140537][ T30] audit: type=1326 audit(1748593836.751:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6804 comm="syz.0.266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda7938e969 code=0x7ffc0000 [ 180.230333][ T30] audit: type=1326 audit(1748593836.751:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6804 comm="syz.0.266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fda7938e969 code=0x7ffc0000 [ 180.415449][ T30] audit: type=1326 audit(1748593836.751:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6804 comm="syz.0.266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda7938e969 code=0x7ffc0000 [ 180.498162][ T6823] netlink: 256 bytes leftover after parsing attributes in process `syz.4.270'. [ 181.197911][ T30] audit: type=1326 audit(1748593836.751:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6804 comm="syz.0.266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7fda7938e969 code=0x7ffc0000 [ 181.245573][ T30] audit: type=1326 audit(1748593836.751:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6804 comm="syz.0.266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda7938e969 code=0x7ffc0000 [ 181.270005][ T30] audit: type=1326 audit(1748593836.761:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6804 comm="syz.0.266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda7938e969 code=0x7ffc0000 [ 185.182244][ T6841] netlink: 28 bytes leftover after parsing attributes in process `syz.1.277'. [ 185.225750][ T6841] netlink: 28 bytes leftover after parsing attributes in process `syz.1.277'. [ 186.206206][ T30] audit: type=1326 audit(1748593843.421:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6847 comm="syz.3.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9aab8e969 code=0x7ffc0000 [ 186.293319][ T30] audit: type=1326 audit(1748593843.421:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6847 comm="syz.3.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7ff9aab8e969 code=0x7ffc0000 [ 187.961348][ T6865] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 188.104295][ T30] audit: type=1326 audit(1748593843.421:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6847 comm="syz.3.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9aab8e969 code=0x7ffc0000 [ 188.167515][ T30] audit: type=1326 audit(1748593843.421:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6847 comm="syz.3.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff9aab8e969 code=0x7ffc0000 [ 188.190181][ T30] audit: type=1326 audit(1748593843.421:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6847 comm="syz.3.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9aab8e969 code=0x7ffc0000 [ 188.211784][ T30] audit: type=1326 audit(1748593843.421:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6847 comm="syz.3.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7ff9aab8e969 code=0x7ffc0000 [ 188.234703][ T30] audit: type=1326 audit(1748593843.421:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6847 comm="syz.3.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9aab8e969 code=0x7ffc0000 [ 188.331152][ T30] audit: type=1326 audit(1748593843.431:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6847 comm="syz.3.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9aab8e969 code=0x7ffc0000 [ 189.569337][ T981] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 189.638187][ T981] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz1] on syz0 [ 189.645250][ T6896] netlink: 4 bytes leftover after parsing attributes in process `syz.4.293'. [ 190.335842][ T5878] usb 5-1: new low-speed USB device number 8 using dummy_hcd [ 190.608556][ T5878] usb 5-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 190.915596][ T5878] usb 5-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 190.939373][ T5878] usb 5-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 190.955567][ T5878] usb 5-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 191.003300][ T5878] usb 5-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 191.027644][ T5878] usb 5-1: config 168 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 191.070272][ T5878] usb 5-1: string descriptor 0 read error: -22 [ 191.098108][ T5878] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 191.130065][ T5878] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 191.175602][ T5878] adutux 5-1:168.0: interrupt endpoints not found [ 192.898394][ T6933] fuse: Bad value for 'fd' [ 193.796127][ T30] audit: type=1326 audit(1748593851.601:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6931 comm="syz.2.306" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f17e798e969 code=0x0 [ 194.197749][ T981] usb 5-1: USB disconnect, device number 8 [ 194.307203][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.396628][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.684201][ T6941] netdevsim netdevsim3 netdevsim0: entered promiscuous mode [ 194.983089][ T981] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 195.012294][ T981] hid-generic 0000:0000:0000.0002: hidraw0: HID v0.00 Device [syz1] on syz0 [ 195.940631][ T30] audit: type=1326 audit(1748593853.141:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6954 comm="syz.1.313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f146998e969 code=0x7ffc0000 [ 196.254395][ T30] audit: type=1326 audit(1748593853.141:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6954 comm="syz.1.313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f146998e969 code=0x7ffc0000 [ 196.406499][ T6951] delete_channel: no stack [ 196.550094][ T30] audit: type=1326 audit(1748593853.141:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6954 comm="syz.1.313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f146998e969 code=0x7ffc0000 [ 196.595636][ T30] audit: type=1326 audit(1748593853.141:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6954 comm="syz.1.313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7f146998e969 code=0x7ffc0000 [ 196.713324][ T30] audit: type=1326 audit(1748593853.151:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6954 comm="syz.1.313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f146998e969 code=0x7ffc0000 [ 196.736574][ T30] audit: type=1326 audit(1748593853.151:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6954 comm="syz.1.313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f146998e969 code=0x7ffc0000 [ 198.563051][ T6980] fuse: Bad value for 'fd' [ 198.606761][ T30] audit: type=1326 audit(1748593856.431:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6979 comm="syz.3.319" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff9aab8e969 code=0x0 [ 204.526608][ T7030] fuse: Bad value for 'fd' [ 204.537545][ T30] audit: type=1326 audit(1748593862.361:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7029 comm="syz.0.334" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fda7938e969 code=0x0 [ 206.397551][ T7051] xt_CT: No such helper "snmp" [ 209.496364][ T7081] netlink: 28 bytes leftover after parsing attributes in process `syz.0.346'. [ 209.563923][ T7081] netlink: 28 bytes leftover after parsing attributes in process `syz.0.346'. [ 209.593978][ T7089] netlink: 4 bytes leftover after parsing attributes in process `syz.1.347'. [ 209.621542][ T7086] netlink: 'syz.1.347': attribute type 1 has an invalid length. [ 210.429142][ T7087] syz.4.349: attempt to access beyond end of device [ 210.429142][ T7087] nbd4: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 210.445554][ T7087] SQUASHFS error: Failed to read block 0x0: -5 [ 210.460096][ T7087] unable to read squashfs_super_block [ 210.952137][ T7101] fuse: Unknown parameter '0x0000000000000003' [ 210.996158][ T30] audit: type=1326 audit(1748593868.811:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7098 comm="syz.2.351" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f17e798e969 code=0x0 [ 212.018321][ T5878] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 212.055229][ T5878] hid-generic 0000:0000:0000.0003: hidraw0: HID v0.00 Device [syz1] on syz0 [ 213.706190][ T7135] netlink: 28 bytes leftover after parsing attributes in process `syz.1.363'. [ 213.882487][ T7135] netlink: 28 bytes leftover after parsing attributes in process `syz.1.363'. [ 214.866176][ T7149] fuse: Unknown parameter '0x0000000000000003' [ 215.338766][ T30] audit: type=1326 audit(1748593872.731:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7146 comm="syz.1.368" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f146998e969 code=0x0 [ 216.858908][ T5824] Bluetooth: hci1: command 0x0406 tx timeout [ 216.865020][ T5824] Bluetooth: hci2: command 0x0406 tx timeout [ 216.871604][ T5841] Bluetooth: hci3: command 0x0406 tx timeout [ 217.726175][ T7184] netlink: 'syz.3.379': attribute type 7 has an invalid length. [ 218.078747][ T7184] : entered promiscuous mode [ 218.525032][ T6080] Bluetooth: hci5: Frame reassembly failed (-84) [ 218.529552][ T7198] fuse: Unknown parameter '0x0000000000000003' [ 218.580842][ T30] audit: type=1326 audit(1748593876.401:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7197 comm="syz.4.386" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f831e78e969 code=0x0 [ 218.761606][ T7205] Invalid source name [ 218.777853][ T7205] UBIFS error (pid: 7205): cannot open "./file0", error -22 [ 219.700414][ T7203] syz.2.384 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 220.572331][ T5834] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 220.579916][ T5828] Bluetooth: hci5: command 0x1003 tx timeout [ 222.192366][ T7250] fuse: Unknown parameter '0x0000000000000003' [ 222.216024][ T5833] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 222.915353][ T30] audit: type=1326 audit(1748593880.731:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7246 comm="syz.0.402" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fda7938e969 code=0x0 [ 223.240747][ T5833] usb 2-1: device descriptor read/64, error -71 [ 223.626036][ T5833] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 223.767442][ T5833] usb 2-1: device descriptor read/64, error -71 [ 223.916138][ T5833] usb usb2-port1: attempt power cycle [ 224.255581][ T5833] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 224.558277][ T5833] usb 2-1: device descriptor read/8, error -71 [ 224.826235][ T5833] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 226.155322][ T5833] usb 2-1: device descriptor read/8, error -71 [ 226.375709][ T5833] usb usb2-port1: unable to enumerate USB device [ 226.805766][ T7290] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 228.161072][ T7301] netlink: 'syz.0.420': attribute type 21 has an invalid length. [ 228.169404][ T7301] netlink: 128 bytes leftover after parsing attributes in process `syz.0.420'. [ 228.187117][ T7301] netlink: 'syz.0.420': attribute type 5 has an invalid length. [ 228.195360][ T7301] netlink: 'syz.0.420': attribute type 6 has an invalid length. [ 228.203651][ T7301] netlink: 3 bytes leftover after parsing attributes in process `syz.0.420'. [ 231.326046][ T7345] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 231.625648][ T24] usb 3-1: new low-speed USB device number 4 using dummy_hcd [ 231.831272][ T24] usb 3-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 231.924673][ T24] usb 3-1: config 168 has 0 interfaces, different from the descriptor's value: 1 [ 232.014130][ T24] usb 3-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 232.044359][ T5878] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 232.056347][ T24] usb 3-1: config 168 has 0 interfaces, different from the descriptor's value: 1 [ 232.097638][ T24] usb 3-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config [ 232.110605][ T24] usb 3-1: config 168 has 0 interfaces, different from the descriptor's value: 1 [ 232.207258][ T24] usb 3-1: string descriptor 0 read error: -22 [ 232.226669][ T5878] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 232.257020][ T24] usb 3-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 232.275094][ T5878] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 232.482984][ T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 232.514333][ T5878] usb 2-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00 [ 232.531681][ T24] usb 3-1: rejected 3 configurations due to insufficient available bus power [ 232.541710][ T5878] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 232.550021][ T24] usb 3-1: no configuration chosen from 3 choices [ 232.566062][ T5878] usb 2-1: config 0 descriptor?? [ 233.959861][ T5878] cp2112 0003:10C4:EA90.0004: unknown main item tag 0x0 [ 233.995033][ T5878] cp2112 0003:10C4:EA90.0004: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.1-1/input0 [ 234.085947][ T5878] cp2112 0003:10C4:EA90.0004: Part Number: 0x82 Device Version: 0xFE [ 234.421995][ T24] usb 3-1: USB disconnect, device number 4 [ 234.504677][ T7395] netlink: 28 bytes leftover after parsing attributes in process `syz.4.450'. [ 234.569249][ T7395] netlink: 28 bytes leftover after parsing attributes in process `syz.4.450'. [ 234.696429][ T5833] usb 2-1: USB disconnect, device number 9 [ 235.520259][ T7413] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 239.218071][ T7464] xt_CT: No such helper "pptp" [ 239.346127][ T7480] netlink: 28 bytes leftover after parsing attributes in process `syz.2.483'. [ 239.355073][ T7480] netlink: 28 bytes leftover after parsing attributes in process `syz.2.483'. [ 240.008732][ T7490] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 241.695911][ T7512] netlink: 28 bytes leftover after parsing attributes in process `syz.2.495'. [ 241.704843][ T7512] netlink: 28 bytes leftover after parsing attributes in process `syz.2.495'. [ 242.058403][ T7522] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 242.808762][ T7526] netlink: 8 bytes leftover after parsing attributes in process `syz.1.501'. [ 244.006474][ T7551] netlink: 8 bytes leftover after parsing attributes in process `syz.1.509'. [ 244.677516][ T7550] netlink: 8 bytes leftover after parsing attributes in process `syz.2.511'. [ 244.700569][ T7550] netlink: 4 bytes leftover after parsing attributes in process `syz.2.511'. [ 244.741499][ T7550] nbd: socks must be embedded in a SOCK_ITEM attr [ 244.813232][ T7551] syz.1.509 (7551) used greatest stack depth: 16880 bytes left [ 244.904173][ T7548] netlink: 28 bytes leftover after parsing attributes in process `syz.0.510'. [ 244.955628][ T7548] netlink: 28 bytes leftover after parsing attributes in process `syz.0.510'. [ 245.304652][ T7560] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 246.056039][ T7564] Zero length message leads to an empty skb [ 247.218495][ T7582] netlink: 'syz.1.524': attribute type 13 has an invalid length. [ 249.422532][ T7582] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 249.433914][ T7582] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 249.443069][ T7582] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 249.452377][ T7582] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 249.541190][ T7602] dvmrp8: entered allmulticast mode [ 250.006778][ T7611] netlink: 28 bytes leftover after parsing attributes in process `syz.3.536'. [ 250.017833][ T7611] netlink: 108 bytes leftover after parsing attributes in process `syz.3.536'. [ 250.049867][ T7611] netlink: 28 bytes leftover after parsing attributes in process `syz.3.536'. [ 250.078955][ T7611] netlink: 108 bytes leftover after parsing attributes in process `syz.3.536'. [ 250.092394][ T7611] netlink: 84 bytes leftover after parsing attributes in process `syz.3.536'. [ 250.748325][ T7623] 9pnet_fd: Insufficient options for proto=fd [ 251.095803][ T24] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 251.617171][ T24] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 251.627887][ T24] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 251.637192][ T24] usb 5-1: config 1 has no interface number 0 [ 251.643354][ T24] usb 5-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 251.659343][ T24] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 251.703909][ T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 251.762983][ T24] usb 5-1: Product: syz [ 251.773220][ T7636] netlink: 12 bytes leftover after parsing attributes in process `syz.1.545'. [ 251.775184][ T24] usb 5-1: Manufacturer: syz [ 252.426872][ T24] usb 5-1: SerialNumber: syz [ 252.441820][ T24] cdc_ncm 5-1:1.1: skipping garbage [ 252.454401][ T24] usb 5-1: selecting invalid altsetting 1 [ 253.048588][ T24] cdc_ncm 5-1:1.1: failed GET_NTB_PARAMETERS [ 253.060947][ T24] cdc_ncm 5-1:1.1: bind() failure [ 253.104028][ T24] usb 5-1: USB disconnect, device number 9 [ 255.362227][ T7667] nvme_fabrics: missing parameter 'transport=%s' [ 255.744193][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.745982][ T7667] nvme_fabrics: missing parameter 'nqn=%s' [ 255.750682][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 259.241966][ T7722] netlink: 32 bytes leftover after parsing attributes in process `syz.1.575'. [ 262.525359][ T6080] Bluetooth: hci5: Frame reassembly failed (-84) [ 262.833904][ T7754] Invalid source name [ 262.838334][ T7754] UBIFS error (pid: 7754): cannot open "./file0", error -22 [ 264.545938][ T5832] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 267.498966][ T7797] (syz.3.599,7797,0):ocfs2_fill_super:989 ERROR: superblock probe failed! [ 267.508032][ T7797] (syz.3.599,7797,0):ocfs2_fill_super:1177 ERROR: status = -22 [ 268.097839][ T7804] netlink: 16 bytes leftover after parsing attributes in process `syz.2.603'. [ 268.154697][ T981] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 268.330089][ T981] usb 5-1: Using ep0 maxpacket: 32 [ 268.340089][ T981] usb 5-1: config index 0 descriptor too short (expected 156, got 27) [ 268.360075][ T981] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 268.393866][ T981] usb 5-1: config 0 has no interfaces? [ 268.414194][ T981] usb 5-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 268.445686][ T981] usb 5-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 268.482905][ T981] usb 5-1: Product: syz [ 268.506436][ T981] usb 5-1: Manufacturer: syz [ 268.522685][ T981] usb 5-1: SerialNumber: syz [ 268.562923][ T981] usb 5-1: config 0 descriptor?? [ 268.812369][ T5879] usb 5-1: USB disconnect, device number 10 [ 268.925604][ T981] usb 1-1: new low-speed USB device number 4 using dummy_hcd [ 269.201332][ T981] usb 1-1: config 168 descriptor has 1 excess byte, ignoring [ 269.229413][ T981] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 269.270626][ T981] usb 1-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 269.315770][ T981] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 269.355878][ T981] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 269.377568][ T981] usb 1-1: config 168 descriptor has 1 excess byte, ignoring [ 269.385059][ T981] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 269.436089][ T981] usb 1-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 269.479607][ T981] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 269.529070][ T981] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 269.567098][ T981] usb 1-1: config 168 descriptor has 1 excess byte, ignoring [ 269.584332][ T981] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 269.620788][ T7841] (unnamed net_device) (uninitialized): option active_slave: mode dependency failed, not supported in mode balance-rr(0) [ 269.655959][ T981] usb 1-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 269.700207][ T981] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 269.754245][ T981] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 269.826609][ T7847] netlink: 28 bytes leftover after parsing attributes in process `syz.1.616'. [ 269.836317][ T7847] netlink: 108 bytes leftover after parsing attributes in process `syz.1.616'. [ 269.846306][ T7847] netlink: 28 bytes leftover after parsing attributes in process `syz.1.616'. [ 269.863885][ T7847] netlink: 108 bytes leftover after parsing attributes in process `syz.1.616'. [ 269.933708][ T7847] netlink: 84 bytes leftover after parsing attributes in process `syz.1.616'. [ 271.782485][ T981] usb 1-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 271.791873][ T981] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 271.832559][ T981] usb 1-1: can't set config #168, error -71 [ 271.873843][ T981] usb 1-1: USB disconnect, device number 4 [ 271.979004][ T5879] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 272.175857][ T5879] usb 5-1: Using ep0 maxpacket: 32 [ 272.354260][ T5879] usb 5-1: config index 0 descriptor too short (expected 156, got 27) [ 272.705277][ T5879] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 272.757131][ T5879] usb 5-1: config 0 has no interfaces? [ 272.764881][ T5879] usb 5-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 272.774310][ T5879] usb 5-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 272.784818][ T5879] usb 5-1: Product: syz [ 272.789356][ T5879] usb 5-1: Manufacturer: syz [ 272.793985][ T5879] usb 5-1: SerialNumber: syz [ 272.816632][ T5879] usb 5-1: config 0 descriptor?? [ 273.150722][ T7892] netlink: 256 bytes leftover after parsing attributes in process `syz.0.630'. [ 273.949978][ T5878] usb 5-1: USB disconnect, device number 11 [ 274.152950][ T7898] netlink: 28 bytes leftover after parsing attributes in process `syz.1.631'. [ 274.165002][ T7898] netlink: 108 bytes leftover after parsing attributes in process `syz.1.631'. [ 274.174290][ T7898] netlink: 28 bytes leftover after parsing attributes in process `syz.1.631'. [ 274.183275][ T7898] netlink: 108 bytes leftover after parsing attributes in process `syz.1.631'. [ 274.192237][ T7898] netlink: 84 bytes leftover after parsing attributes in process `syz.1.631'. [ 276.409637][ T7937] netlink: 256 bytes leftover after parsing attributes in process `syz.1.642'. [ 277.175769][ T30] audit: type=1800 audit(1748593934.991:54): pid=7939 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.2.646" name="bus" dev="overlay" ino=707 res=0 errno=0 [ 278.153119][ T7945] netlink: 28 bytes leftover after parsing attributes in process `syz.0.645'. [ 278.162047][ T7945] netlink: 108 bytes leftover after parsing attributes in process `syz.0.645'. [ 278.171430][ T7945] netlink: 28 bytes leftover after parsing attributes in process `syz.0.645'. [ 278.180431][ T7945] netlink: 108 bytes leftover after parsing attributes in process `syz.0.645'. [ 278.189484][ T7945] netlink: 84 bytes leftover after parsing attributes in process `syz.0.645'. [ 278.768269][ T5878] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 279.556195][ T5878] usb 3-1: Using ep0 maxpacket: 32 [ 280.439073][ T5878] usb 3-1: config index 0 descriptor too short (expected 156, got 27) [ 280.504895][ T5878] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 280.713652][ T5878] usb 3-1: config 0 has no interfaces? [ 280.873654][ T5878] usb 3-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 281.004583][ T7980] netlink: 256 bytes leftover after parsing attributes in process `syz.4.657'. [ 281.434767][ T5878] usb 3-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 281.470297][ T5878] usb 3-1: Product: syz [ 281.485083][ T5878] usb 3-1: Manufacturer: syz [ 281.526962][ T5878] usb 3-1: SerialNumber: syz [ 281.547885][ T7982] netlink: 28 bytes leftover after parsing attributes in process `syz.1.660'. [ 281.557145][ T7982] netlink: 108 bytes leftover after parsing attributes in process `syz.1.660'. [ 281.567046][ T7982] netlink: 28 bytes leftover after parsing attributes in process `syz.1.660'. [ 281.577015][ T7982] netlink: 108 bytes leftover after parsing attributes in process `syz.1.660'. [ 281.585997][ T7982] netlink: 84 bytes leftover after parsing attributes in process `syz.1.660'. [ 281.597258][ T5878] usb 3-1: config 0 descriptor?? [ 281.639052][ T5878] usb 3-1: can't set config #0, error -71 [ 281.665868][ T5878] usb 3-1: USB disconnect, device number 5 [ 283.324320][ T8013] netlink: 256 bytes leftover after parsing attributes in process `syz.4.672'. [ 283.815236][ T8018] netlink: 28 bytes leftover after parsing attributes in process `syz.4.675'. [ 283.922043][ T8018] netlink: 28 bytes leftover after parsing attributes in process `syz.4.675'. [ 284.702457][ T8049] netlink: 256 bytes leftover after parsing attributes in process `syz.2.685'. [ 286.682126][ T8067] netlink: 28 bytes leftover after parsing attributes in process `syz.2.692'. [ 286.717722][ T8067] netlink: 28 bytes leftover after parsing attributes in process `syz.2.692'. [ 288.038794][ T8084] nvme_fabrics: missing parameter 'transport=%s' [ 288.045197][ T8084] nvme_fabrics: missing parameter 'nqn=%s' [ 288.195777][ T30] audit: type=1800 audit(1748593946.011:55): pid=8091 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.4.701" name="bus" dev="overlay" ino=752 res=0 errno=0 [ 289.566140][ T8119] netlink: 28 bytes leftover after parsing attributes in process `syz.2.710'. [ 289.575083][ T8119] netlink: 28 bytes leftover after parsing attributes in process `syz.2.710'. [ 290.146043][ T8126] nvme_fabrics: missing parameter 'transport=%s' [ 290.159160][ T8126] nvme_fabrics: missing parameter 'nqn=%s' [ 290.714300][ T981] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 291.588955][ T8141] netlink: 28 bytes leftover after parsing attributes in process `syz.1.719'. [ 291.597979][ T8141] netlink: 108 bytes leftover after parsing attributes in process `syz.1.719'. [ 291.607434][ T8141] netlink: 28 bytes leftover after parsing attributes in process `syz.1.719'. [ 291.616634][ T8141] netlink: 108 bytes leftover after parsing attributes in process `syz.1.719'. [ 291.625724][ T8141] netlink: 84 bytes leftover after parsing attributes in process `syz.1.719'. [ 291.639593][ T981] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 255, using maximum allowed: 30 [ 291.653369][ T981] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 291.826936][ T981] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 291.836926][ T981] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 255 [ 291.850827][ T981] usb 4-1: New USB device found, idVendor=04d8, idProduct=c002, bcdDevice= 0.00 [ 291.865585][ T981] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 292.341826][ T981] usb 4-1: config 0 descriptor?? [ 292.543559][ T981] usbhid 4-1:0.0: can't add hid device: -71 [ 292.558712][ T981] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 292.609910][ T981] usb 4-1: USB disconnect, device number 13 [ 293.049736][ T8170] dvmrp8: entered allmulticast mode [ 295.528812][ T8191] process 'syz.2.737' launched './file2' with NULL argv: empty string added [ 298.345627][ T5833] usb 1-1: new full-speed USB device number 5 using dummy_hcd [ 298.450734][ T30] audit: type=1800 audit(1748593956.271:56): pid=8239 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.2.755" name="bus" dev="overlay" ino=852 res=0 errno=0 [ 298.471448][ T5913] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 298.505707][ T5833] usb 1-1: device descriptor read/64, error -71 [ 298.647702][ T5913] usb 5-1: config index 0 descriptor too short (expected 290, got 34) [ 298.659953][ T5913] usb 5-1: config 1 has too many interfaces: 224, using maximum allowed: 32 [ 298.670744][ T5913] usb 5-1: config 1 has an invalid interface association descriptor of length 5, skipping [ 298.684259][ T5913] usb 5-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 298.699431][ T5913] usb 5-1: config 1 has 0 interfaces, different from the descriptor's value: 224 [ 298.711633][ T5913] usb 5-1: New USB device found, idVendor=19d2, idProduct=5755, bcdDevice=df.b8 [ 298.721923][ T5913] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 298.730503][ T5913] usb 5-1: Product: syz [ 298.735096][ T5913] usb 5-1: Manufacturer: syz [ 298.739931][ T5913] usb 5-1: SerialNumber: syz [ 298.765903][ T5833] usb 1-1: new full-speed USB device number 6 using dummy_hcd [ 299.176363][ T5833] usb 1-1: device descriptor read/64, error -71 [ 299.556308][ T5833] usb usb1-port1: attempt power cycle [ 299.623781][ T5913] usb 5-1: USB disconnect, device number 12 [ 301.146968][ T30] audit: type=1800 audit(1748593958.951:57): pid=8273 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.1.767" name="bus" dev="overlay" ino=859 res=0 errno=0 [ 307.274670][ T8354] cgroup: fork rejected by pids controller in /syz0 [ 308.012295][ T8407] netlink: 28 bytes leftover after parsing attributes in process `syz.3.800'. [ 308.022179][ T8407] netlink: 108 bytes leftover after parsing attributes in process `syz.3.800'. [ 308.037503][ T8407] netlink: 28 bytes leftover after parsing attributes in process `syz.3.800'. [ 308.052777][ T8407] netlink: 108 bytes leftover after parsing attributes in process `syz.3.800'. [ 308.062111][ T8407] netlink: 84 bytes leftover after parsing attributes in process `syz.3.800'. [ 308.683700][ T8412] random: crng reseeded on system resumption [ 316.971100][ T8471] random: crng reseeded on system resumption [ 317.186161][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.192815][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 319.809716][ T8518] capability: warning: `syz.2.844' uses deprecated v2 capabilities in a way that may be insecure [ 319.920580][ T8517] dvmrp8: entered allmulticast mode [ 323.316365][ T8573] netlink: 256 bytes leftover after parsing attributes in process `syz.1.861'. [ 326.914258][ T8618] netlink: 256 bytes leftover after parsing attributes in process `syz.1.876'. [ 327.212279][ T8597] syzkaller1: tun_chr_ioctl cmd 35111 [ 329.263869][ T8651] netlink: 256 bytes leftover after parsing attributes in process `syz.2.889'. [ 330.034212][ T8653] use of bytesused == 0 is deprecated and will be removed in the future, [ 330.090330][ T8653] use the actual size instead. [ 331.595773][ T5913] usb 3-1: new low-speed USB device number 6 using dummy_hcd [ 331.864689][ T5913] usb 3-1: config 168 descriptor has 1 excess byte, ignoring [ 331.907496][ T5913] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 331.958512][ T5913] usb 3-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 332.045911][ T5913] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 332.189377][ T5913] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 332.215062][ T5913] usb 3-1: config 168 descriptor has 1 excess byte, ignoring [ 332.229456][ T5913] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 332.260851][ T5913] usb 3-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 332.408756][ T8694] netlink: 28 bytes leftover after parsing attributes in process `syz.0.904'. [ 332.418046][ T8694] netlink: 108 bytes leftover after parsing attributes in process `syz.0.904'. [ 332.429408][ T8694] netlink: 28 bytes leftover after parsing attributes in process `syz.0.904'. [ 332.439365][ T8694] netlink: 108 bytes leftover after parsing attributes in process `syz.0.904'. [ 332.448577][ T8694] netlink: 84 bytes leftover after parsing attributes in process `syz.0.904'. [ 332.921951][ T5913] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 332.995315][ T5913] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 333.016064][ T5913] usb 3-1: config 168 descriptor has 1 excess byte, ignoring [ 333.023630][ T5913] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 333.041652][ T5913] usb 3-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 333.078838][ T5913] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 333.132905][ T5913] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 334.515378][ T5913] usb 3-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 334.544099][ T5913] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 334.583127][ T5913] usb 3-1: can't set config #168, error -71 [ 334.622445][ T5913] usb 3-1: USB disconnect, device number 6 [ 334.791773][ T8726] netlink: 28 bytes leftover after parsing attributes in process `syz.1.918'. [ 334.800939][ T8726] netlink: 108 bytes leftover after parsing attributes in process `syz.1.918'. [ 334.810166][ T8726] netlink: 28 bytes leftover after parsing attributes in process `syz.1.918'. [ 334.819166][ T8726] netlink: 108 bytes leftover after parsing attributes in process `syz.1.918'. [ 334.828134][ T8726] netlink: 84 bytes leftover after parsing attributes in process `syz.1.918'. [ 335.159592][ T8736] netlink: 32 bytes leftover after parsing attributes in process `syz.0.921'. [ 336.589455][ T8762] netlink: 12 bytes leftover after parsing attributes in process `syz.2.930'. [ 336.624132][ T8765] random: crng reseeded on system resumption [ 336.761491][ T8770] netlink: 32 bytes leftover after parsing attributes in process `syz.0.935'. [ 338.268636][ T8790] netlink: 256 bytes leftover after parsing attributes in process `syz.1.942'. [ 339.384920][ T8800] netlink: 32 bytes leftover after parsing attributes in process `syz.3.946'. [ 341.250738][ T8826] netlink: 256 bytes leftover after parsing attributes in process `syz.2.953'. [ 341.936613][ T5925] usb 4-1: new low-speed USB device number 14 using dummy_hcd [ 341.982564][ T8827] netlink: 12 bytes leftover after parsing attributes in process `syz.0.954'. [ 342.138654][ T5925] usb 4-1: config 168 descriptor has 1 excess byte, ignoring [ 342.146592][ T5925] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 342.251186][ T5925] usb 4-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 342.330253][ T5925] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 342.388189][ T5925] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 342.436564][ T5925] usb 4-1: config 168 descriptor has 1 excess byte, ignoring [ 342.451690][ T5925] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 342.466835][ T8839] netlink: 24 bytes leftover after parsing attributes in process `syz.0.959'. [ 342.485523][ T5925] usb 4-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 342.516090][ T5925] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 342.547725][ T5925] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 342.878855][ T5925] usb 4-1: config 168 descriptor has 1 excess byte, ignoring [ 342.889442][ T5925] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 342.905523][ T5925] usb 4-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 343.005140][ T5925] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 343.044499][ T5925] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 343.068568][ T5925] usb 4-1: string descriptor 0 read error: -22 [ 343.075012][ T5925] usb 4-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 343.331714][ T5925] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 343.429587][ T5925] adutux 4-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 345.085039][ T981] usb 4-1: USB disconnect, device number 14 [ 345.869353][ T8887] netlink: 24 bytes leftover after parsing attributes in process `syz.4.974'. [ 348.285677][ T5879] usb 3-1: new low-speed USB device number 7 using dummy_hcd [ 348.638607][ T5879] usb 3-1: config 168 descriptor has 1 excess byte, ignoring [ 348.661629][ T5879] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 348.687501][ T5879] usb 3-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 348.700016][ T5879] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 348.711304][ T5879] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 348.771263][ T5879] usb 3-1: config 168 descriptor has 1 excess byte, ignoring [ 349.114354][ T5879] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 349.405728][ T5879] usb 3-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 349.419193][ T5879] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 349.431043][ T5879] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 349.452829][ T5879] usb 3-1: config 168 descriptor has 1 excess byte, ignoring [ 349.518021][ T5879] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 349.607397][ T5879] usb 3-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 349.730487][ T5879] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 349.840301][ T5879] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 350.032915][ T5879] usb 3-1: string descriptor 0 read error: -22 [ 350.109624][ T5879] usb 3-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 350.132578][ T5878] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 350.232965][ T5879] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 350.557752][ T5878] usb 2-1: Using ep0 maxpacket: 32 [ 350.570421][ T5879] usb 3-1: can't set config #168, error -71 [ 350.581190][ T5879] usb 3-1: USB disconnect, device number 7 [ 350.590093][ T5878] usb 2-1: config index 0 descriptor too short (expected 156, got 27) [ 350.598992][ T5878] usb 2-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 350.610131][ T5878] usb 2-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 350.622793][ T5878] usb 2-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 350.645491][ T5878] usb 2-1: config 0 interface 0 has no altsetting 0 [ 350.660563][ T5878] usb 2-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 350.675695][ T5878] usb 2-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 350.689020][ T5878] usb 2-1: Product: syz [ 350.693371][ T5878] usb 2-1: Manufacturer: syz [ 350.700348][ T5878] usb 2-1: SerialNumber: syz [ 350.740899][ T5878] usb 2-1: config 0 descriptor?? [ 350.762494][ T5878] ldusb 2-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 350.787683][ T5878] ldusb 2-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 351.041922][ T5925] usb 2-1: USB disconnect, device number 10 [ 353.086613][ T5925] ldusb 2-1:0.0: LD USB Device #0 now disconnected [ 354.487690][ T8968] SET target dimension over the limit! [ 355.695753][ T5925] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 356.048127][ T5925] usb 5-1: Using ep0 maxpacket: 32 [ 356.667222][ T5925] usb 5-1: config index 0 descriptor too short (expected 156, got 27) [ 356.677124][ T5925] usb 5-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 356.688836][ T5925] usb 5-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 356.700257][ T5925] usb 5-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 356.713602][ T5925] usb 5-1: config 0 interface 0 has no altsetting 0 [ 356.723501][ T5925] usb 5-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 356.735470][ T5925] usb 5-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 356.754117][ T5925] usb 5-1: Product: syz [ 356.758496][ T5925] usb 5-1: Manufacturer: syz [ 356.763123][ T5925] usb 5-1: SerialNumber: syz [ 356.776556][ T5925] usb 5-1: config 0 descriptor?? [ 356.797107][ T5925] ldusb 5-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 356.817698][ T5925] ldusb 5-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 357.766180][ T5878] usb 5-1: USB disconnect, device number 13 [ 357.786237][ T5878] ldusb 5-1:0.0: LD USB Device #0 now disconnected [ 359.481782][ T9019] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1019'. [ 360.217739][ T5832] Bluetooth: hci4: command 0x0406 tx timeout [ 362.784704][ T9058] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1032'. [ 365.400731][ T9088] netlink: 763 bytes leftover after parsing attributes in process `syz.3.1042'. [ 367.628436][ T9105] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1047'. [ 367.686661][ T9105] netlink: 108 bytes leftover after parsing attributes in process `syz.3.1047'. [ 367.715812][ T9105] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1047'. [ 367.728301][ T9105] netlink: 108 bytes leftover after parsing attributes in process `syz.3.1047'. [ 367.739462][ T9105] netlink: 84 bytes leftover after parsing attributes in process `syz.3.1047'. [ 369.138149][ T9119] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1049'. [ 370.392290][ T9125] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1051'. [ 370.442996][ T9125] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1051'. [ 371.115555][ T5833] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 371.873209][ T9141] 9pnet_virtio: no channels available for device ./file0/file0 [ 371.917577][ T5833] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 372.067010][ T5833] usb 3-1: config 0 has no interface number 0 [ 372.094891][ T5833] usb 3-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b [ 372.105645][ T5833] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 372.177302][ T9147] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1057'. [ 372.723281][ T5833] usb 3-1: Product: syz [ 372.727692][ T5833] usb 3-1: Manufacturer: syz [ 372.732325][ T5833] usb 3-1: SerialNumber: syz [ 372.740163][ T5833] usb 3-1: config 0 descriptor?? [ 373.003145][ T5833] usb 3-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state [ 373.157598][ T5833] usb 3-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 373.667241][ T5833] dvbdev: DVB: registering new adapter (E3C EC168 reference design) [ 373.694677][ T5833] usb 3-1: media controller created [ 373.773292][ T5833] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 373.901854][ T5833] i2c i2c-1: ec100: i2c rd failed=-71 reg=33 [ 374.136306][ T5833] usb 3-1: USB disconnect, device number 8 [ 375.050273][ T9169] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1065'. [ 375.087282][ T9169] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1065'. [ 377.416143][ T9189] overlayfs: failed to resolve './file0': -2 [ 378.089330][ T9199] overlay: Unknown parameter '/' [ 378.184938][ T9200] overlayfs: missing 'lowerdir' [ 378.298597][ T9198] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1076'. [ 378.446945][ T9198] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1076'. [ 378.726244][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.732735][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 381.104166][ T9226] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 382.941532][ T9245] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1088'. [ 382.975728][ T9245] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1088'. [ 383.095691][ T5832] Bluetooth: hci4: command 0x0406 tx timeout [ 389.154039][ T9298] xt_CT: No such helper "pptp" [ 392.300573][ T9346] xt_CT: No such helper "pptp" [ 396.055269][ T9390] netlink: 260 bytes leftover after parsing attributes in process `syz.0.1136'. [ 397.868800][ T9399] xt_CT: No such helper "pptp" [ 402.375462][ T9433] netlink: 260 bytes leftover after parsing attributes in process `syz.4.1149'. [ 404.167105][ T9448] xt_CT: No such helper "pptp" [ 404.482110][ T9452] dvmrp8: entered allmulticast mode [ 407.965878][ T9470] netlink: 260 bytes leftover after parsing attributes in process `syz.1.1161'. [ 408.448763][ T9487] xt_CT: No such helper "pptp" [ 411.308840][ T9521] netlink: 260 bytes leftover after parsing attributes in process `syz.4.1175'. [ 416.065029][ T9577] input: syz0 as /devices/virtual/input/input7 [ 419.972201][ T9606] netlink: 260 bytes leftover after parsing attributes in process `syz.0.1199'. [ 420.584315][ T9599] syz.2.1197 (9599): drop_caches: 2 [ 428.360606][ T9680] netlink: 260 bytes leftover after parsing attributes in process `syz.0.1222'. [ 430.597826][ T9700] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1230'. [ 430.632330][ T9700] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1230'. [ 436.014343][ T9737] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1243'. [ 436.023854][ T9737] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1243'. [ 438.919510][ T9757] xt_CT: No such helper "pptp" [ 440.060619][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.067143][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 443.484840][ T9781] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1255'. [ 443.543859][ T9781] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1255'. [ 445.852021][ T9799] lo speed is unknown, defaulting to 1000 [ 445.858182][ T9799] lo speed is unknown, defaulting to 1000 [ 445.867538][ T9799] lo speed is unknown, defaulting to 1000 [ 445.879448][ T9799] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 445.894861][ T9799] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 445.973046][ T9799] lo speed is unknown, defaulting to 1000 [ 445.982003][ T9799] lo speed is unknown, defaulting to 1000 [ 445.990092][ T9799] lo speed is unknown, defaulting to 1000 [ 445.998654][ T9799] lo speed is unknown, defaulting to 1000 [ 446.006655][ T9799] lo speed is unknown, defaulting to 1000 [ 446.986153][ T9809] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1262'. [ 446.995164][ T9809] netlink: 108 bytes leftover after parsing attributes in process `syz.2.1262'. [ 447.004544][ T9809] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1262'. [ 447.013603][ T9809] netlink: 108 bytes leftover after parsing attributes in process `syz.2.1262'. [ 447.022751][ T9809] netlink: 84 bytes leftover after parsing attributes in process `syz.2.1262'. [ 448.541769][ T9830] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1268'. [ 448.575504][ T9830] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1268'. [ 451.797071][ T9851] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1276'. [ 451.808906][ T9851] netlink: 108 bytes leftover after parsing attributes in process `syz.2.1276'. [ 451.818325][ T9851] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1276'. [ 451.827740][ T9851] netlink: 108 bytes leftover after parsing attributes in process `syz.2.1276'. [ 451.836844][ T9851] netlink: 84 bytes leftover after parsing attributes in process `syz.2.1276'. [ 453.293244][ T9865] xt_CT: No such helper "pptp" [ 454.343663][ T9878] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1281'. [ 454.379935][ T9878] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1281'. [ 457.922505][ T9908] netlink: 256 bytes leftover after parsing attributes in process `syz.3.1290'. [ 459.349544][ T9919] xt_CT: No such helper "pptp" [ 460.612847][ T9944] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 462.404426][ T9959] netlink: 256 bytes leftover after parsing attributes in process `syz.0.1306'. [ 462.960064][ T9967] xt_CT: No such helper "pptp" [ 463.738066][ T9978] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1312'. [ 463.747758][ T9978] netlink: 108 bytes leftover after parsing attributes in process `syz.2.1312'. [ 463.771515][ T9978] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1312'. [ 463.814042][ T9978] netlink: 108 bytes leftover after parsing attributes in process `syz.2.1312'. [ 463.850939][ T9978] netlink: 84 bytes leftover after parsing attributes in process `syz.2.1312'. [ 465.387587][ T5807] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 465.546463][ T5807] usb 1-1: Using ep0 maxpacket: 32 [ 465.701175][ T5807] usb 1-1: config index 0 descriptor too short (expected 156, got 27) [ 465.922126][ T5807] usb 1-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 466.075476][ T5807] usb 1-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 466.092643][ T5807] usb 1-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 466.135781][ T5807] usb 1-1: config 0 interface 0 has no altsetting 0 [ 466.150064][ T5807] usb 1-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 466.160513][ T5807] usb 1-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 466.180840][ T5807] usb 1-1: Product: syz [ 466.202194][ T5807] usb 1-1: Manufacturer: syz [ 466.221713][ T5807] usb 1-1: SerialNumber: syz [ 466.250317][ T5807] usb 1-1: config 0 descriptor?? [ 466.270555][ T5807] ldusb 1-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 466.362199][ T5807] ldusb 1-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 466.439301][T10007] netlink: 256 bytes leftover after parsing attributes in process `syz.3.1321'. [ 466.726680][ T5807] usb 1-1: USB disconnect, device number 8 [ 466.877024][ T5807] ldusb 1-1:0.0: LD USB Device #0 now disconnected [ 468.506955][T10022] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1326'. [ 468.516611][T10022] netlink: 108 bytes leftover after parsing attributes in process `syz.0.1326'. [ 468.538494][T10022] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1326'. [ 468.549391][T10022] netlink: 108 bytes leftover after parsing attributes in process `syz.0.1326'. [ 468.558816][T10022] netlink: 84 bytes leftover after parsing attributes in process `syz.0.1326'. [ 471.813163][T10047] netlink: 256 bytes leftover after parsing attributes in process `syz.4.1334'. [ 472.836062][ T5913] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 473.066419][T10062] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1341'. [ 473.075976][T10062] netlink: 108 bytes leftover after parsing attributes in process `syz.2.1341'. [ 473.086517][ T5913] usb 5-1: Using ep0 maxpacket: 32 [ 473.097916][T10062] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1341'. [ 473.123471][ T5913] usb 5-1: config index 0 descriptor too short (expected 156, got 27) [ 473.133405][ T5913] usb 5-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 473.171402][ T5913] usb 5-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 473.416214][T10062] netlink: 108 bytes leftover after parsing attributes in process `syz.2.1341'. [ 473.856906][T10072] __nla_validate_parse: 1 callbacks suppressed [ 473.856927][T10072] netlink: 144 bytes leftover after parsing attributes in process `syz.3.1340'. [ 474.205574][ T5913] usb 5-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 474.310751][ T5913] usb 5-1: config 0 interface 0 has no altsetting 0 [ 474.399822][ T5913] usb 5-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 474.448012][ T5913] usb 5-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 474.489687][ T5913] usb 5-1: Product: syz [ 474.609888][ T5913] usb 5-1: Manufacturer: syz [ 474.614571][ T5913] usb 5-1: SerialNumber: syz [ 474.701545][ T5913] usb 5-1: config 0 descriptor?? [ 474.741719][ T5913] ldusb 5-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 474.773308][ T5913] ldusb 5-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 475.510644][ T5833] usb 5-1: USB disconnect, device number 14 [ 475.511343][ C1] ldusb 5-1:0.0: usb_submit_urb failed (-19) [ 475.540024][T10051] ldusb 5-1:0.0: Couldn't submit HID_REQ_SET_REPORT -71 [ 475.798209][ T5833] ldusb 5-1:0.0: LD USB Device #0 now disconnected [ 476.937019][T10101] netlink: 256 bytes leftover after parsing attributes in process `syz.4.1349'. [ 482.326570][T10143] netlink: 256 bytes leftover after parsing attributes in process `syz.0.1361'. [ 485.841184][T10189] netlink: 256 bytes leftover after parsing attributes in process `syz.1.1376'. [ 487.325894][T10198] input: syz0 as /devices/virtual/input/input9 [ 488.836773][T10197] Cannot find add_set index 1 as target [ 494.019381][ T5828] non-paged memory [ 494.024374][ T5828] list_del corruption, ffff88805d557180->next is LIST_POISON1 (dead000000000100) [ 494.069891][ T5828] ------------[ cut here ]------------ [ 494.075571][ T5828] kernel BUG at lib/list_debug.c:58! [ 494.163876][ T5828] Oops: invalid opcode: 0000 [#1] SMP KASAN PTI [ 494.170209][ T5828] CPU: 0 UID: 0 PID: 5828 Comm: kworker/u9:3 Not tainted 6.15.0-syzkaller-08297-ge0797d3b91de #0 PREEMPT(full) [ 494.182046][ T5828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 494.192134][ T5828] Workqueue: hci4 hci_conn_timeout [ 494.197294][ T5828] RIP: 0010:__list_del_entry_valid_or_report+0x10e/0x190 [ 494.204357][ T5828] Code: c0 93 e1 8b 48 89 de e8 b0 b6 68 fc 90 0f 0b 4c 89 e7 e8 15 09 42 fd 48 c7 c7 20 94 e1 8b 48 89 de 4c 89 e2 e8 93 b6 68 fc 90 <0f> 0b 4c 89 e7 e8 f8 08 42 fd 48 c7 c7 80 94 e1 8b 48 89 de 4c 89 [ 494.224011][ T5828] RSP: 0018:ffffc90004d9f980 EFLAGS: 00010246 [ 494.230111][ T5828] RAX: 000000000000004e RBX: ffff88805d557180 RCX: 18e35c9853c40200 [ 494.238104][ T5828] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000 [ 494.246095][ T5828] RBP: ffffffff8a6c0070 R08: ffffc90004d9f667 R09: 1ffff920009b3ecc [ 494.254131][ T5828] R10: dffffc0000000000 R11: fffff520009b3ecd R12: dead000000000100 [ 494.262128][ T5828] R13: dffffc0000000000 R14: dead000000000100 R15: dead000000000122 [ 494.270125][ T5828] FS: 0000000000000000(0000) GS:ffff888125c98000(0000) knlGS:0000000000000000 [ 494.279083][ T5828] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 494.285699][ T5828] CR2: 000000110c246687 CR3: 0000000063bc4000 CR4: 00000000003526f0 [ 494.293698][ T5828] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 494.301693][ T5828] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 494.309689][ T5828] Call Trace: [ 494.312991][ T5828] [ 494.315945][ T5828] hci_cmd_sync_dequeue_once+0x24a/0x370 [ 494.321614][ T5828] hci_cancel_connect_sync+0xc8/0x120 [ 494.327035][ T5828] hci_abort_conn+0x191/0x330 [ 494.331745][ T5828] ? process_scheduled_works+0x9ef/0x17b0 [ 494.337495][ T5828] process_scheduled_works+0xae1/0x17b0 [ 494.343081][ T5828] ? __pfx_process_scheduled_works+0x10/0x10 [ 494.349113][ T5828] worker_thread+0x8a0/0xda0 [ 494.353763][ T5828] kthread+0x70e/0x8a0 [ 494.357890][ T5828] ? __pfx_worker_thread+0x10/0x10 [ 494.363045][ T5828] ? __pfx_kthread+0x10/0x10 [ 494.367672][ T5828] ? _raw_spin_unlock_irq+0x23/0x50 [ 494.372909][ T5828] ? lockdep_hardirqs_on+0x9c/0x150 [ 494.378132][ T5828] ? __pfx_kthread+0x10/0x10 [ 494.382758][ T5828] ret_from_fork+0x3fc/0x770 [ 494.387379][ T5828] ? __pfx_ret_from_fork+0x10/0x10 [ 494.392516][ T5828] ? __switch_to_asm+0x39/0x70 [ 494.397300][ T5828] ? __switch_to_asm+0x33/0x70 [ 494.402090][ T5828] ? __pfx_kthread+0x10/0x10 [ 494.406720][ T5828] ret_from_fork_asm+0x1a/0x30 [ 494.411628][ T5828] [ 494.414684][ T5828] Modules linked in: [ 494.420642][ T5828] ---[ end trace 0000000000000000 ]--- [ 494.497563][ T5828] RIP: 0010:__list_del_entry_valid_or_report+0x10e/0x190 [ 494.504725][ T5828] Code: c0 93 e1 8b 48 89 de e8 b0 b6 68 fc 90 0f 0b 4c 89 e7 e8 15 09 42 fd 48 c7 c7 20 94 e1 8b 48 89 de 4c 89 e2 e8 93 b6 68 fc 90 <0f> 0b 4c 89 e7 e8 f8 08 42 fd 48 c7 c7 80 94 e1 8b 48 89 de 4c 89 [ 494.525057][ T5828] RSP: 0018:ffffc90004d9f980 EFLAGS: 00010246 [ 494.531509][ T5828] RAX: 000000000000004e RBX: ffff88805d557180 RCX: 18e35c9853c40200 [ 494.540488][ T5828] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000 [ 494.548976][ T5828] RBP: ffffffff8a6c0070 R08: ffffc90004d9f667 R09: 1ffff920009b3ecc [ 494.557326][ T5828] R10: dffffc0000000000 R11: fffff520009b3ecd R12: dead000000000100 [ 494.565689][ T5828] R13: dffffc0000000000 R14: dead000000000100 R15: dead000000000122 [ 494.573869][ T5828] FS: 0000000000000000(0000) GS:ffff888125d98000(0000) knlGS:0000000000000000 [ 494.593774][ T5828] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 494.600660][ T5828] CR2: 0000200000004000 CR3: 000000000df36000 CR4: 00000000003526f0 [ 494.608851][ T5828] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 494.617099][ T5828] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 494.625200][ T5828] Kernel panic - not syncing: Fatal exception [ 494.631577][ T5828] Kernel Offset: disabled [ 494.635906][ T5828] Rebooting in 86400 seconds..