last executing test programs: 5m11.038596187s ago: executing program 4 (id=219): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b000000000000000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fdffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x4) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000009feffff720a00fef8ffffff71a400fe0000000071101000000000001d300200000000004704000001ed030407000000c00000001d440000000000006b0a00fe0000000072030000000a0000e500f9ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616276fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a26048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdec86f9b1eb93d491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f806694d461b76a58d88cf0f520310a1e80dc18cde9ad662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a090f3b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) 5m9.956664484s ago: executing program 4 (id=225): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0, 0xbf}}, 0x4000) bind$802154_raw(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000240)={0xc, 0xfffffffffffff800}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) tkill(r0, 0x35) 5m8.964634737s ago: executing program 4 (id=229): mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) userfaultfd(0x0) io_setup(0x1, 0x0) openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, 0x0) syz_emit_vhci(&(0x7f0000000540)=ANY=[], 0x22) syz_emit_vhci(&(0x7f0000001300)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x0, 0x4}}, 0x9) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'veth1_macvtap\x00'}) r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000300)=ANY=[@ANYBLOB="12010000000000401c1b3e1b00000000000109026a00010000000009040000010300000009210000000122050009058103"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="002205"], 0x0}, 0x0) syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x4000) 5m7.087591638s ago: executing program 4 (id=236): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0) mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0) mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0) move_mount(r0, &(0x7f0000000080)='./file0/file0\x00', r0, &(0x7f0000000040)='./file0/../file0\x00', 0x0) mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./file0\x00', 0x0, 0x12f451, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=r0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) 5m6.946951903s ago: executing program 4 (id=237): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = syz_io_uring_setup(0x6de4, &(0x7f0000000180)={0x0, 0x95d3, 0x0, 0x2}, &(0x7f00000000c0), &(0x7f0000000140)) io_uring_enter(r3, 0x0, 0xe38e, 0x5, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS2(r3, 0xf, &(0x7f00000024c0)={0x2, 0x0, 0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000240)=""/191, 0xbf}], &(0x7f0000002480)=[0x0, 0x2]}, 0x20) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r3, 0x10, &(0x7f0000002d80)={0x0, 0x0, &(0x7f0000002cc0)=[{0x0}, {0x0}], 0x0, 0x2}, 0x20) 5m6.495260502s ago: executing program 4 (id=242): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_emit_vhci(&(0x7f00000004c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x1b}, @l2cap_cid_signaling={{0x17}, [@l2cap_move_chan_req={{0xe, 0x1, 0x3}, {0x6, 0x1f}}, @l2cap_conn_req={{0x2, 0x9, 0x4}, {0x9, 0x9}}, @l2cap_move_chan_cfm={{0x10, 0x1, 0x4}, {0x0, 0xc}}]}}, 0x20) process_madvise(0xffffffffffffffff, &(0x7f0000000200), 0x1000000000000276, 0x0, 0x0) 5m5.791168505s ago: executing program 32 (id=242): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_emit_vhci(&(0x7f00000004c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x1b}, @l2cap_cid_signaling={{0x17}, [@l2cap_move_chan_req={{0xe, 0x1, 0x3}, {0x6, 0x1f}}, @l2cap_conn_req={{0x2, 0x9, 0x4}, {0x9, 0x9}}, @l2cap_move_chan_cfm={{0x10, 0x1, 0x4}, {0x0, 0xc}}]}}, 0x20) process_madvise(0xffffffffffffffff, &(0x7f0000000200), 0x1000000000000276, 0x0, 0x0) 14.547228171s ago: executing program 3 (id=1423): socket$nl_generic(0x10, 0x3, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) fcntl$getown(r0, 0x9) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) bpf$PROG_LOAD(0x5, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) r2 = socket$inet6_sctp(0xa, 0x801, 0x84) sendto$inet6(r2, &(0x7f0000000140)="f4", 0x1, 0x0, &(0x7f0000000240)={0xa, 0x4e21, 0x0, @rand_addr=' \x01\x00'}, 0x1c) r3 = socket$netlink(0x10, 0x3, 0x4) writev(r3, &(0x7f0000000000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560a84476080ffe00600030000590000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x40b}], 0x1) 12.367928671s ago: executing program 3 (id=1426): unshare(0x60000000) socket$inet6_tcp(0xa, 0x1, 0x0) unshare(0x44000000) close(0x3) pivot_root(&(0x7f0000000340)='./file0/../file0\x00', &(0x7f00000001c0)='./file0\x00') r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000001e80)=ANY=[@ANYBLOB="61154c00000000006113500000000000bfa00000000000001503000008004e002d3501000000000095006e00000000006916000000000000bf67000000000000350605000fff07206706000005000000160302000ee60060bf5000000000000063650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffbd4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc2300000008ac86d8a297dff0445a15f21dce4de9f29eff65aadc841848c9b562a31e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba751e4e174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000207b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c6939628950000000000000001c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fb9fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce95798adc2dca871073f6bd61dc18402cde8bf777b2eaa45c940aabc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db059acaba9eaea93f811d434e00000000000000000000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5c3fddfd188ff555285b9743d3aac000583f42d168613151d681a2f71373f20d92c9048407c91fabecfe8b3f2d5454d127edab14ba61ba1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7ac756f61dcc372cdd30b82507489f0bbfbd3c3f21752e81319c0161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a80756447322207b4007dff12eb95066cc6bc256f0a12282224bb031bbee6d23cef7074f6d718b06ca80b57aa183dd0c3eee45891441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf855689232f4fc5135790662dc1419a374be9d7b3e5be2886d23add90d862f1a682ff11c798e338af3e5bb0f9d3952b15bf3e0c618c89d20ca1e18a031397693bf3cfbd8417e5b55e641c898c280356f2da222d5d68919d98158578dcf18efa404e508bcbbb8cfcf70086821ebdf34c9a1dff45af873df904c2bdbef81f246d26f4b40df949e12bdac18532f4e11c608cc31d60cb591c40a7b386fa1c753336d7220a35118d4919b45eff32a103393c7c166215dab684e62c6691de14e97aa7e9dc8ecf0cd50540246d2b746e41e5b4e2c095031dfe0f71db6265f7580d098be40ef36faee5d1695830d4242a23e541e6ce9fa1998d8961cf4fe3c8e8fbb566f148c8befc229614a4b7f80d237b8abc6fd0407de31d6e5532f360d379f20f054692b47207922fe6c14eba96c9a7ae906abc1ae1ae8c4fae92883cfa175740395ef9e4a0d"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) socket$unix(0x1, 0x1, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0xffffffff0000, 0x0, 0x113b, 0xffffffffffffffff, 0x8000000) r1 = socket$unix(0x1, 0x1, 0x0) bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) listen(r1, 0x0) 10.580596954s ago: executing program 3 (id=1436): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r3, &(0x7f0000000480)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x37}}, 0x10) r4 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_RECVRCVINFO(r4, 0x84, 0x20, &(0x7f0000000000), &(0x7f00000000c0)=0x4) 9.033949132s ago: executing program 3 (id=1442): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3590], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000380)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000080)="af03b6a302000032010054", 0xb) r4 = syz_open_dev$sndctrl(&(0x7f00000000c0), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r4, 0xc4c85513, &(0x7f0000000040)={0xb}) 7.153304376s ago: executing program 5 (id=1448): r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r1) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x10, 0x3}]}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r3 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000140)) epoll_pwait(r3, &(0x7f0000000080)=[{}], 0x1, 0x0, 0x0, 0x0) r4 = openat$random(0xffffffffffffff9c, &(0x7f0000002680), 0x100080, 0x0) ioctl$RNDCLEARPOOL(r4, 0x5206, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x0) gettid() syz_open_procfs(r0, &(0x7f0000000140)='mounts\x00') 5.147930985s ago: executing program 3 (id=1454): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r0}, 0x18) socket$inet6_udp(0xa, 0x2, 0x0) socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) r1 = syz_open_dev$MSR(0x0, 0x0, 0x0) read$msr(r1, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$null(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r2 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1241, 0x5015, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x3, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0xff, 0x1, {0x22, 0x3}}, {{{0x9, 0x5, 0x81, 0x3, 0x40, 0x0, 0x7e}}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r2, 0x0, 0x0) syz_usb_control_io(r2, &(0x7f0000000300)={0x2c, &(0x7f00000000c0)={0x40, 0x2, 0x4, {0x4, 0xb, "a843"}}, 0x0, 0x0, 0x0, 0x0}, 0x0) 4.950001951s ago: executing program 0 (id=1455): r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0) r2 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f00000000c0)={0xdb, 0x1ff, 0xb}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000000)={0x7fff, 0x8, 0x100}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000080)={0x2, 0x5, 0x3}) r3 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000100)={0x6, 0x1f, 0x6}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f00000000c0)={0xdb, 0x1ef, 0xb}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f00000001c0)={0x15, 0x1, 0x3}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000040)={0x49, 0x7fff, 0x4}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000140)={0xfbfd, 0x401d, 0x3}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f00000002c0)={0x8, 0xd7, 0x8}) close_range(r0, 0xffffffffffffffff, 0x0) 4.780029126s ago: executing program 0 (id=1457): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f00000002c0), r3) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="60000000020601020000740000000000000000000900020073797a31000000000500010007000000050005000a000000140007800800134000e4000008001240ffffffff11000300686173683a69702c706f727400000000050004"], 0x60}}, 0x0) sendmsg$IEEE802154_LLSEC_LIST_DEV(r3, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0x0) 4.00896645s ago: executing program 2 (id=1458): r0 = syz_init_net_socket$ax25(0x3, 0x2, 0x1) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xe, 0x8b}, 0x0) setsockopt$MRT6_ADD_MFC(0xffffffffffffffff, 0x29, 0xcc, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_open_dev$usbfs(0x0, 0x80000000003, 0x101301) socket$inet_tcp(0x2, 0x1, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x10) ioctl$SIOCAX25GETINFO(r0, 0x89ed, &(0x7f0000000300)) 3.914049272s ago: executing program 5 (id=1459): r0 = openat$vsock(0xffffff9c, &(0x7f00000001c0), 0x40101, 0x0) sendmsg$RDMA_NLDEV_CMD_GET(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4008000}, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00'}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) sendmsg$TIPC_NL_KEY_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000880}, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x2004c8, 0x8000000, 0x0, 0x10000000, 0xfffffffffffffffe, 0x1, 0x0, 0x0, 0x5]}) sendmsg$NL80211_CMD_SET_KEY(r3, &(0x7f0000000480)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000440)={&(0x7f0000000240)=ANY=[@ANYBLOB="01002abd7000fddbdf250a000000080003", @ANYRES32=0x0, @ANYBLOB='\b\x00'], 0x24}, 0x1, 0x0, 0x0, 0x4004841}, 0x4810) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x400000000000002, 0x5, 0xfffffffffffffffe, 0x4, 0x2, 0x0, 0xefffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x3], 0x0, 0x41901}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 3.575385442s ago: executing program 0 (id=1460): r0 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000005000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) sendto$llc(r0, 0x0, 0x0, 0x0, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, 0x10) 3.110610449s ago: executing program 2 (id=1461): sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0) read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r0 = gettid() timer_create(0x0, &(0x7f00000001c0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000000000)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r1 = socket(0x40000000015, 0x5, 0x0) connect$inet(r1, &(0x7f0000000200)={0x2, 0x4e20, @loopback}, 0x10) setsockopt$SO_RDS_TRANSPORT(r1, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00006dbffc), 0x4) bind$inet(r1, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57) sendmsg$xdp(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000000940)="b961d2f27c17de791c37dcb4e84cacc08072e280a7dbaba20ce02a4e9ea0f8bc694411c335b8858bda3a168c6172b1ca7ab72989f4d836f4e0c2602e806848c1bd2ea1e71928db18e9f6478f44fb56f5eb8796a09669d58a17e7b9a9738caf5b354e2c49483de43062505c932e9afb872305e08d38231464e0ce8917b714a72bc3a7ce98a456ffd6a77b4ff027057c9005a9db348f6a7f24129c9627d7df0091ad2ea48c62709777d4faf2ff41e0c454bc6536c608931926629bbe148044ee2ffda647d86a035545638494aaf8029ae0f23fec1af4d20a8e9b2ae6081f60c71ca4938c9c71c39755434f3e403dfbcace5c62ac8aec39a86ca22be14dc29df5d4e0d48356c598ee5063bc9e8dd2df49d2f7daa188c6d70b8f89db366e476836d2b59d1c5ce103b7fd4206ccbfff24172267056546ac0848aba73d759e0fbd6ec7cf0e2b31ea6adb0ea9ef986d7a829ace2a6669058d5601aea9e97074e2ad864aba112a16fa9e52a999447993fabc205e1171915d72ab40100d911a0c395e0b58d48065f3814da4a240ee5782839863d6b918a9c554c1178b73544d6fb9f01708f43b92753905c1ccc94100cb22cd842d6ef0f74bcc08beaa6a920b88f69eb3f638ca5a16b9ea9e339013a18d682326cd749b8d12833960f8305eeaf028810f79f43eac990755df3fe59e3e4a9a7e508676dac1183f92e9a35f1d7e34f285bccc6ad9c7bc037d8bf4e64ac7a377d88add6b686e38c10cf50ed7d8d0e186a26ce9d15d076cb3b22f02457cca794038bf8dde1e57d05bbec774244828f59f8d9b739bb160272e7e09c0e9813bd93465d9467a9d7276e2f7019779de9cfa9dad515330fc59e61c6ccf1ee5869e59c18e6d07bc9c91d2f1a6405e89c3931734f3788aa32235c715f8361a4b231d7b7eea28860ffd095acbb7428465a01dd7eacb5a21055bffc3ee30da0181bae3916b0fe503908adc29de0f90d8b483ea7358d128ba7b9a3a3f89b03920fbc6253a23f225d7fb1857923acd4f7e01192a58a1104fe97443343268830f07737f4e11f6a5121522cf723b04877af2dc7bc6162a9a0ffdb41a662389d60abe9e521cbf15b6da7932a19fcf501da4ed90a55f48e865078883b240d83b175158926c83c9e421835e29be77fc3fbd41ca2d2b85e9d9075464216abac993f2130bc3628966f0695bf8d6483b4c60d7ebaceccbcffd762939ba1afdf4370fd0486454186c6fd9e67f492ed1841fbe28fb59f91cf5e5c1f76122a5d9f872d6a8a383655583923c4c15df8f0868e1cf5ea3de58c0c12d39edb1f8953a2ff4c4a7c5eb74fd0e975a859a84876f618c1af0df83eaf22fc53ff15a9f14bba0d7c730b8291d2e17e53078303a2c0df7aceac9c147b215d35e992e4af957610cd8e0de70906d599caef004e609021e0989f3800e835bc1ef08010dae0651b545ac40c5544433dd47e8e3afc77dedab66332c47807450a9da135dc9ac12438cb758baef5034013132c76b0e337c2411c4c4119c0f82b77d5dac4af39b779cd5577f521ffd26686b761f67298ecb3ee283f95b7d96732941977bebad36c5d19e053fc9ecccd1f6b46e47d50107a5228836b64404de203d24faf21245d051a6", 0x481}], 0x1}, 0x0) sendmsg$alg(r1, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0) 2.845430915s ago: executing program 1 (id=1462): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() socket$pppoe(0x18, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) syz_emit_ethernet(0x4a, &(0x7f00000005c0)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0xc2}}}}}}}, 0x0) sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002) r3 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$PTP_SYS_OFFSET(r3, 0x80503d0a, &(0x7f0000000040)={0x17}) sendmmsg(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0) 2.543914457s ago: executing program 5 (id=1463): socket$inet6_sctp(0xa, 0x5, 0x84) r0 = socket(0x2b, 0x80801, 0x1) recvfrom$inet6(r0, 0x0, 0x0, 0x10000, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)}, &(0x7f0000002100)=0x10) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x41720, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_GET_FPU(r3, 0x81a0ae8c, &(0x7f0000000100)) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) r4 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r4, 0xc1105517, &(0x7f0000000340)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 'syz1\x00', 0x0, 0x8}) ioctl$MEDIA_IOC_ENUM_LINKS(0xffffffffffffffff, 0xc01c7c02, 0x0) r5 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r5, 0x40405515, &(0x7f0000000540)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0xfd22]}) 2.218505014s ago: executing program 0 (id=1464): socket$qrtr(0x2a, 0x2, 0x0) r0 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(0xffffffffffffffff, 0x3ba0, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='sched_switch\x00', r2}, 0x10) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) fcntl$setstatus(r0, 0x4, 0x0) r3 = syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x0) ioctl$NBD_SET_FLAGS(r3, 0xab0a, 0x1000001000104) ioctl$NBD_SET_SOCK(r3, 0xab00, r1) ioctl$NBD_DO_IT(r0, 0xab03) ioctl$NBD_CLEAR_SOCK(r3, 0xab04) 2.210501997s ago: executing program 1 (id=1465): creat(&(0x7f0000000240)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15) r2 = dup(r1) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000003c0)=ANY=[], 0x105) close(0xffffffffffffffff) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) unshare(0x4000600) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x10410, &(0x7f0000000300)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) chmod(&(0x7f0000000140)='./file0\x00', 0x0) r3 = open$dir(&(0x7f0000000140)='./file0\x00', 0x1, 0x0) fsync(r3) 2.152044s ago: executing program 1 (id=1466): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10) r4 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r4, 0x0, 0x482, &(0x7f0000000040)={0x84, @dev, 0x0, 0x0, 'lblcr\x00'}, 0x2c) setsockopt$inet_tcp_int(r4, 0x6, 0x17, &(0x7f0000000000), 0x4) setsockopt$IP_VS_SO_SET_FLUSH(r4, 0x0, 0x485, 0x0, 0x0) 2.151256115s ago: executing program 2 (id=1467): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413e850000000f00000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r0}, 0x18) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x3c}, 0x1, 0x0, 0x0, 0x8815}, 0x24000004) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/vs/ignore_tunneled\x00', 0x2, 0x0) setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0xfffffffffffffffe]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x400000000000002, 0x5, 0xfffffffffffffffe, 0x4, 0x2, 0x0, 0xefffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x3], 0x0, 0x41901}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 2.05200505s ago: executing program 5 (id=1468): sendmsg$RDMA_NLDEV_CMD_STAT_SET(0xffffffffffffffff, 0x0, 0x0) mkdirat(0xffffffffffffff9c, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x0, 0x0) r3 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r3, &(0x7f00000000c0)={0x0, 0xf00, &(0x7f0000000080)={&(0x7f0000000040)={0x38, 0x1403, 0x1, 0x70bd2a, 0x25dfdbfe, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'bond0\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x20000000) 1.474158576s ago: executing program 0 (id=1469): r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000480), 0x0, 0x0) ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000040)=0x5) io_setup(0x3, &(0x7f00000000c0)=0x0) io_submit(r2, 0x1, &(0x7f0000000200)=[&(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000700)='9', 0x1}]) ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"}) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r3, &(0x7f0000000600)=ANY=[@ANYRES32=r0, @ANYRESDEC], 0x118) io_destroy(r2) ioctl$VHOST_SET_FEATURES(0xffffffffffffffff, 0x4008af00, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0) r4 = syz_open_pts(r1, 0x0) r5 = dup3(r4, r1, 0x0) ioctl$TIOCSTI(r5, 0x5412, &(0x7f0000000000)) 1.456823252s ago: executing program 2 (id=1470): pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e"], 0x15) r1 = dup(r0) write$FUSE_BMAP(r1, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r1, &(0x7f00000000c0)={0x14c}, 0x137) write$FUSE_NOTIFY_RETRIEVE(r1, &(0x7f0000000180)={0x30, 0x5, 0x0, {0x0, 0x4, 0x0, 0x8}}, 0x30) socket$nl_xfrm(0x10, 0x3, 0x6) syz_open_dev$tty1(0xc, 0x4, 0x1) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r2 = getpid() sched_setscheduler(r2, 0x2, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r3, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f00000017c0)=@newtaction={0x88c, 0x30, 0x12f, 0x0, 0x0, {}, [{0x878, 0x1, [@m_police={0x874, 0x1, 0x0, 0x0, {{0xb}, {0x848, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x3, 0x81, 0x8c4b, 0x800, 0xa1, 0x4, 0x8, 0x3, 0x7, 0x1, 0x3, 0x8, 0x3, 0x7, 0xfffffe01, 0x1, 0x2, 0x4, 0x81, 0x9, 0x1, 0xb3b0, 0x5, 0x69, 0x8, 0x1000, 0x5, 0x8c0, 0x2, 0x75, 0x9, 0x7f, 0x4, 0x9, 0x0, 0xce, 0x1, 0xb, 0x0, 0xc4ff, 0x9436, 0x9, 0x3, 0x1, 0xa3f, 0x9, 0x200, 0xaaa, 0x2, 0x9, 0x200, 0x2, 0x6, 0x1, 0x100, 0x0, 0x3, 0xfffffffe, 0x6, 0x6, 0xa, 0xfd1, 0x8, 0x6, 0xff, 0x0, 0x7, 0x235, 0x1, 0x10001, 0xeec, 0x0, 0x4, 0xdbdf, 0x8, 0x5, 0x6, 0xee3a, 0x9a, 0x0, 0xffff, 0x9, 0x10001, 0x4, 0x5, 0x8001, 0x4, 0x0, 0x7, 0x1, 0x6, 0x200, 0x101, 0x0, 0x4, 0x7, 0x1000, 0x1, 0x4, 0x1, 0xfffffffa, 0x8, 0xd27, 0xf6, 0x4, 0xe48, 0x100, 0x9, 0x6, 0xfffffff7, 0xa6, 0x9, 0x59, 0x8, 0x5, 0x9, 0x9, 0xfffffff7, 0x723, 0xbc6, 0x4, 0x7, 0x10000, 0x7, 0xffff, 0x1, 0x0, 0x40, 0x3, 0xb, 0x2, 0xffffffff, 0x9, 0x5, 0x9, 0x1, 0x80000001, 0x80000000, 0x8800000, 0x4, 0x40, 0x0, 0x6, 0x401, 0xdd9, 0x7ff, 0x800, 0xe, 0x1, 0x2, 0x5347, 0x5, 0x9, 0x9, 0x8, 0x5, 0x101, 0x8, 0x3, 0x3, 0x1ff, 0x8000, 0x7, 0x1, 0x9, 0x800, 0x9, 0x54aa3579, 0x1, 0xfffffffe, 0x4, 0xdbdd, 0x4, 0x8000, 0x4, 0x4, 0x4, 0x3, 0xfffffff8, 0x1000, 0x5, 0x400, 0xb, 0x0, 0x8, 0x6, 0x3f800000, 0x8, 0x810a, 0x6f5334a4, 0x29ad, 0xffffffff, 0x4822, 0x4, 0x4, 0xff, 0x368, 0x0, 0x9, 0x7f, 0xfffffffe, 0xac9, 0x6, 0x4, 0x5, 0x5, 0x3, 0x30000000, 0xb5000000, 0x4, 0x3, 0x4, 0x0, 0x3, 0xeb4, 0x8, 0x3, 0x5, 0x1, 0x7f, 0x7, 0x6, 0x3ff, 0x1, 0x1, 0x1, 0xfff, 0x3, 0x4, 0x3ff, 0x8000, 0x8, 0x9, 0x5, 0xa, 0xfff, 0x4, 0x6, 0x1, 0x8, 0x2, 0x10001, 0x4, 0x9, 0x0, 0x1, 0x25, 0x0, 0x6, 0x40, 0x6, 0x6, 0x6, 0x13, 0x6, 0x6]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x1, 0x2, 0x1, 0x7ff, 0x7, {0x5, 0x1, 0xfffe, 0x0, 0x7, 0x6}, {0x3, 0x0, 0xff, 0x2, 0x7, 0x239c}, 0x5, 0x7}}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x1, 0x6, 0x1, 0xffff000, 0xfd, 0x3, 0x4d, 0x3, 0x9, 0x4, 0xffffff15, 0x2, 0x48, 0x9, 0x100, 0x6, 0x0, 0xfffff943, 0x4, 0x7ff, 0x8, 0x5, 0x40, 0x400, 0x0, 0x2, 0x2, 0x8, 0x7fffffff, 0x6, 0x401, 0x8, 0x3, 0x0, 0x7, 0xfffff1b2, 0x3af6, 0xb, 0x8, 0x6, 0x8, 0x2, 0x6, 0x6942, 0x54740000, 0xbd, 0x0, 0x1, 0x8, 0x1, 0x7fff, 0x1, 0x2, 0x0, 0x9, 0x8, 0x81, 0x3, 0x5, 0x3, 0x9, 0x77e, 0xb95, 0x1, 0x0, 0x0, 0xdcb, 0xfffffff7, 0x1, 0xffffffff, 0x800, 0x3, 0x38e, 0xfffffffd, 0x4, 0x7fffffff, 0x5, 0x7f, 0xa, 0x6, 0x4, 0xfffffff8, 0xd2, 0x4, 0x9, 0x2, 0xa16f, 0x81, 0x8000, 0x1687, 0x8, 0x4, 0xb, 0x0, 0xffffffff, 0x7ff, 0x1, 0x7b, 0x183cf332, 0x8, 0x7f, 0x80000001, 0x8, 0xf41849fd, 0xfffffffd, 0x7, 0x6c, 0x5, 0x6, 0x3, 0x6, 0xfffffff9, 0x9, 0x6, 0x0, 0x0, 0x2, 0x80000000, 0x2, 0xf3, 0x8, 0x1, 0x7fffffff, 0x6, 0xd0c9, 0xa6d, 0x0, 0x3, 0xd6, 0x4, 0x7bf6, 0xffffffa1, 0x73c, 0x6, 0x6, 0x5, 0x200, 0x5, 0x2, 0xe2df, 0xfffffff6, 0x100, 0x1000, 0xa1d4, 0xd4, 0xd, 0x5, 0x1, 0x5, 0x0, 0x3, 0x0, 0x401, 0xd53, 0xfff, 0x10, 0x8, 0x8, 0x6, 0x1f1, 0xc7, 0xfffffffe, 0x0, 0x1, 0x5, 0x8, 0x101, 0x5, 0xa, 0x5, 0x5, 0xffffff35, 0x8, 0xd, 0x800101, 0xffffffff, 0x8, 0xc24, 0xd84, 0x6, 0x3, 0xa, 0x10001, 0x3, 0x1, 0xfffffffa, 0x7, 0xc8, 0x8, 0x5, 0xffffffff, 0xb, 0x6, 0x4, 0xfffffff7, 0x20e, 0x7, 0x7fffffff, 0x10001, 0x4, 0x400, 0x8, 0x2, 0x9, 0x6, 0x5, 0xfffffff9, 0x5, 0x1, 0xe, 0x0, 0x4, 0x9, 0x8, 0x8, 0x1, 0x72, 0x1, 0x8, 0xf, 0x80, 0x6, 0x3, 0x8, 0xda4, 0x81e, 0x1, 0x3, 0x1, 0x1, 0x7, 0x9, 0x4, 0xa, 0x81, 0xeb1, 0xfff, 0x80000001, 0x5, 0x7, 0x6, 0x3, 0x1, 0x9, 0x1, 0xe7, 0xfffffff5, 0x4, 0x3, 0xccb4, 0x400, 0xa51, 0x8, 0x3, 0x4155, 0xedb]}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa, {0x1}}}}]}]}, 0x88c}}, 0x0) 1.107766899s ago: executing program 1 (id=1471): bpf$PROG_LOAD(0x5, 0x0, 0x0) mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfef, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000001300040095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f00000190c0)=0x8) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) execve(&(0x7f0000000200)='./file0\x00', 0x0, &(0x7f0000000580)={[&(0x7f0000000440)='/dev/radio#\x00']}) 920.441607ms ago: executing program 3 (id=1472): r0 = socket(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, 0x0, 0x0) r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat$dsp1(0xffffffffffffff9c, &(0x7f00000000c0), 0x109801, 0x0) r3 = syz_io_uring_setup(0x2f1, 0x0, &(0x7f0000000000), 0x0) io_uring_enter(r3, 0x2def, 0x4000, 0x0, 0x0, 0x0) write$dsp(r2, &(0x7f0000002000)='`', 0x88020) setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f00000004c0)=@raw={'raw\x00', 0x8, 0x3, 0x280, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x238, 0xffffffff, 0xffffffff, 0x238, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [0xffffff00, 0x0, 0xff], 'veth0_virt_wifi\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010101}, [], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x87}, 0x0, 0xa8, 0xe0}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0xffffffffffffffff, 0x6, 0x7}, {0x1, 0x1, 0x3}, {0x1, 0x0, 0x4}, 0x4, 0x9}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x2e0) ptrace(0x4206, r1) ptrace(0x4207, r1) socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_SYNC_FILE(0xffffffffffffffff, 0xc01064c1, 0x0) ptrace(0x11, r1) 919.033942ms ago: executing program 5 (id=1473): r0 = landlock_create_ruleset(&(0x7f0000000240)={0x0, 0x2, 0x3}, 0x18, 0x0) r1 = landlock_create_ruleset(&(0x7f0000000000)={0x10, 0x0, 0x3}, 0x18, 0x0) landlock_restrict_self(r1, 0x0) r2 = open(&(0x7f0000000280)='.\x00', 0x141080, 0x0) fcntl$notify(r2, 0x402, 0x8000003d) landlock_restrict_self(r1, 0x0) landlock_restrict_self(r1, 0x0) landlock_restrict_self(r0, 0x0) landlock_restrict_self(r0, 0x0) landlock_restrict_self(r0, 0x0) landlock_restrict_self(r0, 0x0) landlock_restrict_self(r0, 0x0) landlock_restrict_self(r0, 0x0) symlink(&(0x7f0000001640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/../file0\x00', &(0x7f0000000e40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 882.354859ms ago: executing program 2 (id=1474): syz_open_dev$dri(0x0, 0x2, 0x9a402) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, 0x0, &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000fe001800", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000100000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = socket(0x10, 0x3, 0x0) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'macvlan0\x00', 0x0}) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x404000, 0x0) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000180)=ANY=[@ANYBLOB="680000001000030400"/20, @ANYRES32=r3, @ANYBLOB="0000000000000000400012800c0001006d6163766c616e003000028008000100100000001c0005800a000400aaaaaaaaaabb00000a000400aaaaaaaaaa0000000800030003"], 0x68}}, 0x64000004) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f00000001c0)=ANY=[@ANYBLOB="01"]) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuset.effective_mems\x00', 0x275a, 0x0) write$binfmt_script(r4, &(0x7f0000000000), 0xfea7) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r4, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={0xffffffffffffffff, 0xf, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) 274.169611ms ago: executing program 2 (id=1475): r0 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000005000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) sendto$llc(r0, 0x0, 0x0, 0x0, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, 0x10) 273.65055ms ago: executing program 5 (id=1476): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000080)='./binderfs/binder0\x00', 0x0, 0x0) socket$inet6_mptcp(0xa, 0x1, 0x106) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000540)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x3}, {0x0, [0x2e]}}, 0x0, 0x1b, 0x0, 0x1, 0x3, 0x10000, @value}, 0x28) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0) bpf$ITER_CREATE(0x21, &(0x7f0000000000)={r2}, 0x8) ioctl$SIOCSIFHWADDR(r1, 0x89f0, &(0x7f0000000900)={'bridge0\x00', @random='\x00\x00\x00 \x00'}) 108.919911ms ago: executing program 1 (id=1477): r0 = socket$tipc(0x1e, 0x2, 0x0) r1 = socket$tipc(0x1e, 0x5, 0x0) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000180)={0x42, 0x1}, 0x10) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x2}, 0x10) r2 = socket$tipc(0x1e, 0x2, 0x0) sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x401eb94) bind$tipc(r2, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$TIPC_CMD_SET_NODE_ADDR(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x24, r5, 0x201, 0x70bd27, 0x0, {{}, {}, {0x8, 0x11, 0x4}}}, 0x24}}, 0x0) r6 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r6, 0x10f, 0x87, &(0x7f0000000040)={0x42}, 0x10) openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x484b1e3341a13be1, 0x0) close_range(r3, 0xffffffffffffffff, 0x0) 84.488687ms ago: executing program 0 (id=1478): socket$nl_route(0x10, 0x3, 0x0) openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, &(0x7f00000001c0)={'filter\x00', 0x5, 0x4, 0x3f0, 0x110, 0x0, 0x0, 0x308, 0x308, 0x220, 0x4, 0x0, {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @private, @empty}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @local, @private}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x440) fsopen(&(0x7f00000006c0)='ntfs3\x00', 0x0) openat$nullb(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) socket$key(0xf, 0x3, 0x2) socket$nl_netfilter(0x10, 0x3, 0xc) r0 = syz_io_uring_setup(0x950, &(0x7f0000000240)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000001c0)) write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}) io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0) 0s ago: executing program 1 (id=1479): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48) add_key$keyring(&(0x7f0000000080), 0x0, 0x0, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f0000000000)='net/fib_trie\x00') preadv(r4, &(0x7f0000002700)=[{&(0x7f00000008c0)=""/98, 0x62}], 0x1, 0x2000000, 0x0) kernel console output (not intermixed with test programs): ): j1939_xtp_rx_dat: no tx connection found [ 82.035324][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 82.043333][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 82.051248][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 82.059281][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 82.067245][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 82.075307][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 82.083231][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 82.091261][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 82.099174][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 82.107208][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 82.115146][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 82.123195][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 82.131094][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 82.139160][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 82.147078][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 82.155063][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 82.162984][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 82.171038][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 82.178967][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 82.187018][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 82.194905][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 82.202976][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 82.210884][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 82.218940][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 82.226858][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 82.234836][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 82.242745][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 82.250784][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 82.258685][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 82.286823][ T5819] Bluetooth: hci3: command tx timeout [ 82.292985][ T5836] Bluetooth: hci4: command tx timeout [ 83.730671][ T5974] netdevsim netdevsim0 netdevsim0: set [1, 1] type 2 family 0 port 39708 - 0 [ 83.739895][ T5974] netdevsim netdevsim0 netdevsim1: set [1, 1] type 2 family 0 port 39708 - 0 [ 83.748964][ T5974] netdevsim netdevsim0 netdevsim2: set [1, 1] type 2 family 0 port 39708 - 0 [ 83.758119][ T5974] netdevsim netdevsim0 netdevsim3: set [1, 1] type 2 family 0 port 39708 - 0 [ 83.769302][ T5974] netdevsim netdevsim0 netdevsim0: set [1, 2] type 2 family 0 port 38714 - 0 [ 83.817006][ T5974] netdevsim netdevsim0 netdevsim1: set [1, 2] type 2 family 0 port 38714 - 0 [ 84.206432][ T5974] netdevsim netdevsim0 netdevsim2: set [1, 2] type 2 family 0 port 38714 - 0 [ 84.225780][ T5974] netdevsim netdevsim0 netdevsim3: set [1, 2] type 2 family 0 port 38714 - 0 [ 84.245988][ T5974] geneve2: entered promiscuous mode [ 84.251322][ T5974] geneve2: entered allmulticast mode [ 84.393325][ T5985] netlink: 24 bytes leftover after parsing attributes in process `syz.0.30'. [ 84.583757][ T5988] VFS: could not find a valid V7 on nullb0. [ 85.139542][ T5996] Cannot find del_set index 3 as target [ 85.565179][ T6001] netlink: 64 bytes leftover after parsing attributes in process `syz.4.34'. [ 87.006207][ T8] cfg80211: failed to load regulatory.db [ 87.212503][ T25] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 87.396522][ T6023] netlink: 550 bytes leftover after parsing attributes in process `syz.2.40'. [ 87.468291][ T25] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 87.490257][ T25] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 87.525975][ T25] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 87.545799][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 87.563929][ T6030] Zero length message leads to an empty skb [ 87.628675][ T6014] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 87.640330][ T25] usb 2-1: Quirk or no altset; falling back to MIDI 1.0 [ 89.170841][ T5869] usb 2-1: USB disconnect, device number 2 [ 89.787829][ T29] audit: type=1326 audit(1734714719.746:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6064 comm="syz.4.53" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2e57185d29 code=0x0 [ 90.838171][ T6082] ALSA: mixer_oss: invalid OSS volume 'u' [ 91.899994][ T6093] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 93.076579][ T6117] Device name cannot be null; rc = [-22] [ 93.747682][ T29] audit: type=1804 audit(1734714723.716:4): pid=6119 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.3.69" name="/newroot/15/file1" dev="fuse" ino=1 res=1 errno=0 [ 93.798828][ T29] audit: type=1800 audit(1734714723.716:5): pid=6119 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.3.69" name="/" dev="fuse" ino=1 res=0 errno=0 [ 93.902464][ T29] audit: type=1804 audit(1734714723.726:6): pid=6119 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.3.69" name="/newroot/15/file1" dev="fuse" ino=1 res=1 errno=0 [ 93.972598][ T29] audit: type=1804 audit(1734714723.726:7): pid=6119 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.3.69" name="/newroot/15/file1" dev="fuse" ino=1 res=1 errno=0 [ 94.001925][ T29] audit: type=1800 audit(1734714723.726:8): pid=6119 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.3.69" name="/" dev="fuse" ino=1 res=0 errno=0 [ 94.709460][ T6138] Bluetooth: hci4: Opcode 0x0401 failed: -4 [ 95.115939][ T9] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 95.159934][ T29] audit: type=1800 audit(1734714725.126:9): pid=6167 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.1.82" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 95.409014][ T9] usb 5-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a [ 95.419755][ T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 95.435938][ T9] usb 5-1: Product: syz [ 95.440150][ T9] usb 5-1: Manufacturer: syz [ 95.449088][ T9] usb 5-1: SerialNumber: syz [ 95.455428][ T9] usb 5-1: config 0 descriptor?? [ 95.484779][ T5819] Bluetooth: hci5: sending frame failed (-49) [ 95.491308][ T5836] Bluetooth: hci5: Opcode 0x1003 failed: -49 [ 95.510369][ T5819] Bluetooth: hci6: sending frame failed (-49) [ 95.516831][ T5836] Bluetooth: hci6: Entering manufacturer mode failed (-49) [ 95.965859][ T5836] Bluetooth: hci4: command 0x0401 tx timeout [ 96.905927][ T9] usb 5-1: Firmware version (0.0) predates our first public release. [ 96.914178][ T9] usb 5-1: Please update to version 0.2 or newer [ 98.030199][ T9] usb 5-1: USB disconnect, device number 2 [ 99.235061][ T29] audit: type=1326 audit(1734714729.196:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6205 comm="syz.4.93" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e57185d29 code=0x7ffc0000 [ 99.286263][ T6206] binder: 6205:6206 ioctl c0306201 0 returned -14 [ 99.306873][ T29] audit: type=1326 audit(1734714729.196:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6205 comm="syz.4.93" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e57185d29 code=0x7ffc0000 [ 99.350303][ T29] audit: type=1326 audit(1734714729.196:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6205 comm="syz.4.93" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2e57185d29 code=0x7ffc0000 [ 99.385467][ T29] audit: type=1326 audit(1734714729.196:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6205 comm="syz.4.93" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e57185d29 code=0x7ffc0000 [ 99.557549][ T29] audit: type=1326 audit(1734714729.196:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6205 comm="syz.4.93" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e57185d29 code=0x7ffc0000 [ 99.579122][ T29] audit: type=1326 audit(1734714729.196:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6205 comm="syz.4.93" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2e57185d29 code=0x7ffc0000 [ 99.600345][ C1] vkms_vblank_simulate: vblank timer overrun [ 99.607201][ T29] audit: type=1326 audit(1734714729.196:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6205 comm="syz.4.93" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e57185d29 code=0x7ffc0000 [ 99.628697][ T29] audit: type=1326 audit(1734714729.196:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6205 comm="syz.4.93" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e57185d29 code=0x7ffc0000 [ 99.649922][ C1] vkms_vblank_simulate: vblank timer overrun [ 99.677251][ T29] audit: type=1326 audit(1734714729.246:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6205 comm="syz.4.93" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2e57185d29 code=0x7ffc0000 [ 100.108960][ T6218] process 'syz.0.97' launched './file0' with NULL argv: empty string added [ 101.728938][ T6242] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 101.771622][ T6248] 8021q: VLANs not supported on ipvlan0 [ 101.824332][ T6242] tap0: tun_chr_ioctl cmd 1074025677 [ 101.842104][ T6242] tap0: linktype set to 0 [ 103.521484][ T6271] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 104.895844][ T2146] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 105.067887][ T2146] usb 3-1: Using ep0 maxpacket: 8 [ 105.074448][ T2146] usb 3-1: config index 0 descriptor too short (expected 301, got 45) [ 105.088538][ T2146] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 105.149301][ T6302] netlink: 'syz.4.121': attribute type 1 has an invalid length. [ 105.159235][ T2146] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 105.163204][ T6302] syz.4.121 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 105.170112][ T2146] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 105.193098][ T2146] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 105.210724][ T2146] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 105.221133][ T2146] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 106.049511][ T2146] usb 3-1: usb_control_msg returned -32 [ 106.056838][ T2146] usbtmc 3-1:16.0: can't read capabilities [ 106.302540][ T6317] warning: `syz.4.126' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 106.883689][ T6321] usbtmc 3-1:16.0: usb_control_msg returned -32 [ 106.900449][ T5906] usb 3-1: USB disconnect, device number 2 [ 110.246841][ T6376] netlink: 1788 bytes leftover after parsing attributes in process `syz.2.139'. [ 111.734473][ T6395] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 112.450447][ T6386] ceph: missing cluster fsid [ 112.455113][ T6386] ceph: separator ':' missing in source [ 113.182221][ C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 113.500356][ T6429] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 114.591014][ T6444] bridge0: port 1(bridge_slave_0) entered disabled state [ 114.659213][ T29] kauditd_printk_skb: 10 callbacks suppressed [ 114.659233][ T29] audit: type=1326 audit(1734714744.626:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6443 comm="syz.1.161" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4d63f85d29 code=0x0 [ 115.075814][ T8] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 115.153620][ T6470] 9pnet: p9_errstr2errno: server reported unknown error @í΂Í(ááí«QhI¸% [ 115.153620][ T6470] [ 115.261585][ T6471] wg1: entered promiscuous mode [ 115.724077][ T8] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 115.742735][ T8] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 115.770761][ T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 115.783064][ T8] usb 3-1: config 0 descriptor?? [ 115.792171][ T8] pwc: Askey VC010 type 2 USB webcam detected. [ 116.685042][ T8] pwc: recv_control_msg error -32 req 02 val 2b00 [ 116.692320][ T8] pwc: recv_control_msg error -32 req 02 val 2700 [ 116.821650][ T8] pwc: recv_control_msg error -32 req 02 val 2c00 [ 116.876825][ T8] pwc: recv_control_msg error -32 req 04 val 1000 [ 116.884397][ T8] pwc: recv_control_msg error -32 req 04 val 1300 [ 116.891927][ T8] pwc: recv_control_msg error -32 req 04 val 1400 [ 116.956091][ T8] pwc: recv_control_msg error -32 req 02 val 2000 [ 116.967150][ T6482] random: crng reseeded on system resumption [ 117.092238][ T8] pwc: recv_control_msg error -32 req 02 val 2100 [ 117.366289][ T29] audit: type=1804 audit(1734714747.326:30): pid=6496 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.0.180" name="/newroot/32/bus/file1" dev="overlay" ino=193 res=1 errno=0 [ 117.400256][ T8] pwc: recv_control_msg error -71 req 02 val 2500 [ 117.410502][ T8] pwc: recv_control_msg error -71 req 02 val 2400 [ 117.428160][ T8] pwc: recv_control_msg error -71 req 02 val 2600 [ 117.453725][ T8] pwc: recv_control_msg error -71 req 02 val 2900 [ 117.510656][ T8] pwc: recv_control_msg error -71 req 02 val 2800 [ 117.546078][ T8] pwc: recv_control_msg error -71 req 04 val 1100 [ 117.569422][ T8] pwc: recv_control_msg error -71 req 04 val 1200 [ 117.581462][ T8] pwc: Registered as video103. [ 117.591202][ T8] input: PWC snapshot button as /devices/platform/dummy_hcd.2/usb3/3-1/input/input5 [ 117.633230][ T8] usb 3-1: USB disconnect, device number 3 [ 117.802341][ T6505] overlayfs: failed to get inode (-116) [ 117.808799][ T6505] overlayfs: failed to get inode (-116) [ 117.818656][ T6505] overlayfs: failed to get inode (-116) [ 117.824423][ T6505] overlayfs: failed to get inode (-116) [ 121.583047][ T6558] syz.2.199 uses obsolete (PF_INET,SOCK_PACKET) [ 121.612226][ T5836] Bluetooth: hci2: Unknown advertising packet type: 0x16 [ 121.612261][ T5836] Bluetooth: hci2: Unknown advertising packet type: 0x1c [ 121.622946][ T5836] Bluetooth: hci2: Malformed LE Event: 0x0d [ 121.967990][ T6566] [U] [ 121.979152][ T6566] [U] [ 121.982779][ T6566] [U] ŒB˜-LRJ[ÉÍĆÈÍÑœ6Š}Ä%Ü4̾ ­¦H‚ÐÛ@K„Ì-Y•LE‹÷U¾Ÿ¡–ÏÚÁ@‡ŸF´¡§%PEZE,™ÍŽ9FË*À [ 121.993595][ T6566] [U] CW¯™ÇÇ* Þ9JÁQØ#EØËSWÐÁÔC±ÏV·1žÂÛÏ!È žGPœX [ 122.000868][ T6566] [U] N%Ì9ÙÞÖC…_¹ÁNÊ…ÇBC‰…$ÞÔ4Þ(²ž [ 122.008519][ T6566] [U] Hª QÄØ›Tµ¦OÂR‚I#ıËTNBS_RЬ‰¡¾Æ«°:‰Ø€–ɦT‘ȯ ËÙ0¿™’ÚÃËŒÃWÚ™_[HN% [ 122.017879][ T6566] [U] Ï £ÜÙÛ4‡RЛŸÛŠ<)Ü6JG؃¬ÍKÉ^R\ [ 122.023797][ T6566] [U] 7¼R:€J37Ø [ 122.033610][ T6566] [U] YÛPÜ<ÅÔ…ÚU’“H¦3 Æ°-Î̤„Ø\PQBXÕ!Q6ÃÜÆSO'}­Ï[ÉÛÀP5OÉ>€DÊÅÖŽYÞJ>|H0=ÖÔ·TžXÈÒZÔY֦ʢÄš4ª‡IÇ¢À5AZËÑ~ZAÂ~ÝKÝ^TGžSÍJ‹I:Á¶¬Ž¥OD!M2KÃW§¬R>ƈΗKC?X…8 ¥HÇÒ*©@QEÛ»ÚU ½À.J9È“~´{—Á`²ÍÃ'R)Ó-ÀǬŸÎ=5­ÝÖJLY ÉCÄBˆØ;+LP°,FØN‡‚ÁÁYÎ%¿3†P¨ÈÕ&Ç)­Ó][œÈ‹4ÃL»Ã¶£„!’J> ÔÎ [ 122.059998][ C0] vkms_vblank_simulate: vblank timer overrun [ 122.070623][ T6566] [U] Ø.”CšÖ¯·ÏEJÓJÛ@œK’JÁ605RXUÑTTµO‹&XÐOºÖ•§\®‹&…¬°¡ÙN%Y‹‘ÁÐ17¿6`¬ÌI‚W [ 122.093909][ T6566] [U] ÏØÇM<@NºÙKJ(ÝÂ6)Ô)ÎVÌÕLR¢ [ 122.104181][ T6566] [U] >YGÐ ¤Zª?Œ¹`–O­MÉXØÓ‡Ø"Á¨¹š·¢9+¼¾DEÝÁ¹{“ÅŒ$~BÜYDšUME«!XÌÝ›A¹£AUÇ}J„¿Â£2N%MBËQÑÉÄ [ 122.119904][ T6566] [U] ÞWV×ÏÙW‹@HZ=¦(ƒ„Eˆ‡JÉ~ÈOS@žËBÈHª:"®ÃÁ‡!ƒJIÖÄUJ=Á¥)ÎŽU¤Å G×ØÐÚÔ–=Y=ÊKÊADËÎR†¨¹¹Á:=ÉSÖÙ—AX¾ ¢ÛX [ 122.136894][ T6566] [U] BIÞ™E¿„}¼ETØ@±3Ì(Ü ¿¥¨V¤žÀÐ{™Îº©’~ÐUK+Þ{3T˜Ú$Æ».ÃN[8S‹Ê‡šº""ÒÊ”̺„]RÏGÝ5 [ 122.149298][ T6566] [U] V²{Õ¨ÓVNB>DM«·T•¨QÂTÀÃÌÚÀ [ 122.159611][ T6566] [U] GÁ*|Ó9ÙºŸÅ†¸ [ 122.163785][ T6566] [U] G´ÆMIUÔE!ÞÕ TÏŒ*ß…8A7I5‚-|¤Ï6LK [ 122.252046][ T6566] [U] NÅ«—Dª ²Ë ÂÌS}R½BÃÅYºW<»ÂÊÈC‚ ÓÆÐH°\ÓFÍÈD.›Ã÷®˜FŒPK¸Ï‹,ªÎ‚C—Úœ.Â;¤ÊEYºÝK÷Æ]Z>‘ÚIÃÁÓOQ&O«’¼”½,PÙÖ]–,7Í›§UÚÑÝI­­Â [ 122.333306][ T6566] [U] ÀÛ $ÄL÷U2Ê¿F_3•+|NWÕµZÓEÇ—ÒP1W~·ÖN‹(§Oͱ¸8ÒDÏ £SÆÙCDÊ®FÂ65ÖZÜGÃR“Þ°Ú{ÁÒÕT“·ÈK£"@£ÆÐÔÈ :Á5}GÝB—©DѸ¦ƒ\K” [ 122.347143][ T6566] [U] ÈÐÙ ‡YÓ…ÒŸ8Î4Œ4N<; [ 122.352120][ T6566] [U] ÃÔU†IŽ7X#E¤4VML‚ÔÈ‹¬œšGÍ””A³©)-‡ÌÌ(¿NÌ—N–¢ÈÖL#Ã)׌SUÉ6 [ 122.376105][ T6566] [U] )Æ<ÈE?ÊA­¤Uܤ—9ˆ %]²ÔDCCŽE+L<'T¬1ÂKÈ…œ·3ÅÜ.É»Á€Ê ÆWS¨ÉÐÀ×ÐZY­Ï¼9I>ÌÒÑØ]ÞÈœ}{”/`ÌÜ¿5'ÙE– 41ß TNAX߿ʯÇÏ­QÌëI TÒ%ÒGÐ7L~·BÝS [ 124.254125][ T6566] [U] £Í¢ÄÅ¢ [ 124.265129][ T6566] [U] ZÓ‘UÝĪÕ4¬©&Ë™ÃE~Ý8EÁσ1´¥L{ȨGV‰Y$PNO4MËÈÓ*FÓ`ÂÎA€‰T×ÙM0?*I›#;ÁѤ+4V’¹ÛGAØݬÆ%H»·[›AYX)LG]F ‚ÏHÂ|ÞZV²E­/Ëϧ1Ò7Ǭ³-ǽÈÍHœO+¯…^È)8™&E£@A8GË…Œ-ÈWR»SÃÜ-V–-Ò±ÌO>ÆÅQœÄ#9¨UA„H«)F²Þ½´œžSAÖ™³IÜN¼šZ@¯C—¶º>K³L–VD^1É)§M$/ÜÅЄ78..„»Q¢ÝA¸|ŸÖȦ)9Ò">D>EÃÓ#I¬`\Û|{ÓUÂFH.. œEMÍW}]5Ö Ã-,Å¢RK}ÏFÆÕQ¬À·C×O*ÄPÀ¹›Á¦ÂNF¶Ê [ 124.298318][ C0] vkms_vblank_simulate: vblank timer overrun [ 124.306101][ T6563] rdma_op ffff8880309251f0 conn xmit_rdma 0000000000000000 [ 124.420185][ T6566] [U] „§“´ [ 124.423509][ T6566] [U] T¦0Ô—*ÃÕ°ÖXAØØÊËÉ£¥A4W…K¦¼¯¼C]X¢‹ŒË]ÊLÛ÷Æ=ß [ 124.469810][ T6566] [U] Ú$CUGSˆEÔ²6ÖÔÝÌ÷ÝÀ„¹T¼Ï„PPË’Z3T2È£‚”9W-«†Ö‘Ì™ÅAR­Ý»NBÚŽ²²:^XÖϧ·œB÷Á°ÑÖ̲~Þ{JÒÅ [ 124.560843][ T6566] [U] ÍÕTÌ·EÀÊ' 2‚­ÄL*ÁAª ¢-³;P;BTØÖ.¸N¦`¿_Ó®Î;®Ò*·U;°Á5C#R/˜ÆQ¸KÚ*M¡„ÏSAÀšÙÎ#)A‰Bš–>¾YØ‹O\;^°ˆ'ÝßO5_Y¬HŠÑÄÃL÷CEŽŒ&A‚`;ÂœÖԸЕÙSœS¤–Ƈ{ŸH¡Þ ÓTM0ǸµÀBI^LÝÅ>ÀÔ8ÝÙ¢VV8<Ô¶-²{$>°D œ‚Øý]ÅW¶–›UŒšÔ0?K ¬˼ڹŽ[UIRB_ILÚ/ES¿ßI*ŸWÖSÎ*ÃZSÀÔÀÍŽÑ’‹¿ [ 124.586791][ T6566] [U] [ 124.689163][ T6566] [U] [ 124.832823][ T6593] netlink: 92 bytes leftover after parsing attributes in process `syz.4.209'. [ 126.020185][ T6602] Cannot find del_set index 3 as target [ 126.351479][ T6613] input: syz0 as /devices/virtual/input/input6 [ 127.574675][ T6625] netdevsim netdevsim3 netdevsim0: entered promiscuous mode [ 127.588300][ T6625] netdevsim netdevsim3 netdevsim0: left promiscuous mode [ 129.067528][ T29] audit: type=1804 audit(1734714759.036:31): pid=6653 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.2.224" name="/newroot/38/file0" dev="fuse" ino=1 res=1 errno=0 [ 129.722930][ T6656] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns [ 129.738654][ T6656] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer. [ 129.819851][ T5836] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 130.105830][ T2146] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 130.255928][ T5869] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 130.267769][ T2146] usb 5-1: config index 0 descriptor too short (expected 106, got 36) [ 130.276607][ T2146] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 130.302255][ T2146] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 130.319920][ T2146] usb 5-1: New USB device found, idVendor=1b1c, idProduct=1b3e, bcdDevice= 0.00 [ 130.330501][ T2146] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 130.416154][ T5869] usb 4-1: Using ep0 maxpacket: 16 [ 130.424273][ T2146] usb 5-1: config 0 descriptor?? [ 130.434565][ T5869] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 130.479457][ T5869] usb 4-1: New USB device found, idVendor=05ac, idProduct=0231, bcdDevice= 0.40 [ 130.498590][ T5869] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 130.508263][ T5869] usb 4-1: Product: syz [ 130.547867][ T5869] usb 4-1: Manufacturer: syz [ 130.552564][ T5869] usb 4-1: SerialNumber: syz [ 130.608480][ T5869] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/input/input7 [ 130.857272][ T2146] corsair 0003:1B1C:1B3E.0001: unknown main item tag 0x0 [ 130.871642][ T2146] corsair 0003:1B1C:1B3E.0001: unknown main item tag 0x0 [ 130.892291][ T2146] corsair 0003:1B1C:1B3E.0001: unknown main item tag 0x0 [ 130.937005][ T2146] corsair 0003:1B1C:1B3E.0001: unknown main item tag 0x0 [ 130.944146][ T2146] corsair 0003:1B1C:1B3E.0001: unknown main item tag 0x0 [ 130.946569][ T6675] netlink: 24 bytes leftover after parsing attributes in process `syz.0.234'. [ 130.952534][ T2146] corsair 0003:1B1C:1B3E.0001: failed to start in urb: -90 [ 130.972880][ T2146] corsair 0003:1B1C:1B3E.0001: hidraw0: USB HID v0.00 Device [HID 1b1c:1b3e] on usb-dummy_hcd.4-1/input0 [ 131.101802][ T2146] usb 5-1: USB disconnect, device number 3 [ 131.716993][ T6681] ======================================================= [ 131.716993][ T6681] WARNING: The mand mount option has been deprecated and [ 131.716993][ T6681] and is ignored by this kernel. Remove the mand [ 131.716993][ T6681] option from the mount to silence this warning. [ 131.716993][ T6681] ======================================================= [ 133.001294][ T5179] bcm5974 4-1:1.0: could not read from device [ 133.119816][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.126320][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.190084][ T5869] usb 4-1: USB disconnect, device number 2 [ 133.202707][ T5179] bcm5974 4-1:1.0: could not read from device [ 133.309522][ T5819] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 133.318624][ T5819] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 133.331427][ T5819] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 133.371757][ T5819] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 133.388235][ T5819] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 133.396684][ T5819] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 133.530016][ T5836] block nbd2: Receive control failed (result -32) [ 133.530019][ T5819] block nbd2: Receive control failed (result -32) [ 133.637355][ T6701] block nbd2: shutting down sockets [ 133.711652][ T6717] IPVS: sync thread started: state = BACKUP, mcast_ifn = hsr0, syncid = 0, id = 0 [ 134.108830][ T6699] chnl_net:caif_netlink_parms(): no params data found [ 135.066026][ T6699] bridge0: port 1(bridge_slave_0) entered blocking state [ 135.083136][ T6699] bridge0: port 1(bridge_slave_0) entered disabled state [ 135.104754][ T6699] bridge_slave_0: entered allmulticast mode [ 135.540833][ T5836] Bluetooth: hci0: command tx timeout [ 135.749942][ T6699] bridge_slave_0: entered promiscuous mode [ 135.801322][ T6699] bridge0: port 2(bridge_slave_1) entered blocking state [ 135.809221][ T6699] bridge0: port 2(bridge_slave_1) entered disabled state [ 135.816758][ T6699] bridge_slave_1: entered allmulticast mode [ 135.823602][ T6699] bridge_slave_1: entered promiscuous mode [ 135.874860][ T6699] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 135.907810][ T6699] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 135.939583][ T6699] team0: Port device team_slave_0 added [ 135.947825][ T6699] team0: Port device team_slave_1 added [ 135.982378][ T6745] netlink: 16 bytes leftover after parsing attributes in process `syz.1.256'. [ 136.030867][ T6699] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 136.057856][ T6699] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 136.115704][ T6699] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 136.472572][ T6699] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 136.508189][ T6699] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 136.513132][ T6755] QAT: Invalid ioctl 1075883590 [ 136.543132][ T6755] QAT: Invalid ioctl 1075883590 [ 136.550371][ T6755] QAT: Invalid ioctl 1075883590 [ 136.550754][ T6699] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 136.555484][ T6755] QAT: Invalid ioctl 1075883590 [ 136.573702][ T6755] QAT: Invalid ioctl 1075883590 [ 136.581117][ T6755] QAT: Invalid ioctl 1075883590 [ 136.588142][ T6755] QAT: Invalid ioctl 1075883590 [ 136.594182][ T6755] QAT: Invalid ioctl 1075883590 [ 136.601127][ T6755] QAT: Invalid ioctl 1075883590 [ 136.607540][ T6755] QAT: Invalid ioctl 1075883590 [ 136.890656][ T6699] hsr_slave_0: entered promiscuous mode [ 136.896888][ T6699] hsr_slave_1: entered promiscuous mode [ 136.933890][ T6699] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 136.978926][ T6748] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 136.989340][ T6699] Cannot create hsr debugfs directory [ 137.121597][ T6759] kvm: pic: non byte write [ 137.134514][ T6759] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3832186367 (245259927488 ns) > initial count (134218304 ns). Using initial count to start timer. [ 137.137007][ T6699] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 137.183081][ T6699] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 137.197343][ T6699] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 137.212818][ T6699] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 137.300545][ T6699] 8021q: adding VLAN 0 to HW filter on device bond0 [ 137.320255][ T6699] 8021q: adding VLAN 0 to HW filter on device team0 [ 137.338356][ T3003] bridge0: port 1(bridge_slave_0) entered blocking state [ 137.345541][ T3003] bridge0: port 1(bridge_slave_0) entered forwarding state [ 137.393643][ T66] bridge0: port 2(bridge_slave_1) entered blocking state [ 137.400817][ T66] bridge0: port 2(bridge_slave_1) entered forwarding state [ 137.566319][ T5836] Bluetooth: hci0: command tx timeout [ 137.657631][ T6699] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 137.864647][ T6699] veth0_vlan: entered promiscuous mode [ 137.921682][ T6699] veth1_vlan: entered promiscuous mode [ 137.958289][ T6699] veth0_macvtap: entered promiscuous mode [ 137.967945][ T6699] veth1_macvtap: entered promiscuous mode [ 138.361485][ T6699] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 138.373134][ T6699] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 138.406287][ T6699] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 138.417353][ T6699] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 138.427892][ T6699] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 138.438747][ T6699] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 138.448725][ T6699] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 138.459232][ T6699] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 138.469153][ T6699] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 138.480353][ T6699] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 138.491467][ T6699] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 138.501911][ T6699] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 138.512825][ T6699] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 138.522998][ T6699] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 138.533485][ T6699] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 138.543767][ T6699] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 138.554447][ T6699] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 138.564343][ T6699] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 138.574863][ T6699] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 138.584782][ T6699] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 138.595264][ T6699] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 138.606342][ T6699] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 138.616283][ T6699] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 138.625082][ T6699] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 138.634119][ T6699] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 138.643101][ T6699] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 138.734833][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 138.767992][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 138.827697][ T3003] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 138.841135][ T3003] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 139.143321][ T6795] block nbd0: shutting down sockets [ 139.695944][ T5836] Bluetooth: hci0: command tx timeout [ 141.682338][ T6802] syz.1.272 (6802): drop_caches: 2 [ 141.726064][ T5836] Bluetooth: hci0: command tx timeout [ 141.761180][ T9] IPVS: starting estimator thread 0... [ 142.106092][ T6837] IPVS: using max 32 ests per chain, 76800 per kthread [ 142.260997][ T6845] netlink: 'syz.0.282': attribute type 4 has an invalid length. [ 142.425904][ T2146] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 142.655817][ T2146] usb 2-1: Using ep0 maxpacket: 32 [ 142.662348][ T2146] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 142.688203][ T2146] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 142.700659][ T2146] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 142.710297][ T2146] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 142.739603][ T2146] usb 2-1: config 0 descriptor?? [ 143.610045][ T2146] savu 0003:1E7D:2D5A.0002: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.1-1/input0 [ 143.686052][ T2146] usb 2-1: USB disconnect, device number 3 [ 144.835274][ T6875] loop7: detected capacity change from 0 to 16384 [ 144.948125][ T6875] I/O error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0 [ 144.982489][ T6875] Buffer I/O error on dev loop7, logical block 0, lost async page write [ 145.074010][ T6875] I/O error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 16 prio class 0 [ 145.098272][ T6875] Buffer I/O error on dev loop7, logical block 0, lost async page write [ 145.109549][ T6875] Buffer I/O error on dev loop7, logical block 1, lost async page write [ 145.120705][ T6875] Buffer I/O error on dev loop7, logical block 2, lost async page write [ 145.130174][ T6875] Buffer I/O error on dev loop7, logical block 3, lost async page write [ 145.139287][ T6875] Buffer I/O error on dev loop7, logical block 4, lost async page write [ 145.148501][ T6875] Buffer I/O error on dev loop7, logical block 5, lost async page write [ 145.157692][ T6875] Buffer I/O error on dev loop7, logical block 6, lost async page write [ 145.167593][ T6875] Buffer I/O error on dev loop7, logical block 7, lost async page write [ 145.177147][ T6875] Buffer I/O error on dev loop7, logical block 8, lost async page write [ 145.225982][ T5827] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 145.377640][ T5827] usb 2-1: Using ep0 maxpacket: 8 [ 145.385393][ T5827] usb 2-1: unable to get BOS descriptor or descriptor too short [ 145.394819][ T5827] usb 2-1: config 4 has an invalid interface number: 147 but max is 0 [ 145.403376][ T5827] usb 2-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 145.414565][ T5827] usb 2-1: config 4 has no interface number 0 [ 145.424762][ T5827] usb 2-1: New USB device found, idVendor=04f2, idProduct=b746, bcdDevice=8e.6e [ 145.435378][ T5827] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 145.443471][ T5827] usb 2-1: Product: syz [ 145.448076][ T5827] usb 2-1: Manufacturer: syz [ 145.452791][ T5827] usb 2-1: SerialNumber: syz [ 145.486123][ T9] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 145.647269][ T9] usb 4-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47 [ 145.674277][ T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 145.683961][ T6310] Bluetooth: hci5: Frame reassembly failed (-84) [ 145.689769][ T5827] usb 2-1: Found UVC 0.02 device syz (04f2:b746) [ 145.699931][ T9] usb 4-1: config 0 descriptor?? [ 145.705230][ T5827] uvcvideo 2-1:4.147: Entity type for entity Output 1 was not initialized! [ 145.714630][ T5827] usb 2-1: Failed to create links for entity 1 [ 145.722903][ T9] gspca_main: STV06xx-2.14.0 probing 046d:0870 [ 145.730459][ T5827] usb 2-1: Failed to register entities (-22). [ 145.746240][ T5827] usb 2-1: USB disconnect, device number 4 [ 147.726115][ T5836] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 147.879837][ T6921] netlink: 1264 bytes leftover after parsing attributes in process `syz.0.308'. [ 147.904067][ T6917] kvm: emulating exchange as write [ 148.758646][ T9] usb 4-1: USB disconnect, device number 3 [ 151.859774][ T6982] block nbd0: NBD_DISCONNECT [ 151.864414][ T6982] block nbd0: Send disconnect failed -22 [ 151.878224][ T6982] input: syz0 as /devices/virtual/input/input8 [ 151.971886][ T6981] block nbd0: Disconnected due to user request. [ 151.984494][ T6989] Bluetooth: received HCILL_WAKE_UP_IND in state 2 [ 151.995175][ T6981] block nbd0: shutting down sockets [ 151.998007][ T3026] Bluetooth: hci5: Frame reassembly failed (-84) [ 152.046004][ T9] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 152.317340][ T9] usb 3-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config [ 152.327966][ T9] usb 3-1: New USB device found, idVendor=0582, idProduct=0000, bcdDevice= 0.00 [ 152.338827][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 152.457433][ T9] snd-usb-audio 3-1:27.0: probe with driver snd-usb-audio failed with error -22 [ 152.511111][ T6042] udevd[6042]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 152.823767][ T7001] netlink: 40 bytes leftover after parsing attributes in process `syz.1.330'. [ 152.895079][ T8] usb 3-1: USB disconnect, device number 4 [ 153.096204][ T9] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 153.255900][ T9] usb 2-1: Using ep0 maxpacket: 16 [ 153.264730][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 153.280044][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 153.290080][ T9] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 153.302993][ T9] usb 2-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice= 0.00 [ 153.312131][ T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 153.329277][ T9] usb 2-1: config 0 descriptor?? [ 153.839795][ T9] hid (null): invalid report_size 1675959386 [ 153.860075][ T9] shield 0003:0955:7214.0003: invalid report_size 1675959386 [ 153.869078][ T9] shield 0003:0955:7214.0003: item 0 4 1 7 parsing failed [ 153.888729][ T7021] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 153.897086][ T7021] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 153.904740][ T9] shield 0003:0955:7214.0003: Parse failed [ 153.909574][ T7021] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 153.911235][ T9] shield 0003:0955:7214.0003: probe with driver shield failed with error -22 [ 153.918202][ T7021] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 154.045951][ T5819] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 154.052147][ T5836] Bluetooth: hci5: command 0x1003 tx timeout [ 154.268412][ C1] vcan0: j1939_tp_rxtimer: 0xffff888027204c00: rx timeout, send abort [ 154.277117][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888027204c00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 154.432517][ T25] usb 2-1: USB disconnect, device number 5 [ 154.575601][ T7030] evm: overlay not supported [ 155.090965][ T7039] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 155.157925][ T7043] netlink: 'syz.3.345': attribute type 10 has an invalid length. [ 155.166560][ T7043] netlink: 55 bytes leftover after parsing attributes in process `syz.3.345'. [ 155.228528][ T7044] netlink: 'syz.3.345': attribute type 2 has an invalid length. [ 155.979639][ T7052] syz.2.347: attempt to access beyond end of device [ 155.979639][ T7052] nbd2: rw=4096, sector=2, nr_sectors = 2 limit=0 [ 155.992850][ T7052] EXT4-fs (nbd2): unable to read superblock [ 156.757325][ T7060] netlink: 4 bytes leftover after parsing attributes in process `syz.3.348'. [ 156.782965][ T7061] input: syz0 as /devices/virtual/input/input9 [ 157.147246][ T7063] syz.1.349: attempt to access beyond end of device [ 157.147246][ T7063] nbd1: rw=4096, sector=0, nr_sectors = 1 limit=0 [ 157.161597][ T7063] XFS (nbd1): SB validate failed with error -5. [ 157.770202][ T7073] netlink: 'syz.2.351': attribute type 10 has an invalid length. [ 157.781630][ T7073] bridge0: port 2(bridge_slave_1) entered disabled state [ 157.789093][ T7073] bridge0: port 1(bridge_slave_0) entered disabled state [ 157.849215][ T7073] bridge0: port 2(bridge_slave_1) entered blocking state [ 157.856465][ T7073] bridge0: port 2(bridge_slave_1) entered forwarding state [ 157.863882][ T7073] bridge0: port 1(bridge_slave_0) entered blocking state [ 157.871051][ T7073] bridge0: port 1(bridge_slave_0) entered forwarding state [ 157.981099][ T7073] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 159.080807][ T7089] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 159.176539][ T7093] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 159.240808][ T7089] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 159.474698][ T7109] batman_adv: batadv0: Adding interface: ip6gretap1 [ 159.481646][ T7109] batman_adv: batadv0: The MTU of interface ip6gretap1 is too small (1434) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 159.511668][ T7109] batman_adv: batadv0: Interface activated: ip6gretap1 [ 159.591658][ T7105] capability: warning: `syz.5.361' uses deprecated v2 capabilities in a way that may be insecure [ 161.005977][ T5869] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 161.232944][ T5869] usb 3-1: Using ep0 maxpacket: 8 [ 161.377476][ T5869] usb 3-1: New USB device found, idVendor=0ccd, idProduct=10a3, bcdDevice=23.a2 [ 161.516742][ T5869] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 161.536548][ T5869] usb 3-1: Product: syz [ 161.553578][ T5869] usb 3-1: Manufacturer: syz [ 161.565038][ T5869] usb 3-1: SerialNumber: syz [ 161.583751][ T5869] usb 3-1: config 0 descriptor?? [ 162.262681][ T5869] usb read operation failed. (-71) [ 162.370476][ T5869] usb write operation failed. (-71) [ 162.389231][ T5869] usb write operation failed. (-71) [ 162.407081][ T5869] usb write operation failed. (-71) [ 162.453796][ T5869] usb 3-1: dvb_usb_v2: found a 'Terratec H7' in cold state [ 162.535145][ T5869] usb 3-1: Direct firmware load for dvb-usb-terratec-h7-az6007.fw failed with error -2 [ 162.545046][ T5869] usb 3-1: Falling back to sysfs fallback for: dvb-usb-terratec-h7-az6007.fw [ 162.845957][ T9] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 163.031324][ T9] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 163.157010][ T9] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 163.293872][ T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 163.308227][ T9] usb 1-1: config 0 descriptor?? [ 163.316201][ T9] pwc: Askey VC010 type 2 USB webcam detected. [ 163.686693][ T7168] mmap: syz.1.382 (7168) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 163.788836][ T9] pwc: recv_control_msg error -32 req 02 val 2b00 [ 163.796126][ T9] pwc: recv_control_msg error -32 req 02 val 2700 [ 163.812499][ T9] pwc: recv_control_msg error -32 req 02 val 2c00 [ 163.913205][ T7175] xt_cluster: you have exceeded the maximum number of cluster nodes (16128 > 32) [ 164.119604][ T9] pwc: recv_control_msg error -32 req 04 val 1000 [ 164.250691][ T9] pwc: recv_control_msg error -32 req 04 val 1300 [ 164.311619][ T9] pwc: recv_control_msg error -32 req 04 val 1400 [ 164.326676][ T9] pwc: recv_control_msg error -32 req 02 val 2000 [ 164.334276][ T9] pwc: recv_control_msg error -32 req 02 val 2100 [ 164.343033][ T9] pwc: recv_control_msg error -32 req 04 val 1500 [ 164.356660][ T9] pwc: recv_control_msg error -32 req 02 val 2500 [ 164.566736][ T9] pwc: recv_control_msg error -71 req 02 val 2600 [ 164.573949][ T9] pwc: recv_control_msg error -71 req 02 val 2900 [ 164.593340][ T9] pwc: recv_control_msg error -71 req 02 val 2800 [ 164.619783][ T9] pwc: recv_control_msg error -71 req 04 val 1100 [ 164.642636][ T9] pwc: recv_control_msg error -71 req 04 val 1200 [ 164.702286][ T9] pwc: Registered as video103. [ 164.753102][ T9] input: PWC snapshot button as /devices/platform/dummy_hcd.0/usb1/1-1/input/input10 [ 164.811039][ T9] usb 1-1: USB disconnect, device number 2 [ 165.219838][ T7189] Cannot find del_set index 3 as target [ 165.910467][ T29] audit: type=1326 audit(1734714795.876:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7206 comm="syz.0.393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c32185d29 code=0x7ffc0000 [ 165.983295][ T29] audit: type=1326 audit(1734714795.876:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7206 comm="syz.0.393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c32185d29 code=0x7ffc0000 [ 165.987928][ T5836] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 166.028955][ T5836] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 166.062364][ T5836] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 166.088199][ T29] audit: type=1326 audit(1734714795.906:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7206 comm="syz.0.393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7c32185d29 code=0x7ffc0000 [ 166.109461][ C0] vkms_vblank_simulate: vblank timer overrun [ 166.116628][ T29] audit: type=1326 audit(1734714795.906:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7206 comm="syz.0.393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c32185d29 code=0x7ffc0000 [ 166.147077][ T29] audit: type=1326 audit(1734714795.906:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7206 comm="syz.0.393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c32185d29 code=0x7ffc0000 [ 166.166190][ T5836] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 166.180848][ T5836] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 166.194635][ T5836] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 166.405496][ T29] audit: type=1326 audit(1734714795.906:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7206 comm="syz.0.393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f7c32185d29 code=0x7ffc0000 [ 166.426734][ C0] vkms_vblank_simulate: vblank timer overrun [ 166.560208][ T29] audit: type=1326 audit(1734714795.906:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7206 comm="syz.0.393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c32185d29 code=0x7ffc0000 [ 166.820548][ T29] audit: type=1326 audit(1734714795.906:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7206 comm="syz.0.393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c32185d29 code=0x7ffc0000 [ 166.842315][ T29] audit: type=1326 audit(1734714795.906:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7206 comm="syz.0.393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7c32185d29 code=0x7ffc0000 [ 166.886405][ T29] audit: type=1326 audit(1734714795.906:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7206 comm="syz.0.393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c32185d29 code=0x7ffc0000 [ 167.442336][ T7224] loop7: detected capacity change from 0 to 16384 [ 167.718479][ T7210] chnl_net:caif_netlink_parms(): no params data found [ 167.758598][ T7227] kvm: pic: non byte read [ 167.763097][ T7227] kvm: pic: non byte write [ 167.778690][ T7225] loop7: detected capacity change from 16384 to 16383 [ 167.798116][ T7210] bridge0: port 1(bridge_slave_0) entered blocking state [ 167.818523][ T7210] bridge0: port 1(bridge_slave_0) entered disabled state [ 167.827551][ T7210] bridge_slave_0: entered allmulticast mode [ 167.835291][ T7210] bridge_slave_0: entered promiscuous mode [ 167.843258][ T7210] bridge0: port 2(bridge_slave_1) entered blocking state [ 167.892723][ T7210] bridge0: port 2(bridge_slave_1) entered disabled state [ 167.939701][ T7210] bridge_slave_1: entered allmulticast mode [ 167.948293][ T7210] bridge_slave_1: entered promiscuous mode [ 168.370796][ T5819] Bluetooth: hci3: command tx timeout [ 168.589246][ T7210] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 168.618458][ T7210] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 168.717927][ T7210] team0: Port device team_slave_0 added [ 168.741385][ T7210] team0: Port device team_slave_1 added [ 168.886325][ T7210] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 168.915007][ T7210] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 169.030598][ T7210] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 169.205251][ T7210] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 169.221308][ T7210] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 169.257158][ T7210] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 170.231798][ T7210] hsr_slave_0: entered promiscuous mode [ 170.240101][ T7210] hsr_slave_1: entered promiscuous mode [ 170.251355][ T7210] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 170.263087][ T7210] Cannot create hsr debugfs directory [ 170.301019][ T7267] Process accounting resumed [ 170.445820][ T5819] Bluetooth: hci3: command tx timeout [ 170.454326][ T7210] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 170.652920][ T7210] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 171.227939][ T7210] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 171.339424][ T7210] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 171.600821][ T7294] netlink: 8 bytes leftover after parsing attributes in process `syz.1.416'. [ 172.650098][ T5819] Bluetooth: hci3: command tx timeout [ 173.666539][ T7210] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 174.188426][ T7210] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 174.198151][ T7210] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 174.209293][ T7210] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 174.811640][ T5819] Bluetooth: hci3: command tx timeout [ 175.792615][ T7210] 8021q: adding VLAN 0 to HW filter on device bond0 [ 176.949139][ T7210] 8021q: adding VLAN 0 to HW filter on device team0 [ 177.412490][ T3026] bridge0: port 1(bridge_slave_0) entered blocking state [ 177.419668][ T3026] bridge0: port 1(bridge_slave_0) entered forwarding state [ 177.625999][ T7334] netlink: 666 bytes leftover after parsing attributes in process `syz.0.429'. [ 178.134557][ T3026] bridge0: port 2(bridge_slave_1) entered blocking state [ 178.141739][ T3026] bridge0: port 2(bridge_slave_1) entered forwarding state [ 178.161196][ T7342] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 178.176806][ T7210] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 178.456923][ T7210] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 178.486504][ T7210] veth0_vlan: entered promiscuous mode [ 178.496146][ T7210] veth1_vlan: entered promiscuous mode [ 178.523870][ T7210] veth0_macvtap: entered promiscuous mode [ 178.532587][ T7210] veth1_macvtap: entered promiscuous mode [ 178.545559][ T7210] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 178.556854][ T7210] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 178.568063][ T7210] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 178.580259][ T7210] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 178.590228][ T7210] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 178.600755][ T7210] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 178.610717][ T7210] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 178.621214][ T7210] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 178.631146][ T7210] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 178.641750][ T7210] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 178.653156][ T7210] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 178.664355][ T7210] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 178.675131][ T7210] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 178.685212][ T7210] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 178.695903][ T7210] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 178.706309][ T7210] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 178.717077][ T7210] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 178.727170][ T7210] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 178.737832][ T7210] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 178.747885][ T7210] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 178.759000][ T7210] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 178.772753][ T7210] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 178.783098][ T7210] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 178.791973][ T7210] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 178.800995][ T7210] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 178.811243][ T7210] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 179.186929][ T7357] kvm: pic: non byte read [ 179.257524][ T7367] netlink: 32 bytes leftover after parsing attributes in process `syz.0.434'. [ 179.269447][ T3026] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 179.283029][ T3026] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 179.328633][ T6310] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 179.345202][ T6310] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 179.496721][ T29] kauditd_printk_skb: 27 callbacks suppressed [ 179.496753][ T29] audit: type=1800 audit(1734714809.456:69): pid=7372 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.2.435" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 181.683210][ T7401] netlink: 60 bytes leftover after parsing attributes in process `syz.1.442'. [ 181.692625][ T7401] unsupported nlmsg_type 40 [ 183.247028][ T7428] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 183.690324][ T7426] netlink: 28 bytes leftover after parsing attributes in process `syz.5.449'. [ 183.699450][ T7426] netlink: 28 bytes leftover after parsing attributes in process `syz.5.449'. [ 184.719412][ T7426] bond0: entered promiscuous mode [ 184.724505][ T7426] bond_slave_0: entered promiscuous mode [ 184.734218][ T7426] bond_slave_1: entered promiscuous mode [ 185.359336][ T7426] bond0: left promiscuous mode [ 185.364651][ T7426] bond_slave_0: left promiscuous mode [ 185.429274][ T7426] bond_slave_1: left promiscuous mode [ 187.463404][ T7467] syz.0.459 (7467): drop_caches: 2 [ 189.396760][ T7499] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 189.431298][ T7499] iommufd_mock iommufd_mock1: Adding to iommu group 1 [ 190.601718][ T7521] xt_l2tp: invalid flags combination: 0 [ 191.244014][ T7527] netlink: 12 bytes leftover after parsing attributes in process `syz.3.478'. [ 191.288826][ T5819] Bluetooth: hci3: command tx timeout [ 191.775414][ T7535] bridge0: port 1(bridge_slave_0) entered disabled state [ 191.784576][ T7535] bridge0: port 2(bridge_slave_1) entered disabled state [ 193.802170][ T7555] syzkaller0: entered promiscuous mode [ 193.808623][ T7555] syzkaller0: entered allmulticast mode [ 194.289163][ T7571] Invalid ELF header magic: != ELF [ 194.628834][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.635169][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.625875][ T9] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 195.868570][ T9] usb 1-1: New USB device found, idVendor=07ca, idProduct=a835, bcdDevice=21.fa [ 195.877681][ T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 195.887391][ T9] usb 1-1: config 0 descriptor?? [ 196.010532][ C0] vcan0: j1939_tp_rxtimer: 0xffff888066e11400: rx timeout, send abort [ 196.025789][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff888066e11400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 196.396965][ T9] usb 1-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 196.403423][ T9] dvb_usb_af9035 1-1:0.0: probe with driver dvb_usb_af9035 failed with error -22 [ 196.418424][ T7596] xt_bpf: check failed: parse error [ 196.608900][ T9] usb 1-1: USB disconnect, device number 3 [ 196.643691][ T7603] netlink: 47 bytes leftover after parsing attributes in process `syz.1.504'. [ 196.686063][ T5830] Bluetooth: hci1: command 0x0406 tx timeout [ 196.686130][ T5133] Bluetooth: hci2: command 0x0406 tx timeout [ 196.692104][ T5830] Bluetooth: hci4: command 0x0401 tx timeout [ 197.015967][ T5906] usb 2-1: new full-speed USB device number 6 using dummy_hcd [ 197.178845][ T5906] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 197.191050][ T5906] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 197.201021][ T5906] usb 2-1: New USB device found, idVendor=22ed, idProduct=1010, bcdDevice= 0.00 [ 197.210463][ T5906] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 197.229099][ T5906] usb 2-1: config 0 descriptor?? [ 197.735516][ T5906] hid-generic 0003:22ED:1010.0004: unknown main item tag 0x0 [ 197.749652][ T5906] hid-generic 0003:22ED:1010.0004: hidraw0: USB HID v10.00 Device [HID 22ed:1010] on usb-dummy_hcd.1-1/input0 [ 198.601064][ T9] usb 2-1: USB disconnect, device number 6 [ 199.213403][ T29] audit: type=1804 audit(1734714829.176:70): pid=7644 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.0.517" name="/newroot/110/bus/bus" dev="overlay" ino=633 res=1 errno=0 [ 200.691470][ T7664] mac80211_hwsim hwsim13 wlan1: entered allmulticast mode [ 200.756556][ T7664] netlink: 'syz.5.523': attribute type 10 has an invalid length. [ 200.773908][ T7664] mac80211_hwsim hwsim13 wlan1: left allmulticast mode [ 200.848180][ T7664] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 200.875967][ T7668] binder: 7667:7668 ioctl 4018620d 0 returned -22 [ 203.275161][ T7698] ISOFS: Unable to identify CD-ROM format. [ 203.905912][ T7704] trusted_key: syz.5.533 sent an empty control message without MSG_MORE. [ 204.551993][ T7712] devtmpfs: Cannot enable quota on remount [ 206.766610][ T7723] netlink: 8 bytes leftover after parsing attributes in process `syz.3.541'. [ 209.508473][ T7755] Process accounting resumed [ 210.017219][ T7761] netlink: 4 bytes leftover after parsing attributes in process `syz.1.553'. [ 210.176324][ T7766] netlink: 'syz.2.554': attribute type 11 has an invalid length. [ 215.740543][ T7883] bridge0: port 2(bridge_slave_1) entered disabled state [ 215.747795][ T7883] bridge0: port 1(bridge_slave_0) entered disabled state [ 215.785894][ T7883] bridge0: entered allmulticast mode [ 215.876618][ T7889] ptrace attach of "./syz-executor exec"[5822] was attempted by " \x0c ¢ã­!OÇRù\x1b#\x09‡÷Ð8çÿÆåS›2K\x07‹›8K\x09à‡Æç›3M•›rš$\x0d[gó˜~óRÀÿèÑxpŒR<’\x1b\x1b]P\x0d0\x09\x096Í;x\x0dªaØè\x09êˆ/X·\x07\x22r'·ºgàç†i¦õ¨tæ*œÍÀÓ\x0cŸ1Œ\x0d¡™;Ñ`â3ßJbœo0àeÍ[‘Í\x0aá“—75³m[\x1bcÝ 0]?Fc^°ձݩŽ-t›ç½ñû;#ÜÛPu©ª¡´iÃ\x09 3Xu'\x1b(c)Ñi“Bˆýxš£}n˜²$ýD¶[13OüUÌ‚Í:Ã.Í°Œío´Ý\x0d‹8óÍD˜¾è IA½±ö·cƒp\x5cUC*ŸÚšìT¡#n€ö¨«­êvbIkÝ»B¾kû/•é\x0aVÇ\x1b1‡bõè’BÊkü‚~}¯$QŽd[¸\x0cav ¾pÞ˜ìv©ä\x0d­GóoÙ÷ÐÔ*K_…ÌÜñoôb•Ø úq–9áõœÞ&Ƶ×K\x07Š^Ã4å®\x09Œéîpwªš†~ˆ3Iué÷4ƒ¶È/¦xÊÿÙùÛ*xiØXde&ø‰¯C¦`€W\x22†R$IßFlc+5p$?˜œÎ8ôeäa\x0c !ÖS¥R ‚·¥ Žùñºéy\x09PpAØ`B\x0cVd²y!±MÁÛˆ’ý2Э{É\x0d¨l(Ù º°_`ΠÚw¨ € ¾£|àÐÔª /’(8«J [ 216.769612][ T7883] bridge0: port 2(bridge_slave_1) entered blocking state [ 216.867896][ T7883] bridge0: port 2(bridge_slave_1) entered forwarding state [ 216.875364][ T7883] bridge0: port 1(bridge_slave_0) entered blocking state [ 216.882520][ T7883] bridge0: port 1(bridge_slave_0) entered forwarding state [ 217.486152][ T7883] bridge0: entered promiscuous mode [ 217.786467][ T7911] Cannot find map_set index 0 as target [ 218.097970][ T5827] IPVS: starting estimator thread 0... [ 218.755772][ T7921] IPVS: using max 35 ests per chain, 84000 per kthread [ 219.307129][ T7937] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 219.333938][ T7937] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 219.359070][ T7937] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 219.369290][ T7937] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 219.382370][ T7937] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 219.388691][ T7937] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 219.411262][ T7937] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 219.445846][ T7937] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 219.453792][ T7945] fuse: Bad value for 'fd' [ 219.735227][ T7937] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 219.769311][ T7937] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 219.775419][ T7937] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 219.789355][ T7937] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 219.973322][ T29] audit: type=1804 audit(1734714849.936:71): pid=7954 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.3.606" name="/newroot/32/bus/file0" dev="overlay" ino=195 res=1 errno=0 [ 220.006684][ T7951] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 220.016392][ T7951] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 220.043748][ T7951] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 220.076850][ T7951] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 220.102151][ T7951] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 220.209680][ T7965] netlink: 36 bytes leftover after parsing attributes in process `syz.1.611'. [ 220.226551][ T7965] netlink: 16 bytes leftover after parsing attributes in process `syz.1.611'. [ 220.254469][ T7965] netlink: 36 bytes leftover after parsing attributes in process `syz.1.611'. [ 220.284464][ T7965] netlink: 36 bytes leftover after parsing attributes in process `syz.1.611'. [ 220.378023][ T7969] kvm: faulting far call emulation tainted memory [ 220.398471][ T29] audit: type=1326 audit(1734714850.366:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7974 comm="syz.2.613" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3529f85d29 code=0x0 [ 220.949297][ T7986] Process accounting resumed [ 220.989464][ T29] audit: type=1804 audit(1734714850.956:73): pid=7986 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.5.617" name="/newroot/71/bus/bus" dev="overlay" ino=437 res=1 errno=0 [ 221.708984][ T8000] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 222.105857][ T5829] Bluetooth: hci4: command 0x0401 tx timeout [ 222.111949][ T5829] Bluetooth: hci2: command 0x0406 tx timeout [ 222.118667][ T5829] Bluetooth: hci1: command 0x0406 tx timeout [ 222.136410][ T5829] Bluetooth: hci3: command 0x0c1a tx timeout [ 222.142483][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout [ 223.744082][ T29] audit: type=1326 audit(1734714853.706:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8027 comm="syz.3.630" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f65b7985d29 code=0x0 [ 224.138485][ T5836] Bluetooth: hci2: command 0x0406 tx timeout [ 224.145007][ T5836] Bluetooth: hci4: command 0x0401 tx timeout [ 224.151638][ T5829] Bluetooth: hci1: command 0x0406 tx timeout [ 224.259538][ T5829] Bluetooth: hci3: command 0x0c1a tx timeout [ 224.266266][ T5819] Bluetooth: hci0: command 0x0c1a tx timeout [ 224.906809][ T8050] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 225.686929][ T5869] usb 3-1: dvb_usb_v2: Did not find the firmware file 'dvb-usb-terratec-h7-az6007.fw' (status -110). You can use /scripts/get_dvb_firmware to get the firmware [ 225.704080][ T5869] dvb_usb_az6007 3-1:0.0: probe with driver dvb_usb_az6007 failed with error -110 [ 225.726300][ T5869] usb 3-1: USB disconnect, device number 5 [ 226.256415][ T8053] capability: warning: `syz.0.638' uses 32-bit capabilities (legacy support in use) [ 226.297090][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout [ 226.303156][ T5829] Bluetooth: hci3: command 0x0c1a tx timeout [ 226.596346][ T8071] binder_alloc: 8069: binder_alloc_buf, no vma [ 227.617963][ T8093] netlink: 11 bytes leftover after parsing attributes in process `syz.0.662'. [ 227.644557][ T8093] netlink: 7 bytes leftover after parsing attributes in process `syz.0.662'. [ 228.370801][ T5819] Bluetooth: hci3: command 0x0c1a tx timeout [ 229.049934][ T8148] openvswitch: netlink: nsh attribute has 65532 unknown bytes. [ 229.057753][ T8148] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 231.602442][ T5869] usb 4-1: new low-speed USB device number 4 using dummy_hcd [ 231.895747][ T5869] usb 4-1: New USB device found, idVendor=046d, idProduct=08b1, bcdDevice=6d.2a [ 231.905492][ T5869] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 231.957370][ T5869] usb 4-1: config 0 descriptor?? [ 232.005897][ T5869] pwc: Logitech QuickCam Notebook Pro USB webcam detected. [ 232.392284][ T5869] pwc: Failed to set LED on/off time (-71) [ 232.523347][ T5869] pwc: send_video_command error -71 [ 232.551183][ T5869] pwc: Failed to set video mode VGA@30 fps; return code = -71 [ 232.590052][ T5869] Philips webcam 4-1:0.0: probe with driver Philips webcam failed with error -71 [ 232.694090][ T5869] usb 4-1: USB disconnect, device number 4 [ 232.951406][ T8168] netlink: 88 bytes leftover after parsing attributes in process `syz.2.669'. [ 235.699998][ T8198] XFS (nullb0): Invalid superblock magic number [ 235.771823][ T8230] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 237.482622][ T8255] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 237.512604][ T8265] kvm: pic: single mode not supported [ 238.848882][ T8288] syz.3.701 (8288): /proc/8288/oom_adj is deprecated, please use /proc/8288/oom_score_adj instead. [ 239.055873][ T29] audit: type=1326 audit(1734714869.006:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8293 comm="syz.0.703" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7c32185d29 code=0x0 [ 240.694060][ T965] bridge_slave_1: left allmulticast mode [ 240.842309][ T965] bridge_slave_1: left promiscuous mode [ 240.984317][ T965] bridge0: port 2(bridge_slave_1) entered disabled state [ 241.042856][ T965] bridge_slave_0: left allmulticast mode [ 241.049575][ T965] bridge_slave_0: left promiscuous mode [ 241.154059][ T965] bridge0: port 1(bridge_slave_0) entered disabled state [ 242.147745][ T965] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 242.268769][ T965] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 242.381640][ T965] bond0 (unregistering): Released all slaves [ 243.781172][ T965] hsr_slave_0: left promiscuous mode [ 243.802155][ T965] hsr_slave_1: left promiscuous mode [ 243.818378][ T965] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 243.838358][ T965] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 243.849076][ T965] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 243.865906][ T965] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 243.929582][ T965] veth1_macvtap: left promiscuous mode [ 243.929639][ T965] veth0_macvtap: left promiscuous mode [ 245.093388][ T965] team0 (unregistering): Port device team_slave_1 removed [ 245.189817][ T965] team0 (unregistering): Port device team_slave_0 removed [ 245.318108][ T8385] netlink: 32 bytes leftover after parsing attributes in process `syz.0.730'. [ 245.358670][ T8385] netlink: 124 bytes leftover after parsing attributes in process `syz.0.730'. [ 245.374946][ T8385] netlink: 508 bytes leftover after parsing attributes in process `syz.0.730'. [ 247.771924][ T8414] gfs2: not a GFS2 filesystem [ 249.796905][ T29] audit: type=1800 audit(1734714879.766:76): pid=8433 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.2.741" name="/" dev="9p" ino=2 res=0 errno=0 [ 249.938952][ T8442] syz.3.744: attempt to access beyond end of device [ 249.938952][ T8442] nbd3: rw=0, sector=64, nr_sectors = 2 limit=0 [ 249.973271][ T8442] syz.3.744: attempt to access beyond end of device [ 249.973271][ T8442] nbd3: rw=0, sector=512, nr_sectors = 2 limit=0 [ 249.995862][ T8432] nbd3: detected capacity change from 0 to 20 [ 250.004711][ T6042] block nbd3: Send control failed (result -89) [ 250.016322][ T6042] block nbd3: Request send failed, requeueing [ 250.020563][ T8442] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256 [ 250.088551][ T5819] block nbd3: Receive control failed (result -32) [ 250.095409][ T7473] block nbd3: Dead connection, failed to find a fallback [ 250.102958][ T7473] block nbd3: shutting down sockets [ 250.110755][ T7473] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 250.120280][ T7473] buffer_io_error: 7 callbacks suppressed [ 250.120297][ T7473] Buffer I/O error on dev nbd3, logical block 0, async page read [ 250.136671][ T8442] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 250.222941][ T6042] I/O error, dev nbd3, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 250.235760][ T6042] Buffer I/O error on dev nbd3, logical block 1, async page read [ 250.295996][ T8442] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=0, location=0 [ 250.766322][ T6042] I/O error, dev nbd3, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 250.793651][ T8442] I/O error, dev nbd3, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 250.823388][ T6042] Buffer I/O error on dev nbd3, logical block 2, async page read [ 250.831546][ T6042] I/O error, dev nbd3, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 250.840760][ T6042] Buffer I/O error on dev nbd3, logical block 3, async page read [ 250.883504][ T8442] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=1, location=1 [ 250.894411][ T6042] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 250.928550][ T6042] Buffer I/O error on dev nbd3, logical block 0, async page read [ 250.975942][ T8442] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512 [ 252.010218][ T6042] I/O error, dev nbd3, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 252.021227][ T6042] Buffer I/O error on dev nbd3, logical block 1, async page read [ 252.093856][ T6042] I/O error, dev nbd3, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 252.104533][ T6042] Buffer I/O error on dev nbd3, logical block 2, async page read [ 252.122540][ T6042] I/O error, dev nbd3, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 252.132427][ T6042] Buffer I/O error on dev nbd3, logical block 3, async page read [ 252.149295][ T6042] Buffer I/O error on dev nbd3, logical block 0, async page read [ 252.157283][ T6042] Buffer I/O error on dev nbd3, logical block 1, async page read [ 252.166733][ T6042] ldm_validate_partition_table(): Disk read failed. [ 252.174517][ T6042] Dev nbd3: unable to read RDB block 0 [ 252.181691][ T6042] nbd3: unable to read partition table [ 252.187627][ T6042] nbd3: partition table beyond EOD, truncated [ 252.220409][ T6042] ldm_validate_partition_table(): Disk read failed. [ 252.228437][ T6042] Dev nbd3: unable to read RDB block 0 [ 252.234727][ T6042] nbd3: unable to read partition table [ 252.240645][ T6042] nbd3: partition table beyond EOD, truncated [ 252.246016][ T8442] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256 [ 252.287185][ T8442] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=4, location=4 [ 252.327219][ T8442] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=3, location=3 [ 252.556175][ T8442] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=2, location=2 [ 252.635600][ T8442] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512 [ 252.917232][ T8442] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256 [ 252.937073][ T8442] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=1, location=1 [ 252.961774][ T8442] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=0, location=0 [ 252.977914][ T8442] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512 [ 252.988216][ T8442] UDF-fs: warning (device nbd3): udf_fill_super: No partition found (1) [ 253.208968][ T8476] netlink: 'syz.5.757': attribute type 1 has an invalid length. [ 253.312223][ T8476] bond1: (slave ip6gretap1): Enslaving as a backup interface with an up link [ 253.333887][ T8483] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem [ 253.416218][ T8485] veth0_to_team: entered promiscuous mode [ 253.425790][ T8485] veth0_to_team: entered allmulticast mode [ 253.513664][ T8492] netlink: 4 bytes leftover after parsing attributes in process `syz.2.760'. [ 253.796815][ T8487] tipc: Started in network mode [ 254.176280][ T8487] tipc: Node identity ac14140f, cluster identity 4711 [ 254.186486][ T8487] tipc: New replicast peer: 255.255.255.255 [ 254.249051][ T8487] tipc: Enabled bearer , priority 10 [ 255.355865][ T5869] tipc: Node number set to 2886997007 [ 255.865736][ T8] kernel write not supported for file [eventfd] (pid: 8 comm: kworker/0:0) [ 256.046510][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.052843][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 258.028575][ T8542] kvm: user requested TSC rate below hardware speed [ 260.472000][ T8574] random: crng reseeded on system resumption [ 262.417192][ T29] audit: type=1326 audit(1734714892.306:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8588 comm="syz.2.786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3529f85d29 code=0x7ffc0000 [ 262.478172][ T29] audit: type=1326 audit(1734714892.306:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8588 comm="syz.2.786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3529f85d29 code=0x7ffc0000 [ 262.503079][ T29] audit: type=1326 audit(1734714892.306:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8588 comm="syz.2.786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3529f85d29 code=0x7ffc0000 [ 262.528039][ T29] audit: type=1326 audit(1734714892.306:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8588 comm="syz.2.786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3529f85d29 code=0x7ffc0000 [ 262.555814][ T29] audit: type=1326 audit(1734714892.306:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8588 comm="syz.2.786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f3529f847df code=0x7ffc0000 [ 262.579147][ T29] audit: type=1326 audit(1734714892.306:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8588 comm="syz.2.786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3529f85d29 code=0x7ffc0000 [ 262.602666][ T29] audit: type=1326 audit(1734714892.306:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8588 comm="syz.2.786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3529f85d29 code=0x7ffc0000 [ 262.743861][ T8429] syz.3.739 (8429) used greatest stack depth: 19216 bytes left [ 262.758861][ T29] audit: type=1326 audit(1734714892.306:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8588 comm="syz.2.786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3529f85d29 code=0x7ffc0000 [ 262.780328][ T29] audit: type=1326 audit(1734714892.306:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8588 comm="syz.2.786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3529f85d29 code=0x7ffc0000 [ 262.801803][ T29] audit: type=1326 audit(1734714892.306:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8588 comm="syz.2.786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f3529f85d29 code=0x7ffc0000 [ 263.011683][ T8598] netlink: 16 bytes leftover after parsing attributes in process `syz.5.790'. [ 263.475694][ T8] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 263.819140][ T8610] mac80211_hwsim hwsim13 wlan1: Device is already in use. [ 263.842640][ T8] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 263.852357][ T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 263.885400][ T8] usb 3-1: config 0 descriptor?? [ 263.894015][ T8] cp210x 3-1:0.0: cp210x converter detected [ 265.003605][ T8] cp210x 3-1:0.0: failed to get vendor val 0x3711 size 2: -32 [ 265.011354][ T8] cp210x 3-1:0.0: GPIO initialisation failed: -32 [ 265.132134][ T8] usb 3-1: cp210x converter now attached to ttyUSB0 [ 265.240862][ T5869] usb 3-1: USB disconnect, device number 6 [ 265.251400][ T5869] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 265.259689][ T5869] cp210x 3-1:0.0: device disconnected [ 265.741635][ T5867] usb 2-1: new full-speed USB device number 7 using dummy_hcd [ 265.907894][ T5867] usb 2-1: config 2 has an invalid interface number: 186 but max is 0 [ 265.917160][ T5867] usb 2-1: config 2 has no interface number 0 [ 265.923383][ T5867] usb 2-1: config 2 interface 186 has no altsetting 0 [ 265.946600][ T8646] overlayfs: statfs failed on './file0' [ 265.963447][ T5867] usb 2-1: New USB device found, idVendor=0423, idProduct=000a, bcdDevice=8c.8f [ 265.979814][ T5867] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 265.995947][ T5867] usb 2-1: Product: syz [ 266.000391][ T5867] usb 2-1: Manufacturer: syz [ 266.005018][ T5867] usb 2-1: SerialNumber: syz [ 266.474277][ T5867] catc 2-1:2.186: Can't set altsetting 1. [ 266.480334][ T5867] catc 2-1:2.186: probe with driver catc failed with error -5 [ 266.628796][ T5867] usb 2-1: USB disconnect, device number 7 [ 268.620857][ T29] kauditd_printk_skb: 24 callbacks suppressed [ 268.620910][ T29] audit: type=1326 audit(1734714898.586:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8691 comm="syz.0.822" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7c32185d29 code=0x0 [ 270.441985][ T5867] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 270.776011][ T5867] usb 4-1: Using ep0 maxpacket: 32 [ 271.003790][ T8687] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 271.040082][ T5867] usb 4-1: config 32 has an invalid descriptor of length 0, skipping remainder of the config [ 271.054517][ T5867] usb 4-1: config 32 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 5 [ 271.105427][ T5867] usb 4-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00 [ 271.122724][ T5867] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 271.161142][ T5867] usbhid 4-1:32.0: couldn't find an input interrupt endpoint [ 271.209828][ T8712] kexec: Could not allocate control_code_buffer [ 271.348984][ T8722] netlink: 104 bytes leftover after parsing attributes in process `syz.0.828'. [ 272.505193][ T8721] ecryptfs: Unknown parameter '/dev/sr0' [ 272.968670][ T5867] usb 4-1: USB disconnect, device number 5 [ 273.785798][ T5867] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 274.094477][ T5867] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 274.106242][ T5867] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 274.117490][ T5867] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 274.140704][ T5867] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 274.157270][ T5867] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 274.167465][ T5867] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 274.177819][ T5867] usb 3-1: config 0 descriptor?? [ 274.183329][ T8738] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 275.138549][ T5869] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 275.788270][ T5869] usb 2-1: Using ep0 maxpacket: 32 [ 275.807039][ T5869] usb 2-1: config 67 has too many interfaces: 229, using maximum allowed: 32 [ 275.834621][ T5869] usb 2-1: config 67 has 1 interface, different from the descriptor's value: 229 [ 275.838679][ T5867] plantronics 0003:047F:FFFF.0005: unknown main item tag 0xd [ 275.853189][ T5867] plantronics 0003:047F:FFFF.0005: No inputs registered, leaving [ 275.863883][ T5867] plantronics 0003:047F:FFFF.0005: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 275.895013][ T5869] usb 2-1: config 67 has no interface number 0 [ 275.915713][ T5869] usb 2-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8 [ 275.929591][ T5869] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 275.941200][ T5869] usb 2-1: Product: syz [ 275.945420][ T5869] usb 2-1: Manufacturer: syz [ 275.960512][ T5869] usb 2-1: SerialNumber: syz [ 275.991400][ T5869] usb 2-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state [ 276.004369][ T5869] usb 2-1: selecting invalid altsetting 1 [ 276.022849][ T5869] usb 2-1: dvb_usb_ce6230: usb_set_interface() failed=-22 [ 276.040216][ T5869] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 276.093151][ T5869] dvbdev: DVB: registering new adapter (Intel CE9500 reference design) [ 276.113268][ T5869] usb 2-1: media controller created [ 276.125632][ T5869] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 276.285833][ T5819] Bluetooth: hci4: command 0x0401 tx timeout [ 276.524609][ T8743] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 276.615378][ T8743] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 276.670947][ T8743] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 276.687980][ T8743] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 276.701598][ T5869] usb 2-1: dvb_usb_ce6230: usb_control_msg() failed=-32 [ 276.711526][ T8] usb 3-1: USB disconnect, device number 7 [ 276.713173][ T5869] zl10353_read_register: readreg error (reg=127, ret==-32) [ 276.926070][ T5869] usb 2-1: dvb_usb_ce6230: usb_set_interface() failed=-71 [ 276.959341][ T5869] usb 2-1: USB disconnect, device number 8 [ 278.796843][ T8804] netlink: 4 bytes leftover after parsing attributes in process `syz.1.850'. [ 278.851909][ T8804] netlink: 4 bytes leftover after parsing attributes in process `syz.1.850'. [ 283.065860][ T5869] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 283.452396][ T29] audit: type=1326 audit(1734714913.416:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8865 comm="syz.0.869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c32185d29 code=0x7ffc0000 [ 283.493179][ T5869] usb 2-1: unable to get BOS descriptor or descriptor too short [ 283.518718][ T5869] usb 2-1: unable to read config index 0 descriptor/start: -71 [ 283.527022][ T5869] usb 2-1: can't read configurations, error -71 [ 283.597676][ T29] audit: type=1326 audit(1734714913.466:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8865 comm="syz.0.869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c32185d29 code=0x7ffc0000 [ 283.630968][ T29] audit: type=1326 audit(1734714913.486:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8865 comm="syz.0.869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7c32185d29 code=0x7ffc0000 [ 283.656305][ T29] audit: type=1326 audit(1734714913.486:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8865 comm="syz.0.869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c32185d29 code=0x7ffc0000 [ 283.696811][ T29] audit: type=1326 audit(1734714913.486:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8865 comm="syz.0.869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c32185d29 code=0x7ffc0000 [ 283.732258][ T29] audit: type=1326 audit(1734714913.546:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8865 comm="syz.0.869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f7c32185d29 code=0x7ffc0000 [ 283.772497][ T29] audit: type=1326 audit(1734714913.546:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8865 comm="syz.0.869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c32185d29 code=0x7ffc0000 [ 283.812010][ T29] audit: type=1326 audit(1734714913.546:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8865 comm="syz.0.869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c32185d29 code=0x7ffc0000 [ 283.885318][ T29] audit: type=1326 audit(1734714913.546:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8865 comm="syz.0.869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7c32185d29 code=0x7ffc0000 [ 284.170957][ T29] audit: type=1326 audit(1734714913.546:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8865 comm="syz.0.869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c32185d29 code=0x7ffc0000 [ 284.222220][ T8875] kvm: kvm [8873]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xff [ 284.268489][ T8875] kvm: kvm [8873]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xff [ 284.306997][ T8875] kvm: kvm [8873]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xff [ 284.370226][ T8875] kvm: kvm [8873]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xff [ 284.404841][ T8891] Bluetooth: MGMT ver 1.23 [ 284.431321][ T8875] kvm: kvm [8873]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xff [ 284.455580][ T8875] kvm: kvm [8873]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xff [ 284.475510][ T8875] kvm: kvm [8873]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xff [ 284.501734][ T8875] kvm: kvm [8873]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xff [ 284.536709][ T8875] kvm: kvm [8873]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xff [ 284.649069][ T8875] kvm: kvm [8873]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xff [ 285.687398][ T8927] ieee802154 phy0 wpan0: encryption failed: -22 [ 285.696903][ T8927] netlink: 20 bytes leftover after parsing attributes in process `syz.3.886'. [ 285.705939][ T8927] netlink: 24 bytes leftover after parsing attributes in process `syz.3.886'. [ 287.626600][ T8966] IPVS: Error connecting to the multicast addr [ 289.018331][ T8988] omfs: Invalid superblock (0) [ 289.344636][ T8991] binder: Binderfs stats mode cannot be changed during a remount [ 290.888332][ T9016] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 290.994958][ T9016] Cannot find add_set index 0 as target [ 291.004173][ T9018] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 291.179318][ T9] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 291.586646][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 291.600508][ T9] usb 3-1: New USB device found, idVendor=05ac, idProduct=0265, bcdDevice= 0.00 [ 291.610014][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 291.626267][ T9] usb 3-1: config 0 descriptor?? [ 292.399638][ T9033] Option 'TX¼÷Æ®€' to dns_resolver key: bad/missing value [ 292.505904][ T25] usb 4-1: new full-speed USB device number 6 using dummy_hcd [ 292.531644][ T9] magicmouse 0003:05AC:0265.0006: unknown main item tag 0x5 [ 292.567242][ T9] magicmouse 0003:05AC:0265.0006: hidraw0: USB HID v0.00 Device [HID 05ac:0265] on usb-dummy_hcd.2-1/input0 [ 292.636890][ T9045] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 292.677111][ T25] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 292.687810][ T25] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 292.702252][ T25] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 292.711643][ T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 292.721770][ T25] usb 4-1: Product: syz [ 292.726972][ T25] usb 4-1: Manufacturer: syz [ 292.731726][ T25] usb 4-1: SerialNumber: syz [ 292.732427][ T9] usb 3-1: USB disconnect, device number 8 [ 292.970095][ T25] usb 4-1: 0:2 : does not exist [ 293.028940][ T25] usb 4-1: 5:0: failed to get current value for ch 0 (-22) [ 293.290839][ T25] usb 4-1: USB disconnect, device number 6 [ 293.537228][ T6042] udevd[6042]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 293.623603][ T9069] Bluetooth: MGMT ver 1.23 [ 293.922474][ T9085] netlink: 20 bytes leftover after parsing attributes in process `syz.3.937'. [ 294.387055][ T9085] Driver unsupported XDP return value 0 on prog (id 203) dev N/A, expect packet loss! [ 301.200859][ C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 301.222746][ T9161] netlink: 8 bytes leftover after parsing attributes in process `syz.5.958'. [ 301.232399][ T9161] netlink: 8 bytes leftover after parsing attributes in process `syz.5.958'. [ 301.289907][ T9163] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 303.173778][ T9195] PKCS7: Unknown OID: [4] 2.19.13055.170809666(bad) [ 303.180718][ T9195] PKCS7: Only support pkcs7_signedData type [ 310.121364][ T9248] netlink: 8 bytes leftover after parsing attributes in process `syz.2.979'. [ 310.158008][ T9248] netlink: 8 bytes leftover after parsing attributes in process `syz.2.979'. [ 311.213863][ T29] kauditd_printk_skb: 25 callbacks suppressed [ 311.213886][ T29] audit: type=1800 audit(1734714941.166:147): pid=9276 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.5.987" name="/" dev="9p" ino=2 res=0 errno=0 [ 311.856079][ T5906] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 312.151101][ T5906] usb 1-1: Using ep0 maxpacket: 32 [ 312.164705][ T5906] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 23, changing to 8 [ 312.176479][ T5906] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 42119, setting to 1024 [ 312.625785][ T5906] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 312.634880][ T5906] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 312.666462][ T9290] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 312.676898][ T5906] hub 1-1:4.0: USB hub found [ 312.723940][ T9301] binder: 9298:9301 ioctl c0306201 20000680 returned -14 [ 312.890016][ T5906] hub 1-1:4.0: 7 ports detected [ 312.895267][ T5906] hub 1-1:4.0: insufficient power available to use all downstream ports [ 313.102204][ T5906] hub 1-1:4.0: hub_hub_status failed (err = -71) [ 313.109190][ T5906] hub 1-1:4.0: config failed, can't get hub status (err -71) [ 313.136466][ T5906] usb 1-1: USB disconnect, device number 4 [ 314.111966][ T9315] block device autoloading is deprecated and will be removed. [ 314.156169][ T9315] syz.5.1000: attempt to access beyond end of device [ 314.156169][ T9315] md0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 314.800657][ T29] audit: type=1326 audit(1734714944.576:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9324 comm="syz.1.1005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d63f85d29 code=0x7ffc0000 [ 315.575784][ T29] audit: type=1326 audit(1734714944.576:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9324 comm="syz.1.1005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d63f85d29 code=0x7ffc0000 [ 315.729091][ T29] audit: type=1326 audit(1734714944.576:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9324 comm="syz.1.1005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4d63f85d29 code=0x7ffc0000 [ 315.756618][ T29] audit: type=1326 audit(1734714944.576:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9324 comm="syz.1.1005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d63f85d29 code=0x7ffc0000 [ 316.243145][ T29] audit: type=1326 audit(1734714944.576:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9324 comm="syz.1.1005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d63f85d29 code=0x7ffc0000 [ 317.209066][ T29] audit: type=1326 audit(1734714944.576:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9324 comm="syz.1.1005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4d63f85d29 code=0x7ffc0000 [ 317.959329][ T29] audit: type=1326 audit(1734714944.576:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9324 comm="syz.1.1005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d63f85d29 code=0x7ffc0000 [ 317.981150][ T29] audit: type=1326 audit(1734714944.576:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9324 comm="syz.1.1005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d63f85d29 code=0x7ffc0000 [ 318.002889][ T29] audit: type=1326 audit(1734714944.576:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9324 comm="syz.1.1005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f4d63f85d29 code=0x7ffc0000 [ 318.025043][ T29] audit: type=1326 audit(1734714944.576:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9324 comm="syz.1.1005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d63f85d29 code=0x7ffc0000 [ 318.046938][ T29] audit: type=1326 audit(1734714944.576:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9324 comm="syz.1.1005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d63f85d29 code=0x7ffc0000 [ 318.068727][ T29] audit: type=1326 audit(1734714944.576:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9324 comm="syz.1.1005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f4d63f85d29 code=0x7ffc0000 [ 318.090304][ T29] audit: type=1326 audit(1734714944.576:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9324 comm="syz.1.1005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d63f85d29 code=0x7ffc0000 [ 318.111893][ T29] audit: type=1326 audit(1734714944.576:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9324 comm="syz.1.1005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d63f85d29 code=0x7ffc0000 [ 318.140661][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 318.147069][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 318.931838][ T9363] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1012'. [ 319.417557][ T9345] kvm_pr_unimpl_wrmsr: 5 callbacks suppressed [ 319.417583][ T9345] kvm: kvm [9344]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xa00000000 [ 319.458043][ T9345] kvm: kvm [9344]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x250000f7ff [ 319.605124][ T9345] kvm: kvm [9344]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x250000ffff [ 321.310885][ T9381] Attempt to restore checkpoint with obsolete wellknown handles [ 324.715763][ T9] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 325.056977][ T9] usb 2-1: Using ep0 maxpacket: 8 [ 325.063662][ T9] usb 2-1: config 0 has an invalid interface number: 143 but max is 0 [ 325.074684][ T9] usb 2-1: config 0 has no interface number 0 [ 325.081162][ T9] usb 2-1: New USB device found, idVendor=2058, idProduct=1005, bcdDevice=c1.9b [ 325.101800][ T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 325.116432][ T9447] team0: Port device virt_wifi0 added [ 325.138004][ T9] usb 2-1: config 0 descriptor?? [ 325.210836][ T29] kauditd_printk_skb: 20 callbacks suppressed [ 325.210882][ T29] audit: type=1804 audit(1734714955.146:182): pid=9448 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.3.1035" name="/newroot/115/file1" dev="fuse" ino=1 res=1 errno=0 [ 325.380007][ T9] viperboard 2-1:0.143: version 0.00 found at bus 002 address 011 [ 326.238380][ T9] viperboard-i2c viperboard-i2c.2.auto: failure setting i2c_bus_freq to 100 [ 326.247342][ T9] viperboard-i2c viperboard-i2c.2.auto: probe with driver viperboard-i2c failed with error -5 [ 326.263630][ T9457] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1041'. [ 326.267815][ T9] usb 2-1: USB disconnect, device number 11 [ 326.372824][ T9461] tap0: tun_chr_ioctl cmd 35111 [ 326.647895][ T9472] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1046'. [ 327.904273][ T9493] syzkaller0: entered promiscuous mode [ 328.020799][ T9494] syz.0.1051: attempt to access beyond end of device [ 328.020799][ T9494] md0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 328.063981][ T9493] syzkaller0: entered allmulticast mode [ 328.915733][ T25] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 329.236193][ T25] usb 3-1: Using ep0 maxpacket: 16 [ 329.246149][ T25] usb 3-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=7b.55 [ 329.255345][ T25] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 329.263572][ T25] usb 3-1: Product: syz [ 329.267894][ T25] usb 3-1: Manufacturer: syz [ 329.272509][ T25] usb 3-1: SerialNumber: syz [ 329.279861][ T25] usb 3-1: config 0 descriptor?? [ 329.306804][ T25] usb 3-1: Warning: ath10k USB support is incomplete, don't expect anything to work! [ 329.614071][ T5836] Bluetooth: hci2: unexpected event for opcode 0x1004 [ 329.615359][ T8127] usb 3-1: Failed to submit usb control message: -71 [ 329.697811][ T8] usb 3-1: USB disconnect, device number 9 [ 329.727418][ T8127] usb 3-1: unable to send the bmi data to the device: -71 [ 329.845743][ T8127] usb 3-1: unable to get target info from device [ 329.850861][ T9504] tipc: Started in network mode [ 329.852115][ T8127] usb 3-1: could not get target info (-71) [ 329.862895][ T8127] usb 3-1: could not probe fw (-71) [ 329.863526][ T9504] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711 [ 329.908719][ T9504] tipc: Enabled bearer , priority 0 [ 330.043783][ T9510] kvm: kvm [9509]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x800 [ 330.059863][ T9510] kvm: kvm [9509]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x11e) = 0x0 [ 330.083429][ T9510] kvm: kvm [9509]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x187) = 0x800 [ 330.707008][ T9531] syzkaller0: entered promiscuous mode [ 330.712553][ T9531] syzkaller0: entered allmulticast mode [ 331.475934][ T5867] tipc: Node number set to 11578026 [ 333.635021][ T5865] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 333.655802][ T5836] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 333.664148][ T5836] Bluetooth: hci2: Injecting HCI hardware error event [ 333.671112][ T5836] Bluetooth: hci2: hardware error 0x00 [ 333.795713][ T5865] usb 3-1: Using ep0 maxpacket: 16 [ 333.803059][ T5865] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 333.819437][ T5865] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 333.831895][ T5865] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00 [ 333.872394][ T5865] usb 3-1: New USB device strings: Mfr=236, Product=255, SerialNumber=0 [ 333.885461][ T5865] usb 3-1: Product: syz [ 333.896351][ T5865] usb 3-1: Manufacturer: syz [ 333.912974][ T5865] usb 3-1: config 0 descriptor?? [ 334.357160][ T5865] kovaplus 0003:1E7D:2D50.0007: unknown main item tag 0xd [ 334.413591][ T5865] kovaplus 0003:1E7D:2D50.0007: hidraw0: USB HID v0.07 Device [syz syz] on usb-dummy_hcd.2-1/input0 [ 334.763597][ T5865] kovaplus 0003:1E7D:2D50.0007: couldn't init struct kovaplus_device [ 334.773634][ T5865] kovaplus 0003:1E7D:2D50.0007: couldn't install mouse [ 334.782520][ T5865] kovaplus 0003:1E7D:2D50.0007: probe with driver kovaplus failed with error -5 [ 335.879591][ T5836] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 336.325476][ T5867] usb 3-1: USB disconnect, device number 10 [ 337.702580][ T9645] 9p: Unknown Cache mode or invalid value l [ 339.224292][ T9664] JFS: discard option not supported on device [ 339.232338][ T9664] syz.5.1099: attempt to access beyond end of device [ 339.232338][ T9664] loop5: rw=0, sector=64, nr_sectors = 8 limit=0 [ 339.246567][ T9664] syz.5.1099: attempt to access beyond end of device [ 339.246567][ T9664] loop5: rw=0, sector=120, nr_sectors = 8 limit=0 [ 339.260145][ T9664] Mount JFS Failure: -5 [ 339.264464][ T9664] jfs_mount failed w/return code = -5 [ 342.068185][ T9699] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 342.072124][ T9699] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 348.101135][ T9780] syz.3.1134[9780] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 348.101229][ T9780] syz.3.1134[9780] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 348.155402][ T9780] syz.3.1134[9780] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 348.500500][ T9790] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 348.658232][ T9795] rtc_cmos 00:00: Alarms can be up to one day in the future [ 350.485514][ T9804] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1140'. [ 350.843358][ T5867] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 351.034378][ T5867] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 351.063704][ T5867] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 351.199086][ T5867] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 351.225986][ T5867] usb 2-1: config 0 descriptor?? [ 351.238134][ T5867] pwc: Askey VC010 type 2 USB webcam detected. [ 352.064589][ T5867] pwc: recv_control_msg error -32 req 02 val 2b00 [ 352.072400][ T5867] pwc: recv_control_msg error -32 req 02 val 2700 [ 352.085750][ T5867] pwc: recv_control_msg error -32 req 02 val 2c00 [ 352.092690][ T5867] pwc: recv_control_msg error -32 req 04 val 1000 [ 352.100233][ T5867] pwc: recv_control_msg error -32 req 04 val 1300 [ 352.142411][ T5867] pwc: recv_control_msg error -32 req 04 val 1400 [ 352.171337][ T9832] sctp: [Deprecated]: syz.5.1148 (pid 9832) Use of int in maxseg socket option. [ 352.171337][ T9832] Use struct sctp_assoc_value instead [ 352.198107][ T5867] pwc: recv_control_msg error -32 req 02 val 2000 [ 352.422317][ T5867] pwc: recv_control_msg error -32 req 04 val 1500 [ 352.430222][ T5867] pwc: recv_control_msg error -32 req 02 val 2500 [ 352.955104][ T5867] pwc: recv_control_msg error -32 req 02 val 2400 [ 353.373084][ T5867] pwc: recv_control_msg error -71 req 02 val 2900 [ 353.385762][ T5867] pwc: recv_control_msg error -71 req 02 val 2800 [ 353.396838][ T5867] pwc: recv_control_msg error -71 req 04 val 1100 [ 353.680058][ T5867] pwc: recv_control_msg error -71 req 04 val 1200 [ 353.784728][ T5867] pwc: Registered as video103. [ 353.826721][ T5867] input: PWC snapshot button as /devices/platform/dummy_hcd.1/usb2/2-1/input/input14 [ 353.875055][ T5867] usb 2-1: USB disconnect, device number 12 [ 354.195136][ T9859] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 354.221570][ T9859] CIFS mount error: No usable UNC path provided in device string! [ 354.221570][ T9859] [ 354.231687][ T9859] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 356.569617][ T9882] xt_socket: unknown flags 0xc [ 361.848991][ T9956] syzkaller0: entered allmulticast mode [ 364.882703][T10006] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 365.611937][T10016] pim6reg1: entered promiscuous mode [ 365.625725][T10016] pim6reg1: entered allmulticast mode [ 365.646468][T10016] syzkaller0: entered allmulticast mode [ 366.117323][T10033] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1202'. [ 366.332720][T10045] tipc: Started in network mode [ 366.337907][T10045] tipc: Node identity 4, cluster identity 4711 [ 366.344206][T10045] tipc: Node number set to 4 [ 367.226128][ T5836] Bluetooth: hci0: unexpected event for opcode 0x0c22 [ 370.307844][ T5836] Bluetooth: hci4: Malformed Event: 0x02 [ 370.799644][T10116] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1224'. [ 372.422418][T10137] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 374.115812][T10143] TCP: out of memory -- consider tuning tcp_mem [ 374.170297][T10143] TCP: out of memory -- consider tuning tcp_mem [ 374.934529][ T5836] Bluetooth: hci4: ACL packet for unknown connection handle 201 [ 378.900402][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.906865][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 381.065028][ T5819] Bluetooth: hci3: command 0x0c1a tx timeout [ 381.132827][ T29] audit: type=1804 audit(1734719106.100:183): pid=10239 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.1.1260" name="/newroot/258/bus/file0" dev="overlay" ino=1436 res=1 errno=0 [ 381.551393][T10250] xt_CT: You must specify a L4 protocol and not use inversions on it [ 383.072398][T10264] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1269'. [ 383.096098][ T25] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 383.398951][ T25] usb 2-1: Using ep0 maxpacket: 8 [ 383.921504][ T25] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 383.943012][ T25] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 383.953296][ T25] usb 2-1: config 16 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 383.964484][ T25] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 383.978153][ T25] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 383.987609][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 384.006692][ T25] usbtmc 2-1:16.0: bulk endpoints not found [ 384.432986][ T8] usb 2-1: USB disconnect, device number 13 [ 385.604382][ T5865] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 385.620104][ T5865] hid-generic 0000:0000:0000.0008: hidraw0: HID v0.00 Device [syz1] on syz0 [ 385.629167][T10314] binder: BINDER_SET_CONTEXT_MGR already set [ 385.635986][T10314] binder: 10313:10314 ioctl 4018620d 20000040 returned -16 [ 385.834726][ T25] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 385.895868][ T5869] usb 4-1: new full-speed USB device number 7 using dummy_hcd [ 386.036459][ T25] usb 2-1: Using ep0 maxpacket: 32 [ 386.052055][ T25] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 23, changing to 8 [ 386.063551][ T25] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 42119, setting to 1024 [ 386.075487][ T25] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 386.084969][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 386.097271][T10310] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 386.110441][ T25] hub 2-1:4.0: USB hub found [ 386.263381][ T5869] usb 4-1: unable to get BOS descriptor or descriptor too short [ 386.508095][ T5869] usb 4-1: no configurations [ 386.513224][ T5869] usb 4-1: can't read configurations, error -22 [ 386.529214][ T25] hub 2-1:4.0: 7 ports detected [ 386.535023][ T25] hub 2-1:4.0: insufficient power available to use all downstream ports [ 387.508503][ T25] hub 2-1:4.0: hub_hub_status failed (err = -71) [ 387.514891][ T25] hub 2-1:4.0: config failed, can't get hub status (err -71) [ 387.546702][ T25] usb 2-1: USB disconnect, device number 14 [ 388.625729][ T8] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 389.821190][ T8] usb 3-1: Using ep0 maxpacket: 32 [ 390.763635][ T8] usb 3-1: New USB device found, idVendor=0421, idProduct=0223, bcdDevice=b1.bd [ 390.773019][ T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 390.782831][ T8] usb 3-1: Product: syz [ 390.787341][ T8] usb 3-1: Manufacturer: syz [ 390.792054][ T8] usb 3-1: SerialNumber: syz [ 390.801450][ T8] usb 3-1: config 0 descriptor?? [ 390.811180][ T8] usb 3-1: bad CDC descriptors [ 390.818373][ T8] cdc_acm 3-1:0.0: Control and data interfaces are not separated! [ 390.827655][ T8] cdc_acm 3-1:0.0: This needs exactly 3 endpoints [ 390.834203][ T8] cdc_acm 3-1:0.0: probe with driver cdc_acm failed with error -22 [ 391.306054][ T8] usb 3-1: USB disconnect, device number 11 [ 392.188714][ T5827] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 392.348571][ T5827] usb 4-1: Using ep0 maxpacket: 16 [ 392.362064][ T5827] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 392.383395][ T5827] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 392.413892][ T5827] usb 4-1: New USB device found, idVendor=0b43, idProduct=0003, bcdDevice= 0.00 [ 392.443258][ T5827] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 392.468598][ T9] usb 3-1: new full-speed USB device number 12 using dummy_hcd [ 392.480057][ T5827] usb 4-1: config 0 descriptor?? [ 392.602320][T10403] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1314'. [ 392.615949][ T9] usb 3-1: device descriptor read/64, error -71 [ 392.680406][ T29] audit: type=1800 audit(1734719117.640:184): pid=10404 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.0.1315" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 392.906063][ T5827] smartjoyplus 0003:0B43:0003.0009: unknown main item tag 0x0 [ 392.947095][ T5827] smartjoyplus 0003:0B43:0003.0009: unknown main item tag 0x0 [ 392.994500][ T5827] smartjoyplus 0003:0B43:0003.0009: unknown main item tag 0x0 [ 393.042408][ T5827] smartjoyplus 0003:0B43:0003.0009: unknown main item tag 0x0 [ 393.116965][ T5827] smartjoyplus 0003:0B43:0003.0009: unknown main item tag 0x0 [ 393.301392][ T5827] smartjoyplus 0003:0B43:0003.0009: hidraw0: USB HID v0.00 Device [HID 0b43:0003] on usb-dummy_hcd.3-1/input0 [ 393.327890][ T5827] smartjoyplus 0003:0B43:0003.0009: no output reports found [ 393.386723][ T5827] usb 4-1: USB disconnect, device number 9 [ 393.523904][T10418] binder: 10417:10418 ioctl c0306201 20000380 returned -14 [ 394.041834][T10435] afs: Bad value for 'flock' [ 395.568081][T10452] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1330'. [ 397.695827][ T5867] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 398.200476][ T5867] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16 [ 398.233369][ T5867] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64 [ 398.378039][ T5867] usb 4-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32 [ 398.499764][ T5867] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 398.659498][ T5867] usb 4-1: Product: syz [ 398.687841][ T5867] usb 4-1: Manufacturer: syz [ 398.713915][ T5867] usb 4-1: SerialNumber: syz [ 398.733392][ T5867] usb 4-1: config 0 descriptor?? [ 398.748762][T10479] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 398.759699][T10479] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 398.979935][T10479] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 398.988476][T10479] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 399.616112][T10479] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1340'. [ 399.729056][ T5867] dm9601: No valid MAC address in EEPROM, using 00:00:00:00:00:00 [ 399.750432][ T5867] dm9601 4-1:0.0 (unnamed net_device) (uninitialized): Error reading chip ID [ 399.764773][ T5867] usb 4-1: USB disconnect, device number 10 [ 400.735781][T10521] netlink: 'syz.2.1349': attribute type 1 has an invalid length. [ 402.626847][ T8141] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 404.106353][ T8141] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 404.142139][ T5829] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 404.149601][ T5829] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 404.159469][ T5829] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 404.167400][ T5829] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 404.223880][ T5829] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 404.231400][ T5829] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 404.468256][ T8141] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 405.083957][T10567] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 405.420032][ T8141] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 405.892393][T10585] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1367'. [ 405.901547][T10585] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1367'. [ 405.910648][T10585] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1367'. [ 406.638724][ T5829] Bluetooth: hci3: command tx timeout [ 406.792539][T10559] chnl_net:caif_netlink_parms(): no params data found [ 407.225361][ T8141] bridge_slave_1: left allmulticast mode [ 407.289033][ T8141] bridge_slave_1: left promiscuous mode [ 407.294831][ T8141] bridge0: port 2(bridge_slave_1) entered disabled state [ 407.328138][ T8141] bridge_slave_0: left allmulticast mode [ 407.333993][ T8141] bridge_slave_0: left promiscuous mode [ 407.466127][ T8141] bridge0: port 1(bridge_slave_0) entered disabled state [ 407.974106][ T8141] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 407.991237][ T8141] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 408.011550][ T8141] bond0 (unregistering): Released all slaves [ 408.090320][T10613] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1374'. [ 408.106987][T10559] bridge0: port 1(bridge_slave_0) entered blocking state [ 408.114218][T10559] bridge0: port 1(bridge_slave_0) entered disabled state [ 408.121818][T10559] bridge_slave_0: entered allmulticast mode [ 408.128929][T10559] bridge_slave_0: entered promiscuous mode [ 408.147761][T10559] bridge0: port 2(bridge_slave_1) entered blocking state [ 408.154985][T10559] bridge0: port 2(bridge_slave_1) entered disabled state [ 408.162437][T10559] bridge_slave_1: entered allmulticast mode [ 408.169428][T10559] bridge_slave_1: entered promiscuous mode [ 408.254738][T10559] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 408.279444][T10559] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 408.312050][T10559] team0: Port device team_slave_0 added [ 408.338388][T10559] team0: Port device team_slave_1 added [ 408.436541][T10630] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1376'. [ 408.446093][T10630] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1376'. [ 409.206998][ T5829] Bluetooth: hci3: command tx timeout [ 409.843186][T10559] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 409.865018][T10559] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 409.899515][T10559] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 410.304830][ T8141] hsr_slave_0: left promiscuous mode [ 410.393486][ T8141] hsr_slave_1: left promiscuous mode [ 410.412240][ T8141] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 410.480754][ T8141] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 410.521869][ T8141] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 410.532924][ T8141] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 410.566742][ T8141] veth1_macvtap: left promiscuous mode [ 410.589575][ T8141] veth0_macvtap: left promiscuous mode [ 410.610118][ T8141] veth1_vlan: left promiscuous mode [ 410.616156][ T8141] veth0_vlan: left promiscuous mode [ 411.036004][ T5867] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 411.246903][ T5829] Bluetooth: hci3: command tx timeout [ 411.661629][ T5867] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 411.677207][ T5867] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 411.689176][ T5867] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 411.702016][ T5867] usb 1-1: config 0 descriptor?? [ 411.714824][ T5867] pwc: Askey VC010 type 2 USB webcam detected. [ 412.078702][ T8141] team0 (unregistering): Port device team_slave_1 removed [ 412.106462][ T8141] team0 (unregistering): Port device team_slave_0 removed [ 412.222215][T10559] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 412.232021][T10559] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 412.286229][T10559] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 412.319686][ T5867] pwc: recv_control_msg error -32 req 02 val 2b00 [ 412.326741][ T5867] pwc: recv_control_msg error -32 req 02 val 2700 [ 412.341994][ T5867] pwc: recv_control_msg error -32 req 02 val 2c00 [ 412.349150][ T5867] pwc: recv_control_msg error -32 req 04 val 1000 [ 412.385964][ T5867] pwc: recv_control_msg error -32 req 04 val 1300 [ 412.406878][ T5867] pwc: recv_control_msg error -32 req 04 val 1400 [ 412.413965][ T5867] pwc: recv_control_msg error -32 req 02 val 2000 [ 412.424798][T10559] hsr_slave_0: entered promiscuous mode [ 412.431147][ T5867] pwc: recv_control_msg error -32 req 02 val 2100 [ 412.438965][ T5867] pwc: recv_control_msg error -32 req 04 val 1500 [ 412.441381][T10559] hsr_slave_1: entered promiscuous mode [ 412.451687][ T5867] pwc: recv_control_msg error -32 req 02 val 2500 [ 412.460164][ T5867] pwc: recv_control_msg error -32 req 02 val 2400 [ 412.461451][T10559] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 412.477267][T10559] Cannot create hsr debugfs directory [ 412.698826][ T5867] pwc: recv_control_msg error -71 req 02 val 2900 [ 412.715489][ T5867] pwc: recv_control_msg error -71 req 02 val 2800 [ 412.731126][ T5867] pwc: recv_control_msg error -71 req 04 val 1100 [ 412.744211][ T5867] pwc: recv_control_msg error -71 req 04 val 1200 [ 412.765868][ T5867] pwc: Registered as video103. [ 412.773511][ T5867] input: PWC snapshot button as /devices/platform/dummy_hcd.0/usb1/1-1/input/input15 [ 412.806114][ T5867] usb 1-1: USB disconnect, device number 5 [ 412.893530][T10684] netlink: 72 bytes leftover after parsing attributes in process `syz.5.1386'. [ 413.428080][ T5829] Bluetooth: hci3: command tx timeout [ 415.138029][T10559] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 416.783360][T10559] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 416.800878][T10559] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 416.849873][T10559] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 418.159165][T10559] 8021q: adding VLAN 0 to HW filter on device bond0 [ 418.462656][T10559] 8021q: adding VLAN 0 to HW filter on device team0 [ 418.516938][ T3520] bridge0: port 1(bridge_slave_0) entered blocking state [ 418.524085][ T3520] bridge0: port 1(bridge_slave_0) entered forwarding state [ 418.569370][ T8114] bridge0: port 2(bridge_slave_1) entered blocking state [ 418.576558][ T8114] bridge0: port 2(bridge_slave_1) entered forwarding state [ 418.622899][T10737] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1398'. [ 418.796084][ T25] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 418.878374][T10559] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 418.972990][T10559] veth0_vlan: entered promiscuous mode [ 418.984959][T10559] veth1_vlan: entered promiscuous mode [ 419.057081][T10559] veth0_macvtap: entered promiscuous mode [ 419.065679][ T25] usb 1-1: Using ep0 maxpacket: 32 [ 419.072293][ T25] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 419.084813][ T25] usb 1-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 419.094481][ T25] usb 1-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 419.107433][T10559] veth1_macvtap: entered promiscuous mode [ 419.118496][ T25] usb 1-1: Product: syz [ 419.122842][ T25] usb 1-1: Manufacturer: syz [ 419.153310][ T25] usb 1-1: SerialNumber: syz [ 419.568823][ T25] usb 1-1: config 0 descriptor?? [ 419.614812][T10559] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 419.626559][T10559] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 419.637238][T10735] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 419.688665][T10559] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 419.709610][T10559] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 419.729748][T10559] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 419.750587][T10559] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 419.765298][T10559] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 419.776001][T10559] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 419.787102][T10559] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 419.796937][T10559] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 419.863404][T10559] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 419.876396][T10559] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 419.901224][T10559] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 419.916952][ T9] usb 1-1: USB disconnect, device number 6 [ 419.984752][T10559] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 420.035912][T10775] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1403'. [ 420.037764][T10559] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 420.105824][T10559] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 420.111672][T10775] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1403'. [ 420.155869][T10559] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 420.222353][T10559] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 420.340345][T10559] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 420.365848][T10559] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 420.377926][T10559] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 420.397904][T10559] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 420.549312][ T8114] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 420.569899][ T8114] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 420.604256][ T8114] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 420.629954][ T8114] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 428.093426][T10938] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1432'. [ 428.287913][T10946] team0: MTU too low for tipc bearer [ 428.293277][T10946] tipc: Enabling of bearer rejected, failed to enable media [ 430.829794][T10977] cgroup: fork rejected by pids controller in /syz2 [ 432.948487][T11432] ip6gretap0: entered promiscuous mode [ 432.987191][T11432] batadv_slave_0: entered promiscuous mode [ 433.725788][ T29] audit: type=1326 audit(1734719158.670:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11435 comm="syz.5.1448" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5d33d85d29 code=0x0 [ 433.916171][ T5869] usb 4-1: new full-speed USB device number 11 using dummy_hcd [ 434.668323][ T5869] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 434.681885][ T5869] usb 4-1: New USB device found, idVendor=1241, idProduct=5015, bcdDevice= 0.00 [ 434.703252][ T5869] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 434.730850][ T5869] usb 4-1: config 0 descriptor?? [ 435.585962][ T5869] holtek 0003:1241:5015.000A: item fetching failed at offset 1/3 [ 435.594229][ T5869] holtek 0003:1241:5015.000A: parse failed [ 435.600702][ T5869] holtek 0003:1241:5015.000A: probe with driver holtek failed with error -22 [ 436.109621][ T5867] usb 4-1: USB disconnect, device number 11 [ 436.358787][T11475] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 436.649728][T11488] block nbd0: shutting down sockets [ 437.234729][ T9] IPVS: starting estimator thread 0... [ 437.352312][T11494] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 437.387086][T11491] IPVS: using max 33 ests per chain, 79200 per kthread [ 437.879051][T11505] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1474'. [ 438.413627][T11505] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1474'. [ 438.953353][ C1] ------------[ cut here ]------------ [ 438.958924][ C1] WARNING: CPU: 1 PID: 11525 at net/mac80211/tx.c:5040 __ieee80211_beacon_get+0x1202/0x15c0 [ 438.969101][ C1] Modules linked in: [ 438.973048][ C1] CPU: 1 UID: 0 PID: 11525 Comm: syz.1.1479 Not tainted 6.13.0-rc3-syzkaller-00136-g8faabc041a00 #0 [ 438.983859][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 438.993968][ C1] RIP: 0010:__ieee80211_beacon_get+0x1202/0x15c0 [ 439.000364][ C1] Code: e8 13 0f 64 f6 eb 0d e8 0c 0f 64 f6 4c 8b bc 24 98 00 00 00 4c 89 ef e8 2c 45 bc f6 45 31 ed e9 4c fe ff ff e8 ef 0e 64 f6 90 <0f> 0b 90 e9 00 f7 ff ff e8 e1 0e 64 f6 90 0f 0b 90 e9 e8 f8 ff ff [ 439.020065][ C1] RSP: 0018:ffffc90000a189e0 EFLAGS: 00010246 [ 439.026200][ C1] RAX: ffffffff8b3b64b1 RBX: 0000000000000000 RCX: ffff88805045da00 [ 439.034202][ C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000 [ 439.042291][ C1] RBP: dffffc0000000000 R08: ffffffff8b3b5bad R09: ffffffff8b3b55b0 [ 439.050333][ C1] R10: 0000000000000003 R11: ffff88805045da00 R12: ffff88805a486500 [ 439.058377][ C1] R13: ffff88805a8fc400 R14: ffff88805a4869d0 R15: ffff88805a484d80 [ 439.066414][ C1] FS: 00007f4d64cff6c0(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 439.075383][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 439.082049][ C1] CR2: 0000000020016030 CR3: 0000000028e0a000 CR4: 00000000003526f0 [ 439.090103][ C1] Call Trace: [ 439.093455][ C1] [ 439.096369][ C1] ? __warn+0x165/0x4d0 [ 439.100570][ C1] ? __ieee80211_beacon_get+0x1202/0x15c0 [ 439.106390][ C1] ? report_bug+0x2b3/0x500 [ 439.110938][ C1] ? __ieee80211_beacon_get+0x1202/0x15c0 [ 439.116745][ C1] ? handle_bug+0x60/0x90 [ 439.121114][ C1] ? exc_invalid_op+0x1a/0x50 [ 439.125865][ C1] ? asm_exc_invalid_op+0x1a/0x20 [ 439.130947][ C1] ? __ieee80211_beacon_get+0x300/0x15c0 [ 439.136674][ C1] ? __ieee80211_beacon_get+0x8fd/0x15c0 [ 439.142362][ C1] ? __ieee80211_beacon_get+0x1201/0x15c0 [ 439.148206][ C1] ? __ieee80211_beacon_get+0x1202/0x15c0 [ 439.153984][ C1] ? __ieee80211_beacon_get+0x36/0x15c0 [ 439.159609][ C1] ieee80211_beacon_get_tim+0xb4/0x320 [ 439.165115][ C1] ? __pfx_ieee80211_beacon_get_tim+0x10/0x10 [ 439.171262][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 439.176349][ C1] mac80211_hwsim_beacon_tx+0x39d/0x850 [ 439.181950][ C1] __iterate_interfaces+0x297/0x570 [ 439.187229][ C1] ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10 [ 439.193347][ C1] ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10 [ 439.199481][ C1] ? ieee80211_iterate_active_interfaces_atomic+0x2a/0x170 [ 439.206799][ C1] ieee80211_iterate_active_interfaces_atomic+0xd8/0x170 [ 439.213881][ C1] mac80211_hwsim_beacon+0xd4/0x1f0 [ 439.219159][ C1] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 439.225015][ C1] __hrtimer_run_queues+0x59b/0xd30 [ 439.230316][ C1] ? ktime_get_update_offsets_now+0x2d/0x3b0 [ 439.236402][ C1] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 439.242222][ C1] ? read_tsc+0x9/0x20 [ 439.246366][ C1] ? ktime_get_update_offsets_now+0x393/0x3b0 [ 439.252486][ C1] hrtimer_run_softirq+0x19a/0x2c0 [ 439.257681][ C1] handle_softirqs+0x2d4/0x9b0 [ 439.262498][ C1] ? __irq_exit_rcu+0xf7/0x220 [ 439.267356][ C1] ? __pfx_handle_softirqs+0x10/0x10 [ 439.272690][ C1] ? irqtime_account_irq+0xd4/0x1e0 [ 439.277971][ C1] __irq_exit_rcu+0xf7/0x220 [ 439.278417][T11530] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1481'. [ 439.282591][ C1] ? __pfx___irq_exit_rcu+0x10/0x10 [ 439.282635][ C1] irq_exit_rcu+0x9/0x30 [ 439.292863][T11530] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1481'. [ 439.297241][ C1] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 439.297287][ C1] [ 439.297296][ C1] [ 439.297305][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 439.297341][ C1] RIP: 0010:finish_task_switch+0x1ea/0x870 [ 439.297372][ C1] Code: c9 50 e8 59 0c 0c 00 48 83 c4 08 4c 89 f7 e8 ed 39 00 00 e9 de 04 00 00 4c 89 f7 e8 50 b8 54 0a e8 eb 8a 38 00 fb 48 8b 5d c0 <48> 8d bb f8 15 00 00 48 89 f8 48 c1 e8 03 49 be 00 00 00 00 00 fc [ 439.297392][ C1] RSP: 0018:ffffc900034a7308 EFLAGS: 00000286 [ 439.304773][T11530] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1481'. [ 439.310590][ C1] [ 439.310602][ C1] RAX: 33669934e4d42800 RBX: ffff88805045da00 RCX: ffffffff81a72b9c [ 439.310622][ C1] RDX: dffffc0000000000 RSI: ffffffff8c5edb40 RDI: ffffffff816ea1b5 [ 439.310639][ C1] RBP: ffffc900034a7350 R08: ffffffff901851b7 R09: 1ffffffff2030a36 [ 439.310657][ C1] R10: dffffc0000000000 R11: fffffbfff2030a37 R12: 1ffff110170e7eac [ 439.310675][ C1] R13: dffffc0000000000 R14: ffff8880b873e740 R15: ffff8880b873f560 [ 439.310698][ C1] ? trace_irq_enable+0x2c/0x120 [ 439.310724][ C1] ? finish_task_switch+0x1e5/0x870 [ 439.310755][ C1] ? finish_task_switch+0x1e5/0x870 [ 439.310785][ C1] __schedule+0x1803/0x4be0 [ 439.323059][T11530] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1481'. [ 439.328341][ C1] ? psi_group_change+0xb4e/0x1190 [ 439.328383][ C1] ? rcu_is_watching+0x15/0xb0 [ 439.328415][ C1] ? rcu_is_watching+0x15/0xb0 [ 439.328443][ C1] ? lock_acquire+0xe3/0x550 [ 439.328471][ C1] ? __pfx___schedule+0x10/0x10 [ 439.464595][ C1] ? __mutex_trylock_common+0x183/0x2e0 [ 439.470238][ C1] ? preempt_schedule_common+0x84/0xd0 [ 439.475781][ C1] ? rcu_is_watching+0x15/0xb0 [ 439.480609][ C1] preempt_schedule_irq+0xfb/0x1c0 [ 439.485803][ C1] ? __pfx_preempt_schedule_irq+0x10/0x10 [ 439.491681][ C1] irqentry_exit+0x5e/0x90 [ 439.496185][ C1] asm_sysvec_reschedule_ipi+0x1a/0x20 [ 439.501690][ C1] RIP: 0010:__skb_try_recv_datagram+0x0/0x6a0 [ 439.507862][ C1] Code: 0f 8c cf fe ff ff 4c 89 ff e8 bc f5 7a f8 e9 c2 fe ff ff 0f 1f 80 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1e fa 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 83 e4 e0 48 [ 439.527720][ C1] RSP: 0018:ffffc900034a76f8 EFLAGS: 00000297 [ 439.533882][ C1] RAX: 0000000000000004 RBX: dffffc0000000000 RCX: ffffc900034a7840 [ 439.541910][ C1] RDX: 0000000000000002 RSI: ffff88804ec63268 RDI: ffff88804ec63180 [ 439.549956][ C1] RBP: ffffc900034a78b0 R08: ffffc900034a7850 R09: ffffc900034a7800 [ 439.558009][ C1] R10: dffffc0000000000 R11: fffffbfff2030a37 R12: 1ffff92000694f04 [ 439.566056][ C1] R13: dffffc0000000000 R14: 1ffff92000694f00 R15: ffff88804ec63268 [ 439.574083][ C1] __unix_dgram_recvmsg+0x3ba/0x12f0 [ 439.579464][ C1] ? rcu_is_watching+0x15/0xb0 [ 439.584322][ C1] ? rcu_is_watching+0x15/0xb0 [ 439.589173][ C1] ? __pfx___unix_dgram_recvmsg+0x10/0x10 [ 439.594959][ C1] ? lock_release+0xbf/0xa30 [ 439.599713][ C1] ? iovec_from_user+0x61/0x240 [ 439.604600][ C1] ? __pfx_unix_dgram_recvmsg+0x10/0x10 [ 439.610198][ C1] ? __import_iovec+0x3a8/0x870 [ 439.615084][ C1] ? unix_dgram_recvmsg+0xb6/0xe0 [ 439.620178][ C1] ? __pfx_unix_dgram_recvmsg+0x10/0x10 [ 439.625810][ C1] sock_recvmsg_nosec+0x18e/0x1d0 [ 439.630876][ C1] ____sys_recvmsg+0x3cd/0x480 [ 439.635692][ C1] ? __pfx_____sys_recvmsg+0x10/0x10 [ 439.641018][ C1] ? do_recvmmsg+0x44e/0xab0 [ 439.645663][ C1] ? __might_fault+0xaa/0x120 [ 439.650378][ C1] do_recvmmsg+0x426/0xab0 [ 439.654831][ C1] ? __pfx_do_recvmmsg+0x10/0x10 [ 439.659823][ C1] ? finish_task_switch+0x1e5/0x870 [ 439.665050][ C1] ? __pfx___schedule+0x10/0x10 [ 439.669973][ C1] ? __schedule+0x1803/0x4be0 [ 439.674690][ C1] ? preempt_schedule_irq+0x144/0x1c0 [ 439.680128][ C1] __x64_sys_recvmmsg+0x199/0x250 [ 439.685193][ C1] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 439.690817][ C1] ? trace_irq_enable+0x2c/0x120 [ 439.695817][ C1] do_syscall_64+0xf3/0x230 [ 439.700368][ C1] ? clear_bhb_loop+0x35/0x90 [ 439.705082][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 439.711053][ C1] RIP: 0033:0x7f4d63f85d29 [ 439.715520][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 439.735206][ C1] RSP: 002b:00007f4d64cff038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 439.743685][ C1] RAX: ffffffffffffffda RBX: 00007f4d64176080 RCX: 00007f4d63f85d29 [ 439.751709][ C1] RDX: 03fffffffffffcb5 RSI: 00000000200000c0 RDI: 0000000000000003 [ 439.759728][ C1] RBP: 00007f4d64001aa8 R08: 0000000000000000 R09: 0000000000000000 [ 439.767752][ C1] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000 [ 439.775763][ C1] R13: 0000000000000001 R14: 00007f4d64176080 R15: 00007ffe17eeac38 [ 439.783746][ C1] [ 439.786825][ C1] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 439.794135][ C1] CPU: 1 UID: 0 PID: 11525 Comm: syz.1.1479 Not tainted 6.13.0-rc3-syzkaller-00136-g8faabc041a00 #0 [ 439.804895][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 439.814954][ C1] Call Trace: [ 439.818239][ C1] [ 439.821085][ C1] dump_stack_lvl+0x241/0x360 [ 439.825777][ C1] ? __pfx_dump_stack_lvl+0x10/0x10 [ 439.830990][ C1] ? __pfx__printk+0x10/0x10 [ 439.835593][ C1] ? _printk+0xd5/0x120 [ 439.839775][ C1] ? __init_begin+0x41000/0x41000 [ 439.844805][ C1] ? vscnprintf+0x5d/0x90 [ 439.849144][ C1] panic+0x349/0x880 [ 439.853063][ C1] ? __warn+0x174/0x4d0 [ 439.857228][ C1] ? __pfx_panic+0x10/0x10 [ 439.861656][ C1] __warn+0x344/0x4d0 [ 439.865646][ C1] ? __ieee80211_beacon_get+0x1202/0x15c0 [ 439.871393][ C1] report_bug+0x2b3/0x500 [ 439.875738][ C1] ? __ieee80211_beacon_get+0x1202/0x15c0 [ 439.881479][ C1] handle_bug+0x60/0x90 [ 439.885646][ C1] exc_invalid_op+0x1a/0x50 [ 439.890163][ C1] asm_exc_invalid_op+0x1a/0x20 [ 439.895030][ C1] RIP: 0010:__ieee80211_beacon_get+0x1202/0x15c0 [ 439.901374][ C1] Code: e8 13 0f 64 f6 eb 0d e8 0c 0f 64 f6 4c 8b bc 24 98 00 00 00 4c 89 ef e8 2c 45 bc f6 45 31 ed e9 4c fe ff ff e8 ef 0e 64 f6 90 <0f> 0b 90 e9 00 f7 ff ff e8 e1 0e 64 f6 90 0f 0b 90 e9 e8 f8 ff ff [ 439.920987][ C1] RSP: 0018:ffffc90000a189e0 EFLAGS: 00010246 [ 439.927081][ C1] RAX: ffffffff8b3b64b1 RBX: 0000000000000000 RCX: ffff88805045da00 [ 439.935055][ C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000 [ 439.943030][ C1] RBP: dffffc0000000000 R08: ffffffff8b3b5bad R09: ffffffff8b3b55b0 [ 439.951024][ C1] R10: 0000000000000003 R11: ffff88805045da00 R12: ffff88805a486500 [ 439.959000][ C1] R13: ffff88805a8fc400 R14: ffff88805a4869d0 R15: ffff88805a484d80 [ 439.966979][ C1] ? __ieee80211_beacon_get+0x300/0x15c0 [ 439.972628][ C1] ? __ieee80211_beacon_get+0x8fd/0x15c0 [ 439.978300][ C1] ? __ieee80211_beacon_get+0x1201/0x15c0 [ 439.984054][ C1] ? __ieee80211_beacon_get+0x36/0x15c0 [ 439.989654][ C1] ieee80211_beacon_get_tim+0xb4/0x320 [ 439.995138][ C1] ? __pfx_ieee80211_beacon_get_tim+0x10/0x10 [ 440.001228][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 440.006273][ C1] mac80211_hwsim_beacon_tx+0x39d/0x850 [ 440.011830][ C1] __iterate_interfaces+0x297/0x570 [ 440.017038][ C1] ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10 [ 440.023115][ C1] ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10 [ 440.029193][ C1] ? ieee80211_iterate_active_interfaces_atomic+0x2a/0x170 [ 440.036406][ C1] ieee80211_iterate_active_interfaces_atomic+0xd8/0x170 [ 440.043463][ C1] mac80211_hwsim_beacon+0xd4/0x1f0 [ 440.048699][ C1] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 440.054541][ C1] __hrtimer_run_queues+0x59b/0xd30 [ 440.059761][ C1] ? ktime_get_update_offsets_now+0x2d/0x3b0 [ 440.065772][ C1] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 440.071516][ C1] ? read_tsc+0x9/0x20 [ 440.075609][ C1] ? ktime_get_update_offsets_now+0x393/0x3b0 [ 440.081787][ C1] hrtimer_run_softirq+0x19a/0x2c0 [ 440.086946][ C1] handle_softirqs+0x2d4/0x9b0 [ 440.091730][ C1] ? __irq_exit_rcu+0xf7/0x220 [ 440.096510][ C1] ? __pfx_handle_softirqs+0x10/0x10 [ 440.101899][ C1] ? irqtime_account_irq+0xd4/0x1e0 [ 440.107110][ C1] __irq_exit_rcu+0xf7/0x220 [ 440.111716][ C1] ? __pfx___irq_exit_rcu+0x10/0x10 [ 440.116932][ C1] irq_exit_rcu+0x9/0x30 [ 440.121186][ C1] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 440.126832][ C1] [ 440.129766][ C1] [ 440.132698][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 440.138695][ C1] RIP: 0010:finish_task_switch+0x1ea/0x870 [ 440.144521][ C1] Code: c9 50 e8 59 0c 0c 00 48 83 c4 08 4c 89 f7 e8 ed 39 00 00 e9 de 04 00 00 4c 89 f7 e8 50 b8 54 0a e8 eb 8a 38 00 fb 48 8b 5d c0 <48> 8d bb f8 15 00 00 48 89 f8 48 c1 e8 03 49 be 00 00 00 00 00 fc [ 440.164132][ C1] RSP: 0018:ffffc900034a7308 EFLAGS: 00000286 [ 440.170209][ C1] RAX: 33669934e4d42800 RBX: ffff88805045da00 RCX: ffffffff81a72b9c [ 440.178190][ C1] RDX: dffffc0000000000 RSI: ffffffff8c5edb40 RDI: ffffffff816ea1b5 [ 440.186167][ C1] RBP: ffffc900034a7350 R08: ffffffff901851b7 R09: 1ffffffff2030a36 [ 440.194144][ C1] R10: dffffc0000000000 R11: fffffbfff2030a37 R12: 1ffff110170e7eac [ 440.202128][ C1] R13: dffffc0000000000 R14: ffff8880b873e740 R15: ffff8880b873f560 [ 440.210113][ C1] ? trace_irq_enable+0x2c/0x120 [ 440.215078][ C1] ? finish_task_switch+0x1e5/0x870 [ 440.220289][ C1] ? finish_task_switch+0x1e5/0x870 [ 440.225498][ C1] __schedule+0x1803/0x4be0 [ 440.230012][ C1] ? psi_group_change+0xb4e/0x1190 [ 440.235136][ C1] ? rcu_is_watching+0x15/0xb0 [ 440.239912][ C1] ? rcu_is_watching+0x15/0xb0 [ 440.244686][ C1] ? lock_acquire+0xe3/0x550 [ 440.249286][ C1] ? __pfx___schedule+0x10/0x10 [ 440.254144][ C1] ? __mutex_trylock_common+0x183/0x2e0 [ 440.259704][ C1] ? preempt_schedule_common+0x84/0xd0 [ 440.265173][ C1] ? rcu_is_watching+0x15/0xb0 [ 440.269948][ C1] preempt_schedule_irq+0xfb/0x1c0 [ 440.275071][ C1] ? __pfx_preempt_schedule_irq+0x10/0x10 [ 440.280809][ C1] irqentry_exit+0x5e/0x90 [ 440.285247][ C1] asm_sysvec_reschedule_ipi+0x1a/0x20 [ 440.290723][ C1] RIP: 0010:__skb_try_recv_datagram+0x0/0x6a0 [ 440.296802][ C1] Code: 0f 8c cf fe ff ff 4c 89 ff e8 bc f5 7a f8 e9 c2 fe ff ff 0f 1f 80 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1e fa 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 83 e4 e0 48 [ 440.316420][ C1] RSP: 0018:ffffc900034a76f8 EFLAGS: 00000297 [ 440.322497][ C1] RAX: 0000000000000004 RBX: dffffc0000000000 RCX: ffffc900034a7840 [ 440.330482][ C1] RDX: 0000000000000002 RSI: ffff88804ec63268 RDI: ffff88804ec63180 [ 440.338477][ C1] RBP: ffffc900034a78b0 R08: ffffc900034a7850 R09: ffffc900034a7800 [ 440.346471][ C1] R10: dffffc0000000000 R11: fffffbfff2030a37 R12: 1ffff92000694f04 [ 440.354464][ C1] R13: dffffc0000000000 R14: 1ffff92000694f00 R15: ffff88804ec63268 [ 440.362461][ C1] __unix_dgram_recvmsg+0x3ba/0x12f0 [ 440.367771][ C1] ? rcu_is_watching+0x15/0xb0 [ 440.372559][ C1] ? rcu_is_watching+0x15/0xb0 [ 440.377338][ C1] ? __pfx___unix_dgram_recvmsg+0x10/0x10 [ 440.383080][ C1] ? lock_release+0xbf/0xa30 [ 440.387767][ C1] ? iovec_from_user+0x61/0x240 [ 440.392630][ C1] ? __pfx_unix_dgram_recvmsg+0x10/0x10 [ 440.398185][ C1] ? __import_iovec+0x3a8/0x870 [ 440.403055][ C1] ? unix_dgram_recvmsg+0xb6/0xe0 [ 440.408110][ C1] ? __pfx_unix_dgram_recvmsg+0x10/0x10 [ 440.413664][ C1] sock_recvmsg_nosec+0x18e/0x1d0 [ 440.418706][ C1] ____sys_recvmsg+0x3cd/0x480 [ 440.423487][ C1] ? __pfx_____sys_recvmsg+0x10/0x10 [ 440.428786][ C1] ? do_recvmmsg+0x44e/0xab0 [ 440.433386][ C1] ? __might_fault+0xaa/0x120 [ 440.438074][ C1] do_recvmmsg+0x426/0xab0 [ 440.442502][ C1] ? __pfx_do_recvmmsg+0x10/0x10 [ 440.447457][ C1] ? finish_task_switch+0x1e5/0x870 [ 440.452669][ C1] ? __pfx___schedule+0x10/0x10 [ 440.457529][ C1] ? __schedule+0x1803/0x4be0 [ 440.462229][ C1] ? preempt_schedule_irq+0x144/0x1c0 [ 440.467618][ C1] __x64_sys_recvmmsg+0x199/0x250 [ 440.472652][ C1] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 440.478206][ C1] ? trace_irq_enable+0x2c/0x120 [ 440.483155][ C1] do_syscall_64+0xf3/0x230 [ 440.487673][ C1] ? clear_bhb_loop+0x35/0x90 [ 440.492359][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 440.498267][ C1] RIP: 0033:0x7f4d63f85d29 [ 440.502686][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 440.522303][ C1] RSP: 002b:00007f4d64cff038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 440.530729][ C1] RAX: ffffffffffffffda RBX: 00007f4d64176080 RCX: 00007f4d63f85d29 [ 440.538707][ C1] RDX: 03fffffffffffcb5 RSI: 00000000200000c0 RDI: 0000000000000003 [ 440.546682][ C1] RBP: 00007f4d64001aa8 R08: 0000000000000000 R09: 0000000000000000 [ 440.554655][ C1] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000 [ 440.562627][ C1] R13: 0000000000000001 R14: 00007f4d64176080 R15: 00007ffe17eeac38 [ 440.570609][ C1] [ 440.573773][ C1] Kernel Offset: disabled [ 440.578102][ C1] Rebooting in 86400 seconds..