last executing test programs: 9m11.576380876s ago: executing program 2 (id=6104): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth1_to_bond\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@newlink={0x30, 0x10, 0x1, 0x70bd28, 0x0, {0x0, 0x0, 0x0, r2, 0x400}, [@IFLA_TXQLEN={0x8}, @IFLA_GSO_MAX_SIZE={0x8, 0x29, 0x2c6b9}]}, 0x30}, 0x1, 0x0, 0x0, 0x800}, 0x0) 9m11.509290047s ago: executing program 2 (id=6105): r0 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa441, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_XEN_HVM_CONFIG(r1, 0x4038ae7a, &(0x7f0000001440)={0x0, 0x87e, 0x0, 0x0}) ioctl$KVM_XEN_HVM_CONFIG(r1, 0x4038ae7a, &(0x7f0000000500)={0x80, 0xa44, 0x0, 0x0, 0xfffffffffffffe77, 0xffffffffffffff56}) 9m11.331449735s ago: executing program 2 (id=6107): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'macvlan0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000000c0)=@newlink={0x68, 0x10, 0x503, 0x70bd2c, 0x0, {}, [@IFLA_LINKINFO={0x40, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x30, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x10}, @IFLA_MACVLAN_MACADDR_DATA={0x10, 0x5, 0x0, 0x1, [{0xa, 0x4, @dev}]}, @IFLA_MACVLAN_MACADDR_MODE={0x8, 0x3, 0x3}, @IFLA_MACVLAN_MACADDR={0xa, 0x4, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x40}}]}}}, @IFLA_LINK={0x8, 0x5, r2}]}, 0x68}, 0x1, 0x0, 0x0, 0x4001}, 0x0) 9m11.09167791s ago: executing program 2 (id=6110): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000040)=[@in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000080)=0x10) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000000c0)={r1, @in={{0x2, 0x4e23, @empty}}, 0x0, 0x2, 0x0, 0x18, 0xa17433da3c5d69a5, 0x2, 0x81}, 0x9c) 9m11.00281324s ago: executing program 2 (id=6112): r0 = socket$unix(0x1, 0x2, 0x0) r1 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000200)=0x10) bind$unix(r0, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) 9m10.911390785s ago: executing program 2 (id=6113): mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$afs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB='dyn']) chdir(&(0x7f0000000300)='./file0\x00') stat(&(0x7f0000002bc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) 8m55.85329672s ago: executing program 32 (id=6113): mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$afs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB='dyn']) chdir(&(0x7f0000000300)='./file0\x00') stat(&(0x7f0000002bc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) 6m6.989195098s ago: executing program 3 (id=8923): r0 = socket(0x840000000002, 0x3, 0xfd) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @remote}, 0x10) sendmmsg$inet(r0, &(0x7f0000005240), 0x4000095, 0x0) setsockopt$inet_group_source_req(r0, 0x0, 0x2e, &(0x7f0000000800)={0x4, {{0x2, 0x4e21, @multicast1}}, {{0x2, 0x4, @dev={0xac, 0x14, 0x14, 0x1}}}}, 0x108) 6m6.795729484s ago: executing program 3 (id=8926): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000000c0)={0x1, 0x0, [{0x17b}]}) 6m6.644009656s ago: executing program 3 (id=8929): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0xfb, 0x323, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) rt_sigaction(0x19, 0x0, 0x0, 0x8, &(0x7f0000000440)) 6m5.974306586s ago: executing program 3 (id=8939): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262) 6m5.810796814s ago: executing program 3 (id=8941): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f0000000040)=[@in6={0xa, 0x4e22, 0x200, @dev={0xfe, 0x80, '\x00', 0xb}, 0x3}]}, &(0x7f0000000080)=0x10) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000000c0)={r1, @in={{0x2, 0x4e23, @empty}}, 0x0, 0x2, 0x0, 0x0, 0xa17433da3c5d69a5, 0x2, 0x81}, 0x9c) 6m5.379679067s ago: executing program 3 (id=8952): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='contention_end\x00', r0}, 0x10) r1 = openat$fb0(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(r1, 0x4611, 0x0) 6m5.191141877s ago: executing program 33 (id=8952): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='contention_end\x00', r0}, 0x10) r1 = openat$fb0(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(r1, 0x4611, 0x0) 5m46.379155246s ago: executing program 1 (id=9222): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000500)='tlb_flush\x00', r0}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='tlb_flush\x00', r0, 0x0, 0x10000000000000}, 0x18) mremap(&(0x7f0000000000/0x9000)=nil, 0x600002, 0x600002, 0x7, &(0x7f0000a00000/0x600000)=nil) 5m46.204231358s ago: executing program 1 (id=9224): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000100)={'syz0\x00', {}, 0x7, [0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf6, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x3, 0x0, 0xfffffffe, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0xffffffff], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x180d, 0x0, 0xae4d, 0x0, 0x0, 0x3], [0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x300, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x400, 0x0, 0xed0, 0x4000000], [0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa0e, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0xf, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0xfffffffe]}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) write$input_event(r0, &(0x7f0000000000)={{}, 0x15, 0x0, 0xffffffff}, 0x18) 5m46.045292189s ago: executing program 1 (id=9227): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) inotify_init() 5m45.184308685s ago: executing program 1 (id=9242): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x1e) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(&(0x7f0000000080)='./file0/../file0\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x1041, 0x0) umount2(&(0x7f0000000000)='./file0/../file0\x00', 0x1) 5m45.03760539s ago: executing program 1 (id=9245): r0 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f0000000100)=0x3, 0x4) setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000000)=0x28, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x20008805, &(0x7f0000000480)={0xa, 0x4e20, 0x40, @mcast1, 0x7}, 0x1c) 5m44.588442027s ago: executing program 1 (id=9254): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000001100)=@req3={0x8000, 0x200, 0x80, 0x20000}, 0x1c) mmap(&(0x7f0000568000/0x2000)=nil, 0x1000000, 0x0, 0x11, r0, 0x0) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x15) 5m44.253440323s ago: executing program 34 (id=9254): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000001100)=@req3={0x8000, 0x200, 0x80, 0x20000}, 0x1c) mmap(&(0x7f0000568000/0x2000)=nil, 0x1000000, 0x0, 0x11, r0, 0x0) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x15) 5m38.426775171s ago: executing program 4 (id=9317): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000051c0)=[{{&(0x7f0000000540)=@rc={0x1f, @fixed}, 0x80, 0x0}, 0xd}, {{&(0x7f0000000980)=@l2={0x1f, 0x0, @none}, 0x80, 0x0}, 0x1}], 0x2, 0x12141, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) sendmmsg$sock(r0, &(0x7f0000004100)=[{{0x0, 0x0, 0x0}}], 0xffffff80, 0x0) 5m37.401317037s ago: executing program 4 (id=9329): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'sha1\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f0000001bc0)={0x0, 0x0, &(0x7f0000001b80)={&(0x7f0000001580)={{0x14}, [@NFT_MSG_NEWSETELEM={0x28, 0xc, 0xa, 0x101, 0x0, 0x0, {0x2, 0x0, 0x4}, [@NFTA_SET_ELEM_LIST_SET_ID={0x8, 0x4, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWTABLE={0x1d8, 0x0, 0xa, 0x0, 0x0, 0x0, {0x3, 0x0, 0x5}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_TABLE_USERDATA={0xb1, 0x6, "9410b50908866dbdab582e231107102c8be28e2379adbdc0974c3f6554bd2617ebc509acbfffec0904001647575aeffe29e22c568c2f579f51ba49d0b8be8ce7c58732e59873ab86a844683f36157a2179775d5ceda8de0d55cf1472d0027dce616ec74f59ba71b5c197a6393d4769f87a7c06f5d856b10fd455da6110c96e25c00dd6644a22d68dec9f08af165764621327ceb6da1cf63c41a5489de49f281b50a0af6453ad99f1f23a47ad62"}, @NFTA_TABLE_USERDATA={0xf7, 0x6, "54501b4a81eb6ad0328be729edaafd50c7757f5e5644ed3cd1bc598980b22b922994b492bc4542fa16e70beb37a43b82d3aaa54a3ce71bd61e2cba124249181aed7c0656a7b2293db01743878f08b45912c4cf597560242ac8c0edb0acd24c75d5ad56c35ea584e29e899c45ef7180a7816963cff241ef3564e76a2b0041276d3f066a0dbdf3c06c3777e389c2b1521e44362c585770e041facffdaabb2f5837bec8bdf51fe04c8c5958a108b64937de25cfce78ab446ae1db679ce961588a084ef4dd356a23ada30582556f6197cc0640bac414d3a340c67d05813806c85ebaed40554f24f4c5c08700e61e50455838355cfa"}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWRULE={0x17c, 0x6, 0xa, 0x301, 0x0, 0x0, {0x7, 0x0, 0x4}, [@NFTA_RULE_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x4}, @NFTA_RULE_COMPAT={0x24, 0x5, 0x0, 0x1, [@NFTA_RULE_COMPAT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_RULE_COMPAT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_RULE_COMPAT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x7}, @NFTA_RULE_COMPAT_PROTO_BRIDGE={0x8, 0x1, 0x1, 0x0, 0x9100}]}, @NFTA_RULE_EXPRESSIONS={0x10c, 0x4, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, @masq={{0x9}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_MASQ_REG_PROTO_MAX={0x8, 0x3, 0x1, 0x0, 0xc}]}}}, {0x48, 0x1, 0x0, 0x1, @dup_ipv6={{0x8}, @val={0x3c, 0x2, 0x0, 0x1, [@NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0xa}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0xe}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0xc}, @NFTA_DUP_SREG_ADDR={0x8, 0x1, 0x1, 0x0, 0x15}, @NFTA_DUP_SREG_ADDR={0x8, 0x1, 0x1, 0x0, 0x12}, @NFTA_DUP_SREG_ADDR={0x8, 0x1, 0x1, 0x0, 0x12}, @NFTA_DUP_SREG_ADDR={0x8, 0x1, 0x1, 0x0, 0x4}]}}}, {0xc, 0x1, 0x0, 0x1, @fib={{0x8}, @void}}, {0x10, 0x1, 0x0, 0x1, @quota={{0xa}, @void}}, {0x58, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x4c, 0x2, 0x0, 0x1, [@NFTA_CT_DIRECTION={0x5, 0x3, 0x1}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x14}, @NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x13}, @NFTA_CT_SREG={0x8, 0x4, 0x1, 0x0, 0x2}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_CT_DIRECTION={0x5}, @NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0xd}, @NFTA_CT_SREG={0x8, 0x4, 0x1, 0x0, 0x8}]}}}, {0x10, 0x1, 0x0, 0x1, @tproxy={{0xb}, @void}}, {0x20, 0x1, 0x0, 0x1, @byteorder={{0xe}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_BYTEORDER_SREG={0x8, 0x1, 0x1, 0x0, 0x15}]}}}]}, @NFTA_RULE_POSITION={0xc, 0x6, 0x1, 0x0, 0x4}, @NFTA_RULE_POSITION={0xc, 0x6, 0x1, 0x0, 0x2}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_DELSETELEM={0x14, 0xe, 0xa, 0x401, 0x0, 0x0, {0x7, 0x0, 0xa}}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x3b8}, 0x1, 0x0, 0x0, 0x2000c084}, 0x4040) 5m37.18886396s ago: executing program 4 (id=9334): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x20400, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_XCRS(r2, 0x4188aea7, &(0x7f0000000280)=ANY=[@ANYRESHEX=r1]) 5m36.848196699s ago: executing program 4 (id=9339): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$bind(&(0x7f0000000280)='.\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(&(0x7f0000000040)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0) mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000480)='./file0/file0\x00', 0x0, 0x2000, 0x0) 5m36.578621683s ago: executing program 4 (id=9343): r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000080)='rpc_stats_latency\x00', r1, 0x0, 0x40000000}, 0x18) sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x20, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0) 5m36.038442979s ago: executing program 4 (id=9351): r0 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/oss_mixer\x00', 0x2002, 0x0) write$proc_mixer(r0, &(0x7f0000000180)=ANY=[@ANYBLOB='SYNTH \'Mic\' 00000000000000000000\nIGAIN \'Capture Volume\' 00000000000000000000\nVOLUME\nLINE\nMONITOR\nCD \'CD Capture\' 8'], 0x86) r1 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/oss_mixer\x00', 0x0, 0x0) dup3(r1, r0, 0x0) 5m35.638848981s ago: executing program 35 (id=9351): r0 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/oss_mixer\x00', 0x2002, 0x0) write$proc_mixer(r0, &(0x7f0000000180)=ANY=[@ANYBLOB='SYNTH \'Mic\' 00000000000000000000\nIGAIN \'Capture Volume\' 00000000000000000000\nVOLUME\nLINE\nMONITOR\nCD \'CD Capture\' 8'], 0x86) r1 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/oss_mixer\x00', 0x0, 0x0) dup3(r1, r0, 0x0) 2.874949883s ago: executing program 0 (id=14729): r0 = open(&(0x7f0000000280)='.\x00', 0x160100, 0x0) fcntl$notify(r0, 0x402, 0x34) r1 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x103a42, 0x0) ftruncate(r1, 0x6000000) copy_file_range(r1, 0x0, r1, &(0x7f00000004c0)=0xdc, 0x9, 0x0) 2.782508388s ago: executing program 0 (id=14731): r0 = socket$inet_udp(0x2, 0x2, 0x0) recvmmsg(r0, &(0x7f0000001840)=[{{0x0, 0x0, 0x0}, 0x6a6}], 0x1, 0x2, 0x0) setsockopt$inet_int(r0, 0x0, 0x19, &(0x7f0000000140)=0x400030, 0x4) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) syz_emit_ethernet(0x2e, &(0x7f00000003c0)={@broadcast, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @multicast1}, {0x0, 0x4e20, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}, 0x0) 2.741662612s ago: executing program 5 (id=14732): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x8000, 0x0) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TCSETSW2(r1, 0x5408, &(0x7f0000000040)={0x3, 0x0, 0xfffffffe, 0x7fffffef, 0x0, "23f555d9adb42d4408020e90d1beaa82dc1ecf", 0x1000}) ioctl$TIOCGPGRP(r0, 0x5437, 0x0) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) 2.613530547s ago: executing program 0 (id=14734): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = dup(r2) ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000080000044d564b"]) 2.612770283s ago: executing program 5 (id=14735): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, 0x0}], 0x1, 0x43, 0x0, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x8140aecc, &(0x7f0000000140)=@x86={0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0xff, 0xfc}) 2.463159139s ago: executing program 0 (id=14737): openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x2200c851, &(0x7f0000b63fe4)={0xa, 0x2, 0x3, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) getsockopt$inet6_buf(r0, 0x29, 0x3d, 0x0, &(0x7f0000000200)) 2.399280648s ago: executing program 5 (id=14738): bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58) write$sndseq(0xffffffffffffffff, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8) r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000040), 0x8000, 0x0) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x5) ioctl$PTP_EXTTS_REQUEST2(r0, 0x40103d0b, &(0x7f0000000000)={0x1, 0x1}) 2.339286663s ago: executing program 0 (id=14740): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000006c80)={0x6c, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x30, 0xe, {{{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @val={0x72, 0x6}, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}]]}, 0x6c}}, 0x20000880) 2.24967399s ago: executing program 5 (id=14742): r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) r1 = syz_usb_connect(0x0, 0x24, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0xb1, 0xbd, 0x2f, 0x8, 0x47d, 0x5003, 0x2f8c, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xa0, 0x58, 0xb7}}]}}]}}, 0x0) syz_usb_control_io$cdc_ecm(r1, &(0x7f0000000c40)={0x14, &(0x7f0000000000)=ANY=[@ANYBLOB="0000f50000000341"], 0x0}, 0x0) syz_usb_control_io$cdc_ecm(r1, 0x0, 0x0) 2.212320685s ago: executing program 0 (id=14743): ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) io_uring_setup(0x6281, &(0x7f0000000080)) open$dir(0x0, 0x2800, 0x182) syz_genetlink_get_family_id$l2tp(0x0, 0xffffffffffffffff) syz_usb_connect$uac1(0x2, 0xa2, &(0x7f0000000040)=ANY=[@ANYBLOB="12011001000000406b1d01014000010203010902900003010380000904000000010100000a24010f00050201020c2402060602040c0032a304090401000001020000090401010101020000072401200404000c2402010201400f290c89c0090501250183020c00090402000001020000090402010101020000072401018105000b2402010f04b4018c703c09058209"], 0x0) 2.106784911s ago: executing program 7 (id=14745): r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000000)={0x100000011, @multicast2, 0x0, 0x0, 'lblcr\x00', 0x1d, 0x85, 0x72}, 0x2c) 2.043256105s ago: executing program 7 (id=14746): r0 = syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1}) ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f0000000040)={0x2}) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo/4\x00') preadv(r1, &(0x7f0000001240)=[{&(0x7f0000000200)=""/34, 0x22}], 0x1, 0x0, 0x0) 2.006355649s ago: executing program 7 (id=14747): bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) setsockopt$inet_udp_encap(r0, 0x11, 0x64, &(0x7f0000000000)=0x2, 0x4) syz_emit_ethernet(0x86, &(0x7f0000000440)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @broadcast}, {0x0, 0x4e20, 0x64, 0x0, @wg=@response={0x2, 0x4, 0x0, "017cea08e90a62168facaecca577cb43f478fd5e6e5d4fb33ecffe357eac8a8e", "66d379b886319c62896eb4629b6baae1", {"a41819bdef458b3c84740f618752a2e5", "396954ec098e6a74ec194039740c8a59"}}}}}}}, 0x0) 1.961751337s ago: executing program 7 (id=14748): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x1004e22}, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ppoll(&(0x7f0000000000)=[{r1, 0x2000}, {r1, 0x8104}], 0x2, 0x0, 0x0, 0x0) 1.862831574s ago: executing program 8 (id=14750): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) r1 = openat$cgroup_devices(r0, &(0x7f0000000300)='devices.allow\x00', 0x2, 0x0) mount$overlay(0x0, &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0) write$cgroup_devices(r1, &(0x7f0000000200)=ANY=[@ANYBLOB='b 1223'], 0xa) 1.748678781s ago: executing program 8 (id=14751): r0 = openat$sw_sync(0xffffff9c, &(0x7f00000005c0), 0x42000, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000600)={0x0, "76e14961f6d0d5439e2248ca5baf1f1a9439b9f2066b1c2f76cb704ac25cbf51"}) close(r0) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) close_range(r1, 0xffffffffffffffff, 0x0) 1.575651076s ago: executing program 8 (id=14753): prlimit64(0x0, 0xe, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) mlock2(&(0x7f0000003000/0x4000)=nil, 0x4000, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2) 968.7229ms ago: executing program 6 (id=14757): r0 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10) r1 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f00000000c0)={r2}, &(0x7f00000001c0)=0x8) 787.671718ms ago: executing program 6 (id=14758): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="280000001c00070c2bbd7000fedbdf2507000000", @ANYRES32=r2, @ANYBLOB="5000000b0a000200aa"], 0x28}, 0x1, 0x0, 0x0, 0xcc081}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[], 0x34}}, 0x0) 736.221699ms ago: executing program 6 (id=14759): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000100000000000000e9ff000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_exit\x00', r0}, 0x10) socket$inet6_sctp(0xa, 0x801, 0x84) ioperm(0x0, 0x225a, 0x800000004000409) name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/cgroup.procs\x00', &(0x7f0000000340)=ANY=[@ANYBLOB="08000000010000000000000008000000b62ebe39f0c1220a7e1fb62cdf73edda66632a8375f76b244c3c61eda3233fc613e4890ed74ba39195bfc7dde608c15a9eac38157a735e02801deeef5210bb38f9e0b0f2ca49dc5cfbe20ba2660ad2295b0ecf3f2c9e518c3c8122051d53b7c03e772db7"], &(0x7f0000000040), 0x0) 611.083612ms ago: executing program 6 (id=14760): r0 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/pid\x00') fchdir(r0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) readlink(&(0x7f0000000000)='./file0\x00', &(0x7f0000000340)=""/205, 0xcd) 435.659748ms ago: executing program 6 (id=14761): r0 = syz_io_uring_setup(0xe3e, &(0x7f0000000600)={0x0, 0xa9c8, 0x400, 0x2}, &(0x7f0000000240)=0x0, &(0x7f00000001c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000040)=0xfffffffc, 0x0, 0x4) r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_TEE={0x21, 0x4, 0x0, @fd=r0, 0x0, 0x0, 0x7c, 0x5, 0x0, {0x0, r3, r0}}) io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0) 423.271314ms ago: executing program 8 (id=14762): r0 = socket(0x10, 0x3, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setresgid(0x0, 0x0, r1) r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r2) 397.425178ms ago: executing program 5 (id=14763): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x1, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000040)=@arm64={0x8, 0xb, 0x1, '\x00', 0x4}) ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000000080)={0x1e0003, 0x0, [0x8, 0xff, 0xfffffffffffffffb, 0x3e00000000000000, 0x7fffffff, 0x7, 0x9, 0xa]}) 305.432246ms ago: executing program 7 (id=14764): r0 = userfaultfd(0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x3}) madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe) madvise(&(0x7f0000cc8000/0x3000)=nil, 0x3000, 0x17) 197.714251ms ago: executing program 6 (id=14765): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f000905", @ANYRES64], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000b00)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="00000f00000009003d140f3c369197d09647190890"], 0x0, 0x0, 0x0, 0x0}, 0x0) r1 = syz_open_dev$hiddev(&(0x7f00000000c0), 0x0, 0x0) ioctl$HIDIOCSREPORT(r1, 0x400c4808, &(0x7f0000000100)={0x2, 0x100}) 192.811548ms ago: executing program 8 (id=14766): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000300)={@in6={{0xa, 0x0, 0x0, @remote}}, 0x0, 0x0, 0x6, 0x0, "3f114438efdaca16d374b49a365be44d5e860ea3ba676c0b5047b80e2c3535d5bd9db3c8572560f4d1be5cd41f7716082ee3589f099942e6f1c395ddb8160381baadf27900"}, 0xd8) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000100)={@in6={{0xa, 0x0, 0x20000000, @remote}}, 0x0, 0x0, 0x0, 0x0, "ddfd3b7ed7c6a1c172a987ae5ce3cafd64c9a736831a5912d606798fb75c9981c4b3ac0e06891ff18bc5543ed57215a3c45f9154dfa319e52a15a2b9acf80c07fb1a854dad742eef6187f2304844c296"}, 0xd8) close_range(r0, 0xffffffffffffffff, 0x0) 132.644902ms ago: executing program 5 (id=14767): syz_usb_connect$uac1(0x0, 0x82, &(0x7f0000000040)={{0x12, 0x1, 0x310, 0x0, 0x0, 0x0, 0x8, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x70, 0x3, 0x1, 0xd, 0xb0, 0x1, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0xc, 0x8}, [@selector_unit={0x5, 0x24, 0x5, 0x6, 0x34}, @input_terminal={0xc, 0x24, 0x2, 0x2, 0x1ff, 0x6, 0x5, 0xa, 0x5, 0x9}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x40, 0xd, 0xff, 0x7, {0x7, 0x25, 0x1, 0x82, 0x2, 0xa6}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x200, 0x4, 0x5, 0x2, {0x7, 0x25, 0x1, 0x1, 0x3, 0x6}}}}}}}]}}, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f0000000080)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000000200000008000300", @ANYRES32=r2, @ANYBLOB="0c00990000000200000000000800a00094090000080026009409000008002700"], 0x48}}, 0x0) 35.667061ms ago: executing program 7 (id=14768): r0 = timerfd_create(0x0, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000200)) timerfd_settime(r0, 0x3, &(0x7f0000000440)={{0x0, 0x989680}}, 0x0) clock_adjtime(0x0, &(0x7f0000000480)={0xd54, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}) 0s ago: executing program 8 (id=14769): mq_open(&(0x7f0000000080)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x42, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="3c00000013000100000000000000000007000000", @ANYRES32=r1, @ANYBLOB="00000000000000001c001a8018000480140005800800020000000000080001"], 0x3c}}, 0x0) kernel console output (not intermixed with test programs): microsoft 0003:045E:07DA.006F: unknown main item tag 0x0 [ 743.696816][ T5907] microsoft 0003:045E:07DA.006F: unknown main item tag 0x0 [ 743.711027][ T5907] microsoft 0003:045E:07DA.006F: unknown main item tag 0x0 [ 743.725808][ T5907] microsoft 0003:045E:07DA.006F: unknown main item tag 0x0 [ 743.733523][ T5876] kye 0003:0458:5010.0070: tablet report size too small, or kye_tablet_rdesc unexpectedly large [ 743.764122][ T5907] input: HID 045e:07da as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:045E:07DA.006F/input/input112 [ 743.786655][ T5876] kye 0003:0458:5010.0070: hidraw0: USB HID v0.03 Device [HID 0458:5010] on usb-dummy_hcd.8-1/input0 [ 743.802400][ T5876] kye 0003:0458:5010.0070: tablet-enabling feature report not found [ 743.803068][ T5907] microsoft 0003:045E:07DA.006F: input,hidraw1: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.5-1/input0 [ 743.816855][ T5876] kye 0003:0458:5010.0070: tablet enabling failed [ 743.884342][ T5907] usb 6-1: USB disconnect, device number 35 [ 743.922795][ T1142] lo speed is unknown, defaulting to 1000 [ 743.971648][ T5876] usb 9-1: USB disconnect, device number 23 [ 744.309036][ T1156] netlink: 8 bytes leftover after parsing attributes in process `syz.6.11652'. [ 744.319045][ T1156] netlink: 4 bytes leftover after parsing attributes in process `syz.6.11652'. [ 744.356750][ T1156] nbd: socks must be embedded in a SOCK_ITEM attr [ 744.617757][ T1172] netlink: 8 bytes leftover after parsing attributes in process `syz.7.11656'. [ 744.719960][ T1176] netlink: 16 bytes leftover after parsing attributes in process `syz.6.11659'. [ 744.749599][ T1176] netem: invalid attributes len -6 [ 744.754912][ T1176] netem: change failed [ 745.930534][ T1229] ?: renamed from vlan0 (while UP) [ 746.165028][ T1238] bridge0: port 3(batadv1) entered disabled state [ 746.171734][ T1238] bridge0: port 1(bridge_slave_0) entered disabled state [ 746.904303][ T30] kauditd_printk_skb: 49 callbacks suppressed [ 746.904321][ T30] audit: type=1326 audit(2000000235.266:5057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1268 comm="syz.6.11702" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f99edf8d169 code=0x0 [ 746.972070][ T1273] netlink: 8 bytes leftover after parsing attributes in process `syz.0.11703'. [ 747.018743][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 747.695780][ T1314] vlan3: entered promiscuous mode [ 747.713637][ T1314] bridge0: entered promiscuous mode [ 747.744173][ T1314] vlan3: entered allmulticast mode [ 747.751783][ T1314] bridge0: entered allmulticast mode [ 747.883210][ T1325] netlink: 'syz.6.11723': attribute type 1 has an invalid length. [ 748.151852][ T1336] netlink: 'syz.6.11729': attribute type 1 has an invalid length. [ 748.684870][ T30] audit: type=1326 audit(2000000237.049:5058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1367 comm="syz.0.11742" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ffae6b8d169 code=0x0 [ 750.399830][ T5874] usb 9-1: new high-speed USB device number 24 using dummy_hcd [ 750.449551][ T9] usb 6-1: new high-speed USB device number 36 using dummy_hcd [ 750.549763][ T5874] usb 9-1: Using ep0 maxpacket: 32 [ 750.556794][ T5874] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 750.568163][ T5874] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 750.578373][ T5874] usb 9-1: New USB device found, idVendor=5543, idProduct=0003, bcdDevice= 0.00 [ 750.594515][ T5874] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 750.603909][ T5874] usb 9-1: config 0 descriptor?? [ 750.609168][ T9] usb 6-1: Using ep0 maxpacket: 32 [ 750.618070][ T9] usb 6-1: New USB device found, idVendor=04f1, idProduct=1001, bcdDevice=19.63 [ 750.627395][ T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 750.635807][ T9] usb 6-1: Product: syz [ 750.640217][ T9] usb 6-1: Manufacturer: syz [ 750.644927][ T9] usb 6-1: SerialNumber: syz [ 750.652020][ T9] usb 6-1: config 0 descriptor?? [ 750.660057][ T9] gspca_main: sunplus-2.14.0 probing 04f1:1001 [ 751.016702][ T5874] uclogic 0003:5543:0003.0071: item fetching failed at offset 0/3 [ 751.031117][ T5874] uclogic 0003:5543:0003.0071: parse failed [ 751.037122][ T5874] uclogic 0003:5543:0003.0071: probe with driver uclogic failed with error -22 [ 751.216515][ T1445] netlink: 'syz.0.11776': attribute type 4 has an invalid length. [ 751.230723][ T1207] usb 9-1: USB disconnect, device number 24 [ 751.467838][ T9] gspca_sunplus: reg_w_riv err -71 [ 751.483336][ T9] sunplus 6-1:0.0: probe with driver sunplus failed with error -71 [ 751.508079][ T9] usb 6-1: USB disconnect, device number 36 [ 751.920599][ T1475] netlink: 20 bytes leftover after parsing attributes in process `syz.6.11789'. [ 751.930207][ T1475] IPv6: Can't replace route, no match found [ 752.027608][ T1477] netlink: 'syz.6.11790': attribute type 2 has an invalid length. [ 752.062144][ T1477] netlink: 'syz.6.11790': attribute type 2 has an invalid length. [ 752.426524][ T1486] sctp: [Deprecated]: syz.6.11794 (pid 1486) Use of struct sctp_assoc_value in delayed_ack socket option. [ 752.426524][ T1486] Use struct sctp_sack_info instead [ 753.426719][ T1514] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 753.856947][ T1530] UBIFS error (pid: 1530): cannot open "/dev/loop5", error -22 [ 754.764023][ T1576] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 755.771436][ T5876] usb 9-1: new high-speed USB device number 25 using dummy_hcd [ 755.952579][ T5876] usb 9-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.32 [ 755.970943][ T5876] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 755.981815][ T5876] usb 9-1: config 0 descriptor?? [ 755.993530][ T5876] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state. [ 756.201798][ T5876] gp8psk: usb in 128 operation failed. [ 756.218889][ T5876] gp8psk: usb in 137 operation failed. [ 756.231450][ T5876] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 756.262319][ T5876] dvbdev: DVB: registering new adapter (Genpix SkyWalker-1 DVB-S receiver) [ 756.273494][ T5876] usb 9-1: media controller created [ 756.289540][ T1640] QAT: Device 198 not found [ 756.298030][ T5876] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 756.322664][ T5876] gp8psk_fe: Frontend attached [ 756.328102][ T5876] usb 9-1: DVB: registering adapter 1 frontend 0 (Genpix DVB-S)... [ 756.361161][ T5876] dvbdev: dvb_create_media_entity: media entity 'Genpix DVB-S' registered. [ 756.658304][ T5876] gp8psk: usb in 137 operation failed. [ 756.664845][ T5876] dvb-usb: Genpix SkyWalker-1 DVB-S receiver successfully initialized and connected. [ 756.675528][ T5876] gp8psk: found Genpix USB device pID = 203 (hex) [ 756.683994][ T5876] usb 9-1: USB disconnect, device number 25 [ 756.733068][ T5876] dvb-usb: Genpix SkyWalker-1 DVB-S receiver successfully deinitialized and disconnected. [ 757.402114][ T1671] netlink: 4 bytes leftover after parsing attributes in process `syz.5.11879'. [ 758.060767][ T1697] program syz.5.11891 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 758.877146][ T1730] netlink: 8 bytes leftover after parsing attributes in process `syz.0.11907'. [ 759.307878][ T1741] netlink: 'syz.0.11912': attribute type 3 has an invalid length. [ 759.857242][ T30] audit: type=1326 audit(2000000248.247:5059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1754 comm="syz.6.11919" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99edf8d169 code=0x7ffc0000 [ 759.919238][ T30] audit: type=1326 audit(2000000248.247:5060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1754 comm="syz.6.11919" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f99edf8d169 code=0x7ffc0000 [ 759.981865][ T30] audit: type=1326 audit(2000000248.247:5061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=1754 comm="syz.6.11919" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99edf8d169 code=0x7ffc0000 [ 760.003518][ C1] vkms_vblank_simulate: vblank timer overrun [ 761.005241][ T1795] bridge0: port 2(batadv2) entered blocking state [ 761.011987][ T1795] bridge0: port 2(batadv2) entered disabled state [ 761.026556][ T1795] batadv2: entered allmulticast mode [ 761.040944][ T1795] batadv2: entered promiscuous mode [ 761.338347][ T1814] veth0_to_bridge: entered promiscuous mode [ 761.368740][ T1813] veth0_to_bridge: left promiscuous mode [ 761.522833][ T13] batman_adv: batadv2: No IGMP Querier present - multicast optimizations disabled [ 761.532349][ T13] batman_adv: batadv2: No MLD Querier present - multicast optimizations disabled [ 763.071055][ T1897] netlink: 8 bytes leftover after parsing attributes in process `syz.0.11984'. [ 763.104335][ T1897] netlink: 16 bytes leftover after parsing attributes in process `syz.0.11984'. [ 763.332242][ T1907] netlink: 'syz.8.11989': attribute type 11 has an invalid length. [ 763.360045][ T1914] netlink: 8 bytes leftover after parsing attributes in process `syz.6.11992'. [ 763.375404][ T1907] netlink: 60 bytes leftover after parsing attributes in process `syz.8.11989'. [ 765.210568][ T1991] mkiss: ax0: crc mode is auto. [ 765.781307][ T2021] program syz.8.12041 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 766.842537][ T2066] netlink: 16 bytes leftover after parsing attributes in process `syz.5.12060'. [ 767.157566][ T30] audit: type=1326 audit(2000000255.558:5062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2084 comm="syz.0.12069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffae6b8d169 code=0x7ffc0000 [ 767.174709][ T2087] netlink: 104 bytes leftover after parsing attributes in process `syz.7.12070'. [ 767.221835][ T30] audit: type=1326 audit(2000000255.558:5063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2084 comm="syz.0.12069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffae6b8d169 code=0x7ffc0000 [ 767.297511][ T30] audit: type=1326 audit(2000000255.578:5064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2084 comm="syz.0.12069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffae6b8d169 code=0x7ffc0000 [ 767.364796][ T30] audit: type=1326 audit(2000000255.578:5065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2084 comm="syz.0.12069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffae6b8d169 code=0x7ffc0000 [ 767.445212][ T30] audit: type=1326 audit(2000000255.578:5066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2084 comm="syz.0.12069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffae6b8d169 code=0x7ffc0000 [ 767.505905][ T30] audit: type=1326 audit(2000000255.598:5067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2084 comm="syz.0.12069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffae6b8d169 code=0x7ffc0000 [ 767.583944][ T30] audit: type=1326 audit(2000000255.598:5068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2084 comm="syz.0.12069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffae6b8d169 code=0x7ffc0000 [ 767.605601][ C1] vkms_vblank_simulate: vblank timer overrun [ 767.628318][ T30] audit: type=1326 audit(2000000255.598:5069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2084 comm="syz.0.12069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7ffae6b84127 code=0x7ffc0000 [ 767.724083][ T30] audit: type=1326 audit(2000000255.598:5070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2084 comm="syz.0.12069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7ffae6b29359 code=0x7ffc0000 [ 767.740750][ T2111] netlink: 4 bytes leftover after parsing attributes in process `syz.0.12082'. [ 767.756399][ T30] audit: type=1326 audit(2000000255.598:5071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2084 comm="syz.0.12069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7ffae6b84127 code=0x7ffc0000 [ 767.883831][ T5876] usb 6-1: new high-speed USB device number 37 using dummy_hcd [ 768.039145][ T5876] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 768.054675][ T5876] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 768.133091][ T5876] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 768.142197][ T5876] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 768.229135][ T2107] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 768.240478][ T5876] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 768.591494][ T5876] usb 6-1: USB disconnect, device number 37 [ 769.072762][ T2151] netlink: 4 bytes leftover after parsing attributes in process `syz.0.12100'. [ 770.660247][ T53] wlan0: Trigger new scan to find an IBSS to join [ 771.096374][ T2121] Set syz1 is full, maxelem 65536 reached [ 771.286488][ T2205] netdevsim netdevsim7: Direct firmware load for ./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa failed with error -2 [ 771.327397][ T2205] netdevsim netdevsim7: Falling back to sysfs fallback for: ./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 771.498249][ T1207] usb 9-1: new high-speed USB device number 26 using dummy_hcd [ 771.648038][ T1207] usb 9-1: Using ep0 maxpacket: 8 [ 771.655256][ T1207] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 771.667020][ T1207] usb 9-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d [ 771.676462][ T1207] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105 [ 771.684899][ T1207] usb 9-1: SerialNumber: syz [ 771.691704][ T1207] usb 9-1: config 0 descriptor?? [ 771.900700][ T1207] usb 9-1: Found UVC 0.00 device (05ac:8501) [ 771.917081][ T1207] usb 9-1: No valid video chain found. [ 772.127475][ T975] usb 9-1: USB disconnect, device number 26 [ 773.619384][ T5839] Bluetooth: hci1: command 0x0405 tx timeout [ 773.662873][ T2280] netlink: 24 bytes leftover after parsing attributes in process `syz.7.12160'. [ 774.136573][ T2300] netlink: 48 bytes leftover after parsing attributes in process `syz.8.12169'. [ 775.613801][ T53] wlan0: Trigger new scan to find an IBSS to join [ 776.076867][ T2372] geneve2: entered promiscuous mode [ 776.086383][ T2372] geneve2: entered allmulticast mode [ 776.413411][ T2390] netlink: 8 bytes leftover after parsing attributes in process `syz.6.12211'. [ 776.563975][ T63] wlan0: Creating new IBSS network, BSSID 2a:af:a2:26:be:a4 [ 776.592693][ T2400] netlink: 88 bytes leftover after parsing attributes in process `syz.0.12213'. [ 776.635253][ T2400] netlink: 16 bytes leftover after parsing attributes in process `syz.0.12213'. [ 777.221637][ T2431] batman_adv: batadv0: Adding interface: dummy0 [ 777.241374][ T2435] netlink: 4 bytes leftover after parsing attributes in process `syz.5.12227'. [ 777.287528][ T2431] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 777.339090][ T2431] batman_adv: batadv0: Interface activated: dummy0 [ 777.394482][ T2438] netlink: 'syz.7.12229': attribute type 1 has an invalid length. [ 777.796913][ T2456] xt_CT: No such helper "snmp" [ 778.047067][ T30] kauditd_printk_skb: 15 callbacks suppressed [ 778.047084][ T30] audit: type=1326 audit(2000000266.452:5087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2470 comm="syz.7.12241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd705d8d169 code=0x7ffc0000 [ 778.075353][ C1] vkms_vblank_simulate: vblank timer overrun [ 778.127599][ T30] audit: type=1326 audit(2000000266.452:5088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2470 comm="syz.7.12241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd705d8d169 code=0x7ffc0000 [ 778.216637][ T30] audit: type=1326 audit(2000000266.502:5089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2470 comm="syz.7.12241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fd705d8d169 code=0x7ffc0000 [ 778.274972][ T30] audit: type=1326 audit(2000000266.502:5090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2470 comm="syz.7.12241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd705d8d169 code=0x7ffc0000 [ 778.325150][ T30] audit: type=1326 audit(2000000266.502:5091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2470 comm="syz.7.12241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd705d8d169 code=0x7ffc0000 [ 778.374759][ T30] audit: type=1326 audit(2000000266.502:5092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2470 comm="syz.7.12241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fd705d8d169 code=0x7ffc0000 [ 778.516639][ T30] audit: type=1326 audit(2000000266.502:5093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2470 comm="syz.7.12241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd705d8d169 code=0x7ffc0000 [ 778.578586][ T30] audit: type=1326 audit(2000000266.502:5094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2470 comm="syz.7.12241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd705d8d169 code=0x7ffc0000 [ 778.623792][ T30] audit: type=1800 audit(2000000266.502:5095): pid=2474 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.5.12243" name=20019C1437B3CFFCC3A25729EB7393A7C721518FF6ECA56673F56C7B548772D22972A7D6084F9A98F5323A22F412C0542BCD9F767C8DD5B24476638E93D8D6A0C536D278E3633A dev="mqueue" ino=122421 res=0 errno=0 [ 778.660738][ T30] audit: type=1326 audit(2000000266.502:5096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2470 comm="syz.7.12241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7fd705d8d169 code=0x7ffc0000 [ 778.698185][ T2499] netlink: 36 bytes leftover after parsing attributes in process `syz.6.12251'. [ 778.724805][ T2499] netlink: 36 bytes leftover after parsing attributes in process `syz.6.12251'. [ 778.889792][ T2514] veth1_to_hsr: default FDB implementation only supports local addresses [ 779.009609][ T2516] overlayfs: missing 'workdir' [ 779.179194][ T2533] netlink: 4 bytes leftover after parsing attributes in process `syz.0.12264'. [ 780.539170][ T2599] lo speed is unknown, defaulting to 1000 [ 780.910459][ T2618] netlink: 16 bytes leftover after parsing attributes in process `syz.7.12295'. [ 781.125838][ T2626] bond0: entered promiscuous mode [ 781.143895][ T2626] bond_slave_0: entered promiscuous mode [ 781.156029][ T2626] bond_slave_1: entered promiscuous mode [ 781.319234][ T2633] 9pnet_fd: Insufficient options for proto=fd [ 781.647019][ T2650] overlayfs: conflicting options: metacopy=on,redirect_dir=follow [ 782.051706][ T2673] lo speed is unknown, defaulting to 1000 [ 782.219649][ T2682] o2cb: This node has not been configured. [ 782.253638][ T2682] o2cb: Cluster check failed. Fix errors before retrying. [ 782.285086][ T2682] (syz.8.12319,2682,0):user_dlm_register:674 ERROR: status = -22 [ 782.292870][ T2682] (syz.8.12319,2682,0):dlmfs_mkdir:438 ERROR: Error -22 could not register domain "file1" [ 782.336578][ T2688] netlink: 20 bytes leftover after parsing attributes in process `syz.5.12320'. [ 782.365538][ T2688] IPv6: Can't replace route, no match found [ 784.513632][ T5874] usb 6-1: new full-speed USB device number 38 using dummy_hcd [ 784.699663][ T5874] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 784.734659][ T5874] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 784.764788][ T5874] usb 6-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40 [ 784.780833][ T5874] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=4 [ 784.795767][ T5874] usb 6-1: SerialNumber: syz [ 784.806725][ T5874] usb 6-1: config 0 descriptor?? [ 784.818717][ T5874] usb 6-1: Found UVC 0.00 device (10c4:ea90) [ 784.840917][ T5874] usb 6-1: No valid video chain found. [ 785.036232][ T975] usb 6-1: USB disconnect, device number 38 [ 785.690468][ T2826] netlink: 8 bytes leftover after parsing attributes in process `syz.5.12373'. [ 785.716116][ T2826] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:24) already exists on: dummy0 [ 785.742649][ T2826] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 785.762753][ T2826] vlan0: entered allmulticast mode [ 785.773134][ T2826] dummy0: entered allmulticast mode [ 786.690155][ T2876] openvswitch: netlink: nsh attribute has 65504 unknown bytes. [ 786.698087][ T2876] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 787.361542][ T1207] usb 9-1: new low-speed USB device number 27 using dummy_hcd [ 787.516801][ T1207] usb 9-1: config 0 has an invalid interface number: 1 but max is 0 [ 787.533937][ T1207] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 787.547933][ T1207] usb 9-1: config 0 has no interface number 0 [ 787.554458][ T1207] usb 9-1: config 0 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 787.561079][ T2908] netlink: 4 bytes leftover after parsing attributes in process `syz.5.12401'. [ 787.577255][ T1207] usb 9-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 787.590139][ T1207] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 787.613718][ T1207] usb 9-1: config 0 descriptor?? [ 787.627834][ T1207] iowarrior 9-1:0.1: no interrupt-in endpoint found [ 787.830620][ T1207] usb 9-1: USB disconnect, device number 27 [ 788.274329][ T975] usb 6-1: new high-speed USB device number 39 using dummy_hcd [ 788.381571][ T5839] Bluetooth: hci2: unexpected event 0x03 length: 17 > 11 [ 788.381609][ T5839] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection [ 788.408601][ T2937] vxcan1: tx address claim with dest, not broadcast [ 788.451565][ T975] usb 6-1: Using ep0 maxpacket: 32 [ 788.466914][ T975] usb 6-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be [ 788.480868][ T975] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 788.502207][ T975] usb 6-1: config 0 descriptor?? [ 788.510117][ T975] gspca_main: vc032x-2.14.0 probing 0ac8:0321 [ 788.595626][ T2941] netlink: 8 bytes leftover after parsing attributes in process `syz.6.12418'. [ 788.675101][ T2945] netlink: 8 bytes leftover after parsing attributes in process `syz.8.12420'. [ 788.807245][ T2951] netlink: 8 bytes leftover after parsing attributes in process `syz.8.12423'. [ 788.986271][ T2957] netlink: 'syz.7.12426': attribute type 2 has an invalid length. [ 789.333111][ T975] gspca_vc032x: reg_w err -71 [ 789.340477][ T975] gspca_vc032x: I2c Bus Busy Wait 00 [ 789.362476][ T975] gspca_vc032x: I2c Bus Busy Wait 00 [ 789.380830][ T975] gspca_vc032x: I2c Bus Busy Wait 00 [ 789.392294][ T975] gspca_vc032x: I2c Bus Busy Wait 00 [ 789.404524][ T975] gspca_vc032x: I2c Bus Busy Wait 00 [ 789.426368][ T975] gspca_vc032x: I2c Bus Busy Wait 00 [ 789.439074][ T975] gspca_vc032x: I2c Bus Busy Wait 00 [ 789.454552][ T975] gspca_vc032x: I2c Bus Busy Wait 00 [ 789.466094][ T975] gspca_vc032x: I2c Bus Busy Wait 00 [ 789.477128][ T975] gspca_vc032x: I2c Bus Busy Wait 00 [ 789.493012][ T975] gspca_vc032x: I2c Bus Busy Wait 00 [ 789.501693][ T975] gspca_vc032x: I2c Bus Busy Wait 00 [ 789.507183][ T975] gspca_vc032x: I2c Bus Busy Wait 00 [ 789.539247][ T975] gspca_vc032x: I2c Bus Busy Wait 00 [ 789.559664][ T975] gspca_vc032x: I2c Bus Busy Wait 00 [ 789.581102][ T975] gspca_vc032x: I2c Bus Busy Wait 00 [ 789.617572][ T975] gspca_vc032x: I2c Bus Busy Wait 00 [ 789.627693][ T975] gspca_vc032x: I2c Bus Busy Wait 00 [ 789.644880][ T975] gspca_vc032x: Unknown sensor... [ 789.658443][ T975] vc032x 6-1:0.0: probe with driver vc032x failed with error -22 [ 789.692219][ T975] usb 6-1: USB disconnect, device number 39 [ 790.086511][ T2994] serio: Serial port ptm0 [ 790.410555][ T5839] Bluetooth: hci2: command 0x0406 tx timeout [ 791.067610][ T3049] netlink: 60 bytes leftover after parsing attributes in process `syz.6.12465'. [ 791.105894][ T3048] netlink: 60 bytes leftover after parsing attributes in process `syz.6.12465'. [ 791.151768][ T3053] netlink: 60 bytes leftover after parsing attributes in process `syz.6.12465'. [ 792.129061][ T5907] usb 9-1: new high-speed USB device number 28 using dummy_hcd [ 792.306945][ T5907] usb 9-1: Using ep0 maxpacket: 8 [ 792.315633][ T5907] usb 9-1: New USB device found, idVendor=10c4, idProduct=8244, bcdDevice=dc.00 [ 792.335258][ T5907] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 792.365604][ T5907] usb 9-1: Product: syz [ 792.407355][ T5907] usb 9-1: Manufacturer: syz [ 792.428550][ T5907] usb 9-1: SerialNumber: syz [ 792.465119][ T5907] usb 9-1: config 0 descriptor?? [ 792.484430][ T5907] radio-usb-si4713 9-1:0.0: Si4713 development board discovered: (10C4:8244) [ 793.102438][ T5907] radio-usb-si4713 9-1:0.0: probe with driver radio-usb-si4713 failed with error -71 [ 793.129734][ T3111] netlink: 36 bytes leftover after parsing attributes in process `syz.6.12497'. [ 793.138920][ T5907] usbhid 9-1:0.0: couldn't find an input interrupt endpoint [ 793.142667][ T5907] usb 9-1: USB disconnect, device number 28 [ 793.315551][ T3117] netlink: 4 bytes leftover after parsing attributes in process `syz.7.12499'. [ 793.355894][ T3117] netlink: 8 bytes leftover after parsing attributes in process `syz.7.12499'. [ 793.747986][ T3133] sch_fq: defrate 0 ignored. [ 794.547146][ T3173] netlink: 8 bytes leftover after parsing attributes in process `syz.7.12525'. [ 794.561977][ T3173] bond_slave_1: entered promiscuous mode [ 794.574137][ T3173] netlink: 'syz.7.12525': attribute type 2 has an invalid length. [ 794.758543][ T5874] usb 9-1: new high-speed USB device number 29 using dummy_hcd [ 794.937844][ T5874] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 794.949883][ T5874] usb 9-1: New USB device found, idVendor=056a, idProduct=0336, bcdDevice= 0.00 [ 794.972249][ T5874] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 794.987056][ T5874] usb 9-1: config 0 descriptor?? [ 795.119884][ T3203] gretap0: entered promiscuous mode [ 795.125505][ T3203] vlan2: entered promiscuous mode [ 795.148184][ T3203] gretap0: left promiscuous mode [ 795.407721][ T3206] netlink: 8 bytes leftover after parsing attributes in process `syz.7.12539'. [ 795.421569][ T5874] wacom 0003:056A:0336.0072: unknown main item tag 0x0 [ 795.451096][ T5874] wacom 0003:056A:0336.0072: unknown main item tag 0x0 [ 795.481262][ T5874] wacom 0003:056A:0336.0072: hidraw0: USB HID v0.00 Device [HID 056a:0336] on usb-dummy_hcd.8-1/input0 [ 795.545580][ T3210] netlink: 4 bytes leftover after parsing attributes in process `syz.7.12541'. [ 795.628222][ T5907] usb 9-1: USB disconnect, device number 29 [ 796.203678][ T30] kauditd_printk_skb: 4 callbacks suppressed [ 796.203694][ T30] audit: type=1326 audit(2000000285.621:5101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3235 comm="syz.8.12554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f600fd8d169 code=0x7ffc0000 [ 796.281541][ T30] audit: type=1326 audit(2000000285.621:5102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3235 comm="syz.8.12554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f600fd8d169 code=0x7ffc0000 [ 796.329274][ T30] audit: type=1326 audit(2000000285.621:5103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3235 comm="syz.8.12554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f600fd8d169 code=0x7ffc0000 [ 796.358254][ T3239] netlink: 36 bytes leftover after parsing attributes in process `syz.8.12555'. [ 796.361942][ T30] audit: type=1326 audit(2000000285.621:5104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3235 comm="syz.8.12554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f600fd8d169 code=0x7ffc0000 [ 796.389811][ T30] audit: type=1326 audit(2000000285.621:5105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3235 comm="syz.8.12554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f600fd8d169 code=0x7ffc0000 [ 796.413632][ T30] audit: type=1326 audit(2000000285.621:5106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3235 comm="syz.8.12554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=190 compat=0 ip=0x7f600fd8d169 code=0x7ffc0000 [ 796.435705][ T30] audit: type=1326 audit(2000000285.621:5107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3235 comm="syz.8.12554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f600fd8d169 code=0x7ffc0000 [ 796.513513][ T30] audit: type=1326 audit(2000000285.621:5108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3235 comm="syz.8.12554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f600fd8d169 code=0x7ffc0000 [ 796.570358][ T30] audit: type=1326 audit(2000000285.621:5109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3235 comm="syz.8.12554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=193 compat=0 ip=0x7f600fd8d169 code=0x7ffc0000 [ 796.635902][ T30] audit: type=1326 audit(2000000285.621:5110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3235 comm="syz.8.12554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f600fd8d169 code=0x7ffc0000 [ 796.788246][ T3251] ALSA: mixer_oss: invalid OSS volume 'DIG¨TAL1' [ 796.810984][ T3252] team0: No ports can be present during mode change [ 796.966626][T24270] Bluetooth: hci1: command 0x0405 tx timeout [ 797.651436][ T3294] trusted_key: encrypted key: instantiation of keys using provided decrypted data is disabled since CONFIG_USER_DECRYPTED_DATA is set to false [ 798.776843][ T3346] loop6: detected capacity change from 0 to 524287999 [ 798.802518][ C1] blk_print_req_error: 7 callbacks suppressed [ 798.802538][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 798.817873][ C1] buffer_io_error: 7 callbacks suppressed [ 798.817889][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 798.865764][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 798.874980][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 798.883075][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 798.892282][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 798.917253][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 798.926487][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 798.937835][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 798.947102][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 798.960628][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 798.969874][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 798.978316][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 798.987535][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 799.006076][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 799.015272][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 799.023160][ T3346] ldm_validate_partition_table(): Disk read failed. [ 799.046983][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 799.056209][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 799.064432][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 799.073626][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 799.084079][ T3346] Dev loop6: unable to read RDB block 0 [ 799.114431][ T3346] loop6: unable to read partition table [ 799.120941][ T3346] loop_reread_partitions: partition scan of loop6 (3Ÿ ¾x³˜CÖ) failed (rc=-5) [ 800.309462][ T3433] netlink: 68 bytes leftover after parsing attributes in process `syz.7.12644'. [ 800.319162][ T5907] usb 9-1: new high-speed USB device number 30 using dummy_hcd [ 800.485486][ T5907] usb 9-1: Using ep0 maxpacket: 16 [ 800.512314][ T5907] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 800.543844][ T5907] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 800.557245][ T5907] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4 [ 800.585245][ T5907] usb 9-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00 [ 800.617190][ T5907] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 800.653663][ T5907] usb 9-1: config 0 descriptor?? [ 801.006835][ T3458] netlink: 48 bytes leftover after parsing attributes in process `syz.5.12655'. [ 801.089683][ T5907] kovaplus 0003:1E7D:2D50.0073: unknown main item tag 0x0 [ 801.110394][ T5907] kovaplus 0003:1E7D:2D50.0073: unknown main item tag 0x0 [ 801.138917][ T5907] kovaplus 0003:1E7D:2D50.0073: unknown main item tag 0x0 [ 801.166011][ T5907] kovaplus 0003:1E7D:2D50.0073: hidraw0: USB HID v0.00 Device [HID 1e7d:2d50] on usb-dummy_hcd.8-1/input0 [ 801.491425][ T5907] kovaplus 0003:1E7D:2D50.0073: couldn't init struct kovaplus_device [ 801.522992][ T5907] kovaplus 0003:1E7D:2D50.0073: couldn't install mouse [ 801.541174][ T5907] kovaplus 0003:1E7D:2D50.0073: probe with driver kovaplus failed with error -71 [ 801.558765][ T5907] usb 9-1: USB disconnect, device number 30 [ 802.221285][ T3490] netlink: 16 bytes leftover after parsing attributes in process `syz.0.12668'. [ 802.364621][ T5874] usb 6-1: new high-speed USB device number 40 using dummy_hcd [ 802.383472][ T3494] tipc: Started in network mode [ 802.393249][ T3494] tipc: Node identity ac14140f, cluster identity 4711 [ 802.411985][ T3494] tipc: New replicast peer: 255.255.255.255 [ 802.422819][ T3494] tipc: Enabled bearer , priority 0 [ 802.522490][ T5874] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 802.556975][ T5874] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 802.593437][ T5874] usb 6-1: New USB device found, idVendor=0853, idProduct=0146, bcdDevice= 0.00 [ 802.619154][ T5874] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 802.646524][ T5874] usb 6-1: config 0 descriptor?? [ 803.104168][ T5874] topre 0003:0853:0146.0074: hidraw0: USB HID v0.00 Device [HID 0853:0146] on usb-dummy_hcd.5-1/input0 [ 803.288213][ T5874] usb 6-1: USB disconnect, device number 40 [ 803.423827][ T975] tipc: Node number set to 2886997007 [ 803.650910][ T3530] netlink: 'syz.7.12689': attribute type 29 has an invalid length. [ 803.676042][ T3530] netlink: 'syz.7.12689': attribute type 29 has an invalid length. [ 803.698474][ T3530] netlink: 'syz.7.12689': attribute type 29 has an invalid length. [ 804.396996][ T3550] netlink: 'syz.5.12697': attribute type 29 has an invalid length. [ 804.426047][ T3550] netlink: 'syz.5.12697': attribute type 29 has an invalid length. [ 804.451040][ T3550] netlink: 'syz.5.12697': attribute type 29 has an invalid length. [ 804.470473][ T3550] netlink: 'syz.5.12697': attribute type 29 has an invalid length. [ 804.490586][ T3550] netlink: 'syz.5.12697': attribute type 29 has an invalid length. [ 804.503555][ T3550] netlink: 'syz.5.12697': attribute type 29 has an invalid length. [ 804.541353][ T3550] netlink: 'syz.5.12697': attribute type 29 has an invalid length. [ 804.662884][ T5907] usb 9-1: new high-speed USB device number 31 using dummy_hcd [ 804.816886][ T5907] usb 9-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad [ 804.836353][ T5907] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 804.867554][ T5907] usb 9-1: config 0 descriptor?? [ 804.890591][ T5907] gspca_main: spca508-2.14.0 probing 8086:0110 [ 805.109643][ T5907] gspca_spca508: reg_read err -32 [ 805.122210][ T5907] gspca_spca508: reg_read err -32 [ 805.350795][ T5907] gspca_spca508: reg_read err -71 [ 805.372525][ T5907] gspca_spca508: reg_read err -71 [ 805.382826][ T5907] gspca_spca508: reg write: error -71 [ 805.388289][ T5907] spca508 9-1:0.0: probe with driver spca508 failed with error -71 [ 805.424331][ T5907] usb 9-1: USB disconnect, device number 31 [ 806.620811][ T3621] ucma_write: process 1497 (syz.6.12728) changed security contexts after opening file descriptor, this is not allowed. [ 807.151619][ T5907] usb 9-1: new high-speed USB device number 32 using dummy_hcd [ 807.329392][ T5907] usb 9-1: Using ep0 maxpacket: 8 [ 807.340942][ T5907] usb 9-1: config 179 has an invalid interface number: 65 but max is 0 [ 807.369392][ T5907] usb 9-1: config 179 has no interface number 0 [ 807.381491][ T5907] usb 9-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 807.414435][ T5907] usb 9-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 807.435979][ T5907] usb 9-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 807.463749][ T5907] usb 9-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 807.491468][ T5907] usb 9-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 807.510729][ T5907] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 807.553395][ T3636] raw-gadget.1 gadget.8: fail, usb_ep_enable returned -22 [ 807.868040][ T5907] usb 9-1: USB disconnect, device number 32 [ 807.874196][ C0] xpad 9-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 807.874244][ C0] xpad 9-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 808.402953][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 808.822334][ T3685] vivid-002: disconnect [ 808.837691][ T3684] vivid-002: reconnect [ 809.021518][ T3693] Invalid/unusable pipe [ 809.040661][ T53] wlan0: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 809.531475][ T30] kauditd_printk_skb: 11 callbacks suppressed [ 809.531494][ T30] audit: type=1326 audit(2000000298.968:5122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3714 comm="syz.7.12781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd705d8d169 code=0x7ffc0000 [ 809.591644][ T30] audit: type=1326 audit(2000000299.018:5123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3714 comm="syz.7.12781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd705d8d169 code=0x7ffc0000 [ 809.613894][ T30] audit: type=1326 audit(2000000299.018:5124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3714 comm="syz.7.12781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7fd705d8d169 code=0x7ffc0000 [ 809.635437][ C1] vkms_vblank_simulate: vblank timer overrun [ 809.642560][ T30] audit: type=1326 audit(2000000299.018:5125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3714 comm="syz.7.12781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd705d8d169 code=0x7ffc0000 [ 809.664903][ T30] audit: type=1326 audit(2000000299.018:5126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3714 comm="syz.7.12781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd705d8d169 code=0x7ffc0000 [ 809.686536][ C1] vkms_vblank_simulate: vblank timer overrun [ 809.720591][ T30] audit: type=1326 audit(2000000299.018:5127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3714 comm="syz.7.12781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd705d8d169 code=0x7ffc0000 [ 809.742940][ T30] audit: type=1326 audit(2000000299.018:5128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3714 comm="syz.7.12781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd705d8d169 code=0x7ffc0000 [ 809.766625][ T30] audit: type=1326 audit(2000000299.018:5129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3714 comm="syz.7.12781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd705d8d169 code=0x7ffc0000 [ 809.788252][ C1] vkms_vblank_simulate: vblank timer overrun [ 809.860159][ T30] audit: type=1326 audit(2000000299.018:5130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3714 comm="syz.7.12781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fd705d8d169 code=0x7ffc0000 [ 809.923304][ T30] audit: type=1326 audit(2000000299.018:5131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3714 comm="syz.7.12781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd705d8d169 code=0x7ffc0000 [ 811.146737][ T3767] trusted_key: syz.0.12794 sent an empty control message without MSG_MORE. [ 811.282383][ T3776] netlink: 36 bytes leftover after parsing attributes in process `syz.8.12795'. [ 811.750859][ T3798] validate_nla: 1 callbacks suppressed [ 811.750879][ T3798] netlink: 'syz.8.12808': attribute type 10 has an invalid length. [ 811.876154][ T3803] netlink: 72 bytes leftover after parsing attributes in process `syz.6.12810'. [ 811.895132][ T3803] netlink: 12 bytes leftover after parsing attributes in process `syz.6.12810'. [ 811.918950][ T3803] netlink: 40 bytes leftover after parsing attributes in process `syz.6.12810'. [ 812.778550][ T3805] [U] .ú [ 813.159672][ T3846] netlink: 68 bytes leftover after parsing attributes in process `syz.5.12828'. [ 813.524948][ T3858] netlink: 12 bytes leftover after parsing attributes in process `syz.8.12834'. [ 813.628312][ T5907] usb 6-1: new high-speed USB device number 41 using dummy_hcd [ 813.800440][ T5907] usb 6-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 813.811768][ T5907] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 813.842340][ T5907] usb 6-1: config 0 descriptor?? [ 813.859581][ T5907] cp210x 6-1:0.0: cp210x converter detected [ 814.269198][ T5907] cp210x 6-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 814.308406][ T5907] usb 6-1: cp210x converter now attached to ttyUSB0 [ 814.506829][ T5874] usb 6-1: USB disconnect, device number 41 [ 814.550184][ T5874] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 814.610173][ T5874] cp210x 6-1:0.0: device disconnected [ 814.822516][ T3876] netlink: 8 bytes leftover after parsing attributes in process `syz.7.12842'. [ 814.873076][ T3876] netlink: 24 bytes leftover after parsing attributes in process `syz.7.12842'. [ 815.328683][ T3890] serio: Serial port ptm0 [ 818.591175][ T3989] netlink: 'syz.5.12894': attribute type 1 has an invalid length. [ 818.613769][ T3989] netlink: 'syz.5.12894': attribute type 3 has an invalid length. [ 818.634170][ T3989] netlink: 216 bytes leftover after parsing attributes in process `syz.5.12894'. [ 818.654661][ T3989] NCSI netlink: No device for ifindex 813332851 [ 819.091991][ T4011] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 819.584596][ T4037] trusted_key: encrypted_key: keyword 'upcate' not recognized [ 820.776031][ T4084] lo speed is unknown, defaulting to 1000 [ 821.844524][ T4139] ALSA: mixer_oss: invalid index 9551615 [ 822.031165][ T4148] netlink: 4 bytes leftover after parsing attributes in process `syz.5.12967'. [ 822.073211][ T4149] 8021q: adding VLAN 0 to HW filter on device bond3 [ 822.080728][ T4152] netlink: 8 bytes leftover after parsing attributes in process `syz.6.12968'. [ 822.935459][ T4190] program syz.5.12987 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 824.084012][ T975] usb 9-1: new high-speed USB device number 33 using dummy_hcd [ 824.123435][ T4232] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 824.296376][ T975] usb 9-1: New USB device found, idVendor=056a, idProduct=0030, bcdDevice= 0.00 [ 824.307968][ T975] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 824.324312][ T975] usb 9-1: config 0 descriptor?? [ 824.746080][ T975] wacom 0003:056A:0030.0075: hidraw0: USB HID v1.01 Device [HID 056a:0030] on usb-dummy_hcd.8-1/input0 [ 824.942106][ T5907] usb 9-1: USB disconnect, device number 33 [ 825.521526][ T4282] vivid-000: disconnect [ 825.542910][ T4281] vivid-000: reconnect [ 825.691009][ T4290] netlink: 'syz.8.13033': attribute type 1 has an invalid length. [ 825.765532][ T4294] veth1_virt_wifi: vlans aren't supported yet for dev_uc|mc_add() [ 826.283054][ T4317] netlink: 48 bytes leftover after parsing attributes in process `syz.7.13046'. [ 826.335118][ T30] kauditd_printk_skb: 1 callbacks suppressed [ 826.335135][ T30] audit: type=1326 audit(2000000315.776:5133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4319 comm="syz.7.13047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd705d8d169 code=0x7ffc0000 [ 826.362802][ C1] vkms_vblank_simulate: vblank timer overrun [ 826.373911][ T30] audit: type=1326 audit(2000000315.776:5134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4319 comm="syz.7.13047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd705d8d169 code=0x7ffc0000 [ 826.395550][ C1] vkms_vblank_simulate: vblank timer overrun [ 826.402966][ T30] audit: type=1326 audit(2000000315.816:5135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4319 comm="syz.7.13047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=121 compat=0 ip=0x7fd705d8d169 code=0x7ffc0000 [ 826.425272][ T30] audit: type=1326 audit(2000000315.816:5136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4319 comm="syz.7.13047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd705d8d169 code=0x7ffc0000 [ 826.474933][ T30] audit: type=1326 audit(2000000315.816:5137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4319 comm="syz.7.13047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd705d8d169 code=0x7ffc0000 [ 826.496568][ C1] vkms_vblank_simulate: vblank timer overrun [ 826.504656][ T30] audit: type=1326 audit(2000000315.816:5138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4319 comm="syz.7.13047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fd705d8d169 code=0x7ffc0000 [ 826.526371][ C1] vkms_vblank_simulate: vblank timer overrun [ 826.533979][ T30] audit: type=1326 audit(2000000315.816:5139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4319 comm="syz.7.13047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd705d8d169 code=0x7ffc0000 [ 826.556704][ T30] audit: type=1326 audit(2000000315.816:5140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4319 comm="syz.7.13047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd705d8d169 code=0x7ffc0000 [ 826.578323][ C1] vkms_vblank_simulate: vblank timer overrun [ 826.600440][ T30] audit: type=1326 audit(2000000315.816:5141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4319 comm="syz.7.13047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=297 compat=0 ip=0x7fd705d8d169 code=0x7ffc0000 [ 826.623068][ T30] audit: type=1326 audit(2000000315.816:5142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4319 comm="syz.7.13047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd705d8d169 code=0x7ffc0000 [ 826.644695][ C1] vkms_vblank_simulate: vblank timer overrun [ 827.626298][ T4366] netlink: 52 bytes leftover after parsing attributes in process `syz.7.13066'. [ 827.823955][ T4376] netlink: 16 bytes leftover after parsing attributes in process `syz.7.13072'. [ 828.570872][ T4404] netlink: 8 bytes leftover after parsing attributes in process `syz.5.13085'. [ 828.580129][ T4404] netlink: 12 bytes leftover after parsing attributes in process `syz.5.13085'. [ 828.724547][ T4412] Attempt to restore checkpoint with obsolete wellknown handles [ 829.011141][ T4426] netlink: 'syz.8.13095': attribute type 3 has an invalid length. [ 829.043430][ T4426] netlink: 72 bytes leftover after parsing attributes in process `syz.8.13095'. [ 829.187290][ T4437] netlink: 48 bytes leftover after parsing attributes in process `syz.8.13100'. [ 829.311361][ T4443] netlink: 60 bytes leftover after parsing attributes in process `syz.0.13102'. [ 829.331161][ T4441] netlink: 60 bytes leftover after parsing attributes in process `syz.0.13102'. [ 829.359511][ T4443] netlink: 60 bytes leftover after parsing attributes in process `syz.0.13102'. [ 829.732577][ T4458] lo: entered allmulticast mode [ 829.739544][ T4458] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 829.833495][ T4460] lo speed is unknown, defaulting to 1000 [ 830.311576][ T4474] random: crng reseeded on system resumption [ 832.543441][ T4562] netlink: 'syz.0.13159': attribute type 10 has an invalid length. [ 832.552065][ T4562] __nla_validate_parse: 2 callbacks suppressed [ 832.552080][ T4562] netlink: 152 bytes leftover after parsing attributes in process `syz.0.13159'. [ 832.820930][ T10] usb 9-1: new high-speed USB device number 34 using dummy_hcd [ 832.993256][ T10] usb 9-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 833.026840][ T10] usb 9-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 833.050475][ T10] usb 9-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 833.060701][ T10] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 833.072589][ T4564] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22 [ 833.087551][ T10] usb 9-1: Quirk or no altset; falling back to MIDI 1.0 [ 833.339332][ T10] usb 9-1: USB disconnect, device number 34 [ 833.596094][ T4608] hpfs: Bad magic ... probably not HPFS [ 833.980091][ T13] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 834.455274][ T4642] CIFS mount error: No usable UNC path provided in device string! [ 834.455274][ T4642] [ 834.483471][ T4642] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 834.619446][ T53] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 834.635282][ T30] audit: type=1326 audit(2000000324.071:5143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4617 comm="syz.6.13183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99edf8d169 code=0x7fc00000 [ 834.656917][ C1] vkms_vblank_simulate: vblank timer overrun [ 835.089436][ T4658] netlink: 'syz.7.13201': attribute type 1 has an invalid length. [ 835.258260][ T13] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 835.295165][ T4663] netlink: 340 bytes leftover after parsing attributes in process `syz.6.13202'. [ 835.409137][ T4666] ax25_connect(): syz.0.13204 uses autobind, please contact jreuter@yaina.de [ 835.756760][ T4676] tap0: tun_chr_ioctl cmd 1074025677 [ 835.803161][ T4676] tap0: linktype set to 512 [ 835.854837][ T4681] netlink: 80 bytes leftover after parsing attributes in process `syz.6.13211'. [ 836.538208][T19652] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 837.208571][ T4726] netlink: 60 bytes leftover after parsing attributes in process `syz.5.13231'. [ 839.017413][ T1145] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 839.132886][ T4832] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 839.144527][ T4833] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 839.558444][ T4851] program syz.5.13279 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 839.852977][ T4864] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check. [ 840.376330][ T4786] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 840.515324][ T4885] netlink: 4 bytes leftover after parsing attributes in process `syz.7.13294'. [ 840.645538][ T4878] sctp: [Deprecated]: syz.8.13291 (pid 4878) Use of int in max_burst socket option. [ 840.645538][ T4878] Use struct sctp_assoc_value instead [ 841.015939][ T4786] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 841.024695][ T53] wlan0: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 841.494731][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 842.043964][ T4947] netlink: 'syz.8.13321': attribute type 18 has an invalid length. [ 842.295488][ T53] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 843.189572][ T4993] netem: incorrect ge model size [ 843.203595][ T4993] netem: change failed [ 843.507942][ T5009] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 843.523002][ T5009] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 843.555658][ T5009] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 843.577988][ T5009] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 843.623643][ T5009] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 843.632010][ T5009] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 844.463936][ T975] usb 9-1: new high-speed USB device number 35 using dummy_hcd [ 844.642887][ T975] usb 9-1: Using ep0 maxpacket: 32 [ 844.650761][ T975] usb 9-1: config 8 has an invalid interface number: 203 but max is 0 [ 844.660382][ T975] usb 9-1: config 8 has no interface number 0 [ 844.680106][ T975] usb 9-1: config 8 interface 203 altsetting 1 has an endpoint descriptor with address 0x93, changing to 0x83 [ 844.708633][ T975] usb 9-1: config 8 interface 203 altsetting 1 bulk endpoint 0x83 has invalid maxpacket 1024 [ 844.749566][ T975] usb 9-1: config 8 interface 203 altsetting 1 endpoint 0xD has invalid maxpacket 1023, setting to 64 [ 844.792379][ T975] usb 9-1: config 8 interface 203 has no altsetting 0 [ 844.821872][ T975] usb 9-1: New USB device found, idVendor=054c, idProduct=06c3, bcdDevice=eb.7a [ 844.840326][ T975] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 844.861549][ T975] usb 9-1: Product: syz [ 844.866221][ T975] usb 9-1: Manufacturer: syz [ 844.870837][ T975] usb 9-1: SerialNumber: syz [ 844.889181][ T5034] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22 [ 845.118246][ T975] port100 9-1:8.203: NFC: Could not find bulk-in or bulk-out endpoint [ 845.136448][ T975] usb 9-1: USB disconnect, device number 35 [ 845.136905][ T5063] lo speed is unknown, defaulting to 1000 [ 845.477746][ T5067] net_ratelimit: 1020 callbacks suppressed [ 845.477759][ T5067] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 845.496224][ T5067] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 845.505158][ T5067] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 845.729825][ T5074] netlink: 8 bytes leftover after parsing attributes in process `syz.8.13376'. [ 845.845735][ T5080] netlink: 4 bytes leftover after parsing attributes in process `syz.5.13380'. [ 846.062764][ T975] usb 9-1: new high-speed USB device number 36 using dummy_hcd [ 846.135545][ T53] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 846.263850][ T975] usb 9-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 846.275650][ T975] usb 9-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 846.291132][ T975] usb 9-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 846.300866][ T975] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 846.313565][ T5078] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22 [ 846.327874][ T975] usb 9-1: Quirk or no altset; falling back to MIDI 1.0 [ 846.536775][ T975] usb 9-1: USB disconnect, device number 36 [ 846.772605][ T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 846.885499][ T30] audit: type=1326 audit(2000000336.337:5144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5120 comm="syz.7.13399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd705d8d169 code=0x7ffc0000 [ 846.908210][ T30] audit: type=1326 audit(2000000336.337:5145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5120 comm="syz.7.13399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd705d8d169 code=0x7ffc0000 [ 846.932816][ T30] audit: type=1326 audit(2000000336.337:5146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5120 comm="syz.7.13399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7fd705d8d169 code=0x7ffc0000 [ 846.956007][ T30] audit: type=1326 audit(2000000336.337:5147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5120 comm="syz.7.13399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd705d8d169 code=0x7ffc0000 [ 846.977794][ T30] audit: type=1326 audit(2000000336.337:5148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5120 comm="syz.7.13399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd705d8d169 code=0x7ffc0000 [ 846.999408][ C1] vkms_vblank_simulate: vblank timer overrun [ 847.006643][ T30] audit: type=1326 audit(2000000336.357:5149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5120 comm="syz.7.13399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd705d8d169 code=0x7ffc0000 [ 847.029909][ T30] audit: type=1326 audit(2000000336.357:5150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5120 comm="syz.7.13399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd705d8d169 code=0x7ffc0000 [ 847.051535][ C1] vkms_vblank_simulate: vblank timer overrun [ 847.066261][ T30] audit: type=1326 audit(2000000336.357:5151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5120 comm="syz.7.13399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd705d8d169 code=0x7ffc0000 [ 847.099518][ T5123] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 847.104082][ T30] audit: type=1326 audit(2000000336.377:5152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5120 comm="syz.7.13399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=48 compat=0 ip=0x7fd705d8d169 code=0x7ffc0000 [ 847.131093][ T30] audit: type=1326 audit(2000000336.387:5153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5120 comm="syz.7.13399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd705d8d169 code=0x7ffc0000 [ 847.438160][ T5139] netlink: 44 bytes leftover after parsing attributes in process `syz.7.13405'. [ 847.587137][ T5148] x_tables: ip_tables: icmp match: only valid for protocol 1 [ 847.829411][ T5156] syzkaller1: entered promiscuous mode [ 847.845548][ T5156] syzkaller1: entered allmulticast mode [ 848.054908][ T53] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 848.221359][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 849.076476][ T5205] lo speed is unknown, defaulting to 1000 [ 849.480792][ T5907] usb 9-1: new high-speed USB device number 37 using dummy_hcd [ 849.661979][ T5907] usb 9-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 1023 [ 849.684900][ T5907] usb 9-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 849.731320][ T5907] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 849.751074][ T5907] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 849.759119][ T5907] usb 9-1: SerialNumber: syz [ 849.783355][ T5213] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22 [ 850.100514][ T5872] usb 6-1: new high-speed USB device number 42 using dummy_hcd [ 850.226244][ T5907] cdc_ether 9-1:1.0: probe with driver cdc_ether failed with error -71 [ 850.252219][ T5907] usb 9-1: USB disconnect, device number 37 [ 850.301423][ T5872] usb 6-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47 [ 850.325406][ T5872] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 850.361877][ T5872] usb 6-1: config 0 descriptor?? [ 850.368885][ T5872] gspca_main: STV06xx-2.14.0 probing 046d:0870 [ 850.611629][ T63] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 851.182596][ T5872] gspca_stv06xx: I2C: Read error writing address: -71 [ 851.192423][ T5872] usb 6-1: USB disconnect, device number 42 [ 851.437984][ T5278] netlink: 24 bytes leftover after parsing attributes in process `syz.8.13464'. [ 851.476460][ T5278] netlink: 24 bytes leftover after parsing attributes in process `syz.8.13464'. [ 851.814659][ T5292] Invalid logical block size (768) [ 851.902374][ T13] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 852.231641][ T5316] netlink: 4 bytes leftover after parsing attributes in process `syz.6.13482'. [ 852.243069][ T5316] netlink: 4 bytes leftover after parsing attributes in process `syz.6.13482'. [ 852.526254][ T5329] lo speed is unknown, defaulting to 1000 [ 852.532761][ T63] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 853.809272][ T13] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 854.921285][ T5395] lo speed is unknown, defaulting to 1000 [ 855.557894][ T5418] input: syz0 as /devices/virtual/input/input121 [ 856.114049][ T5435] netlink: 100 bytes leftover after parsing attributes in process `syz.0.13527'. [ 856.260325][ T5442] [U]  [ 856.368139][ T1161] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 856.390899][ T5447] loop6: detected capacity change from 0 to 524287999 [ 856.409634][ C1] blk_print_req_error: 6 callbacks suppressed [ 856.409653][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 856.424956][ C1] buffer_io_error: 6 callbacks suppressed [ 856.425000][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 856.438829][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 856.448036][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 856.458274][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 856.467505][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 856.503611][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 856.512846][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 856.527967][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 856.537203][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 856.545281][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 856.554492][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 856.570426][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 856.579651][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 856.590620][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 856.599848][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 856.607729][ T5447] ldm_validate_partition_table(): Disk read failed. [ 856.624689][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 856.633934][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 856.643691][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 856.652897][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 856.667264][ T5447] Dev loop6: unable to read RDB block 0 [ 856.703408][ T5447] loop6: unable to read partition table [ 856.710068][ T5447] loop_reread_partitions: partition scan of loop6 (3Ÿ ¾x³˜CÖ) failed (rc=-5) [ 856.901478][ T5468] lo speed is unknown, defaulting to 1000 [ 857.011452][ T13] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 857.087558][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 857.422541][ T10] kernel write not supported for file /sequencer2 (pid: 10 comm: kworker/0:1) [ 857.567304][ T4786] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 859.281995][ T975] kernel write not supported for file /3272/loginuid (pid: 975 comm: kworker/1:2) [ 859.568130][ C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 859.585635][ T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 860.166295][ T5612] input: syz0 as /devices/virtual/input/input122 [ 860.260089][ T5620] program syz.0.13610 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 860.301879][ T5872] batman_adv: batadv0: Interface deactivated: virt_wifi0 [ 860.874916][ T10] usb 9-1: new full-speed USB device number 38 using dummy_hcd [ 861.013146][ T5652] veth2: entered promiscuous mode [ 861.018701][ T5652] veth2: entered allmulticast mode [ 861.051306][ T10] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 861.069076][ T10] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 861.087795][ T10] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40 [ 861.105826][ T10] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 861.114115][ T10] usb 9-1: SerialNumber: syz [ 861.123299][ T10] cdc_ether 9-1:1.0: probe with driver cdc_ether failed with error -22 [ 861.132280][ T10] usb-storage 9-1:1.0: USB Mass Storage device detected [ 861.152970][ T10] usb-storage 9-1:1.0: Quirks match for vid 0525 pid a4a5: 10000 [ 861.162515][ T10] scsi host1: usb-storage 9-1:1.0 [ 861.351835][ T10] usb 9-1: USB disconnect, device number 38 [ 862.038985][ T5679] netlink: 4 bytes leftover after parsing attributes in process `syz.0.13632'. [ 862.056448][ T5679] macvlan3: entered promiscuous mode [ 862.062076][ T5679] bond0: entered promiscuous mode [ 862.067723][ T5679] bond2: entered promiscuous mode [ 862.074836][ T5679] 8021q: adding VLAN 0 to HW filter on device macvlan3 [ 862.444098][ T5839] Bluetooth: hci3: command 0x0c1a tx timeout [ 862.444487][ T5872] Bluetooth: hci3: Opcode 0x0c1a failed: -110 [ 862.457657][ T5872] Bluetooth: hci3: Error when powering off device on rfkill (-110) [ 864.715948][ T5698] netlink: 12 bytes leftover after parsing attributes in process `syz.8.13641'. [ 864.731741][ T5698] netlink: 112 bytes leftover after parsing attributes in process `syz.8.13641'. [ 864.795161][ T5698] netlink: 12 bytes leftover after parsing attributes in process `syz.8.13641'. [ 865.862324][ T10] usb 6-1: new high-speed USB device number 43 using dummy_hcd [ 866.037331][ T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 866.069529][ T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 866.089789][ T10] usb 6-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00 [ 866.101457][ T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 866.121018][ T10] usb 6-1: config 0 descriptor?? [ 866.123794][ T5755] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 866.683417][ T5839] Bluetooth: hci2: command 0x0406 tx timeout [ 866.689701][ T5872] Bluetooth: hci2: Opcode 0x0c1a failed: -110 [ 866.709799][ T5872] Bluetooth: hci2: Error when powering off device on rfkill (-110) [ 866.961812][ T10] hid-led 0003:0FC5:B080.0076: probe with driver hid-led failed with error -71 [ 866.992896][ T10] usb 6-1: USB disconnect, device number 43 [ 867.169474][ T5795] tipc: Started in network mode [ 867.192085][ T5795] tipc: Node identity 4, cluster identity 4711 [ 867.198280][ T5795] tipc: Node number set to 4 [ 867.682609][ T5817] loop6: detected capacity change from 0 to 524287999 [ 867.690504][ C1] blk_print_req_error: 7 callbacks suppressed [ 867.690523][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 867.705863][ C1] buffer_io_error: 7 callbacks suppressed [ 867.705880][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 867.721176][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 867.730316][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 867.739909][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 867.749104][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 867.761652][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 867.770831][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 867.792855][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 867.802048][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 867.811842][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 867.821015][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 867.833107][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 867.842309][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 867.851149][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 867.860330][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 867.868352][ T5817] ldm_validate_partition_table(): Disk read failed. [ 867.903795][ T5827] loop6: detected capacity change from 524287999 to 0 [ 867.914064][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 867.923315][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 867.934382][ T5817] Dev loop6: unable to read RDB block 0 [ 867.939965][ T5817] loop6: unable to read partition table [ 867.946602][ T5831] netlink: 76 bytes leftover after parsing attributes in process `syz.7.13695'. [ 867.988608][ T5817] loop6: partition table beyond EOD, truncated [ 867.996133][ T5817] loop_reread_partitions: partition scan of loop6 (Â_~w^@®æ#E!$Ÿà½¿Î/â@ÚΦ›Üz`­3r) failed (rc=-5) [ 868.141521][ T5874] usb 9-1: new high-speed USB device number 39 using dummy_hcd [ 868.291441][ T5874] usb 9-1: Using ep0 maxpacket: 16 [ 868.302527][ T5874] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7 [ 868.326242][ T5874] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 868.346634][ T5874] usb 9-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 868.381375][ T5874] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 868.409277][ T5874] usb 9-1: config 0 descriptor?? [ 868.854888][ T5829] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 868.870604][ T5829] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 868.888978][ T5874] hid (null): bogus close delimiter [ 868.899179][ T5874] hid (null): invalid report_count 73655505 [ 868.905782][ T5874] hid (null): invalid report_count 35811 [ 868.914017][ T5874] hid-generic 0003:0158:0100.0077: bogus close delimiter [ 868.921683][ T5874] hid-generic 0003:0158:0100.0077: item 0 0 2 10 parsing failed [ 868.929984][ T5874] hid-generic 0003:0158:0100.0077: probe with driver hid-generic failed with error -22 [ 868.995349][ T5863] team_slave_0: entered promiscuous mode [ 869.001883][ T5863] team_slave_1: entered promiscuous mode [ 869.007724][ T5863] batadv1: entered promiscuous mode [ 869.014359][ T5839] Bluetooth: hci1: command 0x0405 tx timeout [ 869.021591][ T5872] Bluetooth: hci1: Opcode 0x0c1a failed: -110 [ 869.027704][ T5872] Bluetooth: hci1: Error when powering off device on rfkill (-110) [ 869.031077][ T5863] macsec5: entered promiscuous mode [ 869.041482][ T5863] team0: entered promiscuous mode [ 869.047330][ T5863] macsec5: entered allmulticast mode [ 869.053001][ T5863] team0: entered allmulticast mode [ 869.058175][ T5863] team_slave_0: entered allmulticast mode [ 869.064333][ T5863] team_slave_1: entered allmulticast mode [ 869.070062][ T5863] batadv1: entered allmulticast mode [ 869.078541][ T5863] team0: Device macsec5 is already an upper device of the team interface [ 869.110093][ T5863] team0: left allmulticast mode [ 869.110146][ T5874] usb 9-1: USB disconnect, device number 39 [ 869.115336][ T5863] team_slave_0: left allmulticast mode [ 869.115397][ T5863] team_slave_1: left allmulticast mode [ 869.115413][ T5863] batadv1: left allmulticast mode [ 869.115443][ T5863] team0: left promiscuous mode [ 869.145114][ T5863] team_slave_0: left promiscuous mode [ 869.150585][ T5863] team_slave_1: left promiscuous mode [ 869.156350][ T5863] batadv1: left promiscuous mode [ 869.543173][ T30] kauditd_printk_skb: 4 callbacks suppressed [ 869.543190][ T30] audit: type=1326 audit(2000000359.008:5158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5875 comm="syz.7.13712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd705d8d169 code=0x7ffc0000 [ 869.570891][ C1] vkms_vblank_simulate: vblank timer overrun [ 869.600476][ T30] audit: type=1326 audit(2000000359.008:5159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5875 comm="syz.7.13712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd705d8d169 code=0x7ffc0000 [ 869.622122][ C1] vkms_vblank_simulate: vblank timer overrun [ 869.635226][ T30] audit: type=1326 audit(2000000359.008:5160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5875 comm="syz.7.13712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd705d8d169 code=0x7ffc0000 [ 869.662107][ T30] audit: type=1326 audit(2000000359.008:5161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5875 comm="syz.7.13712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd705d8d169 code=0x7ffc0000 [ 869.693713][ T30] audit: type=1326 audit(2000000359.008:5162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5875 comm="syz.7.13712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd705d8d169 code=0x7ffc0000 [ 869.733054][ T30] audit: type=1326 audit(2000000359.008:5163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5875 comm="syz.7.13712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd705d8d169 code=0x7ffc0000 [ 869.764384][ T30] audit: type=1326 audit(2000000359.008:5164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5875 comm="syz.7.13712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd705d8d169 code=0x7ffc0000 [ 869.807725][ T30] audit: type=1326 audit(2000000359.008:5165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5875 comm="syz.7.13712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd705d8d169 code=0x7ffc0000 [ 869.831603][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 869.840624][ T30] audit: type=1326 audit(2000000359.008:5166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5875 comm="syz.7.13712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=20 compat=0 ip=0x7fd705d8d169 code=0x7ffc0000 [ 869.862322][ T30] audit: type=1326 audit(2000000359.008:5167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5875 comm="syz.7.13712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd705d8d169 code=0x7ffc0000 [ 870.720207][ T5907] usb 6-1: new high-speed USB device number 44 using dummy_hcd [ 870.869805][ T5907] usb 6-1: Using ep0 maxpacket: 8 [ 870.882262][ T5907] usb 6-1: config 63 has too many interfaces: 254, using maximum allowed: 32 [ 870.895845][ T5907] usb 6-1: config 63 has 1 interface, different from the descriptor's value: 254 [ 870.905137][ T5907] usb 6-1: config 63 has no interface number 0 [ 870.911524][ T5907] usb 6-1: config 63 interface 19 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 870.921625][ T5907] usb 6-1: config 63 interface 19 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 870.931651][ T5907] usb 6-1: New USB device found, idVendor=2201, idProduct=012c, bcdDevice=3f.e0 [ 870.941005][ T5907] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 870.954709][ T5907] usb 6-1: probing VID:PID(2201:012C) [ 870.961459][ T5907] usb 6-1: vub300 testing BULK OUT EndPoint(0) 02 [ 870.967905][ T5907] usb 6-1: Could not find two sets of bulk-in/out endpoint pairs [ 871.000634][ T5907] vub300 6-1:63.19: probe with driver vub300 failed with error -22 [ 871.202627][ T5907] usb 6-1: USB disconnect, device number 44 [ 871.589066][ T5923] team0 (unregistering): Port device team_slave_0 removed [ 871.612968][ T5923] team0 (unregistering): Port device team_slave_1 removed [ 871.792429][ T5933] ksmbd: Unknown IPC event: 3, ignore. [ 872.330674][ T5948] vlan4: entered allmulticast mode [ 872.420769][ T5952] overlayfs: failed to clone upperpath [ 872.647494][ T5966] netlink: 'syz.8.13753': attribute type 1 has an invalid length. [ 872.665883][ T5966] netlink: 134708 bytes leftover after parsing attributes in process `syz.8.13753'. [ 872.814752][ T5973] netlink: 16 bytes leftover after parsing attributes in process `syz.6.13755'. [ 872.864148][ T5973] netlink: 16 bytes leftover after parsing attributes in process `syz.6.13755'. [ 873.190144][ T5992] ax25_connect(): syz.6.13765 uses autobind, please contact jreuter@yaina.de [ 873.408521][ T5907] usb 9-1: new high-speed USB device number 40 using dummy_hcd [ 873.560399][ T5907] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 873.575347][ T5907] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 873.585515][ T5907] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 873.598936][ T5907] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 873.608029][ T5907] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 873.637738][ T5907] usb 9-1: config 0 descriptor?? [ 874.054773][ T5907] plantronics 0003:047F:FFFF.0078: No inputs registered, leaving [ 874.064489][ T5907] plantronics 0003:047F:FFFF.0078: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.8-1/input0 [ 874.363157][ T5874] usb 9-1: USB disconnect, device number 40 [ 874.679819][ T6025] 9pnet_fd: Insufficient options for proto=fd [ 874.967703][ T5907] usb 6-1: new high-speed USB device number 45 using dummy_hcd [ 875.137561][ T5907] usb 6-1: Using ep0 maxpacket: 8 [ 875.144293][ T5907] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 875.152667][ T5907] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 875.177531][ T5907] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 875.187274][ T5907] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 875.217496][ T5907] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 875.237544][ T5907] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 875.238244][ T5874] usb 9-1: new high-speed USB device number 41 using dummy_hcd [ 875.246587][ T5907] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 875.429321][ T5874] usb 9-1: Using ep0 maxpacket: 16 [ 875.441939][ T5874] usb 9-1: config 0 has an invalid interface number: 8 but max is 0 [ 875.460902][ T5874] usb 9-1: config 0 has no interface number 0 [ 875.465606][ T5907] usb 6-1: GET_CAPABILITIES returned 0 [ 875.474045][ T5907] usbtmc 6-1:16.0: can't read capabilities [ 875.483196][ T5874] usb 9-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 875.507065][ T6040] syzkaller1: entered promiscuous mode [ 875.516235][ T5874] usb 9-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 875.517408][ T6040] syzkaller1: entered allmulticast mode [ 875.536350][ T5874] usb 9-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 875.552949][ T5874] usb 9-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 875.573312][ T5874] usb 9-1: Product: syz [ 875.582581][ T5874] usb 9-1: SerialNumber: syz [ 875.591906][ T5874] usb 9-1: config 0 descriptor?? [ 875.600497][ T5874] cm109 9-1:0.8: invalid payload size 0, expected 4 [ 875.608855][ T5874] input: CM109 USB driver as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.8/input/input123 [ 875.694567][ T5907] usb 6-1: USB disconnect, device number 45 [ 875.856269][ C1] cm109 9-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 875.867550][ C1] cm109 9-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 875.874713][ C1] cm109 9-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 875.882563][ C1] cm109 9-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 875.890247][ C1] cm109 9-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 875.897903][ C1] cm109 9-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 875.905133][ C1] cm109 9-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 875.912817][ C1] cm109 9-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 875.920361][ C1] cm109 9-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 875.927956][ C1] cm109 9-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 875.955749][ T5874] usb 9-1: USB disconnect, device number 41 [ 875.962391][ C1] cm109 9-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 875.993415][ T5874] cm109 9-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 876.226504][ T6069] lo speed is unknown, defaulting to 1000 [ 876.631469][ T6079] netlink: 188 bytes leftover after parsing attributes in process `syz.5.13803'. [ 876.677313][ T6079] netlink: 'syz.5.13803': attribute type 1 has an invalid length. [ 877.751827][ T6110] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 877.762525][ T6110] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 877.771907][ T6110] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 877.780317][ T6110] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 877.790152][ T6110] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 877.805093][ T6110] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 877.814719][ T6114] netlink: 'syz.6.13818': attribute type 3 has an invalid length. [ 877.826256][ T5839] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 877.838547][ T5839] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 877.848053][ T5839] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 877.856581][ T6114] netlink: 'syz.6.13818': attribute type 2 has an invalid length. [ 877.872950][ T6114] netlink: 198084 bytes leftover after parsing attributes in process `syz.6.13818'. [ 877.885832][ T5839] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 877.900323][ T5839] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 877.907950][ T5839] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 877.982943][ T6108] lo speed is unknown, defaulting to 1000 [ 878.168584][ T6129] netlink: 'syz.6.13825': attribute type 13 has an invalid length. [ 878.193659][ T6129] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap2 [ 878.216731][ T6129] gretap2: default qdisc (pfifo_fast) fail, fallback to noqueue [ 878.224457][ T6129] gretap2: entered promiscuous mode [ 878.230428][ T6129] gretap2: entered allmulticast mode [ 878.415916][ T6108] chnl_net:caif_netlink_parms(): no params data found [ 878.733361][ T6108] bridge0: port 1(bridge_slave_0) entered blocking state [ 878.750620][ T6108] bridge0: port 1(bridge_slave_0) entered disabled state [ 878.764326][ T6108] bridge_slave_0: entered allmulticast mode [ 878.783726][ T6108] bridge_slave_0: entered promiscuous mode [ 878.800603][ T6108] bridge0: port 2(bridge_slave_1) entered blocking state [ 878.808918][ T6108] bridge0: port 2(bridge_slave_1) entered disabled state [ 878.816269][ T6108] bridge_slave_1: entered allmulticast mode [ 878.824038][ T6108] bridge_slave_1: entered promiscuous mode [ 878.889389][ T6108] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 878.914008][ T6108] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 878.955800][ T30] kauditd_printk_skb: 1 callbacks suppressed [ 878.955818][ T30] audit: type=1326 audit(2000000368.413:5169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6161 comm="syz.5.13835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f201cf8d169 code=0x7ffc0000 [ 879.005630][ T30] audit: type=1326 audit(2000000368.413:5170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6161 comm="syz.5.13835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f201cf8d169 code=0x7ffc0000 [ 879.041138][ T6108] team0: Port device team_slave_0 added [ 879.061824][ T6108] team0: Port device team_slave_1 added [ 879.067699][ T30] audit: type=1326 audit(2000000368.413:5171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6161 comm="syz.5.13835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=104 compat=0 ip=0x7f201cf8d169 code=0x7ffc0000 [ 879.119302][ T30] audit: type=1326 audit(2000000368.413:5172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6161 comm="syz.5.13835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f201cf8d169 code=0x7ffc0000 [ 879.146696][ T6166] lo speed is unknown, defaulting to 1000 [ 879.150952][ T6108] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 879.170432][ T6108] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 879.196408][ C1] vkms_vblank_simulate: vblank timer overrun [ 879.214893][ T6108] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 879.247965][ T6108] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 879.255077][ T6108] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 879.281047][ C1] vkms_vblank_simulate: vblank timer overrun [ 879.310511][ T6108] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 879.427845][ T6108] hsr_slave_0: entered promiscuous mode [ 879.434587][ T6108] hsr_slave_1: entered promiscuous mode [ 879.441353][ T6108] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 879.450861][ T6108] Cannot create hsr debugfs directory [ 879.956113][ T5839] Bluetooth: hci0: command tx timeout [ 880.379244][ T6108] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 880.397957][ T6108] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 880.423023][ T6108] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 880.445964][ T6108] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 880.561386][ T6108] 8021q: adding VLAN 0 to HW filter on device bond0 [ 880.593805][ T6108] 8021q: adding VLAN 0 to HW filter on device team0 [ 880.622678][T19652] bridge0: port 1(bridge_slave_0) entered blocking state [ 880.629846][T19652] bridge0: port 1(bridge_slave_0) entered forwarding state [ 880.669030][T19652] bridge0: port 2(bridge_slave_1) entered blocking state [ 880.676175][T19652] bridge0: port 2(bridge_slave_1) entered forwarding state [ 880.767952][ T6108] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 880.804900][ T6108] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 880.993085][ T6108] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 881.047385][ T6108] veth0_vlan: entered promiscuous mode [ 881.072594][ T6108] veth1_vlan: entered promiscuous mode [ 881.110539][ T6108] veth0_macvtap: entered promiscuous mode [ 881.132438][ T6108] veth1_macvtap: entered promiscuous mode [ 881.162516][ T6108] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 881.191357][ T6108] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 881.214657][ T6108] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 881.235605][ T6108] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 881.249727][ T6108] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 881.260637][ T6108] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 881.270924][ T6108] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 881.302159][ T6108] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 881.314302][ T6108] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 881.327189][ T6108] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 881.350446][ T6108] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 881.360405][ T6108] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 881.370970][ T6108] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 881.380856][ T6108] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 881.391500][ T6108] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 881.403243][ T6108] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 881.429323][ T6108] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 881.448671][ T6108] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 881.474422][ T6108] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 881.493403][ T6108] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 881.621678][ T53] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 881.640564][ T53] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 881.691509][ T4786] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 881.710678][ T4786] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 881.806546][ T5872] usb 6-1: new high-speed USB device number 46 using dummy_hcd [ 881.857981][ T6236] 9pnet_fd: Insufficient options for proto=fd [ 881.966759][ T5872] usb 6-1: Using ep0 maxpacket: 16 [ 881.975233][ T5872] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 881.986070][ T5872] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 881.997680][ T5872] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 882.008044][ T5872] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 882.028626][ T5872] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 882.034629][ T5839] Bluetooth: hci0: command tx timeout [ 882.043849][ T5872] usb 6-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 882.076552][ T5872] usb 6-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 882.104528][ T5872] usb 6-1: Manufacturer: syz [ 882.130404][ T5872] usb 6-1: config 0 descriptor?? [ 882.404751][ T5872] rc_core: IR keymap rc-hauppauge not found [ 882.410861][ T5872] Registered IR keymap rc-empty [ 882.416204][ T5872] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 882.434162][ T5872] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 882.465105][ T5872] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0 [ 882.496419][ T5872] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0/input124 [ 882.514486][ T5872] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 882.545125][ T5872] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 882.563618][ C1] mceusb 6-1:0.0: long-range (0x30) receiver active [ 882.571043][ T5872] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 882.608886][ T5872] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 882.660079][ T5872] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 882.684481][ T5872] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 882.704350][ T5872] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 882.739372][ T5872] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 882.775070][ T5872] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 882.814331][ T5872] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 882.835161][ T5872] mceusb 6-1:0.0: Registered 424242424242 with mce emulator interface version 1 [ 882.854392][ T5872] mceusb 6-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x30 active) [ 882.886272][ T5872] usb 6-1: USB disconnect, device number 46 [ 883.040970][ T6258] netlink: 16215 bytes leftover after parsing attributes in process `syz.7.13870'. [ 883.185282][ T6264] overlayfs: failed to clone upperpath [ 883.709123][ T6287] 9pnet_fd: Insufficient options for proto=fd [ 883.781356][ T6290] rtc_cmos 00:00: Alarms can be up to one day in the future [ 883.927689][ T5874] rtc_cmos 00:00: Alarms can be up to one day in the future [ 883.943295][ T5874] rtc_cmos 00:00: Alarms can be up to one day in the future [ 883.950846][ T5874] rtc_cmos 00:00: Alarms can be up to one day in the future [ 883.998859][ T5874] rtc_cmos 00:00: Alarms can be up to one day in the future [ 884.030993][ T5874] rtc rtc0: __rtc_set_alarm: err=-22 [ 884.113237][ T5839] Bluetooth: hci0: command tx timeout [ 885.343648][ T6348] netlink: 24 bytes leftover after parsing attributes in process `syz.0.13909'. [ 886.194734][ T5839] Bluetooth: hci0: command tx timeout [ 887.712277][ T6342] netlink: 11 bytes leftover after parsing attributes in process `syz.8.13907'. [ 888.874543][ T5872] usb 9-1: new high-speed USB device number 42 using dummy_hcd [ 889.033868][ T5872] usb 9-1: Using ep0 maxpacket: 8 [ 889.044599][ T5872] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 889.066311][ T5872] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 889.103467][ T5872] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 889.133378][ T5872] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 889.172924][ T5872] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 889.219322][ T5872] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 889.450260][ T5872] usb 9-1: GET_CAPABILITIES returned 0 [ 889.475804][ T5872] usbtmc 9-1:16.0: can't read capabilities [ 889.654601][ T5872] usb 9-1: USB disconnect, device number 42 [ 889.818997][ T6439] netlink: 'syz.0.13949': attribute type 29 has an invalid length. [ 889.964703][ T6447] netlink: 277 bytes leftover after parsing attributes in process `syz.0.13953'. [ 890.087326][ T6454] sctp: [Deprecated]: syz.6.13956 (pid 6454) Use of struct sctp_assoc_value in delayed_ack socket option. [ 890.087326][ T6454] Use struct sctp_sack_info instead [ 890.896806][ T6471] Invalid ELF header magic: != ELF [ 891.092690][ T30] audit: type=1326 audit(2000000380.554:5173): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=_ pid=6484 comm="syz.5.13971" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f201cf8d169 code=0x0 [ 891.512830][ T6493] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 892.773207][ T6538] ALSA: mixer_oss: invalid OSS volume '' [ 893.263635][ T5874] usb 6-1: new high-speed USB device number 47 using dummy_hcd [ 893.425481][ T5874] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 893.442569][ T5874] usb 6-1: config 1 has no interface number 0 [ 893.449422][ T5874] usb 6-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 893.461321][ T5874] usb 6-1: too many endpoints for config 1 interface 1 altsetting 177: 105, using maximum allowed: 30 [ 893.475507][ T5874] usb 6-1: config 1 interface 1 altsetting 177 has 0 endpoint descriptors, different from the interface descriptor's value: 105 [ 893.491452][ T5874] usb 6-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 139 [ 893.502187][ T5874] usb 6-1: config 1 interface 1 has no altsetting 2 [ 893.511586][ T5874] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 893.521276][ T5874] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 893.530425][ T5874] usb 6-1: Product: syz [ 893.535176][ T5874] usb 6-1: Manufacturer: syz [ 893.539870][ T5874] usb 6-1: SerialNumber: syz [ 893.756875][ T6544] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22 [ 894.350933][ T6588] veth3: entered promiscuous mode [ 894.371804][ T6544] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22 [ 894.384444][ T5874] cdc_ncm 6-1:1.1: bind() failure [ 894.608695][T26660] usb 6-1: USB disconnect, device number 47 [ 894.930311][ T6611] Bluetooth: MGMT ver 1.23 [ 894.993571][ T6613] netlink: 'syz.7.14031': attribute type 3 has an invalid length. [ 895.013496][ T6613] netlink: 'syz.7.14031': attribute type 4 has an invalid length. [ 895.024270][ T6613] netlink: 'syz.7.14031': attribute type 7 has an invalid length. [ 895.032131][ T6613] netlink: 'syz.7.14031': attribute type 8 has an invalid length. [ 895.083314][ T6613] netlink: 'syz.7.14031': attribute type 7 has an invalid length. [ 895.091189][ T6613] netlink: 206628 bytes leftover after parsing attributes in process `syz.7.14031'. [ 895.237918][ T30] audit: type=1326 audit(2000000384.704:5174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6616 comm="syz.0.14033" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5e50b8d169 code=0x0 [ 895.536010][ T6628] netlink: 'syz.6.14038': attribute type 34 has an invalid length. [ 896.048564][ T6651] sp0: Synchronizing with TNC [ 896.063138][T26660] usb 9-1: new high-speed USB device number 43 using dummy_hcd [ 896.229961][T26660] usb 9-1: Using ep0 maxpacket: 16 [ 896.257332][T26660] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 896.273130][T26660] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 896.298568][T26660] usb 9-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 896.309818][T26660] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 896.321759][T26660] usb 9-1: Product: syz [ 896.340163][T26660] usb 9-1: Manufacturer: syz [ 896.346139][T26660] usb 9-1: SerialNumber: syz [ 896.370671][ T9] IPVS: starting estimator thread 0... [ 896.463289][ T6667] IPVS: using max 24 ests per chain, 57600 per kthread [ 896.767491][T26660] usb 9-1: 0:2 : does not exist [ 897.178055][T26660] usb 9-1: 5:0: failed to get current value for ch 0 (-22) [ 897.212283][T26660] usb 9-1: USB disconnect, device number 43 [ 897.626805][ T6701] (syz.7.14072,6701,0):dlmfs_mkdir:421 ERROR: invalid domain name for directory. [ 898.343158][ T10] usb 9-1: new full-speed USB device number 44 using dummy_hcd [ 898.528979][ T10] usb 9-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 898.539914][ T10] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 898.553730][ T5872] usb 6-1: new high-speed USB device number 48 using dummy_hcd [ 898.564850][ T10] usb 9-1: config 0 descriptor?? [ 898.734074][ T5872] usb 6-1: Using ep0 maxpacket: 8 [ 898.740688][ T5872] usb 6-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 898.750364][ T5872] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 898.761217][ T5872] usb 6-1: config 0 descriptor?? [ 898.986587][ T10] [drm:udl_init] *ERROR* Selecting channel failed [ 899.009723][ T10] [drm] Initialized udl 0.0.1 for 9-1:0.0 on minor 2 [ 899.026919][ T10] [drm] Initialized udl on minor 2 [ 899.036145][ T10] udl 9-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 899.045254][ T10] udl 9-1:0.0: [drm] Cannot find any crtc or sizes [ 899.055042][ T9] udl 9-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 899.065652][ T10] usb 9-1: USB disconnect, device number 44 [ 899.072186][ T9] udl 9-1:0.0: [drm] Cannot find any crtc or sizes [ 899.780649][ T5872] asix 6-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 899.801237][ T5872] asix 6-1:0.0: probe with driver asix failed with error -71 [ 899.827748][ T5872] usb 6-1: USB disconnect, device number 48 [ 900.110749][ T6765] netlink: 4 bytes leftover after parsing attributes in process `syz.0.14102'. [ 900.697149][T26660] usb 6-1: new high-speed USB device number 49 using dummy_hcd [ 900.774112][ T6799] netlink: 8 bytes leftover after parsing attributes in process `syz.8.14117'. [ 900.895057][T26660] usb 6-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 900.904457][T26660] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 900.932387][T26660] usb 6-1: config 0 descriptor?? [ 900.960675][T26660] cp210x 6-1:0.0: cp210x converter detected [ 901.331227][ T6822] netlink: 104 bytes leftover after parsing attributes in process `syz.7.14128'. [ 901.364917][T26660] usb 6-1: cp210x converter now attached to ttyUSB0 [ 901.570331][T26660] usb 6-1: USB disconnect, device number 49 [ 901.584877][T26660] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 901.592340][ T6834] netlink: 8 bytes leftover after parsing attributes in process `syz.7.14133'. [ 901.603473][T26660] cp210x 6-1:0.0: device disconnected [ 901.999793][ T6853] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only [ 902.012816][ T6853] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 902.041360][ T6853] overlayfs: failed to get uuid (55/file1, err=-13); falling back to uuid=null. [ 902.812504][ T6886] netlink: 12 bytes leftover after parsing attributes in process `syz.5.14158'. [ 902.863304][T26660] usb 9-1: new high-speed USB device number 45 using dummy_hcd [ 902.875092][ T6888] loop6: detected capacity change from 0 to 524287999 [ 902.882196][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 902.891441][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 902.900087][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 902.909294][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 902.917637][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 902.926778][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 902.934848][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 902.944093][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 902.974759][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 902.983922][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 903.027806][T26660] usb 9-1: config index 0 descriptor too short (expected 3133, got 61) [ 903.041937][T26660] usb 9-1: config 0 has an invalid interface number: 156 but max is 1 [ 903.053916][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 903.060066][T26660] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 903.063151][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 903.076117][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 903.090562][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 903.094252][T26660] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 903.108092][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 903.108254][T26660] usb 9-1: config 0 has no interface number 0 [ 903.117289][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 903.123011][ T6888] ldm_validate_partition_table(): Disk read failed. [ 903.123795][T26660] usb 9-1: config 0 interface 156 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 903.139801][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 903.149067][T26660] usb 9-1: config 0 interface 156 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7 [ 903.157157][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 903.166821][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 903.185390][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 903.192997][T26660] usb 9-1: config 0 interface 156 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 903.204134][ T6888] Dev loop6: unable to read RDB block 0 [ 903.210793][ T6888] loop6: unable to read partition table [ 903.217068][T26660] usb 9-1: config 0 interface 156 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 903.217331][ T6888] loop_reread_partitions: partition scan of loop6 (3Ÿ ¾x³˜CÖ) failed (rc=-5) [ 903.243151][ T6889] ldm_validate_partition_table(): Disk read failed. [ 903.250516][ T6889] Dev loop6: unable to read RDB block 0 [ 903.250886][T26660] usb 9-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9 [ 903.278820][T26660] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 903.289162][ T6889] loop6: unable to read partition table [ 903.304701][T26660] usb 9-1: config 0 descriptor?? [ 903.307040][ T6889] loop_reread_partitions: partition scan of loop6 (3Ÿ ¾x³˜CÖ) failed (rc=-5) [ 903.319463][T26660] gspca_main: spca561-2.14.0 probing abcd:cdee [ 903.528149][T26660] spca561 9-1:0.156: probe with driver spca561 failed with error -22 [ 903.537565][T26660] usb 9-1: Quirk or no altset; falling back to MIDI 1.0 [ 903.560508][T26660] usb 9-1: MIDIStreaming interface descriptor not found [ 903.638475][T26660] usb 9-1: USB disconnect, device number 45 [ 903.817254][ T6911] random: crng reseeded on system resumption [ 905.462106][ T6987] netlink: 4 bytes leftover after parsing attributes in process `syz.6.14204'. [ 905.523048][T26660] usb 6-1: new high-speed USB device number 50 using dummy_hcd [ 905.676401][T26660] usb 6-1: Using ep0 maxpacket: 32 [ 905.689761][T26660] usb 6-1: config 0 has an invalid interface number: 1 but max is 0 [ 905.712990][T26660] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 905.733659][T26660] usb 6-1: config 0 has no interface number 0 [ 905.739789][T26660] usb 6-1: config 0 interface 1 altsetting 9 has an invalid descriptor for endpoint zero, skipping [ 905.761026][ T6997] netlink: 8 bytes leftover after parsing attributes in process `syz.8.14209'. [ 905.770626][ T6997] netlink: 8 bytes leftover after parsing attributes in process `syz.8.14209'. [ 905.779728][T26660] usb 6-1: config 0 interface 1 has no altsetting 0 [ 905.805131][T26660] usb 6-1: New USB device found, idVendor=0572, idProduct=58a5, bcdDevice=27.0a [ 905.853101][T26660] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 905.861135][T26660] usb 6-1: Product: syz [ 905.864351][ T7002] program syz.6.14211 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 905.873674][T26660] usb 6-1: Manufacturer: syz [ 905.883058][T26660] usb 6-1: SerialNumber: syz [ 905.903996][T26660] usb 6-1: config 0 descriptor?? [ 905.910739][ T30] audit: type=1326 audit(2000000395.374:5175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6998 comm="syz.7.14210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd705d8d169 code=0x7fc00000 [ 906.119049][T26660] cx231xx 6-1:0.1: New device syz syz @ 480 Mbps (0572:58a5) with 1 interfaces [ 906.136982][T26660] cx231xx 6-1:0.1: Not found matching IAD interface [ 906.150855][T26660] usb 6-1: USB disconnect, device number 50 [ 906.563031][T26660] usb 6-1: new full-speed USB device number 51 using dummy_hcd [ 906.643479][ T30] audit: type=1326 audit(2000000396.104:5176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6998 comm="syz.7.14210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd705d8d169 code=0x7fc00000 [ 906.728611][T26660] usb 6-1: config 0 has an invalid interface number: 1 but max is 0 [ 906.742993][T26660] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 906.758115][T26660] usb 6-1: config 0 has no interface number 0 [ 906.764686][T26660] usb 6-1: config 0 interface 1 altsetting 9 has an invalid descriptor for endpoint zero, skipping [ 906.775611][T26660] usb 6-1: config 0 interface 1 has no altsetting 0 [ 906.784187][T26660] usb 6-1: New USB device found, idVendor=0572, idProduct=58a5, bcdDevice=27.0a [ 906.793538][T26660] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 906.801540][T26660] usb 6-1: Product: syz [ 906.805935][T26660] usb 6-1: Manufacturer: syz [ 906.810619][T26660] usb 6-1: SerialNumber: syz [ 906.817933][T26660] usb 6-1: config 0 descriptor?? [ 907.028304][T26660] cx231xx 6-1:0.1: New device syz syz @ 12 Mbps (0572:58a5) with 1 interfaces [ 907.037566][T26660] cx231xx 6-1:0.1: Not found matching IAD interface [ 907.046632][T26660] usb 6-1: USB disconnect, device number 51 [ 907.952505][ T30] audit: type=1326 audit(2000000397.414:5177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7048 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f201cf8d169 code=0x7ffc0000 [ 908.033391][ T30] audit: type=1326 audit(2000000397.414:5178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7048 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f201cf8d169 code=0x7ffc0000 [ 908.098423][ T30] audit: type=1326 audit(2000000397.444:5179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7048 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=37 compat=0 ip=0x7f201cf8d169 code=0x7ffc0000 [ 908.147978][ T30] audit: type=1326 audit(2000000397.444:5180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7048 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f201cf8d169 code=0x7ffc0000 [ 908.197425][ T30] audit: type=1326 audit(2000000397.444:5181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7048 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f201cf8d169 code=0x7ffc0000 [ 908.866434][ T7085] input: syz1 as /devices/virtual/input/input125 [ 909.248155][ T7101] lo speed is unknown, defaulting to 1000 [ 909.778852][ T7126] overlayfs: upper fs does not support tmpfile. [ 910.034220][ T7135] loop8: detected capacity change from 0 to 7 [ 910.048729][ T7135] Dev loop8: unable to read RDB block 7 [ 910.064708][ T7135] loop8: AHDI p1 p3 p4 [ 910.077540][ T7135] loop8: partition table partially beyond EOD, truncated [ 910.087611][ T7133] netlink: 8 bytes leftover after parsing attributes in process `syz.6.14268'. [ 910.114026][ T7135] loop8: p1 start 975770946 is beyond EOD, truncated [ 910.142638][ T7135] loop8: p3 start 6514546 is beyond EOD, truncated [ 910.543189][ T5874] usb 9-1: new high-speed USB device number 46 using dummy_hcd [ 910.694900][ T5874] usb 9-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 910.713479][ T5874] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 910.725425][ T5874] usb 9-1: config 0 descriptor?? [ 910.732129][ T5874] cp210x 9-1:0.0: cp210x converter detected [ 911.150257][ T5874] cp210x 9-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 911.171179][ T5874] usb 9-1: cp210x converter now attached to ttyUSB0 [ 911.365762][ T7184] tc_dump_action: action bad kind [ 911.378569][ T5874] usb 9-1: USB disconnect, device number 46 [ 911.408994][ T5874] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 911.418863][ T5874] cp210x 9-1:0.0: device disconnected [ 912.403560][ T7215] netlink: 8 bytes leftover after parsing attributes in process `syz.7.14307'. [ 912.441032][ T7215] netlink: 'syz.7.14307': attribute type 2 has an invalid length. [ 912.477448][ T7215] netlink: 4 bytes leftover after parsing attributes in process `syz.7.14307'. [ 916.105172][ T7339] IPVS: length: 24 != 404232216 [ 916.983648][ T5872] usb 9-1: new high-speed USB device number 47 using dummy_hcd [ 917.144610][ T5872] usb 9-1: New USB device found, idVendor=077b, idProduct=2226, bcdDevice=ca.8b [ 917.154806][ T5872] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 917.173769][ T5872] usb 9-1: config 0 descriptor?? [ 918.219037][ T5872] asix 9-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 918.229960][ T5872] asix 9-1:0.0: probe with driver asix failed with error -71 [ 918.244042][ T5872] usb 9-1: USB disconnect, device number 47 [ 918.335713][ T7406] PF_CAN: dropped non conform CAN skbuff: dev type 65534, len 108 [ 918.509063][ T7412] Context (ID=0x0) not attached to queue pair (handle=0x0:0x0) [ 919.223166][ T1207] usb 9-1: new high-speed USB device number 48 using dummy_hcd [ 919.406754][ T1207] usb 9-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 919.424391][ T1207] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 919.433638][ T1207] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 919.441641][ T1207] usb 9-1: SerialNumber: syz [ 920.085108][ T1207] cdc_ether 9-1:1.0 eth17: register 'cdc_ether' at usb-dummy_hcd.8-1, CDC Ethernet Device, 42:42:42:42:42:42 [ 920.155047][ T7449] usb usb9: usbfs: interface 0 claimed by hub while 'syz.5.14413' sets config #0 [ 920.453854][ T7461] netlink: 20 bytes leftover after parsing attributes in process `syz.5.14419'. [ 920.492518][ T5872] usb 9-1: USB disconnect, device number 48 [ 920.502831][ T5872] cdc_ether 9-1:1.0 eth17: unregister 'cdc_ether' usb-dummy_hcd.8-1, CDC Ethernet Device [ 920.614504][ T7465] netlink: 56 bytes leftover after parsing attributes in process `syz.5.14421'. [ 922.788397][ T7535] sctp: [Deprecated]: syz.7.14449 (pid 7535) Use of struct sctp_assoc_value in delayed_ack socket option. [ 922.788397][ T7535] Use struct sctp_sack_info instead [ 923.161082][ T7547] sctp: [Deprecated]: syz.7.14455 (pid 7547) Use of int in maxseg socket option. [ 923.161082][ T7547] Use struct sctp_assoc_value instead [ 924.514699][ T30] audit: type=1326 audit(2000000413.974:5182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7604 comm="syz.5.14481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f201cf8d169 code=0x7ffc0000 [ 924.596736][ T30] audit: type=1326 audit(2000000413.974:5183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7604 comm="syz.5.14481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f201cf8d169 code=0x7ffc0000 [ 924.711339][ T30] audit: type=1326 audit(2000000414.024:5184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7604 comm="syz.5.14481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f201cf8d169 code=0x7ffc0000 [ 924.781498][T26660] IPVS: starting estimator thread 0... [ 924.788541][ T7613] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 924.873331][ T7617] IPVS: using max 24 ests per chain, 57600 per kthread [ 924.882697][ T30] audit: type=1326 audit(2000000414.024:5185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7604 comm="syz.5.14481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f201cf8d169 code=0x7ffc0000 [ 924.905380][ T7620] loop9: detected capacity change from 0 to 8 [ 924.923439][ T7620] loop9: [CUMANA/ADFS] p1 [ADFS] p1 [ 924.932981][ T7620] loop9: partition table partially beyond EOD, truncated [ 924.940798][ T30] audit: type=1326 audit(2000000414.024:5186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7604 comm="syz.5.14481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f201cf8d169 code=0x7ffc0000 [ 924.950680][ T7620] loop9: p1 size 4245934988 extends beyond EOD, [ 924.964806][ T30] audit: type=1326 audit(2000000414.024:5187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7604 comm="syz.5.14481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f201cf8d169 code=0x7ffc0000 [ 924.984794][ T7620] truncated [ 925.057948][ T30] audit: type=1326 audit(2000000414.024:5188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7604 comm="syz.5.14481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f201cf8d169 code=0x7ffc0000 [ 925.111920][ T30] audit: type=1326 audit(2000000414.024:5189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7604 comm="syz.5.14481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f201cf8d169 code=0x7ffc0000 [ 925.155450][ T30] audit: type=1326 audit(2000000414.024:5190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7604 comm="syz.5.14481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f201cf8d169 code=0x7ffc0000 [ 925.177134][ C1] vkms_vblank_simulate: vblank timer overrun [ 925.201056][ T30] audit: type=1326 audit(2000000414.034:5191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7604 comm="syz.5.14481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f201cf8d169 code=0x7ffc0000 [ 926.300018][ T7664] bridge0: port 1(bridge_slave_0) entered disabled state [ 926.309914][ T7664] bridge0: port 2(bridge_slave_1) entered disabled state [ 926.475249][ T7664] bridge0: port 1(bridge_slave_0) entered blocking state [ 926.482398][ T7664] bridge0: port 1(bridge_slave_0) entered forwarding state [ 926.491966][ T7664] bridge0: port 2(bridge_slave_1) entered blocking state [ 926.499142][ T7664] bridge0: port 2(bridge_slave_1) entered forwarding state [ 927.843632][ T5872] usb 6-1: new high-speed USB device number 52 using dummy_hcd [ 928.051873][ T5872] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 928.067279][ T5872] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 928.114821][ T5872] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 928.137183][ T5872] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 928.152226][ T5872] usb 6-1: SerialNumber: syz [ 928.392649][ T5872] usb 6-1: 0:2 : does not exist [ 928.435909][ T5872] usb 6-1: USB disconnect, device number 52 [ 928.732453][ T7746] 9pnet: p9_errstr2errno: server reported unknown error — [ 929.936904][T26660] IPVS: starting estimator thread 0... [ 929.940777][ T7801] IPVS: lc: UDP 224.0.0.2:0 - no destination available [ 930.034337][ T7808] netlink: 4 bytes leftover after parsing attributes in process `syz.6.14569'. [ 930.063452][ T7804] IPVS: using max 21 ests per chain, 50400 per kthread [ 930.455620][ T7825] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 930.470844][ T7825] overlayfs: workdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 930.486662][ T7825] overlayfs: overlay with incompat feature 'volatile' cannot be mounted [ 930.693770][ T7829] netlink: 172 bytes leftover after parsing attributes in process `syz.6.14577'. [ 931.219735][ T7845] netlink: 'syz.5.14585': attribute type 39 has an invalid length. [ 931.237468][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 931.601986][ T7860] could not open pipe file descriptor [ 931.827721][ T7869] bond0: entered promiscuous mode [ 931.847439][ T7869] bond_slave_0: entered promiscuous mode [ 931.862291][ T7869] bond_slave_1: entered promiscuous mode [ 931.874244][ T7869] bridge_slave_1: entered promiscuous mode [ 931.983739][ T30] kauditd_printk_skb: 4 callbacks suppressed [ 931.983757][ T30] audit: type=1326 audit(2000000421.434:5196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7875 comm="syz.8.14599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f600fd8d169 code=0x7fc00000 [ 932.510000][ T7898] netlink: 16 bytes leftover after parsing attributes in process `syz.7.14609'. [ 932.768529][ T7911] sctp: [Deprecated]: syz.0.14615 (pid 7911) Use of struct sctp_assoc_value in delayed_ack socket option. [ 932.768529][ T7911] Use struct sctp_sack_info instead [ 932.926209][ T7918] netlink: 64 bytes leftover after parsing attributes in process `syz.6.14618'. [ 933.533852][ T7944] loop2: detected capacity change from 0 to 7 [ 933.556156][ T7944] Dev loop2: unable to read RDB block 7 [ 933.571089][ T7944] loop2: unable to read partition table [ 933.577614][ T7944] loop2: partition table beyond EOD, truncated [ 933.584725][ T7944] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 933.926167][ T7958] netlink: 16 bytes leftover after parsing attributes in process `syz.7.14637'. [ 934.034433][ T7929] Bluetooth: hci4: Opcode 0x0401 failed: -4 [ 934.270009][ T7971] overlayfs: failed to clone lowerpath [ 934.513292][ T7981] program syz.5.14647 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 935.121848][ T8007] netlink: 'syz.6.14659': attribute type 11 has an invalid length. [ 935.141244][ T8008] netlink: 1268 bytes leftover after parsing attributes in process `syz.8.14658'. [ 935.161089][ T8008] openvswitch: netlink: Key 2 has unexpected len 8 expected 4 [ 936.728869][ T8071] netlink: 8 bytes leftover after parsing attributes in process `syz.7.14687'. [ 936.761590][ T8071] netlink: 'syz.7.14687': attribute type 30 has an invalid length. [ 936.780078][ T8071] netdevsim netdevsim7 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 936.788919][ T8071] netdevsim netdevsim7 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 936.797688][ T8071] netdevsim netdevsim7 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 936.806454][ T8071] netdevsim netdevsim7 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 936.893010][T26660] usb 6-1: new high-speed USB device number 53 using dummy_hcd [ 937.076267][T26660] usb 6-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad [ 937.088539][T26660] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 937.092748][ T8083] input: syz0 as /devices/virtual/input/input127 [ 937.117740][T26660] usb 6-1: config 0 descriptor?? [ 937.146015][T26660] gspca_main: spca508-2.14.0 probing 8086:0110 [ 937.342161][ T30] audit: type=1400 audit(2000000426.804:5197): lsm=SMACK fn=smack_file_fcntl action=denied subject="w" object="_" requested=w pid=8089 comm="syz.6.14696" path="/1091" dev="tmpfs" ino=5565 [ 937.393700][T26660] gspca_spca508: reg_read err -32 [ 937.407743][T26660] gspca_spca508: reg_read err -32 [ 937.422253][T26660] gspca_spca508: reg_read err -32 [ 937.640714][T26660] gspca_spca508: reg_read err -71 [ 937.649856][T26660] gspca_spca508: reg write: error -71 [ 937.663018][T26660] spca508 6-1:0.0: probe with driver spca508 failed with error -71 [ 937.682265][T26660] usb 6-1: USB disconnect, device number 53 [ 937.903281][ T9] usb 9-1: new high-speed USB device number 49 using dummy_hcd [ 938.054770][ T9] usb 9-1: Using ep0 maxpacket: 32 [ 938.061930][ T9] usb 9-1: config 0 has no interfaces? [ 938.071684][ T9] usb 9-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 938.091177][ T9] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 938.109407][ T9] usb 9-1: config 0 descriptor?? [ 938.189333][ T8112] input: syz1 as /devices/virtual/input/input128 [ 938.471408][ T8123] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 938.485122][ T8123] iommufd_mock iommufd_mock1: Adding to iommu group 1 [ 938.785250][ T30] audit: type=1326 audit(2000000428.254:5198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8102 comm="syz.7.14701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd705d8d169 code=0x7fc00000 [ 938.806921][ C1] vkms_vblank_simulate: vblank timer overrun [ 938.836867][ T5872] usb 9-1: USB disconnect, device number 49 [ 939.135852][ T8139] batadv0: entered promiscuous mode [ 939.142129][ T8139] macsec0: entered promiscuous mode [ 939.150210][ T8139] batadv0: left promiscuous mode [ 939.477268][ T8147] lo speed is unknown, defaulting to 1000 [ 940.083418][ T9] usb 9-1: new full-speed USB device number 50 using dummy_hcd [ 940.264374][ T9] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 940.280771][ T9] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 940.292828][ T9] usb 9-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 940.312537][ T9] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 940.321399][ T9] usb 9-1: Product: syz [ 940.326681][ T9] usb 9-1: Manufacturer: syz [ 940.331299][ T9] usb 9-1: SerialNumber: syz [ 940.575363][ T9] usb 9-1: 0:2 : does not exist [ 940.595945][ T9] usb 9-1: 5:0: failed to get current value for ch 0 (-22) [ 940.629837][ T9] usb 9-1: USB disconnect, device number 50 [ 940.935381][ T8198] IPVS: lc: UDP 224.0.0.2:0 - no destination available [ 941.073406][ T5872] usb 6-1: new high-speed USB device number 54 using dummy_hcd [ 941.247231][ T5872] usb 6-1: Using ep0 maxpacket: 8 [ 941.264816][ T5872] usb 6-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c [ 941.295631][ T5872] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 941.326134][ T5872] usb 6-1: Product: syz [ 941.341754][ T5872] usb 6-1: Manufacturer: syz [ 941.356350][ T5872] usb 6-1: SerialNumber: syz [ 941.382075][ T5872] usb 6-1: config 0 descriptor?? [ 941.401146][ T5872] gspca_main: se401-2.14.0 probing 047d:5003 [ 941.812576][ T5872] gspca_se401: ExtraFeatures: 79 [ 941.834175][ T5872] gspca_se401: Frame size: 0x0 1/16th janggu [ 942.027001][ T5872] input: se401 as /devices/platform/dummy_hcd.5/usb6/6-1/input/input129 [ 942.075938][ T5872] usb 6-1: USB disconnect, device number 54 [ 1048.022903][ C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 1048.029905][ C0] rcu: 1-...!: (0 ticks this GP) idle=536c/1/0x4000000000000000 softirq=154530/154539 fqs=0 [ 1048.042112][ C0] rcu: (detected by 0, t=10502 jiffies, g=170093, q=555 ncpus=2) [ 1048.049937][ C0] Sending NMI from CPU 0 to CPUs 1: [ 1048.049971][ C1] NMI backtrace for cpu 1 [ 1048.049996][ C1] CPU: 1 UID: 0 PID: 26895 Comm: syz-executor Not tainted 6.14.0-rc6-syzkaller-00003-g4d872d51bc9d #0 [ 1048.050014][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 1048.050028][ C1] RIP: 0010:kasan_check_range+0x5/0x290 [ 1048.050057][ C1] Code: 8e e8 4f b7 e3 ff 90 0f 0b 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 55 <41> 57 41 56 41 54 53 b0 01 48 85 f6 0f 84 a0 01 00 00 4c 8d 04 37 [ 1048.050070][ C1] RSP: 0000:ffffc90000a28898 EFLAGS: 00000046 [ 1048.050084][ C1] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff819d4afa [ 1048.050095][ C1] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff94514840 [ 1048.050105][ C1] RBP: 0000000000000008 R08: ffffffff94514847 R09: 1ffffffff28a2908 [ 1048.050115][ C1] R10: dffffc0000000000 R11: fffffbfff28a2909 R12: ffff888058a60ad4 [ 1048.050126][ C1] R13: dffffc0000000000 R14: 0000000000000100 R15: ffff888058a60bb8 [ 1048.050137][ C1] FS: 00005555830d1500(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 1048.050150][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1048.050160][ C1] CR2: 00007f86f33fbc88 CR3: 000000002c138000 CR4: 00000000003526f0 [ 1048.050174][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1048.050183][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1048.050193][ C1] Call Trace: [ 1048.050199][ C1] [ 1048.050210][ C1] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 1048.050235][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 1048.050255][ C1] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 1048.050278][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 1048.050295][ C1] ? nmi_handle+0x14f/0x5a0 [ 1048.050314][ C1] ? nmi_handle+0x2a/0x5a0 [ 1048.050333][ C1] ? kasan_check_range+0x5/0x290 [ 1048.050352][ C1] ? default_do_nmi+0x63/0x160 [ 1048.050368][ C1] ? exc_nmi+0x123/0x1f0 [ 1048.050383][ C1] ? end_repeat_nmi+0xf/0x53 [ 1048.050405][ C1] ? mark_lock+0x9a/0x360 [ 1048.050424][ C1] ? kasan_check_range+0x5/0x290 [ 1048.050444][ C1] ? kasan_check_range+0x5/0x290 [ 1048.050463][ C1] ? kasan_check_range+0x5/0x290 [ 1048.050483][ C1] [ 1048.050488][ C1] [ 1048.050494][ C1] mark_lock+0x9a/0x360 [ 1048.050514][ C1] __lock_acquire+0xc3e/0x2100 [ 1048.050538][ C1] lock_acquire+0x1ed/0x550 [ 1048.050555][ C1] ? debug_object_activate+0x17f/0x580 [ 1048.050578][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 1048.050596][ C1] ? __lock_acquire+0x1397/0x2100 [ 1048.050621][ C1] _raw_spin_lock_irqsave+0xd5/0x120 [ 1048.050638][ C1] ? debug_object_activate+0x17f/0x580 [ 1048.050656][ C1] ? __pfx__raw_spin_lock_irqsave+0x10/0x10 [ 1048.050677][ C1] debug_object_activate+0x17f/0x580 [ 1048.050697][ C1] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1048.050713][ C1] ? __pfx_debug_object_activate+0x10/0x10 [ 1048.050732][ C1] ? advance_sched+0xa02/0xca0 [ 1048.050752][ C1] ? _raw_spin_lock_irq+0xdf/0x120 [ 1048.050773][ C1] ? __pfx__raw_spin_lock_irq+0x10/0x10 [ 1048.050791][ C1] enqueue_hrtimer+0x30/0x3c0 [ 1048.050808][ C1] __hrtimer_run_queues+0x6cb/0xd30 [ 1048.050829][ C1] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 1048.050842][ C1] ? sched_clock+0x4a/0x70 [ 1048.050858][ C1] ? read_tsc+0x9/0x20 [ 1048.050871][ C1] ? ktime_get_update_offsets_now+0x38e/0x3b0 [ 1048.050892][ C1] hrtimer_interrupt+0x403/0xa40 [ 1048.050915][ C1] __sysvec_apic_timer_interrupt+0x110/0x420 [ 1048.050936][ C1] sysvec_apic_timer_interrupt+0xa1/0xc0 [ 1048.050954][ C1] [ 1048.050959][ C1] [ 1048.050965][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1048.050984][ C1] RIP: 0010:ip_finish_output2+0x2be/0x12e0 [ 1048.051004][ C1] Code: 00 00 00 fc ff df eb 0a e8 9f 62 6c f7 48 8b 54 24 08 48 8b 5c 24 10 48 81 c3 c0 03 00 00 48 89 d8 48 c1 e8 03 42 80 3c 30 00 <74> 0d 48 89 df e8 28 21 d1 f7 48 8b 54 24 08 44 03 6c 24 18 48 8b [ 1048.051016][ C1] RSP: 0000:ffffc9000c5f6740 EFLAGS: 00000246 [ 1048.051028][ C1] RAX: 1ffffffff353e6f8 RBX: ffffffff9a9f37c0 RCX: ffff888058a60000 [ 1048.051040][ C1] RDX: ffff88803233a8c0 RSI: ffffffff8ff86320 RDI: 0000000000000001 [ 1048.051050][ C1] RBP: ffffc9000c5f6868 R08: 0000000000000003 R09: ffffffff8a557b2c [ 1048.051060][ C1] R10: 0000000000000002 R11: ffff888058a60000 R12: ffff88804fceac00 [ 1048.051070][ C1] R13: 0000000000000000 R14: dffffc0000000000 R15: ffff8881447f0000 [ 1048.051083][ C1] ? ip_finish_output2+0x1bc/0x12e0 [ 1048.051111][ C1] ? __pfx_ip_finish_output2+0x10/0x10 [ 1048.051129][ C1] ? ip_skb_dst_mtu+0x8b5/0xbc0 [ 1048.051146][ C1] ? ip_skb_dst_mtu+0x147/0xbc0 [ 1048.051164][ C1] ? __ip_finish_output+0x349/0x400 [ 1048.051184][ C1] __ip_queue_xmit+0x103f/0x1960 [ 1048.051202][ C1] ? tcp_options_write+0x25b/0xd40 [ 1048.051219][ C1] ? csum_tcpudp_nofold+0x1e/0x60 [ 1048.051236][ C1] ? __ip_queue_xmit+0x62/0x1960 [ 1048.051253][ C1] ? __pfx_ip_queue_xmit+0x10/0x10 [ 1048.051271][ C1] __tcp_transmit_skb+0x23b0/0x3a60 [ 1048.051295][ C1] ? __build_skb_around+0x245/0x3d0 [ 1048.051318][ C1] ? __pfx___tcp_transmit_skb+0x10/0x10 [ 1048.051342][ C1] ? __tcp_send_ack+0x17e/0x600 [ 1048.051361][ C1] tcp_rcv_established+0xf93/0x1e80 [ 1048.051380][ C1] ? rt_is_expired+0x1c/0x2c0 [ 1048.051402][ C1] ? __pfx_tcp_rcv_established+0x10/0x10 [ 1048.051422][ C1] ? rt_is_expired+0x1c/0x2c0 [ 1048.051438][ C1] ? rt_is_expired+0x242/0x2c0 [ 1048.051455][ C1] tcp_v4_do_rcv+0x96d/0xc70 [ 1048.051473][ C1] tcp_v4_rcv+0x2853/0x3280 [ 1048.051503][ C1] ? __pfx_tcp_v4_rcv+0x10/0x10 [ 1048.051521][ C1] ? __pfx_tcp_v4_rcv+0x10/0x10 [ 1048.051536][ C1] ? __pfx_tcp_v4_rcv+0x10/0x10 [ 1048.051551][ C1] ip_protocol_deliver_rcu+0x22e/0x440 [ 1048.051568][ C1] ? ip_local_deliver_finish+0x230/0x5f0 [ 1048.051583][ C1] ip_local_deliver_finish+0x341/0x5f0 [ 1048.051600][ C1] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 1048.051615][ C1] NF_HOOK+0x3a4/0x450 [ 1048.051631][ C1] ? NF_HOOK+0x9a/0x450 [ 1048.051644][ C1] ? __pfx_NF_HOOK+0x10/0x10 [ 1048.051657][ C1] ? skb_dst_set_noref+0x2a/0xf0 [ 1048.051679][ C1] ip_sublist_rcv_finish+0x3be/0x4f0 [ 1048.051697][ C1] ip_sublist_rcv+0x75d/0xab0 [ 1048.051717][ C1] ? __pfx_ip_sublist_rcv+0x10/0x10 [ 1048.051732][ C1] ? skb_orphan+0xae/0xd0 [ 1048.051746][ C1] ? ip_rcv_core+0x801/0xd10 [ 1048.051770][ C1] ip_list_rcv+0x42b/0x480 [ 1048.051787][ C1] ? __pfx_ip_list_rcv+0x10/0x10 [ 1048.051804][ C1] ? __pfx_ip_list_rcv+0x10/0x10 [ 1048.051820][ C1] __netif_receive_skb_list_core+0x94e/0x980 [ 1048.051843][ C1] ? __pfx___netif_receive_skb_list_core+0x10/0x10 [ 1048.051866][ C1] ? netif_receive_skb_list_internal+0x4e8/0xe30 [ 1048.051883][ C1] netif_receive_skb_list_internal+0xa51/0xe30 [ 1048.051903][ C1] ? netif_receive_skb_list_internal+0x4e8/0xe30 [ 1048.051920][ C1] ? __pfx_netif_receive_skb_list_internal+0x10/0x10 [ 1048.051937][ C1] ? __asan_memcpy+0x40/0x70 [ 1048.051954][ C1] ? __pfx_virtnet_receive_done+0x10/0x10 [ 1048.051981][ C1] napi_complete_done+0x2b5/0x870 [ 1048.052000][ C1] ? __pfx_napi_complete_done+0x10/0x10 [ 1048.052015][ C1] ? __pfx_receive_buf+0x10/0x10 [ 1048.052029][ C1] ? virtqueue_get_buf_ctx+0x48e/0xde0 [ 1048.052052][ C1] ? virtqueue_enable_cb_prepare+0x283/0x540 [ 1048.052073][ C1] virtnet_poll+0x2df7/0x39c0 [ 1048.052102][ C1] ? __pfx_virtnet_poll+0x10/0x10 [ 1048.052120][ C1] ? validate_chain+0x11e/0x5920 [ 1048.052135][ C1] ? validate_chain+0x11e/0x5920 [ 1048.052158][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1048.052177][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1048.052197][ C1] __napi_poll+0xcb/0x490 [ 1048.052215][ C1] net_rx_action+0x89b/0x1240 [ 1048.052237][ C1] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1048.052258][ C1] ? __pfx_net_rx_action+0x10/0x10 [ 1048.052278][ C1] ? sched_clock+0x4a/0x70 [ 1048.052297][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1048.052320][ C1] handle_softirqs+0x2d4/0x9b0 [ 1048.052339][ C1] ? __irq_exit_rcu+0xf7/0x220 [ 1048.052355][ C1] ? __pfx_handle_softirqs+0x10/0x10 [ 1048.052371][ C1] ? irqtime_account_irq+0xd1/0x1d0 [ 1048.052392][ C1] __irq_exit_rcu+0xf7/0x220 [ 1048.052407][ C1] ? __pfx___irq_exit_rcu+0x10/0x10 [ 1048.052425][ C1] irq_exit_rcu+0x9/0x30 [ 1048.052438][ C1] common_interrupt+0x63/0xd0 [ 1048.052453][ C1] asm_common_interrupt+0x26/0x40 [ 1048.052470][ C1] RIP: 0033:0x7f600fd8bdca [ 1048.052489][ C1] Code: 48 3d 00 f0 ff ff 77 48 c3 0f 1f 80 00 00 00 00 48 83 ec 18 89 7c 24 0c e8 43 91 02 00 8b 7c 24 0c 89 c2 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 36 89 d7 89 44 24 0c e8 a3 91 02 00 8b 44 24 [ 1048.052502][ C1] RSP: 002b:00007fff0466b2a0 EFLAGS: 00000293 [ 1048.052514][ C1] RAX: 0000000000000000 RBX: 0000000000000003 RCX: 00007f600fd8bdca [ 1048.052523][ C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1048.052532][ C1] RBP: 00007fff0466b2fc R08: 00007fff0466ac1c R09: 00007fff0466b007 [ 1048.052543][ C1] R10: 00007fff0466ac70 R11: 0000000000000293 R12: 000000000000041d [ 1048.052553][ C1] R13: 00000000000927c0 R14: 00000000000e657b R15: 00007fff0466b350 [ 1048.052569][ C1] [ 1048.052964][ C0] rcu: rcu_preempt kthread starved for 10502 jiffies! g170093 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0 [ 1048.942986][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 1048.952959][ C0] rcu: RCU grace-period kthread stack dump: [ 1048.958843][ C0] task:rcu_preempt state:R running task stack:25624 pid:18 tgid:18 ppid:2 task_flags:0x208040 flags:0x00004000 [ 1048.972348][ C0] Call Trace: [ 1048.975629][ C0] [ 1048.978572][ C0] __schedule+0x18bc/0x4c40 [ 1048.983089][ C0] ? _raw_spin_unlock_irqrestore+0x8f/0x140 [ 1048.989007][ C0] ? __pfx___schedule+0x10/0x10 [ 1048.993875][ C0] ? __pfx_lock_release+0x10/0x10 [ 1048.998926][ C0] ? __pfx___mod_timer+0x10/0x10 [ 1049.003872][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1049.010210][ C0] ? schedule+0x90/0x320 [ 1049.014459][ C0] schedule+0x14b/0x320 [ 1049.018625][ C0] schedule_timeout+0x15a/0x290 [ 1049.023481][ C0] ? __pfx_schedule_timeout+0x10/0x10 [ 1049.028858][ C0] ? __pfx_process_timeout+0x10/0x10 [ 1049.034151][ C0] ? prepare_to_swait_event+0x330/0x350 [ 1049.039709][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 1049.044923][ C0] rcu_gp_fqs_loop+0x2df/0x1330 [ 1049.049783][ C0] ? lockdep_hardirqs_on+0x99/0x150 [ 1049.054990][ C0] ? rcu_gp_init+0x1256/0x1630 [ 1049.059858][ C0] ? __pfx_rcu_gp_init+0x10/0x10 [ 1049.064806][ C0] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 1049.070103][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 1049.076010][ C0] ? finish_swait+0xd4/0x1e0 [ 1049.080607][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 1049.085811][ C0] rcu_gp_kthread+0xa7/0x3b0 [ 1049.090413][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 1049.095616][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 1049.101519][ C0] ? __kthread_parkme+0x169/0x1d0 [ 1049.106557][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 1049.111766][ C0] kthread+0x7a9/0x920 [ 1049.115843][ C0] ? __pfx_kthread+0x10/0x10 [ 1049.120442][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 1049.125648][ C0] ? __pfx_kthread+0x10/0x10 [ 1049.130241][ C0] ? __pfx_kthread+0x10/0x10 [ 1049.134842][ C0] ? __pfx_kthread+0x10/0x10 [ 1049.139437][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 1049.144639][ C0] ? lockdep_hardirqs_on+0x99/0x150 [ 1049.149844][ C0] ? __pfx_kthread+0x10/0x10 [ 1049.154443][ C0] ret_from_fork+0x4b/0x80 [ 1049.158862][ C0] ? __pfx_kthread+0x10/0x10 [ 1049.163467][ C0] ret_from_fork_asm+0x1a/0x30 [ 1049.168254][ C0] [ 1049.171276][ C0] rcu: Stack dump where RCU GP kthread last ran: [ 1049.177606][ C0] CPU: 0 UID: 0 PID: 19652 Comm: kworker/u8:5 Not tainted 6.14.0-rc6-syzkaller-00003-g4d872d51bc9d #0 [ 1049.188535][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 1049.198594][ C0] Workqueue: events_unbound toggle_allocation_gate [ 1049.205112][ C0] RIP: 0010:smp_call_function_many_cond+0x1ba4/0x2d30 [ 1049.211880][ C0] Code: 03 84 c0 75 7e 45 8b 65 00 44 89 e6 83 e6 01 31 ff e8 c0 f4 0b 00 41 83 e4 01 4c 8b 64 24 68 75 07 e8 70 f0 0b 00 eb 41 f3 90 <48> b8 00 00 00 00 00 fc ff df 0f b6 04 03 84 c0 75 11 41 f7 45 00 [ 1049.231493][ C0] RSP: 0018:ffffc9000cac7640 EFLAGS: 00000293 [ 1049.237569][ C0] RAX: ffffffff81b5ee65 RBX: 1ffff110170e88c9 RCX: ffff888026853c00 [ 1049.245543][ C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 1049.253512][ C0] RBP: ffffc9000cac7840 R08: ffffffff81b5ee30 R09: 1ffffffff28a2908 [ 1049.261486][ C0] R10: dffffc0000000000 R11: fffffbfff28a2909 R12: ffff8880b863f9c8 [ 1049.269460][ C0] R13: ffff8880b8744648 R14: ffff8880b863f9c0 R15: 0000000000000001 [ 1049.277432][ C0] FS: 0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 1049.286365][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1049.292950][ C0] CR2: 0000001b2fc1eff8 CR3: 000000000e938000 CR4: 00000000003526f0 [ 1049.300928][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1049.308903][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1049.316872][ C0] Call Trace: [ 1049.320161][ C0] [ 1049.323008][ C0] ? rcu_check_gp_kthread_starvation+0x278/0x310 [ 1049.329350][ C0] ? print_other_cpu_stall+0x1481/0x15c0 [ 1049.335003][ C0] ? __pfx_print_other_cpu_stall+0x10/0x10 [ 1049.340833][ C0] ? kvm_check_and_clear_guest_paused+0x6a/0xd0 [ 1049.347084][ C0] ? rcu_sched_clock_irq+0xa26/0x10e0 [ 1049.352472][ C0] ? __pfx_rcu_sched_clock_irq+0x10/0x10 [ 1049.358119][ C0] ? update_process_times+0x242/0x2f0 [ 1049.363500][ C0] ? tick_nohz_handler+0x37c/0x500 [ 1049.368619][ C0] ? __pfx_tick_nohz_handler+0x10/0x10 [ 1049.374084][ C0] ? __hrtimer_run_queues+0x551/0xd30 [ 1049.379473][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 1049.385191][ C0] ? handle_softirqs+0x7e0/0x9b0 [ 1049.390132][ C0] ? read_tsc+0x9/0x20 [ 1049.394205][ C0] ? ktime_get_update_offsets_now+0x38e/0x3b0 [ 1049.400288][ C0] ? hrtimer_interrupt+0x403/0xa40 [ 1049.405428][ C0] ? __sysvec_apic_timer_interrupt+0x110/0x420 [ 1049.411593][ C0] ? sysvec_apic_timer_interrupt+0xa1/0xc0 [ 1049.417409][ C0] [ 1049.420343][ C0] [ 1049.423278][ C0] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1049.429447][ C0] ? smp_call_function_many_cond+0x1b90/0x2d30 [ 1049.435606][ C0] ? smp_call_function_many_cond+0x1bc5/0x2d30 [ 1049.441768][ C0] ? smp_call_function_many_cond+0x1ba4/0x2d30 [ 1049.447932][ C0] ? kmem_cache_alloc_bulk_noprof+0x156/0x7c0 [ 1049.454007][ C0] ? kmem_cache_alloc_bulk_noprof+0x156/0x7c0 [ 1049.460086][ C0] ? __pfx___text_poke+0x10/0x10 [ 1049.465033][ C0] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 1049.471363][ C0] ? __pfx___might_resched+0x10/0x10 [ 1049.476654][ C0] ? __pfx___mutex_trylock_common+0x10/0x10 [ 1049.482555][ C0] ? __pfx_do_sync_core+0x10/0x10 [ 1049.487586][ C0] on_each_cpu_cond_mask+0x3f/0x80 [ 1049.492714][ C0] text_poke_bp_batch+0x352/0xb30 [ 1049.497747][ C0] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1049.503739][ C0] ? arch_jump_label_transform_apply+0x17/0x30 [ 1049.509901][ C0] ? __pfx_text_poke_bp_batch+0x10/0x10 [ 1049.515457][ C0] ? arch_jump_label_transform_queue+0x9b/0x100 [ 1049.521714][ C0] text_poke_finish+0x30/0x50 [ 1049.526395][ C0] arch_jump_label_transform_apply+0x1c/0x30 [ 1049.532378][ C0] static_key_enable_cpuslocked+0x136/0x260 [ 1049.538280][ C0] static_key_enable+0x1a/0x20 [ 1049.543048][ C0] toggle_allocation_gate+0xbc/0x260 [ 1049.548342][ C0] ? __pfx_toggle_allocation_gate+0x10/0x10 [ 1049.554243][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1049.560591][ C0] ? process_scheduled_works+0x9c6/0x18e0 [ 1049.566314][ C0] process_scheduled_works+0xabe/0x18e0 [ 1049.571897][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 1049.577889][ C0] ? assign_work+0x364/0x3d0 [ 1049.582494][ C0] worker_thread+0x870/0xd30 [ 1049.587097][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 1049.593000][ C0] ? __kthread_parkme+0x169/0x1d0 [ 1049.598033][ C0] ? __pfx_worker_thread+0x10/0x10 [ 1049.603150][ C0] kthread+0x7a9/0x920 [ 1049.607225][ C0] ? __pfx_kthread+0x10/0x10 [ 1049.611826][ C0] ? __pfx_worker_thread+0x10/0x10 [ 1049.616950][ C0] ? __pfx_kthread+0x10/0x10 [ 1049.621566][ C0] ? __pfx_kthread+0x10/0x10 [ 1049.626188][ C0] ? __pfx_kthread+0x10/0x10 [ 1049.630799][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 1049.636016][ C0] ? lockdep_hardirqs_on+0x99/0x150 [ 1049.641230][ C0] ? __pfx_kthread+0x10/0x10 [ 1049.645859][ C0] ret_from_fork+0x4b/0x80 [ 1049.650296][ C0] ? __pfx_kthread+0x10/0x10 [ 1049.654907][ C0] ret_from_fork_asm+0x1a/0x30 [ 1049.659700][ C0]