last executing test programs: 15.69730025s ago: executing program 0 (id=297): socket$nl_route(0x10, 0x3, 0x0) r0 = syz_open_dev$dri(&(0x7f0000000100), 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mount(&(0x7f0000000040)=@nullb, 0x0, &(0x7f0000002280)='ext4\x00', 0x8000, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) mknod$loop(&(0x7f0000000140)='./file0\x00', 0x8fff, 0x0) ioprio_set$pid(0x1, 0x0, 0x0) r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000400)='/sys/power/resume', 0x149a82, 0x0) write$cgroup_int(r2, &(0x7f0000000040)=0x1f00, 0x12) ioctl$DRM_IOCTL_SET_VERSION(r0, 0xc0106407, &(0x7f0000000040)={0x8, 0xeb, 0xffffffff, 0x2000}) r3 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000180)={'vxcan1\x00', 0x0}) r5 = syz_open_dev$tty1(0xc, 0x4, 0x2) r6 = epoll_create(0x81) epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f0000001680)={0x4}) epoll_pwait(r6, &(0x7f00000016c0)=[{}], 0x1, 0x4, 0x0, 0x0) setsockopt$CAN_RAW_ERR_FILTER(r3, 0x65, 0x2, &(0x7f0000000140)=0x1, 0x4) bind$can_raw(r3, &(0x7f0000000200)={0x1d, r4}, 0x10) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000400)={&(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ff2000/0x3000)=nil, &(0x7f0000fef000/0x3000)=nil, &(0x7f0000ff2000/0x2000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f00000002c0)="30f912731ae08c38c66fe9d12e53c00e1340b8240551b3eb9e26a98e70deaf6e0a86492f7dadd1ae5ad91d290d567aa40227f2a0ac6d87a22d289cbbea9ae271c204fb7c4d3b6fb747af0df723f6a9bb4cbdef77b0cd581c5c01f1447cf7b313032bf9617d8fd5743931c1c4853ee559d66b4987466fcc1fb1336eaa54a30bdeff31c416c2114d225a577be156456d2ac646e1da7db6369e90c88a50ec8238069ce40ae30be9a3b4a48b0a24b3b61c08ed063ff72db90f3faefc43809ce5d6b1bdd966baba0a7eef3c0d3c323066a8dc7b4c4842af6698905f94591f164e59d2d99a893704df9b3c394a2f4d908d6b895da39bee81426d494d", 0xf9, r0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x4004090) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[], 0x7c}}, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a140000000800000000000000000200000214c000000000000000000000000000000000000a000000"], 0x3c}}, 0x0) 15.257061587s ago: executing program 2 (id=299): r0 = openat$smackfs_ipv6host(0xffffff9c, &(0x7f0000000040), 0x2, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce) sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8) r2 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040)='c:::\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0) r3 = syz_open_dev$vim2m(0x0, 0x9cb5, 0x2) r4 = syz_open_dev$vim2m(&(0x7f00000000c0), 0x9cb5, 0x2) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$vim2m_VIDIOC_CREATE_BUFS(r3, 0xc100565c, &(0x7f0000000200)={0x0, 0x20, 0x2, {0x1, @raw_data="ab4f50197556377c18ce2ac60148ff4159ec9f2626a3764c477053892bde648477f2412e4e45920efd9e4ed32463224f7c68ec76b27acb196ae1a9d4a2ae3bc8dd9959b57ccb8311438ecc503eceba88237db41267530b5c1a67025ffb48c5dc13f8a0d25774ce731e2ab75945cb7c708ed987e6821b128c6dcb4469b10f6a93e2aaccddf26d49ee6463a3568fe1f80288863c011b865892018f9f79eabbfae3c16db65f7f8ea37925df7c6e13aa93ef0d6523dc472739898e6a91df22e82edafda6a7930ad71aa2"}}) ioctl$vim2m_VIDIOC_CREATE_BUFS(r4, 0xc100565c, &(0x7f0000005880)={0x1, 0xfffffff1, 0x1, {0x1, @win={{0xffffffff, 0x2, 0x4d8}, 0x3, 0x473f, 0x0, 0x1, 0x0, 0x4}}, 0xffffffff}) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0xb8, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @mcast2}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_DST={0x24, 0xd, 0x0, 0x1, [@CTA_NAT_V6_MINIP={0x14, 0x4, @dev}, @CTA_NAT_PROTO={0xc, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x2}]}]}]}, 0xb8}}, 0x0) write$smackfs_ipv6host(r0, &(0x7f0000000080)=@l1={{0x3, 0x3a, 0x5, 0x3a, 0x0, 0x3a, 0x5, 0x3a, 0x8001, 0x3a, 0xc, 0x3a, 0xa, 0x3a, 0x3}, 0x20, '(%\''}, 0x9c) syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x4) 13.499661786s ago: executing program 0 (id=300): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x1e7ee000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) fsopen(&(0x7f0000000280)='ceph\x00', 0x0) preadv(0xffffffffffffffff, 0x0, 0x0, 0xffff, 0x0) syz_emit_ethernet(0x2a, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaa270005d70000de08060001"], 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'batadv0\x00', 0x0}) sendto$packet(0xffffffffffffffff, &(0x7f0000000100)="f257a8ea7bc273dfaeab96850806", 0x2a, 0x0, &(0x7f0000000200)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @link_local}, 0x14) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x34, 0x34, 0x4, [@var={0x2, 0x0, 0x0, 0x11, 0x4}, @const={0x0, 0x0, 0x0, 0x2}, @func_proto={0x2, 0x0, 0x0, 0x6, 0x2}, @volatile={0x0, 0x0, 0x0, 0x9, 0x4}]}, {0x0, [0x0, 0x61]}}, 0x0, 0x50, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_NEIGHBORS(r4, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000004c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="31030000efffffffffff04"], 0x1c}}, 0x0) recvmmsg(r4, &(0x7f0000000540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000000, 0x0) 12.253963842s ago: executing program 1 (id=303): r0 = openat$smackfs_ipv6host(0xffffff9c, &(0x7f0000000040), 0x2, 0x0) write$smackfs_ipv6host(r0, &(0x7f0000000080)=@l1={{0x3, 0x3a, 0x5, 0x3a, 0x0, 0x3a, 0x5, 0x3a, 0x8001, 0x3a, 0xc, 0x3a, 0xa, 0x3a, 0x3}, 0x20, '(%\''}, 0x9c) 11.030676072s ago: executing program 0 (id=305): bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000}) setsockopt$IP6T_SO_SET_ADD_COUNTERS(0xffffffffffffffff, 0x29, 0x41, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) pread64(r0, 0x0, 0x0, 0x3fffffffffffffe) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) socket(0x2, 0x80805, 0x0) write$UHID_CREATE(0xffffffffffffffff, &(0x7f0000000240)={0x0, {'syz0\x00', 'syz1\x00', 'syz0\x00', &(0x7f0000000380)=""/17, 0x11, 0xc990, 0x3, 0x7f, 0x0, 0xc07}}, 0x11c) syz_open_procfs(0x0, &(0x7f0000000300)='timerslack_ns\x00') 10.082281913s ago: executing program 0 (id=306): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000006800)={0x0, 0x44}, 0x5}, 0x40800) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00', @ANYRES16=r0, @ANYBLOB="010000000000000000", @ANYRES32=r2, @ANYBLOB="08002600851600000a00180000000000000000001c005a8018000180140003"], 0x4c}}, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f00000002c0)=ANY=[@ANYRES32, @ANYBLOB="addaced30a01a7"], 0x20) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000300)="c99b5738180123", 0x7) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000500)) socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) accept4(r3, 0x0, 0x0, 0x800) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) socket$nl_xfrm(0x10, 0x3, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f0000000000)=@abs={0x0, 0x0, 0x4e22}, 0x6e) sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0) mount(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c0000081800f6ff02"], 0x1c}, 0x1, 0x0, 0x0, 0x4c080}, 0x6080) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50) r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r6, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r6, &(0x7f0000000000), 0xd) 10.037392359s ago: executing program 1 (id=307): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0xc004) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000800)=ANY=[@ANYBLOB="380000004800210028bd7000fddbdf250a008000", @ANYRES32=0x0, @ANYBLOB="0001000014000100ff0a0000000000000000000000000001080002"], 0x38}, 0x1, 0x0, 0x0, 0x4080}, 0x0) syz_80211_inject_frame(0x0, 0x0, 0x10) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002) write(0xffffffffffffffff, &(0x7f0000000040), 0x0) socket$can_raw(0x1d, 0x3, 0x1) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000001ac0), r4) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_DEL_KEY(r6, &(0x7f0000005bc0)={0x0, 0x0, &(0x7f0000005b80)={&(0x7f0000000000)={0x3c, r5, 0x1, 0x70bd27, 0x25dfdbff, {}, [@IEEE802154_ATTR_PAN_ID={0x6, 0x6, 0x2}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000044) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), r7) sendmsg$ETHTOOL_MSG_COALESCE_SET(r7, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010000000000000000001400000008000a00fc00000018000180140002006e657464657673696d300000000000000800080000fcffff08000900fcfc0000080011000000000008000e00800000000800", @ANYRES64=r7], 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x0) r9 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)={0x14, 0x2d, 0x1, 0x0, 0xfffffffc, "", [@nested={0x4}]}, 0x14}], 0x1}, 0x0) capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)) 10.035713109s ago: executing program 2 (id=308): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) iopl(0x3) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x7) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{0x0}, {&(0x7f0000000580)="d4fa0c511aad03aa5ed217677bc41c027d9c830c439c7f821ddd78b6915cb170e7603acf9e433c2903bb6773f4b0130668a1e5b5e08d21d0b69c28ca3455aed65855c86f3d1e5789d26375a0d85eaf5e92e19c9affcf76e7a94e76556d2b104ebf645747fadc91460f4b3c94e1a89b51be4a6aa4c65285f988329a8163b69c51b801500a5bacd0463976e2960e2679ef2feee5e6ce6bb78a51fb0e15820d13e4a5aa9e0742a6f8d677ad28fea356657bb550c8311b682d9003c82267a15aa7334bc53b65b9119a1a7d905c7dd365b85c230bbad0d5d0a79819e112637819d9a187cfdf782c6127d2d4281926ab0e22f7346b616fe28ed0b9f4a0c9fdac6d3a90a9c38b5e31448a45546388c95045bc22fe88c43b82a0a5d3eb61c238a5159ea98db9c00aeef644ae98a8cb8dffff3b7ba14d7971910b559623af8295", 0x13c}], 0x2, 0x0, 0x48}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x4, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x82000, 0x1, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8b18, &(0x7f0000000000)={'wlan0\x00'}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00') socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x1, 0x803, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0) openat$fb0(0xffffffffffffff9c, 0x0, 0x0, 0x0) r3 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$SO_TIMESTAMPING(r3, 0x29, 0x3e, 0x0, 0x0) 8.090858149s ago: executing program 1 (id=310): socket$nl_route(0x10, 0x3, 0x0) r0 = syz_open_dev$dri(&(0x7f0000000100), 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mount(&(0x7f0000000040)=@nullb, 0x0, &(0x7f0000002280)='ext4\x00', 0x8000, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) mknod$loop(&(0x7f0000000140)='./file0\x00', 0x8fff, 0x0) ioprio_set$pid(0x1, 0x0, 0x0) r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000400)='/sys/power/resume', 0x149a82, 0x0) write$cgroup_int(r2, &(0x7f0000000040)=0x1f00, 0x12) ioctl$DRM_IOCTL_SET_VERSION(r0, 0xc0106407, &(0x7f0000000040)={0x8, 0xeb, 0xffffffff, 0x2000}) r3 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000180)={'vxcan1\x00', 0x0}) r5 = syz_open_dev$tty1(0xc, 0x4, 0x2) r6 = epoll_create(0x81) epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f0000001680)={0x4}) epoll_pwait(r6, &(0x7f00000016c0)=[{}], 0x1, 0x4, 0x0, 0x0) setsockopt$CAN_RAW_ERR_FILTER(r3, 0x65, 0x2, &(0x7f0000000140)=0x1, 0x4) bind$can_raw(r3, &(0x7f0000000200)={0x1d, r4}, 0x10) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000400)={&(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ff2000/0x3000)=nil, &(0x7f0000fef000/0x3000)=nil, &(0x7f0000ff2000/0x2000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f00000002c0)="30f912731ae08c38c66fe9d12e53c00e1340b8240551b3eb9e26a98e70deaf6e0a86492f7dadd1ae5ad91d290d567aa40227f2a0ac6d87a22d289cbbea9ae271c204fb7c4d3b6fb747af0df723f6a9bb4cbdef77b0cd581c5c01f1447cf7b313032bf9617d8fd5743931c1c4853ee559d66b4987466fcc1fb1336eaa54a30bdeff31c416c2114d225a577be156456d2ac646e1da7db6369e90c88a50ec8238069ce40ae30be9a3b4a48b0a24b3b61c08ed063ff72db90f3faefc43809ce5d6b1bdd966baba0a7eef3c0d3c323066a8dc7b4c4842af6698905f94591f164e59d2d99a893704df9b3c394a2f4d908d6b895da39bee81426d494d", 0xf9, r0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x4004090) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[], 0x7c}}, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a140000000800000000000000000200000214c000000000000000000000000000000000000a000000"], 0x3c}}, 0x0) 7.533474281s ago: executing program 0 (id=311): r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) ustat(0x1000000000003, &(0x7f0000000340)) r1 = syz_io_uring_setup(0x1e1e, &(0x7f0000000380)={0x0, 0x86f7, 0x10100}, &(0x7f0000002000)=0x0, &(0x7f0000000280)=0x0) r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_RENAMEAT={0x23, 0x40, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, {0x0, r4}}) io_uring_enter(r1, 0x48e9, 0x0, 0x2, 0x0, 0x0) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) mremap(&(0x7f00007fd000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f00008d7000/0x2000)=nil) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r5, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev, 0x6}, 0x1c) r6 = socket$inet6(0x10, 0x2, 0x4) setsockopt$inet6_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f0000000380)='yeah\x00', 0x5) sendto$inet6(r6, 0x0, 0x0, 0x0, 0x0, 0x0) r7 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r7, 0x29, 0x20, &(0x7f00000000c0)={@rand_addr=' \x01\x00', 0x800, 0x0, 0x103, 0x1}, 0x20) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r7, 0x29, 0x20, &(0x7f0000000080)={@private0, 0x800, 0x0, 0x3, 0x1}, 0x20) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x4) munlock(&(0x7f0000462000/0x3000)=nil, 0x3000) ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000040)={'wlan1\x00', {0x2, 0x4e23, @private=0xa010100}}) r8 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r8, &(0x7f0000000600)={0x0, 0xc, &(0x7f0000000000)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73772cc9f1ba1f848480000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0) r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x5, 0x0, &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000240)='snd_soc_jack_irq\x00', r9}, 0x18) sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x20, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0) 7.525081003s ago: executing program 2 (id=313): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f00000001c0)={0x2, &(0x7f0000000040)=[{0x28, 0x0, 0x0, 0x8b49}, {0x6, 0xb, 0x0, 0x9}]}, 0x10) write$binfmt_aout(r3, &(0x7f0000000000)=ANY=[], 0xfdef) 6.738131547s ago: executing program 1 (id=314): mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x2000005, 0x3032, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x216, 0xb3, 0x7f, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) (async) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x16, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) r2 = epoll_create1(0x0) r3 = fcntl$dupfd(r2, 0x2, 0xffffffffffffffff) bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000580)=ANY=[@ANYRES32=r3, @ANYRES32=r1, @ANYBLOB="11"], 0x14) (async) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=@framed={{0x18, 0x8, 0x0, 0x0, 0xffc0}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x1, 0x0, r0}, @generic={0x66}, @initr0={0x18, 0x0, 0x0, 0x0, 0xfffffff8}, @exit, @alu={0x6, 0x0, 0x3, 0xa}, @printk={@x, {0x3, 0x3, 0x6}, {}, {}, {}, {0x5, 0x0, 0xb, 0xa}}]}, &(0x7f0000000000)='GPL\x00', 0xa, 0xff5c, &(0x7f0000000340)=""/222, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78) 6.727326156s ago: executing program 4 (id=315): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000002, 0x8031, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x7, 0x2) mbind(&(0x7f00005f7000/0x2000)=nil, 0x2000, 0x0, 0x0, 0x6, 0x1) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) rseq(&(0x7f00000006c0)={0x0, 0x0, 0x0, 0x3}, 0x20, 0x0, 0x0) pread64(0xffffffffffffffff, 0x0, 0x0, 0xce2) fsopen(0x0, 0x0) r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r3) ptrace$getregset(0x4211, r3, 0x1, 0x0) 5.898348834s ago: executing program 2 (id=316): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x10, 0x2, &(0x7f0000000040)=ANY=[@ANYBLOB="911046000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) bpf$MAP_CREATE(0x0, 0x0, 0x50) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x74, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) sched_setscheduler(0x0, 0x2, 0x0) getpid() syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) r4 = socket(0xa, 0x1, 0x0) fgetxattr(r4, &(0x7f00000000c0)=@known='security.apparmor\x00', 0x0, 0x0) setsockopt$IP_VS_SO_SET_ADD(r4, 0x0, 0x482, &(0x7f0000000040)={0x100000011, @private=0xa010501, 0x0, 0x0, 'none\x00'}, 0x2c) socket$inet(0x2, 0xa, 0xffffffd2) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x5) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) syz_open_dev$MSR(&(0x7f00000001c0), 0x100000000004, 0x0) 5.119081158s ago: executing program 3 (id=317): r0 = openat$smackfs_ipv6host(0xffffff9c, &(0x7f0000000040), 0x2, 0x0) write$smackfs_ipv6host(r0, &(0x7f0000000080)=@l1={{0x3, 0x3a, 0x5, 0x3a, 0x0, 0x3a, 0x5, 0x3a, 0x8001, 0x3a, 0xc, 0x3a, 0xa, 0x3a, 0x3}, 0x20, '(%\''}, 0x9c) 4.838969766s ago: executing program 4 (id=318): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0xc004) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000800)=ANY=[@ANYBLOB="380000004800210028bd7000fddbdf250a008000", @ANYRES32=0x0, @ANYBLOB="0001000014000100ff0a0000000000000000000000000001080002"], 0x38}, 0x1, 0x0, 0x0, 0x4080}, 0x0) syz_80211_inject_frame(0x0, 0x0, 0x10) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002) write(0xffffffffffffffff, &(0x7f0000000040), 0x0) socket$can_raw(0x1d, 0x3, 0x1) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000001ac0), r4) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_DEL_KEY(r6, &(0x7f0000005bc0)={0x0, 0x0, &(0x7f0000005b80)={&(0x7f0000000000)={0x3c, r5, 0x1, 0x70bd27, 0x25dfdbff, {}, [@IEEE802154_ATTR_PAN_ID={0x6, 0x6, 0x2}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000044) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), r7) sendmsg$ETHTOOL_MSG_COALESCE_SET(r7, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010000000000000000001400000008000a00fc00000018000180140002006e657464657673696d300000000000000800080000fcffff08000900fcfc0000080011000000000008000e00800000000800", @ANYRES64=r7], 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x0) r9 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)={0x14, 0x2d, 0x1, 0x0, 0xfffffffc, "", [@nested={0x4}]}, 0x14}], 0x1}, 0x0) capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)) 4.318478788s ago: executing program 2 (id=319): unshare(0x6a040000) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, 0x0, 0x0) r0 = socket$inet_smc(0x2b, 0x1, 0x0) getsockopt$EBT_SO_GET_INIT_INFO(r0, 0x0, 0x82, &(0x7f0000000240)={'filter\x00', 0x0, 0x0, 0x0, [0xf1, 0xfffffffb, 0x7, 0xfee, 0x5, 0x3]}, &(0x7f0000000340)=0x50) sendmsg$ETHTOOL_MSG_CHANNELS_SET(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYRES8=r0, @ANYRES8=r0, @ANYRES32=r0], 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0x10) socket$inet_tcp(0x2, 0x1, 0x0) r1 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x8801, 0x0) writev(r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4) connect$inet6(r2, &(0x7f0000000100)={0xa, 0x0, 0x0, @empty}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000002c0), 0x4) r3 = fsopen(0x0, 0x0) fsmount(r3, 0x0, 0x1) socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000480)={'veth0_to_bond\x00', &(0x7f0000000380)=@ethtool_gstrings={0x1b, 0x6, 0xc0, "c83681a923e7ff50d2cfea4cbcf8decf89fa74e1c938cab981a82d532343d7911a5c2914417fda408b52158ed97ff852253ab6431abcb1e70a7f9a68b78d28293851bc3d307485dba6f8f262f8906eb3b94bb1e0a6e8988d2cf2275efbf6bf8b4af79df6516107d305675db52a5998dfec65af3b25c2a82589e0c6056ee239eaf93a821ae359427b025a8a341a01069c329d9c75fdbad51b73f897b3fd224e5910dd5fe35b2933d52ab4c9a60d8d4d56d22782f14a475906452b0ce723655a52"}}) getdents64(0xffffffffffffffff, 0x0, 0x18) setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x2, &(0x7f00000000c0)=@gcm_128={{0x303}, "7ef1a5c40b6e7755", "1bc73ea871dbd4eef961eb6f8ec50d0f", "e4c2d54b", "922df1725d0b5c04"}, 0x28) setsockopt$inet6_tcp_TLS_TX(r2, 0x6, 0x1, &(0x7f0000000300)=@gcm_128={{0x304}, "d126cc591f55af2c", "9a29fdcb49f3210559e5006c5710f528", "12d9b308", "d4a092cfd1261683"}, 0x28) r4 = socket$inet6(0x10, 0x2, 0x4) sendto$inet6(r4, &(0x7f0000000080)="4c00000012001f15b9409b849ac00a00a5784002000000000000030038c88cc055c5ac27a6c5b068d0bf46d323452536005ad94a461cdbfee9bdb942352359a351d1ec0cffc8792cd8000080", 0x4c, 0x20000000, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000340)={0x0, 0x0}) r5 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r5, 0x3b81, &(0x7f0000000100)={0xc}) r6 = syz_usb_connect$hid(0x5, 0x0, 0x0, 0x0) syz_usb_control_io$hid(r6, 0x0, 0x0) r7 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_opts(r7, 0x0, 0x8000000000000c, &(0x7f0000000600)='u', 0x1) setsockopt$inet_opts(r7, 0x0, 0x8, &(0x7f0000000000)="a8", 0x1) 4.138978092s ago: executing program 3 (id=320): r0 = socket$inet6(0xa, 0x200000000003, 0x87) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, 0x0) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f00000000c0)={0x4, 0xa34, 0x0, 0x7ff, 0x6, 0x270, 0xe, 0x81, 0x0}, &(0x7f0000000100)=0x20) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f0000000140)={r2, 0x1, 0x3, 0x400, 0x1, 0x5}, &(0x7f0000000180)=0x14) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) timer_create(0x1, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000)) timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r3, 0xc0502100, &(0x7f0000000940)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r3, 0x40182103, &(0x7f0000000080)={r4, 0x1, r1, 0x11ffff}) 3.799127067s ago: executing program 1 (id=321): r0 = syz_usb_connect(0x2, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000e5cf01406e0510401c20000000010902120001000000000904"], 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="440000001000810500000000fcdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="14d004003e0000002400128009000100626f6e64000000001400028008001f00ffffff7f0800070092535d98"], 0x44}, 0x1, 0x0, 0x0, 0x20004002}, 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000440)={0x44, &(0x7f0000000400)={0x20, 0x5, 0x3, "2670d1"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200003, 0x0, 0x0, 0x3}) r2 = syz_clone(0x2100, 0x0, 0x0, 0x0, 0x0, 0x0) r3 = syz_pidfd_open(r2, 0x0) process_madvise(r3, 0x0, 0x0, 0x3, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) r5 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f0000000100)={'netdevsim0\x00', &(0x7f0000000000)=@ethtool_channels={0x3d, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff0001, 0xffffffff, 0x1}}) sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={0x6c, 0x0, 0x1, 0x401, 0x0, 0x1a14, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0xffff639c}, @CTA_STATUS={0x8, 0x3, 0x1, 0x0, 0x2400}]}, 0x6c}}, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(0xffffffffffffffff, 0x40605346, 0x0) 3.202154687s ago: executing program 4 (id=322): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000002800), 0x2, 0x0) ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), r2) r4 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000018c0)={'team0\x00', 0x0}) r6 = socket$inet_udp(0x2, 0x2, 0x0) sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000045b9f9df2500000000ee5b01534f8a58216dc89e8d2c42df91b2cf130d47df6ea84e22e8b83167b644b51446e57b6122913d7ab30cfe792afdcc8307a83f339888cf612fd1d7fe72243c68aaab579ff9c1a62b373638c25b9a47553f75bbe23da558ce95558d0feec303b411a4fee116200234dc2b6dfbad0b64b2ed673735a4a342d918420d9c0080705c7c590a8be345f54531566fdfe9b72e7a3b8ec07d87cb9c46d19414c9bfde79181464d78c15b2aaa377dfee435978aaef50553fb852cace75f74df5a068", @ANYRES32=0x0, @ANYBLOB="41000000015001001800128008000100677470000c00028008000100", @ANYRES32=r6, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r5, @ANYBLOB], 0x40}}, 0x2400c080) sendmsg$ETHTOOL_MSG_CHANNELS_GET(r2, &(0x7f0000000e00)={0x0, 0x0, &(0x7f0000000dc0)={&(0x7f0000000cc0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="050625e3709bfedbdfc31100000018000180140002006e657464657673696d30"], 0x2c}, 0x1, 0x0, 0x0, 0x4000}, 0x1040) r7 = eventfd2(0x5, 0x80801) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r7}) close(r7) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000000)={0x1}) dup(r0) sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="18010000", @ANYRES16, @ANYBLOB="010027bd7000fcdbdf250100000014000180080003000300000008000400", @ANYRES32, @ANYBLOB="04000300ac00028054000180080001000300000008000100060000000800010000000000080001000700000008000100080000000800010007000000080001000200000008000100020000000800010002000000080001000800000024000180080001000300000008000100020000000800010000000000080001000000000014000180080001000200000008000100030000001c"], 0x118}, 0x1, 0x0, 0x0, 0x804}, 0x4050) r8 = socket$inet6(0xa, 0x800, 0x3b) r9 = socket$inet6(0xa, 0x3, 0x5) setsockopt$IP6T_SO_SET_REPLACE(r9, 0x29, 0x40, &(0x7f00000014c0)=@raw={'raw\x00', 0x8, 0x3, 0x3d0, 0x0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x458, 0xffffffff, 0xffffffff, 0x458, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x62}, 0x0, 0x200, 0x230, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x430) connect$inet6(r8, &(0x7f0000000200)={0xa, 0x4ea3, 0x0, @loopback}, 0x1c) iopl(0xce) mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000580)=ANY=[]) sendmsg(r8, &(0x7f00000000c0)={0x0, 0x9521, &(0x7f0000000100)=[{&(0x7f0000000000)="2c10", 0xfff2}], 0x1, 0x0, 0x0, 0x2c}, 0x44004) 2.994417264s ago: executing program 4 (id=323): syz_emit_ethernet(0x52, &(0x7f0000000880)=ANY=[], 0x0) r0 = add_key$user(&(0x7f00000002c0), &(0x7f00000023c0)={'syz', 0x0}, &(0x7f0000000280)="d25a9850a9d77f1068109e733e1a6876", 0x10, 0xfffffffffffffffe) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'tunl0\x00', &(0x7f0000000180)={'erspan0\x00', 0x0, 0x0, 0x8000, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x5e55b37311de6d89, 0x0, @loopback, @dev={0xac, 0x14, 0x14, 0x6}}}}}) r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0) syz_emit_ethernet(0x52, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb08004c000078ac1414000a0101004414050300000000000000000a010101000000"], 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="40000000100003040000000000000000", @ANYRES32=0x0, @ANYBLOB="e5fda988000000001800128008000100767469000c000280080004000a01010108000d00"], 0x40}}, 0x0) fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000100)='0.::/', 0x0) r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb0000180200000074cc"], 0x0, 0x1a, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28) sendmmsg$inet(0xffffffffffffffff, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, 0x0}}], 0x1, 0x4040880) ptrace(0x10, r2) ptrace$setregs(0xd, r2, 0x0, &(0x7f00000003c0)="18607651149d7b10b4024fbbdc08899b8f589df2dbb5d7a8d1b36cfab675cb3976ee8100e2878c9cfa178cac130eb046eda93df39ed4b41924dc225ad4028dd63defb87d698be5c749450b350a789dcfc6b2d6a696b5026d1e52f19274566d1da0f353dd65e330ebf71c5e823f2753c5fd76724828ef31b353e71805205c3dceb44cc4c7b3664e29fb") ptrace$getregset(0x4205, r2, 0x2, &(0x7f0000000080)={&(0x7f0000000000)=""/120, 0x78}) ptrace$getregset(0x4204, r2, 0x2, &(0x7f0000000740)={0x0}) r3 = add_key$user(&(0x7f00000001c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000380)="bc5d", 0x2, 0xfffffffffffffffe) r4 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) syz_emit_ethernet(0x1e, &(0x7f0000000240)=ANY=[@ANYBLOB="000000000000f3c225ad5a11000c020000e0020200940b00000000000095"], &(0x7f0000000340)={0x0, 0x3, [0x4f1, 0x88b, 0x44, 0x490]}) r5 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2) ioctl$VIDIOC_S_INPUT(r5, 0xc0045627, &(0x7f0000000400)=0x7bc) keyctl$dh_compute(0x17, &(0x7f0000000140)={r3, r4, r3}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0) add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r8 = dup(r7) ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil}) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x2) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r9, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0) syz_kvm_setup_cpu$x86(r8, r9, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r9, 0xae80, 0x0) 2.810330198s ago: executing program 3 (id=324): r0 = socket$inet6(0xa, 0x200000000003, 0x87) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, 0x0) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f00000000c0)={0x4, 0xa34, 0x0, 0x7ff, 0x6, 0x270, 0xe, 0x81, 0x0}, &(0x7f0000000100)=0x20) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f0000000140)={r2, 0x1, 0x3, 0x400, 0x1, 0x5}, &(0x7f0000000180)=0x14) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r3, 0xc0502100, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r3, 0xc0502100, &(0x7f0000000940)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r3, 0x40182103, &(0x7f0000000080)={r4, 0x1, r1, 0x11ffff}) 2.666002281s ago: executing program 4 (id=325): socket$nl_route(0x10, 0x3, 0x0) r0 = syz_open_dev$dri(&(0x7f0000000100), 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mount(&(0x7f0000000040)=@nullb, 0x0, &(0x7f0000002280)='ext4\x00', 0x8000, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) mknod$loop(&(0x7f0000000140)='./file0\x00', 0x8fff, 0x0) ioprio_set$pid(0x1, 0x0, 0x0) r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000400)='/sys/power/resume', 0x149a82, 0x0) write$cgroup_int(r2, &(0x7f0000000040)=0x1f00, 0x12) ioctl$DRM_IOCTL_SET_VERSION(r0, 0xc0106407, &(0x7f0000000040)={0x8, 0xeb, 0xffffffff, 0x2000}) r3 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000180)={'vxcan1\x00'}) r4 = syz_open_dev$tty1(0xc, 0x4, 0x2) r5 = epoll_create(0x81) epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r4, &(0x7f0000001680)={0x4}) epoll_pwait(r5, &(0x7f00000016c0)=[{}], 0x1, 0x4, 0x0, 0x0) setsockopt$CAN_RAW_ERR_FILTER(r3, 0x65, 0x2, &(0x7f0000000140)=0x1, 0x4) iopl(0x3) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000400)={&(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ff2000/0x3000)=nil, &(0x7f0000fef000/0x3000)=nil, &(0x7f0000ff2000/0x2000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f00000002c0)="30f912731ae08c38c66fe9d12e53c00e1340b8240551b3eb9e26a98e70deaf6e0a86492f7dadd1ae5ad91d290d567aa40227f2a0ac6d87a22d289cbbea9ae271c204fb7c4d3b6fb747af0df723f6a9bb4cbdef77b0cd581c5c01f1447cf7b313032bf9617d8fd5743931c1c4853ee559d66b4987466fcc1fb1336eaa54a30bdeff31c416c2114d225a577be156456d2ac646e1da7db6369e90c88a50ec8238069ce40ae30be9a3b4a48b0a24b3b61c08ed063ff72db90f3faefc43809ce5d6b1bdd966baba0a7eef3c0d3c323066a8dc7b4c4842af6698905f94591f164e59d2d99a893704df9b3c394a2f4d908d6b895da39bee81426d494d", 0xf9, r0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x4004090) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[], 0x7c}}, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a140000000800000000000000000200000214c000000000000000000000000000000000000a000000"], 0x3c}}, 0x0) 2.623637217s ago: executing program 2 (id=326): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000380)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}}, &(0x7f0000000300)='GPL\x00', 0x5, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0, 0x0, 0x3}, 0x18) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000000)={0x14, r2, 0x303, 0x70bd2a}, 0x14}}, 0x0) r3 = syz_usb_connect(0x0, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="1201000014da2108ab12a390eb1e000000010902240001b30000040904410017ff5d810009050f1f01040000000905830300b3"], 0x0) syz_usb_connect$printer(0x3, 0x2d, &(0x7f00000000c0)=ANY=[@ANYBLOB="fb01"], 0x0) syz_usb_ep_write$ath9k_ep2(r3, 0x83, 0x8, &(0x7f00000000c0)=ANY=[]) 2.075495773s ago: executing program 4 (id=327): sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f00000001c0)={0x2, &(0x7f0000000040)=[{0x28, 0x0, 0x0, 0x8b49}, {0x6, 0xb, 0x0, 0x9}]}, 0x10) write$binfmt_aout(r3, &(0x7f0000000000)=ANY=[], 0xfdef) 1.872270988s ago: executing program 3 (id=328): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=@ipv4_newrule={0x2c, 0x20, 0x205, 0x0, 0x1, {0x2, 0x0, 0x20}, [@FRA_GENERIC_POLICY=@FRA_L3MDEV={0x5, 0x13, 0x1}, @FRA_SRC={0x8, 0x2, @local}]}, 0x2c}}, 0x26048880) 1.772853806s ago: executing program 3 (id=329): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x10, 0x2, &(0x7f0000000040)=ANY=[@ANYBLOB="911046000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) bpf$MAP_CREATE(0x0, 0x0, 0x50) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x74, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) socket$nl_rdma(0x10, 0x3, 0x14) sched_setscheduler(0x0, 0x2, 0x0) getpid() syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) r4 = socket(0xa, 0x1, 0x0) fgetxattr(r4, &(0x7f00000000c0)=@known='security.apparmor\x00', 0x0, 0x0) setsockopt$IP_VS_SO_SET_ADD(r4, 0x0, 0x482, &(0x7f0000000040)={0x100000011, @private=0xa010501, 0x0, 0x0, 'none\x00'}, 0x2c) socket$inet(0x2, 0xa, 0xffffffd2) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x5) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) syz_open_dev$MSR(&(0x7f00000001c0), 0x100000000004, 0x0) 798.946242ms ago: executing program 0 (id=330): bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48) r0 = userfaultfd(0x801) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)) fsopen(0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="050000000000000071113b00000000008510000002000000e73113b47e43929ccf01dcdbfc119500a50500000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) r1 = syz_usb_connect(0x0, 0x24, &(0x7f0000000300)=ANY=[@ANYBLOB="1201000003005740ed0b0011c3ec000000010902120001000000000904"], 0x0) syz_usb_control_io(r1, 0x0, &(0x7f0000000080)={0x44, &(0x7f0000000040)=ANY=[@ANYBLOB="00000100000005"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io(r1, 0x0, 0x0) syz_usb_control_io$printer(r1, &(0x7f00000002c0)={0x14, 0x0, 0x0}, &(0x7f00000006c0)={0x34, &(0x7f0000000600)=ANY=[@ANYBLOB="40247a4b53a51e1425f6e797bd4b8c3c274fc154225e56ddd838af0600f0edb32411aca80a6067d8a94a2fbb7625e5ed1538d8a806ecb9e3b5add07310984bfef70360a92d9c44aec8c1a9b888341cb22a99e8faf4183795d52b00e6bd1ae9b6c0ebfb4bc3fc749797099412d98aa70753c26921a07697adbb1b1d7d4265633bc679f5b924e837402aef9fa2b018b3a45d"], &(0x7f0000000380)={0x0, 0xa, 0x1, 0x27}, 0x0, 0x0, 0x0, &(0x7f0000000580)={0x20, 0x0, 0x1, 0x40}}) syz_usb_control_io$printer(r1, 0x0, &(0x7f0000000c00)={0x34, &(0x7f0000000140)=ANY=[@ANYBLOB="40260f000000ee"], 0x0, 0x0, 0x0, 0x0, 0x0}) fchdir(0xffffffffffffffff) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x3) sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) r3 = syz_open_dev$vim2m(&(0x7f0000000340), 0x0, 0x2) r4 = syz_open_dev$tty1(0xc, 0x4, 0x1) r5 = dup(r4) ioctl$TIOCL_SETSEL(r5, 0x541c, &(0x7f0000001b00)={0x2, {0x2, 0x13d, 0x0, 0x8, 0x1001}}) renameat(0xffffffffffffffff, 0x0, r5, &(0x7f0000000240)='./file0\x00') ioctl$vim2m_VIDIOC_ENUM_FMT(r3, 0xc0405602, &(0x7f00000005c0)={0x3, 0x2, 0x2, "0d159fe28bdca5a7951c5861adf99c93ee60aa816c78b6ef1a82e45b0ec1eb6e", 0x3147504d}) syz_emit_ethernet(0x0, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) fchdir(r3) socket$inet_udp(0x2, 0x2, 0x0) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0x2c, 0x2, 0x6, 0x1, 0x6000006, 0x0, {}, [@IPSET_ATTR_TYPENAME={0xe, 0x3, 'bitmap:ip\x00'}, @IPSET_ATTR_REVISION={0x5}]}, 0x2c}}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) dup(0xffffffffffffffff) 492.410465ms ago: executing program 1 (id=331): syz_usb_connect(0x1, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e40010203030902240001a82300000904000002ca744d00090503034d00ff99090805", @ANYRES32], &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]}) r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000)) pwritev2(r0, &(0x7f0000000980)=[{&(0x7f00000014c0)="ba467a0538a2ea6853", 0x9}], 0x1, 0x2, 0x101, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) 0s ago: executing program 3 (id=332): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8c}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mknodat$loop(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1000, 0x1) r3 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000180), 0x0) open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.76' (ED25519) to the list of known hosts. [ 91.548179][ T5806] cgroup: Unknown subsys name 'net' [ 91.681359][ T5806] cgroup: Unknown subsys name 'cpuset' [ 91.691396][ T5806] cgroup: Unknown subsys name 'rlimit' [ 91.920632][ T3166] cfg80211: failed to load regulatory.db Setting up swapspace version 1, size = 127995904 bytes [ 93.593368][ T5806] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 96.535502][ T55] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 96.562343][ T5822] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 96.577852][ T5822] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 96.586143][ T5822] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 96.603519][ T5822] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 96.614352][ T5822] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 96.624098][ T5822] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 96.666941][ T5829] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 96.675928][ T5829] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 96.683435][ T5128] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 96.696453][ T5829] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 96.704791][ T5830] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 96.706813][ T5829] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 96.717396][ T5830] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 96.722202][ T5829] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 96.728619][ T5830] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 96.746757][ T5830] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 96.754586][ T55] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 96.755480][ T5830] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 96.771781][ T5830] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 96.881543][ T5826] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 96.890897][ T5826] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 96.908406][ T5826] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 96.922623][ T5826] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 96.937159][ T5826] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 97.515797][ T5824] chnl_net:caif_netlink_parms(): no params data found [ 97.723197][ T5833] chnl_net:caif_netlink_parms(): no params data found [ 97.957419][ T5824] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.965081][ T5824] bridge0: port 1(bridge_slave_0) entered disabled state [ 97.974238][ T5824] bridge_slave_0: entered allmulticast mode [ 97.982573][ T5824] bridge_slave_0: entered promiscuous mode [ 98.010098][ T5818] chnl_net:caif_netlink_parms(): no params data found [ 98.035939][ T5824] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.045346][ T5824] bridge0: port 2(bridge_slave_1) entered disabled state [ 98.054401][ T5824] bridge_slave_1: entered allmulticast mode [ 98.062349][ T5824] bridge_slave_1: entered promiscuous mode [ 98.154060][ T5827] chnl_net:caif_netlink_parms(): no params data found [ 98.231602][ T5824] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 98.285469][ T5833] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.293959][ T5833] bridge0: port 1(bridge_slave_0) entered disabled state [ 98.302678][ T5833] bridge_slave_0: entered allmulticast mode [ 98.310472][ T5833] bridge_slave_0: entered promiscuous mode [ 98.324255][ T5824] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 98.347023][ T5821] chnl_net:caif_netlink_parms(): no params data found [ 98.390046][ T5833] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.398547][ T5833] bridge0: port 2(bridge_slave_1) entered disabled state [ 98.406092][ T5833] bridge_slave_1: entered allmulticast mode [ 98.414081][ T5833] bridge_slave_1: entered promiscuous mode [ 98.467649][ T5818] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.475616][ T5818] bridge0: port 1(bridge_slave_0) entered disabled state [ 98.484426][ T5818] bridge_slave_0: entered allmulticast mode [ 98.493332][ T5818] bridge_slave_0: entered promiscuous mode [ 98.566417][ T5818] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.574639][ T5818] bridge0: port 2(bridge_slave_1) entered disabled state [ 98.583824][ T5818] bridge_slave_1: entered allmulticast mode [ 98.592323][ T5818] bridge_slave_1: entered promiscuous mode [ 98.620114][ T5824] team0: Port device team_slave_0 added [ 98.663424][ T5833] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 98.678640][ T5833] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 98.693799][ T5824] team0: Port device team_slave_1 added [ 98.718007][ T5830] Bluetooth: hci0: command tx timeout [ 98.796381][ T5830] Bluetooth: hci1: command tx timeout [ 98.796488][ T5826] Bluetooth: hci2: command tx timeout [ 98.812526][ T5824] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 98.821704][ T5824] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 98.852871][ T5824] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 98.877259][ T5826] Bluetooth: hci3: command tx timeout [ 98.888583][ T5827] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.896093][ T5827] bridge0: port 1(bridge_slave_0) entered disabled state [ 98.904076][ T5827] bridge_slave_0: entered allmulticast mode [ 98.911909][ T5827] bridge_slave_0: entered promiscuous mode [ 98.948754][ T5818] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 98.975357][ T5824] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 98.984406][ T5824] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 99.016331][ T5824] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 99.036461][ T5826] Bluetooth: hci4: command tx timeout [ 99.040598][ T5827] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.050624][ T5827] bridge0: port 2(bridge_slave_1) entered disabled state [ 99.058826][ T5827] bridge_slave_1: entered allmulticast mode [ 99.067177][ T5827] bridge_slave_1: entered promiscuous mode [ 99.091979][ T5818] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 99.121594][ T5833] team0: Port device team_slave_0 added [ 99.132516][ T5833] team0: Port device team_slave_1 added [ 99.173693][ T5821] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.185295][ T5821] bridge0: port 1(bridge_slave_0) entered disabled state [ 99.194367][ T5821] bridge_slave_0: entered allmulticast mode [ 99.203311][ T5821] bridge_slave_0: entered promiscuous mode [ 99.233840][ T5818] team0: Port device team_slave_0 added [ 99.273757][ T5821] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.281877][ T5821] bridge0: port 2(bridge_slave_1) entered disabled state [ 99.291927][ T5821] bridge_slave_1: entered allmulticast mode [ 99.301060][ T5821] bridge_slave_1: entered promiscuous mode [ 99.340098][ T5818] team0: Port device team_slave_1 added [ 99.369389][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 99.378508][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 99.408852][ T5833] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 99.425749][ T5827] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 99.481396][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 99.489625][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 99.522815][ T5833] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 99.547585][ T5827] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 99.580491][ T5821] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 99.599382][ T5824] hsr_slave_0: entered promiscuous mode [ 99.606289][ T5824] hsr_slave_1: entered promiscuous mode [ 99.615715][ T5818] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 99.626370][ T5818] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 99.659473][ T5818] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 99.673261][ T5818] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 99.681976][ T5818] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 99.710935][ T5818] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 99.769213][ T5827] team0: Port device team_slave_0 added [ 99.780729][ T5821] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 99.834280][ T5821] team0: Port device team_slave_0 added [ 99.849601][ T5821] team0: Port device team_slave_1 added [ 99.859286][ T5827] team0: Port device team_slave_1 added [ 100.040785][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 100.049016][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 100.081166][ T5827] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 100.115602][ T5833] hsr_slave_0: entered promiscuous mode [ 100.126888][ T5833] hsr_slave_1: entered promiscuous mode [ 100.134754][ T5833] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 100.146114][ T5833] Cannot create hsr debugfs directory [ 100.175922][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 100.184444][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 100.214190][ T5827] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 100.242020][ T5818] hsr_slave_0: entered promiscuous mode [ 100.249967][ T5818] hsr_slave_1: entered promiscuous mode [ 100.258090][ T5818] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 100.266337][ T5818] Cannot create hsr debugfs directory [ 100.274160][ T5821] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 100.282241][ T5821] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 100.315725][ T5821] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 100.373851][ T5821] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 100.385816][ T5821] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 100.419917][ T5821] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 100.607963][ T5827] hsr_slave_0: entered promiscuous mode [ 100.615973][ T5827] hsr_slave_1: entered promiscuous mode [ 100.624303][ T5827] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 100.633519][ T5827] Cannot create hsr debugfs directory [ 100.670442][ T5821] hsr_slave_0: entered promiscuous mode [ 100.678267][ T5821] hsr_slave_1: entered promiscuous mode [ 100.686714][ T5821] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 100.695596][ T5821] Cannot create hsr debugfs directory [ 100.801761][ T5826] Bluetooth: hci0: command tx timeout [ 100.876466][ T5826] Bluetooth: hci1: command tx timeout [ 100.886651][ T5826] Bluetooth: hci2: command tx timeout [ 100.966554][ T5826] Bluetooth: hci3: command tx timeout [ 101.121281][ T5826] Bluetooth: hci4: command tx timeout [ 101.413372][ T5824] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 101.444211][ T5824] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 101.466958][ T5824] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 101.497435][ T5824] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 101.574269][ T5818] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 101.598673][ T5818] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 101.615052][ T5818] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 101.644649][ T5818] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 101.770361][ T5833] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 101.795692][ T5833] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 101.829434][ T5833] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 101.881270][ T5833] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 101.962539][ T5827] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 101.976077][ T5827] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 101.992340][ T5827] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 102.008479][ T5827] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 102.115047][ T5824] 8021q: adding VLAN 0 to HW filter on device bond0 [ 102.171078][ T5821] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 102.202089][ T5824] 8021q: adding VLAN 0 to HW filter on device team0 [ 102.212377][ T5821] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 102.228841][ T5821] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 102.241774][ T5821] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 102.292314][ T64] bridge0: port 1(bridge_slave_0) entered blocking state [ 102.300360][ T64] bridge0: port 1(bridge_slave_0) entered forwarding state [ 102.332412][ T64] bridge0: port 2(bridge_slave_1) entered blocking state [ 102.340024][ T64] bridge0: port 2(bridge_slave_1) entered forwarding state [ 102.362717][ T5818] 8021q: adding VLAN 0 to HW filter on device bond0 [ 102.451099][ T5833] 8021q: adding VLAN 0 to HW filter on device bond0 [ 102.474012][ T5818] 8021q: adding VLAN 0 to HW filter on device team0 [ 102.517832][ T5827] 8021q: adding VLAN 0 to HW filter on device bond0 [ 102.548245][ T53] bridge0: port 1(bridge_slave_0) entered blocking state [ 102.556414][ T53] bridge0: port 1(bridge_slave_0) entered forwarding state [ 102.579406][ T5833] 8021q: adding VLAN 0 to HW filter on device team0 [ 102.608401][ T53] bridge0: port 2(bridge_slave_1) entered blocking state [ 102.616623][ T53] bridge0: port 2(bridge_slave_1) entered forwarding state [ 102.651537][ T5827] 8021q: adding VLAN 0 to HW filter on device team0 [ 102.724315][ T64] bridge0: port 1(bridge_slave_0) entered blocking state [ 102.732171][ T64] bridge0: port 1(bridge_slave_0) entered forwarding state [ 102.744602][ T64] bridge0: port 1(bridge_slave_0) entered blocking state [ 102.757907][ T64] bridge0: port 1(bridge_slave_0) entered forwarding state [ 102.794462][ T64] bridge0: port 2(bridge_slave_1) entered blocking state [ 102.802497][ T64] bridge0: port 2(bridge_slave_1) entered forwarding state [ 102.815945][ T64] bridge0: port 2(bridge_slave_1) entered blocking state [ 102.823728][ T64] bridge0: port 2(bridge_slave_1) entered forwarding state [ 102.877644][ T5826] Bluetooth: hci0: command tx timeout [ 102.948812][ T5818] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 102.960458][ T5826] Bluetooth: hci2: command tx timeout [ 102.960473][ T5830] Bluetooth: hci1: command tx timeout [ 103.036463][ T5830] Bluetooth: hci3: command tx timeout [ 103.073524][ T5833] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 103.198973][ T5830] Bluetooth: hci4: command tx timeout [ 103.223807][ T5824] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 103.322607][ T5821] 8021q: adding VLAN 0 to HW filter on device bond0 [ 103.473756][ T5821] 8021q: adding VLAN 0 to HW filter on device team0 [ 103.569036][ T53] bridge0: port 1(bridge_slave_0) entered blocking state [ 103.578393][ T53] bridge0: port 1(bridge_slave_0) entered forwarding state [ 103.634296][ T5824] veth0_vlan: entered promiscuous mode [ 103.664058][ T1090] bridge0: port 2(bridge_slave_1) entered blocking state [ 103.672609][ T1090] bridge0: port 2(bridge_slave_1) entered forwarding state [ 103.718846][ T5818] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 103.750908][ T5824] veth1_vlan: entered promiscuous mode [ 103.877483][ T5827] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 103.962604][ T5833] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 104.000542][ T5818] veth0_vlan: entered promiscuous mode [ 104.033658][ T5824] veth0_macvtap: entered promiscuous mode [ 104.069326][ T5824] veth1_macvtap: entered promiscuous mode [ 104.115100][ T5818] veth1_vlan: entered promiscuous mode [ 104.195783][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 104.247951][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 104.311543][ T5824] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.331587][ T5824] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.341834][ T5824] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.352838][ T5824] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.379529][ T5833] veth0_vlan: entered promiscuous mode [ 104.448760][ T5833] veth1_vlan: entered promiscuous mode [ 104.491946][ T5818] veth0_macvtap: entered promiscuous mode [ 104.550351][ T5818] veth1_macvtap: entered promiscuous mode [ 104.747398][ T5833] veth0_macvtap: entered promiscuous mode [ 104.773122][ T5818] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 104.788390][ T5818] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 104.810738][ T5818] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 104.854879][ T5833] veth1_macvtap: entered promiscuous mode [ 104.863496][ T1090] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 104.879168][ T1090] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 104.892420][ T5821] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 104.904872][ T5818] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 104.919966][ T5818] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 104.933082][ T5818] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 104.960188][ T5830] Bluetooth: hci0: command tx timeout [ 104.991735][ T5818] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.005789][ T5818] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.021446][ T5818] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.033679][ T5818] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.049701][ T5830] Bluetooth: hci2: command tx timeout [ 105.056502][ T5830] Bluetooth: hci1: command tx timeout [ 105.118468][ T5830] Bluetooth: hci3: command tx timeout [ 105.155782][ T5827] veth0_vlan: entered promiscuous mode [ 105.242314][ T5827] veth1_vlan: entered promiscuous mode [ 105.264219][ T1146] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 105.288525][ T5830] Bluetooth: hci4: command tx timeout [ 105.291602][ T1146] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 105.314685][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 105.334570][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 105.348731][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 105.360481][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 105.375670][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 105.431290][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 105.445608][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 105.461050][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 105.473751][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 105.489248][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 105.534721][ T5833] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.559654][ T5824] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 105.572958][ T5833] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.604742][ T5833] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.622225][ T5833] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.726135][ T1146] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 105.752374][ T1146] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 105.819326][ T5821] veth0_vlan: entered promiscuous mode [ 105.850431][ T5827] veth0_macvtap: entered promiscuous mode [ 105.863137][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 105.877539][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 105.909517][ T5827] veth1_macvtap: entered promiscuous mode [ 105.943629][ T5821] veth1_vlan: entered promiscuous mode [ 106.025090][ T5827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 106.147078][ T5827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 106.178018][ T5827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 106.192865][ T5827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 106.213910][ T5827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 106.265237][ T5827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 106.282642][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 106.388523][ T1207] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 106.410603][ T5827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 106.439151][ T5827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 106.466040][ T5827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 106.513300][ T5827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 106.615743][ T5827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 106.616332][ T1207] usb 1-1: Using ep0 maxpacket: 16 [ 106.731078][ T5827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 107.274973][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 107.373185][ T1207] usb 1-1: config 1 interface 0 altsetting 10 bulk endpoint 0x82 has invalid maxpacket 8 [ 107.401050][ T1207] usb 1-1: config 1 interface 0 altsetting 10 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 107.417857][ T1207] usb 1-1: config 1 interface 0 has no altsetting 0 [ 107.432527][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.472442][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.553737][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 107.573313][ T5827] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.596057][ T1207] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 107.603242][ T5827] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.796981][ T5827] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.817642][ T5827] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.870560][ T1207] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 108.043324][ T5915] Bluetooth: received HCILL_WAKE_UP_IND in state 2 [ 108.167562][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 108.373213][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 108.577307][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 108.734639][ T1207] usb 1-1: Product: î“ⵉ诛ྫ븡沙苗猵溾æ‰âž¶ç®©ë—‘짔崩쉒㺽ഴ꜂碸è‚耜掄í¯é¾’퇃ʀ⧴鉘쮭처ã‡ê„“䓄쩪庴㺎塥࡙談궡㓩藊໗稊꾭éŸï‘‡îŠŠæ½•æ­”㎺Ͷ嗅ꗷ噮뛼é’拮긆湠밡﷢Ƶ港쉾䫘⪢汎袭àµç ’겕낶짓̔٬ୗ꡶㦜엂耔᫪䮪瓳로Դ娌쒥æ»ä‘è¼è°šï–¾ë²žà£²è­—㿈픅껫碤é¡äªã¬‘꛷㘧៬밲ê¤ç–¼ã¸°é£íŸ [ 108.801592][ T5821] veth0_macvtap: entered promiscuous mode [ 108.818174][ T5821] veth1_macvtap: entered promiscuous mode [ 108.857948][ T1335] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.866554][ T1335] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.881249][ T1207] usb 1-1: Manufacturer: á•æš´î¸™Ù¸ä®å°®æ³‡í˜â£´é¸šè»·ã¤Žç­ƒè´ç‘¶é»‘п䉇꩗걑엡‷嶓푻䭙뒈选駰ꧢ轢衹뵹ë¾è½Šá “嚺묤㨰烯⬸é I嫚䣯듘巗æ âœâª±ì²¹å•à¦•ãŽ±å¦‡è¯¾Õ³ã¬‰å“—촇悓봰ֆꢑᶶ᱗묎Ⱝ䮼꿖펄☩鳵뺈쌮ᭌ卵ᦓì–㔬训㫮盛弱뺲䂀ᷯ죫뒠꺤é‹ì»›è²€í­æ•† [ 108.942979][ T1207] usb 1-1: SerialNumber: 睊ⶽ險á¾ê¢°ãµ³ [ 109.142473][ T5821] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 109.174147][ T5821] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 109.192864][ T5821] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 109.210273][ T5821] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 109.236315][ T5821] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 109.256774][ T5821] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 109.287694][ T5821] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 109.308647][ T5821] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 109.329522][ T5821] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 109.496877][ T53] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.537385][ T53] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.665972][ T5821] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 109.687901][ T5821] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 109.703412][ T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!! [ 109.705044][ T5821] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 109.731157][ T5821] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 109.798732][ T5821] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 109.884543][ T5821] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 109.946205][ T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!! [ 110.010606][ T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!! [ 110.073661][ T5821] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 110.073689][ T5821] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 110.075835][ T5821] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 110.091205][ T5821] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.091280][ T5821] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.091313][ T5821] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.091345][ T5821] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.168023][ T5830] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 110.229124][ T64] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.229150][ T64] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.396215][ T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!! [ 110.727029][ T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!! [ 110.756898][ T1207] usb 1-1: can't set config #1, error -71 [ 110.896935][ T1207] usb 1-1: USB disconnect, device number 2 [ 111.147201][ T5929] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 111.176905][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 111.243879][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.288803][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.376450][ T5930] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2507232104 (160462854656 ns) > initial count (93482674304 ns). Using initial count to start timer. [ 111.475726][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.510897][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 112.916324][ T5872] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 113.156281][ T5872] usb 5-1: Using ep0 maxpacket: 16 [ 113.189484][ T5872] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 113.230250][ T5872] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 113.256116][ T5872] usb 5-1: New USB device found, idVendor=04d8, idProduct=f002, bcdDevice= 0.00 [ 113.370888][ T5872] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 113.509288][ T5872] usb 5-1: config 0 descriptor?? [ 113.702269][ T5956] binder: 5949:5956 ioctl c0045627 200000000040 returned -22 [ 114.177985][ T9] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 114.416830][ T9] usb 2-1: Using ep0 maxpacket: 16 [ 114.490286][ T9] usb 2-1: config 1 interface 0 altsetting 10 bulk endpoint 0x82 has invalid maxpacket 8 [ 114.536712][ T9] usb 2-1: config 1 interface 0 altsetting 10 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 114.579156][ T5872] usbhid 5-1:0.0: can't add hid device: -71 [ 114.593769][ T5872] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 114.613179][ T9] usb 2-1: config 1 interface 0 has no altsetting 0 [ 114.693608][ T5872] usb 5-1: USB disconnect, device number 2 [ 114.870685][ T9] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 114.960842][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 115.007831][ T9] usb 2-1: Product: î“ⵉ诛ྫ븡沙苗猵溾æ‰âž¶ç®©ë—‘짔崩쉒㺽ഴ꜂碸è‚耜掄í¯é¾’퇃ʀ⧴鉘쮭처ã‡ê„“䓄쩪庴㺎塥࡙談궡㓩藊໗稊꾭éŸï‘‡îŠŠæ½•æ­”㎺Ͷ嗅ꗷ噮뛼é’拮긆湠밡﷢Ƶ港쉾䫘⪢汎袭àµç ’겕낶짓̔٬ୗ꡶㦜엂耔᫪䮪瓳로Դ娌쒥æ»ä‘è¼è°šï–¾ë²žà£²è­—㿈픅껫碤é¡äªã¬‘꛷㘧៬밲ê¤ç–¼ã¸°é£íŸ [ 115.093474][ T9] usb 2-1: Manufacturer: á•æš´î¸™Ù¸ä®å°®æ³‡í˜â£´é¸šè»·ã¤Žç­ƒè´ç‘¶é»‘п䉇꩗걑엡‷嶓푻䭙뒈选駰ꧢ轢衹뵹ë¾è½Šá “嚺묤㨰烯⬸é I嫚䣯듘巗æ âœâª±ì²¹å•à¦•ãŽ±å¦‡è¯¾Õ³ã¬‰å“—촇悓봰ֆꢑᶶ᱗묎Ⱝ䮼꿖펄☩鳵뺈쌮ᭌ卵ᦓì–㔬训㫮盛弱뺲䂀ᷯ죫뒠꺤é‹ì»›è²€í­æ•† [ 115.172034][ T9] usb 2-1: SerialNumber: 睊ⶽ險á¾ê¢°ãµ³ [ 115.254324][ T5965] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 115.688316][ T5975] FAULT_INJECTION: forcing a failure. [ 115.688316][ T5975] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 115.766497][ T5975] CPU: 0 UID: 0 PID: 5975 Comm: syz.4.18 Not tainted 6.15.0-rc5-syzkaller-00277-g345030986df8 #0 PREEMPT(full) [ 115.766533][ T5975] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 115.766551][ T5975] Call Trace: [ 115.766559][ T5975] [ 115.766574][ T5975] dump_stack_lvl+0x189/0x250 [ 115.766621][ T5975] ? __pfx_dump_stack_lvl+0x10/0x10 [ 115.766650][ T5975] ? __pfx__printk+0x10/0x10 [ 115.766700][ T5975] should_fail_ex+0x414/0x560 [ 115.766740][ T5975] _copy_to_user+0x31/0xb0 [ 115.766771][ T5975] simple_read_from_buffer+0xe1/0x170 [ 115.766852][ T5975] proc_fail_nth_read+0x1df/0x250 [ 115.766877][ T5975] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 115.766902][ T5975] ? rw_verify_area+0x258/0x650 [ 115.766930][ T5975] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 115.766953][ T5975] vfs_read+0x1fd/0x980 [ 115.766986][ T5975] ? __pfx___mutex_lock+0x10/0x10 [ 115.767013][ T5975] ? __pfx_vfs_read+0x10/0x10 [ 115.767041][ T5975] ? __fget_files+0x2a/0x420 [ 115.767078][ T5975] ? __fget_files+0x3a0/0x420 [ 115.767108][ T5975] ? __fget_files+0x2a/0x420 [ 115.767150][ T5975] ksys_read+0x145/0x250 [ 115.767176][ T5975] ? __fget_files+0x2a/0x420 [ 115.767208][ T5975] ? __pfx_ksys_read+0x10/0x10 [ 115.767240][ T5975] ? do_syscall_64+0xba/0x210 [ 115.767270][ T5975] do_syscall_64+0xf6/0x210 [ 115.767296][ T5975] ? clear_bhb_loop+0x45/0xa0 [ 115.767322][ T5975] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 115.767343][ T5975] RIP: 0033:0x7fb5b518d37c [ 115.767368][ T5975] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 115.767385][ T5975] RSP: 002b:00007fb5b60d2030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 115.767407][ T5975] RAX: ffffffffffffffda RBX: 00007fb5b53b5fa0 RCX: 00007fb5b518d37c [ 115.767422][ T5975] RDX: 000000000000000f RSI: 00007fb5b60d20a0 RDI: 0000000000000004 [ 115.767434][ T5975] RBP: 00007fb5b60d2090 R08: 0000000000000000 R09: 0000000000000000 [ 115.767447][ T5975] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 115.767458][ T5975] R13: 0000000000000000 R14: 00007fb5b53b5fa0 R15: 00007ffc5d652ce8 [ 115.767491][ T5975] [ 116.372586][ T30] audit: type=1326 audit(1746942332.932:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5976 comm="syz.3.19" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3bfcd8e969 code=0x0 [ 116.399332][ T5982] ptm ptm0: ldisc open failed (-12), clearing slot 0 [ 116.737203][ T5830] Bluetooth: hci1: Malformed LE Event: 0x0d [ 117.795763][ T5992] netlink: 'syz.4.23': attribute type 10 has an invalid length. [ 119.156886][ T9] cdc_ether 2-1:1.0: probe with driver cdc_ether failed with error -71 [ 119.216594][ T9] usb 2-1: USB disconnect, device number 2 [ 119.672661][ T30] audit: type=1326 audit(1746942336.232:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5999 comm="syz.1.26" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaba18e969 code=0x7ffc0000 [ 119.774434][ T30] audit: type=1326 audit(1746942336.232:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5999 comm="syz.1.26" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaba18e969 code=0x7ffc0000 [ 119.816813][ T6005] Zero length message leads to an empty skb [ 119.871879][ T30] audit: type=1326 audit(1746942336.232:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5999 comm="syz.1.26" exe="/root/syz-executor" sig=0 arch=c000003e syscall=136 compat=0 ip=0x7ffaba18e969 code=0x7ffc0000 [ 120.298841][ T30] audit: type=1326 audit(1746942336.232:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5999 comm="syz.1.26" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaba18e969 code=0x7ffc0000 [ 120.514618][ T30] audit: type=1326 audit(1746942336.232:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5999 comm="syz.1.26" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaba18e969 code=0x7ffc0000 [ 120.757059][ T6013] FAULT_INJECTION: forcing a failure. [ 120.757059][ T6013] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 120.771766][ T6013] CPU: 1 UID: 0 PID: 6013 Comm: syz.4.27 Not tainted 6.15.0-rc5-syzkaller-00277-g345030986df8 #0 PREEMPT(full) [ 120.771795][ T6013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 120.771812][ T6013] Call Trace: [ 120.771820][ T6013] [ 120.771829][ T6013] dump_stack_lvl+0x189/0x250 [ 120.771872][ T6013] ? __lock_acquire+0xaac/0xd20 [ 120.771902][ T6013] ? __pfx_dump_stack_lvl+0x10/0x10 [ 120.771929][ T6013] ? __pfx__printk+0x10/0x10 [ 120.771960][ T6013] ? __might_fault+0xb0/0x130 [ 120.772005][ T6013] should_fail_ex+0x414/0x560 [ 120.772042][ T6013] _copy_from_iter+0x1db/0x15a0 [ 120.772077][ T6013] ? is_bpf_text_address+0x26/0x2b0 [ 120.772105][ T6013] ? __pfx__copy_from_iter+0x10/0x10 [ 120.772129][ T6013] ? file_tty_write+0x2a6/0x990 [ 120.772161][ T6013] ? file_tty_write+0x2e6/0x990 [ 120.772191][ T6013] ? rcu_is_watching+0x15/0xb0 [ 120.772221][ T6013] ? kfree+0x4d/0x440 [ 120.772255][ T6013] file_tty_write+0x484/0x990 [ 120.772296][ T6013] vfs_write+0x548/0xa90 [ 120.772328][ T6013] ? __pfx_tty_write+0x10/0x10 [ 120.772359][ T6013] ? __pfx_vfs_write+0x10/0x10 [ 120.772405][ T6013] ? __fget_files+0x2a/0x420 [ 120.772446][ T6013] ksys_write+0x145/0x250 [ 120.772475][ T6013] ? __pfx_ksys_write+0x10/0x10 [ 120.772507][ T6013] ? do_syscall_64+0xba/0x210 [ 120.772536][ T6013] do_syscall_64+0xf6/0x210 [ 120.772560][ T6013] ? asm_sysvec_reschedule_ipi+0x1a/0x20 [ 120.772580][ T6013] ? clear_bhb_loop+0x45/0xa0 [ 120.772605][ T6013] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 120.772624][ T6013] RIP: 0033:0x7fb5b518e969 [ 120.772651][ T6013] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 120.772667][ T6013] RSP: 002b:00007fb5b6090038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 120.772693][ T6013] RAX: ffffffffffffffda RBX: 00007fb5b53b6160 RCX: 00007fb5b518e969 [ 120.772707][ T6013] RDX: 000000000000096d RSI: 0000200000001040 RDI: 0000000000000007 [ 120.772720][ T6013] RBP: 00007fb5b6090090 R08: 0000000000000000 R09: 0000000000000000 [ 120.772732][ T6013] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 120.772744][ T6013] R13: 0000000000000000 R14: 00007fb5b53b6160 R15: 00007ffc5d652ce8 [ 120.772776][ T6013] [ 121.919823][ T30] audit: type=1326 audit(1746942336.262:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5999 comm="syz.1.26" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7ffaba18e969 code=0x7ffc0000 [ 122.171147][ T30] audit: type=1326 audit(1746942336.262:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5999 comm="syz.1.26" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7ffaba18e9a3 code=0x7ffc0000 [ 122.782128][ T30] audit: type=1326 audit(1746942336.262:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5999 comm="syz.1.26" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7ffaba18e9a3 code=0x7ffc0000 [ 122.855785][ T6019] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 122.894209][ T30] audit: type=1326 audit(1746942336.262:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5999 comm="syz.1.26" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaba18e969 code=0x7ffc0000 [ 122.939076][ T6019] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 122.986713][ T30] audit: type=1326 audit(1746942336.262:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5999 comm="syz.1.26" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaba18e969 code=0x7ffc0000 [ 123.112848][ T6019] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 123.171690][ T30] audit: type=1326 audit(1746942336.282:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5999 comm="syz.1.26" exe="/root/syz-executor" sig=0 arch=c000003e syscall=427 compat=0 ip=0x7ffaba18e969 code=0x7ffc0000 [ 123.232004][ T6019] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 123.266571][ T30] audit: type=1326 audit(1746942336.282:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5999 comm="syz.1.26" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaba18e969 code=0x7ffc0000 [ 123.297057][ T6019] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 123.342842][ T6019] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 123.388372][ T6019] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 123.399247][ T6019] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 123.422479][ T6032] FAULT_INJECTION: forcing a failure. [ 123.422479][ T6032] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 123.447120][ T6032] CPU: 1 UID: 0 PID: 6032 Comm: syz.2.33 Not tainted 6.15.0-rc5-syzkaller-00277-g345030986df8 #0 PREEMPT(full) [ 123.447158][ T6032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 123.447169][ T6032] Call Trace: [ 123.447176][ T6032] [ 123.447190][ T6032] dump_stack_lvl+0x189/0x250 [ 123.447297][ T6032] ? __lock_acquire+0xaac/0xd20 [ 123.447328][ T6032] ? __pfx_dump_stack_lvl+0x10/0x10 [ 123.447356][ T6032] ? __pfx__printk+0x10/0x10 [ 123.447387][ T6032] ? __might_fault+0xb0/0x130 [ 123.447431][ T6032] should_fail_ex+0x414/0x560 [ 123.447477][ T6032] _copy_from_user+0x2d/0xb0 [ 123.447506][ T6032] kstrtouint_from_user+0xc4/0x170 [ 123.447530][ T6032] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 123.447569][ T6032] proc_fail_nth_write+0x88/0x240 [ 123.447589][ T6032] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 123.447615][ T6032] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 123.447637][ T6032] vfs_write+0x27b/0xa90 [ 123.447673][ T6032] ? __pfx_vfs_write+0x10/0x10 [ 123.447700][ T6032] ? __fget_files+0x2a/0x420 [ 123.447734][ T6032] ? __fget_files+0x3a0/0x420 [ 123.447762][ T6032] ? __fget_files+0x2a/0x420 [ 123.447799][ T6032] ksys_write+0x145/0x250 [ 123.447824][ T6032] ? __fget_files+0x2a/0x420 [ 123.447854][ T6032] ? __pfx_ksys_write+0x10/0x10 [ 123.447883][ T6032] ? do_syscall_64+0xba/0x210 [ 123.447911][ T6032] do_syscall_64+0xf6/0x210 [ 123.447935][ T6032] ? clear_bhb_loop+0x45/0xa0 [ 123.447960][ T6032] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 123.447978][ T6032] RIP: 0033:0x7fc46f98d41f [ 123.447997][ T6032] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 123.448013][ T6032] RSP: 002b:00007fc470735030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 123.448033][ T6032] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc46f98d41f [ 123.448047][ T6032] RDX: 0000000000000001 RSI: 00007fc4707350a0 RDI: 0000000000000004 [ 123.448059][ T6032] RBP: 00007fc470735090 R08: 0000000000000000 R09: 0000000000000000 [ 123.448071][ T6032] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 123.448083][ T6032] R13: 0000000000000000 R14: 00007fc46fbb6080 R15: 00007fffc1a52898 [ 123.448113][ T6032] [ 123.468510][ T30] audit: type=1326 audit(1746942336.282:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5999 comm="syz.1.26" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaba18e969 code=0x7ffc0000 [ 123.681722][ T6019] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 123.696132][ T30] audit: type=1326 audit(1746942336.282:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5999 comm="syz.1.26" exe="/root/syz-executor" sig=0 arch=c000003e syscall=426 compat=0 ip=0x7ffaba18e969 code=0x7ffc0000 [ 123.714562][ T5830] Bluetooth: hci2: Malformed LE Event: 0x0d [ 123.782652][ T30] audit: type=1326 audit(1746942336.282:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5999 comm="syz.1.26" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaba18e969 code=0x7ffc0000 [ 123.819502][ T6019] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 123.846032][ T6019] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 123.898974][ T6019] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 123.935873][ T6019] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 123.975686][ T6019] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 124.048983][ T6019] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 124.086488][ T5830] Bluetooth: hci0: command 0x0c1a tx timeout [ 124.306350][ T24] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 124.596241][ T24] usb 5-1: Using ep0 maxpacket: 16 [ 124.629032][ T24] usb 5-1: config 0 has an invalid interface number: 129 but max is 0 [ 124.668611][ T24] usb 5-1: config 0 has 2 interfaces, different from the descriptor's value: 1 [ 124.826282][ T24] usb 5-1: config 0 has no interface number 1 [ 124.833361][ T24] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 124.909046][ T24] usb 5-1: config 0 interface 129 has no altsetting 0 [ 124.953725][ T24] usb 5-1: New USB device found, idVendor=093a, idProduct=8001, bcdDevice= 0.00 [ 125.012667][ T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 125.100182][ T6040] sctp: failed to load transform for md5: -2 [ 125.107931][ T5811] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 125.179505][ T24] usb 5-1: config 0 descriptor?? [ 125.211015][ T24] usb 5-1: can't set config #0, error -71 [ 125.237281][ T24] usb 5-1: USB disconnect, device number 3 [ 125.276468][ T5830] Bluetooth: hci1: command 0x0c1a tx timeout [ 125.326263][ T5811] usb 2-1: Using ep0 maxpacket: 32 [ 125.346318][ T5811] usb 2-1: config index 0 descriptor too short (expected 35577, got 27) [ 125.366344][ T5811] usb 2-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 125.399755][ T5811] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 125.419865][ T5811] usb 2-1: config 1 has no interface number 0 [ 125.436296][ T5830] Bluetooth: hci2: command 0x0c1a tx timeout [ 125.443891][ T5811] usb 2-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 125.473990][ T5811] usb 2-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 125.525223][ T5811] usb 2-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 125.568165][ T5811] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 125.632012][ T5811] snd_usb_pod 2-1:1.1: Line 6 Pocket POD found [ 125.656842][ T24] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 125.816759][ T6066] Bluetooth: MGMT ver 1.23 [ 125.844733][ T5830] Bluetooth: hci3: command 0x0c1a tx timeout [ 125.996387][ T5830] Bluetooth: hci4: command 0x0c1a tx timeout [ 126.039443][ T5811] snd_usb_pod 2-1:1.1: Line 6 Pocket POD now attached [ 126.075814][ T24] usb 5-1: Using ep0 maxpacket: 8 [ 126.094175][ T24] usb 5-1: too many configurations: 249, using maximum allowed: 8 [ 126.262277][ T5830] Bluetooth: hci0: command 0x0c1a tx timeout [ 126.883495][ T24] usb 5-1: New USB device found, idVendor=055f, idProduct=a800, bcdDevice=b3.ff [ 126.893797][ T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=2 [ 126.944715][ T24] usb 5-1: Product: syz [ 126.974799][ T24] usb 5-1: Manufacturer: syz [ 127.097285][ T24] usb 5-1: SerialNumber: syz [ 127.121626][ T5811] snd_usb_pod 2-1:1.1: line6_send_raw_message_async_part: usb_submit_urb failed (-22) [ 127.156024][ T24] usb 5-1: config 0 descriptor?? [ 127.382260][ T30] kauditd_printk_skb: 8 callbacks suppressed [ 127.382280][ T30] audit: type=1326 audit(1746942343.942:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6076 comm="syz.2.46" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc46f98e969 code=0x0 [ 127.419067][ T5830] Bluetooth: hci1: command 0x0c1a tx timeout [ 127.467949][ T6061] tipc: Started in network mode [ 127.474376][ T6061] tipc: Node identity fe80000000000000000000000000001, cluster identity 4711 [ 127.483646][ T10] usb 2-1: USB disconnect, device number 3 [ 127.493048][ T10] snd_usb_pod 2-1:1.1: Line 6 Pocket POD now disconnected [ 127.494664][ T5830] Bluetooth: hci4: Malformed LE Event: 0x0d [ 127.518806][ T6061] tipc: Enabled bearer , priority 10 [ 127.528455][ T5830] Bluetooth: hci2: command 0x0c1a tx timeout [ 127.570888][ T24] mdc800 5-1:0.0: probe fails -> wrong Number of Configuration [ 127.631334][ T24] usb 5-1: USB disconnect, device number 4 [ 127.930528][ T5830] Bluetooth: hci3: command 0x0c1a tx timeout [ 128.263404][ T5830] Bluetooth: hci4: command 0x0c1a tx timeout [ 128.316322][ T5830] Bluetooth: hci0: command 0x0c1a tx timeout [ 128.725663][ T10] tipc: Node number set to 4269801488 [ 129.088451][ T30] audit: type=1326 audit(1746942345.652:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6093 comm="syz.2.50" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc46f98e969 code=0x0 [ 129.197195][ T5830] Bluetooth: hci4: Malformed LE Event: 0x0d [ 129.436585][ T5830] Bluetooth: hci1: command 0x0c1a tx timeout [ 129.606488][ T5830] Bluetooth: hci2: command 0x0c1a tx timeout [ 129.996565][ T5830] Bluetooth: hci3: command 0x0c1a tx timeout [ 130.051822][ T5872] libceph: connect (1)[c::]:6789 error -101 [ 130.085198][ T5872] libceph: mon0 (1)[c::]:6789 connect error [ 130.114087][ T6099] ceph: No mds server is up or the cluster is laggy [ 130.318754][ T5830] Bluetooth: hci4: command 0x0c1a tx timeout [ 130.336294][ T9] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 130.393366][ T5811] libceph: connect (1)[c::]:6789 error -101 [ 130.425269][ T5811] libceph: mon0 (1)[c::]:6789 connect error [ 130.470203][ T5811] libceph: connect (1)[c::]:6789 error -101 [ 130.504878][ T5811] libceph: mon0 (1)[c::]:6789 connect error [ 130.516421][ T9] usb 5-1: Using ep0 maxpacket: 16 [ 130.603206][ T6119] warning: `syz.1.56' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 130.638287][ T6119] netlink: 36 bytes leftover after parsing attributes in process `syz.1.56'. [ 130.830069][ T5811] libceph: connect (1)[c::]:6789 error -101 [ 131.150219][ T9] usb 5-1: config 0 has an invalid interface number: 129 but max is 0 [ 131.156568][ T5811] libceph: mon0 (1)[c::]:6789 connect error [ 131.191223][ T9] usb 5-1: config 0 has 2 interfaces, different from the descriptor's value: 1 [ 131.255819][ T9] usb 5-1: config 0 has no interface number 1 [ 131.270234][ T9] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 131.326939][ T9] usb 5-1: config 0 interface 129 has no altsetting 0 [ 131.365892][ T9] usb 5-1: New USB device found, idVendor=093a, idProduct=8001, bcdDevice= 0.00 [ 131.402236][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 131.442487][ T9] usb 5-1: config 0 descriptor?? [ 131.471189][ T9] usbhid 5-1:0.0: couldn't find an input interrupt endpoint [ 131.697600][ T5811] libceph: connect (1)[c::]:6789 error -101 [ 131.704319][ T5811] libceph: mon0 (1)[c::]:6789 connect error [ 132.511616][ T6108] ceph: No mds server is up or the cluster is laggy [ 132.694490][ T5872] libceph: connect (1)[c::]:6789 error -101 [ 132.741208][ T5872] libceph: mon0 (1)[c::]:6789 connect error [ 132.904472][ T5811] libceph: connect (1)[c::]:6789 error -101 [ 132.933234][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.955294][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.013406][ T5811] libceph: mon0 (1)[c::]:6789 connect error [ 133.035343][ T9] libceph: connect (1)[c::]:6789 error -101 [ 133.046789][ T9] libceph: mon0 (1)[c::]:6789 connect error [ 133.333937][ T9] usb 5-1: USB disconnect, device number 5 [ 133.580297][ T1207] libceph: connect (1)[c::]:6789 error -101 [ 133.590696][ T30] audit: type=1326 audit(1746942350.132:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6146 comm="syz.4.60" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb5b518e969 code=0x0 [ 133.618912][ T1207] libceph: mon0 (1)[c::]:6789 connect error [ 133.672758][ T5830] Bluetooth: hci3: Malformed LE Event: 0x0d [ 133.786087][ T6136] ceph: No mds server is up or the cluster is laggy [ 134.976371][ T10] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 135.198932][ T10] usb 3-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47 [ 135.258300][ T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 135.583478][ T10] usb 3-1: config 0 descriptor?? [ 135.594079][ T10] gspca_main: STV06xx-2.14.0 probing 046d:0870 [ 135.653112][ T24] libceph: connect (1)[c::]:6789 error -101 [ 135.665255][ T24] libceph: mon0 (1)[c::]:6789 connect error [ 135.936773][ T24] libceph: connect (1)[c::]:6789 error -101 [ 135.953681][ T24] libceph: mon0 (1)[c::]:6789 connect error [ 136.092331][ T6167] ceph: No mds server is up or the cluster is laggy [ 136.653906][ T6180] fuse: Bad value for 'fd' [ 136.701576][ T6159] dvmrp6: entered allmulticast mode [ 136.921914][ T6182] netlink: 36 bytes leftover after parsing attributes in process `syz.1.69'. [ 137.286504][ T5872] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 137.489927][ T10] usb 3-1: USB disconnect, device number 2 [ 137.546767][ T24] usb 5-1: new full-speed USB device number 6 using dummy_hcd [ 137.576328][ T5872] usb 4-1: Using ep0 maxpacket: 16 [ 137.584646][ T5872] usb 4-1: config 0 has an invalid interface number: 129 but max is 0 [ 137.599374][ T5872] usb 4-1: config 0 has 2 interfaces, different from the descriptor's value: 1 [ 137.615301][ T5872] usb 4-1: config 0 has no interface number 1 [ 137.633418][ T5872] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 137.671820][ T5872] usb 4-1: config 0 interface 129 has no altsetting 0 [ 137.690271][ T5872] usb 4-1: New USB device found, idVendor=093a, idProduct=8001, bcdDevice= 0.00 [ 137.706270][ T5872] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 137.724250][ T5872] usb 4-1: config 0 descriptor?? [ 137.729071][ T24] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 137.753938][ T5872] usbhid 4-1:0.0: couldn't find an input interrupt endpoint [ 137.781702][ T24] usb 5-1: config 0 has no interfaces? [ 137.812122][ T24] usb 5-1: New USB device found, idVendor=06cd, idProduct=0121, bcdDevice=dd.3d [ 137.834646][ T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 137.861196][ T24] usb 5-1: Product: syz [ 137.881049][ T24] usb 5-1: Manufacturer: syz [ 137.896448][ T24] usb 5-1: SerialNumber: syz [ 137.917042][ T24] usb 5-1: config 0 descriptor?? [ 139.715986][ T6194] syz.1.73 uses obsolete (PF_INET,SOCK_PACKET) [ 139.795562][ T30] audit: type=1326 audit(1746942356.052:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6200 comm="syz.2.74" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc46f98e969 code=0x0 [ 140.968874][ T5830] Bluetooth: hci4: Malformed LE Event: 0x0d [ 141.879285][ T9] usb 4-1: USB disconnect, device number 2 [ 142.583634][ T5872] usb 5-1: USB disconnect, device number 6 [ 144.913199][ T6229] fuse: Bad value for 'fd' [ 145.438994][ T6237] netlink: 36 bytes leftover after parsing attributes in process `syz.4.83'. [ 146.276642][ T30] audit: type=1326 audit(1746942362.832:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6239 comm="syz.1.85" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaba18e969 code=0x7ffc0000 [ 146.323526][ T30] audit: type=1326 audit(1746942362.842:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6239 comm="syz.1.85" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaba18e969 code=0x7ffc0000 [ 146.399442][ T30] audit: type=1326 audit(1746942362.842:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6239 comm="syz.1.85" exe="/root/syz-executor" sig=0 arch=c000003e syscall=136 compat=0 ip=0x7ffaba18e969 code=0x7ffc0000 [ 146.493165][ T30] audit: type=1326 audit(1746942362.842:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6239 comm="syz.1.85" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaba18e969 code=0x7ffc0000 [ 146.579456][ T30] audit: type=1326 audit(1746942362.842:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6239 comm="syz.1.85" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7ffaba18e969 code=0x7ffc0000 [ 146.666531][ T30] audit: type=1326 audit(1746942362.842:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6239 comm="syz.1.85" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7ffaba18e9a3 code=0x7ffc0000 [ 147.054086][ T30] audit: type=1326 audit(1746942362.842:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6239 comm="syz.1.85" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7ffaba18e9a3 code=0x7ffc0000 [ 147.182951][ T30] audit: type=1326 audit(1746942362.842:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6239 comm="syz.1.85" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaba18e969 code=0x7ffc0000 [ 147.296707][ T30] audit: type=1326 audit(1746942362.882:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6239 comm="syz.1.85" exe="/root/syz-executor" sig=0 arch=c000003e syscall=427 compat=0 ip=0x7ffaba18e969 code=0x7ffc0000 [ 147.413892][ T30] audit: type=1326 audit(1746942362.882:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6239 comm="syz.1.85" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaba18e969 code=0x7ffc0000 [ 147.488876][ T5830] Bluetooth: hci3: Malformed LE Event: 0x0d [ 147.506831][ T3166] usb 4-1: new full-speed USB device number 3 using dummy_hcd [ 147.678297][ T3166] usb 4-1: config 0 has an invalid interface number: 133 but max is 0 [ 147.697578][ T3166] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 147.747521][ T3166] usb 4-1: config 0 has no interface number 0 [ 147.781719][ T3166] usb 4-1: New USB device found, idVendor=06cd, idProduct=0121, bcdDevice=dd.3d [ 147.796642][ T3166] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 147.848893][ T3166] usb 4-1: Product: syz [ 147.854949][ T3166] usb 4-1: Manufacturer: syz [ 147.877212][ T3166] usb 4-1: SerialNumber: syz [ 147.894001][ T3166] usb 4-1: config 0 descriptor?? [ 148.566724][ T3166] keyspan 4-1:0.133: Keyspan 1 port adapter converter detected [ 148.606765][ T6260] fuse: Unknown parameter '0x0000000000000004' [ 148.629523][ T3166] keyspan 4-1:0.133: found no endpoint descriptor for endpoint 82 [ 148.668307][ T6263] 9pnet_fd: Insufficient options for proto=fd [ 148.698017][ T3166] keyspan 4-1:0.133: found no endpoint descriptor for endpoint 81 [ 148.753196][ T3166] keyspan 4-1:0.133: found no endpoint descriptor for endpoint 1 [ 148.795896][ T3166] keyspan 4-1:0.133: found no endpoint descriptor for endpoint 2 [ 148.875686][ T3166] usb 4-1: Keyspan 1 port adapter converter now attached to ttyUSB0 [ 149.173223][ T3166] usb 4-1: USB disconnect, device number 3 [ 149.207914][ T3166] keyspan_1 ttyUSB0: Keyspan 1 port adapter converter now disconnected from ttyUSB0 [ 149.257050][ T3166] keyspan 4-1:0.133: device disconnected [ 150.114394][ T6277] netlink: 36 bytes leftover after parsing attributes in process `syz.3.98'. [ 151.035324][ T6281] xt_nat: multiple ranges no longer supported [ 152.880194][ T6304] fuse: Unknown parameter '0x0000000000000004' [ 153.143031][ T30] kauditd_printk_skb: 38 callbacks suppressed [ 153.143050][ T30] audit: type=1326 audit(1746942369.702:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6306 comm="syz.3.106" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3bfcd8e969 code=0x0 [ 153.175085][ T6309] 9pnet_fd: Insufficient options for proto=fd [ 153.329447][ T5830] Bluetooth: hci1: Malformed LE Event: 0x0d [ 154.438485][ T5811] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 154.739862][ T5811] usb 1-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94 [ 155.381385][ T5811] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 155.519923][ T6320] uprobe: syz.4.111:6320 failed to unregister, leaking uprobe [ 155.536217][ T5811] usb 1-1: config 0 descriptor?? [ 155.848439][ T6328] netlink: 36 bytes leftover after parsing attributes in process `syz.4.114'. [ 155.923599][ T5872] usb 1-1: USB disconnect, device number 3 [ 155.966487][ T30] audit: type=1326 audit(1746942372.502:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6325 comm="syz.1.113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaba18e969 code=0x7ffc0000 [ 156.024678][ T30] audit: type=1326 audit(1746942372.502:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6325 comm="syz.1.113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaba18e969 code=0x7ffc0000 [ 156.053503][ T30] audit: type=1326 audit(1746942372.502:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6325 comm="syz.1.113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=136 compat=0 ip=0x7ffaba18e969 code=0x7ffc0000 [ 156.103077][ T30] audit: type=1326 audit(1746942372.502:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6325 comm="syz.1.113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaba18e969 code=0x7ffc0000 [ 156.199146][ T30] audit: type=1326 audit(1746942372.502:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6325 comm="syz.1.113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaba18e969 code=0x7ffc0000 [ 156.241182][ T30] audit: type=1326 audit(1746942372.502:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6325 comm="syz.1.113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7ffaba18e969 code=0x7ffc0000 [ 156.265986][ T30] audit: type=1326 audit(1746942372.502:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6325 comm="syz.1.113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7ffaba18e9a3 code=0x7ffc0000 [ 156.299063][ T30] audit: type=1326 audit(1746942372.512:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6325 comm="syz.1.113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7ffaba18e9a3 code=0x7ffc0000 [ 156.325919][ T30] audit: type=1326 audit(1746942372.512:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6325 comm="syz.1.113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaba18e969 code=0x7ffc0000 [ 156.669414][ T6336] fuse: Unknown parameter '0x0000000000000004' [ 156.802202][ T6342] 9pnet_fd: Insufficient options for proto=fd [ 158.065214][ T5830] Bluetooth: hci2: Malformed LE Event: 0x0d [ 159.100466][ T6366] process 'syz.0.126' launched '/dev/fd/5' with NULL argv: empty string added [ 159.910060][ T6371] netlink: 'syz.4.128': attribute type 10 has an invalid length. [ 160.066484][ T24] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 160.327349][ T24] usb 1-1: Using ep0 maxpacket: 16 [ 160.576439][ T10] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 160.645107][ T24] usb 1-1: unable to get BOS descriptor or descriptor too short [ 160.713590][ T24] usb 1-1: unable to read config index 0 descriptor/start: -71 [ 160.932191][ T24] usb 1-1: can't read configurations, error -71 [ 161.227353][ T6372] delete_channel: no stack [ 161.606814][ T10] usb 2-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94 [ 161.662854][ T6380] fuse: Unknown parameter '0x0000000000000004' [ 161.698914][ T6382] netlink: 36 bytes leftover after parsing attributes in process `syz.3.131'. [ 161.711842][ T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 161.735941][ T10] usb 2-1: config 0 descriptor?? [ 161.847760][ T6387] 9pnet_fd: Insufficient options for proto=fd [ 162.066961][ T49] usb 2-1: USB disconnect, device number 4 [ 162.177089][ T6392] input: syz0 as /devices/virtual/input/input5 [ 163.125624][ T30] kauditd_printk_skb: 15 callbacks suppressed [ 163.125644][ T30] audit: type=1326 audit(1746942379.682:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6394 comm="syz.0.136" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7a14b8e969 code=0x0 [ 163.258223][ T5830] Bluetooth: hci2: Malformed LE Event: 0x0d [ 165.174131][ T6416] FAULT_INJECTION: forcing a failure. [ 165.174131][ T6416] name failslab, interval 1, probability 0, space 0, times 0 [ 165.197884][ T6416] CPU: 0 UID: 0 PID: 6416 Comm: syz.1.143 Not tainted 6.15.0-rc5-syzkaller-00277-g345030986df8 #0 PREEMPT(full) [ 165.197916][ T6416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 165.197928][ T6416] Call Trace: [ 165.197936][ T6416] [ 165.197945][ T6416] dump_stack_lvl+0x189/0x250 [ 165.197981][ T6416] ? __pfx_dump_stack_lvl+0x10/0x10 [ 165.198008][ T6416] ? __pfx__printk+0x10/0x10 [ 165.198045][ T6416] ? __pfx___might_resched+0x10/0x10 [ 165.198075][ T6416] ? fs_reclaim_acquire+0x7d/0x100 [ 165.198101][ T6416] should_fail_ex+0x414/0x560 [ 165.198138][ T6416] ? file_tty_write+0x2a6/0x990 [ 165.198167][ T6416] should_failslab+0xa8/0x100 [ 165.198200][ T6416] __kvmalloc_node_noprof+0x168/0x5e0 [ 165.198232][ T6416] ? file_tty_write+0x2a6/0x990 [ 165.198268][ T6416] file_tty_write+0x2a6/0x990 [ 165.198308][ T6416] vfs_write+0x548/0xa90 [ 165.198340][ T6416] ? __pfx_tty_write+0x10/0x10 [ 165.198371][ T6416] ? __pfx_vfs_write+0x10/0x10 [ 165.198408][ T6416] ? __fget_files+0x2a/0x420 [ 165.198448][ T6416] ksys_write+0x145/0x250 [ 165.198473][ T6416] ? rcu_is_watching+0x15/0xb0 [ 165.198524][ T6416] ? __pfx_ksys_write+0x10/0x10 [ 165.198555][ T6416] ? do_syscall_64+0xba/0x210 [ 165.198584][ T6416] do_syscall_64+0xf6/0x210 [ 165.198609][ T6416] ? clear_bhb_loop+0x45/0xa0 [ 165.198634][ T6416] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 165.199012][ T6416] RIP: 0033:0x7ffaba18e969 [ 165.199036][ T6416] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 165.199053][ T6416] RSP: 002b:00007ffabb000038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 165.199085][ T6416] RAX: ffffffffffffffda RBX: 00007ffaba3b5fa0 RCX: 00007ffaba18e969 [ 165.199099][ T6416] RDX: 0000000000000050 RSI: 0000200000000200 RDI: 0000000000000003 [ 165.199116][ T6416] RBP: 00007ffabb000090 R08: 0000000000000000 R09: 0000000000000000 [ 165.199128][ T6416] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 165.199139][ T6416] R13: 0000000000000000 R14: 00007ffaba3b5fa0 R15: 00007ffd83346a48 [ 165.199171][ T6416] [ 165.667682][ T5872] IPVS: starting estimator thread 0... [ 165.756386][ T6418] IPVS: using max 25 ests per chain, 60000 per kthread [ 165.937990][ T6421] netlink: 24 bytes leftover after parsing attributes in process `syz.3.144'. [ 166.970597][ T6426] fuse: Unknown parameter '0x0000000000000004' [ 167.117383][ T6422] uprobe: syz.0.142:6422 failed to unregister, leaking uprobe [ 167.556360][ T9] usb 3-1: new full-speed USB device number 3 using dummy_hcd [ 167.734356][ T6431] 9pnet_fd: Insufficient options for proto=fd [ 167.789920][ T9] usb 3-1: config 0 has an invalid interface number: 133 but max is 0 [ 167.810982][ T9] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 167.877431][ T9] usb 3-1: config 0 has no interface number 0 [ 167.912316][ T9] usb 3-1: New USB device found, idVendor=06cd, idProduct=0121, bcdDevice=dd.3d [ 167.939964][ T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 167.963975][ T9] usb 3-1: Product: syz [ 167.979948][ T6438] netlink: 36 bytes leftover after parsing attributes in process `syz.3.149'. [ 167.991999][ T9] usb 3-1: Manufacturer: syz [ 168.002966][ T9] usb 3-1: SerialNumber: syz [ 168.011930][ T9] usb 3-1: config 0 descriptor?? [ 168.311031][ T6442] netlink: 36 bytes leftover after parsing attributes in process `syz.1.151'. [ 168.425279][ T9] keyspan 3-1:0.133: Keyspan 1 port adapter converter detected [ 168.434399][ T9] keyspan 3-1:0.133: found no endpoint descriptor for endpoint 82 [ 168.442196][ T30] audit: type=1326 audit(1746942385.002:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6443 comm="syz.0.152" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7a14b8e969 code=0x0 [ 168.445193][ T9] keyspan 3-1:0.133: found no endpoint descriptor for endpoint 81 [ 168.474857][ T9] keyspan 3-1:0.133: found no endpoint descriptor for endpoint 1 [ 168.489086][ T9] keyspan 3-1:0.133: found no endpoint descriptor for endpoint 2 [ 168.500759][ T9] usb 3-1: Keyspan 1 port adapter converter now attached to ttyUSB0 [ 168.567083][ T5830] Bluetooth: hci2: Malformed LE Event: 0x0d [ 168.692930][ T49] usb 3-1: USB disconnect, device number 3 [ 168.707020][ T49] keyspan_1 ttyUSB0: Keyspan 1 port adapter converter now disconnected from ttyUSB0 [ 168.725222][ T49] keyspan 3-1:0.133: device disconnected [ 169.575095][ T6454] netlink: 'syz.1.156': attribute type 10 has an invalid length. [ 169.993195][ T6457] fuse: Unknown parameter '0x0000000000000004' [ 170.089373][ T6464] 9pnet_fd: Insufficient options for proto=fd [ 171.245583][ T9] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 171.372859][ T10] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 171.836491][ T9] usb 5-1: Using ep0 maxpacket: 16 [ 171.847737][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 171.870840][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 171.894911][ T9] usb 5-1: New USB device found, idVendor=04d8, idProduct=f002, bcdDevice= 0.00 [ 171.934795][ T10] usb 3-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47 [ 171.950852][ T6480] netlink: 36 bytes leftover after parsing attributes in process `syz.1.164'. [ 171.969043][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 171.980549][ T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 172.003693][ T9] usb 5-1: config 0 descriptor?? [ 172.020946][ T10] usb 3-1: config 0 descriptor?? [ 172.040025][ T10] gspca_main: STV06xx-2.14.0 probing 046d:0870 [ 172.162849][ T6484] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 172.184274][ T6484] FAULT_INJECTION: forcing a failure. [ 172.184274][ T6484] name failslab, interval 1, probability 0, space 0, times 0 [ 172.198349][ T6484] CPU: 1 UID: 0 PID: 6484 Comm: syz.0.166 Not tainted 6.15.0-rc5-syzkaller-00277-g345030986df8 #0 PREEMPT(full) [ 172.198378][ T6484] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 172.198391][ T6484] Call Trace: [ 172.198400][ T6484] [ 172.198409][ T6484] dump_stack_lvl+0x189/0x250 [ 172.198449][ T6484] ? __pfx_dump_stack_lvl+0x10/0x10 [ 172.198477][ T6484] ? __pfx__printk+0x10/0x10 [ 172.198514][ T6484] ? __pfx___might_resched+0x10/0x10 [ 172.198542][ T6484] ? fs_reclaim_acquire+0x7d/0x100 [ 172.198569][ T6484] should_fail_ex+0x414/0x560 [ 172.198605][ T6484] ? __pfx_sock_alloc_inode+0x10/0x10 [ 172.198635][ T6484] should_failslab+0xa8/0x100 [ 172.198666][ T6484] ? __pfx_sock_alloc_inode+0x10/0x10 [ 172.198693][ T6484] kmem_cache_alloc_lru_noprof+0x78/0x3d0 [ 172.198722][ T6484] ? sock_alloc_inode+0x28/0xc0 [ 172.198755][ T6484] ? __pfx_sock_alloc_inode+0x10/0x10 [ 172.198783][ T6484] sock_alloc_inode+0x28/0xc0 [ 172.198812][ T6484] alloc_inode+0x67/0x1b0 [ 172.198843][ T6484] __sock_create+0x12d/0x9f0 [ 172.198873][ T6484] mptcp_subflow_create_socket+0xfd/0xb40 [ 172.198905][ T6484] ? look_up_lock_class+0x74/0x170 [ 172.198933][ T6484] ? __pfx_mptcp_subflow_create_socket+0x10/0x10 [ 172.199008][ T6484] ? __lock_acquire+0xaac/0xd20 [ 172.199042][ T6484] __mptcp_nmpc_sk+0x148/0x750 [ 172.199074][ T6484] ? __pfx___mptcp_nmpc_sk+0x10/0x10 [ 172.199100][ T6484] ? __local_bh_enable_ip+0x12d/0x1c0 [ 172.199130][ T6484] ? lockdep_hardirqs_on+0x9c/0x150 [ 172.199153][ T6484] ? __local_bh_enable_ip+0x12d/0x1c0 [ 172.199185][ T6484] mptcp_sendmsg_fastopen+0xd4/0x580 [ 172.199218][ T6484] mptcp_sendmsg+0x1773/0x1980 [ 172.199252][ T6484] ? __pfx_smack_socket_sendmsg+0x10/0x10 [ 172.199298][ T6484] ? __pfx_mptcp_sendmsg+0x10/0x10 [ 172.199323][ T6484] ? sock_rps_record_flow+0x19/0x400 [ 172.199354][ T6484] ? inet_sendmsg+0x2f4/0x370 [ 172.199385][ T6484] __sock_sendmsg+0x19c/0x270 [ 172.199419][ T6484] ____sys_sendmsg+0x505/0x830 [ 172.199451][ T6484] ? __pfx_____sys_sendmsg+0x10/0x10 [ 172.199486][ T6484] ? import_iovec+0x74/0xa0 [ 172.199517][ T6484] ___sys_sendmsg+0x21f/0x2a0 [ 172.199543][ T6484] ? __pfx____sys_sendmsg+0x10/0x10 [ 172.199608][ T6484] ? __fget_files+0x2a/0x420 [ 172.199636][ T6484] ? __fget_files+0x3a0/0x420 [ 172.199677][ T6484] __x64_sys_sendmsg+0x19b/0x260 [ 172.199705][ T6484] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 172.199749][ T6484] ? do_syscall_64+0xba/0x210 [ 172.199777][ T6484] do_syscall_64+0xf6/0x210 [ 172.199802][ T6484] ? clear_bhb_loop+0x45/0xa0 [ 172.199826][ T6484] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 172.199846][ T6484] RIP: 0033:0x7f7a14b8e969 [ 172.199865][ T6484] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 172.199882][ T6484] RSP: 002b:00007f7a159c4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 172.199904][ T6484] RAX: ffffffffffffffda RBX: 00007f7a14db5fa0 RCX: 00007f7a14b8e969 [ 172.199918][ T6484] RDX: 0000000034004000 RSI: 0000200000000240 RDI: 0000000000000003 [ 172.199931][ T6484] RBP: 00007f7a159c4090 R08: 0000000000000000 R09: 0000000000000000 [ 172.199943][ T6484] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 172.199954][ T6484] R13: 0000000000000000 R14: 00007f7a14db5fa0 R15: 00007ffda8837108 [ 172.200012][ T6484] [ 172.200025][ T6484] socket: no more sockets [ 172.710285][ T9] usbhid 5-1:0.0: can't add hid device: -71 [ 172.725352][ T9] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 172.752488][ T9] usb 5-1: USB disconnect, device number 7 [ 174.341450][ T30] audit: type=1326 audit(1746942390.902:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6488 comm="syz.0.169" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7a14b8e969 code=0x0 [ 174.498597][ T5830] Bluetooth: hci2: Malformed LE Event: 0x0d [ 174.535523][ T10] usb 3-1: USB disconnect, device number 4 [ 174.547301][ T6495] netlink: 'syz.1.170': attribute type 10 has an invalid length. [ 175.362632][ T6503] fuse: Unknown parameter 'fd0x0000000000000004' [ 176.120642][ T6510] bridge_slave_0: left allmulticast mode [ 176.127581][ T6510] bridge_slave_0: left promiscuous mode [ 176.136715][ T6510] bridge0: port 1(bridge_slave_0) entered disabled state [ 176.195526][ T6511] netlink: 76 bytes leftover after parsing attributes in process `syz.0.175'. [ 176.219970][ T6509] 9pnet_fd: Insufficient options for proto=fd [ 176.248000][ T6510] bridge_slave_1: left allmulticast mode [ 176.253688][ T6510] bridge_slave_1: left promiscuous mode [ 176.307404][ T6510] bridge0: port 2(bridge_slave_1) entered disabled state [ 176.308362][ T6512] netlink: 'syz.0.175': attribute type 10 has an invalid length. [ 176.341048][ T6510] bond0: (slave bond_slave_0): Releasing backup interface [ 176.475544][ T6510] bond0: (slave bond_slave_1): Releasing backup interface [ 176.583384][ T6510] team0: Port device team_slave_0 removed [ 176.691977][ T6510] team0: Port device team_slave_1 removed [ 176.851198][ T6520] capability: warning: `syz.4.178' uses deprecated v2 capabilities in a way that may be insecure [ 176.917239][ T6510] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 176.928470][ T6510] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 177.800541][ T6510] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 177.859319][ T6526] netlink: 36 bytes leftover after parsing attributes in process `syz.2.179'. [ 177.914646][ T6510] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 178.779228][ T6531] 9pnet_virtio: no channels available for device syz [ 178.920134][ T6512] 8021q: adding VLAN 0 to HW filter on device bond0 [ 178.985529][ T6512] team0: Port device bond0 added [ 179.096442][ T1207] usb 5-1: new full-speed USB device number 8 using dummy_hcd [ 179.236361][ T1207] usb 5-1: device descriptor read/64, error -71 [ 180.285866][ T6512] syz.0.175 (6512) used greatest stack depth: 20200 bytes left [ 180.312437][ T6539] fuse: Unknown parameter 'fd0x0000000000000004' [ 180.326498][ T1207] usb 5-1: new full-speed USB device number 9 using dummy_hcd [ 180.487997][ T1207] usb 5-1: device descriptor read/64, error -71 [ 181.085924][ T1207] usb usb5-port1: attempt power cycle [ 181.103091][ T6545] 9pnet_fd: Insufficient options for proto=fd [ 181.548286][ T1207] usb 5-1: new full-speed USB device number 10 using dummy_hcd [ 182.420202][ T1207] usb 5-1: device descriptor read/8, error -71 [ 182.496933][ T6546] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 182.570988][ T6546] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 182.579488][ T30] audit: type=1326 audit(1746942399.142:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6557 comm="syz.0.191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a14b8e969 code=0x7ffc0000 [ 182.616600][ T6546] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 182.631658][ T6546] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 182.651458][ T6546] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 182.716382][ T5830] Bluetooth: hci0: command 0x0c1a tx timeout [ 182.813143][ T30] audit: type=1326 audit(1746942399.172:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6557 comm="syz.0.191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a14b8e969 code=0x7ffc0000 [ 182.847873][ T30] audit: type=1326 audit(1746942399.172:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6557 comm="syz.0.191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=136 compat=0 ip=0x7f7a14b8e969 code=0x7ffc0000 [ 182.870204][ T30] audit: type=1326 audit(1746942399.172:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6557 comm="syz.0.191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a14b8e969 code=0x7ffc0000 [ 182.922780][ T30] audit: type=1326 audit(1746942399.172:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6557 comm="syz.0.191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f7a14b8e969 code=0x7ffc0000 [ 182.945308][ T30] audit: type=1326 audit(1746942399.172:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6557 comm="syz.0.191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f7a14b8e9a3 code=0x7ffc0000 [ 182.972237][ T30] audit: type=1326 audit(1746942399.172:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6557 comm="syz.0.191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f7a14b8e9a3 code=0x7ffc0000 [ 182.995149][ T30] audit: type=1326 audit(1746942399.182:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6557 comm="syz.0.191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a14b8e969 code=0x7ffc0000 [ 183.025688][ T30] audit: type=1326 audit(1746942399.192:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6557 comm="syz.0.191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a14b8e969 code=0x7ffc0000 [ 183.049687][ T1207] usb 5-1: new full-speed USB device number 11 using dummy_hcd [ 183.058426][ T30] audit: type=1326 audit(1746942399.202:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6557 comm="syz.0.191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=427 compat=0 ip=0x7f7a14b8e969 code=0x7ffc0000 [ 183.086103][ T6564] FAULT_INJECTION: forcing a failure. [ 183.086103][ T6564] name failslab, interval 1, probability 0, space 0, times 0 [ 183.107221][ T6564] CPU: 0 UID: 0 PID: 6564 Comm: syz.1.193 Not tainted 6.15.0-rc5-syzkaller-00277-g345030986df8 #0 PREEMPT(full) [ 183.107256][ T6564] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 183.107269][ T6564] Call Trace: [ 183.107277][ T6564] [ 183.107286][ T6564] dump_stack_lvl+0x189/0x250 [ 183.107324][ T6564] ? __pfx_dump_stack_lvl+0x10/0x10 [ 183.107351][ T6564] ? __pfx__printk+0x10/0x10 [ 183.107386][ T6564] ? __pfx___might_resched+0x10/0x10 [ 183.107416][ T6564] ? fs_reclaim_acquire+0x7d/0x100 [ 183.107444][ T6564] should_fail_ex+0x414/0x560 [ 183.107482][ T6564] should_failslab+0xa8/0x100 [ 183.107516][ T6564] __kmalloc_noprof+0xcb/0x4f0 [ 183.107544][ T6564] ? alloc_pipe_info+0x1fd/0x4d0 [ 183.107577][ T6564] alloc_pipe_info+0x1fd/0x4d0 [ 183.107608][ T6564] splice_direct_to_actor+0xa5d/0xcc0 [ 183.107641][ T6564] ? __lock_acquire+0xaac/0xd20 [ 183.107681][ T6564] ? __lock_acquire+0xaac/0xd20 [ 183.107704][ T6564] ? __pfx_direct_splice_actor+0x10/0x10 [ 183.107732][ T6564] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 183.107772][ T6564] do_splice_direct+0x181/0x270 [ 183.107803][ T6564] ? __pfx_do_splice_direct+0x10/0x10 [ 183.107832][ T6564] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 183.107864][ T6564] ? bpf_lsm_file_permission+0x9/0x20 [ 183.107887][ T6564] ? security_file_permission+0x75/0x290 [ 183.107910][ T6564] ? rw_verify_area+0x258/0x650 [ 183.107940][ T6564] do_sendfile+0x4da/0x7d0 [ 183.107970][ T6564] ? __pfx_do_sendfile+0x10/0x10 [ 183.108004][ T6564] __se_sys_sendfile64+0xd9/0x190 [ 183.108035][ T6564] ? rcu_is_watching+0x15/0xb0 [ 183.108065][ T6564] ? __pfx___se_sys_sendfile64+0x10/0x10 [ 183.108101][ T6564] ? do_syscall_64+0xba/0x210 [ 183.108130][ T6564] do_syscall_64+0xf6/0x210 [ 183.108155][ T6564] ? clear_bhb_loop+0x45/0xa0 [ 183.108180][ T6564] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 183.108208][ T6564] RIP: 0033:0x7ffaba18e969 [ 183.108226][ T6564] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 183.108243][ T6564] RSP: 002b:00007ffabb000038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 183.108264][ T6564] RAX: ffffffffffffffda RBX: 00007ffaba3b5fa0 RCX: 00007ffaba18e969 [ 183.108279][ T6564] RDX: 0000200000000100 RSI: 0000000000000008 RDI: 0000000000000007 [ 183.108291][ T6564] RBP: 00007ffabb000090 R08: 0000000000000000 R09: 0000000000000000 [ 183.108303][ T6564] R10: 0100000000010001 R11: 0000000000000246 R12: 0000000000000001 [ 183.108316][ T6564] R13: 0000000000000000 R14: 00007ffaba3b5fa0 R15: 00007ffd83346a48 [ 183.108347][ T6564] [ 183.115385][ T1207] usb 5-1: config 0 has an invalid interface number: 133 but max is 0 [ 183.398815][ T1207] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 183.409595][ T1207] usb 5-1: config 0 has no interface number 0 [ 183.448915][ T1207] usb 5-1: New USB device found, idVendor=06cd, idProduct=0121, bcdDevice=dd.3d [ 183.458313][ T1207] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 183.478558][ T1207] usb 5-1: Product: syz [ 183.482791][ T1207] usb 5-1: Manufacturer: syz [ 183.510599][ T1207] usb 5-1: SerialNumber: syz [ 183.563690][ T1207] usb 5-1: config 0 descriptor?? [ 183.791903][ T1207] keyspan 5-1:0.133: Keyspan 1 port adapter converter detected [ 183.871334][ T6569] FAULT_INJECTION: forcing a failure. [ 183.871334][ T6569] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 184.086737][ T1207] keyspan 5-1:0.133: found no endpoint descriptor for endpoint 82 [ 184.345136][ T1207] keyspan 5-1:0.133: found no endpoint descriptor for endpoint 81 [ 184.375470][ T6569] CPU: 1 UID: 0 PID: 6569 Comm: syz.0.195 Not tainted 6.15.0-rc5-syzkaller-00277-g345030986df8 #0 PREEMPT(full) [ 184.375501][ T6569] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 184.375513][ T6569] Call Trace: [ 184.375521][ T6569] [ 184.375530][ T6569] dump_stack_lvl+0x189/0x250 [ 184.375567][ T6569] ? __pfx_dump_stack_lvl+0x10/0x10 [ 184.375594][ T6569] ? __pfx__printk+0x10/0x10 [ 184.375638][ T6569] should_fail_ex+0x414/0x560 [ 184.375675][ T6569] _copy_to_user+0x31/0xb0 [ 184.375704][ T6569] simple_read_from_buffer+0xe1/0x170 [ 184.375738][ T6569] proc_fail_nth_read+0x1df/0x250 [ 184.375761][ T6569] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 184.375785][ T6569] ? rw_verify_area+0x258/0x650 [ 184.375808][ T6569] ? rcu_read_unlock_special+0x3fe/0x4c0 [ 184.375830][ T6569] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 184.375851][ T6569] vfs_read+0x1fd/0x980 [ 184.375876][ T6569] ? __pfx_rcu_read_unlock_special+0x10/0x10 [ 184.375903][ T6569] ? __pfx___mutex_lock+0x10/0x10 [ 184.375928][ T6569] ? __pfx_vfs_read+0x10/0x10 [ 184.375957][ T6569] ? __rcu_read_unlock+0x84/0xe0 [ 184.375980][ T6569] ? __fget_files+0x3a0/0x420 [ 184.376009][ T6569] ? __fget_files+0x2a/0x420 [ 184.376047][ T6569] ksys_read+0x145/0x250 [ 184.376070][ T6569] ? rcu_is_watching+0x15/0xb0 [ 184.376098][ T6569] ? __pfx_ksys_read+0x10/0x10 [ 184.376137][ T6569] ? do_syscall_64+0xba/0x210 [ 184.376163][ T6569] do_syscall_64+0xf6/0x210 [ 184.376186][ T6569] ? asm_sysvec_reschedule_ipi+0x1a/0x20 [ 184.376204][ T6569] ? clear_bhb_loop+0x45/0xa0 [ 184.376228][ T6569] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 184.376246][ T6569] RIP: 0033:0x7f7a14b8d37c [ 184.376264][ T6569] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 184.376279][ T6569] RSP: 002b:00007f7a159c4030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 184.376300][ T6569] RAX: ffffffffffffffda RBX: 00007f7a14db5fa0 RCX: 00007f7a14b8d37c [ 184.376314][ T6569] RDX: 000000000000000f RSI: 00007f7a159c40a0 RDI: 0000000000000004 [ 184.376313][ T1207] keyspan 5-1:0.133: found no endpoint descriptor for endpoint 1 [ 184.376327][ T6569] RBP: 00007f7a159c4090 R08: 0000000000000000 R09: 0000000000000000 [ 184.376338][ T6569] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 184.376349][ T6569] R13: 0000000000000000 R14: 00007f7a14db5fa0 R15: 00007ffda8837108 [ 184.376375][ T6569] [ 184.636645][ T5830] Bluetooth: hci3: command 0x0c1a tx timeout [ 184.642767][ T5830] Bluetooth: hci2: command 0x0c1a tx timeout [ 184.656306][ T5826] Bluetooth: hci1: command 0x0c1a tx timeout [ 184.731412][ T5820] Bluetooth: hci4: command 0x0c1a tx timeout [ 184.746685][ T1207] keyspan 5-1:0.133: found no endpoint descriptor for endpoint 2 [ 184.756447][ T1207] usb 5-1: Keyspan 1 port adapter converter now attached to ttyUSB0 [ 184.772022][ T1207] usb 5-1: USB disconnect, device number 11 [ 184.777561][ T6575] fuse: Unknown parameter 'fd0x0000000000000004' [ 184.783338][ T1207] keyspan_1 ttyUSB0: Keyspan 1 port adapter converter now disconnected from ttyUSB0 [ 184.796094][ T1207] keyspan 5-1:0.133: device disconnected [ 186.033302][ T1207] IPVS: starting estimator thread 0... [ 186.244311][ T6589] IPVS: using max 24 ests per chain, 57600 per kthread [ 188.120270][ T6601] netlink: 'syz.1.203': attribute type 10 has an invalid length. [ 189.320488][ T6604] MPI: mpi too large (129928 bits) [ 191.122126][ T30] kauditd_printk_skb: 14 callbacks suppressed [ 191.122145][ T30] audit: type=1326 audit(1746942407.682:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6621 comm="syz.2.209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc46f98e969 code=0x7ffc0000 [ 191.211450][ T30] audit: type=1326 audit(1746942407.682:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6621 comm="syz.2.209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc46f98e969 code=0x7ffc0000 [ 191.234152][ T30] audit: type=1326 audit(1746942407.682:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6621 comm="syz.2.209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=136 compat=0 ip=0x7fc46f98e969 code=0x7ffc0000 [ 191.256070][ T30] audit: type=1326 audit(1746942407.682:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6621 comm="syz.2.209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc46f98e969 code=0x7ffc0000 [ 191.278725][ T30] audit: type=1326 audit(1746942407.682:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6621 comm="syz.2.209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc46f98e969 code=0x7ffc0000 [ 191.301857][ T30] audit: type=1326 audit(1746942407.682:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6621 comm="syz.2.209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7fc46f98e969 code=0x7ffc0000 [ 191.385813][ T30] audit: type=1326 audit(1746942407.692:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6621 comm="syz.2.209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fc46f98e9a3 code=0x7ffc0000 [ 191.408555][ T30] audit: type=1326 audit(1746942407.692:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6621 comm="syz.2.209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fc46f98e9a3 code=0x7ffc0000 [ 191.466615][ T30] audit: type=1326 audit(1746942407.692:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6621 comm="syz.2.209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc46f98e969 code=0x7ffc0000 [ 191.549750][ T30] audit: type=1326 audit(1746942407.692:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6621 comm="syz.2.209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc46f98e969 code=0x7ffc0000 [ 193.326715][ T5811] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 193.506717][ T5811] usb 4-1: Using ep0 maxpacket: 16 [ 193.579263][ T5811] usb 4-1: config 1 interface 0 altsetting 10 bulk endpoint 0x82 has invalid maxpacket 8 [ 193.626483][ T5811] usb 4-1: config 1 interface 0 altsetting 10 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 194.392496][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.399005][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.540250][ T5811] usb 4-1: config 1 interface 0 has no altsetting 0 [ 198.253339][ T5811] usb 4-1: string descriptor 0 read error: -71 [ 198.279282][ T5811] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 198.296385][ T5811] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 198.331966][ T5811] usb 4-1: can't set config #1, error -71 [ 198.358953][ T5811] usb 4-1: USB disconnect, device number 4 [ 201.028787][ T6707] netlink: 'syz.1.226': attribute type 1 has an invalid length. [ 201.252183][ T13] Bluetooth: hci5: Frame reassembly failed (-84) [ 201.403108][ T13] Bluetooth: hci5: Frame reassembly failed (-84) [ 202.486739][ T1207] IPVS: starting estimator thread 0... [ 202.891215][ T6728] IPVS: using max 27 ests per chain, 64800 per kthread [ 203.062279][ T1207] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 203.148754][ T6726] kvm: emulating exchange as write [ 203.266830][ T1207] usb 2-1: Using ep0 maxpacket: 32 [ 203.274457][ T1207] usb 2-1: config 0 has an invalid interface number: 132 but max is 0 [ 203.283132][ T5830] Bluetooth: hci5: command 0x1003 tx timeout [ 203.289531][ T5820] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 203.393428][ T1207] usb 2-1: config 0 has no interface number 0 [ 203.406527][ T1207] usb 2-1: config 0 interface 132 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 203.425944][ T1207] usb 2-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5 [ 203.440442][ T1207] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 203.457130][ T1207] usb 2-1: Product: syz [ 203.461369][ T1207] usb 2-1: Manufacturer: syz [ 203.473938][ T1207] usb 2-1: SerialNumber: syz [ 203.481885][ T1207] usb 2-1: config 0 descriptor?? [ 203.520956][ T1207] em28xx 2-1:0.132: New device syz syz @ 480 Mbps (0413:6023, interface 132, class 132) [ 203.794489][ T1207] em28xx 2-1:0.132: Video interface 132 found: [ 204.010005][ T1207] em28xx 2-1:0.132: unknown em28xx chip ID (0) [ 204.893175][ T1207] em28xx 2-1:0.132: reading from i2c device at 0xa0 failed: couldn't get the received message from the bridge (error=0) [ 204.913574][ T1207] em28xx 2-1:0.132: board has no eeprom [ 206.056261][ T1207] em28xx 2-1:0.132: Identified as Leadtek Winfast USB II (card=7) [ 206.085549][ T1207] em28xx 2-1:0.132: analog set to bulk mode. [ 206.131613][ T10] em28xx 2-1:0.132: Registering V4L2 extension [ 206.569573][ T1207] usb 2-1: USB disconnect, device number 5 [ 206.581793][ T10] em28xx 2-1:0.132: failed to trigger read from i2c address 0x4a (error=-19) [ 206.697805][ T1207] em28xx 2-1:0.132: Disconnecting em28xx [ 207.630936][ T10] em28xx 2-1:0.132: Config register raw data: 0xffffffed [ 207.655075][ T10] em28xx 2-1:0.132: AC97 chip type couldn't be determined [ 207.714143][ T10] em28xx 2-1:0.132: No AC97 audio processor [ 207.743102][ T6774] FAULT_INJECTION: forcing a failure. [ 207.743102][ T6774] name failslab, interval 1, probability 0, space 0, times 0 [ 207.755996][ T6774] CPU: 1 UID: 0 PID: 6774 Comm: syz.1.243 Not tainted 6.15.0-rc5-syzkaller-00277-g345030986df8 #0 PREEMPT(full) [ 207.756024][ T6774] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 207.756037][ T6774] Call Trace: [ 207.756045][ T6774] [ 207.756054][ T6774] dump_stack_lvl+0x189/0x250 [ 207.756090][ T6774] ? __pfx_dump_stack_lvl+0x10/0x10 [ 207.756132][ T6774] ? __pfx__printk+0x10/0x10 [ 207.756165][ T6774] ? __pfx___might_resched+0x10/0x10 [ 207.756194][ T6774] ? fs_reclaim_acquire+0x7d/0x100 [ 207.756221][ T6774] should_fail_ex+0x414/0x560 [ 207.756258][ T6774] should_failslab+0xa8/0x100 [ 207.756290][ T6774] __kmalloc_noprof+0xcb/0x4f0 [ 207.756317][ T6774] ? tomoyo_encode+0x28b/0x550 [ 207.756345][ T6774] tomoyo_encode+0x28b/0x550 [ 207.756376][ T6774] tomoyo_realpath_from_path+0x58d/0x5d0 [ 207.756412][ T6774] ? tomoyo_path_number_perm+0x1bc/0x5a0 [ 207.756433][ T6774] tomoyo_path_number_perm+0x1e8/0x5a0 [ 207.756456][ T6774] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 207.756494][ T6774] ? __lock_acquire+0xaac/0xd20 [ 207.756539][ T6774] ? __fget_files+0x2a/0x420 [ 207.756573][ T6774] ? __fget_files+0x3a0/0x420 [ 207.756601][ T6774] ? __fget_files+0x2a/0x420 [ 207.756634][ T6774] security_file_ioctl+0xcb/0x2d0 [ 207.756660][ T6774] __se_sys_ioctl+0x47/0x170 [ 207.756688][ T6774] do_syscall_64+0xf6/0x210 [ 207.756713][ T6774] ? clear_bhb_loop+0x45/0xa0 [ 207.756738][ T6774] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 207.756757][ T6774] RIP: 0033:0x7ffaba18e969 [ 207.756775][ T6774] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 207.756791][ T6774] RSP: 002b:00007ffabb000038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 207.756812][ T6774] RAX: ffffffffffffffda RBX: 00007ffaba3b5fa0 RCX: 00007ffaba18e969 [ 207.756826][ T6774] RDX: 00002000000002c0 RSI: 0000000000004c0a RDI: 0000000000000003 [ 207.756838][ T6774] RBP: 00007ffabb000090 R08: 0000000000000000 R09: 0000000000000000 [ 207.756850][ T6774] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 207.756862][ T6774] R13: 0000000000000000 R14: 00007ffaba3b5fa0 R15: 00007ffd83346a48 [ 207.756893][ T6774] [ 207.983522][ T10] usb 2-1: Decoder not found [ 207.995630][ T10] em28xx 2-1:0.132: failed to create media graph [ 208.002266][ T10] em28xx 2-1:0.132: V4L2 device video103 deregistered [ 208.023964][ T6774] ERROR: Out of memory at tomoyo_realpath_from_path. [ 208.143324][ T6774] loop2: detected capacity change from 0 to 7 [ 208.149243][ T10] em28xx 2-1:0.132: Remote control support is not available for this card. [ 208.163885][ T6774] Dev loop2: unable to read RDB block 7 [ 208.183128][ T6774] loop2: unable to read partition table [ 208.226386][ T6767] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 208.265942][ T6777] netlink: 8 bytes leftover after parsing attributes in process `syz.3.244'. [ 208.271002][ T1207] em28xx 2-1:0.132: Closing input extension [ 208.300411][ T6774] loop2: partition table beyond EOD, truncated [ 208.344331][ T1207] em28xx 2-1:0.132: Freeing device [ 208.345836][ T6774] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 209.677113][ T30] kauditd_printk_skb: 17 callbacks suppressed [ 209.677134][ T30] audit: type=1326 audit(1746942426.232:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6783 comm="syz.0.245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a14b8e969 code=0x7ffc0000 [ 209.851190][ T30] audit: type=1326 audit(1746942426.232:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6783 comm="syz.0.245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a14b8e969 code=0x7ffc0000 [ 209.921332][ T30] audit: type=1326 audit(1746942426.362:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6792 comm="syz.1.247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaba18e969 code=0x7ffc0000 [ 210.016289][ T30] audit: type=1326 audit(1746942426.362:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6792 comm="syz.1.247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=136 compat=0 ip=0x7ffaba18e969 code=0x7ffc0000 [ 210.115857][ T30] audit: type=1326 audit(1746942426.362:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6792 comm="syz.1.247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaba18e969 code=0x7ffc0000 [ 210.187428][ T30] audit: type=1326 audit(1746942426.362:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6792 comm="syz.1.247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7ffaba18e969 code=0x7ffc0000 [ 210.235335][ T30] audit: type=1326 audit(1746942426.362:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6792 comm="syz.1.247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7ffaba18e9a3 code=0x7ffc0000 [ 210.346753][ T30] audit: type=1326 audit(1746942426.372:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6792 comm="syz.1.247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7ffaba18e9a3 code=0x7ffc0000 [ 210.370168][ T30] audit: type=1326 audit(1746942426.372:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6792 comm="syz.1.247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaba18e969 code=0x7ffc0000 [ 210.393198][ T30] audit: type=1326 audit(1746942426.382:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6792 comm="syz.1.247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaba18e969 code=0x7ffc0000 [ 211.006226][ T1207] usb 4-1: new full-speed USB device number 5 using dummy_hcd [ 211.402970][ T1207] usb 4-1: config 0 has an invalid interface number: 133 but max is 0 [ 211.442349][ T1207] usb 4-1: config 0 has no interface number 0 [ 211.463514][ T1207] usb 4-1: config 0 interface 133 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 211.535160][ T1207] usb 4-1: New USB device found, idVendor=06cd, idProduct=0121, bcdDevice=dd.3d [ 211.551416][ T1207] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 211.563717][ T1207] usb 4-1: Product: syz [ 211.570687][ T1207] usb 4-1: Manufacturer: syz [ 211.575411][ T1207] usb 4-1: SerialNumber: syz [ 211.584113][ T1207] usb 4-1: config 0 descriptor?? [ 211.845751][ T1207] keyspan 4-1:0.133: Keyspan 1 port adapter converter detected [ 211.894049][ T1207] keyspan 4-1:0.133: unsupported endpoint type 0 [ 211.964706][ T1207] keyspan 4-1:0.133: found no endpoint descriptor for endpoint 81 [ 212.055003][ T1207] keyspan 4-1:0.133: found no endpoint descriptor for endpoint 1 [ 212.055089][ T1207] keyspan 4-1:0.133: found no endpoint descriptor for endpoint 2 [ 212.074464][ T1207] usb 4-1: Keyspan 1 port adapter converter now attached to ttyUSB0 [ 212.096061][ T1207] usb 4-1: USB disconnect, device number 5 [ 212.112249][ T1207] keyspan_1 ttyUSB0: Keyspan 1 port adapter converter now disconnected from ttyUSB0 [ 212.113441][ T1207] keyspan 4-1:0.133: device disconnected [ 212.125884][ T6814] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 212.174520][ T6814] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 212.400238][ T24] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 212.568290][ T24] usb 2-1: config 0 has an invalid interface number: 168 but max is 0 [ 212.602651][ T24] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 212.634819][ T24] usb 2-1: config 0 has no interface number 0 [ 212.658272][ T24] usb 2-1: config 0 interface 168 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 212.687048][ T24] usb 2-1: config 0 interface 168 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 16 [ 213.298526][ T6817] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 213.361070][ T24] usb 2-1: New USB device found, idVendor=0959, idProduct=2bd0, bcdDevice=48.98 [ 213.390321][ T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 213.437114][ T24] usb 2-1: config 0 descriptor?? [ 213.470288][ T24] HFC-S_USB 2-1:0.168: probe with driver HFC-S_USB failed with error -5 [ 213.669197][ T24] usb 2-1: USB disconnect, device number 6 [ 214.037076][ T5820] Bluetooth: hci2: Malformed LE Event: 0x0d [ 216.783929][ T6866] hugetlbfs: syz.0.270 (6866): Using mlock ulimits for SHM_HUGETLB is obsolete [ 218.290705][ T30] kauditd_printk_skb: 63 callbacks suppressed [ 218.290724][ T30] audit: type=1326 audit(1746942434.852:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6878 comm="syz.0.275" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7a14b8e969 code=0x0 [ 218.453888][ T5820] Bluetooth: hci2: Malformed LE Event: 0x0d [ 219.285936][ T30] audit: type=1326 audit(1746942435.842:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6884 comm="syz.2.276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc46f98e969 code=0x7ffc0000 [ 219.338555][ T30] audit: type=1326 audit(1746942435.842:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6884 comm="syz.2.276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc46f98e969 code=0x7ffc0000 [ 219.446477][ T6886] netlink: 'syz.2.276': attribute type 10 has an invalid length. [ 219.560781][ T30] audit: type=1326 audit(1746942435.932:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6884 comm="syz.2.276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=136 compat=0 ip=0x7fc46f98e969 code=0x7ffc0000 [ 219.672620][ T30] audit: type=1326 audit(1746942435.932:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6884 comm="syz.2.276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc46f98e969 code=0x7ffc0000 [ 219.714307][ T6890] netlink: 132 bytes leftover after parsing attributes in process `syz.0.277'. [ 219.770580][ T30] audit: type=1326 audit(1746942435.932:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6884 comm="syz.2.276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc46f98e969 code=0x7ffc0000 [ 219.946232][ T30] audit: type=1326 audit(1746942435.932:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6884 comm="syz.2.276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=25 compat=0 ip=0x7fc46f98e969 code=0x7ffc0000 [ 219.949154][ T6886] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 220.107321][ T49] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 220.279885][ T30] audit: type=1326 audit(1746942435.932:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6884 comm="syz.2.276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc46f98e969 code=0x7ffc0000 [ 220.329486][ T30] audit: type=1326 audit(1746942435.932:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6884 comm="syz.2.276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc46f98e969 code=0x7ffc0000 [ 220.416561][ T49] usb 1-1: Using ep0 maxpacket: 32 [ 220.526493][ T49] usb 1-1: config 0 interface 0 has no altsetting 0 [ 220.571358][ T30] audit: type=1326 audit(1746942435.932:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6884 comm="syz.2.276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc46f98e969 code=0x7ffc0000 [ 220.587390][ T49] usb 1-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e [ 220.626365][ T1207] usb 2-1: new full-speed USB device number 7 using dummy_hcd [ 220.654321][ T49] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 220.689379][ T49] usb 1-1: Product: syz [ 220.706450][ T49] usb 1-1: Manufacturer: syz [ 220.711291][ T49] usb 1-1: SerialNumber: syz [ 220.719089][ T49] usb 1-1: config 0 descriptor?? [ 220.788618][ T1207] usb 2-1: config 0 has an invalid interface number: 133 but max is 0 [ 220.803247][ T1207] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 220.834841][ T1207] usb 2-1: config 0 has no interface number 0 [ 220.852897][ T1207] usb 2-1: New USB device found, idVendor=06cd, idProduct=0121, bcdDevice=dd.3d [ 220.863236][ T1207] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 220.880064][ T1207] usb 2-1: Product: syz [ 220.884305][ T1207] usb 2-1: Manufacturer: syz [ 221.040337][ T1207] usb 2-1: SerialNumber: syz [ 221.060987][ T1207] usb 2-1: config 0 descriptor?? [ 221.192906][ T5820] Bluetooth: hci3: Malformed LE Event: 0x0d [ 221.336827][ T49] gs_usb 1-1:0.0: Configuring for 1 interfaces [ 221.572692][ T1207] keyspan 2-1:0.133: Keyspan 1 port adapter converter detected [ 221.592631][ T1207] keyspan 2-1:0.133: found no endpoint descriptor for endpoint 82 [ 221.613135][ T1207] keyspan 2-1:0.133: found no endpoint descriptor for endpoint 81 [ 221.636483][ T1207] keyspan 2-1:0.133: found no endpoint descriptor for endpoint 1 [ 221.644366][ T1207] keyspan 2-1:0.133: found no endpoint descriptor for endpoint 2 [ 221.672064][ T1207] usb 2-1: Keyspan 1 port adapter converter now attached to ttyUSB0 [ 221.775887][ T49] gs_usb 1-1:0.0: Disabling termination support for channel 0 (-EPIPE) [ 221.808180][ T1207] usb 2-1: USB disconnect, device number 7 [ 221.829903][ T1207] keyspan_1 ttyUSB0: Keyspan 1 port adapter converter now disconnected from ttyUSB0 [ 221.857313][ T1207] keyspan 2-1:0.133: device disconnected [ 222.096357][ T10] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 222.272736][ T10] usb 4-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47 [ 222.285207][ T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 222.334712][ T10] usb 4-1: config 0 descriptor?? [ 222.492247][ T10] gspca_main: STV06xx-2.14.0 probing 046d:0870 [ 222.818638][ T9] IPVS: starting estimator thread 0... [ 223.324153][ T6930] IPVS: using max 31 ests per chain, 74400 per kthread [ 224.676541][ T9] usb 1-1: USB disconnect, device number 6 [ 225.801276][ T1207] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 225.922939][ C1] vkms_vblank_simulate: vblank timer overrun [ 225.942073][ T10] gspca_stv06xx: I2C: Read error writing address: -71 [ 225.955855][ T10] usb 4-1: USB disconnect, device number 6 [ 225.984272][ T6936] syz.2.291: attempt to access beyond end of device [ 225.984272][ T6936] nbd2: rw=0, sector=0, nr_sectors = 1 limit=0 [ 226.052889][ T6936] efs: cannot read volume header [ 227.733681][ T6932] netlink: 'syz.1.289': attribute type 10 has an invalid length. [ 227.941201][ T1207] usb 2-1: unable to get BOS descriptor or descriptor too short [ 227.962062][ T1207] usb 2-1: unable to read config index 0 descriptor/start: -71 [ 228.003776][ T1207] usb 2-1: can't read configurations, error -71 [ 228.274080][ T6957] netlink: 36 bytes leftover after parsing attributes in process `syz.4.295'. [ 230.896656][ T6963] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 231.276244][ T1207] libceph: connect (1)[c::]:6789 error -101 [ 231.301975][ T1207] libceph: mon0 (1)[c::]:6789 connect error [ 231.676635][ T1207] libceph: connect (1)[c::]:6789 error -101 [ 231.682958][ T1207] libceph: mon0 (1)[c::]:6789 connect error [ 231.709274][ T6969] ceph: No mds server is up or the cluster is laggy [ 232.631253][ T1207] libceph: connect (1)[c::]:6789 error -101 [ 232.637741][ T1207] libceph: mon0 (1)[c::]:6789 connect error [ 235.311735][ T6997] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 236.085187][ T6993] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 236.096813][ T10] libceph: connect (1)[c::]:6789 error -101 [ 236.188369][ T6993] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 236.201570][ T6993] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 236.212292][ T6993] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 236.226265][ T6993] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 236.290863][ T10] libceph: mon0 (1)[c::]:6789 connect error [ 236.316381][ T5830] Bluetooth: hci0: command 0x0c1a tx timeout [ 236.600863][ T10] libceph: connect (1)[c::]:6789 error -101 [ 236.900178][ T10] libceph: mon0 (1)[c::]:6789 connect error [ 236.946295][ T7008] ceph: No mds server is up or the cluster is laggy [ 237.066393][ T30] kauditd_printk_skb: 2 callbacks suppressed [ 237.066418][ T30] audit: type=1326 audit(1746942453.602:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7017 comm="syz.0.311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a14b8e969 code=0x7ffc0000 [ 237.239339][ T30] audit: type=1326 audit(1746942453.602:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7017 comm="syz.0.311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a14b8e969 code=0x7ffc0000 [ 238.060585][ T7022] netlink: 'syz.0.311': attribute type 10 has an invalid length. [ 238.069764][ T30] audit: type=1326 audit(1746942453.652:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7017 comm="syz.0.311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=136 compat=0 ip=0x7f7a14b8e969 code=0x7ffc0000 [ 238.113834][ T30] audit: type=1326 audit(1746942453.652:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7017 comm="syz.0.311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a14b8e969 code=0x7ffc0000 [ 238.282340][ T5830] Bluetooth: hci1: command 0x0c1a tx timeout [ 238.289160][ T30] audit: type=1326 audit(1746942453.652:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7017 comm="syz.0.311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a14b8e969 code=0x7ffc0000 [ 238.316736][ T5830] Bluetooth: hci4: command 0x0c1a tx timeout [ 238.324677][ T5830] Bluetooth: hci3: command 0x0c1a tx timeout [ 238.330959][ T5820] Bluetooth: hci2: command 0x0c1a tx timeout [ 238.353057][ T30] audit: type=1326 audit(1746942453.652:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7017 comm="syz.0.311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f7a14b8e969 code=0x7ffc0000 [ 239.136315][ T30] audit: type=1326 audit(1746942453.662:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7017 comm="syz.0.311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f7a14b8e9a3 code=0x7ffc0000 [ 239.318182][ T30] audit: type=1326 audit(1746942453.662:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7017 comm="syz.0.311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f7a14b8e9a3 code=0x7ffc0000 [ 239.631359][ T30] audit: type=1326 audit(1746942453.662:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7017 comm="syz.0.311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a14b8e969 code=0x7ffc0000 [ 239.658520][ T7022] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 239.682627][ T30] audit: type=1326 audit(1746942453.662:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7017 comm="syz.0.311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=427 compat=0 ip=0x7f7a14b8e969 code=0x7ffc0000 [ 240.201113][ T7039] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 240.516273][ T10] usb 2-1: new full-speed USB device number 10 using dummy_hcd [ 240.700519][ T10] usb 2-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c [ 240.710302][ T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 240.745005][ T10] usb 2-1: config 0 descriptor?? [ 240.958793][ T7053] (unnamed net_device) (uninitialized): option arp_interval: invalid value (18446744071970837394) [ 240.969699][ T7053] (unnamed net_device) (uninitialized): option arp_interval: allowed values 0 - 2147483647 [ 242.086299][ T24] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 242.214896][ T10] pegasus 2-1:0.0: probe with driver pegasus failed with error -71 [ 242.244242][ T10] usb 2-1: USB disconnect, device number 10 [ 242.256244][ T24] usb 3-1: Using ep0 maxpacket: 8 [ 242.982715][ T9] IPVS: starting estimator thread 0... [ 243.285972][ T24] usb 3-1: config 179 has an invalid interface number: 65 but max is 0 [ 243.568499][ T7091] IPVS: using max 27 ests per chain, 64800 per kthread [ 243.673036][ T24] usb 3-1: config 179 has no interface number 0 [ 243.685975][ T24] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 243.700831][ T24] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 243.712203][ T24] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 243.728298][ T24] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 243.745537][ T24] usb 3-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 243.759203][ T24] usb 3-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 243.768332][ T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 243.780240][ T7078] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 244.088202][ T7078] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 244.117397][ T7078] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 244.256277][ T9] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 244.264950][ T1207] usb 2-1: new low-speed USB device number 11 using dummy_hcd [ 244.421502][ T9] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 244.443316][ T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 244.459873][ T1207] usb 2-1: config 168 descriptor has 1 excess byte, ignoring [ 244.514904][ T1207] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 244.538353][ T10] usb 3-1: USB disconnect, device number 5 [ 244.538463][ C1] xpad 3-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 244.552700][ C1] xpad 3-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 244.561707][ C1] ================================================================== [ 244.567232][ T1207] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 244.569790][ C1] BUG: KASAN: slab-use-after-free in do_raw_spin_lock+0x23d/0x290 [ 244.569824][ C1] Read of size 4 at addr ffff888031ee505c by task syz.3.332/7098 [ 244.569842][ C1] [ 244.569855][ C1] CPU: 1 UID: 0 PID: 7098 Comm: syz.3.332 Not tainted 6.15.0-rc5-syzkaller-00277-g345030986df8 #0 PREEMPT(full) [ 244.569879][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 244.569892][ C1] Call Trace: [ 244.569902][ C1] [ 244.569910][ C1] dump_stack_lvl+0x189/0x250 [ 244.569941][ C1] ? __virt_addr_valid+0x18c/0x540 [ 244.569967][ C1] ? rcu_is_watching+0x15/0xb0 [ 244.569996][ C1] ? __kasan_check_byte+0x12/0x40 [ 244.570031][ C1] ? __pfx_dump_stack_lvl+0x10/0x10 [ 244.570058][ C1] ? rcu_is_watching+0x15/0xb0 [ 244.570088][ C1] ? lock_release+0x4b/0x3e0 [ 244.570118][ C1] ? __virt_addr_valid+0x18c/0x540 [ 244.570143][ C1] ? __virt_addr_valid+0x469/0x540 [ 244.570171][ C1] print_report+0xb4/0x290 [ 244.570195][ C1] ? do_raw_spin_lock+0x23d/0x290 [ 244.570246][ C1] kasan_report+0x118/0x150 [ 244.570278][ C1] ? do_raw_spin_lock+0x23d/0x290 [ 244.570305][ C1] do_raw_spin_lock+0x23d/0x290 [ 244.570327][ C1] ? __wake_up_common_lock+0x2f/0x1f0 [ 244.570352][ C1] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 244.570379][ C1] _raw_spin_lock_irqsave+0xb3/0xf0 [ 244.570403][ C1] ? __pfx__raw_spin_lock_irqsave+0x10/0x10 [ 244.570425][ C1] ? kcov_remote_stop+0x78/0x6d0 [ 244.570453][ C1] __wake_up_common_lock+0x2f/0x1f0 [ 244.570481][ C1] __usb_hcd_giveback_urb+0x4d7/0x690 [ 244.570515][ C1] ? usb_hcd_unlink_urb_from_ep+0x2c/0x110 [ 244.570550][ C1] ? __pfx___usb_hcd_giveback_urb+0x10/0x10 [ 244.570587][ C1] ? usb_hcd_giveback_urb+0x10e/0x420 [ 244.570621][ C1] dummy_timer+0x862/0x4550 [ 244.570667][ C1] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 244.570688][ C1] ? __lock_acquire+0xaac/0xd20 [ 244.570730][ C1] ? __pfx_dummy_timer+0x10/0x10 [ 244.570761][ C1] ? __pfx_dummy_timer+0x10/0x10 [ 244.570790][ C1] ? __pfx_dummy_timer+0x10/0x10 [ 244.570818][ C1] __hrtimer_run_queues+0x529/0xc60 [ 244.570859][ C1] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 244.570896][ C1] ? read_tsc+0x9/0x20 [ 244.570926][ C1] ? __pfx___local_bh_disable_ip+0x10/0x10 [ 244.570963][ C1] hrtimer_run_softirq+0x187/0x2b0 [ 244.570997][ C1] handle_softirqs+0x283/0x870 [ 244.571030][ C1] ? __irq_exit_rcu+0xca/0x1f0 [ 244.571063][ C1] ? __pfx_handle_softirqs+0x10/0x10 [ 244.571096][ C1] ? irqtime_account_irq+0xb6/0x1c0 [ 244.571123][ C1] __irq_exit_rcu+0xca/0x1f0 [ 244.571152][ C1] ? __pfx___irq_exit_rcu+0x10/0x10 [ 244.571188][ C1] irq_exit_rcu+0x9/0x30 [ 244.571223][ C1] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 244.571246][ C1] [ 244.571254][ C1] [ 244.571263][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 244.571286][ C1] RIP: 0010:_raw_spin_unlock_irqrestore+0xa8/0x110 [ 244.571309][ C1] Code: 74 05 e8 1b c2 75 f6 48 c7 44 24 20 00 00 00 00 9c 8f 44 24 20 f6 44 24 21 02 75 4f f7 c3 00 02 00 00 74 01 fb bf 01 00 00 00 53 44 3f f6 65 8b 05 bc 75 20 07 85 c0 74 40 48 c7 04 24 0e 36 [ 244.571328][ C1] RSP: 0018:ffffc9000aa8f580 EFLAGS: 00000206 [ 244.571349][ C1] RAX: df4c871a7ec33400 RBX: 0000000000000a02 RCX: df4c871a7ec33400 [ 244.571366][ C1] RDX: 0000000000000006 RSI: ffffffff8d73740f RDI: 0000000000000001 [ 244.571380][ C1] RBP: ffffc9000aa8f618 R08: ffffffff8f7da977 R09: 1ffffffff1efb52e [ 244.571396][ C1] R10: dffffc0000000000 R11: fffffbfff1efb52f R12: dffffc0000000000 [ 244.571412][ C1] R13: 1ffff1100f99565d R14: ffff88807ccab280 R15: 1ffff92001551eb0 [ 244.571440][ C1] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 244.571469][ C1] __skb_try_recv_datagram+0x17c/0x4e0 [ 244.571504][ C1] ? __pfx_sk_busy_loop_end+0x10/0x10 [ 244.571531][ C1] __unix_dgram_recvmsg+0x2d4/0xdc0 [ 244.571573][ C1] ? __pfx___unix_dgram_recvmsg+0x10/0x10 [ 244.571608][ C1] ? irqentry_exit+0x74/0x90 [ 244.571631][ C1] ? lockdep_hardirqs_on+0x9c/0x150 [ 244.571658][ C1] ? unix_dgram_recvmsg+0xb1/0xd0 [ 244.571680][ C1] ? __pfx_unix_dgram_recvmsg+0x10/0x10 [ 244.571705][ C1] sock_recvmsg_nosec+0x183/0x1c0 [ 244.571742][ C1] ____sys_recvmsg+0x3aa/0x460 [ 244.571774][ C1] ? __pfx_____sys_recvmsg+0x10/0x10 [ 244.571811][ C1] ? import_iovec+0x74/0xa0 [ 244.571863][ C1] ___sys_recvmsg+0x1b5/0x510 [ 244.571893][ C1] ? __pfx____sys_recvmsg+0x10/0x10 [ 244.571938][ C1] ? __might_fault+0xb0/0x130 [ 244.571972][ C1] do_recvmmsg+0x307/0x760 [ 244.572004][ C1] ? __pfx_do_recvmmsg+0x10/0x10 [ 244.572037][ C1] ? __pfx_do_futex+0x10/0x10 [ 244.572067][ C1] __x64_sys_recvmmsg+0x190/0x240 [ 244.572094][ C1] ? rcu_is_watching+0x15/0xb0 [ 244.572125][ C1] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 244.572155][ C1] ? do_syscall_64+0xba/0x210 [ 244.572183][ C1] do_syscall_64+0xf6/0x210 [ 244.572216][ C1] ? clear_bhb_loop+0x45/0xa0 [ 244.572240][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 244.572260][ C1] RIP: 0033:0x7f3bfcd8e969 [ 244.572280][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 244.572297][ C1] RSP: 002b:00007f3bfdc9f038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 244.572318][ C1] RAX: ffffffffffffffda RBX: 00007f3bfcfb6080 RCX: 00007f3bfcd8e969 [ 244.572334][ C1] RDX: 0000000000010106 RSI: 00002000000000c0 RDI: 0000000000000003 [ 244.572347][ C1] RBP: 00007f3bfce10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 244.572361][ C1] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000 [ 244.572374][ C1] R13: 0000000000000000 R14: 00007f3bfcfb6080 R15: 00007ffc0086f388 [ 244.572398][ C1] [ 244.572405][ C1] [ 244.603230][ T9] usb 1-1: config 0 descriptor?? [ 244.611302][ C1] Allocated by task 24: [ 244.611319][ C1] kasan_save_track+0x3e/0x80 [ 244.611351][ C1] __kasan_kmalloc+0x93/0xb0 [ 244.638822][ T1207] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 244.642133][ C1] __kmalloc_cache_noprof+0x230/0x3d0 [ 244.642175][ C1] xpad_probe+0x41c/0x1ed0 [ 245.178011][ C1] usb_probe_interface+0x641/0xbc0 [ 245.183180][ C1] really_probe+0x26a/0x9a0 [ 245.187738][ C1] __driver_probe_device+0x18c/0x2f0 [ 245.193160][ C1] driver_probe_device+0x4f/0x430 [ 245.198202][ C1] __device_attach_driver+0x2ce/0x530 [ 245.203582][ C1] bus_for_each_drv+0x24e/0x2e0 [ 245.208472][ C1] __device_attach+0x2b8/0x400 [ 245.213246][ C1] bus_probe_device+0x185/0x260 [ 245.218110][ C1] device_add+0x7b6/0xb50 [ 245.222444][ C1] usb_set_configuration+0x1a87/0x20e0 [ 245.227915][ C1] usb_generic_driver_probe+0x8d/0x150 [ 245.233389][ C1] usb_probe_device+0x1c1/0x390 [ 245.238257][ C1] really_probe+0x26a/0x9a0 [ 245.242777][ C1] __driver_probe_device+0x18c/0x2f0 [ 245.248073][ C1] driver_probe_device+0x4f/0x430 [ 245.253218][ C1] __device_attach_driver+0x2ce/0x530 [ 245.258598][ C1] bus_for_each_drv+0x24e/0x2e0 [ 245.263459][ C1] __device_attach+0x2b8/0x400 [ 245.268234][ C1] bus_probe_device+0x185/0x260 [ 245.273098][ C1] device_add+0x7b6/0xb50 [ 245.277430][ C1] usb_new_device+0xa39/0x16c0 [ 245.282290][ C1] hub_event+0x2941/0x4a00 [ 245.286722][ C1] process_scheduled_works+0xadb/0x17a0 [ 245.292297][ C1] worker_thread+0x8a0/0xda0 [ 245.296906][ C1] kthread+0x70e/0x8a0 [ 245.300987][ C1] ret_from_fork+0x4b/0x80 [ 245.305412][ C1] ret_from_fork_asm+0x1a/0x30 [ 245.310195][ C1] [ 245.312524][ C1] Freed by task 10: [ 245.316328][ C1] kasan_save_track+0x3e/0x80 [ 245.321035][ C1] kasan_save_free_info+0x46/0x50 [ 245.326062][ C1] __kasan_slab_free+0x62/0x70 [ 245.330856][ C1] kfree+0x193/0x440 [ 245.334778][ C1] xpad_disconnect+0x350/0x480 [ 245.339566][ C1] usb_unbind_interface+0x26b/0x8f0 [ 245.344782][ C1] device_release_driver_internal+0x4d6/0x7c0 [ 245.350865][ C1] bus_remove_device+0x34d/0x410 [ 245.355820][ C1] device_del+0x511/0x8e0 [ 245.360169][ C1] usb_disable_device+0x3e9/0x8a0 [ 245.365200][ C1] usb_disconnect+0x330/0x910 [ 245.369881][ C1] hub_event+0x1cdb/0x4a00 [ 245.374305][ C1] process_scheduled_works+0xadb/0x17a0 [ 245.379980][ C1] worker_thread+0x8a0/0xda0 [ 245.384589][ C1] kthread+0x70e/0x8a0 [ 245.388668][ C1] ret_from_fork+0x4b/0x80 [ 245.393100][ C1] ret_from_fork_asm+0x1a/0x30 [ 245.397897][ C1] [ 245.400226][ C1] The buggy address belongs to the object at ffff888031ee5000 [ 245.400226][ C1] which belongs to the cache kmalloc-1k of size 1024 [ 245.414288][ C1] The buggy address is located 92 bytes inside of [ 245.414288][ C1] freed 1024-byte region [ffff888031ee5000, ffff888031ee5400) [ 245.428096][ C1] [ 245.430425][ C1] The buggy address belongs to the physical page: [ 245.436850][ C1] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x31ee0 [ 245.445617][ C1] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 245.454125][ C1] ksm flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 245.462039][ C1] page_type: f5(slab) [ 245.466026][ C1] raw: 00fff00000000040 ffff88801a041dc0 ffffea0000457200 dead000000000003 [ 245.474619][ C1] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 245.483215][ C1] head: 00fff00000000040 ffff88801a041dc0 ffffea0000457200 dead000000000003 [ 245.491899][ C1] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 245.500590][ C1] head: 00fff00000000003 ffffea0000c7b801 00000000ffffffff 00000000ffffffff [ 245.509301][ C1] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 245.518012][ C1] page dumped because: kasan: bad access detected [ 245.524560][ C1] page_owner tracks the page as allocated [ 245.530290][ C1] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5772, tgid 5772 (dhcpcd-run-hook), ts 83508278738, free_ts 83402941476 [ 245.551970][ C1] post_alloc_hook+0x1d8/0x230 [ 245.556785][ C1] get_page_from_freelist+0x21c7/0x22a0 [ 245.562360][ C1] __alloc_frozen_pages_noprof+0x181/0x370 [ 245.568184][ C1] alloc_pages_mpol+0x232/0x4a0 [ 245.573050][ C1] allocate_slab+0x8a/0x3b0 [ 245.577563][ C1] ___slab_alloc+0xbfc/0x1480 [ 245.582331][ C1] __kmalloc_noprof+0x305/0x4f0 [ 245.587194][ C1] load_elf_binary+0x2d3/0x27b0 [ 245.592063][ C1] bprm_execve+0x999/0x1440 [ 245.596595][ C1] do_execveat_common+0x510/0x6a0 [ 245.601642][ C1] __x64_sys_execve+0x94/0xb0 [ 245.606326][ C1] do_syscall_64+0xf6/0x210 [ 245.610841][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 245.616740][ C1] page last free pid 5755 tgid 5755 stack trace: [ 245.623083][ C1] __free_frozen_pages+0xb05/0xcd0 [ 245.628228][ C1] __put_partials+0x161/0x1c0 [ 245.632944][ C1] put_cpu_partial+0x17c/0x250 [ 245.637820][ C1] __slab_free+0x2f7/0x400 [ 245.642261][ C1] qlist_free_all+0x9a/0x140 [ 245.646874][ C1] kasan_quarantine_reduce+0x148/0x160 [ 245.652371][ C1] __kasan_slab_alloc+0x22/0x80 [ 245.657256][ C1] kmem_cache_alloc_lru_noprof+0x1c6/0x3d0 [ 245.663075][ C1] alloc_inode+0xb8/0x1b0 [ 245.667445][ C1] create_pipe_files+0x51/0x760 [ 245.672341][ C1] __do_pipe_flags+0x4c/0x2d0 [ 245.677062][ C1] do_pipe2+0x9c/0x170 [ 245.681166][ C1] __x64_sys_pipe2+0x5a/0x70 [ 245.685780][ C1] do_syscall_64+0xf6/0x210 [ 245.690294][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 245.696202][ C1] [ 245.698539][ C1] Memory state around the buggy address: [ 245.704172][ C1] ffff888031ee4f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 245.712278][ C1] ffff888031ee4f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 245.720368][ C1] >ffff888031ee5000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 245.728437][ C1] ^ [ 245.735639][ C1] ffff888031ee5080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 245.743705][ C1] ffff888031ee5100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 245.751812][ C1] ================================================================== [ 245.759898][ C1] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 245.767098][ C1] CPU: 1 UID: 0 PID: 7098 Comm: syz.3.332 Not tainted 6.15.0-rc5-syzkaller-00277-g345030986df8 #0 PREEMPT(full) [ 245.779007][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 245.789091][ C1] Call Trace: [ 245.792380][ C1] [ 245.795237][ C1] dump_stack_lvl+0x99/0x250 [ 245.799853][ C1] ? __asan_memcpy+0x40/0x70 [ 245.804463][ C1] ? __pfx_dump_stack_lvl+0x10/0x10 [ 245.809679][ C1] ? __pfx__printk+0x10/0x10 [ 245.814296][ C1] panic+0x2db/0x790 [ 245.818207][ C1] ? __pfx_panic+0x10/0x10 [ 245.822637][ C1] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 245.828538][ C1] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 245.834964][ C1] ? print_memory_metadata+0x314/0x400 [ 245.840437][ C1] ? do_raw_spin_lock+0x23d/0x290 [ 245.845498][ C1] check_panic_on_warn+0x89/0xb0 [ 245.850456][ C1] ? do_raw_spin_lock+0x23d/0x290 [ 245.855492][ C1] end_report+0x78/0x160 [ 245.859753][ C1] kasan_report+0x129/0x150 [ 245.864276][ C1] ? do_raw_spin_lock+0x23d/0x290 [ 245.869313][ C1] do_raw_spin_lock+0x23d/0x290 [ 245.874170][ C1] ? __wake_up_common_lock+0x2f/0x1f0 [ 245.879552][ C1] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 245.884950][ C1] _raw_spin_lock_irqsave+0xb3/0xf0 [ 245.890155][ C1] ? __pfx__raw_spin_lock_irqsave+0x10/0x10 [ 245.896064][ C1] ? kcov_remote_stop+0x78/0x6d0 [ 245.901052][ C1] __wake_up_common_lock+0x2f/0x1f0 [ 245.906286][ C1] __usb_hcd_giveback_urb+0x4d7/0x690 [ 245.911716][ C1] ? usb_hcd_unlink_urb_from_ep+0x2c/0x110 [ 245.917549][ C1] ? __pfx___usb_hcd_giveback_urb+0x10/0x10 [ 245.923474][ C1] ? usb_hcd_giveback_urb+0x10e/0x420 [ 245.928868][ C1] dummy_timer+0x862/0x4550 [ 245.933575][ C1] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 245.938956][ C1] ? __lock_acquire+0xaac/0xd20 [ 245.943830][ C1] ? __pfx_dummy_timer+0x10/0x10 [ 245.948816][ C1] ? __pfx_dummy_timer+0x10/0x10 [ 245.953771][ C1] ? __pfx_dummy_timer+0x10/0x10 [ 245.958721][ C1] __hrtimer_run_queues+0x529/0xc60 [ 245.963947][ C1] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 245.969686][ C1] ? read_tsc+0x9/0x20 [ 245.973772][ C1] ? __pfx___local_bh_disable_ip+0x10/0x10 [ 245.979600][ C1] hrtimer_run_softirq+0x187/0x2b0 [ 245.984730][ C1] handle_softirqs+0x283/0x870 [ 245.989514][ C1] ? __irq_exit_rcu+0xca/0x1f0 [ 245.994297][ C1] ? __pfx_handle_softirqs+0x10/0x10 [ 245.999604][ C1] ? irqtime_account_irq+0xb6/0x1c0 [ 246.004823][ C1] __irq_exit_rcu+0xca/0x1f0 [ 246.009430][ C1] ? __pfx___irq_exit_rcu+0x10/0x10 [ 246.014647][ C1] irq_exit_rcu+0x9/0x30 [ 246.018908][ C1] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 246.024560][ C1] [ 246.027496][ C1] [ 246.030433][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 246.036422][ C1] RIP: 0010:_raw_spin_unlock_irqrestore+0xa8/0x110 [ 246.042937][ C1] Code: 74 05 e8 1b c2 75 f6 48 c7 44 24 20 00 00 00 00 9c 8f 44 24 20 f6 44 24 21 02 75 4f f7 c3 00 02 00 00 74 01 fb bf 01 00 00 00 53 44 3f f6 65 8b 05 bc 75 20 07 85 c0 74 40 48 c7 04 24 0e 36 [ 246.062562][ C1] RSP: 0018:ffffc9000aa8f580 EFLAGS: 00000206 [ 246.068644][ C1] RAX: df4c871a7ec33400 RBX: 0000000000000a02 RCX: df4c871a7ec33400 [ 246.076627][ C1] RDX: 0000000000000006 RSI: ffffffff8d73740f RDI: 0000000000000001 [ 246.084618][ C1] RBP: ffffc9000aa8f618 R08: ffffffff8f7da977 R09: 1ffffffff1efb52e [ 246.092601][ C1] R10: dffffc0000000000 R11: fffffbfff1efb52f R12: dffffc0000000000 [ 246.100589][ C1] R13: 1ffff1100f99565d R14: ffff88807ccab280 R15: 1ffff92001551eb0 [ 246.108601][ C1] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 246.114948][ C1] __skb_try_recv_datagram+0x17c/0x4e0 [ 246.120442][ C1] ? __pfx_sk_busy_loop_end+0x10/0x10 [ 246.125824][ C1] __unix_dgram_recvmsg+0x2d4/0xdc0 [ 246.131046][ C1] ? __pfx___unix_dgram_recvmsg+0x10/0x10 [ 246.136811][ C1] ? irqentry_exit+0x74/0x90 [ 246.141413][ C1] ? lockdep_hardirqs_on+0x9c/0x150 [ 246.146626][ C1] ? unix_dgram_recvmsg+0xb1/0xd0 [ 246.151735][ C1] ? __pfx_unix_dgram_recvmsg+0x10/0x10 [ 246.157298][ C1] sock_recvmsg_nosec+0x183/0x1c0 [ 246.162341][ C1] ____sys_recvmsg+0x3aa/0x460 [ 246.167121][ C1] ? __pfx_____sys_recvmsg+0x10/0x10 [ 246.172436][ C1] ? import_iovec+0x74/0xa0 [ 246.176952][ C1] ___sys_recvmsg+0x1b5/0x510 [ 246.181677][ C1] ? __pfx____sys_recvmsg+0x10/0x10 [ 246.186908][ C1] ? __might_fault+0xb0/0x130 [ 246.191603][ C1] do_recvmmsg+0x307/0x760 [ 246.196035][ C1] ? __pfx_do_recvmmsg+0x10/0x10 [ 246.200990][ C1] ? __pfx_do_futex+0x10/0x10 [ 246.205688][ C1] __x64_sys_recvmmsg+0x190/0x240 [ 246.210734][ C1] ? rcu_is_watching+0x15/0xb0 [ 246.215517][ C1] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 246.221076][ C1] ? do_syscall_64+0xba/0x210 [ 246.225768][ C1] do_syscall_64+0xf6/0x210 [ 246.230294][ C1] ? clear_bhb_loop+0x45/0xa0 [ 246.234982][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 246.240922][ C1] RIP: 0033:0x7f3bfcd8e969 [ 246.245351][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 246.264972][ C1] RSP: 002b:00007f3bfdc9f038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 246.273406][ C1] RAX: ffffffffffffffda RBX: 00007f3bfcfb6080 RCX: 00007f3bfcd8e969 [ 246.281389][ C1] RDX: 0000000000010106 RSI: 00002000000000c0 RDI: 0000000000000003 [ 246.289389][ C1] RBP: 00007f3bfce10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 246.297405][ C1] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000 [ 246.305408][ C1] R13: 0000000000000000 R14: 00007f3bfcfb6080 R15: 00007ffc0086f388 [ 246.313435][ C1] [ 246.316796][ C1] Kernel Offset: disabled [ 246.321273][ C1] Rebooting in 86400 seconds..