last executing test programs: 12m1.184235084s ago: executing program 0 (id=6149): setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000300)={@in={{0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}}, 0x0, 0x0, 0x3c, 0x0, "bb02a3c364ca41d6357e544508474004000b42a201ecffffffffffffff8a0e2f964e0000c534a632ab6193fcf19b2df3ee0500faa4ff1f56c54dc46d8b6d2ccd00a0cf0a007bbe00"}, 0xd8) r0 = socket$kcm(0x23, 0x5, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f0000000240)=0x86, 0x4) listen(r0, 0x8) r2 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r1, &(0x7f0000000380)=ANY=[@ANYBLOB="1c0000f500000000000000862dfdff000000"], 0x78) 12m0.923367877s ago: executing program 0 (id=6153): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0) mkdirat(0xffffffffffffff9c, 0x0, 0x1c0) r0 = landlock_create_ruleset(0x0, 0x0, 0x0) bind$alg(0xffffffffffffffff, &(0x7f00000000c0)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58) openat$dir(0xffffffffffffff9c, 0x0, 0x200000, 0x0) landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r0, 0x1, 0x0, 0x0) r1 = socket$kcm(0x2d, 0x2, 0x0) connect$qrtr(r1, &(0x7f0000000040)={0x2d, 0x3, 0xfffffffe}, 0xc) 12m0.582702191s ago: executing program 0 (id=6157): r0 = fsopen(&(0x7f0000000240)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) fchdir(r1) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000400)='./file0/file1\x00', 0x40, 0x83) openat(0xffffffffffffff9c, &(0x7f0000000680)='./file0\x00', 0x59b801, 0x1ce) mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./bus\x00', 0x4d) rename(&(0x7f0000000180)='./bus\x00', &(0x7f00000001c0)='./file0\x00') 11m59.851367152s ago: executing program 0 (id=6162): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$x86(r2, &(0x7f00000000c0)={0x0, &(0x7f0000000100)=[@wr_drn={0x68, 0x20, {0x7, 0x2000}}], 0x20}) ioctl$KVM_SET_GUEST_DEBUG_x86(r3, 0x4048ae9b, &(0x7f0000000140)={0x3}) r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) r5 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r4, 0x3, 0x11, r3, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_kvm_assert_syzos_kvm_exit$x86(r5, 0x4) 11m59.757906594s ago: executing program 0 (id=6164): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000240)={0xffffffffffffffff}, 0x2, 0x5}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f00000002c0)={0xe, 0x18, 0xfa00, @id_afonly={&(0x7f0000000700)=0x1, r1, 0x0, 0x2, 0x4}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000180)={0x3, 0x40, 0xfa00, {{0xa, 0x4e23, 0xe, @empty, 0x2}, {0xa, 0x4e23, 0x7, @mcast2, 0x3}, r1, 0x7}}, 0x48) r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000300)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000740)={0xffffffffffffffff}, 0x2, 0x5}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000580)={0xe, 0x1, 0xfa00, @id_resuseaddr={&(0x7f00000005c0)=0x1, r3, 0x0, 0x1, 0x4}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r2, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r3, 0x10, 0x0, @in={0x2, 0x4e23, @empty}}}, 0x90) write$RDMA_USER_CM_CMD_LISTEN(r2, &(0x7f0000000080)={0x7, 0x8, 0xfa00, {r3, 0x1}}, 0x10) 11m59.601352574s ago: executing program 0 (id=6167): r0 = openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$INCFS_IOC_CREATE_FILE(r0, 0xc058671e, 0x0) sendmsg$sock(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x2) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff}) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000004500), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) write$P9_RVERSION(r3, &(0x7f0000000080)=ANY=[@ANYBLOB="150000006bffff", @ANYRES16=r2, @ANYRESHEX=r3], 0x15) 11m44.383981466s ago: executing program 32 (id=6167): r0 = openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$INCFS_IOC_CREATE_FILE(r0, 0xc058671e, 0x0) sendmsg$sock(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x2) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff}) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000004500), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) write$P9_RVERSION(r3, &(0x7f0000000080)=ANY=[@ANYBLOB="150000006bffff", @ANYRES16=r2, @ANYRESHEX=r3], 0x15) 8m35.614452634s ago: executing program 4 (id=10632): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000280)=0x1, 0x4) setsockopt$inet6_tcp_TCP_QUEUE_SEQ(r0, 0x6, 0x15, &(0x7f00000000c0)=0x6, 0x4) 8m35.490311447s ago: executing program 4 (id=10636): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000d40), r0) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000d80)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_DEL_SEC_DEVKEY(r0, &(0x7f0000000e40)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)={0x2c, r1, 0x401, 0x70bd2a, 0x25dfdbff, {}, [@NL802154_ATTR_SEC_DEVKEY={0x10, 0x2f, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0202}}]}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x2c}, 0x1, 0x0, 0x0, 0xc014}, 0x844) 8m35.388287212s ago: executing program 4 (id=10639): r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000300)={0x0, "030000000000000023000000debd12ffff00000004000000001020000400", 0xffffffffffffffff}) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000040)={0x10000001}) 8m35.279992458s ago: executing program 4 (id=10642): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0) rename(&(0x7f0000000280)='./file0\x00', &(0x7f0000000300)='./file1\x00') 8m35.195670082s ago: executing program 4 (id=10645): r0 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r0, &(0x7f00000005c0), 0x10) recvmmsg(r0, &(0x7f00000099c0)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x700}, 0x4251}, {{0x0, 0x0, 0x0}, 0x8000}], 0x2, 0x10002, 0x0) sendmsg$can_bcm(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="050000007f0000000000010000000000", @ANYRES64=0x0, @ANYRES64=0x2710], 0x48}}, 0x0) 8m34.214591822s ago: executing program 4 (id=10666): r0 = syz_open_dev$evdev(&(0x7f0000000280), 0x52415d0d, 0xc03) ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000040)=0x6) ioctl$EVIOCGRAB(r0, 0x40044590, 0x0) ioctl$EVIOCGABS2F(r0, 0x8018456f, &(0x7f0000000080)=""/120) 8m34.007845156s ago: executing program 33 (id=10666): r0 = syz_open_dev$evdev(&(0x7f0000000280), 0x52415d0d, 0xc03) ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000040)=0x6) ioctl$EVIOCGRAB(r0, 0x40044590, 0x0) ioctl$EVIOCGABS2F(r0, 0x8018456f, &(0x7f0000000080)=""/120) 6m31.633237815s ago: executing program 5 (id=12717): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x103080, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) 6m30.483297948s ago: executing program 5 (id=12724): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x281c2, 0x0) fcntl$setlease(r1, 0x400, 0x1) open(0x0, 0x20000, 0x145) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/locks\x00', 0x0, 0x0) pread64(r2, &(0x7f0000001440)=""/123, 0x7b, 0x841) close_range(r0, 0xffffffffffffffff, 0x0) 6m30.16941445s ago: executing program 5 (id=12730): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) close(r0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000880)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x50, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_DESC={0xc, 0x9, 0x0, 0x1, [@NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0x2}]}, @NFTA_SET_POLICY={0x8, 0x8, 0x1, 0x0, 0x1}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x9}}}, 0x78}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, '\x00\x00'}]}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x68}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)=ANY=[], 0x68}, 0x1, 0x0, 0x0, 0x4004850}, 0x40) close(0x3) 6m29.960996111s ago: executing program 5 (id=12733): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x51) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x81899, 0x0) mount$bind(0x0, &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000080)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0) mount$bind(&(0x7f00000001c0)='./file0/../file0\x00', &(0x7f0000000180)='./file0/file0\x00', 0x0, 0x18f883, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x89901) move_mount(r0, 0x0, 0xffffffffffffff9c, &(0x7f0000000340)='./file0/../file0\x00', 0x14) 6m29.787883985s ago: executing program 5 (id=12737): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000200)=0x474c, 0x4) bind$inet(r0, &(0x7f0000000240)={0x2, 0x0, @local}, 0x6f) connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x300) setsockopt$inet_int(r0, 0x0, 0x19, &(0x7f0000000180)=0x1f5, 0x4) setsockopt$inet_int(r0, 0x0, 0x12, &(0x7f0000000040)=0x40, 0x4) recvmmsg(r0, &(0x7f0000000b80)=[{{0x0, 0x0, 0x0}, 0x3}], 0x1, 0x45833af92e4b39ff, 0x0) 6m28.872990869s ago: executing program 5 (id=12748): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = dup(r0) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @loopback, 0x3}], 0x1c) sendmsg$inet6(r0, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x4048043) setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000180)={0x0, 0x7ff, 0x2, 0xfffffffc, 0x7, 0x5, 0xb9, 0x8}, 0x20) pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RSETATTR(r3, &(0x7f0000000000)={0x7, 0x1b, 0x2}, 0xffffff9a) splice(r2, 0x0, r0, 0x0, 0x20000000000002, 0x2) 6m28.61274434s ago: executing program 34 (id=12748): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = dup(r0) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @loopback, 0x3}], 0x1c) sendmsg$inet6(r0, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x4048043) setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000180)={0x0, 0x7ff, 0x2, 0xfffffffc, 0x7, 0x5, 0xb9, 0x8}, 0x20) pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RSETATTR(r3, &(0x7f0000000000)={0x7, 0x1b, 0x2}, 0xffffff9a) splice(r2, 0x0, r0, 0x0, 0x20000000000002, 0x2) 2m33.93307955s ago: executing program 3 (id=17217): r0 = socket$inet_tcp(0x2, 0x1, 0x0) close(r0) r1 = socket$pppl2tp(0x18, 0x1, 0x1) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r1, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r2, {0x2, 0x0, @loopback}, 0x2, 0x0, 0x4}}, 0x2e) sendto$inet(r0, &(0x7f0000000900)="2e552f5d9fd8b0d9627c4980f0d1ea2bf8f617a682acd2841acd878bd68344d4f50f83b0c51fa9025a01c95d4a068ec8b12d01010000a44c4505ba9a36f2cf4cc5e8308126d0a2c3b9d24e57c5011376b6263e2a1258eec1eb72bedea3eb5ccf73eb081b4c6d5faa998d7b795c057dd757d14200a8a6dbb3e59df96b77d16753ac4b32b94ffe6b5ee304d0428eb18056657c8c5c71c632be66cb26fe5c9abec7591ef3cb9b2a1133e9fa9bf0de6c378bed7b51cb8a07c343aabfda193349b91a5dc81a658cb61fbbfa51ef95abe03381ee2cb8d41da19ea8b96ec68ce17cf57da60f1d04acaf34a643db8d2d5ad2991f306b42744347a0c9e1fe2136b2b3da49032d3a57df1e236222cf6d6fe396aff8e5fe7fff5baa88789b783c12045e2c904a5d118369fdddc3e6e2f24bdbb26df92ac9bf4751c897a87c0223888e36ad14ba6e4d879ff464cac6f13a3a543e067d922e99c50f2fc6391e9c1c82b7195005eafdbb3374200c134cbd0f11739e8c19dd07140686242fea48caf3a1a93b86f35d77f258a2c9ce24cf321068551a584262d7a74a344e428c77c8af755e72904b0ca8a0bb359fb0", 0xffffff5d, 0x12, 0x0, 0x0) 2m33.894563007s ago: executing program 3 (id=17219): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='memory.current\x00', 0x26e1, 0x0) close(r0) socket$kcm(0x10, 0x2, 0x0) mq_getsetattr(r0, &(0x7f0000000040)={0x7, 0x400, 0x2, 0x80000000}, 0x0) sendmsg$L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0) ioctl$SIOCSIFHWADDR(r0, 0x8b32, &(0x7f0000000000)={'virt_wifi0\x00', @random="01000000c95d"}) 2m33.834959386s ago: executing program 3 (id=17220): r0 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000000)={0x1000042, 0x1, 0x1}, 0x10) r1 = socket$tipc(0x1e, 0x1, 0x0) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000140)={0x10000042, 0x0, 0x2}, 0x10) r2 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r2, &(0x7f0000000380)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10) 2m33.775230364s ago: executing program 3 (id=17222): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000007c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(sm4)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000001280)="b7f2288a911993f08d3aaea2bc0000de", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000a40)=[{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000280)="67876765b4c4370a954ea6418a98766ba5902fe1fb902f992866e6274ec0c2ad6ec2f3d3d89d39c6c580d976385318ae7f675b65bf8254afa52c5c37f5fae77395d1e33c1c9a529d24ad12ca1d875a48ff69a26fcf01d74b05fd7c5ea5b31578f6bd222ad0c14eec8d45f4b7f36e3674768450fb922c5d2f4dd7103457d7711e1f998ab89111a95e69c2afc40376962b8a67998687cdd2dea15760e165737c0fcbda749d714caf29d576b51d1f3c612681059d8727be0c", 0xb7}, {&(0x7f00000000c0)="b5f0a49fc7c50fd40dc372629c01002457aea54785c5b3b19b2842170d343c420b220c7097d5976698b2efbb08c68093010b7f213ea504c9af60e5fd81566b2a", 0x40}, {&(0x7f0000000380)="811fd31bdae48fafe81207247552748eb782940f5d77175637bd9978adf224e050d2cb705a3fdde29d27", 0x2a}, {&(0x7f00000003c0)="ab6da58bdeb4f8995869aaad7d6b2360f13df5f3da3a560432677138653bd2ce30dd73660e69f6ef9dffb8f5f8f84df630ca97211b8d3d0509635bc01d1a81c99e9c170e3843e667e83da8f9f69d75140c8c2d3712999f04ee9b4bcce2c671e76af242fc78b703b3ded0817a5284d5dcf4", 0x71}], 0x4, 0x0, 0x0, 0x44800}], 0x1, 0x4814) recvmmsg(r1, &(0x7f0000003540)=[{{0x0, 0x0, 0x0}, 0x5}, {{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000012c0)=""/4096, 0x1000}], 0x1}, 0xffffff0b}], 0x2, 0x2001, 0x0) 2m33.696735602s ago: executing program 3 (id=17224): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = socket$kcm(0x2, 0xa, 0x2) accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f0000000440)={@void, @void, @eth={@broadcast, @link_local, @val={@void}, {@ipv4={0x800, @udp={{0x15, 0x4, 0x0, 0x2, 0x5c, 0x68, 0x0, 0x8, 0x11, 0x0, @initdev={0xac, 0x1e, 0x2, 0x0}, @multicast1, {[@ssrr={0x89, 0x27, 0x26, [@remote, @broadcast, @multicast1, @local, @remote, @broadcast, @multicast1, @remote, @rand_addr=0x64010100]}, @ra={0x94, 0x4, 0x1}, @rr={0x7, 0x3, 0x2d}, @ra={0x94, 0x4}, @timestamp_addr={0x44, 0xc, 0x56, 0x1, 0xe, [{@multicast2, 0x67b8}]}]}}, {0x0, 0x17c1, 0x8}}}}}}, 0x6e) 2m33.083208301s ago: executing program 3 (id=17226): r0 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x2) r2 = openat$cgroup_subtree(r1, &(0x7f0000000100), 0x2, 0x0) write$cgroup_subtree(r2, &(0x7f0000000180)=ANY=[@ANYBLOB='-pids'], 0x6) write$cgroup_subtree(r2, &(0x7f0000000080)={[{0x2b, 'pids'}]}, 0x6) 2m17.726958748s ago: executing program 35 (id=17226): r0 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x2) r2 = openat$cgroup_subtree(r1, &(0x7f0000000100), 0x2, 0x0) write$cgroup_subtree(r2, &(0x7f0000000180)=ANY=[@ANYBLOB='-pids'], 0x6) write$cgroup_subtree(r2, &(0x7f0000000080)={[{0x2b, 'pids'}]}, 0x6) 5.278397228s ago: executing program 6 (id=19689): syz_open_dev$dvb_frontend(&(0x7f0000000000), 0x0, 0x141000) syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00') close(0x3) 5.080737175s ago: executing program 6 (id=19694): syz_open_dev$char_usb(0xc, 0xb4, 0x0) syz_usb_connect$cdc_ncm(0x4, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201000002"], 0x0) syz_usb_connect$uac1(0x3, 0xa2, &(0x7f0000000040)=ANY=[@ANYBLOB="12011001000000406b1d01014000010203010902900003010380000904000000010100000a24010f00030201020c2402060602040c0032a304090401000001020000090401010101020000072401200404000c2402010201400f0a3b4725090501090000f7090607250183020c00090402000001030000090402010101020000072401"], 0x0) 1.964442379s ago: executing program 6 (id=19763): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000040)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58) setsockopt$ALG_SET_AEAD_AUTHSIZE(r0, 0x117, 0x5, 0x0, 0xb) 1.809698715s ago: executing program 6 (id=19767): capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x60081, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x6) 1.590762817s ago: executing program 7 (id=19772): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1c}, 0xd}, 0x1c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0) 1.503399991s ago: executing program 6 (id=19774): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x3}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_CT_SREG={0x8, 0x4, 0x1, 0x0, 0xe}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_CT_DIRECTION={0x5, 0x3, 0x1}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x80}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000000) 1.065797227s ago: executing program 7 (id=19781): r0 = syz_open_dev$sndctrl(&(0x7f0000000440), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, 0x0) ioctl$SNDRV_CTL_IOCTL_TLV_READ(r0, 0xc008551a, &(0x7f0000000000)={0x1, 0x10, [0x2, 0x9, 0x8, 0x5]}) 992.741983ms ago: executing program 6 (id=19782): statx(0xffffffffffffffff, &(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x800, 0x200, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20400}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)={0x38, 0x0, 0x1, 0x70bd25, 0x0, {{0x2}, {@val={0x8, 0x3, r0}, @val={0xc, 0x99, {0x1, 0x51}}}}, [@chandef_params=[@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x0, 0x27, 0x1}], @chandef_params=[@NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x1}]]}, 0xffffffffffffff6d}, 0x1, 0x0, 0x0, 0x4c854}, 0x20040880) r1 = socket$alg(0x26, 0x5, 0x0) getsockopt$IPT_SO_GET_ENTRIES(0xffffffffffffffff, 0x0, 0x41, &(0x7f0000000640)=ANY=[@ANYBLOB="736563757216ae2c69747900000000000000"], 0x0) bind$alg(r1, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="2c235aa9c5", 0x5) r2 = accept4(r1, 0x0, 0x0, 0x800) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) r3 = syz_usb_connect(0x0, 0x4a, &(0x7f0000000040)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb1000000001020009050276"], 0x0) syz_usb_control_io$cdc_ecm(r3, &(0x7f0000000140)={0x14, 0x0, &(0x7f0000000100)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0) syz_usb_ep_write$ath9k_ep1(r3, 0x82, 0xc38, &(0x7f0000000dc0)=ANY=[]) 835.057623ms ago: executing program 7 (id=19786): mkdirat(0xffffffffffffff9c, &(0x7f00000021c0)='./file0\x00', 0x3a) mount$tmpfs(0x0, &(0x7f0000002040)='./file0\x00', &(0x7f0000002200), 0x1000000, 0x0) mount$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2a00a9, &(0x7f0000000040)={[{@quota}]}) 720.792423ms ago: executing program 7 (id=19789): r0 = socket$rds(0x15, 0x5, 0x0) bind$rds(r0, &(0x7f0000000040)={0x2, 0x4e24, @loopback}, 0x10) sendmsg$rds(r0, &(0x7f0000000140)={&(0x7f00000000c0)={0x2, 0x1, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x488c4}, 0x0) 493.39957ms ago: executing program 2 (id=19793): r0 = syz_open_dev$ttys(0xc, 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x15) ioctl$TCFLSH(r0, 0x40204706, 0x2) 493.062078ms ago: executing program 7 (id=19795): r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f00000004c0), 0xa8201, 0x0) ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000080)=0x10000) close(0x3) 410.861817ms ago: executing program 2 (id=19797): r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000003c0)={0xc, 0x0, 0x0}) ioctl$IOMMU_OPTION$IOMMU_OPTION_HUGE_PAGES(r0, 0x3b87, &(0x7f00000000c0)={0x18, 0x1, 0x0, 0x0, r1, 0x4}) 352.544038ms ago: executing program 7 (id=19798): r0 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="1201000000000008e704090000000000000109022400010200a008090400fe01030004000921fffffd0122050009058103"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000340)={0x2c, &(0x7f0000000080)={0x20, 0x4, 0x5, {0x5, 0x4, "df3c6e"}}, 0x0, 0x0, 0x0, 0x0}, 0x0) 305.367121ms ago: executing program 1 (id=19799): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x40000) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a80000000060a0b0400000000000000000200fffe540004802800018007000100637400001c0002800800014000000002080002400000000605000300010000002800018007000100637400001c0002800800024000000011080004400000000c05000300010000000900010073797a30000000000900020073797a32"], 0xa8}, 0x1, 0x0, 0x0, 0x840}, 0x0) 281.011651ms ago: executing program 2 (id=19800): inotify_init() creat(&(0x7f00000000c0)='./file0\x00', 0xdafbe5d6891b6e4) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000240)={&(0x7f00003ab000/0x1000)=nil, &(0x7f00003a3000/0xc00000)=nil, &(0x7f000084e000/0x3000)=nil, &(0x7f0000858000/0x3000)=nil, &(0x7f000056b000/0x2000)=nil, &(0x7f0000628000/0x2000)=nil, &(0x7f0000945000/0x2000)=nil, &(0x7f0000dcb000/0x2000)=nil, &(0x7f0000f6b000/0x1000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000574000/0x3000)=nil, &(0x7f0000000200), 0x0, r1}, 0x68) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000e40)=[{{&(0x7f00000000c0)={0xa, 0x4ea0, 0x10, @private0, 0x9}, 0x1c, 0x0}}], 0x1, 0x931766f6319eed40) sendmsg$inet(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001140)=ANY=[], 0x48}, 0x0) sendmmsg(0xffffffffffffffff, &(0x7f00000060c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[{0x10, 0x107, 0x9}, {0x18, 0x29, 0x4, '~'}], 0x28}}], 0x1, 0x80c1) syz_open_procfs$userns(0xffffffffffffffff, &(0x7f0000000b00)) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000005400), 0x0, 0x1000) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r0, &(0x7f00003a1000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f0000000000)="9a01000000f800b8d58800000f23d00f21f8351000000d0f23f864640f79ea66baf80cb8c85f5480ef66bafc0cecc4c2adac17b9550200000f320f2860c7c4e11751df0f2e2d00000080b9800000c00f3235008000000f30", 0x58}], 0x1, 0x4a, 0x0, 0x0) ioctl$KVM_SET_GUEST_DEBUG_x86(r2, 0x4048ae9b, &(0x7f0000000080)={0x70003, 0x0, {[0xffffffffffffffff, 0x1f8, 0x2, 0xffffffffefffff15, 0x3, 0x4, 0x1, 0x4]}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 251.259616ms ago: executing program 1 (id=19801): socket$nl_generic(0x10, 0x3, 0x10) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000780), r1) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000000)=ANY=[@ANYBLOB="88020000", @ANYRES16=r2, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r3, @ANYBLOB="6102330050300100080211000001080211000000505050505050"], 0x288}, 0x1, 0x0, 0x0, 0x800}, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(twofish)\x00'}, 0x5b) r4 = accept4(r0, 0x0, 0x0, 0x800) sendmmsg$alg(r4, &(0x7f00000007c0)=[{}, {0x0, 0x0, 0x0, 0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="00000000000000001701000004000000040000000000000000000000000000001701000003000000000000000000000000000000000000001701000002000000000000008db6ba8669d9e3af336c9db7d7b600000000000067ab9dfade50263fca68064513414d4a7812c38b4c70753e9ef9f941ff7c1ebcfd79c64a594b41dd41b329d3cc14c29fa008f5c24363ad52e2bafeba6e55ac24ad2a44cbeacd365353b6541f21789daab56174ca"], 0x0, 0x40088c0}], 0x2, 0x40800) recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0xff1f}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) r5 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/comedi3\x00', 0x80400, 0x0) ioctl$COMEDI_DEVCONFIG(r5, 0x40946400, &(0x7f0000000180)={'pcl812\x00', [0x100, 0x1f, 0xcd, 0x2, 0x0, 0x100, 0x3, 0x20000000, 0x8, 0xb, 0x0, 0xb51, 0x1, 0x401, 0x3, 0x1, 0x0, 0x3, 0xfe9, 0x401, 0x6, 0x2, 0x7, 0x9, 0x48, 0x9, 0x6, 0x6a77, 0x5, 0x7fffffff, 0xa]}) ioctl$COMEDI_SETRSUBD(r5, 0x6410) 152.833332ms ago: executing program 1 (id=19802): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000b00)={{0x14}, [@NFT_MSG_NEWRULE={0x40, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x14, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @log={{0x8}, @val={0x4}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x68}}, 0x0) 152.605363ms ago: executing program 2 (id=19803): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000004c0), r0) sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000500)={0x34, r1, 0x1, 0x70bd28, 0x25dfdbfd, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_SEC_LEVEL={0x14, 0x2d, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x7}, @NL802154_SECLEVEL_ATTR_FRAME={0x8}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x800) 140.086216ms ago: executing program 1 (id=19804): capset(&(0x7f0000000400)={0x19980330}, &(0x7f0000000040)={0x200000, 0x200000, 0x8000000, 0x0, 0x0, 0x1003}) r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000005c0)={@mcast2, 0x300, 0x2, 0x0, 0x9, 0xfffd, 0x4}, 0x20) 89.456207ms ago: executing program 2 (id=19805): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000007c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, 0x0) 28.883641ms ago: executing program 1 (id=19806): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CAP_XEN_HVM(r1, 0x4068aea3, &(0x7f0000000040)={0xcc, 0x0, 0x80}) 21.457633ms ago: executing program 2 (id=19807): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nfc(&(0x7f0000000240), r0) sendmsg$NFC_CMD_DISABLE_SE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, r1, 0x1, 0x70bd2d, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x20008045}, 0x48010) 0s ago: executing program 1 (id=19808): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae03, 0x2e) fcntl$lock(r1, 0x26, &(0x7f0000000140)={0x0, 0x0, 0x76, 0x6031}) kernel console output (not intermixed with test programs): tes leftover after parsing attributes in process `syz.2.7698'. [ 622.810022][T23027] netlink: 'syz.3.7712': attribute type 21 has an invalid length. [ 622.810044][T23027] netlink: 128 bytes leftover after parsing attributes in process `syz.3.7712'. [ 622.810097][T23027] netlink: 'syz.3.7712': attribute type 4 has an invalid length. [ 622.810111][T23027] netlink: 'syz.3.7712': attribute type 3 has an invalid length. [ 622.810124][T23027] netlink: 3 bytes leftover after parsing attributes in process `syz.3.7712'. [ 622.963281][T23035] netlink: 'syz.3.7716': attribute type 21 has an invalid length. [ 622.963404][T23035] netlink: 132 bytes leftover after parsing attributes in process `syz.3.7716'. [ 622.963461][T23035] netlink: 'syz.3.7716': attribute type 1 has an invalid length. [ 623.787419][T23086] netlink: 16 bytes leftover after parsing attributes in process `syz.4.7740'. [ 623.905934][T23095] netlink: 14 bytes leftover after parsing attributes in process `syz.4.7745'. [ 624.273909][ T1341] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.273986][ T1341] ieee802154 phy1 wpan1: encryption failed: -22 [ 624.512615][T23124] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7759'. [ 625.080221][T23158] nbd: must specify at least one socket [ 625.840741][T23203] netdevsim netdevsim4: Direct firmware load for .. @ failed with error -2 [ 625.840766][T23203] netdevsim netdevsim4: Falling back to sysfs fallback for: .. @ [ 626.156931][T23220] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7805'. [ 626.570329][T23242] netlink: 'syz.2.7818': attribute type 15 has an invalid length. [ 626.570351][T23242] netlink: 'syz.2.7818': attribute type 7 has an invalid length. [ 627.017701][T23268] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 627.017721][T23268] overlayfs: missing 'lowerdir' [ 629.306292][T23415] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7901'. [ 629.473215][T23425] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7907'. [ 629.911207][T23452] IPVS: Error connecting to the multicast addr [ 633.049446][T23653] afs: Bad value for 'flock' [ 633.501441][T23677] netlink: 'syz.4.8029': attribute type 21 has an invalid length. [ 633.501468][T23677] netlink: 128 bytes leftover after parsing attributes in process `syz.4.8029'. [ 633.501563][T23677] netlink: 3 bytes leftover after parsing attributes in process `syz.4.8029'. [ 634.308870][T23716] Invalid source name [ 634.308895][T23716] UBIFS error (pid: 23716): cannot open "/dev/sg0", error -22 [ 634.570023][T23732] netlink: 'syz.2.8052': attribute type 10 has an invalid length. [ 634.570045][T23732] netlink: 40 bytes leftover after parsing attributes in process `syz.2.8052'. [ 634.570456][T23732] dummy0: entered promiscuous mode [ 634.576387][T23732] bridge0: port 3(dummy0) entered blocking state [ 634.579204][T23732] bridge0: port 3(dummy0) entered disabled state [ 634.580295][T23732] dummy0: entered allmulticast mode [ 634.662625][T23732] bridge0: port 3(dummy0) entered blocking state [ 634.662829][T23732] bridge0: port 3(dummy0) entered forwarding state [ 635.337432][ T38] audit: type=1800 audit(1779274250.007:21): pid=23756 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz.3.8063" name="/newroot/dev/fuse" dev="tmpfs" ino=2032 res=0 errno=0 [ 635.880410][T23791] tmpfs: Bad value for 'mpol' [ 636.298604][T23809] netlink: 152 bytes leftover after parsing attributes in process `syz.2.8088'. [ 636.897103][T23787] infiniband syz0: set active [ 636.897374][T23787] infiniband syz0: added bond_slave_1 [ 637.071112][T23787] workqueue: Failed to create a rescuer kthread for wq "ib_mad1": -EINTR [ 637.113280][T23787] infiniband syz0: Couldn't open port 1 [ 637.116729][T23787] smbdirect: ib_dev[syz0]: added: IB_CA max_fast_reg_page_list_len=512 device_cap_flags=0x1c001223c76 kernel_cap_flags=0x14 page_size_cap=0xfffff000 [ 637.116829][T23787] smbdirect: ib_dev[syz0]: num_ports=1 max_qp_rd_atom=128 max_qp_init_rd_atom=128 max_sgl_rd=0 max_sge_rd=32 max_cqe=32767 max_qp_wr=1048576 max_send_sge=32 max_recv_sge=32 [ 637.116954][T23787] smbdirect: ib_dev[syz0]PORT[1]: iwarp=0 ib=0 roce=1 v1=0 v2=1 core_cap_flags=0x803005 [ 637.607210][T23787] RDS/IB: syz0: added [ 637.612782][T23787] smc: adding ib device syz0 with port count 1 [ 637.613500][T23787] smc: ib device syz0 port 1 has no pnetid [ 638.572142][T23907] netlink: 16 bytes leftover after parsing attributes in process `syz.2.8135'. [ 639.091995][T23929] netlink: 763 bytes leftover after parsing attributes in process `syz.3.8146'. [ 639.318158][T23941] netlink: 'syz.2.8151': attribute type 21 has an invalid length. [ 641.496555][T24019] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8189'. [ 642.183925][T24066] netlink: 24 bytes leftover after parsing attributes in process `syz.3.8211'. [ 642.696855][T24095] tmpfs: Bad value for 'mpol' [ 643.611087][T24150] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8253'. [ 644.361749][T24196] netlink: 104 bytes leftover after parsing attributes in process `syz.3.8277'. [ 647.213612][T24353] EXT4-fs: Conflicting test_dummy_encryption options [ 647.699921][T24375] netlink: 36 bytes leftover after parsing attributes in process `syz.3.8363'. [ 647.699944][T24375] netlink: 20 bytes leftover after parsing attributes in process `syz.3.8363'. [ 649.763253][T24470] EXT4-fs: Conflicting test_dummy_encryption options [ 650.611287][T24509] netlink: 120 bytes leftover after parsing attributes in process `syz.2.8429'. [ 650.637965][T24512] xt_connbytes: Forcing CT accounting to be enabled [ 651.228269][T24529] rdma_rxe: rxe_newlink: failed to add bond_slave_1 [ 652.970106][T24623] 9p: Bad value for 'rfdno' [ 653.079332][T24630] netlink: 60 bytes leftover after parsing attributes in process `syz.4.8487'. [ 653.080691][T24630] netlink: 60 bytes leftover after parsing attributes in process `syz.4.8487'. [ 653.258231][T24635] netlink: 25 bytes leftover after parsing attributes in process `syz.4.8491'. [ 653.525201][T24650] netlink: 140 bytes leftover after parsing attributes in process `syz.4.8498'. [ 655.324528][T24743] overlayfs: conflicting options: metacopy=on,redirect_dir=nofollow [ 656.060861][T24789] netlink: 24 bytes leftover after parsing attributes in process `syz.2.8565'. [ 657.661799][T24873] netlink: 16 bytes leftover after parsing attributes in process `syz.4.8605'. [ 658.032065][T24896] ptrace attach of "ci-upstream-rust-kasan-gce/syz-executor exec"[19268] was attempted by ""[24896] [ 659.518491][T24995] IPVS: ip_vs_edit_dest(): server weight less than zero [ 659.699314][T25004] netlink: 'syz.4.8670': attribute type 27 has an invalid length. [ 660.483523][T25051] netlink: 32 bytes leftover after parsing attributes in process `syz.4.8690'. [ 660.892047][T25078] netlink: 20 bytes leftover after parsing attributes in process `syz.4.8703'. [ 661.107229][T25092] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8709'. [ 661.730857][T25132] netlink: 64 bytes leftover after parsing attributes in process `syz.2.8730'. [ 662.092199][T25155] tipc: Started in network mode [ 662.092246][T25155] tipc: Node identity 227d86577e78, cluster identity 4711 [ 662.092493][T25155] tipc: Enabled bearer , priority 23 [ 662.632157][T25190] netlink: 40 bytes leftover after parsing attributes in process `syz.2.8759'. [ 662.633390][T25190] netlink: 40 bytes leftover after parsing attributes in process `syz.2.8759'. [ 663.214220][ T5622] tipc: Node number set to 1543865943 [ 663.462602][T25242] netlink: 60 bytes leftover after parsing attributes in process `syz.4.8784'. [ 663.463909][T25242] netlink: 60 bytes leftover after parsing attributes in process `syz.4.8784'. [ 663.858407][T25258] Invalid ELF header magic: != ELF [ 664.668458][T25304] netlink: 'syz.3.8816': attribute type 1 has an invalid length. [ 664.668487][T25304] netlink: 'syz.3.8816': attribute type 2 has an invalid length. [ 665.050915][T25328] netlink: 76 bytes leftover after parsing attributes in process `syz.3.8828'. [ 666.789698][T25424] netlink: 'syz.4.8875': attribute type 13 has an invalid length. [ 666.789721][T25424] netlink: 14581 bytes leftover after parsing attributes in process `syz.4.8875'. [ 669.308342][T25566] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8942'. [ 669.308473][T25566] IPVS: Unknown mcast interface: vcan0 [ 669.740150][T25593] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8955'. [ 670.297174][T25630] fuse: fd is not a fuse device [ 673.021192][T25776] netlink: 24 bytes leftover after parsing attributes in process `syz.2.9042'. [ 675.394931][ T38] audit: type=1326 audit(1779274290.097:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25866 comm="syz.2.9086" exe="/root/ci-upstream-rust-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69b29ece59 code=0x7fc00000 [ 675.803428][T25926] netlink: 'syz.4.9115': attribute type 1 has an invalid length. [ 675.803452][T25926] netlink: 16098 bytes leftover after parsing attributes in process `syz.4.9115'. [ 676.106137][T25942] fuse: fd is not a fuse device [ 676.300435][T25954] xt_cluster: you have exceeded the maximum number of cluster nodes (37482740 > 32) [ 676.839491][T25986] netlink: 'syz.4.9144': attribute type 21 has an invalid length. [ 676.839518][T25986] netlink: 14532 bytes leftover after parsing attributes in process `syz.4.9144'. [ 677.425833][T26019] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.9159'. [ 677.427526][T26015] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.9159'. [ 677.483914][ T5622] Process accounting resumed [ 677.622788][T26014] Process accounting resumed [ 678.426988][ T38] audit: type=1800 audit(1779274293.117:23): pid=26080 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.9190" name="nullb0" dev="tmpfs" ino=726 res=0 errno=0 [ 678.800379][T26100] netlink: 'syz.2.9199': attribute type 142 has an invalid length. [ 680.362485][T26198] netlink: 60 bytes leftover after parsing attributes in process `syz.3.9249'. [ 680.367326][T26198] netlink: 60 bytes leftover after parsing attributes in process `syz.3.9249'. [ 680.507542][T26207] netlink: 'syz.2.9253': attribute type 10 has an invalid length. [ 680.507566][T26207] netlink: 152 bytes leftover after parsing attributes in process `syz.2.9253'. [ 680.878687][T26227] fuse: fd is not a fuse device [ 681.444177][ T38] audit: type=1326 audit(1779274296.137:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26264 comm="syz.3.9281" exe="/root/ci-upstream-rust-kasan-gce/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc5dd96ce59 code=0x0 [ 682.318130][T26314] overlayfs: regular lower layers cannot follow data lower layers [ 684.172939][T26432] netlink: 72 bytes leftover after parsing attributes in process `syz.4.9363'. [ 685.712452][ T1341] ieee802154 phy0 wpan0: encryption failed: -22 [ 685.712561][ T1341] ieee802154 phy1 wpan1: encryption failed: -22 [ 687.193288][T26585] netlink: 24 bytes leftover after parsing attributes in process `syz.4.9438'. [ 687.621308][T26603] nftables ruleset with unbound set [ 688.098946][T26630] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9461'. [ 688.242832][T26639] tipc: Started in network mode [ 688.242860][T26639] tipc: Node identity e0000002, cluster identity 4711 [ 688.242908][T26639] tipc: Enabling of bearer rejected, failed to enable media [ 689.540203][T26685] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 689.540239][T26685] CIFS: Unable to determine destination address [ 690.280056][T26723] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9504'. [ 691.508529][T26785] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 691.699931][T26794] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9539'. [ 692.813178][T26858] netlink: 16 bytes leftover after parsing attributes in process `syz.2.9567'. [ 693.040226][T26871] fuse: fd is not a fuse device [ 695.285986][T27007] CIFS mount error: No usable UNC path provided in device string! [ 695.285986][T27007] [ 695.288358][T27007] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 695.553246][T27017] netlink: 'syz.2.9647': attribute type 10 has an invalid length. [ 695.611611][T27022] netlink: 'syz.2.9647': attribute type 10 has an invalid length. [ 695.754243][T27017] bridge0: port 3(dummy0) entered disabled state [ 695.777938][T27017] dummy0: left allmulticast mode [ 695.778138][T27017] dummy0: left promiscuous mode [ 695.820943][T27017] bridge0: port 3(dummy0) entered disabled state [ 696.071504][T27017] team0: Port device dummy0 added [ 696.186621][T27022] team0: Port device dummy0 removed [ 696.359099][T27022] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 697.536870][T27100] netlink: 'syz.3.9683': attribute type 10 has an invalid length. [ 697.596258][T27105] netlink: 'syz.3.9683': attribute type 10 has an invalid length. [ 697.738380][T27100] team0: Port device dummy0 added [ 697.895472][T27105] team0: Port device dummy0 removed [ 697.951264][T27105] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 697.951561][T27115] netlink: 40 bytes leftover after parsing attributes in process `syz.4.9690'. [ 697.952210][T27118] netlink: 40 bytes leftover after parsing attributes in process `syz.4.9690'. [ 698.225335][T27136] netlink: 40 bytes leftover after parsing attributes in process `syz.4.9702'. [ 699.092741][T27183] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9723'. [ 699.346906][T27200] netlink: 'syz.4.9732': attribute type 10 has an invalid length. [ 699.372265][T27200] team0: Port device dummy0 added [ 699.395641][T27200] netlink: 'syz.4.9732': attribute type 10 has an invalid length. [ 699.499679][T27206] MTD: Couldn't look up 'mountinfo': -2 [ 699.561434][T27200] team0: Port device dummy0 removed [ 699.596083][T27200] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 700.140713][T27246] netlink: 'syz.2.9754': attribute type 6 has an invalid length. [ 701.309204][ T38] audit: type=1326 audit(1779274316.007:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27307 comm="syz.4.9786" exe="/root/ci-upstream-rust-kasan-gce/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8dabf1ce59 code=0x0 [ 702.107143][ T38] audit: type=1326 audit(1779274316.817:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27352 comm="syz.3.9808" exe="/root/ci-upstream-rust-kasan-gce/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc5dd96ce59 code=0x0 [ 703.343395][T27418] tipc: Enabling of bearer rejected, media not registered [ 705.277183][T27538] overlayfs: missing 'workdir' [ 705.950777][T27578] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9916'. [ 706.257692][ T38] audit: type=1800 audit(1779274320.957:27): pid=27598 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.9927" name="file0" dev="tmpfs" ino=3533 res=0 errno=0 [ 707.560425][T27685] overlayfs: missing 'workdir' [ 709.991331][T27843] PKCS8: Unsupported PKCS#8 version [ 710.291775][T27863] netlink: 'syz.3.10056': attribute type 1 has an invalid length. [ 712.189294][T27982] fuse: fd is not a fuse device [ 713.128249][T28042] netlink: 28 bytes leftover after parsing attributes in process `syz.2.10139'. [ 714.400231][T28127] tipc: Enabling not permitted [ 714.400275][T28127] tipc: Enabling of bearer rejected, failed to enable media [ 715.408556][T28194] sctp: [Deprecated]: syz.2.10213 (pid 28194) Use of int in max_burst socket option. [ 715.408556][T28194] Use struct sctp_assoc_value instead [ 716.722871][T28265] netlink: 92 bytes leftover after parsing attributes in process `syz.4.10247'. [ 719.053106][T28359] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10293'. [ 719.053140][T28359] netlink: 12 bytes leftover after parsing attributes in process `syz.2.10293'. [ 719.053158][T28359] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10293'. [ 720.233730][T28441] netlink: 128 bytes leftover after parsing attributes in process `syz.3.10334'. [ 720.926679][T17436] IPVS: starting estimator thread 0... [ 720.928473][T28472] IPVS: lc: FWM 3 0x00000003 - no destination available [ 721.016836][T28473] IPVS: using max 9 ests per chain, 21600 per kthread [ 722.031003][T28527] netlink: 8 bytes leftover after parsing attributes in process `syz.4.10373'. [ 722.597244][T28556] fuse: fd is not a fuse device [ 723.009204][T28586] fuse: fd is not a fuse device [ 723.172474][T28594] netlink: 80 bytes leftover after parsing attributes in process `syz.2.10404'. [ 725.210645][T28693] netlink: 56 bytes leftover after parsing attributes in process `syz.4.10451'. [ 727.980829][T28844] netlink: 40 bytes leftover after parsing attributes in process `syz.4.10524'. [ 727.980879][T28844] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10524'. [ 728.189045][T28855] IPVS: sync thread started: state = MASTER, mcast_ifn = veth1_to_bridge, syncid = 32, id = 0 [ 728.444566][T28868] bpf: Bad value for 'uid' [ 728.927717][T28901] netlink: 72 bytes leftover after parsing attributes in process `syz.2.10549'. [ 730.637028][T28991] netlink: 3 bytes leftover after parsing attributes in process `syz.3.10594'. [ 734.122002][ T57] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 734.153118][ T5625] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 734.218017][ T5625] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 734.259137][ T5625] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 734.289936][ T5625] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 734.293587][ T5625] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 735.136533][ T57] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 735.605964][ T57] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 735.887278][T29222] vxcan0: tx address claim with dest, not broadcast [ 736.100803][ T57] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 736.409342][T29242] 9p: Bad value for 'rfdno' [ 736.435218][ T4930] Bluetooth: hci4: command tx timeout [ 736.675911][T29253] netlink: 48 bytes leftover after parsing attributes in process `syz.3.10718'. [ 736.962177][T29262] 9pnet_fd: p9_fd_create_tcp (29262): problem connecting socket to 127.0.0.1 [ 738.108778][ T57] bridge_slave_1: left allmulticast mode [ 738.108811][ T57] bridge_slave_1: left promiscuous mode [ 738.109058][ T57] bridge0: port 2(bridge_slave_1) entered disabled state [ 738.297658][ T57] bridge_slave_0: left allmulticast mode [ 738.297692][ T57] bridge_slave_0: left promiscuous mode [ 738.297942][ T57] bridge0: port 1(bridge_slave_0) entered disabled state [ 738.516220][ T4930] Bluetooth: hci4: command tx timeout [ 738.525954][ T57] hsr0: left allmulticast mode [ 738.525975][ T57] hsr_slave_0: left allmulticast mode [ 738.526003][ T57] hsr_slave_1: left allmulticast mode [ 739.614809][ T57] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 739.674853][ T57] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 739.744828][ T57] bond0 (unregistering): (slave dummy0): Releasing backup interface [ 739.822126][ T57] bond0 (unregistering): Released all slaves [ 739.930103][ T5276] 8021q: adding VLAN 0 to HW filter on device eth1 [ 740.096286][ T57] tipc: Left network mode [ 740.096381][ T9] syz0: Port: 1 Link DOWN [ 740.587907][ T4930] Bluetooth: hci4: command tx timeout [ 742.622938][ T5276] 8021q: adding VLAN 0 to HW filter on device eth2 [ 742.676076][ T4930] Bluetooth: hci4: command tx timeout [ 743.977622][T29149] bridge0: port 1(bridge_slave_0) entered blocking state [ 743.979851][T29149] bridge0: port 1(bridge_slave_0) entered disabled state [ 743.980173][T29149] bridge_slave_0: entered allmulticast mode [ 744.016967][T29149] bridge_slave_0: entered promiscuous mode [ 744.112071][T29149] bridge0: port 2(bridge_slave_1) entered blocking state [ 744.112428][T29149] bridge0: port 2(bridge_slave_1) entered disabled state [ 744.112777][T29149] bridge_slave_1: entered allmulticast mode [ 744.190268][T29149] bridge_slave_1: entered promiscuous mode [ 744.341672][ T5276] 8021q: adding VLAN 0 to HW filter on device eth3 [ 744.383157][ T38] audit: type=1326 audit(1779274359.077:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29495 comm="syz.3.10810" exe="/root/ci-upstream-rust-kasan-gce/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc5dd96ce59 code=0x0 [ 744.650571][T29149] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 744.688868][T29149] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 745.093063][T29149] team0: Port device team_slave_0 added [ 745.133506][T29149] team0: Port device team_slave_1 added [ 745.279483][T29513] tipc: New replicast peer: 172.30.0.3 [ 745.279757][T29513] tipc: Enabled bearer , priority 10 [ 745.343161][T29514] netlink: 12 bytes leftover after parsing attributes in process `syz.2.10818'. [ 745.343185][T29514] tipc: Disabling bearer [ 745.538353][ T57] hsr_slave_0: left promiscuous mode [ 745.578600][ T57] hsr_slave_1: left promiscuous mode [ 745.579813][ T57] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 745.579840][ T57] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 745.641068][ T57] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 745.641126][ T57] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 745.797776][ T57] veth0_macvtap: left promiscuous mode [ 745.798030][ T57] veth1_vlan: left promiscuous mode [ 745.879166][ T57] veth0_vlan: left promiscuous mode [ 747.148777][ T1341] ieee802154 phy0 wpan0: encryption failed: -22 [ 747.148879][ T1341] ieee802154 phy1 wpan1: encryption failed: -22 [ 747.565751][ T57] team0 (unregistering): Port device team_slave_1 removed [ 747.647856][ T57] team0 (unregistering): Port device team_slave_0 removed [ 747.713690][ T67] smc: removing ib device syz0 [ 748.302508][T29149] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 748.302524][T29149] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 748.302551][T29149] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 748.351826][ T5276] 8021q: adding VLAN 0 to HW filter on device eth4 [ 748.378867][T29149] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 748.378879][T29149] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 748.378898][T29149] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 748.847477][ T67] smbdirect: ib_dev[syz0] removed [ 749.003948][T29149] hsr_slave_0: entered promiscuous mode [ 749.062242][T29149] hsr_slave_1: entered promiscuous mode [ 749.078314][T29149] debugfs: 'hsr0' already exists in 'hsr' [ 749.078339][T29149] Cannot create hsr debugfs directory [ 752.691882][T29149] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 752.876154][T29149] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 752.897651][T29149] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 753.024730][T29149] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 753.030569][T29149] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 753.139389][T29149] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 753.152178][T29149] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 753.279558][T29149] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 753.657306][ T57] IPVS: stop unused estimator thread 0... [ 754.071889][T29149] 8021q: adding VLAN 0 to HW filter on device bond0 [ 754.260965][T29149] 8021q: adding VLAN 0 to HW filter on device team0 [ 754.299454][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 754.299651][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 754.342652][ T176] bridge0: port 2(bridge_slave_1) entered blocking state [ 754.342883][ T176] bridge0: port 2(bridge_slave_1) entered forwarding state [ 755.676975][T29149] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 756.529073][T29149] veth0_vlan: entered promiscuous mode [ 756.625603][T29149] veth1_vlan: entered promiscuous mode [ 756.821092][T29149] veth0_macvtap: entered promiscuous mode [ 756.882613][T29149] veth1_macvtap: entered promiscuous mode [ 756.990743][T29149] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 757.073398][T29149] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 757.133112][ T67] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 757.150327][ T67] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 757.151649][ T67] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 757.156625][ T67] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 757.795327][T29919] openvswitch: netlink: Actions may not be safe on all matching packets [ 758.449452][ T1300] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 758.449472][ T1300] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 758.649882][ T1171] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 758.649902][ T1171] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 758.888734][T29945] batadv_slave_1: entered promiscuous mode [ 758.889518][T29944] batadv_slave_1: left promiscuous mode [ 759.349656][T29964] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 759.519050][T29968] C: renamed from veth1_to_team (while UP) [ 759.552148][T29968] netlink: 'syz.5.11012': attribute type 2 has an invalid length. [ 759.552168][T29968] netlink: 128 bytes leftover after parsing attributes in process `syz.5.11012'. [ 759.552182][T29968] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check. [ 759.851335][T29984] netlink: 20 bytes leftover after parsing attributes in process `syz.5.11015'. [ 760.558863][T30013] netlink: 28 bytes leftover after parsing attributes in process `syz.5.11028'. [ 762.015150][T30084] fuse: fd is not a fuse device [ 762.335769][T17436] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 762.484839][T17436] usb 6-1: Using ep0 maxpacket: 16 [ 762.491372][T17436] usb 6-1: unable to get BOS descriptor or descriptor too short [ 762.492821][T17436] usb 6-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 127, changing to 7 [ 762.536930][T17436] usb 6-1: New USB device found, idVendor=103d, idProduct=0100, bcdDevice= 0.40 [ 762.536960][T17436] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 762.536980][T17436] usb 6-1: Product: syz [ 762.537001][T17436] usb 6-1: Manufacturer: syz [ 762.537017][T17436] usb 6-1: SerialNumber: syz [ 762.932485][T17436] usb 6-1: Audio class v2/v3 interfaces need an interface association [ 762.933163][T17436] snd-usb-audio 6-1:1.0: probe with driver snd-usb-audio failed with error -22 [ 763.629177][T17436] usb 6-1: USB disconnect, device number 2 [ 764.853850][T30181] netlink: 4 bytes leftover after parsing attributes in process `syz.5.11087'. [ 770.967850][T30478] overlayfs: failed to clone lowerpath [ 771.279063][T30493] loop8: detected capacity change from 0 to 7 [ 771.297153][ T57] lo_rw_aio(loop8) starting read with raw_refcnt=0x1, refcnt=2 [ 771.300612][T30493] Dev loop8: unable to read RDB block 7 [ 771.300650][T30493] loop8: unable to read partition table [ 771.300864][T30493] loop8: partition table beyond EOD, truncated [ 771.300895][T30493] loop_reread_partitions: partition scan of loop8 (ώθ’«xό^>Ρΰ– ) failed (rc=-5) [ 771.489363][T30139] __loop_clr_fd(loop8) clearing lo_backing_file with raw_refcnt=0x0, refcnt=1 [ 771.844147][ T1247] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 771.997238][ T1247] usb 6-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 771.997267][ T1247] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 772.031737][ T1247] usb 6-1: config 0 descriptor?? [ 772.049211][ T1247] cp210x 6-1:0.0: cp210x converter detected [ 772.660651][ T1247] cp210x 6-1:0.0: failed to get vendor val 0x000e size 678: -71 [ 772.660707][ T1247] cp210x 6-1:0.0: GPIO initialisation failed: -71 [ 772.683058][ T1247] usb 6-1: cp210x converter now attached to ttyUSB0 [ 772.704990][ T1247] usb 6-1: USB disconnect, device number 3 [ 772.725143][ T1247] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 772.727781][ T1247] cp210x 6-1:0.0: device disconnected [ 772.904334][ T4930] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0 [ 772.904702][ T4930] Bluetooth: hci4: Injecting HCI hardware error event [ 772.917176][ T4930] Bluetooth: hci4: hardware error 0x00 [ 773.233934][T30563] netlink: 8 bytes leftover after parsing attributes in process `syz.5.11264'. [ 773.578322][T30577] syz.3.11272 (30577): attempted to duplicate a private mapping with mremap. This is not supported. [ 773.752609][T30585] netlink: 8 bytes leftover after parsing attributes in process `syz.3.11275'. [ 774.289228][T30617] netlink: 'syz.3.11291': attribute type 5 has an invalid length. [ 774.405882][T30622] netlink: 20 bytes leftover after parsing attributes in process `syz.5.11293'. [ 775.155213][ T4930] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 776.378858][T30697] netlink: 48 bytes leftover after parsing attributes in process `syz.3.11328'. [ 778.135523][T30785] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 778.617392][T30815] netlink: 20 bytes leftover after parsing attributes in process `syz.2.11386'. [ 780.863645][T30935] netlink: 12 bytes leftover after parsing attributes in process `syz.3.11441'. [ 783.133703][T31044] netlink: 4 bytes leftover after parsing attributes in process `syz.2.11493'. [ 783.133769][T31044] netlink: 4 bytes leftover after parsing attributes in process `syz.2.11493'. [ 783.388661][T31055] fuse: fd is not a fuse device [ 783.899451][T31082] overlayfs: failed to clone upperpath [ 783.983370][T31086] input: syz0 as /devices/virtual/input/input47 [ 785.913895][T31169] bridge0: port 3(erspan0) entered blocking state [ 785.915041][T31169] bridge0: port 3(erspan0) entered disabled state [ 785.938055][T31169] erspan0: entered allmulticast mode [ 785.957514][T31169] erspan0: entered promiscuous mode [ 786.000793][T31169] bridge0: port 3(erspan0) entered blocking state [ 786.026741][T31169] bridge0: port 3(erspan0) entered forwarding state [ 786.657127][T31207] netlink: 'syz.5.11566': attribute type 6 has an invalid length. [ 786.684073][T31210] sctp: [Deprecated]: syz.2.11567 (pid 31210) Use of struct sctp_assoc_value in delayed_ack socket option. [ 786.684073][T31210] Use struct sctp_sack_info instead [ 789.167849][T31342] fuse: fd is not a fuse device [ 790.572219][T31411] overlayfs: failed to clone lowerpath [ 790.817048][T31422] netlink: 72 bytes leftover after parsing attributes in process `syz.3.11662'. [ 791.126873][T31439] netlink: 16 bytes leftover after parsing attributes in process `syz.2.11670'. [ 791.986557][T31481] block nbd5: NBD_DISCONNECT [ 792.021599][T31485] 9p: Bad value for 'rfdno' [ 792.924267][ T38] audit: type=1326 audit(1779274407.617:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31535 comm="syz.5.11716" exe="/root/ci-upstream-rust-kasan-gce/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6bb2f7ce59 code=0x0 [ 793.630107][T31562] netlink: 160 bytes leftover after parsing attributes in process `syz.2.11728'. [ 794.094205][T17436] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 794.268239][T17436] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 794.268303][T17436] usb 6-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024 [ 794.299788][T17436] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 794.299818][T17436] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 794.299839][T17436] usb 6-1: Product: syz [ 794.299854][T17436] usb 6-1: Manufacturer: syz [ 794.299868][T17436] usb 6-1: SerialNumber: syz [ 794.359096][T17436] cdc_mbim 6-1:1.0: skipping garbage [ 794.602313][T31570] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22 [ 795.082615][T31623] fuse: fd is not a fuse device [ 795.208749][T31570] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22 [ 795.210741][T17436] cdc_mbim 6-1:1.0: setting tx_max = 16384 [ 795.217028][T17436] cdc_mbim 6-1:1.0: cdc-wdm0: USB WDM device [ 795.397936][T17436] wwan wwan0: port wwan0mbim0 attached [ 795.419544][T17436] cdc_mbim 6-1:1.0 wwan0: register 'cdc_mbim' at usb-dummy_hcd.5-1, CDC MBIM, 1e:70:d5:d2:47:ad [ 795.463648][T17436] usb 6-1: USB disconnect, device number 4 [ 795.487298][T17436] cdc_mbim 6-1:1.0 wwan0: unregister 'cdc_mbim' usb-dummy_hcd.5-1, CDC MBIM [ 795.848659][T17436] wwan wwan0: port wwan0mbim0 disconnected [ 796.515282][T17436] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 796.681982][T17436] usb 6-1: config 0 has no interfaces? [ 796.686294][T17436] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41 [ 796.686374][T17436] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11 [ 796.686434][T17436] usb 6-1: Product: syz [ 796.686475][T17436] usb 6-1: Manufacturer: syz [ 796.686523][T17436] usb 6-1: SerialNumber: syz [ 796.723247][T17436] usb 6-1: config 0 descriptor?? [ 796.812582][T31697] netlink: 176 bytes leftover after parsing attributes in process `syz.3.11790'. [ 797.882980][T31733] bridge0: entered allmulticast mode [ 798.413816][T31756] netlink: 16 bytes leftover after parsing attributes in process `syz.3.11819'. [ 799.091790][ T1247] usb 6-1: USB disconnect, device number 5 [ 801.106899][T31863] overlayfs: failed to clone lowerpath [ 809.007152][ T1341] ieee802154 phy0 wpan0: encryption failed: -22 [ 809.007328][ T1341] ieee802154 phy1 wpan1: encryption failed: -22 [ 813.322587][ C1] af_packet: tpacket_rcv: packet too big, clamped from 1496 to 4294967272. macoff=96 [ 814.015669][T32309] fuse: fd is not a fuse device [ 814.064097][ T5727] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 814.214136][ T5727] usb 6-1: Using ep0 maxpacket: 16 [ 814.222053][ T5727] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 814.222075][ T5727] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 814.222090][ T5727] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 814.222125][ T5727] usb 6-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00 [ 814.222141][ T5727] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 814.251226][ T5727] usb 6-1: config 0 descriptor?? [ 814.693221][ T5727] appleir 0003:05AC:8241.004D: unknown main item tag 0x0 [ 814.693254][ T5727] appleir 0003:05AC:8241.004D: unknown main item tag 0x0 [ 814.693280][ T5727] appleir 0003:05AC:8241.004D: unknown main item tag 0x0 [ 814.693304][ T5727] appleir 0003:05AC:8241.004D: unknown main item tag 0x0 [ 814.693327][ T5727] appleir 0003:05AC:8241.004D: unknown main item tag 0x0 [ 814.820294][ T5727] appleir 0003:05AC:8241.004D: hiddev0,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.5-1/input0 [ 814.980374][T17436] usb 6-1: USB disconnect, device number 6 [ 815.031263][T32343] fido_id[32343]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/6-1/report_descriptor': No such file or directory [ 817.215932][ T5727] usb 6-1: new full-speed USB device number 7 using dummy_hcd [ 817.419512][ T5727] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 8 [ 817.419570][ T5727] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 33, using maximum allowed: 30 [ 817.419614][ T5727] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid maxpacket 11634, setting to 64 [ 817.419649][ T5727] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 33 [ 817.422161][ T5727] usb 6-1: New USB device found, idVendor=05f3, idProduct=0240, bcdDevice=1b.24 [ 817.422191][ T5727] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 817.422216][ T5727] usb 6-1: Product: syz [ 817.422226][ T5727] usb 6-1: Manufacturer: syz [ 817.422237][ T5727] usb 6-1: SerialNumber: syz [ 817.508602][ T5727] usb 6-1: config 0 descriptor?? [ 817.521642][ T5727] powermate 6-1:0.0: probe with driver powermate failed with error -5 [ 817.731776][ T9] usb 6-1: USB disconnect, device number 7 [ 819.645837][T32560] netlink: 8 bytes leftover after parsing attributes in process `syz.3.12192'. [ 820.685552][T32607] cgroup: Unknown subsys name 'cpuset' [ 821.114828][T32626] fuse: fd is not a fuse device [ 823.664161][ T9] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 823.816942][ T9] usb 6-1: Using ep0 maxpacket: 32 [ 823.826206][ T9] usb 6-1: config 0 has an invalid interface number: 184 but max is 0 [ 823.826236][ T9] usb 6-1: config 0 has no interface number 0 [ 823.826286][ T9] usb 6-1: config 0 interface 184 has no altsetting 0 [ 823.831424][ T9] usb 6-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 823.831451][ T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 823.831471][ T9] usb 6-1: Product: syz [ 823.831485][ T9] usb 6-1: Manufacturer: syz [ 823.831499][ T9] usb 6-1: SerialNumber: syz [ 823.863036][T32762] cgroup: Unknown subsys name 'cpuset' [ 823.902358][ T9] usb 6-1: config 0 descriptor?? [ 824.827110][ T328] 9p: Bad value for 'rfdno' [ 825.132348][ T9] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -71 [ 825.132391][ T9] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 825.132900][ T9] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71 [ 825.132926][ T9] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71 [ 825.132945][ T9] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset [ 825.132963][ T9] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71 [ 825.133236][ T9] smsc75xx 6-1:0.184: probe with driver smsc75xx failed with error -71 [ 825.212159][ T9] usb 6-1: USB disconnect, device number 8 [ 828.000884][ T452] netlink: 104 bytes leftover after parsing attributes in process `syz.2.12346'. [ 829.562873][ T534] loop5: detected capacity change from 0 to 3239 [ 829.598089][ T536] loop5: detected capacity change from 3239 to 4095 [ 829.600739][ T150] lo_rw_aio(loop5) starting read with raw_refcnt=0x2, refcnt=3 [ 829.705661][ T150] lo_rw_aio(loop5) starting read with raw_refcnt=0x2, refcnt=3 [ 829.711458][ T150] lo_rw_aio(loop5) starting read with raw_refcnt=0x2, refcnt=3 [ 829.747808][ T162] lo_rw_aio(loop5) starting read with raw_refcnt=0x2, refcnt=3 [ 829.764684][ T162] lo_rw_aio(loop5) starting read with raw_refcnt=0x2, refcnt=3 [ 829.766375][ T537] Buffer I/O error on dev loop5, logical block 511, async page read [ 829.838419][ T537] Buffer I/O error on dev loop5, logical block 511, async page read [ 830.232491][ T531] __loop_clr_fd(loop5) clearing lo_backing_file with raw_refcnt=0x0, refcnt=1 [ 830.513429][ T552] syz_tun: entered allmulticast mode [ 830.540249][ T552] dvmrp8: entered allmulticast mode [ 830.550435][ T551] syz_tun: left allmulticast mode [ 834.164422][ T625] netlink: 'syz.2.12423': attribute type 4 has an invalid length. [ 834.202747][ T625] netlink: 'syz.2.12423': attribute type 4 has an invalid length. [ 834.477592][ T637] netlink: 12 bytes leftover after parsing attributes in process `syz.5.12428'. [ 842.068376][ T762] input: syz0 as /devices/virtual/input/input48 [ 844.270242][ T872] netlink: 'syz.5.12533': attribute type 58 has an invalid length. [ 844.323697][ T874] netlink: 'syz.5.12533': attribute type 58 has an invalid length. [ 844.630883][ T872] bridge0: port 3(erspan0) entered disabled state [ 847.596278][ T730] __loop_clr_fd(loop5) clearing lo_backing_file with raw_refcnt=0x0, refcnt=1 [ 848.318536][ T1082] fuse: fd is not a fuse device [ 849.140908][ T1112] 9pnet: p9_errstr2errno: server reported unknown error 0x00000 [ 850.638772][ T1154] overlayfs: failed to clone upperpath [ 851.113363][ T1179] vcan0: tx drop: invalid sa for name 0x0000000000000004 [ 851.857893][ T1208] netlink: 'syz.2.12668': attribute type 4 has an invalid length. [ 851.892553][ T1208] netlink: 'syz.2.12668': attribute type 4 has an invalid length. [ 853.419587][ T38] audit: type=1326 audit(1779274468.117:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1250 comm="syz.5.12687" exe="/root/ci-upstream-rust-kasan-gce/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6bb2f7ce59 code=0x0 [ 854.690364][ T1289] vcan0: tx drop: invalid sa for name 0x0000000000000004 [ 854.817936][ T1293] overlayfs: failed to clone upperpath [ 859.450842][ T5625] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 859.510803][ T5625] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 859.520089][ T5625] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 859.549515][ T1419] fuse: fd is not a fuse device [ 859.573283][ T5625] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 859.597302][ T5625] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 860.800956][ T1463] fuse: fd is not a fuse device [ 861.580953][ T1409] bridge0: port 1(bridge_slave_0) entered blocking state [ 861.581550][ T1409] bridge0: port 1(bridge_slave_0) entered disabled state [ 861.581843][ T1409] bridge_slave_0: entered allmulticast mode [ 861.606152][ T1409] bridge_slave_0: entered promiscuous mode [ 861.618745][ T1409] bridge0: port 2(bridge_slave_1) entered blocking state [ 861.619155][ T1409] bridge0: port 2(bridge_slave_1) entered disabled state [ 861.619530][ T1409] bridge_slave_1: entered allmulticast mode [ 861.623151][ T1409] bridge_slave_1: entered promiscuous mode [ 861.791603][ T5625] Bluetooth: hci4: command tx timeout [ 861.827279][ T1409] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 861.870268][ T1409] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 862.144599][ T1409] team0: Port device team_slave_0 added [ 862.165380][ T1409] team0: Port device team_slave_1 added [ 862.256947][ T1409] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 862.256966][ T1409] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 862.256997][ T1409] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 862.261858][ T1409] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 862.261874][ T1409] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 862.261905][ T1409] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 862.480638][ T1409] hsr_slave_0: entered promiscuous mode [ 862.491618][ T1409] hsr_slave_1: entered promiscuous mode [ 862.500385][ T1409] debugfs: 'hsr0' already exists in 'hsr' [ 862.500413][ T1409] Cannot create hsr debugfs directory [ 863.449357][ T1409] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 863.509355][ T1409] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 863.512539][ T1409] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 863.571430][ T1409] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 863.602419][ T1409] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 863.663268][ T1409] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 863.671108][ T1409] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 863.834522][ T1409] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 863.864198][ T5625] Bluetooth: hci4: command tx timeout [ 864.350638][ T1409] 8021q: adding VLAN 0 to HW filter on device bond0 [ 864.482075][ T1409] 8021q: adding VLAN 0 to HW filter on device team0 [ 864.510061][T32655] bridge0: port 1(bridge_slave_0) entered blocking state [ 864.510276][T32655] bridge0: port 1(bridge_slave_0) entered forwarding state [ 864.570506][T32655] bridge0: port 2(bridge_slave_1) entered blocking state [ 864.572111][T32655] bridge0: port 2(bridge_slave_1) entered forwarding state [ 865.515755][ T1409] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 865.817432][ T1409] veth0_vlan: entered promiscuous mode [ 865.836657][ T1409] veth1_vlan: entered promiscuous mode [ 865.893574][ T1409] veth0_macvtap: entered promiscuous mode [ 865.908296][ T1409] veth1_macvtap: entered promiscuous mode [ 865.941380][ T1409] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 865.944148][ T5625] Bluetooth: hci4: command tx timeout [ 865.971157][ T1409] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 866.000683][T32651] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 866.000985][T32651] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 866.001210][T32651] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 866.001463][T32651] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 866.549228][T32655] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 866.549248][T32655] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 867.189054][T32657] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 867.189076][T32657] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 868.024031][ T5625] Bluetooth: hci4: command tx timeout [ 868.912016][ T1666] vxcan0: tx address claim with different name [ 870.036416][ T1341] ieee802154 phy0 wpan0: encryption failed: -22 [ 870.036536][ T1341] ieee802154 phy1 wpan1: encryption failed: -22 [ 870.330812][ T1732] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 870.330858][ T1732] overlayfs: failed to set xattr on upper [ 870.330868][ T1732] overlayfs: ...falling back to index=off. [ 870.330877][ T1732] overlayfs: ...falling back to uuid=null. [ 873.027292][ T1822] fuse: fd is not a fuse device [ 873.182112][ T1826] overlayfs: failed to clone upperpath [ 877.338476][ T1930] netlink: 4 bytes leftover after parsing attributes in process `syz.6.12979'. [ 878.640754][ T1967] netlink: 1276 bytes leftover after parsing attributes in process `syz.3.12994'. [ 879.430619][ T1992] fuse: fd is not a fuse device [ 881.074147][ T1247] kernel read not supported for file [fscontext] (pid: 1247 comm: kworker/0:2) [ 884.909431][ C0] vxcan0: j1939_tp_rxtimer: 0xffff8880326bf400: rx timeout, send abort [ 885.408231][ C0] vxcan0: j1939_tp_rxtimer: 0xffff88803c42d000: rx timeout, send abort [ 885.410872][ C0] vxcan0: j1939_tp_rxtimer: 0xffff8880326bf400: abort rx timeout. Force session deactivation [ 885.908300][ C0] vxcan0: j1939_tp_rxtimer: 0xffff88803c42d000: abort rx timeout. Force session deactivation [ 889.575129][ T2363] fuse: fd is not a fuse device [ 891.915279][ T2437] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 894.254220][ T2559] fuse: fd is not a fuse device [ 894.528958][ T2569] fuse: fd is not a fuse device [ 897.021128][ T2659] fuse: fd is not a fuse device [ 897.553101][ T2674] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2 [ 898.333965][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 899.031669][ T38] audit: type=1326 audit(1779274513.727:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2714 comm="syz.6.13304" exe="/root/ci-upstream-rust-kasan-gce/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbbff16ce59 code=0x0 [ 899.074239][ T2721] netlink: 'syz.2.13307': attribute type 2 has an invalid length. [ 901.544102][ T2794] netlink: 4 bytes leftover after parsing attributes in process `syz.6.13323'. [ 903.117058][ T2844] mac80211_hwsim hwsim13 4: renamed from wlan1 (while UP) [ 905.188927][ T2944] netlink: 4 bytes leftover after parsing attributes in process `syz.3.13392'. [ 905.303063][ T2958] netlink: 24 bytes leftover after parsing attributes in process `syz.2.13397'. [ 908.913501][ T3055] netlink: 24 bytes leftover after parsing attributes in process `syz.3.13440'. [ 909.250832][ T3068] fuse: Unknown parameter 'b$Ό°JΓΔmΦΓc\]bΙ¦φ°Β¬ςsf|BR8ύ6ͺ/ΧΎΔ{‚·‚;ΕfžNΉϋ›§κ+‰{?)£'7Mc‡›’ΩζHiο;[1IƒJU7cΑ_B³(}—»Ϊή±κ܍Žl‘9T €Fά ' [ 909.907739][ T3091] sctp: [Deprecated]: syz.3.13457 (pid 3091) Use of struct sctp_assoc_value in delayed_ack socket option. [ 909.907739][ T3091] Use struct sctp_sack_info instead [ 914.205690][ T3291] dns_resolver: Unsupported server list version (17) [ 915.763095][ T3345] futex_wake_op: syz.2.13575 tries to shift op by 32; fix this program [ 916.566604][ T3389] netlink: 8 bytes leftover after parsing attributes in process `syz.2.13597'. [ 916.826160][ T3405] CIFS: iocharset name too long [ 917.666772][ T3453] netlink: 'syz.2.13629': attribute type 10 has an invalid length. [ 917.666795][ T3453] netlink: 152 bytes leftover after parsing attributes in process `syz.2.13629'. [ 917.812306][ T3453] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 921.188313][ T3621] ieee802154 phy0 wpan0: encryption failed: -22 [ 921.321668][ T3626] kAFS: No cell specified [ 921.608849][ T3641] comedi comedi2: c6xdigio: I/O base address not correctly aligned [ 921.841030][ T3654] ieee802154 phy0 wpan0: encryption failed: -22 [ 922.559202][ T3689] kAFS: No cell specified [ 923.271622][ T3731] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 923.273259][ T3729] netlink: 'syz.2.13764': attribute type 10 has an invalid length. [ 923.273280][ T3729] netlink: 152 bytes leftover after parsing attributes in process `syz.2.13764'. [ 923.283123][ T3729] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 925.418308][ T3845] netlink: 'syz.2.13822': attribute type 10 has an invalid length. [ 925.418331][ T3845] netlink: 152 bytes leftover after parsing attributes in process `syz.2.13822'. [ 925.424090][ T3845] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 925.517446][ T3853] : renamed from hsr_slave_0 (while UP) [ 926.909898][ T3938] tmpfs: Bad value for 'grpquota_block_hardlimit' [ 927.120064][ T3944] netlink: 'syz.3.13869': attribute type 10 has an invalid length. [ 927.120086][ T3944] netlink: 152 bytes leftover after parsing attributes in process `syz.3.13869'. [ 927.139623][ T3944] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 927.682287][ T3971] netlink: 'syz.2.13882': attribute type 10 has an invalid length. [ 927.682309][ T3971] netlink: 152 bytes leftover after parsing attributes in process `syz.2.13882'. [ 927.702926][ T3971] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 929.596758][ T4080] netlink: 12 bytes leftover after parsing attributes in process `syz.2.13936'. [ 930.591278][ T4138] openvswitch: netlink: Actions may not be safe on all matching packets [ 930.725917][ T4145] netlink: 8 bytes leftover after parsing attributes in process `syz.3.13969'. [ 931.328740][ T4177] sctp: [Deprecated]: syz.2.13983 (pid 4177) Use of int in maxseg socket option. [ 931.328740][ T4177] Use struct sctp_assoc_value instead [ 931.432054][ T4183] 8-Ίρ4: renamed from veth1_vlan (while UP) [ 931.472274][ T1341] ieee802154 phy0 wpan0: encryption failed: -22 [ 931.472386][ T1341] ieee802154 phy1 wpan1: encryption failed: -22 [ 932.263356][ T4227] netlink: 256 bytes leftover after parsing attributes in process `syz.6.14008'. [ 932.268408][ T4227] unsupported nlmsg_type 40 [ 933.683185][ T4304] netlink: 'syz.6.14046': attribute type 2 has an invalid length. [ 933.683210][ T4304] netlink: 132 bytes leftover after parsing attributes in process `syz.6.14046'. [ 933.948408][ T4317] netlink: 'syz.2.14052': attribute type 1 has an invalid length. [ 937.150542][ T4483] netlink: 'syz.3.14137': attribute type 10 has an invalid length. [ 937.150566][ T4483] netlink: 152 bytes leftover after parsing attributes in process `syz.3.14137'. [ 937.160816][ T4483] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 937.680255][ T4511] netlink: 'syz.2.14148': attribute type 16 has an invalid length. [ 937.680279][ T4511] netlink: 2 bytes leftover after parsing attributes in process `syz.2.14148'. [ 938.009511][ T4530] netlink: 'syz.3.14157': attribute type 1 has an invalid length. [ 938.009532][ T4530] netlink: 'syz.3.14157': attribute type 2 has an invalid length. [ 938.244382][ T4541] netlink: 36 bytes leftover after parsing attributes in process `syz.2.14161'. [ 938.463592][ T38] audit: type=1326 audit(1779274553.157:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4550 comm="syz.3.14168" exe="/root/ci-upstream-rust-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5dd96ce59 code=0x7ff00000 [ 938.464188][ T38] audit: type=1326 audit(1779274553.157:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4550 comm="syz.3.14168" exe="/root/ci-upstream-rust-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5dd96ce59 code=0x7ff00000 [ 938.488494][ T38] audit: type=1326 audit(1779274553.167:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4550 comm="syz.3.14168" exe="/root/ci-upstream-rust-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5dd96ce59 code=0x7ff00000 [ 938.490054][ T38] audit: type=1326 audit(1779274553.177:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4550 comm="syz.3.14168" exe="/root/ci-upstream-rust-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5dd96ce59 code=0x7ff00000 [ 938.490192][ T38] audit: type=1326 audit(1779274553.187:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4550 comm="syz.3.14168" exe="/root/ci-upstream-rust-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5dd96ce59 code=0x7ff00000 [ 938.490295][ T38] audit: type=1326 audit(1779274553.187:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4550 comm="syz.3.14168" exe="/root/ci-upstream-rust-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5dd96ce59 code=0x7ff00000 [ 938.495603][ T38] audit: type=1326 audit(1779274553.197:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4550 comm="syz.3.14168" exe="/root/ci-upstream-rust-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5dd96ce59 code=0x7ff00000 [ 938.495741][ T38] audit: type=1326 audit(1779274553.197:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4550 comm="syz.3.14168" exe="/root/ci-upstream-rust-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5dd96ce59 code=0x7ff00000 [ 938.495873][ T38] audit: type=1326 audit(1779274553.197:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4550 comm="syz.3.14168" exe="/root/ci-upstream-rust-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5dd96ce59 code=0x7ff00000 [ 938.579137][ T38] audit: type=1326 audit(1779274553.197:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4550 comm="syz.3.14168" exe="/root/ci-upstream-rust-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5dd96ce59 code=0x7ff00000 [ 939.985554][ T4615] netlink: 'syz.2.14199': attribute type 46 has an invalid length. [ 940.651015][ T4657] netlink: 'syz.6.14218': attribute type 5 has an invalid length. [ 941.738652][ T4705] libceph: resolve '400' (ret=-3): failed [ 942.257383][ T4743] IPVS: Error connecting to the multicast addr [ 944.049803][ T4849] netlink: 132 bytes leftover after parsing attributes in process `syz.3.14315'. [ 945.260430][ T5625] Bluetooth: hci4: Malformed LE Event: 0x1b [ 946.728879][ T4998] netlink: 'syz.6.14380': attribute type 2 has an invalid length. [ 946.728901][ T4998] netlink: 'syz.6.14380': attribute type 1 has an invalid length. [ 946.728916][ T4998] netlink: 132 bytes leftover after parsing attributes in process `syz.6.14380'. [ 948.270479][ T5073] sctp: [Deprecated]: syz.3.14415 (pid 5073) Use of int in maxseg socket option. [ 948.270479][ T5073] Use struct sctp_assoc_value instead [ 953.728741][ T5415] netlink: 'syz.3.14577': attribute type 2 has an invalid length. [ 958.680870][ T5742] netlink: 16 bytes leftover after parsing attributes in process `syz.2.14708'. [ 958.854367][ T5749] IPVS: Unknown mcast interface: pimreg0 [ 958.893715][ T5754] netlink: 132 bytes leftover after parsing attributes in process `syz.2.14712'. [ 959.355937][ T5779] netlink: 'syz.3.14724': attribute type 4 has an invalid length. [ 959.355961][ T5779] netlink: 17 bytes leftover after parsing attributes in process `syz.3.14724'. [ 959.808815][ T5808] netlink: 'syz.6.14739': attribute type 4 has an invalid length. [ 959.808839][ T5808] netlink: 17 bytes leftover after parsing attributes in process `syz.6.14739'. [ 960.032077][ T5819] ALSA: seq fatal error: cannot create timer (-22) [ 962.808817][ T5927] netlink: 6 bytes leftover after parsing attributes in process `syz.2.14794'. [ 962.954764][ T5934] netlink: 'syz.2.14797': attribute type 10 has an invalid length. [ 962.954789][ T5934] netlink: 164 bytes leftover after parsing attributes in process `syz.2.14797'. [ 963.452878][ T5956] netlink: 'syz.2.14808': attribute type 10 has an invalid length. [ 963.452903][ T5956] netlink: 164 bytes leftover after parsing attributes in process `syz.2.14808'. [ 964.023699][ T5988] netlink: 6 bytes leftover after parsing attributes in process `syz.3.14819'. [ 965.248461][ T6051] netlink: 'syz.2.14843': attribute type 10 has an invalid length. [ 965.248478][ T6051] netlink: 164 bytes leftover after parsing attributes in process `syz.2.14843'. [ 966.931495][ T6077] netlink: 'syz.2.14854': attribute type 10 has an invalid length. [ 966.931521][ T6077] netlink: 164 bytes leftover after parsing attributes in process `syz.2.14854'. [ 967.778162][ T6122] netlink: 'syz.6.14879': attribute type 29 has an invalid length. [ 968.689515][ T6174] netlink: 14752 bytes leftover after parsing attributes in process `syz.6.14903'. [ 969.681355][ T6229] Bluetooth: MGMT ver 1.23 [ 971.057939][ T6310] netlink: 156 bytes leftover after parsing attributes in process `syz.2.14971'. [ 972.806230][ T6412] fuse: fd is not a fuse device [ 973.253416][ T6430] netlink: 24 bytes leftover after parsing attributes in process `syz.3.15027'. [ 973.639759][ T6454] netlink: 32 bytes leftover after parsing attributes in process `syz.3.15039'. [ 975.884123][ T6585] xt_time: invalid argument - start or stop time greater than 23:59:59 [ 977.561206][ T6671] netlink: zone id is out of range [ 977.561225][ T6671] netlink: zone id is out of range [ 977.561235][ T6671] netlink: zone id is out of range [ 977.561245][ T6671] netlink: zone id is out of range [ 977.561255][ T6671] netlink: zone id is out of range [ 977.561265][ T6671] netlink: zone id is out of range [ 977.561274][ T6671] netlink: zone id is out of range [ 977.561284][ T6671] netlink: zone id is out of range [ 977.561293][ T6671] netlink: zone id is out of range [ 977.561303][ T6671] netlink: zone id is out of range [ 977.677809][ T6675] netlink: 20 bytes leftover after parsing attributes in process `syz.6.15145'. [ 978.070998][ T6697] netlink: 60 bytes leftover after parsing attributes in process `syz.6.15158'. [ 978.085867][ T6697] netlink: 60 bytes leftover after parsing attributes in process `syz.6.15158'. [ 978.803074][ T6740] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 978.803074][ T6740] The task syz.2.15178 (6740) triggered the difference, watch for misbehavior. [ 979.718886][ T38] kauditd_printk_skb: 30 callbacks suppressed [ 979.718916][ T38] audit: type=1800 audit(1779274594.417:72): pid=6755 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.15184" name="nullb0" dev="tmpfs" ino=14556 res=0 errno=0 [ 983.357488][T32659] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 983.980069][T32659] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 984.485541][T32659] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 984.836100][ T5625] Bluetooth: hci4: command 0x0406 tx timeout [ 985.099883][ T7020] netlink: 104 bytes leftover after parsing attributes in process `syz.3.15312'. [ 985.244512][T32659] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 985.571185][ T7043] netlink: 104 bytes leftover after parsing attributes in process `syz.2.15325'. [ 986.708556][ T7083] netlink: 8 bytes leftover after parsing attributes in process `syz.2.15343'. [ 987.157338][T32659] erspan0: left allmulticast mode [ 987.157372][T32659] erspan0: left promiscuous mode [ 987.157647][T32659] bridge0: port 3(erspan0) entered disabled state [ 987.326858][T32659] bridge_slave_1: left allmulticast mode [ 987.326884][T32659] bridge_slave_1: left promiscuous mode [ 987.373205][T32659] bridge0: port 2(bridge_slave_1) entered disabled state [ 987.536187][T32659] bridge_slave_0: left allmulticast mode [ 987.536225][T32659] bridge_slave_0: left promiscuous mode [ 987.538564][T32659] bridge0: port 1(bridge_slave_0) entered disabled state [ 987.562689][ T38] audit: type=1326 audit(1779274602.257:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7129 comm="syz.6.15359" exe="/root/ci-upstream-rust-kasan-gce/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbbff16ce59 code=0x0 [ 987.723825][T32659] dvmrp8: left allmulticast mode [ 988.834638][T32659] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 988.924069][T32659] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 988.956450][T32659] bond0 (unregistering): Released all slaves [ 988.978633][ T7107] veth1_macvtap: left promiscuous mode [ 988.978652][ T7107] macsec0: entered allmulticast mode [ 989.027095][ T7112] veth1_macvtap: entered promiscuous mode [ 989.027114][ T7112] veth1_macvtap: entered allmulticast mode [ 989.027264][ T7112] macsec0: left allmulticast mode [ 989.027275][ T7112] veth1_macvtap: left allmulticast mode [ 989.103794][ T5276] 8021q: adding VLAN 0 to HW filter on device eth5 [ 989.502468][ T38] audit: type=1326 audit(1779274604.197:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7178 comm="syz.3.15380" exe="/root/ci-upstream-rust-kasan-gce/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc5dd96ce59 code=0x0 [ 990.795956][ T5276] 8021q: adding VLAN 0 to HW filter on device eth6 [ 992.514287][T32659] hsr_slave_0: left promiscuous mode [ 992.576378][T32659] hsr_slave_1: left promiscuous mode [ 992.577552][T32659] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 992.577576][T32659] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 992.648793][T32659] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 992.648819][T32659] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 992.920744][ T1341] ieee802154 phy0 wpan0: encryption failed: -22 [ 992.920847][ T1341] ieee802154 phy1 wpan1: encryption failed: -22 [ 992.967312][T32659] veth1_macvtap: left promiscuous mode [ 992.967409][T32659] veth0_macvtap: left promiscuous mode [ 992.967695][T32659] veth1_vlan: left promiscuous mode [ 992.967872][T32659] veth0_vlan: left promiscuous mode [ 994.454779][T32659] team0 (unregistering): Port device team_slave_1 removed [ 994.537016][T32659] team0 (unregistering): Port device team_slave_0 removed [ 994.911447][ T5276] 8021q: adding VLAN 0 to HW filter on device eth7 [ 996.139850][ T5276] 8021q: adding VLAN 0 to HW filter on device eth8 [ 1000.112054][ T7544] binder: 7541:7544 ioctl c0306201 2000000001c0 returned -14 [ 1003.493434][ T7638] netlink: 24 bytes leftover after parsing attributes in process `syz.2.15574'. [ 1006.803251][ T7721] netlink: 'syz.3.15615': attribute type 62 has an invalid length. [ 1008.485701][ T7804] netlink: 'syz.2.15649': attribute type 62 has an invalid length. [ 1011.349464][ T7938] netlink: 56 bytes leftover after parsing attributes in process `syz.3.15698'. [ 1011.845828][ T7966] netlink: 4356 bytes leftover after parsing attributes in process `syz.3.15708'. [ 1011.845901][ T7966] netlink: 4356 bytes leftover after parsing attributes in process `syz.3.15708'. [ 1011.892586][ T7969] netlink: 56 bytes leftover after parsing attributes in process `syz.2.15710'. [ 1013.634273][ T8068] netlink: 'syz.2.15745': attribute type 178 has an invalid length. [ 1015.110732][ T8129] netlink: 4 bytes leftover after parsing attributes in process `syz.6.15772'. [ 1023.370218][ T8464] 9p: Bad value for 'rfdno' [ 1024.295618][ T8494] 9p: Bad value for 'rfdno' [ 1025.244602][ T8543] netlink: 790 bytes leftover after parsing attributes in process `syz.6.15968'. [ 1029.782825][ T8665] netlink: 128 bytes leftover after parsing attributes in process `syz.3.16028'. [ 1030.604118][ T8708] futex_wake_op: syz.2.16048 tries to shift op by 32; fix this program [ 1031.512379][ T8762] netlink: 'syz.3.16073': attribute type 16 has an invalid length. [ 1031.512404][ T8762] netlink: 'syz.3.16073': attribute type 3 has an invalid length. [ 1031.512419][ T8762] netlink: 64118 bytes leftover after parsing attributes in process `syz.3.16073'. [ 1032.465368][ T8795] netlink: 8 bytes leftover after parsing attributes in process `syz.2.16087'. [ 1032.601110][ T8800] netlink: 40 bytes leftover after parsing attributes in process `syz.6.16090'. [ 1032.939189][ T8820] netlink: 16 bytes leftover after parsing attributes in process `syz.3.16101'. [ 1032.939334][ T8820] netlink: 16 bytes leftover after parsing attributes in process `syz.3.16101'. [ 1034.183046][ T8841] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1035.057920][ T8841] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1035.780234][ T8841] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1036.198916][ T8841] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1036.509538][T32659] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1036.537628][T32659] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1036.567173][T32659] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1036.592091][T32659] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1036.805070][ T8941] netlink: 'syz.2.16159': attribute type 11 has an invalid length. [ 1041.980324][ T9141] netlink: 4 bytes leftover after parsing attributes in process `syz.3.16254'. [ 1042.631674][ T9177] netlink: 4 bytes leftover after parsing attributes in process `syz.3.16268'. [ 1044.054886][ T9214] netlink: 72 bytes leftover after parsing attributes in process `syz.2.16288'. [ 1048.113533][ T9371] netlink: 182 bytes leftover after parsing attributes in process `syz.3.16361'. [ 1049.096610][ T9407] netlink: 182 bytes leftover after parsing attributes in process `syz.2.16378'. [ 1052.050366][ T9553] netlink: 20 bytes leftover after parsing attributes in process `syz.3.16449'. [ 1052.497833][ T9575] overlayfs: invalid origin (0000) [ 1053.115499][ T9609] netlink: 8 bytes leftover after parsing attributes in process `syz.6.16475'. [ 1054.350232][ T1341] ieee802154 phy0 wpan0: encryption failed: -22 [ 1054.350322][ T1341] ieee802154 phy1 wpan1: encryption failed: -22 [ 1056.772666][ T9801] netlink: 104 bytes leftover after parsing attributes in process `syz.2.16565'. [ 1057.106053][ T38] audit: type=1804 audit(1779274671.797:75): pid=9819 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.16575" name="cgroup.controllers" dev="tmpfs" ino=10953 res=1 errno=0 [ 1057.106399][ T38] audit: type=1800 audit(1779274671.807:76): pid=9819 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.16575" name="cgroup.controllers" dev="tmpfs" ino=10953 res=0 errno=0 [ 1057.273466][ T9827] 9p: Bad value for 'rfdno' [ 1057.573233][ T38] audit: type=1804 audit(1779274672.267:77): pid=9842 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.16585" name="cgroup.controllers" dev="tmpfs" ino=16830 res=1 errno=0 [ 1057.573566][ T38] audit: type=1800 audit(1779274672.267:78): pid=9842 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.16585" name="cgroup.controllers" dev="tmpfs" ino=16830 res=0 errno=0 [ 1058.011222][ T9865] netlink: 4768 bytes leftover after parsing attributes in process `syz.2.16597'. [ 1058.014244][ T9865] netlink: 4228 bytes leftover after parsing attributes in process `syz.2.16597'. [ 1059.478547][ T9935] 9p: Bad value for 'rfdno' [ 1060.143615][ T9964] 9p: Bad value for 'rfdno' [ 1062.768357][T10062] netlink: 4 bytes leftover after parsing attributes in process `syz.3.16690'. [ 1062.768425][T10062] netlink: 4 bytes leftover after parsing attributes in process `syz.3.16690'. [ 1063.962778][ T38] audit: type=1326 audit(1779274678.657:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10079 comm="syz.6.16697" exe="/root/ci-upstream-rust-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbbff16ce59 code=0x7fc00000 [ 1065.108369][T10178] netlink: 4 bytes leftover after parsing attributes in process `syz.6.16745'. [ 1065.108436][T10178] netlink: 4 bytes leftover after parsing attributes in process `syz.6.16745'. [ 1067.017538][T10252] fuse: fd is not a fuse device [ 1067.025256][T10252] fuse: fd is not a fuse device [ 1067.555499][T10269] batadv_slave_1: entered promiscuous mode [ 1067.556572][T10268] batadv_slave_1: left promiscuous mode [ 1067.944204][ T38] audit: type=1326 audit(1779274682.637:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10296 comm="syz.2.16798" exe="/root/ci-upstream-rust-kasan-gce/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f69b29ece59 code=0x0 [ 1070.458010][T10415] virtio-fs: tag not found [ 1072.387157][T10520] netlink: 'syz.6.16897': attribute type 10 has an invalid length. [ 1072.513772][T10520] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 1072.522246][T10520] team0: Port device netdevsim1 added [ 1074.283488][T10613] netlink: 64 bytes leftover after parsing attributes in process `syz.2.16941'. [ 1076.064235][ T4930] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201' [ 1076.064273][ T4930] CPU: 1 UID: 0 PID: 4930 Comm: kworker/u9:1 Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 1076.064304][ T4930] Tainted: [L]=SOFTLOCKUP [ 1076.064312][ T4930] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1076.064327][ T4930] Workqueue: hci4 hci_rx_work [ 1076.064365][ T4930] Call Trace: [ 1076.064378][ T4930] [ 1076.064388][ T4930] dump_stack_lvl+0xe8/0x150 [ 1076.064419][ T4930] sysfs_create_dir_ns+0x271/0x2a0 [ 1076.064450][ T4930] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 1076.064477][ T4930] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 1076.064509][ T4930] ? rt_spin_unlock+0x160/0x200 [ 1076.064535][ T4930] kobject_add_internal+0x631/0xd10 [ 1076.064567][ T4930] kobject_add+0x163/0x240 [ 1076.064613][ T4930] ? __pfx_kobject_add+0x10/0x10 [ 1076.064644][ T4930] ? get_device_parent+0x370/0x3a0 [ 1076.064682][ T4930] device_add+0x408/0xb90 [ 1076.064712][ T4930] hci_conn_add_sysfs+0xd5/0x210 [ 1076.064760][ T4930] le_conn_complete_evt+0x10e6/0x16b0 [ 1076.064809][ T4930] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 1076.064847][ T4930] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 1076.064882][ T4930] ? lockdep_hardirqs_on+0x7a/0x110 [ 1076.064938][ T4930] ? skb_pull_data+0xfb/0x200 [ 1076.064968][ T4930] hci_le_enh_conn_complete_evt+0x189/0x490 [ 1076.065009][ T4930] ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10 [ 1076.065052][ T4930] hci_event_packet+0x659/0xef0 [ 1076.065091][ T4930] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 1076.065118][ T4930] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 1076.065163][ T4930] ? __pfx_hci_event_packet+0x10/0x10 [ 1076.065194][ T4930] ? rt_spin_unlock+0x14f/0x200 [ 1076.065232][ T4930] ? hci_send_to_monitor+0xe2/0x590 [ 1076.065262][ T4930] hci_rx_work+0x3ee/0x1040 [ 1076.065306][ T4930] ? process_one_work+0x8be/0x1630 [ 1076.065338][ T4930] process_one_work+0x98b/0x1630 [ 1076.065397][ T4930] ? __pfx_process_one_work+0x10/0x10 [ 1076.065429][ T4930] ? do_raw_spin_lock+0x12b/0x2f0 [ 1076.065484][ T4930] worker_thread+0xb49/0x1140 [ 1076.065535][ T4930] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 1076.065586][ T4930] kthread+0x389/0x470 [ 1076.065613][ T4930] ? __pfx_worker_thread+0x10/0x10 [ 1076.065646][ T4930] ? __pfx_kthread+0x10/0x10 [ 1076.065674][ T4930] ret_from_fork+0x514/0xb70 [ 1076.065707][ T4930] ? __pfx_ret_from_fork+0x10/0x10 [ 1076.065736][ T4930] ? __switch_to+0xc79/0x1410 [ 1076.065763][ T4930] ? __pfx_kthread+0x10/0x10 [ 1076.065791][ T4930] ret_from_fork_asm+0x1a/0x30 [ 1076.065842][ T4930] [ 1076.065903][ T4930] kobject: kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 1076.065947][ T4930] Bluetooth: hci4: failed to register connection device [ 1077.864165][ T4930] Bluetooth: hci4: command 0x0406 tx timeout [ 1077.908549][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805bd78800: rx timeout, send abort [ 1077.911255][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88805bd78800: 0x20000: (3) A timeout occurred and this is the connection abort to close the session. [ 1078.282592][T10748] netlink: 8 bytes leftover after parsing attributes in process `syz.2.17003'. [ 1078.283609][T10749] netlink: 64 bytes leftover after parsing attributes in process `syz.6.17001'. [ 1081.475347][T10813] netlink: 8 bytes leftover after parsing attributes in process `syz.3.17030'. [ 1082.258633][T10835] loop9: detected capacity change from 0 to 4096 [ 1082.408685][T32657] lo_rw_aio(loop9) starting read with raw_refcnt=0x1, refcnt=2 [ 1082.464744][T32657] lo_rw_aio(loop9) starting read with raw_refcnt=0x1, refcnt=2 [ 1082.494303][T32657] lo_rw_aio(loop9) starting read with raw_refcnt=0x1, refcnt=2 [ 1082.531688][T32659] lo_rw_aio(loop9) starting read with raw_refcnt=0x1, refcnt=2 [ 1082.565718][T32659] lo_rw_aio(loop9) starting read with raw_refcnt=0x1, refcnt=2 [ 1082.632856][T10849] fuse: fd is not a fuse device [ 1082.844809][ T9343] __loop_clr_fd(loop9) clearing lo_backing_file with raw_refcnt=0x0, refcnt=1 [ 1083.456542][T10882] trusted_key: encrypted_key: keyword 'n3Ny;xŠ‘gˆΡew' not recognized [ 1084.535007][T10876] kexec: Could not allocate control_code_buffer [ 1084.979453][T10907] netlink: 8 bytes leftover after parsing attributes in process `syz.6.17075'. [ 1086.049134][T10949] netlink: 8 bytes leftover after parsing attributes in process `syz.2.17095'. [ 1088.328689][T10997] netlink: 20 bytes leftover after parsing attributes in process `syz.6.17117'. [ 1094.742443][T11236] overlayfs: failed to clone upperpath [ 1096.708012][T11317] fuse: fd is not a fuse device [ 1103.456344][T11448] 9p: Bad value for 'cache' [ 1104.477232][T11499] netlink: 14 bytes leftover after parsing attributes in process `syz.2.17353'. [ 1110.136953][ T4930] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 1110.200238][ T4930] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 1110.202441][ T4930] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 1110.236125][ T4930] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 1110.238058][ T4930] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 1110.282790][ T32] usb 4-1: USB disconnect, device number 69 [ 1111.627255][T11508] bridge0: port 1(bridge_slave_0) entered blocking state [ 1111.627781][T11508] bridge0: port 1(bridge_slave_0) entered disabled state [ 1111.628115][T11508] bridge_slave_0: entered allmulticast mode [ 1111.631646][T11508] bridge_slave_0: entered promiscuous mode [ 1111.668346][T11508] bridge0: port 2(bridge_slave_1) entered blocking state [ 1111.668801][T11508] bridge0: port 2(bridge_slave_1) entered disabled state [ 1111.669086][T11508] bridge_slave_1: entered allmulticast mode [ 1111.672590][T11508] bridge_slave_1: entered promiscuous mode [ 1111.757097][T11508] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1111.777621][T11508] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1111.844016][T11508] team0: Port device team_slave_0 added [ 1111.849480][T11508] team0: Port device team_slave_1 added [ 1111.951557][T11508] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1111.951575][T11508] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1111.951605][T11508] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1111.999038][T11508] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1111.999057][T11508] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1111.999089][T11508] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1112.134837][T11508] hsr_slave_0: entered promiscuous mode [ 1112.137179][T11508] hsr_slave_1: entered promiscuous mode [ 1112.139050][T11508] debugfs: 'hsr0' already exists in 'hsr' [ 1112.139077][T11508] Cannot create hsr debugfs directory [ 1112.437755][ T5625] Bluetooth: hci5: command tx timeout [ 1113.558040][T11508] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 1113.595907][T11508] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 1113.597115][T11508] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 1113.641879][T11508] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 1113.643160][T11508] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 1113.680820][T11508] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 1113.681919][T11508] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 1113.722128][T11508] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 1113.966847][T11508] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1113.993523][T11508] 8021q: adding VLAN 0 to HW filter on device team0 [ 1114.028012][T32657] bridge0: port 1(bridge_slave_0) entered blocking state [ 1114.028811][T32657] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1114.153047][T32657] bridge0: port 2(bridge_slave_1) entered blocking state [ 1114.153166][T32657] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1114.509280][ T5625] Bluetooth: hci5: command tx timeout [ 1115.295285][T11508] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1115.605670][T11508] veth0_vlan: entered promiscuous mode [ 1115.620969][T11508] veth1_vlan: entered promiscuous mode [ 1115.672514][T11508] veth0_macvtap: entered promiscuous mode [ 1115.688603][T11508] veth1_macvtap: entered promiscuous mode [ 1115.742453][T11508] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1115.767509][T11508] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1115.800204][T32651] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1115.800440][T32651] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1115.800682][T32651] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1115.803198][ T1341] ieee802154 phy0 wpan0: encryption failed: -22 [ 1115.803267][ T1341] ieee802154 phy1 wpan1: encryption failed: -22 [ 1115.810400][T32651] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1116.605926][ T5625] Bluetooth: hci5: command tx timeout [ 1116.761818][T32655] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1116.761839][T32655] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1116.971129][ T150] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1116.971149][ T150] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1117.121076][T11508] __loop_clr_fd(loop7) clearing lo_backing_file with raw_refcnt=0x0, refcnt=1 [ 1117.738478][ T9] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 1117.886619][ T9] usb 8-1: config 1 interface 0 has no altsetting 0 [ 1117.892341][ T9] usb 8-1: string descriptor 0 read error: -22 [ 1117.892454][ T9] usb 8-1: New USB device found, idVendor=1532, idProduct=010d, bcdDevice= 0.40 [ 1117.892471][ T9] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1118.378896][ T9] razer 0003:1532:010D.004E: unknown main item tag 0x0 [ 1118.378934][ T9] razer 0003:1532:010D.004E: unknown main item tag 0x0 [ 1118.378963][ T9] razer 0003:1532:010D.004E: unknown main item tag 0x0 [ 1118.378992][ T9] razer 0003:1532:010D.004E: unknown main item tag 0x0 [ 1118.379020][ T9] razer 0003:1532:010D.004E: unknown main item tag 0x0 [ 1118.379048][ T9] razer 0003:1532:010D.004E: unknown main item tag 0x0 [ 1118.379076][ T9] razer 0003:1532:010D.004E: unknown main item tag 0x0 [ 1118.379105][ T9] razer 0003:1532:010D.004E: unknown main item tag 0x0 [ 1118.379133][ T9] razer 0003:1532:010D.004E: unknown main item tag 0x0 [ 1118.379161][ T9] razer 0003:1532:010D.004E: unknown main item tag 0x0 [ 1118.540372][ T9] razer 0003:1532:010D.004E: failed to enable macro keys: -71 [ 1118.553149][ T9] razer 0003:1532:010D.004E: hidraw0: USB HID vff.7f Device [HID 1532:010d] on usb-dummy_hcd.7-1/input0 [ 1118.596026][ T9] usb 8-1: USB disconnect, device number 2 [ 1118.653371][T11681] fido_id[11681]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.7/usb8/report_descriptor': No such file or directory [ 1118.663997][ T5625] Bluetooth: hci5: command tx timeout [ 1123.583080][T11843] netlink: 'syz.7.17493': attribute type 1 has an invalid length. [ 1123.583102][T11843] netlink: 'syz.7.17493': attribute type 4 has an invalid length. [ 1123.583118][T11843] netlink: 9462 bytes leftover after parsing attributes in process `syz.7.17493'. [ 1124.183508][T11870] netlink: 64 bytes leftover after parsing attributes in process `syz.2.17506'. [ 1124.354184][ T5622] usb 8-1: new full-speed USB device number 3 using dummy_hcd [ 1124.546832][ T5622] usb 8-1: unable to get BOS descriptor or descriptor too short [ 1124.550017][ T5622] usb 8-1: not running at top speed; connect to a high speed hub [ 1124.551160][ T5622] usb 8-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid maxpacket 1024, setting to 1023 [ 1124.551217][ T5622] usb 8-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 236, changing to 4 [ 1124.562522][ T5622] usb 8-1: New USB device found, idVendor=200c, idProduct=1018, bcdDevice= 0.40 [ 1124.562592][ T5622] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1124.562650][ T5622] usb 8-1: Product: syz [ 1124.562689][ T5622] usb 8-1: Manufacturer: syz [ 1124.562717][ T5622] usb 8-1: SerialNumber: syz [ 1124.867949][ T5622] usb 8-1: unit 3 not found! [ 1124.978985][ T5622] usb 8-1: USB disconnect, device number 3 [ 1125.055774][T11253] udevd[11253]: error opening ATTR{/sys/devices/platform/dummy_hcd.7/usb8/8-1/8-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1127.022268][T11988] overlayfs: failed to clone upperpath [ 1127.261839][T12002] overlayfs: failed to clone upperpath [ 1127.534042][ T5622] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 1127.704142][ T5622] usb 8-1: Using ep0 maxpacket: 16 [ 1127.714704][ T5622] usb 8-1: config 0 has no interfaces? [ 1127.716579][ T5622] usb 8-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 1127.716609][ T5622] usb 8-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 1127.716633][ T5622] usb 8-1: Product: syz [ 1127.716649][ T5622] usb 8-1: SerialNumber: syz [ 1127.725324][ T5622] usb 8-1: config 0 descriptor?? [ 1127.940537][ T5622] usb 8-1: USB disconnect, device number 4 [ 1128.804077][ T1247] usb 8-1: new full-speed USB device number 5 using dummy_hcd [ 1128.957651][ T1247] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1128.957681][ T1247] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1128.958845][ T1247] usb 8-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 1128.958875][ T1247] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 1128.958897][ T1247] usb 8-1: SerialNumber: syz [ 1129.258553][ T1247] usb 8-1: 0:2 : does not exist [ 1129.412700][ T1247] usb 8-1: USB disconnect, device number 5 [ 1129.495944][T11253] udevd[11253]: error opening ATTR{/sys/devices/platform/dummy_hcd.7/usb8/8-1/8-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1129.840554][T12108] fuse: root generation should be zero [ 1131.593893][T12170] overlayfs: failed to clone upperpath [ 1131.640395][T12162] sctp: [Deprecated]: syz.6.17644 (pid 12162) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1131.640395][T12162] Use struct sctp_sack_info instead [ 1132.674007][ T1247] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 1132.824242][ T1247] usb 8-1: Using ep0 maxpacket: 16 [ 1132.827003][ T1247] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 1132.827039][ T1247] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 1132.829843][ T1247] usb 8-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 1132.829861][ T1247] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1132.829875][ T1247] usb 8-1: Product: syz [ 1132.829884][ T1247] usb 8-1: Manufacturer: syz [ 1132.829894][ T1247] usb 8-1: SerialNumber: syz [ 1132.896746][ T1247] usb 8-1: config 0 descriptor?? [ 1132.926019][ T1247] em28xx 8-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 1132.926058][ T1247] em28xx 8-1:0.0: Audio interface 0 found (Vendor Class) [ 1133.519588][ T1247] em28xx 8-1:0.0: unknown em28xx chip ID (0) [ 1133.521213][ T1247] em28xx 8-1:0.0: Config register raw data: 0xe8 [ 1133.521238][ T1247] em28xx 8-1:0.0: I2S Audio (1 sample rate(s)) [ 1133.521256][ T1247] em28xx 8-1:0.0: No AC97 audio processor [ 1134.350523][ T5622] usb 8-1: USB disconnect, device number 6 [ 1136.722780][T12361] overlayfs: failed to clone upperpath [ 1137.035630][T12368] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 1138.220478][T12415] fuse: Bad value for 'fd' [ 1138.851545][ T5625] block nbd7: Receive control failed (result -32) [ 1139.151827][T12433] block nbd7: NBD_DISCONNECT [ 1139.152016][T12433] block nbd7: Send disconnect failed -32 [ 1139.441293][ T9] kernel write not supported for file /input/mice (pid: 9 comm: kworker/0:0) [ 1139.485861][T12433] block nbd7: shutting down sockets [ 1139.920362][T12480] tipc: Started in network mode [ 1139.920381][T12480] tipc: Node identity 4, cluster identity 4711 [ 1139.920394][T12480] tipc: Node number set to 4 [ 1141.202666][T12528] netlink: 4 bytes leftover after parsing attributes in process `syz.7.17812'. [ 1141.964255][ T1247] usb 8-1: new high-speed USB device number 7 using dummy_hcd [ 1142.006699][T12555] overlayfs: failed to clone upperpath [ 1142.113960][ T1247] usb 8-1: Using ep0 maxpacket: 32 [ 1142.116959][ T1247] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1142.117002][ T1247] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1142.117043][ T1247] usb 8-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 1142.117069][ T1247] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1142.166435][ T1247] usb 8-1: config 0 descriptor?? [ 1142.190058][ T1247] hub 8-1:0.0: USB hub found [ 1142.402617][ T1247] hub 8-1:0.0: 1 port detected [ 1142.836517][T12580] fuse: fd is not a fuse device [ 1143.062314][T17436] hub 8-1:0.0: activate --> -90 [ 1143.876357][ T1598] usb 8-1: USB disconnect, device number 7 [ 1145.217858][T12653] fuse: fd is not a fuse device [ 1145.671875][T12663] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 1145.671900][T12663] overlayfs: failed to set xattr on upper [ 1145.671908][T12663] overlayfs: ...falling back to redirect_dir=nofollow. [ 1145.671919][T12663] overlayfs: ...falling back to index=off. [ 1145.671928][T12663] overlayfs: ...falling back to uuid=null. [ 1145.671936][T12663] overlayfs: ...falling back to xino=off. [ 1146.817162][T12692] netlink: 4 bytes leftover after parsing attributes in process `syz.2.17883'. [ 1147.133941][ T5727] usb 8-1: new high-speed USB device number 8 using dummy_hcd [ 1147.294112][ T5727] usb 8-1: Using ep0 maxpacket: 32 [ 1147.297813][ T5727] usb 8-1: config 2 has an invalid interface number: 88 but max is 0 [ 1147.297833][ T5727] usb 8-1: config 2 has no interface number 0 [ 1147.297867][ T5727] usb 8-1: config 2 interface 88 altsetting 7 bulk endpoint 0x6 has invalid maxpacket 256 [ 1147.297887][ T5727] usb 8-1: config 2 interface 88 has no altsetting 0 [ 1147.300574][ T5727] usb 8-1: New USB device found, idVendor=0557, idProduct=2009, bcdDevice=c7.06 [ 1147.300610][ T5727] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1147.300646][ T5727] usb 8-1: Product: syz [ 1147.300666][ T5727] usb 8-1: Manufacturer: syz [ 1147.300682][ T5727] usb 8-1: SerialNumber: syz [ 1147.376719][T12693] raw-gadget.1 gadget.7: fail, usb_ep_enable returned -22 [ 1147.596964][T12693] raw-gadget.1 gadget.7: fail, usb_ep_enable returned -22 [ 1148.601758][ T5727] asix 8-1:2.88 (unnamed net_device) (uninitialized): invalid hw address, using random [ 1148.811902][ T5727] asix 8-1:2.88 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 1148.811931][ T5727] asix 8-1:2.88 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9 [ 1148.812168][ T5727] asix 8-1:2.88: probe with driver asix failed with error -71 [ 1148.865747][ T5727] usb 8-1: USB disconnect, device number 8 [ 1149.640728][ T38] audit: type=1804 audit(1779274764.327:81): pid=12788 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.17927" name="bus" dev="ramfs" ino=143954 res=1 errno=0 [ 1150.561501][ T5727] usb 8-1: new high-speed USB device number 9 using dummy_hcd [ 1150.792523][ T5727] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 1150.792555][ T5727] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 1150.792590][ T5727] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 1150.792611][ T5727] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1150.846155][T12812] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22 [ 1150.922580][ T5727] usb 8-1: Quirk or no altset; falling back to MIDI 1.0 [ 1151.439297][ T5727] usb 8-1: USB disconnect, device number 9 [ 1154.432581][T12930] input: syz1 as /devices/virtual/input/input50 [ 1154.718810][T12938] binder: 12937:12938 ioctl c0306201 200000000080 returned -14 [ 1154.721250][T12938] binder: 12937:12938 ioctl c0306201 2000000003c0 returned -14 [ 1155.993382][T12988] netlink: 348 bytes leftover after parsing attributes in process `syz.6.18012'. [ 1156.399514][T13009] netlink: 8 bytes leftover after parsing attributes in process `syz.6.18021'. [ 1156.399540][T13009] netlink: 8 bytes leftover after parsing attributes in process `syz.6.18021'. [ 1157.096380][ T9] usb 8-1: new high-speed USB device number 10 using dummy_hcd [ 1157.244652][ T9] usb 8-1: Using ep0 maxpacket: 16 [ 1157.246444][ T9] usb 8-1: config 0 has an invalid descriptor of length 27, skipping remainder of the config [ 1157.246500][ T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1157.246532][ T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 24832, setting to 1024 [ 1157.246562][ T9] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 1024 [ 1157.246590][ T9] usb 8-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1157.248552][ T9] usb 8-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 1157.248579][ T9] usb 8-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 1157.248601][ T9] usb 8-1: Manufacturer: syz [ 1157.282388][ T9] usb 8-1: config 0 descriptor?? [ 1157.563662][T13055] fuse: fd is not a fuse device [ 1157.685930][ T9] rc_core: IR keymap rc-hauppauge not found [ 1157.685953][ T9] Registered IR keymap rc-empty [ 1157.689653][ T9] mceusb 8-1:0.0: Error: mce write urb status = -71 [ 1157.715380][ T9] mceusb 8-1:0.0: Error: mce write urb status = -71 [ 1157.738900][ T9] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.7/usb8/8-1/8-1:0.0/rc/rc0 [ 1157.755621][ T9] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.7/usb8/8-1/8-1:0.0/rc/rc0/input51 [ 1157.773673][ T9] mceusb 8-1:0.0: Error: mce write urb status = -71 [ 1157.859875][ T9] mceusb 8-1:0.0: Error: mce write urb status = -71 [ 1157.885409][ T9] mceusb 8-1:0.0: Error: mce write urb status = -71 [ 1157.927850][ T9] mceusb 8-1:0.0: Error: mce write urb status = -71 [ 1157.945343][ T9] mceusb 8-1:0.0: Error: mce write urb status = -71 [ 1157.964593][ T9] mceusb 8-1:0.0: Error: mce write urb status = -71 [ 1157.984306][ T9] mceusb 8-1:0.0: Error: mce write urb status = -71 [ 1158.004463][ T9] mceusb 8-1:0.0: Error: mce write urb status = -71 [ 1158.025406][ T9] mceusb 8-1:0.0: Error: mce write urb status = -71 [ 1158.050586][ T9] mceusb 8-1:0.0: Error: mce write urb status = -71 [ 1158.071113][ T9] mceusb 8-1:0.0: Registered 424242424242 with mce emulator interface version 1 [ 1158.071137][ T9] mceusb 8-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 1158.096314][ T9] usb 8-1: USB disconnect, device number 10 [ 1158.904116][ T5727] usb 8-1: new high-speed USB device number 11 using dummy_hcd [ 1159.090953][ T5727] usb 8-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 1159.090983][ T5727] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1159.091003][ T5727] usb 8-1: Product: syz [ 1159.091017][ T5727] usb 8-1: Manufacturer: syz [ 1159.091031][ T5727] usb 8-1: SerialNumber: syz [ 1159.553577][ T5727] net_ratelimit: 19 callbacks suppressed [ 1159.553596][ T5727] lan78xx 8-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPIPE [ 1159.553636][ T5727] lan78xx 8-1:1.0 (unnamed net_device) (uninitialized): Failed to sync IRQ enable register: -EPIPE [ 1160.793419][ T5727] lan78xx 8-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -EPIPE [ 1160.809281][ T5727] lan78xx 8-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00001000. ret = -EPIPE [ 1161.012527][ T5727] lan78xx 8-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00000118. ret = -EPROTO [ 1161.012587][ T5727] lan78xx 8-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED.... [ 1161.079843][ T5727] lan78xx 8-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 1161.113715][ T5727] lan78xx 8-1:1.0: probe with driver lan78xx failed with error -71 [ 1161.152538][ T5727] usb 8-1: USB disconnect, device number 11 [ 1166.419695][T13242] netlink: 8 bytes leftover after parsing attributes in process `syz.7.18125'. [ 1166.453702][T13242] comedi comedi3: pcl812: I/O port conflict (0x100,16) [ 1167.779439][T13258] tipc: Started in network mode [ 1167.779459][T13258] tipc: Node identity 4, cluster identity 4711 [ 1167.779473][T13258] tipc: Node number set to 4 [ 1169.485694][T17436] usb 8-1: new high-speed USB device number 12 using dummy_hcd [ 1169.664468][T17436] usb 8-1: Using ep0 maxpacket: 16 [ 1169.671259][T17436] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1169.671282][T17436] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1169.673644][T17436] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1169.673674][T17436] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1169.673696][T17436] usb 8-1: Product: syz [ 1169.673713][T17436] usb 8-1: Manufacturer: syz [ 1169.673729][T17436] usb 8-1: SerialNumber: syz [ 1169.709924][T17436] usb 8-1: 0:2 : does not exist [ 1169.909278][T17436] usb 8-1: 5:0: failed to get current value for ch 0 (-22) [ 1170.057549][T17436] usb 8-1: USB disconnect, device number 12 [ 1170.170108][T12694] udevd[12694]: error opening ATTR{/sys/devices/platform/dummy_hcd.7/usb8/8-1/8-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1170.240530][T13341] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 1170.240559][T13341] overlayfs: failed to set xattr on upper [ 1170.240569][T13341] overlayfs: ...falling back to redirect_dir=nofollow. [ 1170.240579][T13341] overlayfs: ...falling back to index=off. [ 1170.240588][T13341] overlayfs: ...falling back to uuid=null. [ 1170.375890][T13341] overlayfs: overlay with incompat feature 'volatile' cannot be mounted [ 1172.727881][T13412] netlink: 28 bytes leftover after parsing attributes in process `syz.2.18203'. [ 1173.706424][ T5727] usb 8-1: new high-speed USB device number 13 using dummy_hcd [ 1173.864010][ T5727] usb 8-1: Using ep0 maxpacket: 16 [ 1173.866328][ T5727] usb 8-1: too many configurations: 123, using maximum allowed: 8 [ 1173.867815][ T5727] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1173.868860][ T5727] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1173.870060][ T5727] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1173.871302][ T5727] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1173.872553][ T5727] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1173.948573][ T5727] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1173.950406][ T5727] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1173.951923][ T5727] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1173.986717][ T5727] usb 8-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00 [ 1173.986751][ T5727] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=45 [ 1173.986776][ T5727] usb 8-1: SerialNumber: syz [ 1174.016228][ T5727] usb 8-1: config 0 descriptor?? [ 1174.031976][ T5727] input: bcm5974 as /devices/platform/dummy_hcd.7/usb8/8-1/8-1:0.0/input/input52 [ 1174.233306][ T4966] bcm5974 8-1:0.0: could not read from device [ 1174.240893][ T5727] usb 8-1: USB disconnect, device number 13 [ 1174.272468][T11253] bcm5974 8-1:0.0: could not read from device [ 1175.258640][ T38] audit: type=1326 audit(1779274789.957:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13496 comm="syz.2.18244" exe="/root/ci-upstream-rust-kasan-gce/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f69b29ece59 code=0x0 [ 1175.564610][ T162] Bluetooth: hci6: Frame reassembly failed (-84) [ 1177.231102][ T1341] ieee802154 phy0 wpan0: encryption failed: -22 [ 1177.231209][ T1341] ieee802154 phy1 wpan1: encryption failed: -22 [ 1177.544899][ T5625] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 1178.131673][T13628] tmpfs: Bad value for 'mpol' [ 1179.363964][ T5727] usb 8-1: new full-speed USB device number 14 using dummy_hcd [ 1179.517590][ T5727] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1179.517617][ T5727] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1179.542998][ T5727] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1179.543041][ T5727] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1179.543064][ T5727] usb 8-1: Product: syz [ 1179.543081][ T5727] usb 8-1: Manufacturer: syz [ 1179.543098][ T5727] usb 8-1: SerialNumber: syz [ 1179.600174][ T5727] usb 8-1: 0:2 : does not exist [ 1179.600278][ T5727] usb 8-1: unit 9 not found! [ 1179.797860][ T5727] usb 8-1: USB disconnect, device number 14 [ 1179.990115][T13706] syz.2.18349 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 1180.211833][T13716] hpfs: Bad magic ... probably not HPFS [ 1180.556395][ T5625] Bluetooth: hci4: unexpected cc 0x042e length: 1 < 7 [ 1180.556443][ T5625] Bluetooth: hci4: unexpected event for opcode 0x042e [ 1182.073948][ T9] usb 8-1: new full-speed USB device number 15 using dummy_hcd [ 1182.237215][ T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid maxpacket 33437, setting to 64 [ 1182.237253][ T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 1182.257436][ T9] usb 8-1: New USB device found, idVendor=054c, idProduct=06c1, bcdDevice=c2.87 [ 1182.257533][ T9] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1182.257595][ T9] usb 8-1: Product: syz [ 1182.257635][ T9] usb 8-1: Manufacturer: syz [ 1182.257676][ T9] usb 8-1: SerialNumber: syz [ 1182.308396][ T9] usb 8-1: config 0 descriptor?? [ 1182.309176][T13792] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22 [ 1182.391096][ C0] port100 8-1:0.0: NFC: Urb failure (status -71) [ 1182.412170][ T9] port100 8-1:0.0: NFC: Could not get supported command types [ 1182.526715][ T9] usb 8-1: USB disconnect, device number 15 [ 1183.226266][T13856] can: request_module (can-proto-4) failed. [ 1183.413943][ T5622] usb 8-1: new high-speed USB device number 16 using dummy_hcd [ 1183.568945][ T5622] usb 8-1: config 255 has an invalid interface number: 97 but max is 0 [ 1183.568974][ T5622] usb 8-1: config 255 has no interface number 0 [ 1183.569026][ T5622] usb 8-1: config 255 interface 97 has no altsetting 0 [ 1183.571306][ T5622] usb 8-1: New USB device found, idVendor=0424, idProduct=cf19, bcdDevice=71.90 [ 1183.571350][ T5622] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1183.571370][ T5622] usb 8-1: Product: syz [ 1183.571386][ T5622] usb 8-1: Manufacturer: syz [ 1183.571401][ T5622] usb 8-1: SerialNumber: syz [ 1183.878209][ T5622] rndis_host 8-1:255.97: ACM capabilities 01, not really RNDIS? [ 1183.931921][ T5622] usb 8-1: USB disconnect, device number 16 [ 1184.248822][T13904] netlink: 8 bytes leftover after parsing attributes in process `syz.2.18445'. [ 1184.773979][ T5622] usb 8-1: new high-speed USB device number 17 using dummy_hcd [ 1184.965128][ T5622] usb 8-1: Using ep0 maxpacket: 16 [ 1184.972705][ T5622] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1184.972762][ T5622] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1184.972806][ T5622] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 24832, setting to 1024 [ 1184.972834][ T5622] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 1024 [ 1184.972859][ T5622] usb 8-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1184.981114][ T5622] usb 8-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 1184.981144][ T5622] usb 8-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 1184.981166][ T5622] usb 8-1: Manufacturer: syz [ 1185.070989][ T5622] usb 8-1: config 0 descriptor?? [ 1185.357833][ T5622] rc_core: IR keymap rc-hauppauge not found [ 1185.357855][ T5622] Registered IR keymap rc-empty [ 1185.359927][ T5622] mceusb 8-1:0.0: Error: mce write urb status = -71 [ 1185.374781][ T5622] mceusb 8-1:0.0: Error: mce write urb status = -71 [ 1185.403654][ T5622] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.7/usb8/8-1/8-1:0.0/rc/rc0 [ 1185.429581][ T5622] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.7/usb8/8-1/8-1:0.0/rc/rc0/input53 [ 1185.453104][ T5622] mceusb 8-1:0.0: Error: mce write urb status = -71 [ 1185.464544][ T5622] mceusb 8-1:0.0: Error: mce write urb status = -71 [ 1185.484807][ T5622] mceusb 8-1:0.0: Error: mce write urb status = -71 [ 1185.504765][ T5622] mceusb 8-1:0.0: Error: mce write urb status = -71 [ 1185.534408][ T5622] mceusb 8-1:0.0: Error: mce write urb status = -71 [ 1185.560896][ T5622] mceusb 8-1:0.0: Error: mce write urb status = -71 [ 1185.584731][ T5622] mceusb 8-1:0.0: Error: mce write urb status = -71 [ 1185.604642][ T5622] mceusb 8-1:0.0: Error: mce write urb status = -71 [ 1185.624717][ T5622] mceusb 8-1:0.0: Error: mce write urb status = -71 [ 1185.636851][T13959] netlink: 8 bytes leftover after parsing attributes in process `syz.2.18472'. [ 1185.650623][ T5622] mceusb 8-1:0.0: Error: mce write urb status = -71 [ 1185.738885][ T5622] mceusb 8-1:0.0: Registered 424242424242 with mce emulator interface version 1 [ 1185.738911][ T5622] mceusb 8-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 1185.779175][ T5622] usb 8-1: USB disconnect, device number 17 [ 1186.409783][T13986] netlink: 8 bytes leftover after parsing attributes in process `syz.2.18484'. [ 1187.551789][T14034] netlink: 8 bytes leftover after parsing attributes in process `syz.6.18507'. [ 1187.565449][T14034] comedi comedi3: pcl812: I/O port conflict (0x100,16) [ 1188.557829][T14069] sg_write: data in/out 327903/136 bytes for SCSI command 0xc7-- guessing data in; [ 1188.557829][T14069] program syz.7.18525 not setting count and/or reply_len properly [ 1189.283606][T14105] netlink: 8 bytes leftover after parsing attributes in process `syz.7.18543'. [ 1189.292229][T14105] comedi comedi3: pcl812: I/O port conflict (0x100,16) [ 1189.483575][T14115] netlink: 8 bytes leftover after parsing attributes in process `syz.2.18547'. [ 1189.483602][T14115] netlink: 8 bytes leftover after parsing attributes in process `syz.2.18547'. [ 1189.844010][ T1247] usb 8-1: new high-speed USB device number 18 using dummy_hcd [ 1190.000784][ T1247] usb 8-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02 [ 1190.000817][ T1247] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1190.000839][ T1247] usb 8-1: Product: syz [ 1190.000855][ T1247] usb 8-1: Manufacturer: syz [ 1190.000871][ T1247] usb 8-1: SerialNumber: syz [ 1190.046558][ T1247] usb 8-1: config 0 descriptor?? [ 1190.074948][ T1247] gspca_main: sunplus-2.14.0 probing 04fc:504a [ 1190.463410][ T1247] gspca_sunplus: reg_w_riv err -71 [ 1190.463507][ T1247] sunplus 8-1:0.0: probe with driver sunplus failed with error -71 [ 1190.536141][ T1247] usb 8-1: USB disconnect, device number 18 [ 1190.786840][T14167] openvswitch: netlink: Actions may not be safe on all matching packets [ 1192.336911][T14217] netlink: 8 bytes leftover after parsing attributes in process `syz.6.18596'. [ 1192.391685][T14217] comedi comedi3: pcl812: I/O port conflict (0x100,16) [ 1193.108921][T14240] netlink: 8 bytes leftover after parsing attributes in process `syz.7.18607'. [ 1193.112405][T14240] comedi comedi3: pcl812: I/O port conflict (0x100,16) [ 1193.764035][ T1247] usb 8-1: new high-speed USB device number 19 using dummy_hcd [ 1193.894010][ T1247] usb 8-1: device descriptor read/64, error -71 [ 1194.143973][ T1247] usb 8-1: new high-speed USB device number 20 using dummy_hcd [ 1194.274985][ T1247] usb 8-1: device descriptor read/64, error -71 [ 1194.411607][ T1247] usb usb8-port1: attempt power cycle [ 1194.759510][ T1247] usb 8-1: new high-speed USB device number 21 using dummy_hcd [ 1194.774814][ T1247] usb 8-1: device descriptor read/8, error -71 [ 1195.014042][ T1247] usb 8-1: new high-speed USB device number 22 using dummy_hcd [ 1195.035665][ T1247] usb 8-1: device descriptor read/8, error -71 [ 1195.144302][ T1247] usb usb8-port1: unable to enumerate USB device [ 1195.523291][T14360] netlink: 8 bytes leftover after parsing attributes in process `syz.6.18664'. [ 1195.539780][T14360] comedi comedi3: pcl812: I/O port conflict (0x100,16) [ 1195.821867][T14374] netlink: 28 bytes leftover after parsing attributes in process `syz.2.18671'. [ 1196.690733][T14418] netlink: 'syz.2.18692': attribute type 7 has an invalid length. [ 1197.586541][T14461] netlink: 'syz.7.18714': attribute type 41 has an invalid length. [ 1198.752073][ T5625] Bluetooth: hci4: Malformed LE Event: 0x0d [ 1199.162777][T14536] bond0: (slave sit0): refused to change device type [ 1199.441248][T14550] comedi comedi3: pcl812: I/O port conflict (0x100,16) [ 1199.556760][T14555] rtc_cmos PNP0B00:00: Alarms can be up to one day in the future [ 1199.855753][T14571] netlink: zone id is out of range [ 1199.855773][T14571] netlink: zone id is out of range [ 1199.855782][T14571] netlink: get zone limit has 4 unknown bytes [ 1200.024840][T14578] comedi comedi3: pcl812: I/O port conflict (0x100,16) [ 1200.370279][T14591] comedi comedi3: pcl812: I/O port conflict (0x100,16) [ 1200.890831][T14617] netlink: 8 bytes leftover after parsing attributes in process `syz.2.18792'. [ 1202.187497][T14680] netlink: 8 bytes leftover after parsing attributes in process `syz.7.18822'. [ 1202.190894][T14680] comedi comedi3: pcl812: I/O port conflict (0x100,16) [ 1202.637137][T14701] netlink: 8 bytes leftover after parsing attributes in process `syz.2.18832'. [ 1203.244074][ T5622] usb 8-1: new high-speed USB device number 23 using dummy_hcd [ 1203.414938][ T5622] usb 8-1: Using ep0 maxpacket: 16 [ 1203.418542][ T5622] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1203.418571][ T5622] usb 8-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 1203.419778][ T5622] usb 8-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 1203.419819][ T5622] usb 8-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 1203.419847][ T5622] usb 8-1: Manufacturer: syz [ 1203.479620][ T5622] usb 8-1: config 0 descriptor?? [ 1206.005294][ T1247] usb 8-1: USB disconnect, device number 23 [ 1206.569490][T14884] netlink: 8 bytes leftover after parsing attributes in process `syz.6.18920'. [ 1206.610659][T14884] comedi comedi3: pcl812: I/O port conflict (0x100,16) [ 1206.726137][T14891] netlink: 'syz.7.18922': attribute type 27 has an invalid length. [ 1207.012360][T14906] 8-Ίρ4: renamed from veth1_vlan (while UP) [ 1207.084019][T14908] netlink: 8 bytes leftover after parsing attributes in process `syz.7.18933'. [ 1207.096762][T14908] comedi comedi3: pcl812: I/O port conflict (0x100,16) [ 1207.321795][T14918] sg_write: data in/out 458975/136 bytes for SCSI command 0xc7-- guessing data in; [ 1207.321795][T14918] program syz.7.18938 not setting count and/or reply_len properly [ 1208.635448][T14986] netlink: 830 bytes leftover after parsing attributes in process `syz.2.18979'. [ 1209.315740][T15022] netlink: 144 bytes leftover after parsing attributes in process `syz.2.18990'. [ 1209.764158][ T9] usb 8-1: new high-speed USB device number 24 using dummy_hcd [ 1209.807918][ T5625] Bluetooth: hci4: unexpected event for opcode 0x0c26 [ 1209.927140][ T9] usb 8-1: Using ep0 maxpacket: 16 [ 1209.930554][ T9] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1209.930609][ T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1209.930642][ T9] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 1209.943121][ T9] usb 8-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 1209.943192][ T9] usb 8-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 1209.943249][ T9] usb 8-1: Manufacturer: syz [ 1210.018143][ T9] usb 8-1: config 0 descriptor?? [ 1211.263406][T15118] binder: 15117:15118 ioctl c0306201 200000000040 returned -22 [ 1211.497584][T15131] netlink: 'syz.6.19042': attribute type 1 has an invalid length. [ 1211.497606][T15131] netlink: 224 bytes leftover after parsing attributes in process `syz.6.19042'. [ 1212.528952][ T9] usb 8-1: USB disconnect, device number 24 [ 1212.825758][T15196] random: crng reseeded on system resumption [ 1213.191098][T15212] program syz.6.19080 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1213.273978][ T5622] usb 8-1: new high-speed USB device number 25 using dummy_hcd [ 1213.425149][ T5622] usb 8-1: Using ep0 maxpacket: 16 [ 1213.479658][T32659] Bluetooth: hci6: Frame reassembly failed (-84) [ 1213.481988][ T5622] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1213.482039][ T5622] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1213.482066][ T5622] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 1213.510740][ T5622] usb 8-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 1213.510771][ T5622] usb 8-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 1213.510793][ T5622] usb 8-1: Manufacturer: syz [ 1213.559622][ T5622] usb 8-1: config 0 descriptor?? [ 1215.555141][ T5625] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 1215.957633][ T5629] usb 8-1: USB disconnect, device number 25 [ 1216.161806][T15358] comedi comedi3: pcl812: I/O port conflict (0x100,16) [ 1216.651731][T15381] netlink: 12 bytes leftover after parsing attributes in process `syz.2.19162'. [ 1216.764017][ T9] usb 8-1: new high-speed USB device number 26 using dummy_hcd [ 1216.913994][ T9] usb 8-1: Using ep0 maxpacket: 16 [ 1216.921586][ T9] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1216.921651][ T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1216.921679][ T9] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 1216.922833][ T9] usb 8-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 1216.922862][ T9] usb 8-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 1216.922883][ T9] usb 8-1: Manufacturer: syz [ 1216.975052][ T9] usb 8-1: config 0 descriptor?? [ 1218.434215][ T5625] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 1219.517799][ T5622] usb 8-1: USB disconnect, device number 26 [ 1219.743035][T15521] 9pnet_fd: p9_fd_create_unix (15521): address too long: ./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 1220.244306][ T37] usb 8-1: new high-speed USB device number 27 using dummy_hcd [ 1220.393889][ T37] usb 8-1: Using ep0 maxpacket: 16 [ 1220.402308][ T37] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1220.402361][ T37] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1220.402390][ T37] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 1220.453991][ T37] usb 8-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 1220.454034][ T37] usb 8-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 1220.454057][ T37] usb 8-1: Manufacturer: syz [ 1220.523266][ T37] usb 8-1: config 0 descriptor?? [ 1220.688918][T15565] netlink: 8 bytes leftover after parsing attributes in process `syz.2.19252'. [ 1222.593483][T15672] overlayfs: failed to clone lowerpath [ 1222.992589][ T5622] usb 8-1: USB disconnect, device number 27 [ 1223.161318][T15699] comedi comedi3: pcl812: I/O port conflict (0x100,16) [ 1223.503976][ T5622] usb 8-1: new high-speed USB device number 28 using dummy_hcd [ 1223.654464][ T5622] usb 8-1: Using ep0 maxpacket: 16 [ 1223.657158][ T5622] usb 8-1: unable to get BOS descriptor or descriptor too short [ 1223.658525][ T5622] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1223.658574][ T5622] usb 8-1: config 1 interface 0 altsetting 127 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 1223.658602][ T5622] usb 8-1: config 1 interface 0 has no altsetting 0 [ 1223.707250][ T5622] usb 8-1: New USB device found, idVendor=05ac, idProduct=0242, bcdDevice= 0.40 [ 1223.707280][ T5622] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1223.707301][ T5622] usb 8-1: Product: syz [ 1223.707316][ T5622] usb 8-1: Manufacturer: syz [ 1223.707331][ T5622] usb 8-1: SerialNumber: syz [ 1223.754621][ T5622] input: bcm5974 as /devices/platform/dummy_hcd.7/usb8/8-1/8-1:1.0/input/input56 [ 1223.926593][ T4966] bcm5974 8-1:1.0: could not read from device [ 1223.994856][ T4966] bcm5974 8-1:1.0: could not read from device [ 1224.006419][ T5622] usb 8-1: USB disconnect, device number 28 [ 1225.030126][T15784] netlink: 620 bytes leftover after parsing attributes in process `syz.2.19361'. [ 1225.674212][T15815] program syz.6.19376 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1225.743151][T15818] netlink: 8 bytes leftover after parsing attributes in process `syz.7.19377'. [ 1226.094061][ T5727] usb 8-1: new high-speed USB device number 29 using dummy_hcd [ 1226.268825][ T5727] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 1226.268857][ T5727] usb 8-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 1226.268879][ T5727] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 1226.268929][ T5727] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 1226.268950][ T5727] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 1226.270832][ T5727] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 1226.270860][ T5727] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 1226.270880][ T5727] usb 8-1: Product: syz [ 1226.270899][ T5727] usb 8-1: Manufacturer: syz [ 1226.316954][ T5727] cdc_wdm 8-1:1.0: skipping garbage [ 1226.317012][ T5727] cdc_wdm 8-1:1.0: skipping garbage [ 1226.404181][ T5727] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device [ 1226.404203][ T5727] cdc_wdm 8-1:1.0: Unknown control protocol [ 1226.765735][ T5629] usb 8-1: USB disconnect, device number 29 [ 1227.391437][T15891] comedi comedi3: pcl812: I/O port conflict (0x100,16) [ 1227.607129][T15901] comedi comedi3: pcl812: I/O port conflict (0x100,16) [ 1227.954139][ T5625] Bluetooth: hci6: command 0x1003 tx timeout [ 1227.954545][ T4930] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 1228.176114][T15926] ptrace attach of "ci-upstream-rust-kasan-gce/syz-executor exec"[5614] was attempted by ""[15926] [ 1228.846326][T15952] fuse: fd is not a fuse device [ 1228.910329][T15956] netlink: 20 bytes leftover after parsing attributes in process `syz.2.19444'. [ 1228.910768][T15956] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'syz0' [ 1229.595602][T15987] netlink: 8 bytes leftover after parsing attributes in process `syz.7.19459'. [ 1229.853005][T16001] netlink: 8 bytes leftover after parsing attributes in process `syz.7.19466'. [ 1229.935059][ T37] IPVS: starting estimator thread 0... [ 1230.065769][T16006] IPVS: using max 11 ests per chain, 26400 per kthread [ 1231.241756][T16058] comedi comedi3: pcl818: I/O port conflict (0x100,16) [ 1233.684380][ T37] usb 8-1: new high-speed USB device number 30 using dummy_hcd [ 1233.834804][ T37] usb 8-1: Using ep0 maxpacket: 16 [ 1233.837461][ T37] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1233.837519][ T37] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1233.837552][ T37] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 24832, setting to 1024 [ 1233.837582][ T37] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 1024 [ 1233.837610][ T37] usb 8-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1233.839376][ T37] usb 8-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 1233.839405][ T37] usb 8-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 1233.839426][ T37] usb 8-1: Manufacturer: syz [ 1233.930352][ T37] usb 8-1: config 0 descriptor?? [ 1234.276721][ T37] rc_core: IR keymap rc-hauppauge not found [ 1234.276745][ T37] Registered IR keymap rc-empty [ 1234.277270][ T37] mceusb 8-1:0.0: Error: mce write urb status = -71 [ 1234.309555][ T37] mceusb 8-1:0.0: Error: mce write urb status = -71 [ 1234.326249][ T37] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.7/usb8/8-1/8-1:0.0/rc/rc0 [ 1234.330407][ T37] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.7/usb8/8-1/8-1:0.0/rc/rc0/input57 [ 1234.364321][ T37] mceusb 8-1:0.0: Error: mce write urb status = -71 [ 1234.395729][ T37] mceusb 8-1:0.0: Error: mce write urb status = -71 [ 1234.425293][ T37] mceusb 8-1:0.0: Error: mce write urb status = -71 [ 1234.444309][ T37] mceusb 8-1:0.0: Error: mce write urb status = -71 [ 1234.474552][ T37] mceusb 8-1:0.0: Error: mce write urb status = -71 [ 1234.494347][ T37] mceusb 8-1:0.0: Error: mce write urb status = -71 [ 1234.515772][ T37] mceusb 8-1:0.0: Error: mce write urb status = -71 [ 1234.534607][ T37] mceusb 8-1:0.0: Error: mce write urb status = -71 [ 1234.565034][ T37] mceusb 8-1:0.0: Error: mce write urb status = -71 [ 1234.594632][ T37] mceusb 8-1:0.0: Error: mce write urb status = -71 [ 1234.639585][ T37] mceusb 8-1:0.0: Registered 424242424242 with mce emulator interface version 1 [ 1234.639613][ T37] mceusb 8-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 1234.698157][ T37] usb 8-1: USB disconnect, device number 30 [ 1235.485936][T16193] netlink: 8 bytes leftover after parsing attributes in process `syz.2.19554'. [ 1235.632793][T15825] Bluetooth: hci5: command 0x0406 tx timeout [ 1236.667770][ T4930] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 1236.676564][ T5625] Bluetooth: hci6: command 0x1003 tx timeout [ 1237.394474][T13508] Bluetooth: hci7: Opcode 0x1003 failed: -110 [ 1237.633265][T13508] Bluetooth: hci5: unexpected event for opcode 0x0c1a [ 1238.677374][ T1341] ieee802154 phy0 wpan0: encryption failed: -22 [ 1238.677479][ T1341] ieee802154 phy1 wpan1: encryption failed: -22 [ 1239.028296][T16321] netlink: 'syz.2.19619': attribute type 3 has an invalid length. [ 1239.028313][T16321] netlink: 666 bytes leftover after parsing attributes in process `syz.2.19619'. [ 1240.904014][T13508] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 1240.909175][ T4930] Bluetooth: hci6: command 0x1003 tx timeout [ 1241.419181][T16414] comedi comedi3: pcl812: I/O port conflict (0x100,16) [ 1241.669986][T16426] sctp: [Deprecated]: syz.2.19670 (pid 16426) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1241.669986][T16426] Use struct sctp_sack_info instead [ 1241.670440][T16426] sctp: [Deprecated]: syz.2.19670 (pid 16426) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1241.670440][T16426] Use struct sctp_sack_info instead [ 1242.863980][ T9] usb 8-1: new high-speed USB device number 31 using dummy_hcd [ 1243.017037][ T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 9865, setting to 1024 [ 1243.017088][ T9] usb 8-1: New USB device found, idVendor=0b05, idProduct=1abe, bcdDevice= 0.00 [ 1243.017114][ T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1243.042593][ T9] usb 8-1: config 0 descriptor?? [ 1243.054285][T16478] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22 [ 1243.080051][T16499] netlink: 8 bytes leftover after parsing attributes in process `syz.2.19706'. [ 1243.257210][T16505] netlink: 188 bytes leftover after parsing attributes in process `syz.2.19707'. [ 1243.526688][ T9] hid_parser_main: 3989 callbacks suppressed [ 1243.526715][ T9] asus 0003:0B05:1ABE.004F: unknown main item tag 0x0 [ 1243.526748][ T9] asus 0003:0B05:1ABE.004F: unknown main item tag 0x0 [ 1243.526777][ T9] asus 0003:0B05:1ABE.004F: unknown main item tag 0x0 [ 1243.526806][ T9] asus 0003:0B05:1ABE.004F: unknown main item tag 0x0 [ 1243.526833][ T9] asus 0003:0B05:1ABE.004F: unknown main item tag 0x0 [ 1243.526861][ T9] asus 0003:0B05:1ABE.004F: unknown main item tag 0x0 [ 1243.526889][ T9] asus 0003:0B05:1ABE.004F: unknown main item tag 0x0 [ 1243.526917][ T9] asus 0003:0B05:1ABE.004F: unknown main item tag 0x0 [ 1243.526959][ T9] asus 0003:0B05:1ABE.004F: unknown main item tag 0x0 [ 1243.526988][ T9] asus 0003:0B05:1ABE.004F: unknown main item tag 0x0 [ 1243.635034][ T9] asus 0003:0B05:1ABE.004F: hidraw0: USB HID v7f.fd Device [HID 0b05:1abe] on usb-dummy_hcd.7-1/input0 [ 1243.701622][T16520] tipc: Enabled bearer , priority 6 [ 1243.721653][ T9] usb 8-1: USB disconnect, device number 31 [ 1243.845258][T16516] fido_id[16516]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.7/usb8/report_descriptor': No such file or directory [ 1245.841446][T16620] netlink: 8 bytes leftover after parsing attributes in process `syz.7.19764'. [ 1245.860295][T16620] comedi comedi3: pcl812: I/O port conflict (0x100,16) [ 1246.859652][T16666] tmpfs: Cannot enable quota on remount [ 1247.594659][ T5629] usb 8-1: new full-speed USB device number 32 using dummy_hcd [ 1247.624594][ T39] INFO: task syz.3.17226:11230 blocked for more than 143 seconds. [ 1247.624620][ T39] Tainted: G L syzkaller #0 [ 1247.624620][ T39] Tainted: G L syzkaller #0 [ 1247.624634][ T39] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1247.624644][ T39] task:syz.3.17226 state:D stack:27416 pid:11230 tgid:11224 ppid:19268 task_flags:0x400040 flags:0x00080002 [ 1247.624716][ T39] Call Trace: [ 1247.624725][ T39] [ 1247.624739][ T39] __schedule+0x16f9/0x5500 [ 1247.624788][ T39] ? do_raw_spin_lock+0x12b/0x2f0 [ 1247.624840][ T39] ? __pfx___schedule+0x10/0x10 [ 1247.624897][ T39] ? schedule+0x90/0x360 [ 1247.624930][ T39] schedule+0x164/0x360 [ 1247.624962][ T39] cgroup_lock_and_drain_offline+0x516/0x650 [ 1247.625013][ T39] ? __pfx_cgroup_lock_and_drain_offline+0x10/0x10 [ 1247.625047][ T39] ? __pfx_autoremove_wake_function+0x10/0x10 [ 1247.625100][ T39] cgroup_kn_lock_live+0x120/0x230 [ 1247.625136][ T39] cgroup_subtree_control_write+0x4b3/0x10a0 [ 1247.625184][ T39] ? __pfx_cgroup_subtree_control_write+0x10/0x10 [ 1247.625220][ T39] ? kernfs_root+0x1c/0x230 [ 1247.625250][ T39] ? kernfs_root+0x1c/0x230 [ 1247.625283][ T39] ? kernfs_root+0x1ea/0x230 [ 1247.625318][ T39] ? __pfx_cgroup_subtree_control_write+0x10/0x10 [ 1247.625353][ T39] cgroup_file_write+0x331/0x8f0 [ 1247.625391][ T39] ? __pfx_cgroup_file_write+0x10/0x10 [ 1247.625422][ T39] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 1247.625455][ T39] ? lockdep_hardirqs_on+0x7a/0x110 [ 1247.625498][ T39] ? __pfx_cgroup_file_write+0x10/0x10 [ 1247.625528][ T39] kernfs_fop_write_iter+0x3b0/0x540 [ 1247.625561][ T39] vfs_write+0x629/0xba0 [ 1247.625592][ T39] ? __pfx_vfs_write+0x10/0x10 [ 1247.625637][ T39] ? mutex_lock_nested+0x168/0x1d0 [ 1247.625678][ T39] ? __fget_files+0x2a/0x420 [ 1247.625720][ T39] ksys_write+0x156/0x270 [ 1247.625745][ T39] ? __pfx_ksys_write+0x10/0x10 [ 1247.625768][ T39] ? __pfx_kcov_ioctl+0x10/0x10 [ 1247.625810][ T39] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1247.625857][ T39] do_syscall_64+0x15f/0xf80 [ 1247.625892][ T39] ? trace_irq_disable+0x3b/0x140 [ 1247.625928][ T39] ? clear_bhb_loop+0x40/0x90 [ 1247.625957][ T39] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1247.625982][ T39] RIP: 0033:0x7fc5dd96ce59 [ 1247.626003][ T39] RSP: 002b:00007fc5dbba5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1247.627658][ T39] RAX: ffffffffffffffda RBX: 00007fc5ddbe6090 RCX: 00007fc5dd96ce59 [ 1247.627679][ T39] RDX: 0000000000000006 RSI: 0000200000000080 RDI: 0000000000000005 [ 1247.627694][ T39] RBP: 00007fc5dda02d6f R08: 0000000000000000 R09: 0000000000000000 [ 1247.627767][ T39] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1247.627783][ T39] R13: 00007fc5ddbe6128 R14: 00007fc5ddbe6090 R15: 00007fffc418b348 [ 1247.627828][ T39] [ 1247.627873][ T39] [ 1247.627873][ T39] Showing all locks held in the system: [ 1247.627885][ T39] 1 lock held by khungtaskd/39: [ 1247.627898][ T39] #0: ffffffff8e1ca240 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180 [ 1247.627979][ T39] 2 locks held by getty/5368: [ 1247.627992][ T39] #0: ffff888035fe30a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 1247.628045][ T39] #1: ffffc90003cc62e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x462/0x13a0 [ 1247.628106][ T39] 9 locks held by syz-executor/5614: [ 1247.628118][ T39] #0: ffffffff8e29c6b0 (dup_mmap_sem){.+.+}-{0:0}, at: copy_mm+0x130/0x4a0 [ 1247.628176][ T39] #1: ffff888040055eb0 (&mm->mmap_lock){++++}-{4:4}, at: dup_mmap+0x184/0x1d70 [ 1247.628237][ T39] #2: ffff8880356db7b0 (&mm->mmap_lock/1){+.+.}-{4:4}, at: dup_mmap+0x272/0x1d70 [ 1247.628287][ T39] #3: ffffffff8e1ca240 (rcu_read_lock){....}-{1:3}, at: __pte_offset_map+0x29/0x200 [ 1247.628343][ T39] #4: ffff88802556c658 (ptlock_ptr(ptdesc)#2){+.+.}-{3:3}, at: pte_offset_map_lock+0x13d/0x210 [ 1247.628402][ T39] #5: ffffffff8e1ca240 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1e0/0x400 [ 1247.628451][ T39] #6: ffffffff8e1ca240 (rcu_read_lock){....}-{1:3}, at: __pte_offset_map+0x29/0x200 [ 1247.628505][ T39] #7: ffff88803ec5e718 (ptlock_ptr(ptdesc)#2/1){+.+.}-{3:3}, at: copy_pmd_range+0x5ae/0x5550 [ 1247.628559][ T39] #8: ffffffff8e1ca240 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock_nested+0x1de/0x3f0 [ 1247.628609][ T39] 5 locks held by syz-executor/5615: [ 1247.628620][ T39] #0: ffffffff8e29c6b0 (dup_mmap_sem){.+.+}-{0:0}, at: copy_mm+0x130/0x4a0 [ 1247.628675][ T39] #1: ffff888040056bb0 (&mm->mmap_lock){++++}-{4:4}, at: dup_mmap+0x184/0x1d70 [ 1247.628720][ T39] #2: ffff8880333e83b0 (&mm->mmap_lock/1){+.+.}-{4:4}, at: dup_mmap+0x272/0x1d70 [ 1247.628769][ T39] #3: ffffffff8e1ca240 (rcu_read_lock){....}-{1:3}, at: __pte_offset_map+0x29/0x200 [ 1247.628822][ T39] #4: ffffffff8e1ca240 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1e0/0x400 [ 1247.628878][ T39] 6 locks held by kworker/0:4/5629: [ 1247.628890][ T39] #0: ffff88801ab0a538 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x897/0x1630 [ 1247.628945][ T39] #1: ffffc900045dfc40 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x8be/0x1630 [ 1247.629000][ T39] #2: ffff88802a11a210 (&dev->mutex){....}-{4:4}, at: hub_event+0x17c/0x4f60 [ 1247.629048][ T39] #3: ffff88802a257658 (&port_dev->status_lock){+.+.}-{4:4}, at: hub_event+0x21b0/0x4f60 [ 1247.629115][ T39] #4: ffff88802a067e58 (hcd->address0_mutex){+.+.}-{4:4}, at: hub_event+0x21e0/0x4f60 [ 1247.629166][ T39] #5: ffffffff8ee420a0 (ehci_cf_port_reset_rwsem){.+.+}-{4:4}, at: hub_port_reset+0x14e/0x1820 [ 1247.629227][ T39] 7 locks held by kworker/u8:5/32655: [ 1247.629240][ T39] #0: ffff88813fe4c138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x897/0x1630 [ 1247.630233][ T39] #1: ffff8880b8624508 (psi_seq){-...}-{0:0}, at: psi_task_switch+0x53/0x880 [ 1247.630295][ T39] #2: ffff8880b8626198 (&base->lock){-...}-{2:2}, at: __mod_timer+0x1ae/0xf60 [ 1247.630357][ T39] #3: ffffffff99d5eab0 (&obj_hash[i].lock){-...}-{2:2}, at: debug_object_activate+0xa8/0x3a0 [ 1247.630419][ T39] #4: ffffffff8e1ca240 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1e0/0x400 [ 1247.630472][ T39] #5: ffffffff8e1ca240 (rcu_read_lock){....}-{1:3}, at: unwind_next_frame+0xa6/0x2550 [ 1247.630530][ T39] #6: ffffffff8e1ca240 (rcu_read_lock){....}-{1:3}, at: __local_bh_disable_ip+0x3c/0x420 [ 1247.630595][ T39] 3 locks held by syz.3.17226/11230: [ 1247.630608][ T39] #0: ffff88801e76f328 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x252/0x320 [ 1247.630677][ T39] #1: ffff8880401d6480 (sb_writers#9){.+.+}-{0:0}, at: vfs_write+0x22d/0xba0 [ 1247.630726][ T39] #2: ffff8880377e3878 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1df/0x540 [ 1247.630780][ T39] [ 1247.630785][ T39] ============================================= [ 1247.630785][ T39] [ 1247.630802][ T39] NMI backtrace for cpu 0 [ 1247.630819][ T39] CPU: 0 UID: 0 PID: 39 Comm: khungtaskd Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 1247.630853][ T39] Tainted: [L]=SOFTLOCKUP [ 1247.630860][ T39] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1247.630871][ T39] Call Trace: [ 1247.630878][ T39] [ 1247.630887][ T39] dump_stack_lvl+0xe8/0x150 [ 1247.630913][ T39] nmi_cpu_backtrace+0x274/0x2d0 [ 1247.630937][ T39] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 1247.630963][ T39] nmi_trigger_cpumask_backtrace+0x17a/0x300 [ 1247.630989][ T39] sys_info+0x135/0x170 [ 1247.631009][ T39] watchdog+0xfd3/0x1030 [ 1247.631046][ T39] ? watchdog+0x1c9/0x1030 [ 1247.631082][ T39] kthread+0x389/0x470 [ 1247.631103][ T39] ? __pfx_watchdog+0x10/0x10 [ 1247.631132][ T39] ? __pfx_kthread+0x10/0x10 [ 1247.631154][ T39] ret_from_fork+0x514/0xb70 [ 1247.631180][ T39] ? __pfx_ret_from_fork+0x10/0x10 [ 1247.631204][ T39] ? __switch_to+0xc79/0x1410 [ 1247.631243][ T39] ? __pfx_kthread+0x10/0x10 [ 1247.631266][ T39] ret_from_fork_asm+0x1a/0x30 [ 1247.631309][ T39] [ 1247.631333][ T39] Sending NMI from CPU 0 to CPUs 1: [ 1247.631365][ C1] NMI backtrace for cpu 1 [ 1247.631382][ C1] CPU: 1 UID: 0 PID: 5615 Comm: syz-executor Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 1247.631405][ C1] Tainted: [L]=SOFTLOCKUP [ 1247.631411][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1247.631422][ C1] RIP: 0010:preempt_count_add+0xa6/0x190 [ 1247.631448][ C1] Code: ff ff ff 7f 39 f8 75 42 48 8b 5c 24 18 48 89 df e8 2f 45 0d 00 85 c0 74 09 31 db 31 ff e8 22 45 0d 00 65 4c 8b 35 d2 24 03 11 <49> 81 c6 d0 15 00 00 4c 89 f0 48 c1 e8 03 42 80 3c 38 00 74 08 4c [ 1247.631464][ C1] RSP: 0000:ffffc900043ef270 EFLAGS: 00000246 [ 1247.631478][ C1] RAX: 0000000000000000 RBX: ffffffff8236d6e3 RCX: ffffffff99a2a400 [ 1247.631491][ C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff8236d6e3 [ 1247.631502][ C1] RBP: ffffc900043ef5b0 R08: 0000000000000000 R09: 0000000000000000 [ 1247.631513][ C1] R10: dffffc0000000000 R11: fffff940002746a1 R12: dffffc0000000000 [ 1247.631526][ C1] R13: ffff8880566a3a20 R14: ffff888036833d80 R15: dffffc0000000000 [ 1247.631539][ C1] FS: 000055558c7a8500(0000) GS:ffff888125dab000(0000) knlGS:0000000000000000 [ 1247.631554][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1247.631565][ C1] CR2: 00007f69b379da08 CR3: 000000003feec000 CR4: 00000000003526f0 [ 1247.631580][ C1] DR0: ffffffffffffffff DR1: 00000000000001f8 DR2: 0000000000000002 [ 1247.631597][ C1] DR3: ffffffffefffff15 DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 1247.631609][ C1] Call Trace: [ 1247.631615][ C1] [ 1247.631622][ C1] pfn_valid+0xb3/0x480 [ 1247.631640][ C1] page_table_check_set+0x25/0x510 [ 1247.631670][ C1] copy_pmd_range+0x350b/0x5550 [ 1247.631704][ C1] ? __pfx_copy_pmd_range+0x10/0x10 [ 1247.631722][ C1] ? __lock_acquire+0x6b5/0x2d10 [ 1247.631743][ C1] ? __lock_acquire+0x6b5/0x2d10 [ 1247.631766][ C1] copy_page_range+0xb3f/0x1150 [ 1247.631796][ C1] ? __pfx_copy_page_range+0x10/0x10 [ 1247.631819][ C1] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 1247.631845][ C1] ? lockdep_hardirqs_on+0x7a/0x110 [ 1247.631869][ C1] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 1247.631894][ C1] dup_mmap+0xf5a/0x1d70 [ 1247.631921][ C1] ? __pfx_dup_mmap+0x10/0x10 [ 1247.631937][ C1] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 1247.631963][ C1] ? copy_mm+0x130/0x4a0 [ 1247.631987][ C1] ? copy_mm+0x130/0x4a0 [ 1247.632018][ C1] copy_mm+0x13b/0x4a0 [ 1247.632044][ C1] copy_process+0x1f24/0x4450 [ 1247.632077][ C1] ? copy_process+0xd87/0x4450 [ 1247.632107][ C1] ? __pfx_copy_process+0x10/0x10 [ 1247.632138][ C1] kernel_clone+0x2d7/0x940 [ 1247.632157][ C1] ? __pfx_kernel_clone+0x10/0x10 [ 1247.632182][ C1] __x64_sys_clone+0x1b6/0x230 [ 1247.632200][ C1] ? __pfx___x64_sys_clone+0x10/0x10 [ 1247.632225][ C1] ? do_user_addr_fault+0xc6f/0x1340 [ 1247.632249][ C1] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1247.632267][ C1] do_syscall_64+0x15f/0xf80 [ 1247.632291][ C1] ? trace_irq_disable+0x3b/0x140 [ 1247.632317][ C1] ? clear_bhb_loop+0x40/0x90 [ 1247.632337][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1247.632354][ C1] RIP: 0033:0x7f9b9e9058d2 [ 1247.632369][ C1] Code: 89 e7 e8 71 8b f7 ff 45 31 c0 31 d2 31 f6 64 48 8b 04 25 10 00 00 00 bf 11 00 20 01 4c 8d 90 d0 02 00 00 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 89 c5 85 c0 75 3b 64 48 8b 04 25 10 00 00 [ 1247.632383][ C1] RSP: 002b:00007fff27405b70 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 1247.632413][ C1] RAX: ffffffffffffffda RBX: 00007fff27405b70 RCX: 00007f9b9e9058d2 [ 1247.632425][ C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 1247.632434][ C1] RBP: 00007fff27405cfc R08: 0000000000000000 R09: 0000000000000001 [ 1247.632444][ C1] R10: 000055558c7a87d0 R11: 0000000000000246 R12: 0000000000000001 [ 1247.632454][ C1] R13: 00000000000927c0 R14: 000000000013083b R15: 00007fff27405d50 [ 1247.632473][ C1] [ 1247.646961][ T39] Kernel panic - not syncing: hung_task: blocked tasks [ 1247.647013][ T39] CPU: 0 UID: 0 PID: 39 Comm: khungtaskd Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 1247.647097][ T39] Tainted: [L]=SOFTLOCKUP [ 1247.647118][ T39] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1247.647160][ T39] Call Trace: [ 1247.647189][ T39] [ 1247.647213][ T39] vpanic+0x56c/0xa60 [ 1247.647358][ T39] ? __pfx___schedule+0x10/0x10 [ 1247.647466][ T39] ? __pfx_vpanic+0x10/0x10 [ 1247.647580][ T39] panic+0xc5/0xd0 [ 1247.647659][ T39] ? __pfx_panic+0x10/0x10 [ 1247.647757][ T39] ? preempt_schedule_thunk+0x16/0x40 [ 1247.647866][ T39] ? nmi_trigger_cpumask_backtrace+0x2bb/0x300 [ 1247.647955][ T39] watchdog+0x102c/0x1030 [ 1247.648062][ T39] ? watchdog+0x1c9/0x1030 [ 1247.648168][ T39] kthread+0x389/0x470 [ 1247.648230][ T39] ? __pfx_watchdog+0x10/0x10 [ 1247.648317][ T39] ? __pfx_kthread+0x10/0x10 [ 1247.648390][ T39] ret_from_fork+0x514/0xb70 [ 1247.648459][ T39] ? __pfx_ret_from_fork+0x10/0x10 [ 1247.648526][ T39] ? __switch_to+0xc79/0x1410 [ 1247.648585][ T39] ? __pfx_kthread+0x10/0x10 [ 1247.648662][ T39] ret_from_fork_asm+0x1a/0x30 [ 1247.648779][ T39] [ 1247.649380][ T39] Kernel Offset: disabled