last executing test programs: 1m25.358493158s ago: executing program 1 (id=874): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, 0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_PAUSE_GET(r3, 0x0, 0x0) r4 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r4, 0x0, 0x0) recvmsg$can_bcm(r4, 0x0, 0x2) setsockopt$SO_BINDTODEVICE_wg(r4, 0x1, 0x19, 0x0, 0x0) sendmmsg(r4, 0x0, 0x0, 0x810) r5 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, 0x0) ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x3) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r7 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="020a000002"], 0x10}}, 0x0) 1m23.803427015s ago: executing program 1 (id=877): syz_open_dev$dri(0x0, 0x0, 0x0) mkdir(&(0x7f0000000080)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) socket(0x0, 0x4, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x0, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800"/15, @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) socket$key(0xf, 0x3, 0x2) chdir(&(0x7f0000000080)='./file1\x00') mkdir(&(0x7f0000000440)='./file0\x00', 0x0) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x1607010, 0x0) r2 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r1, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29, r2}, './file0\x00'}) 1m21.960451765s ago: executing program 1 (id=881): socket$inet6_tcp(0xa, 0x1, 0x0) pipe(0x0) socketpair$unix(0x1, 0x0, 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001680)={&(0x7f0000000000)=@newtaction={0x48, 0x30, 0x0, 0x0, 0x0, {}, [{0x34, 0x1, [@m_simple={0x30, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x48}}, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a40)={0x5, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f00000002c0)='cpuset.mem_exclusive\x00', 0x2, 0x0) sendfile(r1, r1, 0x0, 0x2) 1m12.938008922s ago: executing program 3 (id=895): sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe05000000000000000000009500000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, 0x0) bind$inet(0xffffffffffffffff, 0x0, 0x0) r4 = syz_open_dev$vim2m(&(0x7f0000000080), 0x3fe, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r4, 0xc0d05605, &(0x7f00000000c0)={0x1, @pix_mp={0x0, 0x0, 0x34325842, 0x0, 0x0, [{}, {}, {}, {}, {}, {0x0, 0x1}]}}) ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f0000000040)={0x80000001, 0x1, 0x4}) ioctl$vim2m_VIDIOC_STREAMOFF(r4, 0x40045612, &(0x7f0000000240)=0x1) 1m8.690288715s ago: executing program 3 (id=900): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000000340)={{0x80, 0x8}, 'port0\x00', 0x0, 0x40000, 0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000000180)={{0x80, 0x80}, 'port0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r1, 0xc0a85352, &(0x7f0000000200)={{0x80, 0x4}, 'port0\x00', 0x0, 0x0, 0x0, 0x0, 0x1}) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x17, 0xc, &(0x7f0000000140)=ANY=[@ANYRES64], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x10) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = socket$can_raw(0x1d, 0x3, 0x1) bind$can_raw(r5, &(0x7f0000000580), 0x10) close(r5) capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)) ioctl$SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0x541b, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r6 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="1400000016000b63d25a80648c2594f90124fc60", 0x14}], 0x1}, 0x0) recvmsg(r6, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) 1m7.642703221s ago: executing program 3 (id=901): syz_open_dev$dri(0x0, 0x0, 0x0) mkdir(&(0x7f0000000080)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) socket(0x0, 0x4, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x0, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800"/15, @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0) chdir(&(0x7f0000000080)='./file1\x00') mkdir(&(0x7f0000000440)='./file0\x00', 0x0) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x1607010, 0x0) r2 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r1, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29, r2}, './file0\x00'}) 1m5.236803725s ago: executing program 3 (id=906): setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r0, &(0x7f0000000580)=[{&(0x7f0000000640)=""/102396, 0xfffffd6e}, {&(0x7f0000019740)=""/242}], 0x2, 0x0, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)={0x4c, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x3}]}, 0x4c}}, 0x0) sendmsg$IPSET_CMD_LIST(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x1c, 0x7, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x2e, 0x4, 0x0, 0x0, 0xb8, 0x64, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x14, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0]}, @timestamp_prespec={0x44, 0x2c, 0x0, 0x3, 0x0, [{@private}, {@multicast1}, {@remote}, {@empty}, {@private, 0x7}]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x0, [{@local}, {@remote}, {@multicast2}, {@private}, {}, {@broadcast}, {@multicast2}]}, @noop, @noop, @noop, @lsrr={0x83, 0xb, 0x0, [@rand_addr, @multicast1]}, @rr={0x7, 0x17, 0x0, [@dev, @remote, @multicast1, @private=0xa010102, @remote]}]}}}}}) socket$nl_netfilter(0x10, 0x3, 0xc) syz_io_uring_setup(0x3ed9, &(0x7f0000000080)={0x0, 0x5708, 0x200, 0x2, 0x1, 0x0, r0}, &(0x7f0000000100), 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x20002) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0) unshare(0x2a020400) ioctl$SNDRV_CTL_IOCTL_TLV_READ(r2, 0xc008551a, 0x0) getpid() sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) unshare(0x44020400) openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) openat$capi20(0xffffffffffffff9c, &(0x7f0000001f80), 0x0, 0x0) 14.707903205s ago: executing program 2 (id=968): mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15) r2 = dup(r1) write$P9_RLERRORu(r2, &(0x7f00000000c0)=ANY=[@ANYBLOB="5300000007000046009d40edce82cd28", @ANYRES8, @ANYRESDEC=r2, @ANYRES64], 0x53) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}}) 14.37580063s ago: executing program 2 (id=969): syz_genetlink_get_family_id$tipc2(&(0x7f00000006c0), 0xffffffffffffffff) sendmsg$TIPC_NL_MEDIA_SET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000980)=ANY=[@ANYBLOB="046117b56b1069f1b69e0a275dbc9f6e2c7686f9e524fce7c1d5f2", @ANYBLOB="7dd402590eb5aaeefe8feef64e9dcd1838fced5ca256d67014b3e8da9f74a8a7a36a8ee42583381712872705c51595f2b2ef450b74f9bbc5023685b63ce416519fa0dabdef4a449c4a7d3d9812ef749b913ada1ded2d4a292a990ce1e7f2f9e247f3dda088a0c1d6e83d285273f6dfeb4e4ed49d96237d68b788355b2d546d3cd3859d02135d0043f0e860c5ceb28dc76086c37a3c347d6ae74d8a0d5fc01470e874"], 0x14}, 0x1, 0x0, 0x0, 0x2000c805}, 0x0) syz_genetlink_get_family_id$ipvs(0x0, 0xffffffffffffffff) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f00000001c0)={0x1, @sdr={0x34424752, 0x1}}) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000800)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, @void, @value}, 0x94) socket$inet6(0xa, 0x80000, 0x0) syz_emit_vhci(0x0, 0x1d) process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) getrusage(0x0, &(0x7f0000000700)) r2 = syz_open_procfs(0x0, &(0x7f0000000340)='net/vlan/vlan0\x00') bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000180)={r2, 0x58, &(0x7f0000000100)}, 0x10) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r3 = socket$inet_mptcp(0x2, 0x1, 0x106) keyctl$join(0x1, &(0x7f00000000c0)={'syz', 0x1}) setsockopt$SO_BINDTODEVICE_wg(r3, 0x1, 0x19, &(0x7f0000000080)='wg2\x00', 0x4) connect$inet(r3, &(0x7f0000000000)={0x2, 0x0, @loopback}, 0x10) setsockopt$MRT6_ADD_MFC(r2, 0x29, 0xd2, 0x0, 0x2c) preadv(r2, &(0x7f0000000440)=[{&(0x7f0000001280)=""/64, 0x40}, {&(0x7f00000002c0)=""/64, 0x40}], 0x2, 0x800000, 0x0) ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000380)=ANY=[]) syz_genetlink_get_family_id$l2tp(0x0, 0xffffffffffffffff) ioctl$SNDCTL_DSP_SETTRIGGER(0xffffffffffffffff, 0x40045010, &(0x7f0000000040)=0x4) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, 0x0) r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r4, 0xc058534f, &(0x7f00000001c0)={{0xf}, 0x1, 0x2152a574}) 13.190270687s ago: executing program 2 (id=970): openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) syz_open_dev$sndpcmc(0x0, 0x0, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) dup(r1) syz_open_procfs(0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000140)='.\x00', 0x0, 0x0, 0x0) r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x602, 0x0) writev(r2, &(0x7f0000000180), 0x0) r3 = openat$nvram(0xffffffffffffff9c, &(0x7f0000006bc0), 0x0, 0x0) ioctl$BTRFS_IOC_SNAP_CREATE_V2(r3, 0x7041, 0x0) read$eventfd(r3, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r4 = getpid() sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800"/14], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r7}, 0x10) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0) ioctl$BTRFS_IOC_SCRUB_CANCEL(r0, 0x5453, 0x0) 12.115973751s ago: executing program 1 (id=898): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000980)='sys_enter\x00', r1}, 0x10) epoll_pwait(0xffffffffffffffff, 0x0, 0x0, 0x5, 0x0, 0x0) 11.947518232s ago: executing program 1 (id=971): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe05000000000000000000009500000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, 0x0) bind$inet(0xffffffffffffffff, 0x0, 0x0) r4 = syz_open_dev$vim2m(&(0x7f0000000080), 0x3fe, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r4, 0xc0d05605, &(0x7f00000000c0)={0x1, @pix_mp={0x0, 0x0, 0x34325842, 0x0, 0x0, [{}, {}, {}, {}, {}, {0x0, 0x1}]}}) ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f0000000040)={0x80000001, 0x1, 0x4}) ioctl$vim2m_VIDIOC_STREAMOFF(r4, 0x40045612, &(0x7f0000000240)=0x1) 11.818769163s ago: executing program 2 (id=973): r0 = syz_usb_connect$uac1(0x0, 0xad, &(0x7f0000000140)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x9b, 0x3, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{}, [@extension_unit={0x9, 0x24, 0x8, 0x0, 0x0, 0x0, 'LX'}, @mixer_unit={0x6, 0x24, 0x4, 0x0, 0x0, 'R'}, @selector_unit={0x7, 0x24, 0x5, 0x0, 0x0, "53f1"}, @selector_unit={0xb, 0x24, 0x5, 0x0, 0x0, "133b9bda531c"}, @selector_unit={0x9, 0x24, 0x5, 0x0, 0x5, "96efc359"}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_continuous={0xb, 0x24, 0x2, 0x1, 0x7f, 0x2, 0x0, 0x1, "8b7e", "8e"}, @as_header={0x7}]}, {{0x9, 0x5, 0x82, 0x9, 0x10, 0x0, 0x0, 0x0, {0x7, 0x25, 0x1, 0x81}}}}}}}]}}, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000240), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r1, 0x0) syz_usb_control_io$uac1(r0, &(0x7f0000001100)={0x14, 0x0, &(0x7f0000001040)={0x0, 0x3, 0x2, @string={0x2}}}, 0x0) syz_usb_control_io(r0, &(0x7f00000021c0)={0x2c, 0x0, &(0x7f0000002080)={0x0, 0x3, 0x4, @lang_id={0x4}}, 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000800)={0x84, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 11.031399298s ago: executing program 4 (id=905): bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdb4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe15, 0x5, 0x0, 0x0, 0x0, 0x0, 0x8, 0xffffffffffffff4b, 0x0}}, 0x10) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0}, 0x0, 0x0}, 0x20) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000740)={r0, &(0x7f0000000000), &(0x7f00000000c0)=""/109}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000500)={{r0, 0xffffffffffffffff}, &(0x7f00000002c0), &(0x7f0000000280)}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000d0039000000000000b4a518110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r3}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r2}, 0x10) syz_open_procfs$namespace(0x0, 0xfffffffffffffffe) syz_open_dev$usbfs(0x0, 0x75, 0x109301) 10.00952045s ago: executing program 4 (id=976): openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = dup(r2) ioctl$KVM_SET_MSRS(r3, 0x4008ae89, 0x0) syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0) r4 = socket(0x1a, 0x3, 0x0) write(r4, &(0x7f0000000000)="240000001a005f0314f9f407000904000200", 0x12) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_READ(0xffffffffffffffff, 0xc4c85512, 0x0) preadv(r5, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) ioctl$KVM_REINJECT_CONTROL(r3, 0xae71, &(0x7f00000004c0)={0x5}) 9.74285707s ago: executing program 0 (id=977): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x0) r1 = socket$igmp(0x2, 0x3, 0x2) sendmsg$IPSET_CMD_LIST(0xffffffffffffffff, 0x0, 0x4000) setsockopt$MRT_ADD_MFC_PROXY(r1, 0x0, 0xd2, &(0x7f0000000000)={@remote, @multicast1, 0x0, "d30f388c52647612d91de4353d68b0fa00"}, 0x3c) setsockopt$MRT_ADD_MFC(r1, 0x0, 0xcc, &(0x7f0000000280)={@multicast2, @multicast1, 0x0, "7ea97ddb2ac127ffa5b7216fe75ebaa2855a422a8bf8ec7caf003751804500"}, 0x3c) setsockopt$MRT_ADD_MFC(r1, 0x0, 0xcc, &(0x7f0000000200)={@empty, @private, 0x0, "606b177019716ea6ac38f5bd6e0630e369c7b35d21ff1f4d7ed79c31e2b0f1da"}, 0x3c) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r2 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_ADD_MFC(r2, 0x0, 0xcc, &(0x7f0000000180)={@private, @multicast2, 0x0, "941621a61c5815f4678d8fd4a8e14b0447113c694d1fd55708018620fd419884"}, 0x3c) 9.742560968s ago: executing program 3 (id=919): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000000340)={{0x80, 0x8}, 'port0\x00', 0x0, 0x40000, 0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000000180)={{0x80, 0x80}, 'port0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r1, 0xc0a85352, &(0x7f0000000200)={{0x80, 0x4}, 'port0\x00', 0x0, 0x0, 0x0, 0x0, 0x1}) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x17, 0xc, &(0x7f0000000140)=ANY=[@ANYRES64], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x10) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = socket$can_raw(0x1d, 0x3, 0x1) bind$can_raw(r5, &(0x7f0000000580), 0x10) close(r5) r6 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r6, 0x541b, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r7 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="1400000016000b63d25a80648c2594f90124fc60", 0x14}], 0x1}, 0x0) recvmsg(r7, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) 8.705014116s ago: executing program 1 (id=978): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000001180)=ANY=[@ANYBLOB="12010000090003206d0414c34000ffff000109022400010400a000090400000103010100093700086ce82201000905815f"], 0x0) syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, &(0x7f0000000dc0)=ANY=[@ANYBLOB="00020c0000000c0002"], 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) 2.78867128s ago: executing program 2 (id=979): syz_open_dev$sndctrl(0x0, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="02c8a081007d00010004070400ffff0d0007ff0400ff7f08000a050200060005015a00cd0003000100010280000409010c08f30000049f6c04090403050400040004000610020209000100000001000000080008000102564b38ecff02a516ab8300000c0000002f01000006100301f8ff5b3c7e6700010000020000000c080500100006"], 0x86) socket(0x10, 0x0, 0x0) socket$packet(0x11, 0x2, 0x300) sendmsg$RDMA_NLDEV_CMD_STAT_GET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[], 0x10}}, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x7, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000240)='tlb_flush\x00', r0}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040)='c:::\x00', 0x0) fsmount(0xffffffffffffffff, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000180), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f00000001c0)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)={0x1c, r3, 0xb01, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r4}]}, 0x1c}}, 0x0) 2.788176688s ago: executing program 3 (id=980): openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, 0x0, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) setsockopt$inet_sctp_SCTP_INITMSG(r0, 0x84, 0x2, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) r2 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, &(0x7f0000000040)={0x0, "d2c4924d08b1e00000000000000000f3f70000000400000000fcff00", 0xffffffffffffffff}) ioctl$SYNC_IOC_MERGE(r3, 0xc0303e03, &(0x7f00000000c0)={"e50d1af889b4ea0700000000000000f3c4392ed1891edfa78a34e4a37ef94add", r1}) openat$audio(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) socket$key(0xf, 0x3, 0x2) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60) ioctl$KVM_CREATE_PIT2(r5, 0x4040ae77, &(0x7f0000000040)) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_REINJECT_CONTROL(r5, 0xae71, &(0x7f0000001440)) syz_usb_connect$hid(0x0, 0x36, &(0x7f00000002c0)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000009090224000100000000150300a360af273d92546a0fb4580d32329c0fba7fcfdd0000000000005b97a4522f07bd561acc3a53e1549b91bb8956ac3c3b6d3492b246bf059b32d40cba9e48c2b508debf29c5aa353d6e8d0900c718adec4f249fa8cf45c46bd5b450ec279170de8f44bcac1a7d98455e53051785ede910db48050bd18bad4dab9d1328f42ecafe1df6b8d52067d756748c6f2a1a1a974024aa456a05aeca87729da91bdf21c108d1a0dd9f013285ce13e4db447130f810b480ee5fb28ca5d9dea1c1a75d1e04466d954a20b89fcce73d2bada7775c809f7042029a2e379e3f6bb61f24e939c536e81a14676601d85ccf836f99c853ab4f4fbaa90cad7a3a4ec6c8df12ddc6fd7cef2cc86c699938ed"], 0x0) close(0xffffffffffffffff) r6 = syz_open_dev$hiddev(&(0x7f0000000080), 0x0, 0x0) ioctl$HIDIOCGREPORT(r6, 0x400c4807, &(0x7f00000000c0)={0x3}) 2.73400647s ago: executing program 0 (id=981): bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r2, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff"], 0x15) r3 = dup(r2) mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r3}}) write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="a8"], 0xa8) write$FUSE_BMAP(r3, &(0x7f0000000000)={0x18}, 0x18) write$FUSE_BMAP(r3, &(0x7f00000000c0)={0x18}, 0x18) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0) 2.267912999s ago: executing program 4 (id=982): mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15) r2 = dup(r1) write$P9_RLERRORu(r2, &(0x7f00000000c0)=ANY=[@ANYBLOB="5300000007000046009d40edce82cd28e1e1edab5168510449b8a5", @ANYRES8, @ANYRESDEC=r2, @ANYRES64], 0x53) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}}) 2.186718921s ago: executing program 0 (id=983): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) write$binfmt_elf64(r2, 0x0, 0x40) getsockname$packet(r2, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB], 0x48}}, 0x0) sendmsg$nl_route(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000b80)=ANY=[@ANYBLOB="2800000014002101000000000000000002020000", @ANYRES32=r3, @ANYBLOB="080009000000008808000200ac"], 0x28}, 0x1, 0x300000000000000}, 0x0) 1.964611343s ago: executing program 0 (id=984): r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000200), 0x8440, 0x0) r1 = openat$sw_sync(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, &(0x7f0000000b00)={0x4, "abacd211119ca94c63377526aeb5ab2c7b9ca5fa07558139ede6dc06270ee042", 0xffffffffffffffff}) ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000f40)={0x8, "b546baa5cc590d3033de259c2996817bb959ebab028deda525e19bdeffafde25", 0xffffffffffffffff}) ioctl$SYNC_IOC_MERGE(r2, 0xc0303e03, &(0x7f0000000f80)={"d1ed39d88b014976ab94c1fb10628c46d2e681cdb9e5c1a31965c61e0df52c5e", r3, 0xffffffffffffffff}) ioctl$SYNC_IOC_MERGE(r3, 0xc0303e03, &(0x7f0000000140)={"9b040000000000000000c69671ea00", r4}) 1.936123493s ago: executing program 4 (id=985): pipe(&(0x7f0000001800)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha256-ssse3\x00'}, 0x58) r3 = accept4$alg(r2, 0x0, 0x0, 0x0) write$binfmt_elf64(r1, &(0x7f0000000040)=ANY=[], 0xfffffdea) splice(r0, 0x0, r3, 0x0, 0x2000000000000005, 0x0) 1.77721442s ago: executing program 0 (id=986): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002240)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x18) bpf$PROG_LOAD(0x5, 0x0, 0x0) r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r5, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) write(r5, &(0x7f0000000000)="3f000000010000", 0x7) ioctl$sock_inet_SIOCSIFDSTADDR(0xffffffffffffffff, 0x8918, 0x0) rt_sigaction(0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000003f80)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000800}, 0x2200c0c0) r6 = fanotify_init(0x0, 0x0) readv(r6, 0x0, 0x0) fanotify_mark(r6, 0x1, 0x40001019, 0xffffffffffffffff, 0x0) 685.382693ms ago: executing program 0 (id=987): r0 = memfd_create(&(0x7f0000000140)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\xea7\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xcd\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x0) r1 = fanotify_init(0x200, 0x0) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000540)='/sys/power/pm_trace', 0x40801, 0x0) r2 = dup(r0) fanotify_mark(r1, 0x1, 0x40001056, r2, 0x0) r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) r4 = getpid() sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r5, &(0x7f0000000380)=@abs, 0x6e) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r3, 0xaf01, 0x0) r6 = eventfd(0x0) ioctl$VHOST_SET_LOG_FD(r3, 0x4004af07, &(0x7f0000000240)=r6) ioctl$VHOST_SET_VRING_KICK(r3, 0x4008af20, &(0x7f0000000040)={0x1, r6}) ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0}) ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74}) ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f0000000680)) ioctl$VHOST_VSOCK_SET_RUNNING(r3, 0x4004af61, &(0x7f0000000000)=0x1) 544.227ms ago: executing program 4 (id=988): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000240)=ANY=[@ANYBLOB="000000004c9002000700000003000100"/104]) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r1}, 0x10) rt_sigprocmask(0x0, &(0x7f000078b000)={[0xfffffffffffffffd]}, 0x0, 0x8) openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) getsockopt$inet_udp_int(0xffffffffffffffff, 0x11, 0x0, 0x0, 0x0) getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000300)=""/214, &(0x7f0000000140)=0xd6) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0) r2 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$PTP_PEROUT_REQUEST2(r2, 0x40383d0c, 0x0) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4) r4 = syz_open_dev$sndctrl(&(0x7f0000000080), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r4, 0xc0045516, &(0x7f0000000000)=0x639) readv(r4, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/90, 0x48}], 0x1) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r4, 0xc1105517, &(0x7f0000001980)={{0x2000, 0x0, 0x800, 0x8, 'syz0\x00', 0xffff}, 0x5, 0x30, 0x1, r3, 0x0, 0x0, 'syz1\x00', 0x0}) sched_setscheduler(r3, 0x1, &(0x7f0000000000)=0x7) getpriority(0x2, r3) 226.830161ms ago: executing program 2 (id=989): openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x60080, 0x0) openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}) io_uring_enter(0xffffffffffffffff, 0x47ba, 0x0, 0x0, 0x0, 0x0) 0s ago: executing program 4 (id=990): openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) syz_emit_ethernet(0x36, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r0, 0x0, 0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) ioctl$UI_DEV_SETUP(0xffffffffffffffff, 0x5501, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000700)={'wlan1\x00'}) sendmsg$NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[], 0x28}}, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_mtu(r1, 0x0, 0xa, &(0x7f0000000080)=0x3, 0x4) sendto$inet(r1, &(0x7f0000000040)="0e00", 0xffec, 0x0, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10) r2 = socket$netlink(0x10, 0x3, 0x0) sched_setaffinity(0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0) writev(r2, &(0x7f0000000100)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1) kernel console output (not intermixed with test programs): arams data found [ 656.130408][ T8121] team0: Port device team_slave_0 added [ 656.136981][ T8121] team0: Port device team_slave_1 added [ 656.416734][ T8042] veth1_macvtap: entered promiscuous mode [ 656.588411][ T8121] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 656.595708][ T8121] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 656.621642][ C0] vkms_vblank_simulate: vblank timer overrun [ 656.632910][ T8121] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 656.660005][ T8121] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 656.666993][ T8121] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 656.692876][ C0] vkms_vblank_simulate: vblank timer overrun [ 656.699458][ T8121] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 656.789085][ T5227] Bluetooth: hci2: command tx timeout [ 656.841399][ T8042] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 656.890242][ T8042] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 656.900507][ T8042] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 656.911650][ T8042] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 656.924026][ T8042] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 657.119383][ T8042] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 657.146433][ T8042] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 657.158362][ T8042] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 657.176818][ T8042] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 657.192705][ T8042] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 657.212542][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 657.247496][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 657.341295][ T8153] bridge0: port 1(bridge_slave_0) entered blocking state [ 657.348489][ T8153] bridge0: port 1(bridge_slave_0) entered disabled state [ 657.359325][ T8153] bridge_slave_0: entered allmulticast mode [ 657.367238][ T8153] bridge_slave_0: entered promiscuous mode [ 657.392574][ T8121] hsr_slave_0: entered promiscuous mode [ 657.407213][ T8121] hsr_slave_1: entered promiscuous mode [ 657.451141][ T29] audit: type=1400 audit(1726327806.332:681): avc: denied { read } for pid=8208 comm="syz.4.431" path="socket:[28772]" dev="sockfs" ino=28772 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 657.488494][ T8153] bridge0: port 2(bridge_slave_1) entered blocking state [ 657.502703][ T8153] bridge0: port 2(bridge_slave_1) entered disabled state [ 657.512852][ T8153] bridge_slave_1: entered allmulticast mode [ 657.521424][ T8153] bridge_slave_1: entered promiscuous mode [ 657.583235][ T8042] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 657.608693][ T8042] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 657.618649][ T8042] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 657.627599][ T8042] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 657.683195][ T6802] bridge_slave_1: left allmulticast mode [ 657.692244][ T6802] bridge_slave_1: left promiscuous mode [ 657.698064][ T6802] bridge0: port 2(bridge_slave_1) entered disabled state [ 657.713856][ T6802] bridge_slave_0: left allmulticast mode [ 657.719699][ T6802] bridge_slave_0: left promiscuous mode [ 657.725429][ T6802] bridge0: port 1(bridge_slave_0) entered disabled state [ 657.912258][ T5227] Bluetooth: hci1: command tx timeout [ 658.086663][ T29] audit: type=1400 audit(1726327806.962:682): avc: denied { write } for pid=8214 comm="syz.4.432" name="binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 658.324706][ T6802] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 658.349407][ T6802] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 658.373812][ T6802] bond0 (unregistering): Released all slaves [ 658.404266][ T8153] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 658.482044][ T5227] Bluetooth: hci9: Controller not accepting commands anymore: ncmd = 0 [ 658.490928][ T5227] Bluetooth: hci9: Injecting HCI hardware error event [ 658.502885][ T5233] Bluetooth: hci9: hardware error 0x00 [ 658.605921][ T6810] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 658.608095][ T8153] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 658.626065][ T6810] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 658.705992][ T6802] hsr_slave_0: left promiscuous mode [ 658.716542][ T6802] hsr_slave_1: left promiscuous mode [ 658.725413][ T6802] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 658.734659][ T6802] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 658.762790][ T6802] veth1_vlan: left promiscuous mode [ 658.768451][ T6802] veth0_vlan: left promiscuous mode [ 658.872107][ T5227] Bluetooth: hci2: command tx timeout [ 659.584415][ T6802] team0 (unregistering): Port device team_slave_1 removed [ 659.686141][ T6802] team0 (unregistering): Port device team_slave_0 removed [ 659.975746][ T29] audit: type=1400 audit(1726327808.852:683): avc: denied { write } for pid=8223 comm="syz.4.436" name="ppp" dev="devtmpfs" ino=695 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 660.553549][ T5233] Bluetooth: hci9: Opcode 0x0c03 failed: -110 [ 660.780391][ T8153] team0: Port device team_slave_0 added [ 660.800582][ T8153] team0: Port device team_slave_1 added [ 660.958706][ T5233] Bluetooth: hci2: command tx timeout [ 661.165611][ T8153] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 661.191468][ T8153] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 661.273513][ T8153] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 661.309346][ T8153] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 661.324948][ T8153] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 661.377840][ T8153] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 661.820083][ T6139] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 661.868273][ T6139] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 661.881911][ T29] audit: type=1400 audit(1726327810.762:684): avc: denied { unmount } for pid=8026 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1 [ 662.197288][ T8153] hsr_slave_0: entered promiscuous mode [ 662.236500][ T8153] hsr_slave_1: entered promiscuous mode [ 662.261743][ T8153] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 662.331773][ T8153] Cannot create hsr debugfs directory [ 663.081227][ T3684] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 663.100128][ T3684] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 663.634872][ T8281] netlink: 36 bytes leftover after parsing attributes in process `syz.0.396'. [ 663.645317][ T8281] netlink: 16 bytes leftover after parsing attributes in process `syz.0.396'. [ 663.656107][ T8281] netlink: 36 bytes leftover after parsing attributes in process `syz.0.396'. [ 663.666359][ T8281] netlink: 36 bytes leftover after parsing attributes in process `syz.0.396'. [ 666.344329][ T8294] pim6reg1: entered promiscuous mode [ 666.354705][ T8294] pim6reg1: entered allmulticast mode [ 666.832123][ T8121] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 666.884971][ T8121] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 667.020581][ T8121] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 667.020670][ T8310] netlink: 36 bytes leftover after parsing attributes in process `syz.2.461'. [ 667.070684][ T8310] netlink: 16 bytes leftover after parsing attributes in process `syz.2.461'. [ 667.072466][ T8121] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 667.093812][ T8310] netlink: 36 bytes leftover after parsing attributes in process `syz.2.461'. [ 667.137331][ T8310] netlink: 36 bytes leftover after parsing attributes in process `syz.2.461'. [ 667.747454][ T8121] 8021q: adding VLAN 0 to HW filter on device bond0 [ 668.003870][ T8121] 8021q: adding VLAN 0 to HW filter on device team0 [ 668.144435][ T8153] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 668.185129][ T6802] bridge0: port 1(bridge_slave_0) entered blocking state [ 668.192411][ T6802] bridge0: port 1(bridge_slave_0) entered forwarding state [ 668.222410][ T8345] netlink: 36 bytes leftover after parsing attributes in process `syz.2.471'. [ 668.257939][ T8345] netlink: 16 bytes leftover after parsing attributes in process `syz.2.471'. [ 668.271038][ T8153] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 668.319548][ T8153] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 668.370287][ T6810] bridge0: port 2(bridge_slave_1) entered blocking state [ 668.377550][ T6810] bridge0: port 2(bridge_slave_1) entered forwarding state [ 668.418364][ T8153] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 668.418778][ T29] audit: type=1400 audit(1726327817.292:685): avc: denied { relabelfrom } for pid=8342 comm="syz.0.470" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1 [ 668.513934][ T29] audit: type=1400 audit(1726327817.292:686): avc: denied { relabelto } for pid=8342 comm="syz.0.470" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1 [ 669.203969][ T8153] 8021q: adding VLAN 0 to HW filter on device bond0 [ 669.360099][ T8153] 8021q: adding VLAN 0 to HW filter on device team0 [ 669.536750][ T3684] bridge0: port 1(bridge_slave_0) entered blocking state [ 669.544015][ T3684] bridge0: port 1(bridge_slave_0) entered forwarding state [ 669.605305][ T3684] bridge0: port 2(bridge_slave_1) entered blocking state [ 669.612578][ T3684] bridge0: port 2(bridge_slave_1) entered forwarding state [ 670.287301][ T29] audit: type=1400 audit(1726327819.102:687): avc: denied { getopt } for pid=8386 comm="syz.0.486" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 670.754468][ T8121] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 671.139863][ T8121] veth0_vlan: entered promiscuous mode [ 671.227184][ T8121] veth1_vlan: entered promiscuous mode [ 672.339169][ T8426] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 672.352610][ T8121] veth0_macvtap: entered promiscuous mode [ 672.706982][ T8121] veth1_macvtap: entered promiscuous mode [ 672.782685][ T8153] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 672.880120][ T8121] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 672.908656][ T8121] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 672.934302][ T8121] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 672.984572][ T8121] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 673.048849][ T8121] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 673.078601][ T8121] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 673.133160][ T8121] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 673.205465][ T8121] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 673.258692][ T8121] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 673.298678][ T8121] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 677.928706][ T8121] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 677.981512][ T8121] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 678.057214][ T8121] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 678.092489][ T8121] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 678.190884][ T8121] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 678.225074][ T8121] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 678.238915][ T8121] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 678.247657][ T8121] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 678.333786][ T8153] veth0_vlan: entered promiscuous mode [ 684.233194][ T8153] veth1_vlan: entered promiscuous mode [ 684.498230][ T6802] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 684.559157][ T6802] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 684.679502][ T8153] veth0_macvtap: entered promiscuous mode [ 684.712777][ T29] audit: type=1400 audit(1726327833.592:688): avc: denied { ioctl } for pid=8477 comm="syz.2.510" path="socket:[30783]" dev="sockfs" ino=30783 ioctlcmd=0x8922 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 684.717604][ T8480] syzkaller0: entered promiscuous mode [ 684.779364][ T8480] syzkaller0: entered allmulticast mode [ 685.027144][ T6139] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 685.028229][ T8153] veth1_macvtap: entered promiscuous mode [ 685.065705][ T6139] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 685.216537][ T5227] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 685.259647][ T5227] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 685.277672][ T5227] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 685.291996][ T5227] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 685.302649][ T5227] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 685.311606][ T5227] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 685.411827][ T29] audit: type=1326 audit(1726327834.282:689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8492 comm="syz.0.511" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f14b5b7def9 code=0x0 [ 685.477820][ T8153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 685.500177][ T8153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 685.510374][ T8153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 685.532341][ T8153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 685.549202][ T8153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 685.578991][ T8153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 685.598732][ T8153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 685.628696][ T8153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 685.666293][ T8153] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 685.843954][ T6667] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 685.974259][ T8153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 686.008595][ T8153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 686.018454][ T8153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 686.064595][ T8153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 686.092856][ T8153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 686.129316][ T8153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 686.146397][ T8512] __nla_validate_parse: 2 callbacks suppressed [ 686.146418][ T8512] netlink: 12 bytes leftover after parsing attributes in process `syz.1.515'. [ 686.154815][ T8153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 686.179619][ T8153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 686.222639][ T8153] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 686.410285][ T1273] ieee802154 phy0 wpan0: encryption failed: -22 [ 686.417731][ T1273] ieee802154 phy1 wpan1: encryption failed: -22 [ 686.436207][ T6667] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 686.603958][ T8527] fuse: Bad value for 'fd' [ 687.438037][ T5233] Bluetooth: hci3: command tx timeout [ 687.481133][ T8153] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 687.495612][ T8153] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 688.001605][ T8153] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 688.135469][ T8153] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 688.288199][ T8536] pimreg: entered allmulticast mode [ 688.681388][ T6667] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 689.316833][ T8542] Process accounting resumed [ 689.373583][ T8542] kernel write not supported for file /asound/timers (pid: 8542 comm: syz.1.520) [ 689.438153][ T6667] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 689.508742][ T5233] Bluetooth: hci3: command tx timeout [ 689.610378][ T8536] dvmrp1: entered allmulticast mode [ 689.629239][ T29] audit: type=1400 audit(1726327838.512:690): avc: denied { bind } for pid=8553 comm="syz.1.523" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 689.757271][ T29] audit: type=1400 audit(1726327838.512:691): avc: denied { name_bind } for pid=8553 comm="syz.1.523" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1 [ 689.795393][ T29] audit: type=1400 audit(1726327838.512:692): avc: denied { node_bind } for pid=8553 comm="syz.1.523" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=dccp_socket permissive=1 [ 689.891560][ T29] audit: type=1400 audit(1726327838.572:693): avc: denied { listen } for pid=8553 comm="syz.1.523" lport=20000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 689.960576][ T29] audit: type=1400 audit(1726327838.612:694): avc: denied { setopt } for pid=8553 comm="syz.1.523" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 689.984501][ T8558] kernel write not supported for file /asound/timers (pid: 8558 comm: syz.1.523) [ 690.041743][ T29] audit: type=1400 audit(1726327838.612:695): avc: denied { connect } for pid=8553 comm="syz.1.523" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 690.062814][ T29] audit: type=1400 audit(1726327838.612:696): avc: denied { name_connect } for pid=8553 comm="syz.1.523" dest=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1 [ 690.085126][ T29] audit: type=1400 audit(1726327838.722:697): avc: denied { accept } for pid=8553 comm="syz.1.523" lport=20000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 690.106305][ T29] audit: type=1400 audit(1726327838.742:698): avc: denied { write } for pid=8553 comm="syz.1.523" laddr=::ffff:172.20.20.0 lport=20000 faddr=::ffff:172.20.20.10 fport=45360 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 690.226065][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 690.252699][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 690.323444][ T8571] kernel write not supported for file /asound/timers (pid: 8571 comm: syz.1.526) [ 690.510532][ T6667] bridge_slave_1: left allmulticast mode [ 690.528917][ T6667] bridge_slave_1: left promiscuous mode [ 690.529462][ T8579] fuse: Bad value for 'fd' [ 690.554782][ T6667] bridge0: port 2(bridge_slave_1) entered disabled state [ 691.102489][ T6667] bridge_slave_0: left allmulticast mode [ 691.108150][ T6667] bridge_slave_0: left promiscuous mode [ 691.157503][ T6667] bridge0: port 1(bridge_slave_0) entered disabled state [ 691.257284][ T8577] kernel write not supported for file /asound/timers (pid: 8577 comm: syz.1.527) [ 691.320070][ T5233] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201' [ 691.330945][ T5233] CPU: 1 UID: 0 PID: 5233 Comm: kworker/u9:4 Not tainted 6.11.0-rc7-syzkaller-00135-gb7718454f937 #0 [ 691.341826][ T5233] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 691.351903][ T5233] Workqueue: hci0 hci_rx_work [ 691.356612][ T5233] Call Trace: [ 691.359894][ T5233] [ 691.362826][ T5233] dump_stack_lvl+0x16c/0x1f0 [ 691.367520][ T5233] sysfs_warn_dup+0x7f/0xa0 [ 691.372040][ T5233] sysfs_create_dir_ns+0x24d/0x2b0 [ 691.377169][ T5233] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 691.382816][ T5233] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 691.388200][ T5233] ? do_raw_spin_unlock+0x172/0x230 [ 691.393410][ T5233] kobject_add_internal+0x2c8/0x990 [ 691.398629][ T5233] kobject_add+0x16f/0x240 [ 691.403063][ T5233] ? __pfx_kobject_add+0x10/0x10 [ 691.408025][ T5233] ? do_raw_spin_unlock+0x172/0x230 [ 691.413234][ T5233] ? kobject_put+0xab/0x5a0 [ 691.417759][ T5233] device_add+0x289/0x1a70 [ 691.422196][ T5233] ? __pfx_dev_set_name+0x10/0x10 [ 691.427229][ T5233] ? __pfx_device_add+0x10/0x10 [ 691.432098][ T5233] ? mgmt_send_event_skb+0x2f2/0x460 [ 691.437410][ T5233] hci_conn_add_sysfs+0x17e/0x230 [ 691.442468][ T5233] le_conn_complete_evt+0x1078/0x1d80 [ 691.448304][ T5233] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 691.454042][ T5233] ? trace_contention_end+0xea/0x140 [ 691.459348][ T5233] ? __mutex_lock+0x1a6/0x9c0 [ 691.464048][ T5233] hci_le_enh_conn_complete_evt+0x23d/0x380 [ 691.469961][ T5233] ? skb_pull_data+0x166/0x210 [ 691.474743][ T5233] hci_le_meta_evt+0x2e2/0x5d0 [ 691.479535][ T5233] ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10 [ 691.485979][ T5233] hci_event_packet+0x666/0x1180 [ 691.490933][ T5233] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 691.496236][ T5233] ? __pfx_hci_event_packet+0x10/0x10 [ 691.501620][ T5233] ? mark_held_locks+0x9f/0xe0 [ 691.506402][ T5233] ? kcov_remote_start+0x3cf/0x6e0 [ 691.511616][ T5233] ? lockdep_hardirqs_on+0x7c/0x110 [ 691.516837][ T5233] hci_rx_work+0x2c6/0x1610 [ 691.521379][ T5233] process_one_work+0x9c5/0x1b40 [ 691.526350][ T5233] ? __pfx_lock_acquire+0x10/0x10 [ 691.531389][ T5233] ? __pfx_process_one_work+0x10/0x10 [ 691.536788][ T5233] ? assign_work+0x1a0/0x250 [ 691.541404][ T5233] worker_thread+0x6c8/0xf00 [ 691.546035][ T5233] ? __kthread_parkme+0x148/0x220 [ 691.551083][ T5233] ? __pfx_worker_thread+0x10/0x10 [ 691.556215][ T5233] kthread+0x2c1/0x3a0 [ 691.560292][ T5233] ? _raw_spin_unlock_irq+0x23/0x50 [ 691.565508][ T5233] ? __pfx_kthread+0x10/0x10 [ 691.570108][ T5233] ret_from_fork+0x45/0x80 [ 691.574544][ T5233] ? __pfx_kthread+0x10/0x10 [ 691.579153][ T5233] ret_from_fork_asm+0x1a/0x30 [ 691.583963][ T5233] [ 691.592369][ T5233] kobject: kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 691.606513][ T5233] Bluetooth: hci0: failed to register connection device [ 691.616244][ T5233] Bluetooth: hci3: command tx timeout [ 691.956683][ T8585] netlink: 4 bytes leftover after parsing attributes in process `syz.2.528'. [ 692.987821][ T8600] kernel write not supported for file /asound/timers (pid: 8600 comm: syz.1.529) [ 693.483309][ T6667] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 693.524463][ T6667] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 693.555664][ T6667] bond0 (unregistering): Released all slaves [ 693.668818][ T5227] Bluetooth: hci3: command tx timeout [ 693.674228][ T5233] Bluetooth: hci0: command tx timeout [ 693.920278][ T6151] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 693.965659][ T6151] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 694.257280][ T8488] chnl_net:caif_netlink_parms(): no params data found [ 694.390247][ T8609] 9pnet_virtio: no channels available for device syz [ 694.555943][ T8602] kernel write not supported for file /asound/timers (pid: 8602 comm: syz.1.531) [ 694.819754][ T8613] netlink: 24 bytes leftover after parsing attributes in process `syz.0.533'. [ 695.013018][ T8622] kernel write not supported for file /asound/timers (pid: 8622 comm: syz.1.535) [ 695.126905][ T6667] hsr_slave_0: left promiscuous mode [ 695.133478][ T6667] hsr_slave_1: left promiscuous mode [ 695.140461][ T6667] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 695.147861][ T6667] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 695.167640][ T6667] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 695.181339][ T6667] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 695.198944][ T5279] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 695.276092][ T6667] veth1_macvtap: left promiscuous mode [ 695.310315][ T6667] veth0_macvtap: left promiscuous mode [ 695.347479][ T6667] veth1_vlan: left promiscuous mode [ 695.363626][ T6667] veth0_vlan: left promiscuous mode [ 695.468692][ T5279] usb 4-1: Using ep0 maxpacket: 16 [ 695.505200][ T5279] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 695.532749][ T5279] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 695.593872][ T5279] usb 4-1: New USB device found, idVendor=056e, idProduct=00fc, bcdDevice= 0.00 [ 695.639234][ T5279] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 695.744852][ T5279] usb 4-1: config 0 descriptor?? [ 695.977807][ T8610] rtc_cmos 00:00: Alarms can be up to one day in the future [ 696.059111][ T5277] rtc_cmos 00:00: Alarms can be up to one day in the future [ 696.105982][ T5277] rtc_cmos 00:00: Alarms can be up to one day in the future [ 696.145554][ T5277] rtc_cmos 00:00: Alarms can be up to one day in the future [ 696.164564][ T5277] rtc_cmos 00:00: Alarms can be up to one day in the future [ 696.201935][ T5277] rtc rtc0: __rtc_set_alarm: err=-22 [ 696.511574][ T8645] fuse: Bad value for 'fd' [ 697.403941][ T29] audit: type=1400 audit(1726327846.282:699): avc: denied { shutdown } for pid=8647 comm="syz.0.538" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 697.610743][ T8649] libceph: resolve '. [ 697.610743][ T8649] #)|.fǝa2sow?'%ЏKAqfCzeSb3L)HyoǤYMhE$ [ 697.610743][ T8649] ' (ret=-3): failed [ 697.861980][ T8649] No control pipe specified [ 698.603718][ T6667] team0 (unregistering): Port device team_slave_1 removed [ 698.646714][ T8642] kernel write not supported for file /asound/timers (pid: 8642 comm: syz.1.536) [ 698.723956][ T6667] team0 (unregistering): Port device team_slave_0 removed [ 699.902152][ T8634] kernel write not supported for file /asound/timers (pid: 8634 comm: syz.1.536) [ 699.998857][ T8488] bridge0: port 1(bridge_slave_0) entered blocking state [ 700.028715][ T8488] bridge0: port 1(bridge_slave_0) entered disabled state [ 700.052281][ T8488] bridge_slave_0: entered allmulticast mode [ 700.135561][ T8488] bridge_slave_0: entered promiscuous mode [ 700.232903][ T5279] usbhid 4-1:0.0: can't add hid device: -71 [ 700.279016][ T8488] bridge0: port 2(bridge_slave_1) entered blocking state [ 700.286216][ T8488] bridge0: port 2(bridge_slave_1) entered disabled state [ 700.293586][ T5279] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 700.319844][ T5279] usb 4-1: USB disconnect, device number 3 [ 700.326018][ T8488] bridge_slave_1: entered allmulticast mode [ 700.389839][ T8488] bridge_slave_1: entered promiscuous mode [ 700.679471][ T8665] netlink: 36 bytes leftover after parsing attributes in process `syz.2.541'. [ 700.746776][ T8488] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 700.793188][ T8488] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 701.103402][ T8671] netlink: 4 bytes leftover after parsing attributes in process `syz.3.543'. [ 701.339422][ T8673] netlink: 24 bytes leftover after parsing attributes in process `syz.3.543'. [ 701.574136][ T8488] team0: Port device team_slave_0 added [ 701.694180][ T8488] team0: Port device team_slave_1 added [ 701.825295][ T8662] kernel write not supported for file /asound/timers (pid: 8662 comm: syz.1.540) [ 702.013979][ T8488] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 702.062837][ T8488] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 702.097921][ T8690] netlink: 4 bytes leftover after parsing attributes in process `syz.0.544'. [ 702.135233][ T8691] fuse: Bad value for 'fd' [ 702.226261][ T8488] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 702.690942][ T8700] 9pnet_virtio: no channels available for device syz [ 702.702745][ T8488] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 702.750716][ T8687] kernel write not supported for file /asound/timers (pid: 8687 comm: syz.1.546) [ 702.760282][ T8488] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 702.828616][ T8488] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 703.155195][ T8488] hsr_slave_0: entered promiscuous mode [ 703.199289][ T8488] hsr_slave_1: entered promiscuous mode [ 703.241220][ T8488] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 703.266678][ T8488] Cannot create hsr debugfs directory [ 703.273756][ T29] audit: type=1400 audit(1726327852.152:700): avc: denied { connect } for pid=8709 comm="syz.3.551" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 704.017915][ T8710] kernel write not supported for file /asound/timers (pid: 8710 comm: syz.1.550) [ 704.029225][ T8] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 704.260215][ T29] audit: type=1400 audit(1726327853.132:701): avc: denied { ioctl } for pid=8734 comm="syz.1.555" path="/dev/fuse" dev="devtmpfs" ino=99 ioctlcmd=0x942c scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [ 704.301101][ T8] usb 1-1: too many configurations: 9, using maximum allowed: 8 [ 704.317949][ T8] usb 1-1: config 0 has an invalid descriptor of length 207, skipping remainder of the config [ 704.346826][ T8] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 704.390858][ T8] usb 1-1: config 0 has an invalid descriptor of length 207, skipping remainder of the config [ 704.423515][ T8] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 704.481286][ T8] usb 1-1: config 0 has an invalid descriptor of length 207, skipping remainder of the config [ 704.555169][ T8] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 704.656836][ T8] usb 1-1: config 0 has an invalid descriptor of length 207, skipping remainder of the config [ 704.703595][ T8] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 704.724716][ T8] usb 1-1: config 0 has an invalid descriptor of length 207, skipping remainder of the config [ 704.744735][ T8] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 704.793026][ T8] usb 1-1: config 0 has an invalid descriptor of length 207, skipping remainder of the config [ 704.810526][ T8] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 704.852184][ T8] usb 1-1: config 0 has an invalid descriptor of length 207, skipping remainder of the config [ 704.870581][ T8] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 704.951953][ T8] usb 1-1: config 0 has an invalid descriptor of length 207, skipping remainder of the config [ 704.997531][ T8] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 705.026999][ T8] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 705.068595][ T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 705.102656][ T8736] kernel write not supported for file /asound/timers (pid: 8736 comm: syz.1.555) [ 705.241424][ T8] usb 1-1: config 0 descriptor?? [ 705.456915][ T8759] kernel write not supported for file /asound/timers (pid: 8759 comm: syz.1.559) [ 705.479585][ T8488] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 705.521557][ T8488] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 705.578327][ T8488] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 705.636826][ T8488] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 707.621179][ T8767] kernel write not supported for file /asound/timers (pid: 8767 comm: syz.1.561) [ 707.842313][ T5315] usb 1-1: USB disconnect, device number 14 [ 708.378059][ T8488] 8021q: adding VLAN 0 to HW filter on device bond0 [ 708.665844][ T8788] netlink: 180 bytes leftover after parsing attributes in process `syz.0.565'. [ 708.729851][ T8788] netlink: 24 bytes leftover after parsing attributes in process `syz.0.565'. [ 708.872836][ T8488] 8021q: adding VLAN 0 to HW filter on device team0 [ 708.945950][ T6667] bridge0: port 1(bridge_slave_0) entered blocking state [ 708.953464][ T6667] bridge0: port 1(bridge_slave_0) entered forwarding state [ 709.044418][ T6667] bridge0: port 2(bridge_slave_1) entered blocking state [ 709.051589][ T6667] bridge0: port 2(bridge_slave_1) entered forwarding state [ 709.385735][ T8772] kernel write not supported for file /asound/timers (pid: 8772 comm: syz.1.562) [ 711.582288][ T29] audit: type=1400 audit(1726327860.442:702): avc: denied { open } for pid=8825 comm="syz.3.572" path="/dev/ptyqa" dev="devtmpfs" ino=131 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1 [ 711.616901][ T8488] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 711.757253][ T29] audit: type=1326 audit(1726327860.572:703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8825 comm="syz.3.572" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa83ab7def9 code=0x0 [ 712.476203][ T8488] veth0_vlan: entered promiscuous mode [ 712.588131][ T8488] veth1_vlan: entered promiscuous mode [ 712.703546][ T29] audit: type=1400 audit(1726327861.572:704): avc: denied { ioctl } for pid=8825 comm="syz.3.572" path="/dev/ptyqa" dev="devtmpfs" ino=131 ioctlcmd=0x5414 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1 [ 712.805686][ T8488] veth0_macvtap: entered promiscuous mode [ 712.874409][ T8488] veth1_macvtap: entered promiscuous mode [ 712.977385][ T8488] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 713.042338][ T8488] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 713.076847][ T29] audit: type=1326 audit(1726327861.952:705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8852 comm="syz.2.575" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa315f7def9 code=0x0 [ 713.120170][ T8488] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 713.189905][ T8488] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 713.258642][ T8488] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 713.321379][ T8488] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 713.397464][ T8799] kernel write not supported for file /asound/timers (pid: 8799 comm: syz.1.566) [ 713.421195][ T8488] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 713.452512][ T8488] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 713.494931][ T8488] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 713.614905][ T8488] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 713.712330][ T8488] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 713.732531][ T8488] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 713.820800][ T8488] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 713.841505][ T8488] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 713.858598][ T8488] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 713.931336][ T8488] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 714.022383][ T8488] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 714.108181][ T8488] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 714.317762][ T8488] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 714.382476][ T29] audit: type=1400 audit(1726327863.262:706): avc: denied { read } for pid=8872 comm="syz.0.577" name="uinput" dev="devtmpfs" ino=837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 714.444660][ T8873] input: syz0 as /devices/virtual/input/input6 [ 714.459498][ T8488] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 714.468236][ T8488] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 714.505289][ T8867] kernel write not supported for file /asound/timers (pid: 8867 comm: syz.1.576) [ 714.541045][ T29] audit: type=1400 audit(1726327863.292:707): avc: denied { open } for pid=8872 comm="syz.0.577" path="/dev/uinput" dev="devtmpfs" ino=837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 714.592702][ T29] audit: type=1400 audit(1726327863.302:708): avc: denied { ioctl } for pid=8872 comm="syz.0.577" path="/dev/uinput" dev="devtmpfs" ino=837 ioctlcmd=0x5503 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 714.654968][ T8488] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 714.733621][ T29] audit: type=1400 audit(1726327863.602:709): avc: denied { watch watch_reads } for pid=8877 comm="syz.1.578" path=2F6D656D66643A791035FBF77583253A72C2B978A471C1EA5F8C5A37E7619B11780EA1CF1A985337C9202864656C6574656429 dev="tmpfs" ino=44 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 715.744132][ T6139] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 715.789607][ T6139] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 715.885842][ T8880] kernel write not supported for file /asound/timers (pid: 8880 comm: syz.1.578) [ 716.388648][ T6667] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 716.573727][ T6667] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 717.240543][ T5233] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201' [ 717.250673][ T5233] CPU: 1 UID: 0 PID: 5233 Comm: kworker/u9:4 Not tainted 6.11.0-rc7-syzkaller-00135-gb7718454f937 #0 [ 717.261560][ T5233] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 717.271652][ T5233] Workqueue: hci1 hci_rx_work [ 717.276384][ T5233] Call Trace: [ 717.279672][ T5233] [ 717.282588][ T5233] dump_stack_lvl+0x16c/0x1f0 [ 717.287258][ T5233] sysfs_warn_dup+0x7f/0xa0 [ 717.291758][ T5233] sysfs_create_dir_ns+0x24d/0x2b0 [ 717.297125][ T5233] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 717.302750][ T5233] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 717.308115][ T5233] ? do_raw_spin_unlock+0x172/0x230 [ 717.313308][ T5233] kobject_add_internal+0x2c8/0x990 [ 717.318505][ T5233] kobject_add+0x16f/0x240 [ 717.322921][ T5233] ? __pfx_kobject_add+0x10/0x10 [ 717.327850][ T5233] ? do_raw_spin_unlock+0x172/0x230 [ 717.333037][ T5233] ? kobject_put+0xab/0x5a0 [ 717.337537][ T5233] device_add+0x289/0x1a70 [ 717.341953][ T5233] ? __pfx_dev_set_name+0x10/0x10 [ 717.346967][ T5233] ? __pfx_device_add+0x10/0x10 [ 717.351813][ T5233] ? mgmt_send_event_skb+0x2f2/0x460 [ 717.357095][ T5233] hci_conn_add_sysfs+0x17e/0x230 [ 717.362122][ T5233] le_conn_complete_evt+0x1078/0x1d80 [ 717.367494][ T5233] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 717.373205][ T5233] ? trace_contention_end+0xea/0x140 [ 717.378500][ T5233] ? __mutex_lock+0x1a6/0x9c0 [ 717.383200][ T5233] hci_le_enh_conn_complete_evt+0x23d/0x380 [ 717.389103][ T5233] ? skb_pull_data+0x166/0x210 [ 717.393869][ T5233] hci_le_meta_evt+0x2e2/0x5d0 [ 717.398639][ T5233] ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10 [ 717.405055][ T5233] hci_event_packet+0x666/0x1180 [ 717.409993][ T5233] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 717.415281][ T5233] ? __pfx_hci_event_packet+0x10/0x10 [ 717.420646][ T5233] ? mark_held_locks+0x9f/0xe0 [ 717.425411][ T5233] ? kcov_remote_start+0x3cf/0x6e0 [ 717.430513][ T5233] ? lockdep_hardirqs_on+0x7c/0x110 [ 717.435716][ T5233] hci_rx_work+0x2c6/0x1610 [ 717.440231][ T5233] process_one_work+0x9c5/0x1b40 [ 717.445173][ T5233] ? __pfx_lock_acquire+0x10/0x10 [ 717.450194][ T5233] ? __pfx_process_one_work+0x10/0x10 [ 717.455574][ T5233] ? assign_work+0x1a0/0x250 [ 717.460163][ T5233] worker_thread+0x6c8/0xf00 [ 717.464756][ T5233] ? __kthread_parkme+0x148/0x220 [ 717.469774][ T5233] ? __pfx_worker_thread+0x10/0x10 [ 717.474903][ T5233] kthread+0x2c1/0x3a0 [ 717.478976][ T5233] ? _raw_spin_unlock_irq+0x23/0x50 [ 717.484199][ T5233] ? __pfx_kthread+0x10/0x10 [ 717.488788][ T5233] ret_from_fork+0x45/0x80 [ 717.493198][ T5233] ? __pfx_kthread+0x10/0x10 [ 717.497781][ T5233] ret_from_fork_asm+0x1a/0x30 [ 717.502549][ T5233] [ 717.521329][ T5233] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 717.537542][ T5233] Bluetooth: hci1: failed to register connection device [ 718.575371][ T29] audit: type=1400 audit(1726327867.442:710): avc: denied { shutdown } for pid=8907 comm="syz.2.583" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 719.054926][ T8890] kernel write not supported for file /asound/timers (pid: 8890 comm: syz.1.580) [ 719.407234][ T8921] Process accounting paused [ 719.590065][ T5233] Bluetooth: hci1: command tx timeout [ 720.888824][ T5233] Bluetooth: hci3: command 0x0405 tx timeout [ 724.437905][ T8946] netlink: 28 bytes leftover after parsing attributes in process `syz.1.591'. [ 730.782912][ T29] audit: type=1400 audit(1726327879.662:711): avc: denied { create } for pid=8990 comm="syz.2.606" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 730.986386][ T29] audit: type=1400 audit(1726327879.862:712): avc: denied { connect } for pid=8990 comm="syz.2.606" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 731.053950][ T29] audit: type=1400 audit(1726327879.892:713): avc: denied { create } for pid=8995 comm="syz.4.607" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1 [ 731.056644][ T9001] capability: warning: `syz.2.606' uses deprecated v2 capabilities in a way that may be insecure [ 731.177074][ T29] audit: type=1400 audit(1726327880.012:714): avc: denied { accept } for pid=8995 comm="syz.4.607" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1 [ 731.573764][ T9007] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 732.645318][ T29] audit: type=1400 audit(1726327881.522:715): avc: denied { execute_no_trans } for pid=9021 comm="syz.3.613" path="/18/file0" dev="tmpfs" ino=111 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 733.419773][ T5227] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection [ 734.916512][ T9045] netlink: 36 bytes leftover after parsing attributes in process `syz.2.618'. [ 735.035666][ T29] audit: type=1400 audit(1726327883.912:716): avc: denied { sqpoll } for pid=9033 comm="syz.1.616" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 736.914174][ T29] audit: type=1400 audit(1726327885.772:717): avc: denied { view } for pid=9076 comm="syz.4.628" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1 [ 738.511981][ T5227] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201' [ 738.521809][ T5227] CPU: 0 UID: 0 PID: 5227 Comm: kworker/u9:2 Not tainted 6.11.0-rc7-syzkaller-00135-gb7718454f937 #0 [ 738.532659][ T5227] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 738.542705][ T5227] Workqueue: hci2 hci_rx_work [ 738.547385][ T5227] Call Trace: [ 738.550658][ T5227] [ 738.553579][ T5227] dump_stack_lvl+0x16c/0x1f0 [ 738.558250][ T5227] sysfs_warn_dup+0x7f/0xa0 [ 738.562750][ T5227] sysfs_create_dir_ns+0x24d/0x2b0 [ 738.567854][ T5227] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 738.573483][ T5227] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 738.578855][ T5227] ? do_raw_spin_unlock+0x172/0x230 [ 738.584041][ T5227] kobject_add_internal+0x2c8/0x990 [ 738.589257][ T5227] kobject_add+0x16f/0x240 [ 738.593712][ T5227] ? __pfx_kobject_add+0x10/0x10 [ 738.598688][ T5227] ? do_raw_spin_unlock+0x172/0x230 [ 738.603921][ T5227] ? kobject_put+0xab/0x5a0 [ 738.608474][ T5227] device_add+0x289/0x1a70 [ 738.612917][ T5227] ? __pfx_dev_set_name+0x10/0x10 [ 738.617933][ T5227] ? __pfx_device_add+0x10/0x10 [ 738.622786][ T5227] ? mgmt_send_event_skb+0x2f2/0x460 [ 738.628078][ T5227] hci_conn_add_sysfs+0x17e/0x230 [ 738.633104][ T5227] le_conn_complete_evt+0x1078/0x1d80 [ 738.638478][ T5227] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 738.644197][ T5227] ? trace_contention_end+0xea/0x140 [ 738.649515][ T5227] ? __mutex_lock+0x1a6/0x9c0 [ 738.654201][ T5227] hci_le_enh_conn_complete_evt+0x23d/0x380 [ 738.660094][ T5227] ? skb_pull_data+0x166/0x210 [ 738.664860][ T5227] hci_le_meta_evt+0x2e2/0x5d0 [ 738.669624][ T5227] ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10 [ 738.676043][ T5227] hci_event_packet+0x666/0x1180 [ 738.680981][ T5227] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 738.686267][ T5227] ? __pfx_hci_event_packet+0x10/0x10 [ 738.691649][ T5227] ? mark_held_locks+0x9f/0xe0 [ 738.696414][ T5227] ? kcov_remote_start+0x3cf/0x6e0 [ 738.701519][ T5227] ? lockdep_hardirqs_on+0x7c/0x110 [ 738.706719][ T5227] hci_rx_work+0x2c6/0x1610 [ 738.711230][ T5227] process_one_work+0x9c5/0x1b40 [ 738.716177][ T5227] ? __pfx_lock_acquire+0x10/0x10 [ 738.721217][ T5227] ? __pfx_process_one_work+0x10/0x10 [ 738.726597][ T5227] ? assign_work+0x1a0/0x250 [ 738.731204][ T5227] worker_thread+0x6c8/0xf00 [ 738.735804][ T5227] ? __kthread_parkme+0x148/0x220 [ 738.740826][ T5227] ? __pfx_worker_thread+0x10/0x10 [ 738.745959][ T5227] kthread+0x2c1/0x3a0 [ 738.750021][ T5227] ? _raw_spin_unlock_irq+0x23/0x50 [ 738.755212][ T5227] ? __pfx_kthread+0x10/0x10 [ 738.759796][ T5227] ret_from_fork+0x45/0x80 [ 738.764212][ T5227] ? __pfx_kthread+0x10/0x10 [ 738.768793][ T5227] ret_from_fork_asm+0x1a/0x30 [ 738.773575][ T5227] [ 738.789167][ T5227] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 738.803684][ T5227] Bluetooth: hci2: failed to register connection device [ 740.659990][ T29] audit: type=1400 audit(1726327889.532:718): avc: denied { write } for pid=9100 comm="syz.4.634" name="msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 740.871200][ T5227] Bluetooth: hci2: command tx timeout [ 741.165624][ T9118] netlink: 36 bytes leftover after parsing attributes in process `syz.3.641'. [ 741.207302][ T9118] netlink: 16 bytes leftover after parsing attributes in process `syz.3.641'. [ 741.227996][ T9118] netlink: 36 bytes leftover after parsing attributes in process `syz.3.641'. [ 741.260095][ T9118] netlink: 36 bytes leftover after parsing attributes in process `syz.3.641'. [ 741.463449][ T9123] netlink: 4 bytes leftover after parsing attributes in process `syz.0.639'. [ 741.487797][ T29] audit: type=1326 audit(1726327890.362:719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9115 comm="syz.1.640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81b2d7def9 code=0x7ffc0000 [ 741.585722][ T29] audit: type=1326 audit(1726327890.402:720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9115 comm="syz.1.640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81b2d7def9 code=0x7ffc0000 [ 742.821982][ T29] audit: type=1326 audit(1726327891.702:721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9115 comm="syz.1.640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f81b2d7def9 code=0x7ffc0000 [ 743.033041][ T29] audit: type=1326 audit(1726327891.702:722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9115 comm="syz.1.640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81b2d7def9 code=0x7ffc0000 [ 743.138457][ T29] audit: type=1326 audit(1726327891.732:723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9115 comm="syz.1.640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81b2d7def9 code=0x7ffc0000 [ 744.152818][ T9141] pimreg: entered allmulticast mode [ 744.490137][ T9149] dvmrp1: entered allmulticast mode [ 744.682647][ T9155] fuse: Unknown parameter '0xffffffffffffffff' [ 744.769225][ T8] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 744.795474][ T5233] Bluetooth: hci8: command 0x0406 tx timeout [ 744.977931][ T9160] netlink: 36 bytes leftover after parsing attributes in process `syz.2.652'. [ 744.990393][ T8] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 745.010535][ T9160] netlink: 16 bytes leftover after parsing attributes in process `syz.2.652'. [ 745.024811][ T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 745.035820][ T9160] netlink: 36 bytes leftover after parsing attributes in process `syz.2.652'. [ 745.035876][ T9160] netlink: 36 bytes leftover after parsing attributes in process `syz.2.652'. [ 745.104684][ T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 745.118073][ T5233] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201' [ 745.208930][ T5233] CPU: 1 UID: 0 PID: 5233 Comm: kworker/u9:4 Not tainted 6.11.0-rc7-syzkaller-00135-gb7718454f937 #0 [ 745.219849][ T5233] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 745.229935][ T5233] Workqueue: hci3 hci_rx_work [ 745.234673][ T5233] Call Trace: [ 745.237972][ T5233] [ 745.240921][ T5233] dump_stack_lvl+0x16c/0x1f0 [ 745.245634][ T5233] sysfs_warn_dup+0x7f/0xa0 [ 745.250180][ T5233] sysfs_create_dir_ns+0x24d/0x2b0 [ 745.255335][ T5233] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 745.261009][ T5233] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 745.266416][ T5233] ? do_raw_spin_unlock+0x172/0x230 [ 745.271654][ T5233] kobject_add_internal+0x2c8/0x990 [ 745.276900][ T5233] kobject_add+0x16f/0x240 [ 745.281349][ T5233] ? __pfx_kobject_add+0x10/0x10 [ 745.286325][ T5233] ? do_raw_spin_unlock+0x172/0x230 [ 745.291554][ T5233] ? kobject_put+0xab/0x5a0 [ 745.296106][ T5233] device_add+0x289/0x1a70 [ 745.300566][ T5233] ? __pfx_dev_set_name+0x10/0x10 [ 745.305619][ T5233] ? __pfx_device_add+0x10/0x10 [ 745.310513][ T5233] ? mgmt_send_event_skb+0x2f2/0x460 [ 745.315849][ T5233] hci_conn_add_sysfs+0x17e/0x230 [ 745.320927][ T5233] le_conn_complete_evt+0x1078/0x1d80 [ 745.326357][ T5233] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 745.332123][ T5233] ? trace_contention_end+0xea/0x140 [ 745.337439][ T5233] ? __mutex_lock+0x1a6/0x9c0 [ 745.342123][ T5233] hci_le_enh_conn_complete_evt+0x23d/0x380 [ 745.348022][ T5233] ? skb_pull_data+0x166/0x210 [ 745.352786][ T5233] hci_le_meta_evt+0x2e2/0x5d0 [ 745.357556][ T5233] ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10 [ 745.363975][ T5233] hci_event_packet+0x666/0x1180 [ 745.368911][ T5233] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 745.374288][ T5233] ? __pfx_hci_event_packet+0x10/0x10 [ 745.379660][ T5233] ? mark_held_locks+0x9f/0xe0 [ 745.384425][ T5233] ? kcov_remote_start+0x3cf/0x6e0 [ 745.389527][ T5233] ? lockdep_hardirqs_on+0x7c/0x110 [ 745.394728][ T5233] hci_rx_work+0x2c6/0x1610 [ 745.399238][ T5233] process_one_work+0x9c5/0x1b40 [ 745.404186][ T5233] ? __pfx_lock_acquire+0x10/0x10 [ 745.409210][ T5233] ? __pfx_process_one_work+0x10/0x10 [ 745.414588][ T5233] ? assign_work+0x1a0/0x250 [ 745.419179][ T5233] worker_thread+0x6c8/0xf00 [ 745.423774][ T5233] ? __kthread_parkme+0x148/0x220 [ 745.428829][ T5233] ? __pfx_worker_thread+0x10/0x10 [ 745.433953][ T5233] kthread+0x2c1/0x3a0 [ 745.438073][ T5233] ? _raw_spin_unlock_irq+0x23/0x50 [ 745.443269][ T5233] ? __pfx_kthread+0x10/0x10 [ 745.447854][ T5233] ret_from_fork+0x45/0x80 [ 745.452278][ T5233] ? __pfx_kthread+0x10/0x10 [ 745.456861][ T5233] ret_from_fork_asm+0x1a/0x30 [ 745.461636][ T5233] [ 745.474344][ T5233] kobject: kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 745.488416][ T5233] Bluetooth: hci3: failed to register connection device [ 745.757698][ T8] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 745.860648][ T8] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 745.948641][ T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 745.973701][ T8] usb 2-1: config 0 descriptor?? [ 746.209935][ T29] audit: type=1326 audit(1726327895.092:724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9169 comm="syz.2.654" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa315f7def9 code=0x0 [ 746.488280][ T8] plantronics 0003:047F:FFFF.0001: No inputs registered, leaving [ 746.614135][ T8] plantronics 0003:047F:FFFF.0001: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 747.255232][ T29] audit: type=1326 audit(1726327896.132:725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9177 comm="syz.2.658" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa315f7def9 code=0x7ffc0000 [ 747.451100][ T25] usb 2-1: USB disconnect, device number 3 [ 747.470878][ T29] audit: type=1326 audit(1726327896.142:726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9177 comm="syz.2.658" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa315f7def9 code=0x7ffc0000 [ 747.531541][ T5233] Bluetooth: hci3: command 0x0405 tx timeout [ 747.661211][ T29] audit: type=1326 audit(1726327896.282:727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9177 comm="syz.2.658" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa315f7def9 code=0x7ffc0000 [ 747.804579][ T29] audit: type=1326 audit(1726327896.282:728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9177 comm="syz.2.658" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa315f7def9 code=0x7ffc0000 [ 747.851774][ T1273] ieee802154 phy0 wpan0: encryption failed: -22 [ 747.988761][ T1273] ieee802154 phy1 wpan1: encryption failed: -22 [ 748.085135][ T29] audit: type=1326 audit(1726327896.302:729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9177 comm="syz.2.658" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa315f7def9 code=0x7ffc0000 [ 748.211743][ T29] audit: type=1326 audit(1726327896.312:730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9177 comm="syz.2.658" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7fa315f7def9 code=0x7ffc0000 [ 748.377618][ T29] audit: type=1326 audit(1726327896.312:731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9177 comm="syz.2.658" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa315f7def9 code=0x7ffc0000 [ 748.415315][ T29] audit: type=1326 audit(1726327896.312:732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9177 comm="syz.2.658" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa315f7def9 code=0x7ffc0000 [ 748.578897][ T29] audit: type=1326 audit(1726327896.322:733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9177 comm="syz.2.658" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fa315f7def9 code=0x7ffc0000 [ 748.771531][ T29] audit: type=1326 audit(1726327896.322:734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9177 comm="syz.2.658" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa315f7def9 code=0x7ffc0000 [ 748.918379][ T29] audit: type=1326 audit(1726327896.322:735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9177 comm="syz.2.658" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa315f7def9 code=0x7ffc0000 [ 749.036783][ T29] audit: type=1326 audit(1726327896.352:736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9177 comm="syz.2.658" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa315f7c890 code=0x7ffc0000 [ 749.123090][ T29] audit: type=1326 audit(1726327896.352:737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9177 comm="syz.2.658" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa315f7def9 code=0x7ffc0000 [ 749.167178][ T9209] netlink: 8 bytes leftover after parsing attributes in process `syz.2.666'. [ 749.180981][ T9205] netlink: 36 bytes leftover after parsing attributes in process `syz.3.664'. [ 749.204313][ T29] audit: type=1326 audit(1726327896.352:738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9177 comm="syz.2.658" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa315f7def9 code=0x7ffc0000 [ 749.403404][ T9205] netlink: 16 bytes leftover after parsing attributes in process `syz.3.664'. [ 750.132210][ T9205] netlink: 36 bytes leftover after parsing attributes in process `syz.3.664'. [ 750.173962][ T9216] netlink: 36 bytes leftover after parsing attributes in process `syz.0.668'. [ 750.208920][ T9205] netlink: 36 bytes leftover after parsing attributes in process `syz.3.664'. [ 750.454335][ T9207] Process accounting resumed [ 750.454382][ T9207] kernel write not supported for file /asound/timers (pid: 9207 comm: syz.1.665) [ 750.671654][ T9228] syz.1.672 uses obsolete (PF_INET,SOCK_PACKET) [ 750.914040][ T9227] kernel write not supported for file /asound/timers (pid: 9227 comm: syz.1.672) [ 751.226753][ T5233] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection [ 752.331804][ T5279] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 752.454670][ T9251] netlink: 36 bytes leftover after parsing attributes in process `syz.0.681'. [ 752.464466][ T9251] netlink: 16 bytes leftover after parsing attributes in process `syz.0.681'. [ 752.481976][ T9251] netlink: 36 bytes leftover after parsing attributes in process `syz.0.681'. [ 752.538983][ T9251] netlink: 36 bytes leftover after parsing attributes in process `syz.0.681'. [ 752.588817][ T5279] usb 5-1: Using ep0 maxpacket: 16 [ 752.627460][ T5279] usb 5-1: config 1 has an invalid descriptor of length 252, skipping remainder of the config [ 752.713032][ T5279] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 752.793169][ T5279] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 752.833688][ T5279] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 753.027649][ T5279] usb 5-1: Product: syz [ 753.769822][ T5279] usb 5-1: Manufacturer: syz [ 753.794471][ T5279] usb 5-1: SerialNumber: syz [ 754.158199][ T9236] kernel write not supported for file /asound/timers (pid: 9236 comm: syz.1.675) [ 754.190976][ T29] kauditd_printk_skb: 26 callbacks suppressed [ 754.190995][ T29] audit: type=1400 audit(1726327903.072:765): avc: denied { ioctl } for pid=9246 comm="syz.4.679" path="mnt:[4026532924]" dev="nsfs" ino=4026532924 ioctlcmd=0xb708 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 754.377913][ T29] audit: type=1326 audit(1726327903.252:766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9267 comm="syz.3.688" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa83ab7def9 code=0x0 [ 754.505531][ T9263] syz.4.679: attempt to access beyond end of device [ 754.505531][ T9263] nbd4: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 754.814247][ T29] audit: type=1326 audit(1726327903.692:767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9275 comm="syz.2.689" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa315f7def9 code=0x0 [ 754.843336][ T9266] kernel write not supported for file /asound/timers (pid: 9266 comm: syz.1.686) [ 755.057888][ T29] audit: type=1400 audit(1726327903.932:768): avc: denied { mount } for pid=9270 comm="syz.0.687" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 755.097892][ T9279] kernel write not supported for file /asound/timers (pid: 9279 comm: syz.1.691) [ 755.970808][ T5279] usb 5-1: 0:2 : does not exist [ 756.019286][ T9286] netlink: 36 bytes leftover after parsing attributes in process `syz.3.693'. [ 756.059313][ T9286] netlink: 16 bytes leftover after parsing attributes in process `syz.3.693'. [ 756.068230][ T9286] netlink: 36 bytes leftover after parsing attributes in process `syz.3.693'. [ 756.156070][ T5279] usb 5-1: USB disconnect, device number 11 [ 756.166029][ T9286] netlink: 36 bytes leftover after parsing attributes in process `syz.3.693'. [ 756.233287][ T9283] kernel write not supported for file /asound/timers (pid: 9283 comm: syz.1.692) [ 756.996125][ T9151] udevd[9151]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 757.126824][ T29] audit: type=1326 audit(1726327906.002:769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9300 comm="syz.4.700" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f160b57def9 code=0x0 [ 757.149720][ T5233] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection [ 757.632287][ T9294] kernel write not supported for file /asound/timers (pid: 9294 comm: syz.1.696) [ 758.750779][ T9342] netlink: 36 bytes leftover after parsing attributes in process `syz.2.709'. [ 758.821386][ T9342] netlink: 16 bytes leftover after parsing attributes in process `syz.2.709'. [ 758.858412][ T9342] netlink: 36 bytes leftover after parsing attributes in process `syz.2.709'. [ 758.947118][ T9342] netlink: 36 bytes leftover after parsing attributes in process `syz.2.709'. [ 759.117396][ T29] audit: type=1326 audit(1726327907.992:770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9349 comm="syz.4.712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f160b57def9 code=0x7ffc0000 [ 759.314657][ T29] audit: type=1326 audit(1726327908.022:771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9349 comm="syz.4.712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f160b57def9 code=0x7ffc0000 [ 759.375515][ T9354] pimreg: entered allmulticast mode [ 759.404004][ T9354] dvmrp1: entered allmulticast mode [ 759.478855][ T9336] kernel write not supported for file /asound/timers (pid: 9336 comm: syz.1.706) [ 759.527614][ T29] audit: type=1326 audit(1726327908.022:772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9349 comm="syz.4.712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f160b57def9 code=0x7ffc0000 [ 759.635614][ T29] audit: type=1326 audit(1726327908.022:773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9349 comm="syz.4.712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f160b57def9 code=0x7ffc0000 [ 759.700549][ T29] audit: type=1326 audit(1726327908.022:774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9349 comm="syz.4.712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f160b57def9 code=0x7ffc0000 [ 759.778453][ T29] audit: type=1326 audit(1726327908.022:775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9349 comm="syz.4.712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f160b57def9 code=0x7ffc0000 [ 759.952520][ T29] audit: type=1326 audit(1726327908.022:776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9349 comm="syz.4.712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f160b57def9 code=0x7ffc0000 [ 760.149270][ T5233] Bluetooth: hci0: command 0x0406 tx timeout [ 760.157345][ T29] audit: type=1326 audit(1726327908.022:777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9349 comm="syz.4.712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f160b57def9 code=0x7ffc0000 [ 760.276159][ T29] audit: type=1326 audit(1726327908.022:778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9349 comm="syz.4.712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f160b57def9 code=0x7ffc0000 [ 760.657339][ T29] audit: type=1326 audit(1726327908.022:779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9349 comm="syz.4.712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f160b57def9 code=0x7ffc0000 [ 760.717784][ T29] audit: type=1326 audit(1726327908.032:780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9349 comm="syz.4.712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f160b57c890 code=0x7ffc0000 [ 761.189560][ T9373] libceph: resolve '. [ 761.189560][ T9373] #)|.fǝa2sow?'%ЏKAqfCzeSb3L)HyoǤYMhE$ [ 761.189560][ T9373] ' (ret=-3): failed [ 762.239082][ T9373] No control pipe specified [ 762.265586][ T9383] netlink: 36 bytes leftover after parsing attributes in process `syz.4.723'. [ 762.318492][ T9383] netlink: 16 bytes leftover after parsing attributes in process `syz.4.723'. [ 762.352129][ T9383] netlink: 36 bytes leftover after parsing attributes in process `syz.4.723'. [ 762.372994][ T9383] netlink: 36 bytes leftover after parsing attributes in process `syz.4.723'. [ 769.491834][ T9358] kernel write not supported for file /asound/timers (pid: 9358 comm: syz.1.714) [ 769.713320][ T9502] kernel write not supported for file /asound/timers (pid: 9502 comm: syz.1.767) [ 770.108850][ T9509] kernel write not supported for file /asound/timers (pid: 9509 comm: syz.1.770) [ 770.182539][ T29] kauditd_printk_skb: 25 callbacks suppressed [ 770.183944][ T29] audit: type=1326 audit(1726327919.032:806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9514 comm="syz.2.772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa315f7def9 code=0x7ffc0000 [ 770.257129][ T29] audit: type=1326 audit(1726327919.032:807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9514 comm="syz.2.772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa315f7def9 code=0x7ffc0000 [ 770.288626][ T29] audit: type=1326 audit(1726327919.042:808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9514 comm="syz.2.772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa315f7def9 code=0x7ffc0000 [ 770.315128][ T29] audit: type=1326 audit(1726327919.042:809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9514 comm="syz.2.772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa315f7def9 code=0x7ffc0000 [ 770.354121][ T29] audit: type=1326 audit(1726327919.042:810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9514 comm="syz.2.772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa315f7def9 code=0x7ffc0000 [ 770.398640][ T29] audit: type=1326 audit(1726327919.042:811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9514 comm="syz.2.772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7fa315f7def9 code=0x7ffc0000 [ 770.428902][ T29] audit: type=1326 audit(1726327919.042:812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9514 comm="syz.2.772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa315f7def9 code=0x7ffc0000 [ 770.462101][ T29] audit: type=1326 audit(1726327919.042:813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9514 comm="syz.2.772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fa315f7def9 code=0x7ffc0000 [ 770.525403][ T29] audit: type=1326 audit(1726327919.042:814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9514 comm="syz.2.772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa315f7def9 code=0x7ffc0000 [ 770.550930][ T29] audit: type=1326 audit(1726327919.042:815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9514 comm="syz.2.772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa315f7def9 code=0x7ffc0000 [ 770.687274][ T9521] trusted_key: encrypted_key: insufficient parameters specified [ 770.747865][ T9521] trusted_key: encrypted_key: insufficient parameters specified [ 771.265323][ T9518] kernel write not supported for file /asound/timers (pid: 9518 comm: syz.1.773) [ 771.372530][ T9524] kernel write not supported for file /asound/timers (pid: 9524 comm: syz.1.774) [ 772.700437][ T9526] kernel write not supported for file /asound/timers (pid: 9526 comm: syz.1.775) [ 772.916327][ T9537] kernel write not supported for file /asound/timers (pid: 9537 comm: syz.1.779) [ 773.267611][ T9545] kernel write not supported for file /asound/timers (pid: 9545 comm: syz.1.782) [ 773.743470][ T9553] kernel write not supported for file /asound/timers (pid: 9553 comm: syz.1.784) [ 773.987499][ T9562] kernel write not supported for file /asound/timers (pid: 9562 comm: syz.1.791) [ 774.774940][ T9582] warn_unsupported: 1 callbacks suppressed [ 774.774957][ T9582] kernel write not supported for file /asound/timers (pid: 9582 comm: syz.1.798) [ 775.513512][ T9547] Bluetooth: hci1: command 0x0406 tx timeout [ 775.520314][ T9547] Bluetooth: hci2: command 0x0406 tx timeout [ 775.563534][ T9595] kernel write not supported for file /asound/timers (pid: 9595 comm: syz.1.802) [ 776.180268][ T9602] kernel write not supported for file /asound/timers (pid: 9602 comm: syz.1.806) [ 777.594123][ T29] kauditd_printk_skb: 46 callbacks suppressed [ 777.594141][ T29] audit: type=1326 audit(1726327926.472:862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9632 comm="syz.3.815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa83ab7def9 code=0x7ffc0000 [ 777.689943][ T29] audit: type=1326 audit(1726327926.502:863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9632 comm="syz.3.815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa83ab7def9 code=0x7ffc0000 [ 777.884437][ T29] audit: type=1326 audit(1726327926.502:864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9632 comm="syz.3.815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa83ab7def9 code=0x7ffc0000 [ 777.913443][ T29] audit: type=1326 audit(1726327926.502:865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9632 comm="syz.3.815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa83ab7def9 code=0x7ffc0000 [ 777.938926][ T29] audit: type=1326 audit(1726327926.522:866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9632 comm="syz.3.815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7fa83ab7def9 code=0x7ffc0000 [ 778.149808][ T29] audit: type=1326 audit(1726327926.522:867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9632 comm="syz.3.815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa83ab7def9 code=0x7ffc0000 [ 778.307355][ T29] audit: type=1326 audit(1726327926.522:868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9632 comm="syz.3.815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa83ab7def9 code=0x7ffc0000 [ 778.489263][ T29] audit: type=1326 audit(1726327926.522:869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9632 comm="syz.3.815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fa83ab7def9 code=0x7ffc0000 [ 778.628660][ T5227] Bluetooth: hci3: command 0x0405 tx timeout [ 778.699870][ T29] audit: type=1326 audit(1726327926.522:870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9632 comm="syz.3.815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa83ab7def9 code=0x7ffc0000 [ 778.904495][ T29] audit: type=1326 audit(1726327926.522:871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9632 comm="syz.3.815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa83ab7def9 code=0x7ffc0000 [ 779.113743][ T9618] kernel write not supported for file /asound/timers (pid: 9618 comm: syz.1.811) [ 779.603854][ T9647] kernel write not supported for file /asound/timers (pid: 9647 comm: syz.1.820) [ 779.969875][ T9661] pimreg: entered allmulticast mode [ 780.017742][ T9661] dvmrp1: entered allmulticast mode [ 782.229025][ T9666] Process accounting paused [ 784.575625][ T29] kauditd_printk_skb: 19 callbacks suppressed [ 784.575644][ T29] audit: type=1400 audit(1726327933.432:891): avc: denied { read } for pid=9727 comm="syz.3.854" name="loop-control" dev="devtmpfs" ino=648 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 784.823869][ T29] audit: type=1400 audit(1726327933.432:892): avc: denied { open } for pid=9727 comm="syz.3.854" path="/dev/loop-control" dev="devtmpfs" ino=648 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 784.848735][ T29] audit: type=1400 audit(1726327933.432:893): avc: denied { ioctl } for pid=9727 comm="syz.3.854" path="/dev/loop-control" dev="devtmpfs" ino=648 ioctlcmd=0x4c81 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 784.928720][ T9740] capability: warning: `syz.2.855' uses 32-bit capabilities (legacy support in use) [ 787.101978][ T5227] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 787.118669][ T5227] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 787.127897][ T5227] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 787.147050][ T5227] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 787.156756][ T5227] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 787.164697][ T5227] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 787.330393][ T29] audit: type=1400 audit(1726327936.212:894): avc: denied { write } for pid=9764 comm="syz.3.865" name="urandom" dev="devtmpfs" ino=9 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:urandom_device_t tclass=chr_file permissive=1 [ 789.308768][ T5227] Bluetooth: hci4: command tx timeout [ 789.395521][ T9762] chnl_net:caif_netlink_parms(): no params data found [ 790.220023][ T9762] bridge0: port 1(bridge_slave_0) entered blocking state [ 791.046952][ T9762] bridge0: port 1(bridge_slave_0) entered disabled state [ 791.054538][ T9762] bridge_slave_0: entered allmulticast mode [ 791.062719][ T9762] bridge_slave_0: entered promiscuous mode [ 791.095183][ T9762] bridge0: port 2(bridge_slave_1) entered blocking state [ 791.178907][ T9762] bridge0: port 2(bridge_slave_1) entered disabled state [ 791.220669][ T9762] bridge_slave_1: entered allmulticast mode [ 791.262650][ T9762] bridge_slave_1: entered promiscuous mode [ 791.291519][ T9802] netlink: 'syz.3.876': attribute type 27 has an invalid length. [ 791.348920][ T5227] Bluetooth: hci4: command tx timeout [ 791.682288][ T9802] bridge0: port 2(bridge_slave_1) entered disabled state [ 791.689994][ T9802] bridge0: port 1(bridge_slave_0) entered disabled state [ 791.974632][ T9826] 9pnet_fd: Insufficient options for proto=fd [ 793.371533][ T9802] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 793.429027][ T5227] Bluetooth: hci4: command tx timeout [ 793.441992][ T9802] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 793.724460][ T9802] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 793.749870][ T9802] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 793.785171][ T9802] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 793.827999][ T9802] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 794.491699][ T9804] 8021q: adding VLAN 0 to HW filter on device bond0 [ 794.506300][ T9804] 8021q: adding VLAN 0 to HW filter on device team0 [ 794.533302][ T9804] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 794.754782][ T9762] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 794.815562][ T9762] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 794.961682][ T9762] team0: Port device team_slave_0 added [ 794.985193][ T9762] team0: Port device team_slave_1 added [ 795.134130][ T9762] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 795.158709][ T9821] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 795.163781][ T9762] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 795.166257][ T5278] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 795.202595][ T9762] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 795.220752][ T9762] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 795.227924][ T9762] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 795.288919][ T9762] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 795.422080][ T9821] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 795.438975][ T5278] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 795.471878][ T9821] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 795.488791][ T5278] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 795.507418][ T9821] usb 4-1: New USB device found, idVendor=04e7, idProduct=0030, bcdDevice= 0.00 [ 795.517208][ T5227] Bluetooth: hci4: command tx timeout [ 795.526322][ T5278] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 795.544742][ T9762] hsr_slave_0: entered promiscuous mode [ 795.548606][ T9821] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 795.558312][ T5278] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 795.578733][ T5278] usb 5-1: SerialNumber: syz [ 795.586498][ T9821] usb 4-1: config 0 descriptor?? [ 795.601757][ T9762] hsr_slave_1: entered promiscuous mode [ 795.638600][ T9762] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 795.666562][ T9762] Cannot create hsr debugfs directory [ 795.842462][ T5278] usb 5-1: 0:2 : does not exist [ 796.295732][ T9821] elo 0003:04E7:0030.0002: item fetching failed at offset 5/7 [ 796.338041][ T9821] elo 0003:04E7:0030.0002: parse failed [ 796.361518][ T9821] elo 0003:04E7:0030.0002: probe with driver elo failed with error -22 [ 796.509848][ T9821] usb 4-1: USB disconnect, device number 4 [ 796.585075][ T5278] usb 5-1: USB disconnect, device number 12 [ 796.723913][ T9762] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 796.921557][ T9762] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 797.134007][ T9762] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 798.406183][ T9762] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 799.177482][ T9762] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 799.204910][ T9762] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 799.243121][ T9762] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 799.283280][ T9762] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 799.772998][ T9762] 8021q: adding VLAN 0 to HW filter on device bond0 [ 799.874993][ T9762] 8021q: adding VLAN 0 to HW filter on device team0 [ 800.079955][ T6804] bridge0: port 1(bridge_slave_0) entered blocking state [ 800.087091][ T6804] bridge0: port 1(bridge_slave_0) entered forwarding state [ 800.165847][ T6804] bridge0: port 2(bridge_slave_1) entered blocking state [ 800.173023][ T6804] bridge0: port 2(bridge_slave_1) entered forwarding state [ 800.351579][ T29] audit: type=1400 audit(1726327949.232:895): avc: denied { write } for pid=9876 comm="syz.3.893" name="uinput" dev="devtmpfs" ino=837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 800.387425][ T9880] input: syz0 as /devices/virtual/input/input7 [ 801.048715][ T9813] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 801.223789][ T9762] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 801.275982][ T9813] usb 3-1: Using ep0 maxpacket: 8 [ 801.291881][ T9813] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 801.314012][ T9813] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 801.324798][ T9813] usb 3-1: New USB device found, idVendor=05ac, idProduct=0240, bcdDevice= 0.00 [ 801.336350][ T9813] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 801.363790][ T9813] usb 3-1: config 0 descriptor?? [ 801.412458][ T9762] veth0_vlan: entered promiscuous mode [ 801.495324][ T9762] veth1_vlan: entered promiscuous mode [ 801.682704][ T9762] veth0_macvtap: entered promiscuous mode [ 801.724098][ T9762] veth1_macvtap: entered promiscuous mode [ 801.800325][ T9762] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 801.811926][ T9762] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 801.822736][ T9762] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 801.834646][ T9762] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 801.846034][ T9762] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 801.861996][ T9762] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 801.889556][ T9813] apple 0003:05AC:0240.0003: hidraw0: USB HID v0.00 Device [HID 05ac:0240] on usb-dummy_hcd.2-1/input0 [ 801.910890][ T9762] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 801.922079][ T9762] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 801.962886][ T9762] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 802.029300][ T9762] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 802.049625][ T9762] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 802.104418][ T9817] usb 3-1: USB disconnect, device number 5 [ 802.106437][ T9762] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 802.129826][ T9762] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 802.159587][ T9762] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 802.181439][ T9762] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 802.211959][ T9762] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 802.256040][ T9762] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 802.271061][ T9762] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 802.304971][ T9762] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 802.317550][ T9762] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 802.333027][ T9762] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 802.343631][ T9762] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 802.620731][ T6804] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 802.660575][ T6804] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 802.767387][ T6139] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 802.823158][ T6139] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 804.156376][ T5233] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 804.179301][ T5233] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 804.189255][ T5233] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 804.202848][ T5233] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 804.237575][ T5233] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 804.245320][ T5233] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 804.653528][ T6151] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 804.855764][ T6151] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 805.079754][ T6151] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 805.329331][ T6151] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 806.308800][ T5233] Bluetooth: hci5: command tx timeout [ 807.781205][ T6151] bridge_slave_1: left allmulticast mode [ 807.786906][ T6151] bridge_slave_1: left promiscuous mode [ 807.920241][ T6151] bridge0: port 2(bridge_slave_1) entered disabled state [ 808.007170][ T6151] bridge_slave_0: left allmulticast mode [ 808.021037][ T6151] bridge_slave_0: left promiscuous mode [ 808.039465][ T6151] bridge0: port 1(bridge_slave_0) entered disabled state [ 808.398844][ T5233] Bluetooth: hci5: command tx timeout [ 809.276579][ T1273] ieee802154 phy0 wpan0: encryption failed: -22 [ 809.284971][ T1273] ieee802154 phy1 wpan1: encryption failed: -22 [ 810.470407][ T5227] Bluetooth: hci5: command tx timeout [ 810.581702][ T9547] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 810.595743][ T9547] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 810.605137][ T9547] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 810.645152][ T9547] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 810.665025][ T9547] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 810.681215][ T9547] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 810.859232][ T6151] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 810.908962][ T6151] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 810.923661][ T6151] bond0 (unregistering): Released all slaves [ 811.135521][ T9901] chnl_net:caif_netlink_parms(): no params data found [ 812.548711][ T5233] Bluetooth: hci5: command tx timeout [ 812.790822][ T5233] Bluetooth: hci1: command tx timeout [ 813.918894][ T9901] bridge0: port 1(bridge_slave_0) entered blocking state [ 813.926110][ T9901] bridge0: port 1(bridge_slave_0) entered disabled state [ 813.971019][ T9901] bridge_slave_0: entered allmulticast mode [ 813.999445][ T9901] bridge_slave_0: entered promiscuous mode [ 814.023174][ T9901] bridge0: port 2(bridge_slave_1) entered blocking state [ 814.051969][ T9901] bridge0: port 2(bridge_slave_1) entered disabled state [ 814.069286][ T9901] bridge_slave_1: entered allmulticast mode [ 814.095604][ T9901] bridge_slave_1: entered promiscuous mode [ 814.363761][ T9901] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 814.475123][ T6151] hsr_slave_0: left promiscuous mode [ 814.487799][ T6151] hsr_slave_1: left promiscuous mode [ 814.520588][ T6151] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 814.547574][ T6151] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 814.583827][ T6151] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 814.593402][ T6151] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 814.652227][ T6151] veth1_macvtap: left promiscuous mode [ 814.668826][ T6151] veth0_macvtap: left promiscuous mode [ 814.674650][ T6151] veth1_vlan: left promiscuous mode [ 814.688744][ T6151] veth0_vlan: left promiscuous mode [ 814.868815][ T5233] Bluetooth: hci1: command tx timeout [ 816.729860][ T6151] team0 (unregistering): Port device team_slave_1 removed [ 816.877589][ T6151] team0 (unregistering): Port device team_slave_0 removed [ 816.948684][ T5233] Bluetooth: hci1: command tx timeout [ 818.026398][ T29] audit: type=1400 audit(1726327966.842:896): avc: denied { setopt } for pid=10002 comm="syz.2.917" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 819.061068][ T5233] Bluetooth: hci1: command tx timeout [ 819.202167][T10010] binder: 10007:10010 ioctl 40046205 0 returned -22 [ 822.169357][ T9547] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 822.181259][ T9547] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 822.203321][ T9547] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 822.221047][ T9901] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 822.230745][ T9547] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 822.249281][ T9547] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 822.261026][ T9547] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 822.933167][ T9901] team0: Port device team_slave_0 added [ 822.996410][ T9943] chnl_net:caif_netlink_parms(): no params data found [ 823.073418][ T9901] team0: Port device team_slave_1 added [ 823.374711][ T9901] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 823.399048][ T9901] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 823.485081][ T9901] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 823.570973][ T9901] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 823.577961][ T9901] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 823.607256][ T9901] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 824.097075][ T9943] bridge0: port 1(bridge_slave_0) entered blocking state [ 824.119541][ T9943] bridge0: port 1(bridge_slave_0) entered disabled state [ 824.126818][ T9943] bridge_slave_0: entered allmulticast mode [ 824.189187][ T9943] bridge_slave_0: entered promiscuous mode [ 824.210773][ T9943] bridge0: port 2(bridge_slave_1) entered blocking state [ 824.228818][ T9943] bridge0: port 2(bridge_slave_1) entered disabled state [ 824.244369][ T9943] bridge_slave_1: entered allmulticast mode [ 824.269488][ T9943] bridge_slave_1: entered promiscuous mode [ 824.308717][ T9547] Bluetooth: hci2: command tx timeout [ 824.722628][ T9901] hsr_slave_0: entered promiscuous mode [ 824.770792][ T9901] hsr_slave_1: entered promiscuous mode [ 824.836271][ T9943] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 825.118415][ T9943] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 825.174353][T10019] chnl_net:caif_netlink_parms(): no params data found [ 825.675555][ T9943] team0: Port device team_slave_0 added [ 825.950589][ T9943] team0: Port device team_slave_1 added [ 826.388612][ T9547] Bluetooth: hci2: command tx timeout [ 828.119344][ T9943] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 828.138959][ T9943] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 828.254531][ T9943] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 828.298917][ T9943] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 828.311899][ T9943] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 828.346956][ T29] audit: type=1326 audit(1726327977.222:897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10075 comm="syz.0.927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f497fd7def9 code=0x7ffc0000 [ 828.420206][ T9943] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 828.478825][ T9547] Bluetooth: hci2: command tx timeout [ 828.488398][ T29] audit: type=1326 audit(1726327977.272:898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10075 comm="syz.0.927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f497fd7def9 code=0x7ffc0000 [ 828.518979][ T29] audit: type=1326 audit(1726327977.272:899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10075 comm="syz.0.927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f497fd7def9 code=0x7ffc0000 [ 828.573992][ T29] audit: type=1326 audit(1726327977.302:900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10075 comm="syz.0.927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f497fd7def9 code=0x7ffc0000 [ 828.628600][ T29] audit: type=1326 audit(1726327977.302:901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10075 comm="syz.0.927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f497fd7def9 code=0x7ffc0000 [ 828.725163][ T29] audit: type=1326 audit(1726327977.302:902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10075 comm="syz.0.927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f497fd7def9 code=0x7ffc0000 [ 828.783368][ T29] audit: type=1326 audit(1726327977.302:903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10075 comm="syz.0.927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f497fd7def9 code=0x7ffc0000 [ 828.899221][ T29] audit: type=1326 audit(1726327977.302:904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10075 comm="syz.0.927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f497fd7def9 code=0x7ffc0000 [ 828.970762][ T29] audit: type=1326 audit(1726327977.302:905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10075 comm="syz.0.927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f497fd7def9 code=0x7ffc0000 [ 829.064633][ T29] audit: type=1326 audit(1726327977.302:906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10075 comm="syz.0.927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f497fd7c890 code=0x7ffc0000 [ 829.079000][ T9943] hsr_slave_0: entered promiscuous mode [ 829.150446][ T9943] hsr_slave_1: entered promiscuous mode [ 829.173842][ T9943] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 829.194452][ T9943] Cannot create hsr debugfs directory [ 829.280123][T10019] bridge0: port 1(bridge_slave_0) entered blocking state [ 829.306753][T10019] bridge0: port 1(bridge_slave_0) entered disabled state [ 829.347353][T10019] bridge_slave_0: entered allmulticast mode [ 829.371375][T10019] bridge_slave_0: entered promiscuous mode [ 829.408240][T10019] bridge0: port 2(bridge_slave_1) entered blocking state [ 829.425847][T10019] bridge0: port 2(bridge_slave_1) entered disabled state [ 829.446515][T10019] bridge_slave_1: entered allmulticast mode [ 829.467163][T10019] bridge_slave_1: entered promiscuous mode [ 830.165375][T10019] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 830.225420][T10019] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 830.549099][ T9547] Bluetooth: hci2: command tx timeout [ 831.112465][ T6151] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 831.372655][ T6151] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 831.416733][T10019] team0: Port device team_slave_0 added [ 831.483456][T10019] team0: Port device team_slave_1 added [ 831.746765][ T6151] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 832.002954][T10019] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 832.011169][T10019] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 832.047596][T10019] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 832.139143][ T6151] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 832.256826][T10019] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 832.284454][T10019] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 832.359595][T10019] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 832.715891][T10019] hsr_slave_0: entered promiscuous mode [ 832.730478][T10019] hsr_slave_1: entered promiscuous mode [ 832.747303][T10019] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 832.755682][T10019] Cannot create hsr debugfs directory [ 832.915272][ T9901] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 833.051275][ T9901] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 833.131462][ T9901] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 833.227328][ T9901] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 834.516675][ T6151] bridge_slave_1: left allmulticast mode [ 834.637504][ T6151] bridge_slave_1: left promiscuous mode [ 834.656822][ T6151] bridge0: port 2(bridge_slave_1) entered disabled state [ 835.559450][T10144] tty tty25: ldisc open failed (-12), clearing slot 24 [ 835.699343][ T6151] bridge_slave_0: left allmulticast mode [ 835.820740][ T6151] bridge_slave_0: left promiscuous mode [ 835.826482][ T6151] bridge0: port 1(bridge_slave_0) entered disabled state [ 835.874070][ T6151] bridge_slave_1: left allmulticast mode [ 835.902709][ T6151] bridge_slave_1: left promiscuous mode [ 835.908411][ T6151] bridge0: port 2(bridge_slave_1) entered disabled state [ 835.935863][T10148] netlink: 180 bytes leftover after parsing attributes in process `syz.0.938'. [ 835.961241][T10148] netlink: 24 bytes leftover after parsing attributes in process `syz.0.938'. [ 836.089446][ T6151] bridge_slave_0: left allmulticast mode [ 836.095292][ T6151] bridge_slave_0: left promiscuous mode [ 836.118922][ T6151] bridge0: port 1(bridge_slave_0) entered disabled state [ 839.549260][ T6151] dvmrp1 (unregistering): left allmulticast mode [ 839.679361][ T6151] dvmrp1 (unregistering): left allmulticast mode [ 840.217243][ T6151] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 840.235398][ T6151] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 840.251242][ T6151] bond0 (unregistering): Released all slaves [ 840.484915][ T6151] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 840.499677][ T6151] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 840.510730][ T6151] bond0 (unregistering): Released all slaves [ 842.682378][ T9943] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 842.726805][ T9943] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 842.998886][ T6151] hsr_slave_0: left promiscuous mode [ 843.018746][ T6151] hsr_slave_1: left promiscuous mode [ 843.068050][ T6151] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 843.093287][ T6151] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 843.203884][ T6151] hsr_slave_0: left promiscuous mode [ 843.314912][ T6151] hsr_slave_1: left promiscuous mode [ 843.374077][ T6151] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 843.388661][ T6151] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 843.406616][ T6151] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 843.423787][ T6151] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 843.479474][ T6151] veth1_macvtap: left promiscuous mode [ 843.485123][ T6151] veth0_macvtap: left promiscuous mode [ 843.491297][ T6151] veth1_vlan: left promiscuous mode [ 843.498058][ T6151] veth0_vlan: left promiscuous mode [ 843.950356][ T6151] pimreg (unregistering): left allmulticast mode [ 845.480062][T10201] netlink: 180 bytes leftover after parsing attributes in process `syz.0.948'. [ 845.509123][T10201] netlink: 24 bytes leftover after parsing attributes in process `syz.0.948'. [ 845.770472][ T6151] team0 (unregistering): Port device team_slave_1 removed [ 845.881825][ T6151] team0 (unregistering): Port device team_slave_0 removed [ 847.271686][ T6151] pimreg (unregistering): left allmulticast mode [ 848.164085][ T6151] team0 (unregistering): Port device team_slave_1 removed [ 848.237073][ T6151] team0 (unregistering): Port device team_slave_0 removed [ 849.446983][ T9943] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 849.575190][T10194] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 849.893251][ T9943] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 851.273489][ T9901] 8021q: adding VLAN 0 to HW filter on device bond0 [ 851.522840][ T9901] 8021q: adding VLAN 0 to HW filter on device team0 [ 851.596611][ T9943] 8021q: adding VLAN 0 to HW filter on device bond0 [ 851.662048][ T6804] bridge0: port 1(bridge_slave_0) entered blocking state [ 851.669277][ T6804] bridge0: port 1(bridge_slave_0) entered forwarding state [ 851.867023][ T6804] bridge0: port 2(bridge_slave_1) entered blocking state [ 851.874270][ T6804] bridge0: port 2(bridge_slave_1) entered forwarding state [ 851.943108][ T9943] 8021q: adding VLAN 0 to HW filter on device team0 [ 851.965795][T10227] netlink: 'syz.0.954': attribute type 14 has an invalid length. [ 852.220914][ T6139] bridge0: port 1(bridge_slave_0) entered blocking state [ 852.228110][ T6139] bridge0: port 1(bridge_slave_0) entered forwarding state [ 852.325850][T10019] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 852.404063][T10019] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 852.455595][ T6810] bridge0: port 2(bridge_slave_1) entered blocking state [ 852.462854][ T6810] bridge0: port 2(bridge_slave_1) entered forwarding state [ 852.612124][T10019] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 852.670414][T10019] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 852.849391][ T25] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 853.072889][ T25] usb 1-1: too many configurations: 9, using maximum allowed: 8 [ 853.119456][ T25] usb 1-1: config 0 has an invalid descriptor of length 207, skipping remainder of the config [ 853.149072][ T25] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 853.202961][ T25] usb 1-1: config 0 has an invalid descriptor of length 207, skipping remainder of the config [ 853.228692][ T25] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 853.285028][ T25] usb 1-1: config 0 has an invalid descriptor of length 207, skipping remainder of the config [ 853.320214][ T25] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 853.360835][ T25] usb 1-1: config 0 has an invalid descriptor of length 207, skipping remainder of the config [ 853.388391][ T25] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 853.421095][ T25] usb 1-1: config 0 has an invalid descriptor of length 207, skipping remainder of the config [ 853.457888][ T25] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 853.502047][ T25] usb 1-1: config 0 has an invalid descriptor of length 207, skipping remainder of the config [ 853.540750][ T25] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 853.566251][ T6151] bridge_slave_1: left allmulticast mode [ 853.571584][ T25] usb 1-1: config 0 has an invalid descriptor of length 207, skipping remainder of the config [ 853.585524][ T6151] bridge_slave_1: left promiscuous mode [ 853.618948][ T6151] bridge0: port 2(bridge_slave_1) entered disabled state [ 853.626766][ T25] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 853.647115][ T6151] bridge_slave_0: left allmulticast mode [ 853.659360][ T25] usb 1-1: config 0 has an invalid descriptor of length 207, skipping remainder of the config [ 853.680270][ T6151] bridge_slave_0: left promiscuous mode [ 853.686140][ T6151] bridge0: port 1(bridge_slave_0) entered disabled state [ 853.696700][ T25] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 853.718886][ T25] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 853.749924][ T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 853.783928][ T25] usb 1-1: config 0 descriptor?? [ 854.473528][ T6151] dvmrp1 (unregistering): left allmulticast mode [ 854.764348][T10274] binder_alloc: 10271: binder_alloc_buf, no vma [ 855.377126][ T6151] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 855.414574][ T6151] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 855.443549][ T6151] bond0 (unregistering): Released all slaves [ 855.505417][ T9813] usb 1-1: USB disconnect, device number 15 [ 855.666636][T10019] 8021q: adding VLAN 0 to HW filter on device bond0 [ 855.727113][ T9901] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 855.857542][T10019] 8021q: adding VLAN 0 to HW filter on device team0 [ 855.945462][ T29] kauditd_printk_skb: 17 callbacks suppressed [ 855.945482][ T29] audit: type=1400 audit(1726328004.822:924): avc: denied { create } for pid=10285 comm="syz.0.959" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 855.964590][ T9943] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 855.995436][ T29] audit: type=1400 audit(1726328004.832:925): avc: denied { unlink } for pid=10285 comm="syz.0.959" name="file0" dev="tmpfs" ino=130 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 856.066849][ T6810] bridge0: port 1(bridge_slave_0) entered blocking state [ 856.074106][ T6810] bridge0: port 1(bridge_slave_0) entered forwarding state [ 856.164430][ T6810] bridge0: port 2(bridge_slave_1) entered blocking state [ 856.171679][ T6810] bridge0: port 2(bridge_slave_1) entered forwarding state [ 856.869708][ T9901] veth0_vlan: entered promiscuous mode [ 857.103513][ T9901] veth1_vlan: entered promiscuous mode [ 857.299382][ T6151] hsr_slave_0: left promiscuous mode [ 857.315113][ T6151] hsr_slave_1: left promiscuous mode [ 857.350217][ T6151] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 857.379224][ T6151] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 857.398722][ T5278] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 857.427259][ T6151] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 857.447206][ T6151] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 857.514804][ T6151] veth1_macvtap: left promiscuous mode [ 857.529861][ T6151] veth0_macvtap: left promiscuous mode [ 857.535618][ T6151] veth1_vlan: left promiscuous mode [ 857.544159][ T6151] veth0_vlan: left promiscuous mode [ 857.610774][ T5278] usb 3-1: config 0 has an invalid interface number: 18 but max is 0 [ 857.621862][ T5278] usb 3-1: config 0 has no interface number 0 [ 857.628043][ T5278] usb 3-1: config 0 interface 18 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 857.655040][ T5278] usb 3-1: config 0 interface 18 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 857.692576][ T5278] usb 3-1: New USB device found, idVendor=054c, idProduct=03d5, bcdDevice= 0.10 [ 857.717496][ T5278] usb 3-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0 [ 857.734689][ T5278] usb 3-1: Manufacturer: syz [ 857.760580][ T5278] usb 3-1: config 0 descriptor?? [ 857.859237][ T6151] pimreg (unregistering): left allmulticast mode [ 858.662128][ T5278] input: syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.18/0003:054C:03D5.0004/input/input8 [ 858.695860][ T5278] sony 0003:054C:03D5.0004: input,hidraw0: USB HID v0.00 Joystick [syz] on usb-dummy_hcd.2-1/input18 [ 858.723355][ T5278] usb 3-1: USB disconnect, device number 6 [ 859.158376][ T6151] team0 (unregistering): Port device team_slave_1 removed [ 859.253226][ T6151] team0 (unregistering): Port device team_slave_0 removed [ 859.581918][ T5278] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 859.787096][ T5278] usb 1-1: too many configurations: 9, using maximum allowed: 8 [ 859.796861][ T5278] usb 1-1: config 0 has an invalid descriptor of length 207, skipping remainder of the config [ 859.811333][ T5278] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 859.823351][ T5278] usb 1-1: config 0 has an invalid descriptor of length 207, skipping remainder of the config [ 859.833870][ T5278] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 859.844601][ T5278] usb 1-1: config 0 has an invalid descriptor of length 207, skipping remainder of the config [ 859.855000][ T5278] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 859.865725][ T5278] usb 1-1: config 0 has an invalid descriptor of length 207, skipping remainder of the config [ 859.876561][ T5278] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 859.887696][ T5278] usb 1-1: config 0 has an invalid descriptor of length 207, skipping remainder of the config [ 859.898224][ T5278] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 859.915610][ T5278] usb 1-1: config 0 has an invalid descriptor of length 207, skipping remainder of the config [ 859.940174][ T5278] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 859.951081][ T5278] usb 1-1: config 0 has an invalid descriptor of length 207, skipping remainder of the config [ 859.961470][ T5278] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 859.972158][ T5278] usb 1-1: config 0 has an invalid descriptor of length 207, skipping remainder of the config [ 859.982683][ T5278] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 859.991766][ T5278] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 860.000882][ T5278] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 860.013287][ T5278] usb 1-1: config 0 descriptor?? [ 860.284046][ T9901] veth0_macvtap: entered promiscuous mode [ 860.382652][ T9901] veth1_macvtap: entered promiscuous mode [ 860.439699][ T9943] veth0_vlan: entered promiscuous mode [ 860.501595][T10339] 9pnet: p9_errstr2errno: server reported unknown error @΂(00000000000000000005 [ 860.501993][ T9943] veth1_vlan: entered promiscuous mode [ 860.555929][ T9901] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 860.588603][ T9901] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 860.612917][ T9901] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 860.655187][ T9901] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 860.681877][ T9901] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 860.772794][ T9901] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 860.791311][ T9901] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 860.814746][ T9901] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 860.830723][ T9901] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 860.847092][ T9901] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 860.911164][T10019] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 860.936687][ T9901] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 860.978627][ T9901] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 861.026042][ T9901] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 861.053196][ T9901] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 861.204746][ T9943] veth0_macvtap: entered promiscuous mode [ 861.277275][ T9943] veth1_macvtap: entered promiscuous mode [ 861.506566][T10019] veth0_vlan: entered promiscuous mode [ 861.598177][ T6151] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 861.607543][ T9943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 861.645516][ T9943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 861.645851][ T6151] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 861.668886][ T9943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 861.700277][ T9943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 861.725947][ T9943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 861.756120][ T9943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 861.796063][ T9943] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 861.856268][T10019] veth1_vlan: entered promiscuous mode [ 861.872536][ T9943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 861.908952][ T9943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 861.937935][ T9943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 861.958575][ T9943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 861.977753][ T9943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 862.008042][ T9943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 862.032167][ T9943] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 862.093836][ T9943] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 862.114369][ T9943] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 862.125627][ T9943] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 862.139920][ T9943] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 862.161690][ T6139] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 862.226298][ T6139] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 862.320025][T10019] veth0_macvtap: entered promiscuous mode [ 862.352889][T10019] veth1_macvtap: entered promiscuous mode [ 862.377509][T10019] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 862.388112][T10019] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 862.400967][T10019] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 862.498922][T10019] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 862.547902][T10019] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 862.612684][ T25] usb 1-1: USB disconnect, device number 16 [ 862.623489][T10019] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 862.680058][T10019] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 862.737081][T10019] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 862.850029][T10019] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 862.917533][T10019] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 862.962494][T10019] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 862.978554][T10019] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 863.006854][T10019] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 863.023727][T10019] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 863.052423][T10019] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 863.072520][T10019] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 863.108549][T10019] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 863.130802][T10019] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 863.267265][T10019] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 863.318269][T10019] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 863.343578][T10019] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 863.366778][T10019] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 863.553228][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 863.606948][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 863.614794][ T25] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 863.769310][ T6151] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 863.794507][ T6151] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 863.813586][ T25] usb 3-1: Using ep0 maxpacket: 16 [ 863.828191][ T25] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 863.866280][ T25] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 863.887380][ T25] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 863.932660][ T25] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 863.959439][ T25] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 863.981293][ T6151] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 864.001613][ T25] usb 3-1: Product: syz [ 864.005823][ T25] usb 3-1: Manufacturer: syz [ 864.010686][ T6151] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 864.057643][ T25] usb 3-1: SerialNumber: syz [ 864.246853][ T6667] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 864.272137][ T6667] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 870.870517][ T1273] ieee802154 phy0 wpan0: encryption failed: -22 [ 871.083846][ T1273] ieee802154 phy1 wpan1: encryption failed: -22 [ 872.104527][ T25] usb 3-1: 2:1 : format type 0 is detected, processed as PCM [ 872.213359][ T25] usb 3-1: 2:1: cannot set freq 9338507 to ep 0x82 [ 872.499843][ T25] usb 3-1: USB disconnect, device number 7 [ 872.588609][ T6850] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 872.607897][ T9547] Bluetooth: hci8: ACL packet for unknown connection handle 200 [ 872.746488][T10327] udevd[10327]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 872.828768][ T6850] usb 2-1: Using ep0 maxpacket: 32 [ 872.842162][ T6850] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 872.888835][ T6850] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 872.895807][T10436] 9pnet: p9_errstr2errno: server reported unknown error @΂(QhQI00000000000000000005 [ 872.926005][ T6850] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 872.950324][ T6850] usb 2-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 872.974234][ T6850] usb 2-1: Product: syz [ 872.992398][ T6850] usb 2-1: Manufacturer: syz [ 873.018598][ T9837] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 873.052486][ T6850] hub 2-1:4.0: USB hub found [ 873.264112][ T9837] usb 4-1: too many configurations: 9, using maximum allowed: 8 [ 873.302524][ T9837] usb 4-1: config 0 has an invalid descriptor of length 207, skipping remainder of the config [ 873.322982][ T6850] hub 2-1:4.0: 2 ports detected [ 873.560961][ T9837] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 873.593205][ T9837] usb 4-1: config 0 has an invalid descriptor of length 207, skipping remainder of the config [ 873.615772][ T9837] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 873.629578][ T9837] usb 4-1: config 0 has an invalid descriptor of length 207, skipping remainder of the config [ 874.388574][ T9837] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 874.402543][ T9837] usb 4-1: config 0 has an invalid descriptor of length 207, skipping remainder of the config [ 874.413169][ T9837] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 874.424964][ T9837] usb 4-1: config 0 has an invalid descriptor of length 207, skipping remainder of the config [ 874.448615][ T9837] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 874.488048][ T9837] usb 4-1: config 0 has an invalid descriptor of length 207, skipping remainder of the config [ 874.539428][ T9837] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 874.578287][ T9837] usb 4-1: config 0 has an invalid descriptor of length 207, skipping remainder of the config [ 874.813815][ T6850] hub 2-1:4.0: hub_hub_status failed (err = -71) [ 874.831152][ T6850] hub 2-1:4.0: config failed, can't get hub status (err -71) [ 874.851336][ T9837] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 913.754014][ T5233] Bluetooth: hci4: command 0x0406 tx timeout [ 929.112967][ T5227] Bluetooth: hci5: command 0x0406 tx timeout [ 981.128431][ C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 981.135405][ C0] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P6139/1:b..l P10431/1:b..l P10424/1:b..l [ 981.146252][ C0] rcu: (detected by 0, t=10502 jiffies, g=88469, q=587 ncpus=2) [ 981.153953][ C0] task:syz.1.978 state:R running task stack:27856 pid:10424 tgid:10423 ppid:9901 flags:0x00004000 [ 981.166830][ C0] Call Trace: [ 981.170106][ C0] [ 981.173026][ C0] __schedule+0xe37/0x5490 [ 981.177446][ C0] ? __pfx___schedule+0x10/0x10 [ 981.182286][ C0] ? lock_acquire+0x1b1/0x560 [ 981.186962][ C0] ? preempt_schedule_thunk+0x1a/0x30 [ 981.192326][ C0] preempt_schedule_common+0x44/0xc0 [ 981.197603][ C0] preempt_schedule_thunk+0x1a/0x30 [ 981.202792][ C0] _raw_spin_unlock+0x3e/0x50 [ 981.207457][ C0] unmap_page_range+0x1ca6/0x3d30 [ 981.212485][ C0] ? __pfx_unmap_page_range+0x10/0x10 [ 981.217849][ C0] ? uprobe_munmap+0x20/0x5d0 [ 981.222519][ C0] unmap_single_vma+0x194/0x2b0 [ 981.227364][ C0] unmap_vmas+0x22f/0x490 [ 981.231688][ C0] ? __pfx_unmap_vmas+0x10/0x10 [ 981.236533][ C0] ? __pfx_lock_release+0x10/0x10 [ 981.241553][ C0] ? lru_add_drain_cpu+0x454/0x860 [ 981.246658][ C0] exit_mmap+0x1b8/0xb20 [ 981.250891][ C0] ? __pfx_exit_mmap+0x10/0x10 [ 981.255667][ C0] __mmput+0x12a/0x480 [ 981.259736][ C0] mmput+0x62/0x70 [ 981.263472][ C0] do_exit+0x9bf/0x2bb0 [ 981.267626][ C0] ? get_signal+0x8f2/0x2770 [ 981.272207][ C0] ? __pfx_do_exit+0x10/0x10 [ 981.276787][ C0] ? do_raw_spin_lock+0x12d/0x2c0 [ 981.281799][ C0] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 981.287182][ C0] do_group_exit+0xd3/0x2a0 [ 981.291680][ C0] get_signal+0x25fb/0x2770 [ 981.296171][ C0] ? lock_acquire+0x1b1/0x560 [ 981.300861][ C0] ? __pfx_get_signal+0x10/0x10 [ 981.305706][ C0] ? __pfx_do_futex+0x10/0x10 [ 981.310374][ C0] arch_do_signal_or_restart+0x90/0x7e0 [ 981.315907][ C0] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 981.322086][ C0] syscall_exit_to_user_mode+0x150/0x2a0 [ 981.327714][ C0] do_syscall_64+0xda/0x250 [ 981.332212][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 981.338091][ C0] RIP: 0033:0x7ff641d7def9 [ 981.342497][ C0] RSP: 002b:00007ff642bef0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 981.350895][ C0] RAX: fffffffffffffe00 RBX: 00007ff641f35f88 RCX: 00007ff641d7def9 [ 981.358851][ C0] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007ff641f35f88 [ 981.366810][ C0] RBP: 00007ff641f35f80 R08: 0000000000000000 R09: 0000000000000000 [ 981.374774][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff641f35f8c [ 981.382731][ C0] R13: 0000000000000000 R14: 00007ffc53bf0330 R15: 00007ffc53bf0418 [ 981.390699][ C0] [ 981.393704][ C0] task:syz.3.980 state:R running task stack:27856 pid:10431 tgid:10427 ppid:10019 flags:0x00004004 [ 981.405418][ C0] Call Trace: [ 981.408684][ C0] [ 981.411602][ C0] __schedule+0xe37/0x5490 [ 981.416033][ C0] ? hlock_class+0x4e/0x130 [ 981.420552][ C0] ? __pfx___schedule+0x10/0x10 [ 981.425415][ C0] ? find_held_lock+0x2d/0x110 [ 981.430179][ C0] ? preempt_schedule_thunk+0x1a/0x30 [ 981.435539][ C0] preempt_schedule_common+0x44/0xc0 [ 981.440815][ C0] preempt_schedule_thunk+0x1a/0x30 [ 981.446002][ C0] _raw_spin_unlock+0x3e/0x50 [ 981.450669][ C0] unmap_page_range+0xbb8/0x3d30 [ 981.455612][ C0] ? __pfx_unmap_page_range+0x10/0x10 [ 981.460980][ C0] ? uprobe_munmap+0x20/0x5d0 [ 981.465670][ C0] unmap_single_vma+0x194/0x2b0 [ 981.470554][ C0] unmap_vmas+0x22f/0x490 [ 981.474879][ C0] ? __pfx_unmap_vmas+0x10/0x10 [ 981.479723][ C0] ? __pfx_lock_release+0x10/0x10 [ 981.484743][ C0] ? lru_add_drain_cpu+0x454/0x860 [ 981.489845][ C0] exit_mmap+0x1b8/0xb20 [ 981.494101][ C0] ? __pfx_exit_mmap+0x10/0x10 [ 981.498869][ C0] __mmput+0x12a/0x480 [ 981.502932][ C0] mmput+0x62/0x70 [ 981.506640][ C0] do_exit+0x9bf/0x2bb0 [ 981.510787][ C0] ? get_signal+0x8f2/0x2770 [ 981.515362][ C0] ? __pfx_do_exit+0x10/0x10 [ 981.519940][ C0] ? do_raw_spin_lock+0x12d/0x2c0 [ 981.524949][ C0] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 981.530309][ C0] do_group_exit+0xd3/0x2a0 [ 981.534803][ C0] get_signal+0x25fb/0x2770 [ 981.539296][ C0] ? down_interruptible+0x66/0xa0 [ 981.544305][ C0] ? __pfx___down_common+0x10/0x10 [ 981.549429][ C0] ? __pfx_get_signal+0x10/0x10 [ 981.554264][ C0] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 981.560056][ C0] ? lockdep_hardirqs_on+0x7c/0x110 [ 981.565246][ C0] arch_do_signal_or_restart+0x90/0x7e0 [ 981.570787][ C0] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 981.576964][ C0] syscall_exit_to_user_mode+0x150/0x2a0 [ 981.582591][ C0] do_syscall_64+0xda/0x250 [ 981.587089][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 981.592966][ C0] RIP: 0033:0x7fa98197dafb [ 981.597361][ C0] RSP: 002b:00007fa9813fcf10 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 981.605756][ C0] RAX: fffffffffffffffc RBX: 000000000000000e RCX: 00007fa98197dafb [ 981.613710][ C0] RDX: 00007fa9813fdfe0 RSI: 0000000080085502 RDI: 000000000000000e [ 981.621684][ C0] RBP: 00007fa9813fdfe0 R08: 0000000000000080 R09: 00007fa9813fcfd8 [ 981.629644][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000080085502 [ 981.637597][ C0] R13: 0000000800000000 R14: 0000000000000024 R15: 00007fa9819fab33 [ 981.645566][ C0] [ 981.648567][ C0] task:kworker/u8:13 state:R running task stack:23712 pid:6139 tgid:6139 ppid:2 flags:0x00004000 [ 981.660277][ C0] Workqueue: events_unbound cfg80211_wiphy_work [ 981.666508][ C0] Call Trace: [ 981.669780][ C0] [ 981.672717][ C0] __schedule+0xe37/0x5490 [ 981.677126][ C0] ? ret_from_fork_asm+0x1a/0x30 [ 981.682059][ C0] ? __pfx_mark_lock+0x10/0x10 [ 981.686816][ C0] ? __pfx___schedule+0x10/0x10 [ 981.691655][ C0] ? hlock_class+0x4e/0x130 [ 981.696146][ C0] ? mark_held_locks+0x9f/0xe0 [ 981.700899][ C0] preempt_schedule_irq+0x51/0x90 [ 981.705911][ C0] irqentry_exit+0x36/0x90 [ 981.710313][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 981.716282][ C0] RIP: 0010:lock_release+0x3e5/0x6f0 [ 981.721557][ C0] Code: 7e 83 f8 01 0f 85 fd 01 00 00 9c 58 f6 c4 02 0f 85 e8 01 00 00 48 f7 04 24 00 02 00 00 74 01 fb 48 b8 00 00 00 00 00 fc ff df <48> 01 c3 48 c7 03 00 00 00 00 c7 43 08 00 00 00 00 48 8b 84 24 88 [ 981.741237][ C0] RSP: 0018:ffffc90003da7800 EFLAGS: 00000206 [ 981.747288][ C0] RAX: dffffc0000000000 RBX: 1ffff920007b4f02 RCX: ffffc90003da7850 [ 981.755248][ C0] RDX: 1ffff11004dfb8da RSI: ffffffff8b4cda40 RDI: ffffffff8bb0fc00 [ 981.763207][ C0] RBP: 8cc1f413ef5a1afa R08: 0000000000000000 R09: fffffbfff20289b3 [ 981.771164][ C0] R10: ffffffff90144d9f R11: 0000000000000000 R12: 0000000000000003 [ 981.779127][ C0] R13: 0000000000000004 R14: ffff888026fdc6d8 R15: ffff888026fdbc00 [ 981.787099][ C0] ? ieee80211_bss_info_update+0x2cb/0xab0 [ 981.792898][ C0] ? __pfx_lock_release+0x10/0x10 [ 981.797921][ C0] ieee80211_bss_info_update+0x2d0/0xab0 [ 981.803545][ C0] ? __pfx_ieee80211_bss_info_update+0x10/0x10 [ 981.809699][ C0] ? ieee80211_ibss_rx_queued_mgmt+0x185e/0x2f40 [ 981.816017][ C0] ? ieee80211_mandatory_rates+0x1ab/0x220 [ 981.821820][ C0] ieee80211_ibss_rx_queued_mgmt+0x1898/0x2f40 [ 981.827966][ C0] ? hlock_class+0x4e/0x130 [ 981.832463][ C0] ? __pfx_ieee80211_ibss_rx_queued_mgmt+0x10/0x10 [ 981.838955][ C0] ? lock_acquire+0x1b1/0x560 [ 981.843627][ C0] ? find_held_lock+0x2d/0x110 [ 981.848374][ C0] ? find_held_lock+0x2d/0x110 [ 981.853124][ C0] ? kcov_remote_start+0x370/0x6e0 [ 981.858225][ C0] ? mark_held_locks+0x9f/0xe0 [ 981.862979][ C0] ? kcov_remote_start+0x3cf/0x6e0 [ 981.868077][ C0] ieee80211_iface_work+0xc0b/0xf00 [ 981.873267][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 981.878469][ C0] cfg80211_wiphy_work+0x445/0x760 [ 981.883592][ C0] process_one_work+0x9c5/0x1b40 [ 981.888533][ C0] ? __pfx_cfg80211_wiphy_work+0x10/0x10 [ 981.894152][ C0] ? __pfx_process_one_work+0x10/0x10 [ 981.899520][ C0] ? assign_work+0x1a0/0x250 [ 981.904101][ C0] worker_thread+0x6c8/0xf00 [ 981.908692][ C0] ? __pfx_worker_thread+0x10/0x10 [ 981.913794][ C0] kthread+0x2c1/0x3a0 [ 981.917846][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 981.923036][ C0] ? __pfx_kthread+0x10/0x10 [ 981.927622][ C0] ret_from_fork+0x45/0x80 [ 981.932065][ C0] ? __pfx_kthread+0x10/0x10 [ 981.936674][ C0] ret_from_fork_asm+0x1a/0x30 [ 981.941446][ C0] [ 981.944453][ C0] rcu: rcu_preempt kthread starved for 10296 jiffies! g88469 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1 [ 981.955721][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 981.965696][ C0] rcu: RCU grace-period kthread stack dump: [ 981.971565][ C0] task:rcu_preempt state:R running task stack:27680 pid:17 tgid:17 ppid:2 flags:0x00004000 [ 981.983285][ C0] Call Trace: [ 981.986548][ C0] [ 981.989468][ C0] __schedule+0xe37/0x5490 [ 981.993881][ C0] ? __pfx___lock_acquire+0x10/0x10 [ 981.999091][ C0] ? __pfx___schedule+0x10/0x10 [ 982.003929][ C0] ? schedule+0x298/0x350 [ 982.008241][ C0] ? __pfx_lock_release+0x10/0x10 [ 982.013253][ C0] ? __pfx___mod_timer+0x10/0x10 [ 982.018189][ C0] ? lock_acquire+0x1b1/0x560 [ 982.022854][ C0] ? lockdep_init_map_type+0x16d/0x7d0 [ 982.028306][ C0] schedule+0xe7/0x350 [ 982.032387][ C0] schedule_timeout+0x136/0x2a0 [ 982.037226][ C0] ? __pfx_schedule_timeout+0x10/0x10 [ 982.042602][ C0] ? __pfx_process_timeout+0x10/0x10 [ 982.047879][ C0] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 982.053673][ C0] ? prepare_to_swait_event+0xf0/0x470 [ 982.059124][ C0] rcu_gp_fqs_loop+0x1eb/0xb00 [ 982.063896][ C0] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 982.069168][ C0] ? rcu_gp_init+0xc82/0x1630 [ 982.073849][ C0] ? _raw_spin_unlock_irq+0x2e/0x50 [ 982.079075][ C0] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 982.084912][ C0] rcu_gp_kthread+0x271/0x380 [ 982.089591][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 982.094785][ C0] ? lockdep_hardirqs_on+0x7c/0x110 [ 982.099999][ C0] ? __kthread_parkme+0x148/0x220 [ 982.105016][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 982.110205][ C0] kthread+0x2c1/0x3a0 [ 982.114263][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 982.119453][ C0] ? __pfx_kthread+0x10/0x10 [ 982.124057][ C0] ret_from_fork+0x45/0x80 [ 982.128647][ C0] ? __pfx_kthread+0x10/0x10 [ 982.133241][ C0] ret_from_fork_asm+0x1a/0x30 [ 982.138016][ C0] [ 982.141024][ C0] rcu: Stack dump where RCU GP kthread last ran: [ 982.147337][ C0] Sending NMI from CPU 0 to CPUs 1: [ 982.152540][ C1] NMI backtrace for cpu 1 skipped: idling at acpi_safe_halt+0x1a/0x20 [ 982.498026][ T6850] usb 2-1: USB disconnect, device number 4 [ 982.508395][ T9837] usb 4-1: unable to read config index 7 descriptor/start: -110 [ 982.518496][ T9837] usb 4-1: can't read configurations, error -110 [ 982.668615][ T9837] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 982.958519][ T9837] usb 4-1: device descriptor read/64, error -32 [ 983.084094][ T9837] usb usb4-port1: attempt power cycle [ 985.229705][ T1273] ieee802154 phy0 wpan0: encryption failed: -22 [ 985.236612][ T1273] ieee802154 phy1 wpan1: encryption failed: -22 [ 985.638635][ T9837] usb 4-1: new high-speed USB device number 7 using dummy_hcd SYZFAIL: failed to send rpc fd=3 want=86288 sent=0 n=-1 (errno 32: Broken pipe) [ 986.029726][ T9837] usb 4-1: device not accepting address 7, error -71 [ 987.268655][ T5233] Bluetooth: hci1: command 0x0406 tx timeout [ 987.274791][ T5227] Bluetooth: hci2: command 0x0406 tx timeout [ 987.863964][ T6139] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 988.061957][ T6139] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 988.184728][ T6139] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 988.271071][ T6139] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 988.417196][ T6139] bridge_slave_1: left allmulticast mode [ 988.423155][ T6139] bridge_slave_1: left promiscuous mode [ 988.432094][ T6139] bridge0: port 2(bridge_slave_1) entered disabled state [ 988.441983][ T6139] bridge_slave_0: left allmulticast mode [ 988.447663][ T6139] bridge_slave_0: left promiscuous mode [ 988.455757][ T6139] bridge0: port 1(bridge_slave_0) entered disabled state [ 988.711193][ T6139] dvmrp1 (unregistering): left allmulticast mode [ 988.944941][ T6139] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 988.956770][ T6139] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 988.968141][ T6139] bond0 (unregistering): Released all slaves [ 989.381243][ T6139] hsr_slave_0: left promiscuous mode [ 989.387568][ T6139] hsr_slave_1: left promiscuous mode [ 989.405285][ T6139] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 989.415207][ T6139] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 989.427263][ T6139] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 989.448608][ T6139] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 989.493599][ T6139] veth1_macvtap: left promiscuous mode [ 989.499769][ T6139] veth0_macvtap: left promiscuous mode [ 989.505500][ T6139] veth1_vlan: left promiscuous mode [ 989.517859][ T6139] veth0_vlan: left promiscuous mode [ 989.637400][ T6139] pimreg (unregistering): left allmulticast mode [ 990.124390][ T6139] team0 (unregistering): Port device team_slave_1 removed [ 990.189052][ T6139] team0 (unregistering): Port device team_slave_0 removed