last executing test programs: 11m31.507986898s ago: executing program 3 (id=405): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000000), 0x6) ioctl$sock_bt_hci(r0, 0x800448d5, &(0x7f0000000100)) 11m31.309567218s ago: executing program 3 (id=406): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0xc, 0x13, &(0x7f00000005c0)=ANY=[@ANYBLOB="1800000000000000000000000000000218110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000000000018500000017000000bf91000000000000b7020000020000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b800000500000000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) 11m31.016419292s ago: executing program 3 (id=410): mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs$pagemap(0x0, &(0x7f0000001080)) ioctl$PAGEMAP_SCAN(r0, 0xc0606610, &(0x7f00000001c0)={0x60, 0x0, &(0x7f0000001000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0xa5, 0x5c}) 11m30.806698867s ago: executing program 3 (id=413): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a74000000060a090400000000000000000200000048000480100001800c0001006e6f747261636b00340001800c0001007061796c6f616400240002800800024000000000080001400000000a080003400000000508000440000000020900010073797a30000000000900020073797a32"], 0x9c}}, 0x0) 11m30.373807087s ago: executing program 3 (id=416): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20) fcntl$setstatus(r0, 0x4, 0x2c00) 11m30.068170306s ago: executing program 3 (id=419): r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_NEW_INTERFACE(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="01002bbd7000fedbdf25070000000a0004007770616e30000000080001000100000008000500", @ANYRES32], 0x40}}, 0x8084) 11m14.866527223s ago: executing program 32 (id=419): r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_NEW_INTERFACE(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="01002bbd7000fedbdf25070000000a0004007770616e30000000080001000100000008000500", @ANYRES32], 0x40}}, 0x8084) 10m25.48509773s ago: executing program 0 (id=1091): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000000900000030000380140002007369743000000000000000000000000006000400ffff00000800030000000000080001"], 0x44}}, 0x0) 10m25.333029669s ago: executing program 0 (id=1094): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000340)={0x3f, 0x3, 0x9, 0x4}, 0x10) write(r0, &(0x7f00000000c0)="240000001e005f0214fffffffffffff807000000a600000000000000080008001d000000", 0x24) 10m25.147485831s ago: executing program 0 (id=1097): r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) wait4(r0, 0x0, 0x8, &(0x7f0000000380)) 10m24.523689101s ago: executing program 0 (id=1107): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount$nfs(&(0x7f00000001c0)='..\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x85000, 0x0) umount2(&(0x7f0000000280)='./file0\x00', 0x8) 10m24.104341675s ago: executing program 0 (id=1111): socket$rds(0x15, 0x5, 0x0) r0 = socket(0x40000000015, 0x5, 0x0) getsockopt(r0, 0x200000000114, 0x2715, 0x0, &(0x7f0000000400)) 10m23.348341248s ago: executing program 0 (id=1113): r0 = syz_open_dev$ttys(0xc, 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x3) ioctl$TIOCSLCKTRMIOS(r0, 0x5457, 0x0) 10m22.834550649s ago: executing program 33 (id=1113): r0 = syz_open_dev$ttys(0xc, 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x3) ioctl$TIOCSLCKTRMIOS(r0, 0x5457, 0x0) 3m36.592455559s ago: executing program 4 (id=7222): sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x7ffe, 0x0, 0xb49, 0x200000000002, 0x7, 0x8, 0x3}, 0x0) r0 = eventfd2(0x0, 0x0) io_setup(0x81, &(0x7f0000000400)=0x0) io_submit(r1, 0x1, &(0x7f0000000440)=[&(0x7f0000000180)={0x0, 0x0, 0x3f, 0x1, 0x1fb, r0, 0x0, 0x0, 0x0, 0x0, 0x1, r0}]) 3m36.251358238s ago: executing program 4 (id=7233): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) sendmmsg$inet6(r0, &(0x7f0000000e00)=[{{&(0x7f00000000c0)={0xa, 0x4e22, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x30}, 0x1c, &(0x7f0000001700)=[{&(0x7f0000000140)='y', 0x1}], 0x1}}, {{&(0x7f0000002900)={0xa, 0x4e20, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0xe254}, 0x1c, &(0x7f0000002a00)=[{&(0x7f0000002940)='B', 0x1}], 0x1}}], 0x2, 0x20044040) r1 = socket$netlink(0x10, 0x3, 0x4) writev(r1, &(0x7f0000000000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560a84476080ffe00600004e20590000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x40b}], 0x1) 3m36.028549167s ago: executing program 4 (id=7237): r0 = socket$qrtr(0x2a, 0x2, 0x0) r1 = syz_open_dev$usbfs(&(0x7f0000000080), 0x76, 0x109301) ioctl$USBDEVFS_DISCONNECT_CLAIM(r1, 0x8108551b, &(0x7f0000002600)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34171113d806726615380fe65a6a0a72e19c2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d90d1f6"}) close_range(r0, 0xffffffffffffffff, 0x0) 3m35.82909209s ago: executing program 4 (id=7242): mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20) renameat2(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0xffffffffffffff9c, &(0x7f00000004c0)='./file2\x00', 0x0) 3m35.727110566s ago: executing program 4 (id=7244): openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x40042, 0x21) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0xc000}}) unlink(&(0x7f0000000040)='./file0\x00') 3m34.722316474s ago: executing program 4 (id=7263): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000000b00010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @flow_offload={{0x11}, @val={0x10, 0x2, 0x0, 0x1, [@NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x80}, 0x1, 0x0, 0x0, 0x2000094}, 0x4000800) 3m34.210750495s ago: executing program 34 (id=7263): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000000b00010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @flow_offload={{0x11}, @val={0x10, 0x2, 0x0, 0x1, [@NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x80}, 0x1, 0x0, 0x0, 0x2000094}, 0x4000800) 4.93666432s ago: executing program 7 (id=10398): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000180)=ANY=[@ANYBLOB="120100007516b7108c0d0e008f8e0018030109021b0001000000000904080001030000000905", @ANYBLOB="8fcf"], 0x0) syz_usb_control_io$cdc_ncm(r1, 0x0, 0x0) r2 = dup(r0) write$UHID_INPUT(r2, &(0x7f00000001c0)={0xf, {"a2e3ad21e08eeb661b5d350987f70e06d038e7ff7fc6e5539b0d650e8b089b3f313b6c090890e0878f0e1ac6e7049b3b46959b649a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d07410936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c554336909fda039aec54a1236e80f6a8abadea7662496b17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f6777478bc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15ffffffffffffffff1243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5dc29a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f6435f7590000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9a53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f423500c7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02da93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d0300000000000000b378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d678746383074c6bc1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b3c7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56f0700dcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0da42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9cc8036cbd65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f90000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000400", 0x1000}}, 0x1006) 2.419446336s ago: executing program 1 (id=10437): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x22048854, &(0x7f0000000200)={0x2, 0x4e23, @empty}, 0x10) syz_emit_ethernet(0x86, &(0x7f00000010c0)={@broadcast, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x1, 0x0, @private=0xa010102, @local}, @redirect={0x3, 0x4, 0x0, @broadcast=0x1000000, {0x17, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @private, @empty, {[@timestamp_addr={0x44, 0xc, 0x0, 0x1, 0x0, [{@remote, 0x4e210000}]}, @timestamp_addr={0x44, 0x3c, 0x0, 0x1, 0x0, [{@local}, {}, {@dev}, {@private}, {@empty}, {@initdev={0xac, 0x1e, 0x0, 0x0}}, {@dev}]}]}}}}}}}, 0x0) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78600a34f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03859bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b037511bf746bec66ba", 0xd000, 0x11, 0x0, 0x27) 2.19153473s ago: executing program 1 (id=10441): symlinkat(&(0x7f0000000180)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xffffffffffffff9c, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'essiv(authenc(rmd160-generic,cbc-camellia-aesni-avx2),sha1-avx)\x00'}, 0x58) r1 = socket$nl_crypto(0x10, 0x3, 0x15) sendmsg$nl_crypto(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB="e00000001300"], 0xe0}}, 0x0) 2.084061103s ago: executing program 6 (id=10443): r0 = socket$pppl2tp(0x18, 0x1, 0x1) r1 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, r1, {0x2, 0x4e24, @broadcast}, 0x2, 0x0, 0x3}}, 0x26) r2 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r2, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x3, r0, {0x2, 0x4e22, @broadcast}, 0x2, 0x9800}}, 0x2e) 1.829785191s ago: executing program 6 (id=10447): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, 0x0) ioctl$KVM_SET_SREGS2(r2, 0x4140aecd, &(0x7f0000000000)={{0x80a0000, 0x0, 0xc, 0xb8, 0x3, 0x3, 0x0, 0x6, 0x3, 0x7, 0x40, 0x9}, {0x80a0000, 0xeeee8000, 0x10, 0xb, 0x8, 0x5, 0x1, 0x7, 0x7, 0x1, 0x2, 0x6}, {0xdddd5000, 0x1000, 0x8, 0xe2, 0xfa, 0x9, 0xb, 0x8, 0xc, 0x6, 0x9, 0x3}, {0x10000, 0x2, 0xc, 0x9, 0x1b, 0x5, 0x7, 0xd, 0x10, 0x3, 0x6, 0x2}, {0xeeef0000, 0x4000, 0xc, 0x6, 0x1, 0x8, 0x0, 0x3, 0xdb, 0x2}, {0x4000, 0xd000, 0x4, 0x7, 0x8, 0xb7, 0x0, 0x8, 0xb3, 0x9, 0xfd, 0x2}, {0x8080000, 0x8080000, 0x8, 0x7f, 0x6, 0x2, 0x5, 0xb, 0xee, 0xd, 0x7, 0x7}, {0xf000, 0x8080000, 0x4, 0xea, 0xff, 0x1, 0x9, 0xb3, 0x61, 0xf4, 0xa, 0x1}, {0x5000}, {0x2000, 0x8}, 0x0, 0x0, 0x1, 0x40640, 0xc, 0x9c00, 0x1, 0x0, [0x4, 0x400, 0x1, 0x1000]}) 1.77639483s ago: executing program 7 (id=10448): r0 = syz_io_uring_setup(0x9f7, &(0x7f0000000180)={0x0, 0x992a, 0x10, 0x4, 0x1a6}, &(0x7f0000000040)=0x0, &(0x7f0000000200)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) r3 = socket$inet_sctp(0x2, 0x1, 0x84) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0x40, 0x0, r3, 0x80, &(0x7f00000000c0)=@in6={0xa, 0x4e21, 0x200052, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010101}, 0x8}}) io_uring_enter(r0, 0x3514, 0x9141, 0x69, 0x0, 0x0) 1.607907728s ago: executing program 1 (id=10451): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000004300), 0x1, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_X86_SETUP_MCE(r2, 0x4008ae9c, &(0x7f0000000000)={0x16, 0x5}) 1.424395491s ago: executing program 1 (id=10452): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f00000002c0)={r2, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900", [0x0, 0x2000000000001]}}) close_range(r0, 0xffffffffffffffff, 0x0) 1.418451266s ago: executing program 6 (id=10453): prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ff1000/0x3000)=nil, &(0x7f0000ff3000/0x3000)=nil, &(0x7f0000ff6000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045) io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0xc89f, 0xc021, 0x2, 0x20002f7}) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 1.31240896s ago: executing program 5 (id=10455): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0xab, @loopback, 0x10001}, 0x1c) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22, 0x7, @loopback, 0x23}, 0x1c) r1 = dup(r0) sendmsg$MPTCP_PM_CMD_GET_LIMITS(r1, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={0x0, 0x78}, 0x1, 0x0, 0x0, 0x4080}, 0x8080) 1.216120252s ago: executing program 1 (id=10456): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_GET_STATION(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)={0x1c, r2, 0x1, 0x70bd29, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4015}, 0x200040c0) 1.083077002s ago: executing program 5 (id=10458): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10) connect$inet(r0, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10) writev(r0, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x1) shutdown(r0, 0x1) 1.041874592s ago: executing program 1 (id=10459): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = socket(0x1d, 0x2, 0x6) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vxcan0\x00', 0x0}) bind$can_j1939(r0, &(0x7f0000000100)={0x1d, r1, 0x2, {0x1, 0x0, 0x2}, 0x1}, 0x18) syz_genetlink_get_family_id$smc(&(0x7f0000000640), r0) 960.390566ms ago: executing program 7 (id=10460): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000100)=ANY=[], 0x32600) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r0, 0x0) r1 = socket(0x840000000002, 0x3, 0xff) setsockopt$IP_VS_SO_SET_TIMEOUT(r1, 0x0, 0x48a, &(0x7f0000000280)={0x7, 0x2, 0x9}, 0xc) 952.690119ms ago: executing program 2 (id=10461): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r1, 0x2000) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x9) 944.580633ms ago: executing program 6 (id=10462): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040)) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000240)={[{0x8a0, 0x1ff, 0x0, 0x44, 0x0, 0x2, 0x2, 0x1, 0x6, 0x5, 0x0, 0x6, 0x6}, {0x3, 0x1, 0x1, 0x2a, 0xe1, 0xf6, 0x5, 0x2, 0xb4, 0x2, 0x1, 0x2, 0x2}, {0x0, 0x4, 0x9, 0x6, 0x80, 0x9, 0x1, 0x8, 0x9, 0xff, 0x4, 0x28, 0x3ff}], 0x400}) 649.954158ms ago: executing program 2 (id=10463): r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000083667d1040206402d14e0102030109021b000100000000090400000190f19c00090584"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f00000006c0)={0x84, &(0x7f00000002c0)={0x20, 0x6, 0x1, '6'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) 649.271989ms ago: executing program 7 (id=10464): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r1}, 0x18) r2 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r2, &(0x7f0000000140)={0x28, 0x0, 0x0, @host}, 0x10) 636.659665ms ago: executing program 5 (id=10465): r0 = shmget$private(0x0, 0x400000, 0x8, &(0x7f000000e000/0x400000)=nil) r1 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setresuid(r2, r2, 0xee00) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000200)={{0x1, 0x0, 0x0, r2, 0x0, 0x123, 0x3}, 0x5, 0x9, 0xbe, 0x8, 0x0, 0x0, 0x200}) 440.357183ms ago: executing program 2 (id=10466): r0 = socket(0x10, 0x3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'bridge_slave_0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000240)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="38000000540001002bbd7000fddbdf2507000000", @ANYRES32=r3, @ANYBLOB="20000100", @ANYRES32=r2, @ANYBLOB="010200087f"], 0x38}, 0x1, 0x0, 0x0, 0x2404c010}, 0x800) 409.302602ms ago: executing program 7 (id=10467): r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) r1 = socket$unix(0x1, 0x1, 0x0) bind$unix(r1, &(0x7f0000000000)=@file={0x1, './file0\x00'}, 0x6e) listen(r1, 0x1) sendmsg$TCPDIAG_GETSOCK(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)={0x4c, 0x14, 0x101, 0x170bda4, 0x25dfdbfd, {0x1, 0x1f, 0x88, 0x10, {0x4e24, 0x4e21, [0x3, 0xfffffffb, 0xf, 0xc3], [0x6, 0x0, 0x5, 0x7], 0x0, [0x1, 0x7fffffff]}, 0x2, 0xc7}}, 0x4c}, 0x1, 0x0, 0x0, 0x40480cc}, 0x40000) 396.380412ms ago: executing program 5 (id=10468): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x0, 0xe, &(0x7f0000000780)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x27}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000001780)={r1, 0x0, 0x0}, 0x10) 288.412545ms ago: executing program 2 (id=10469): r0 = socket(0x40000000015, 0x5, 0x0) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000000)=0x1, 0x4) bind$inet(r0, &(0x7f00008a5ff0)={0x2, 0x0, @loopback}, 0x10) recvmmsg(r0, &(0x7f0000000cc0)=[{{0x0, 0x0, 0x0}, 0x275a}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000b00)=""/234, 0xea}, 0x4}], 0x2, 0x60010000, 0x0) sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x2, 0x0, @loopback}, 0x10) 242.234974ms ago: executing program 5 (id=10470): r0 = syz_io_uring_setup(0x3dfc, &(0x7f0000000400)={0x0, 0x100002, 0x10300, 0x2, 0xffffffff}, &(0x7f0000000100)=0x0, &(0x7f0000000080)=0x0) write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000080)={'syz0\x00', {}, 0x0, [0x80000000, 0x3, 0x3ff, 0x8, 0xfffffffd, 0x9009, 0x0, 0x0, 0x100000, 0x9e6, 0x0, 0x0, 0x9, 0x5, 0x0, 0x0, 0xfffffffe, 0xffffffff, 0x9, 0x0, 0x20000, 0x2, 0x0, 0x0, 0x0, 0x4, 0xffffffff, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3, 0xffffffff, 0x10000000, 0x99, 0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x8, 0x0, 0x0, 0x0, 0x4, 0x0, 0x4, 0x0, 0x0, 0x0, 0x2, 0x7, 0xfffffffe, 0x0, 0x0, 0x1], [0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xedc0, 0x0, 0x5e6, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0xa0000000, 0x5, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffff8, 0x2, 0x0, 0x2000079, 0x400, 0x0, 0x0, 0x10000, 0x40000, 0x0, 0xc0800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, 0x0, 0x2, 0x81, 0x0, 0xfffffffd, 0x0, 0xfffffffc, 0x0, 0x0, 0x4771, 0x0, 0x200000], [0x0, 0x7f, 0x0, 0x0, 0x3, 0x0, 0x4, 0x0, 0x1, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x8, 0x0, 0x0, 0x0, 0xa, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x6, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0xfffffffc, 0x4], [0x2, 0x4, 0x6, 0x0, 0x0, 0x0, 0xfffffffe, 0x4, 0x0, 0x0, 0x0, 0x3, 0x7ffffffd, 0x4, 0x800, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4, 0x0, 0xfffffffd, 0x0, 0x10, 0x5, 0xfffffffd, 0x40000, 0x0, 0x0, 0x8001, 0x80, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x4, 0x0, 0x0, 0x0, 0xffffe]}, 0x45c) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x5, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1}) io_uring_enter(r0, 0xa3d, 0x0, 0x0, 0x0, 0xff39) 199.052876ms ago: executing program 6 (id=10471): r0 = socket$inet6(0xa, 0x3, 0xff) setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, &(0x7f0000002e40)=ANY=[@ANYBLOB="00020201"], 0x18) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c) r1 = dup(r0) write$FUSE_ENTRY(r1, &(0x7f0000000880)={0x90, 0x0, 0x0, {0x2, 0x1, 0x10000, 0x2, 0x8, 0x400007, {0x1, 0x200000000000001, 0x6, 0xed65, 0x200000000006, 0x3, 0xffff, 0x101, 0x8, 0x1000, 0x848a, 0x0, 0x0, 0x1, 0xe}}}, 0x90) 165.210371ms ago: executing program 2 (id=10472): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000440)=ANY=[@ANYBLOB="12010000d507df08c410448200dc01020301090212000100000000090400000003"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, &(0x7f00000003c0)={0x2c, 0x0, 0x0, 0x0, &(0x7f0000000280), 0x0}) 164.329998ms ago: executing program 7 (id=10473): r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x6, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="18020000f9ffffff0000000000000000850000002c00000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20}, 0x90) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000340)={r1, r2, 0x25, 0x0, @val=@iter={0x0}}, 0x20) syz_emit_ethernet(0x2dc00, &(0x7f0000000e80)={@local, @local, @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x3, 0x1, 0xbf3, 0x64, 0x0, 0x8, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @local}, {{0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x880b, 0x942, 0x1, [], "0bbb509ac3d65a6f4bb8a7675ff07c0af321413b530de7aab2319588187ec0e62d79b07a64a189cd682779b8781b26c4a53fa3c365d6eed01bdc9b85c70648742f4b5175f1bda158397eeb220e8f0fd0f002b218cd65e2d89b92bd8bbd01851056bf3984cad76a0044317aaca55ae22b886faf28db96dedfd0f0c65b07ec8fb9311352d086fd62a18ad365ec6589c1c2d2b2d708712d2a7629440a9e35d8f1e80a370e6692d8ba1d48d4e8d36279d277982737f79d6936a43a685d7a7da4614ed1729dc039ad6d07c8f0b53be69805f17254948a85cb6ea3bf9dde1be91853a3799079de7d35f74a4153d303aab30e1bfa618f9d9aa1194f5f51441717640a218d3c842e74810be9c2082466020566dec3d8ce9523897ca4d44ef529e4d5a2292951b7296a5f04d25d50b93ae5a92827628eb66c6ba898b4b3f5b22217cbc60e75da4fc7f52fac676e35a0b8260f2b90b7e73bac5df3a4566bc9b6231955ce106425e81343e13c3dce109019068896b43fd168d3a1d0d1aa650aa89ea7bde0aca7d0a91467569994b06d4676b1eda05bf3a5ac76d1b44d7ed32cc81b63358e40c43f445b07bdc566a5d1f7d173d3c8a82ab1609390f400b6179de0d0c1be35269ff50766a48d3e55286290e050277b4089a04ce07033a26341e7ed7316adb47e1b1d52d2a95ba2b9a3d5bac8a022b0a4cff2acd9433c626aa76bb3384a3021d599400d7c7154745c83208bc25dc103efc3120dc68f321c8228bdfffadd05361fc98cfed59676ea86cc8104d29b9a53713806b6495061bc7ea709b46a2ec9c39e1f7478bdf3099815bc396801a25831eb2b27abf03091ca88b169bf2e5c1cf3364c0781ff82b762ef0e123015149560c131a6613c202a8bef6e6399a897c66ec32ef04bcd742a9d3ad2dec320b9ce8286ec4b930eeb5527b4704cf20e7cf961d0a7441a9e33730d87fcbe4ed7aa73057f43775712c1ea9661f8625db4d2f9e41e6864362b6bfaf444e79249852ba3eabe964f1de3fd826d0f46eebe98ccdfe1ac54dc71d3ded3d42c37a6d352fcd76f8730f326c3ffd4d1cbfdad73efa0920bbbdbde593fb1fd5aaa3f903e16b11ca7bafcd037abe5a8f9afc4e09b0867be10d56161d24773fc3ae573def8e593e2f6a8745e1784a1051aaa24ab9cedebee3dcd01b2e4337f47acfdd17a0d5f1d3ce5bdffaf12135f0c59f76600507f65ad7abe28b05520713b7a8d90d5d0c134c3fbb60f1b9da588ff5c373e033c15ebb6bf8913e9d0cb9b25fce83f289d7e52c0eed152e45cb7760ddf50308400daeb80dcf7603b12893e97bc96e91004191da88a18b7e3f17891d7c97850b2e2682c78836aa42c8a9bf3fe286471887c633c68ae23f0d037d7fb3ca4594e9031f1430b50918e3f63843996171e7d8c6570856d3bd551015242882b51a758ffc237888b1834c6754e2e81c53a779df47ee7c3683b356c3c72e933b1b472482060ffd4e74247af0436dc3924fe211255c0eb30e3fe9976ae41437a16607ccc60510e93476111c6c630c0df43bebd7fdf733d0f9c930dbfae8b286fe2b2536885b2578f3f117efd0d2b8368d368dd18f2c3ad41699c3ed13676e5528dbea34a90d0adc66ae2c4430df0331b738628b842d6d7af3f27f890c932202d57a3a4f2f392cc47165e0d45cba14fc00e229b8a9885a2331d6c081f0c2b421b08206dffa93f613611ded62038e2742ff4c7d78b81c8f6fe8d3ab5110668abc57fed96c80b31142aab2cdc133c9eac029977773811b0ebbfc5913cdc224d4ed9604b876a709be269e73de21a6c9f85b595b24e65a7d66caa8e0a5bab1e870f19172632dafaa951e0a787a39aa268dde327f69c0491a58ba3bea5d896cde7335fa6334410d1ed8dcb11905275e7811f174e429722a0b34ee602cf9105ed8a3094b10fbc6bf3cf13d01b576feb19ee3d25ca8df2e4a79b647337f90e4e35b8102c61832dbdb4fa2b6b513efe9fa37deae18d72318143766390bd1356225b929138361eaad35530c1c6ec0c29ab75fcb268d955751eff53af082cd45dbd58de005c1906899cda17ea50addc94b8742c9c7e9695b042cf6a742531c8eef1bdde6b738b2c05dac896b3adbe164e9ee2d103d1c2682dbe668984d4197d7ec070f314b9e1eaa7fb38ec9c6c9cbcf277efab8ce696f635986f8ab98af400f4c60be4315c7e0e0301481003e52ef9af8736b97a0e417c98bb565ee6ba8ecb7774d17a641a8881452c3683e897f3503418fa5121ca76c4b1d1754173fb06e6e253c82a094b68f59b96e5d73bd9fe379506531b0bf6ce28adb1eadb927c0b50c4ac5d0222efda3cd51244a66f4bb67fa9138512f1352a8395837e9f2a0e69ebb4ace1e7f70042093f92d25209abf1cfd91d531b71d4f6f49e894692405d59f9ccd7379d6c941b2dbefbd157e2ef1aabd16be8dc47d4c5f61f7b5f875854ecebadca2f597f2a3c39e041137c31df07f50bfbe1f1f9dff9b4e448b19f45f2d4b7a717d102ff5b75665a215132d09a3327c34a62c0b322dc7d744081db1fbad8a4dbffa332c6940603f6ded8d0c0ca69cb202da87f142624559984c93e0e9020e30bb5efe27efafcd844a3ed6a8991e66bdfb3127d7cfd91ffb957dd2142ad292f2c5665482b8216fe2e216c58ab5a38e9004ef34de09efeb75b436c5182cae459e3b38e6334231d0102a85a3bbc3a03afea67143ae54ae5764166b7d0492ef08e1677fbb97198686e9366700c6a3c9ebc609c2d01fe4643d92cdf4520380c7a82d4c7a783b022e4b35f91585a625bb5c8e5e5c674c336210d11659635ca1ae829f90723f808a858f2b4d3768af3aa92ea8b51481a3b0c9d6ebb23b7770ceff25e18678d732930fda4883978736532fffe621c14836ad8b0eb845a74013bfd6e90e41b28631dcd2866194e576c2bcc966c5d502b40b05d2ab746c6494df6f19257bcde0b14f2a0522a30611b7debcda76e81ed87f3b441622996aa2d713fa20f652c4fa726375ee739faf2437a8dde6a1ba71b02f12fc1794b979dab25e29f5a2daf0b3325aa5eac01b8a4537036b0c394e11a6c0872769fb5bd590641f64b057b23bce178546ecb2aa277eaa0673d7e25a610c91c84e85c193f09a8e4077122811029c7374d673cdf6f11b781fa36430f8928e2b27a7f4b92644a6cebd66eac797442e7e8639d73f61f550b0680809a923d7f19152d332bed753372a1995d9547966d38401b7d16dc008e75c022febecc7b6c82ff4820249b2ecfccb9d1bf2ccbd699ba801785056fe656b257f056a940fbccf77037e2c447e179d6b0c018b843378daaab6bed960af859427b2cfde79e539ed0"}, {0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800, [0x5, 0x2, 0xa], "53fd3a605c55b0a9c96861c4ac71d9e36d30beb1a69ff343d3cb5732d1cc9269717e2f60e3fad8c839ca7d654556f0a23f4c71709c69874108b1c6cb5e70c4881ae780c7e71cac130e207922f7ace1334d701da19c46b7d48d1c0dea52efa7a1bbc00d62a4546ac3b43ad2ca99512b91909b86dff55a941dc36a02666e345a7dbffce69c5fe0b34e57b173a77abeb60aa8b596180c6e5a83e1fbb0f2992fb7f1b5f3d8550bf9beff7ed6eeead89e6bed2d4871a21ee672f867ef"}, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd, [], "7c553b7386031724ba012cc342773460e0ad8f31f8461247e72ef4309a211e546fc38af9bfd7456152491a1c4897d0c2d7b24a33a84d7005fa900848f3aa740b2b14f962f39e5eba5188cbbf1906b5c28956780a31428615adc4986730fdddb9e4dc06f3680791aa2dea123b48f24e2093ab4dc28a860ea8d0fc59619283c69d860ef494a2db20b8ead072dceb2bd57d2c398d258a8f065f76b5f6"}, {0x8, 0x88be, 0x0, {{0x4, 0x1, 0x8, 0x1, 0x1, 0x2, 0x2, 0x7}, 0x1, {0x4d}}}, {0x8, 0x22eb, 0x1, {{0x8, 0x2, 0xc, 0x2, 0x1, 0x2, 0x2, 0x5}, 0x2, {0x4, 0x0, 0x2, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1}}}, {0x8, 0x6558, 0x0, "01d11e75d7404d123c6358f361a3d46f03558121b26a1ca2a5e6e8606603feb94871abc6859e08809ae52366968d59e4d45888c0f5846e09d56469dfd661763b9a6451c881f6397b9c0fb3e6a727b13f35317a118075e47ed6b9eed59b5f3c85e3971be68100fee264a43d6c44817c97424bbf585c932fd2d880685e5a5d91488289134422b8aa2a052e4850af7c745aa2d2ddf0c5497e446eb806d598b6f3fd9755e238860c6676b7d810347883afa1cc24f83ecd293c079532035bb19e4c130fb64e2eb19aeccb8aeeaeffb89892781e052377420259e85e75344d465d7b0e3e03aa69a56fa95351ae0461322e83b317d002a4302195c0ff3d366a5403"}}}}}}, 0x0) 81.434868ms ago: executing program 5 (id=10474): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x83, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CLEAR_DIRTY_LOG(r1, 0xc018aec0, &(0x7f00000005c0)={0x0, 0x140, 0x380, &(0x7f0000000180)=[0x6bd1a312, 0xec66, 0xff, 0x8, 0x1, 0xc, 0x6, 0x4, 0x10000, 0x7, 0x9008, 0x9, 0x8, 0x9, 0x5, 0x49, 0x3ff, 0x5, 0x2, 0x1, 0x5, 0x7, 0xc1, 0x1, 0x3276, 0x2, 0x6, 0x7, 0x96, 0xffffffff, 0x1, 0x4, 0x5, 0x7, 0x4, 0xe, 0xc, 0x888f, 0x1, 0x8, 0x79, 0x7, 0x3, 0xa3de, 0x20000000006, 0x8, 0x8001, 0x3fc, 0x4000000000000003, 0xff7ffffffffffff4, 0xfffffffffffffffa, 0x2, 0xe, 0x6, 0x4, 0xe6, 0x200000000000101, 0x5, 0x9, 0x40, 0x3, 0x7, 0x40000005, 0xfffffffeffffffff, 0x80000005, 0xd, 0x10001, 0xbbd6, 0x80000000, 0xfffffffffffffc00, 0x2, 0x7, 0x2, 0xfffffffffffffffa, 0x4000000007, 0x2, 0x3, 0x2, 0x2, 0x802, 0x8000000000006, 0x4, 0x1, 0xab6, 0x3, 0x8, 0x0, 0xffffffffffffff81, 0x9, 0xff, 0x22b, 0x28000000, 0x5, 0x8061d, 0x3, 0x7, 0x1000000000000f6, 0x4, 0x6, 0xffffffff, 0x7, 0xe53e, 0x4, 0x8, 0x2293332f, 0x5, 0x8, 0x1e, 0xd, 0x2, 0x4, 0xfffffffffffffffb, 0x200000000004, 0x7, 0xdfd4, 0x100000fffd, 0x10, 0x4000000000009, 0x8, 0x1, 0x53e0f0fe, 0x0, 0x1, 0x0, 0xa692, 0xcc, 0xb, 0x1000003]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f00000002c0)=ANY=[]) 207.358µs ago: executing program 2 (id=10475): capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)='\x00', 0x1}], 0x1, &(0x7f00000000c0)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18}, 0x0) prlimit64(0x0, 0x7, &(0x7f0000000300), 0x0) sendmmsg$unix(r0, &(0x7f0000005400)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000100)='+', 0x1}], 0x1, &(0x7f0000000880)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18}}], 0x1, 0x11) 0s ago: executing program 6 (id=10476): r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x67, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000200), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$WG_CMD_SET_DEVICE(r2, &(0x7f0000001040)={0x0, 0x0, &(0x7f0000001000)={&(0x7f0000000240)=ANY=[@ANYBLOB="d8010000", @ANYRES16=r1, @ANYBLOB="010000000000fbdbdf25010000000800050001000000060006004e220000140002007767320000000000000000000000000024000300a0cb879a47f5bc644c0e693fa6d031c74a1553b6e901b90002518c7804162f427c010880"], 0x1d8}, 0x1, 0x0, 0x0, 0x2c091}, 0x800) kernel console output (not intermixed with test programs): ytes leftover after parsing attributes in process `syz.5.5475'. [ 526.188019][T17998] netem: change failed [ 527.252285][T18045] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5505'. [ 527.719634][T18063] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5513'. [ 527.811166][T18063] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5513'. [ 528.664935][T18105] Bluetooth: hci5: Frame reassembly failed (-84) [ 530.704181][ T5809] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 530.761228][ C1] vkms_vblank_simulate: vblank timer overrun [ 530.891782][ C1] vkms_vblank_simulate: vblank timer overrun [ 531.218655][T18216] netlink: 65039 bytes leftover after parsing attributes in process `syz.5.5585'. [ 531.564307][ T5883] usb 2-1: new high-speed USB device number 36 using dummy_hcd [ 531.714564][ T5883] usb 2-1: Using ep0 maxpacket: 32 [ 531.718255][ T5883] usb 2-1: config 2 has an invalid interface number: 42 but max is 0 [ 531.718285][ T5883] usb 2-1: config 2 has no interface number 0 [ 531.718320][ T5883] usb 2-1: config 2 interface 42 has no altsetting 0 [ 531.728090][ T5883] usb 2-1: New USB device found, idVendor=04dd, idProduct=9031, bcdDevice=45.53 [ 531.728120][ T5883] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 531.728140][ T5883] usb 2-1: Product: syz [ 531.728154][ T5883] usb 2-1: Manufacturer: syz [ 531.728168][ T5883] usb 2-1: SerialNumber: syz [ 531.735392][T18236] kvm: apic: phys broadcast and lowest prio [ 532.020767][ T5883] cdc_ether 2-1:2.42: skipping garbage [ 532.020793][ T5883] usb 2-1: bad CDC descriptors [ 532.022206][ T5883] usb 2-1: unsupported MDLM descriptors [ 532.057022][ T5883] usb 2-1: USB disconnect, device number 36 [ 532.404578][T18259] program syz.6.5606 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 532.640065][T18267] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 533.460164][T18300] bridge0: entered allmulticast mode [ 534.000713][T18327] netlink: 'syz.5.5637': attribute type 21 has an invalid length. [ 534.000743][T18327] netlink: 'syz.5.5637': attribute type 1 has an invalid length. [ 534.000758][T18327] netlink: 'syz.5.5637': attribute type 2 has an invalid length. [ 534.000773][T18327] netlink: 9062 bytes leftover after parsing attributes in process `syz.5.5637'. [ 534.227039][T18337] overlayfs: failed to clone upperpath [ 536.054436][ T5999] usb 2-1: new high-speed USB device number 37 using dummy_hcd [ 536.208136][ T5999] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 536.208170][ T5999] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 536.208218][ T5999] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00 [ 536.208243][ T5999] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 536.269998][ T5999] usb 2-1: config 0 descriptor?? [ 536.509398][T18419] sctp: [Deprecated]: syz.6.5682 (pid 18419) Use of int in max_burst socket option deprecated. [ 536.509398][T18419] Use struct sctp_assoc_value instead [ 536.753750][ T5999] kovaplus 0003:1E7D:2D50.003B: hidraw0: USB HID v0.00 Device [HID 1e7d:2d50] on usb-dummy_hcd.1-1/input0 [ 537.043214][T18445] netlink: 60 bytes leftover after parsing attributes in process `syz.4.5691'. [ 537.065239][T18445] netlink: 60 bytes leftover after parsing attributes in process `syz.4.5691'. [ 537.071695][T18445] netlink: 60 bytes leftover after parsing attributes in process `syz.4.5691'. [ 537.123796][ T5999] kovaplus 0003:1E7D:2D50.003B: couldn't init struct kovaplus_device [ 537.123864][ T5999] kovaplus 0003:1E7D:2D50.003B: couldn't install mouse [ 537.127242][ T5999] kovaplus 0003:1E7D:2D50.003B: probe with driver kovaplus failed with error -71 [ 537.158064][ T5999] usb 2-1: USB disconnect, device number 37 [ 538.317790][T18506] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5723'. [ 538.317823][T18506] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5723'. [ 538.510597][T18517] sg_read: process 2386 (syz.1.5728) changed security contexts after opening file descriptor, this is not allowed. [ 539.165991][T18542] netlink: 'syz.5.5740': attribute type 2 has an invalid length. [ 539.166017][T18542] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5740'. [ 539.288638][T18550] program syz.5.5743 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 540.497046][ T37] kauditd_printk_skb: 426 callbacks suppressed [ 540.497069][ T37] audit: type=1107 audit(1763006267.225:640): pid=18589 uid=0 auid=4294967295 ses=4294967295 subj=_ msg='' [ 540.943922][T18615] vivid-000: disconnect [ 540.952229][T18614] vivid-000: reconnect [ 541.638354][T18646] netlink: 188 bytes leftover after parsing attributes in process `syz.6.5788'. [ 543.310199][T18725] netlink: 96 bytes leftover after parsing attributes in process `syz.4.5826'. [ 544.209786][ C1] vkms_vblank_simulate: vblank timer overrun [ 544.298602][ C1] vkms_vblank_simulate: vblank timer overrun [ 544.468938][ C1] vkms_vblank_simulate: vblank timer overrun [ 544.678000][ C1] vkms_vblank_simulate: vblank timer overrun [ 544.842747][T18779] input: syz1 as /devices/virtual/input/input15 [ 545.560135][T18805] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 545.560157][T18805] IPv6: NLM_F_CREATE should be set when creating new route [ 545.560227][T18805] IPv6: NLM_F_CREATE should be set when creating new route [ 545.560266][T18805] IPv6: NLM_F_CREATE should be set when creating new route [ 545.560982][T18805] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 546.347035][T18829] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5874'. [ 546.430448][ C1] vkms_vblank_simulate: vblank timer overrun [ 546.907475][T18847] macvlan0: entered promiscuous mode [ 546.931664][T18847] netlink: 'syz.4.5884': attribute type 1 has an invalid length. [ 546.931690][T18847] netlink: 'syz.4.5884': attribute type 2 has an invalid length. [ 546.931705][T18847] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5884'. [ 547.144341][ T1230] usb 6-1: new high-speed USB device number 36 using dummy_hcd [ 547.262169][T18861] program syz.6.5890 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 547.296883][ T1230] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 547.296916][ T1230] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 547.298562][ T1230] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 547.298592][ T1230] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 547.298614][ T1230] usb 6-1: SerialNumber: syz [ 547.385123][ T37] audit: type=1326 audit(1763006275.155:641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18865 comm="syz.4.5892" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f666e40f6c9 code=0x0 [ 547.601928][ T1230] usb 6-1: 0:2 : does not exist [ 547.602034][ T1230] usb 6-1: unit 5 not found! [ 547.634843][ T1230] usb 6-1: USB disconnect, device number 36 [ 547.828023][ T5916] kworker/1:5 (5916) used greatest stack depth: 13400 bytes left [ 549.110139][T18929] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5923'. [ 549.389806][T18938] netlink: 'syz.1.5927': attribute type 4 has an invalid length. [ 550.244185][ T5847] usb 5-1: new high-speed USB device number 39 using dummy_hcd [ 550.402932][ T5847] usb 5-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 550.402969][ T5847] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 550.476898][ T5847] usb 5-1: config 0 descriptor?? [ 550.698578][ T5847] udl 5-1:0.0: [drm] Unrecognized vendor firmware descriptor [ 550.940499][ T5847] [drm:udl_init] *ERROR* Selecting channel failed [ 550.997885][ T5847] [drm] Initialized udl 0.0.1 for 5-1:0.0 on minor 2 [ 550.997915][ T5847] [drm] Initialized udl on minor 2 [ 551.011711][ T5847] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 551.012073][ T5847] udl 5-1:0.0: [drm] Cannot find any crtc or sizes [ 551.047303][ T5803] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 551.085961][ T5847] usb 5-1: USB disconnect, device number 39 [ 551.087572][ T5803] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 551.087783][ T5803] udl 5-1:0.0: [drm] Cannot find any crtc or sizes [ 553.259094][T19011] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5962'. [ 553.516166][T19061] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5988'. [ 554.100249][T19090] trusted_key: encrypted_key: keyword 'upZate' not recognized [ 555.344224][ T5809] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 555.397490][ C1] vkms_vblank_simulate: vblank timer overrun [ 555.474795][T19139] netlink: 48 bytes leftover after parsing attributes in process `syz.6.6023'. [ 555.569752][ C1] vkms_vblank_simulate: vblank timer overrun [ 555.569860][ T5803] usb 2-1: new high-speed USB device number 38 using dummy_hcd [ 555.724197][ T5803] usb 2-1: Using ep0 maxpacket: 16 [ 555.727913][T19150] netlink: 20 bytes leftover after parsing attributes in process `syz.4.6031'. [ 555.730128][ T5803] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 555.730156][ T5803] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 555.730178][ T5803] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 555.736724][ T5803] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 555.736753][ T5803] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 555.736772][ T5803] usb 2-1: Product: syz [ 555.736787][ T5803] usb 2-1: Manufacturer: syz [ 555.736801][ T5803] usb 2-1: SerialNumber: syz [ 556.176440][ T5803] usb 2-1: 0:2 : does not exist [ 556.585685][ T5803] usb 2-1: 1:0: cannot get min/max values for control 4 (id 1) [ 556.645618][ T5803] usb 2-1: USB disconnect, device number 38 [ 559.194633][T19232] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6070'. [ 560.180454][T19254] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 561.154116][T19283] bridge0: port 2(bridge_slave_1) entered disabled state [ 561.156502][T19283] bridge0: port 1(bridge_slave_0) entered disabled state [ 562.690761][T19351] batadv_slave_1: Device is already in use. [ 563.454573][T19378] pim6reg1: tun_chr_ioctl cmd 1074025677 [ 563.454809][T19378] pim6reg1: linktype set to 778 [ 563.974241][ T5883] usb 5-1: new high-speed USB device number 40 using dummy_hcd [ 563.981740][T19368] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 564.126714][ T5883] usb 5-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 564.126750][ T5883] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 564.154919][ T5883] usb 5-1: config 0 descriptor?? [ 564.177436][ T5883] gspca_main: cpia1-2.14.0 probing 0813:0001 [ 564.564087][ T5883] cpia1 5-1:0.0: unexpected state after lo power cmd: 00 [ 564.764897][ T5847] usb 6-1: new high-speed USB device number 37 using dummy_hcd [ 564.914183][ T5847] usb 6-1: Using ep0 maxpacket: 16 [ 564.917007][ T5847] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 564.917052][ T5847] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 564.917106][ T5847] usb 6-1: New USB device found, idVendor=06a3, idProduct=0621, bcdDevice= 0.00 [ 564.917133][ T5847] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 564.942121][ T5847] usb 6-1: config 0 descriptor?? [ 564.975568][ T5883] gspca_cpia1: usb_control_msg 02, error -71 [ 564.975591][ T5883] cpia1 5-1:0.0: only firmware version 1 is supported (got: 0) [ 565.005305][ T5883] usb 5-1: USB disconnect, device number 40 [ 565.441054][ T5847] hid_parser_main: 1 callbacks suppressed [ 565.441084][ T5847] saitek 0003:06A3:0621.003C: unknown main item tag 0x0 [ 565.441117][ T5847] saitek 0003:06A3:0621.003C: unknown main item tag 0x0 [ 565.441147][ T5847] saitek 0003:06A3:0621.003C: unknown main item tag 0x0 [ 565.441186][ T5847] saitek 0003:06A3:0621.003C: unknown main item tag 0x0 [ 565.441214][ T5847] saitek 0003:06A3:0621.003C: unknown main item tag 0x0 [ 565.452567][ T5847] saitek 0003:06A3:0621.003C: hidraw0: USB HID v0.00 Device [HID 06a3:0621] on usb-dummy_hcd.5-1/input0 [ 565.463824][T19446] trusted_key: encrypted_key: keyword 'uew' not recognized [ 565.640529][T19450] netlink: 1 bytes leftover after parsing attributes in process `syz.6.6173'. [ 565.647253][ T5803] usb 6-1: USB disconnect, device number 37 [ 567.163360][T19502] netlink: 48 bytes leftover after parsing attributes in process `syz.4.6197'. [ 567.183893][T19502] netlink: 48 bytes leftover after parsing attributes in process `syz.4.6197'. [ 567.596767][ T1230] kernel write not supported for file /uhid (pid: 1230 comm: kworker/0:2) [ 568.313825][ T1320] ieee802154 phy0 wpan0: encryption failed: -22 [ 568.313897][ T1320] ieee802154 phy1 wpan1: encryption failed: -22 [ 569.190745][ T1230] kernel write not supported for file /amidi2 (pid: 1230 comm: kworker/0:2) [ 569.797825][T19604] netlink: 'syz.4.6245': attribute type 27 has an invalid length. [ 569.797852][T19604] netlink: 164 bytes leftover after parsing attributes in process `syz.4.6245'. [ 570.804162][ T5999] usb 2-1: new high-speed USB device number 39 using dummy_hcd [ 570.954141][ T5999] usb 2-1: Using ep0 maxpacket: 16 [ 570.956937][ T5999] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 23, changing to 8 [ 570.956974][ T5999] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 570.957028][ T5999] usb 2-1: New USB device found, idVendor=0079, idProduct=1803, bcdDevice= 0.00 [ 570.957054][ T5999] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 570.994118][ T5847] usb 5-1: new high-speed USB device number 41 using dummy_hcd [ 571.035842][ T5999] usb 2-1: config 0 descriptor?? [ 571.119968][T19650] netlink: 52 bytes leftover after parsing attributes in process `syz.5.6267'. [ 571.152005][ T5847] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 571.152036][ T5847] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 571.153656][ T5847] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 571.153686][ T5847] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 571.153709][ T5847] usb 5-1: SerialNumber: syz [ 571.388133][ T5847] usb 5-1: 0:2 : does not exist [ 571.467736][ T5847] usb 5-1: USB disconnect, device number 41 [ 571.468393][ T5999] hid_mf 0003:0079:1803.003D: unknown main item tag 0x0 [ 571.468428][ T5999] hid_mf 0003:0079:1803.003D: unknown main item tag 0x0 [ 571.554460][ T5999] hid_mf 0003:0079:1803.003D: hidraw0: USB HID v0.05 Device [HID 0079:1803] on usb-dummy_hcd.1-1/input0 [ 571.554512][ T5999] hid_mf 0003:0079:1803.003D: Invalid report, this should never happen! [ 571.554529][ T5999] hid_mf 0003:0079:1803.003D: Force feedback init failed. [ 571.671011][ T5999] usb 2-1: USB disconnect, device number 39 [ 572.558144][ T37] audit: type=1326 audit(1763006300.325:642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19697 comm="syz.1.6290" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe22fbff6c9 code=0x0 [ 572.618450][T19701] input: syz1 as /devices/virtual/input/input16 [ 573.366262][T19738] netlink: 76 bytes leftover after parsing attributes in process `syz.4.6309'. [ 574.148421][T19771] kvm: kvm [19770]: vcpu3, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010002) = 0x3 [ 575.544559][ T5803] usb 6-1: new high-speed USB device number 38 using dummy_hcd [ 575.714890][ T5803] usb 6-1: Using ep0 maxpacket: 16 [ 575.717585][ T5803] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 575.717622][ T5803] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 575.717648][ T5803] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 575.717696][ T5803] usb 6-1: New USB device found, idVendor=5543, idProduct=0781, bcdDevice= 0.00 [ 575.717723][ T5803] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 575.723705][ T5803] usb 6-1: config 0 descriptor?? [ 575.884402][ T5847] usb 2-1: new high-speed USB device number 40 using dummy_hcd [ 576.043734][ T5847] usb 2-1: New USB device found, idVendor=1645, idProduct=0008, bcdDevice=cf.36 [ 576.046056][ T5847] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 576.091061][ T5847] usb 2-1: config 0 descriptor?? [ 576.194204][ T5803] uclogic 0003:5543:0781.003E: unknown main item tag 0x0 [ 576.194478][ T5803] uclogic 0003:5543:0781.003E: unknown main item tag 0x0 [ 576.194508][ T5803] uclogic 0003:5543:0781.003E: unknown main item tag 0x0 [ 576.194537][ T5803] uclogic 0003:5543:0781.003E: unknown main item tag 0x0 [ 576.194796][ T5803] uclogic 0003:5543:0781.003E: unknown main item tag 0x0 [ 576.218487][ T5803] uclogic 0003:5543:0781.003E: hidraw0: USB HID v0.04 Device [HID 5543:0781] on usb-dummy_hcd.5-1/input0 [ 576.343412][ T5847] kaweth 2-1:0.0: Firmware present in device. [ 576.389280][ T5803] usb 6-1: USB disconnect, device number 38 [ 576.549811][ T5847] kaweth 2-1:0.0: Statistics collection: 0 [ 576.549839][ T5847] kaweth 2-1:0.0: Multicast filter limit: 0 [ 576.549855][ T5847] kaweth 2-1:0.0: MTU: 0 [ 576.549870][ T5847] kaweth 2-1:0.0: Read MAC address 00:00:00:00:00:00 [ 576.951864][ T5847] kaweth 2-1:0.0: Error setting SOFS wait [ 576.952210][ T5847] kaweth 2-1:0.0: probe with driver kaweth failed with error -5 [ 576.962338][ T5847] usb 2-1: USB disconnect, device number 40 [ 577.305734][T19870] netlink: 52 bytes leftover after parsing attributes in process `syz.4.6373'. [ 577.646191][T19883] tipc: New replicast peer: 255.255.255.255 [ 577.647674][T19883] tipc: Enabled bearer , priority 10 [ 577.649673][T19883] netlink: 12 bytes leftover after parsing attributes in process `syz.6.6378'. [ 577.649696][T19883] tipc: Disabling bearer [ 578.357377][T19909] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6390'. [ 580.254340][T19994] netlink: 212356 bytes leftover after parsing attributes in process `syz.5.6430'. [ 580.415867][ T5847] hid-generic 0003:0004:0000.003F: unknown main item tag 0x0 [ 580.415908][ T5847] hid-generic 0003:0004:0000.003F: unknown main item tag 0x0 [ 580.415936][ T5847] hid-generic 0003:0004:0000.003F: unknown main item tag 0x0 [ 580.415965][ T5847] hid-generic 0003:0004:0000.003F: unknown main item tag 0x0 [ 580.415992][ T5847] hid-generic 0003:0004:0000.003F: unknown main item tag 0x0 [ 580.416019][ T5847] hid-generic 0003:0004:0000.003F: unknown main item tag 0x0 [ 580.416047][ T5847] hid-generic 0003:0004:0000.003F: unknown main item tag 0x0 [ 580.417238][ T5847] hid-generic 0003:0004:0000.003F: unknown main item tag 0x0 [ 580.417269][ T5847] hid-generic 0003:0004:0000.003F: unknown main item tag 0x0 [ 580.417296][ T5847] hid-generic 0003:0004:0000.003F: unknown main item tag 0x0 [ 580.420259][ T5847] hid-generic 0003:0004:0000.003F: hidraw0: USB HID v0.00 Device [syz0] on syz1 [ 581.456045][T20049] netlink: 'syz.5.6457': attribute type 1 has an invalid length. [ 581.978319][T20071] batadv_slave_0: entered promiscuous mode [ 582.002172][T20071] batman_adv: batadv0: Adding interface: macsec2 [ 582.002195][T20071] batman_adv: batadv0: The MTU of interface macsec2 is too small (1468) to handle the transport of batman-adv packets. If you experience problems getting traffic through try increasing the MTU to 1500. [ 582.002225][T20071] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 582.002244][T20071] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 582.002263][T20071] batman_adv: batadv0: Interface activated: macsec2 [ 582.321123][T20087] input: syz1 as /devices/virtual/input/input17 [ 583.705339][T20138] Attempt to restore checkpoint with obsolete wellknown handles [ 586.172210][T20240] vcan0: tx drop: invalid da for name 0x0000000000000002 [ 586.695077][T20259] netlink: 'syz.1.6557': attribute type 1 has an invalid length. [ 587.124728][T20278] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6566'. [ 587.124766][T20278] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6566'. [ 588.335990][T20328] netlink: 'syz.1.6590': attribute type 9 has an invalid length. [ 588.336018][T20328] netlink: 'syz.1.6590': attribute type 7 has an invalid length. [ 588.336032][T20328] netlink: 'syz.1.6590': attribute type 8 has an invalid length. [ 589.499345][T20367] TCP: tcp_parse_options: Illegal window scaling value 64 > 14 received [ 589.568644][T20370] netlink: 'syz.1.6611': attribute type 1 has an invalid length. [ 589.568673][T20370] netlink: 16 bytes leftover after parsing attributes in process `syz.1.6611'. [ 589.568714][T20370] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 590.525826][T20418] netlink: 'syz.6.6634': attribute type 3 has an invalid length. [ 591.472144][T20447] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 592.357556][T20470] netlink: 'syz.5.6658': attribute type 10 has an invalid length. [ 592.612750][ C1] vkms_vblank_simulate: vblank timer overrun [ 592.767321][ T37] audit: type=1326 audit(1763006320.535:643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20487 comm="syz.1.6667" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe22fbff6c9 code=0x0 [ 593.622510][ C1] vkms_vblank_simulate: vblank timer overrun [ 593.626115][T20513] netlink: 'syz.6.6680': attribute type 1 has an invalid length. [ 593.733386][ C1] vkms_vblank_simulate: vblank timer overrun [ 593.942182][ C1] vkms_vblank_simulate: vblank timer overrun [ 594.176682][ C1] vkms_vblank_simulate: vblank timer overrun [ 594.349651][T20470] team0 (unregistering): Port device team_slave_0 removed [ 594.412975][T20470] team0 (unregistering): Port device team_slave_1 removed [ 596.004490][ T5917] usb 6-1: new full-speed USB device number 39 using dummy_hcd [ 596.167329][ T5917] usb 6-1: config 0 has an invalid interface number: 128 but max is 0 [ 596.167364][ T5917] usb 6-1: config 0 has no interface number 0 [ 596.171073][ T5917] usb 6-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a [ 596.171107][ T5917] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 596.171130][ T5917] usb 6-1: Product: syz [ 596.171145][ T5917] usb 6-1: Manufacturer: syz [ 596.171162][ T5917] usb 6-1: SerialNumber: syz [ 596.231230][ T5917] usb 6-1: config 0 descriptor?? [ 597.067046][ T5917] usb 6-1: Firmware version (0.0) predates our first public release. [ 597.067077][ T5917] usb 6-1: Please update to version 0.2 or newer [ 597.203364][ T5917] usb 6-1: USB disconnect, device number 39 [ 597.678633][ C0] vkms_vblank_simulate: vblank timer overrun [ 599.214233][ T5883] usb 6-1: new high-speed USB device number 40 using dummy_hcd [ 599.364227][ T5883] usb 6-1: Using ep0 maxpacket: 32 [ 599.369592][ T5883] usb 6-1: config 0 has an invalid interface number: 85 but max is 0 [ 599.369623][ T5883] usb 6-1: config 0 has no interface number 0 [ 599.369680][ T5883] usb 6-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 599.369710][ T5883] usb 6-1: config 0 interface 85 has no altsetting 0 [ 599.373027][ T5883] usb 6-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72 [ 599.373058][ T5883] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 599.373078][ T5883] usb 6-1: Product: syz [ 599.373095][ T5883] usb 6-1: Manufacturer: syz [ 599.373111][ T5883] usb 6-1: SerialNumber: syz [ 599.460700][ T5883] usb 6-1: config 0 descriptor?? [ 599.830914][T20736] netlink: 212368 bytes leftover after parsing attributes in process `syz.1.6786'. [ 600.004248][ T5999] usb 5-1: new high-speed USB device number 42 using dummy_hcd [ 600.102157][ T5883] appletouch 6-1:0.85: Geyser mode initialized. [ 600.116227][ T5883] input: appletouch as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.85/input/input20 [ 600.167793][ T5999] usb 5-1: config 0 has no interfaces? [ 600.167840][ T5999] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 600.167867][ T5999] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 600.203014][ T5999] usb 5-1: config 0 descriptor?? [ 600.331482][ T5803] usb 6-1: USB disconnect, device number 40 [ 600.418707][ T5803] appletouch 6-1:0.85: input: appletouch disconnected [ 600.422314][T20733] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 600.425613][T20733] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 600.442028][ T5847] usb 5-1: USB disconnect, device number 42 [ 601.632487][T20813] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6824'. [ 601.762468][ T37] audit: type=1326 audit(1763006329.525:644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20818 comm="syz.4.6826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f666e40f6c9 code=0x7ffc0000 [ 601.763618][ T37] audit: type=1326 audit(1763006329.525:645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20818 comm="syz.4.6826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f666e40f6c9 code=0x7ffc0000 [ 601.773879][ T37] audit: type=1326 audit(1763006329.535:646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20818 comm="syz.4.6826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=87 compat=0 ip=0x7f666e40f6c9 code=0x7ffc0000 [ 601.773935][ T37] audit: type=1326 audit(1763006329.535:647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20818 comm="syz.4.6826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f666e40f6c9 code=0x7ffc0000 [ 601.774206][ T37] audit: type=1326 audit(1763006329.535:648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20818 comm="syz.4.6826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f666e40f6c9 code=0x7ffc0000 [ 603.900010][T20899] Context (ID=0x0) not attached to queue pair (handle=0xffffffff:0x2) [ 605.169634][T20932] netlink: 12 bytes leftover after parsing attributes in process `syz.6.6878'. [ 605.908460][T20961] netlink: 168 bytes leftover after parsing attributes in process `syz.6.6889'. [ 606.002247][T20967] netlink: 20 bytes leftover after parsing attributes in process `syz.5.6893'. [ 606.059578][T20970] netlink: 20 bytes leftover after parsing attributes in process `syz.5.6893'. [ 607.273244][T21010] netlink: 'syz.5.6912': attribute type 3 has an invalid length. [ 607.763567][ T37] audit: type=1326 audit(1763006335.525:649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21021 comm="syz.6.6920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e1772f6c9 code=0x7ffc0000 [ 607.763632][ T37] audit: type=1326 audit(1763006335.525:650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21021 comm="syz.6.6920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e1772f6c9 code=0x7ffc0000 [ 607.764707][ T37] audit: type=1326 audit(1763006335.525:651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21021 comm="syz.6.6920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e1772f6c9 code=0x7ffc0000 [ 607.764764][ T37] audit: type=1326 audit(1763006335.535:652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21021 comm="syz.6.6920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f4e176cb779 code=0x7ffc0000 [ 607.765186][ T37] audit: type=1326 audit(1763006335.535:653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21021 comm="syz.6.6920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f4e176cb779 code=0x7ffc0000 [ 607.766225][ T37] audit: type=1326 audit(1763006335.535:654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21021 comm="syz.6.6920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f4e176cb779 code=0x7ffc0000 [ 607.795280][ T37] audit: type=1326 audit(1763006335.565:655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21021 comm="syz.6.6920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f4e176cb779 code=0x7ffc0000 [ 607.815697][ T37] audit: type=1326 audit(1763006335.585:656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21021 comm="syz.6.6920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f4e176cb779 code=0x7ffc0000 [ 607.817308][ T37] audit: type=1326 audit(1763006335.585:657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21021 comm="syz.6.6920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f4e176cb779 code=0x7ffc0000 [ 607.829671][ T37] audit: type=1326 audit(1763006335.595:658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21021 comm="syz.6.6920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f4e176cb779 code=0x7ffc0000 [ 608.682788][T21049] netlink: 'syz.1.6933': attribute type 6 has an invalid length. [ 608.682825][T21049] netlink: 14623 bytes leftover after parsing attributes in process `syz.1.6933'. [ 609.034732][T21063] vivid-000: disconnect [ 609.035743][T21060] vivid-000: reconnect [ 609.217695][T21074] program syz.5.6945 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 609.379223][T21081] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6947'. [ 610.584158][ T5803] usb 2-1: new high-speed USB device number 41 using dummy_hcd [ 610.684338][ T5847] usb 5-1: new high-speed USB device number 43 using dummy_hcd [ 610.738078][ T5803] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 610.738158][ T5803] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 610.738184][ T5803] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 610.779292][ T5803] usb 2-1: config 0 descriptor?? [ 610.791693][ T5803] pwc: Askey VC010 type 2 USB webcam detected. [ 610.851851][ T5847] usb 5-1: New USB device found, idVendor=0547, idProduct=0201, bcdDevice=11.64 [ 610.852319][ T5847] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 610.852345][ T5847] usb 5-1: Product: syz [ 610.852361][ T5847] usb 5-1: Manufacturer: syz [ 610.852376][ T5847] usb 5-1: SerialNumber: syz [ 610.900988][ T5847] usb 5-1: config 0 descriptor?? [ 610.917897][ T5847] dvb-usb: found a 'Nebula Electronics uDigiTV DVB-T USB2.0)' in warm state. [ 610.976346][ T5847] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 610.977886][ T5847] dvbdev: DVB: registering new adapter (Nebula Electronics uDigiTV DVB-T USB2.0)) [ 610.978018][ T5847] usb 5-1: media controller created [ 611.077355][ T5847] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 611.202275][ T5803] pwc: recv_control_msg error -32 req 02 val 2b00 [ 611.241218][ T5847] DVB: Unable to find symbol mt352_attach() [ 611.368132][ T5847] DVB: Unable to find symbol nxt6000_attach() [ 611.368152][ T5847] dvb-usb: no frontend was attached by 'Nebula Electronics uDigiTV DVB-T USB2.0)' [ 611.393741][ T5847] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb5/5-1/input/input21 [ 611.415687][ T5803] pwc: recv_control_msg error -71 req 02 val 2c00 [ 611.416305][ T5803] pwc: recv_control_msg error -71 req 04 val 1000 [ 611.416870][ T5803] pwc: recv_control_msg error -71 req 04 val 1300 [ 611.417450][ T5803] pwc: recv_control_msg error -71 req 04 val 1400 [ 611.418143][ T5803] pwc: recv_control_msg error -71 req 02 val 2000 [ 611.420633][ T5803] pwc: recv_control_msg error -71 req 02 val 2100 [ 611.421196][ T5803] pwc: recv_control_msg error -71 req 04 val 1500 [ 611.471962][ T5847] dvb-usb: schedule remote query interval to 1000 msecs. [ 611.471987][ T5847] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0) successfully initialized and connected. [ 611.472007][ T5847] dvb-usb: bulk message failed: -22 (7/0) [ 611.472026][ T5847] dvb-usb: bulk message failed: -22 (7/0) [ 611.472270][ T5803] pwc: recv_control_msg error -71 req 02 val 2500 [ 611.482409][ T5803] pwc: recv_control_msg error -71 req 02 val 2400 [ 611.523750][ T5803] pwc: recv_control_msg error -71 req 02 val 2600 [ 611.532791][ T5803] pwc: recv_control_msg error -71 req 02 val 2900 [ 611.541528][ T5803] pwc: recv_control_msg error -71 req 02 val 2800 [ 611.553445][ T5847] usb 5-1: USB disconnect, device number 43 [ 611.561423][ T5803] pwc: recv_control_msg error -71 req 04 val 1100 [ 611.576643][ T5803] pwc: recv_control_msg error -71 req 04 val 1200 [ 611.591944][ T5803] pwc: Registered as video103. [ 611.600726][ T5803] input: PWC snapshot button as /devices/platform/dummy_hcd.1/usb2/2-1/input/input22 [ 611.675084][ T5803] usb 2-1: USB disconnect, device number 41 [ 611.752067][ T5847] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0 successfully deinitialized and disconnected. [ 614.773205][ T37] kauditd_printk_skb: 145 callbacks suppressed [ 614.773227][ T37] audit: type=1400 audit(1763006342.535:804): lsm=SMACK fn=smack_file_fcntl action=denied subject="w" object="_" requested=w pid=21280 comm="syz.1.7046" path="/proc/2824/task/2825/attr/current" dev="proc" ino=67989 [ 618.950611][T21429] netlink: 292 bytes leftover after parsing attributes in process `syz.1.7116'. [ 620.414220][ T5999] usb 5-1: new high-speed USB device number 44 using dummy_hcd [ 620.566888][ T5999] usb 5-1: Using ep0 maxpacket: 16 [ 620.569545][ T5999] usb 5-1: config 2 has an invalid interface number: 142 but max is 0 [ 620.569577][ T5999] usb 5-1: config 2 has no interface number 0 [ 620.569630][ T5999] usb 5-1: config 2 interface 142 altsetting 0 has an endpoint descriptor with address 0xEA, changing to 0x8A [ 620.569660][ T5999] usb 5-1: config 2 interface 142 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 620.569692][ T5999] usb 5-1: config 2 interface 142 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 620.569718][ T5999] usb 5-1: config 2 interface 142 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 620.573308][ T5999] usb 5-1: New USB device found, idVendor=1286, idProduct=2046, bcdDevice=c6.6e [ 620.573338][ T5999] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 620.573362][ T5999] usb 5-1: Product: syz [ 620.573379][ T5999] usb 5-1: Manufacturer: syz [ 620.573394][ T5999] usb 5-1: SerialNumber: syz [ 620.596619][ T5999] usb 5-1: NFC: intf ffff888028485000 id ffffffff8de98420 [ 620.840657][ T5803] usb 5-1: USB disconnect, device number 44 [ 621.734225][ T5847] usb 2-1: new high-speed USB device number 42 using dummy_hcd [ 621.884123][ T5847] usb 2-1: Using ep0 maxpacket: 32 [ 621.888796][ T5847] usb 2-1: config 0 has an invalid interface number: 12 but max is 0 [ 621.888826][ T5847] usb 2-1: config 0 has no interface number 0 [ 621.888885][ T5847] usb 2-1: config 0 interface 12 has no altsetting 0 [ 621.892154][ T5847] usb 2-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40 [ 621.892185][ T5847] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 621.892208][ T5847] usb 2-1: Product: syz [ 621.892224][ T5847] usb 2-1: Manufacturer: syz [ 621.892240][ T5847] usb 2-1: SerialNumber: syz [ 621.959192][ T5847] usb 2-1: config 0 descriptor?? [ 622.203452][ T37] audit: type=1804 audit(1763006349.945:805): pid=21585 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.6.7167" name="/newroot/891/file0" dev="tmpfs" ino=4539 res=1 errno=0 [ 622.301839][T21587] netlink: 104 bytes leftover after parsing attributes in process `syz.4.7169'. [ 622.599589][ T5847] f81534 2-1:0.12: f81534_get_register: reg: 1003 failed: -71 [ 622.599656][ T5847] f81534 2-1:0.12: f81534_find_config_idx: read failed: -71 [ 622.599675][ T5847] f81534 2-1:0.12: f81534_calc_num_ports: find idx failed: -71 [ 622.599795][ T5847] f81534 2-1:0.12: probe with driver f81534 failed with error -71 [ 622.655071][ T5847] usb 2-1: USB disconnect, device number 42 [ 622.923366][T21610] sch_tbf: peakrate 2147483643 is lower than or equals to rate 2831599472947593698 ! [ 622.966635][T21614] macvlan2: entered allmulticast mode [ 622.966661][T21614] veth1_vlan: entered allmulticast mode [ 622.986184][T21614] veth1_vlan: left allmulticast mode [ 623.742605][T21645] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 624.405315][T21680] pim6reg: entered allmulticast mode [ 624.407743][T21678] pim6reg: left allmulticast mode [ 628.465196][T18106] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 628.481726][T18106] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 628.489332][T18106] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 628.497664][T18106] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 628.504231][T18106] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 628.704330][ T37] audit: type=1326 audit(1763006356.455:806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21819 comm="syz.6.7281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e1772f6c9 code=0x7ffc0000 [ 628.705077][ T37] audit: type=1326 audit(1763006356.465:807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21819 comm="syz.6.7281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e1772f6c9 code=0x7ffc0000 [ 628.721266][ T37] audit: type=1326 audit(1763006356.485:808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21819 comm="syz.6.7281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4e1772f6c9 code=0x7ffc0000 [ 628.725504][ T37] audit: type=1326 audit(1763006356.485:809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21819 comm="syz.6.7281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e1772f6c9 code=0x7ffc0000 [ 628.725565][ T37] audit: type=1326 audit(1763006356.495:810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21819 comm="syz.6.7281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4e1772f6c9 code=0x7ffc0000 [ 628.725614][ T37] audit: type=1326 audit(1763006356.495:811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21819 comm="syz.6.7281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e1772f6c9 code=0x7ffc0000 [ 628.735520][ T37] audit: type=1326 audit(1763006356.495:812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21819 comm="syz.6.7281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=89 compat=0 ip=0x7f4e1772f6c9 code=0x7ffc0000 [ 628.735576][ T37] audit: type=1326 audit(1763006356.505:813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21819 comm="syz.6.7281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e1772f6c9 code=0x7ffc0000 [ 628.807516][T21824] netlink: 148 bytes leftover after parsing attributes in process `syz.1.7283'. [ 629.343175][T21817] chnl_net:caif_netlink_parms(): no params data found [ 629.772549][ T1320] ieee802154 phy0 wpan0: encryption failed: -22 [ 629.772636][ T1320] ieee802154 phy1 wpan1: encryption failed: -22 [ 630.046039][T21817] bridge0: port 1(bridge_slave_0) entered blocking state [ 630.058174][T21817] bridge0: port 1(bridge_slave_0) entered disabled state [ 630.058427][T21817] bridge_slave_0: entered allmulticast mode [ 630.067519][T21817] bridge_slave_0: entered promiscuous mode [ 630.076321][T21817] bridge0: port 2(bridge_slave_1) entered blocking state [ 630.078189][T21817] bridge0: port 2(bridge_slave_1) entered disabled state [ 630.078402][T21817] bridge_slave_1: entered allmulticast mode [ 630.104330][T21817] bridge_slave_1: entered promiscuous mode [ 630.113297][T21878] syz.6.7306 (21878): /proc/21877/oom_adj is deprecated, please use /proc/21877/oom_score_adj instead. [ 630.402401][T21817] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 630.419966][T21817] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 630.503744][T21893] sctp: [Deprecated]: syz.1.7312 (pid 21893) Use of struct sctp_assoc_value in delayed_ack socket option. [ 630.503744][T21893] Use struct sctp_sack_info instead [ 630.544338][T18106] Bluetooth: hci1: command tx timeout [ 630.669913][T21817] team0: Port device team_slave_0 added [ 630.684877][T21817] team0: Port device team_slave_1 added [ 630.997605][T21817] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 630.997627][T21817] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 630.997656][T21817] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 631.000395][T21817] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 631.000410][T21817] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 631.000440][T21817] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 631.542733][T21817] hsr_slave_0: entered promiscuous mode [ 631.564776][T21817] hsr_slave_1: entered promiscuous mode [ 631.565944][T21817] debugfs: 'hsr0' already exists in 'hsr' [ 631.565974][T21817] Cannot create hsr debugfs directory [ 632.312259][T21948] netlink: 'syz.6.7336': attribute type 13 has an invalid length. [ 632.312285][T21948] netlink: 24859 bytes leftover after parsing attributes in process `syz.6.7336'. [ 632.556455][T21955] netlink: 104 bytes leftover after parsing attributes in process `syz.6.7339'. [ 632.624139][T18106] Bluetooth: hci1: command tx timeout [ 632.813131][T21817] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 632.877957][T21817] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 633.009929][T21817] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 633.083572][T21817] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 633.401740][T21981] input: syz0 as /devices/virtual/input/input23 [ 633.573845][T21817] 8021q: adding VLAN 0 to HW filter on device bond0 [ 633.693769][T21991] netlink: 36 bytes leftover after parsing attributes in process `syz.5.7355'. [ 633.714302][T21817] 8021q: adding VLAN 0 to HW filter on device team0 [ 633.714996][T21991] netlink: 12 bytes leftover after parsing attributes in process `syz.5.7355'. [ 633.749933][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 633.750180][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 633.780176][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 633.781255][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 633.901749][T21996] netlink: 16186 bytes leftover after parsing attributes in process `syz.5.7358'. [ 634.482905][ T5999] hid_parser_main: 8 callbacks suppressed [ 634.482931][ T5999] hid-generic 0005:16C0:5505.0040: unknown main item tag 0x0 [ 634.545452][T21817] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 634.581608][ T5999] hid-generic 0005:16C0:5505.0040: hidraw0: BLUETOOTH HID v0.8b Device [syz0] on aa:aa:aa:aa:aa:aa [ 634.710080][T18106] Bluetooth: hci1: command tx timeout [ 635.282172][ C1] vkms_vblank_simulate: vblank timer overrun [ 635.611869][ C1] vkms_vblank_simulate: vblank timer overrun [ 635.645211][T21817] veth0_vlan: entered promiscuous mode [ 635.695632][T21817] veth1_vlan: entered promiscuous mode [ 635.818174][T21817] veth0_macvtap: entered promiscuous mode [ 635.844706][T21817] veth1_macvtap: entered promiscuous mode [ 635.936193][T21817] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 635.983238][T21817] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 636.051493][T21513] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 636.051748][T21513] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 636.051793][T21513] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 636.051835][T21513] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 636.521734][T21525] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 636.521759][T21525] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 636.760344][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 636.760367][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 636.794392][T18106] Bluetooth: hci1: command tx timeout [ 637.223718][ T5847] usb 6-1: new high-speed USB device number 41 using dummy_hcd [ 637.386782][ T5847] usb 6-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 637.386818][ T5847] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 637.393200][ T5847] usb 6-1: config 0 descriptor?? [ 637.422460][ T5847] cp210x 6-1:0.0: cp210x converter detected [ 637.944892][T22102] netlink: 16390 bytes leftover after parsing attributes in process `syz.1.7399'. [ 638.129624][ T5847] cp210x 6-1:0.0: failed to get vendor val 0x000e size 678: -71 [ 638.129692][ T5847] cp210x 6-1:0.0: GPIO initialisation failed: -71 [ 638.152379][ T5847] usb 6-1: cp210x converter now attached to ttyUSB0 [ 638.164430][ T5847] usb 6-1: USB disconnect, device number 41 [ 638.171433][ T5847] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 638.171995][ T5847] cp210x 6-1:0.0: device disconnected [ 638.757910][T22127] Falling back ldisc for ttyS3. [ 638.871521][T22136] netlink: 16 bytes leftover after parsing attributes in process `syz.6.7415'. [ 638.871555][T22136] netlink: 40 bytes leftover after parsing attributes in process `syz.6.7415'. [ 640.605542][T22181] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7434'. [ 640.854856][T22188] netlink: 80 bytes leftover after parsing attributes in process `syz.1.7435'. [ 640.854886][T22188] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 642.283268][T22241] sctp: [Deprecated]: syz.1.7463 (pid 22241) Use of struct sctp_assoc_value in delayed_ack socket option. [ 642.283268][T22241] Use struct sctp_sack_info instead [ 644.449098][T22327] netlink: 312 bytes leftover after parsing attributes in process `syz.6.7502'. [ 644.912280][T22344] pim6reg1: tun_chr_ioctl cmd 2147767507 [ 645.639866][T22371] 8021q: adding VLAN 0 to HW filter on device bond2 [ 645.642957][T22371] bond0: (slave bond2): Enslaving as an active interface with an up link [ 645.754829][T22383] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 645.978417][T22398] netlink: 12 bytes leftover after parsing attributes in process `syz.1.7535'. [ 647.233849][ C0] vkms_vblank_simulate: vblank timer overrun [ 648.025098][T22473] netlink: 32 bytes leftover after parsing attributes in process `syz.5.7570'. [ 648.531366][T22496] netlink: 'syz.5.7583': attribute type 2 has an invalid length. [ 649.403159][T21514] netdevsim netdevsim6 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 649.413907][T21514] netdevsim netdevsim6 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 649.416934][T21514] netdevsim netdevsim6 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 649.416984][T21514] netdevsim netdevsim6 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 650.840539][ T37] audit: type=1326 audit(1763006378.605:814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22583 comm="syz.1.7627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe22fbff6c9 code=0x7ffc0000 [ 650.853438][ T37] audit: type=1326 audit(1763006378.615:815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22583 comm="syz.1.7627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe22fbff6c9 code=0x7ffc0000 [ 650.855283][ T37] audit: type=1326 audit(1763006378.625:816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22583 comm="syz.1.7627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe22fbff6c9 code=0x7ffc0000 [ 650.855576][ T37] audit: type=1326 audit(1763006378.625:817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22583 comm="syz.1.7627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe22fbff6c9 code=0x7ffc0000 [ 650.855834][ T37] audit: type=1326 audit(1763006378.625:818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22583 comm="syz.1.7627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe22fbff6c9 code=0x7ffc0000 [ 650.858076][ T37] audit: type=1326 audit(1763006378.625:819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22583 comm="syz.1.7627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=434 compat=0 ip=0x7fe22fbff6c9 code=0x7ffc0000 [ 650.858659][ T37] audit: type=1326 audit(1763006378.625:820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22583 comm="syz.1.7627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe22fbff6c9 code=0x7ffc0000 [ 650.858917][ T37] audit: type=1326 audit(1763006378.625:821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22583 comm="syz.1.7627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe22fbff6c9 code=0x7ffc0000 [ 650.860153][ T37] audit: type=1326 audit(1763006378.625:822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22583 comm="syz.1.7627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=424 compat=0 ip=0x7fe22fbff6c9 code=0x7ffc0000 [ 650.877264][ T37] audit: type=1326 audit(1763006378.625:823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22583 comm="syz.1.7627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe22fbff6c9 code=0x7ffc0000 [ 651.153366][ C0] vkms_vblank_simulate: vblank timer overrun [ 651.621062][T22614] netlink: 64 bytes leftover after parsing attributes in process `syz.1.7639'. [ 651.718456][T22618] sctp: [Deprecated]: syz.5.7641 (pid 22618) Use of struct sctp_assoc_value in delayed_ack socket option. [ 651.718456][T22618] Use struct sctp_sack_info instead [ 654.317129][T22713] netlink: 'syz.6.7687': attribute type 1 has an invalid length. [ 654.317156][T22713] netlink: 'syz.6.7687': attribute type 7 has an invalid length. [ 654.317169][T22713] netlink: 144 bytes leftover after parsing attributes in process `syz.6.7687'. [ 654.831427][T22732] netlink: 7 bytes leftover after parsing attributes in process `syz.1.7696'. [ 655.756840][ C0] vkms_vblank_simulate: vblank timer overrun [ 655.922172][ C0] vkms_vblank_simulate: vblank timer overrun [ 656.247230][T22761] netlink: 16 bytes leftover after parsing attributes in process `syz.6.7711'. [ 657.553236][ T5809] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 657.572967][ T5809] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 657.585146][ T5809] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 657.596629][ T5809] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 657.599495][ T5809] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 658.514921][T22783] chnl_net:caif_netlink_parms(): no params data found [ 659.007187][T22783] bridge0: port 1(bridge_slave_0) entered blocking state [ 659.007790][T22783] bridge0: port 1(bridge_slave_0) entered disabled state [ 659.008058][T22783] bridge_slave_0: entered allmulticast mode [ 659.035788][T22783] bridge_slave_0: entered promiscuous mode [ 659.048742][T22783] bridge0: port 2(bridge_slave_1) entered blocking state [ 659.054364][T22783] bridge0: port 2(bridge_slave_1) entered disabled state [ 659.054635][T22783] bridge_slave_1: entered allmulticast mode [ 659.076193][T22783] bridge_slave_1: entered promiscuous mode [ 659.383912][T22783] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 659.399895][T22783] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 659.671176][ T5809] Bluetooth: hci3: command tx timeout [ 659.725150][T22783] team0: Port device team_slave_0 added [ 659.749709][T22783] team0: Port device team_slave_1 added [ 660.130792][T22783] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 660.130813][T22783] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 660.130844][T22783] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 660.133775][T22783] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 660.133790][T22783] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 660.133820][T22783] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 660.494100][ T5999] usb 6-1: new high-speed USB device number 42 using dummy_hcd [ 660.647784][ T5999] usb 6-1: config 0 has an invalid interface number: 1 but max is 0 [ 660.647817][ T5999] usb 6-1: config 0 has no interface number 0 [ 660.671453][ T5999] usb 6-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b [ 660.671486][ T5999] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 660.671510][ T5999] usb 6-1: Product: syz [ 660.671527][ T5999] usb 6-1: Manufacturer: syz [ 660.671542][ T5999] usb 6-1: SerialNumber: syz [ 660.729493][T22783] hsr_slave_0: entered promiscuous mode [ 660.732446][ T5999] usb 6-1: config 0 descriptor?? [ 660.751130][T22783] hsr_slave_1: entered promiscuous mode [ 660.752310][T22783] debugfs: 'hsr0' already exists in 'hsr' [ 660.752337][T22783] Cannot create hsr debugfs directory [ 660.948255][ T5999] usb 6-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state [ 660.970201][ T5999] usb 6-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 660.970656][ T5999] dvbdev: DVB: registering new adapter (E3C EC168 reference design) [ 660.970725][ T5999] usb 6-1: media controller created [ 661.037956][ T5999] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 661.152184][ T5999] i2c i2c-2: ec100: i2c rd failed=-71 reg=33 [ 661.282166][ T5999] usb 6-1: USB disconnect, device number 42 [ 661.748533][ T5809] Bluetooth: hci3: command tx timeout [ 662.378708][T22783] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 662.437690][T22901] fuse: Bad value for 'fd' [ 662.990528][ C0] vkms_vblank_simulate: vblank timer overrun [ 663.092841][T22783] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 663.696191][T22783] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 663.824299][ T5809] Bluetooth: hci3: command tx timeout [ 664.051759][T22783] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 664.712011][T22967] netlink: 8 bytes leftover after parsing attributes in process `syz.7.7801'. [ 664.820907][T22783] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 664.864655][T22783] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 664.906398][T22783] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 664.945159][ T1230] usb 6-1: new high-speed USB device number 43 using dummy_hcd [ 664.976906][T22783] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 665.094451][ T1230] usb 6-1: Using ep0 maxpacket: 16 [ 665.097157][ T1230] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 665.097195][ T1230] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 665.097220][ T1230] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 665.097270][ T1230] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 665.097296][ T1230] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 665.171967][ T1230] usb 6-1: config 0 descriptor?? [ 665.655748][ T1230] microsoft 0003:045E:07DA.0041: unknown main item tag 0x0 [ 665.655791][ T1230] microsoft 0003:045E:07DA.0041: ignoring exceeding usage max [ 665.690895][ T1230] microsoft 0003:045E:07DA.0041: unknown main item tag 0x0 [ 665.690934][ T1230] microsoft 0003:045E:07DA.0041: unknown main item tag 0x0 [ 665.778987][ C0] vkms_vblank_simulate: vblank timer overrun [ 665.807997][T22783] 8021q: adding VLAN 0 to HW filter on device bond0 [ 665.840900][T22783] 8021q: adding VLAN 0 to HW filter on device team0 [ 665.905950][T21536] bridge0: port 1(bridge_slave_0) entered blocking state [ 665.906129][T21536] bridge0: port 1(bridge_slave_0) entered forwarding state [ 665.909786][ T5809] Bluetooth: hci3: command tx timeout [ 665.932384][T21536] bridge0: port 2(bridge_slave_1) entered blocking state [ 665.932587][T21536] bridge0: port 2(bridge_slave_1) entered forwarding state [ 665.964377][ T1230] microsoft 0003:045E:07DA.0041: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.5-1/input0 [ 665.964413][ T1230] microsoft 0003:045E:07DA.0041: no inputs found [ 665.964428][ T1230] microsoft 0003:045E:07DA.0041: could not initialize ff, continuing anyway [ 665.970709][ T1230] usb 6-1: USB disconnect, device number 43 [ 666.061409][ C0] vkms_vblank_simulate: vblank timer overrun [ 666.171486][ C0] vkms_vblank_simulate: vblank timer overrun [ 666.360719][ C0] vkms_vblank_simulate: vblank timer overrun [ 666.678358][ C0] vkms_vblank_simulate: vblank timer overrun [ 666.787414][ T5883] IPVS: starting estimator thread 0... [ 666.829004][ C0] vkms_vblank_simulate: vblank timer overrun [ 666.904202][T23033] IPVS: using max 6 ests per chain, 14400 per kthread [ 667.116966][T22783] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 667.277990][T22783] veth0_vlan: entered promiscuous mode [ 667.313429][T22783] veth1_vlan: entered promiscuous mode [ 667.576538][T22783] veth0_macvtap: entered promiscuous mode [ 667.626000][T22783] veth1_macvtap: entered promiscuous mode [ 667.754538][T22783] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 667.779103][T22783] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 667.810028][T21490] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 667.812061][T21490] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 667.813245][T21490] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 667.813572][T21490] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 668.239717][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 668.239741][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 668.302002][T21506] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 668.302027][T21506] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 668.524320][T23076] bond0: option mode: unable to set because the bond device has slaves [ 669.184396][ T5809] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 669.235697][ C0] vkms_vblank_simulate: vblank timer overrun [ 669.974675][T23136] bond0: Unable to set down delay as MII monitoring is disabled [ 670.283240][T23150] netlink: 12 bytes leftover after parsing attributes in process `syz.6.7881'. [ 673.255278][T23264] netlink: 12 bytes leftover after parsing attributes in process `syz.7.7937'. [ 673.255408][T23264] netlink: 3 bytes leftover after parsing attributes in process `syz.7.7937'. [ 674.098136][T23301] program syz.7.7954 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 674.406556][T23314] netlink: 36 bytes leftover after parsing attributes in process `syz.5.7961'. [ 674.560382][T23323] netlink: 8 bytes leftover after parsing attributes in process `syz.7.7966'. [ 675.509222][ T37] audit: type=1107 audit(1763006403.275:824): pid=23359 uid=0 auid=4294967295 ses=4294967295 subj=_ msg='' [ 676.628830][ T37] audit: type=1326 audit(1763006404.395:825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23385 comm="syz.5.7996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f758deaf6c9 code=0x7ffc0000 [ 676.657004][ T37] audit: type=1326 audit(1763006404.395:826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23385 comm="syz.5.7996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f758deaf6c9 code=0x7ffc0000 [ 676.657063][ T37] audit: type=1326 audit(1763006404.425:827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23385 comm="syz.5.7996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f758deaf6c9 code=0x7ffc0000 [ 676.657114][ T37] audit: type=1326 audit(1763006404.425:828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23385 comm="syz.5.7996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f758deaf6c9 code=0x7ffc0000 [ 676.657163][ T37] audit: type=1326 audit(1763006404.425:829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23385 comm="syz.5.7996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f758deaf6c9 code=0x7ffc0000 [ 676.660043][ T37] audit: type=1326 audit(1763006404.425:830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23385 comm="syz.5.7996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f758deaf6c9 code=0x7ffc0000 [ 676.660579][ T37] audit: type=1326 audit(1763006404.425:831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23385 comm="syz.5.7996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f758deaf6c9 code=0x7ffc0000 [ 676.668160][ T37] audit: type=1326 audit(1763006404.425:832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23385 comm="syz.5.7996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f758deaf6c9 code=0x7ffc0000 [ 676.668213][ T37] audit: type=1326 audit(1763006404.435:833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23385 comm="syz.5.7996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f758deaf6c9 code=0x7ffc0000 [ 676.975207][T23393] sctp: [Deprecated]: syz.6.7999 (pid 23393) Use of struct sctp_assoc_value in delayed_ack socket option. [ 676.975207][T23393] Use struct sctp_sack_info instead [ 677.824381][T23418] netlink: 596 bytes leftover after parsing attributes in process `syz.7.8012'. [ 678.155263][T23426] af_packet: tpacket_rcv: packet too big, clamped from 72 to 4294967286. macoff=82 [ 678.644738][T23445] netlink: 12 bytes leftover after parsing attributes in process `syz.6.8024'. [ 679.117141][T23445] netlink: 12 bytes leftover after parsing attributes in process `syz.6.8024'. [ 679.198457][T23464] program syz.5.8035 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 680.479031][T23515] vlan2: entered promiscuous mode [ 680.479064][T23515] mac80211_hwsim hwsim21 wlan0: entered promiscuous mode [ 680.479384][T23515] vlan2: entered allmulticast mode [ 680.479403][T23515] mac80211_hwsim hwsim21 wlan0: entered allmulticast mode [ 681.581988][T23552] vlan2: entered promiscuous mode [ 681.582019][T23552] mac80211_hwsim hwsim15 wlan0: entered promiscuous mode [ 681.582319][T23552] vlan2: entered allmulticast mode [ 681.582340][T23552] mac80211_hwsim hwsim15 wlan0: entered allmulticast mode [ 681.729899][T23555] can0: slcan on ptm0. [ 682.127288][ C0] vkms_vblank_simulate: vblank timer overrun [ 682.343081][T23553] can0 (unregistered): slcan off ptm0. [ 682.702999][T23587] vlan2: entered promiscuous mode [ 682.703032][T23587] mac80211_hwsim hwsim19 wlan0: entered promiscuous mode [ 682.703346][T23587] vlan2: entered allmulticast mode [ 682.703366][T23587] mac80211_hwsim hwsim19 wlan0: entered allmulticast mode [ 683.502274][T23627] program syz.5.8110 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 686.027617][T23721] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 686.773166][ C0] vkms_vblank_simulate: vblank timer overrun [ 686.852669][T23745] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 687.274251][ T5999] usb 2-1: new high-speed USB device number 43 using dummy_hcd [ 687.434211][ T5999] usb 2-1: Using ep0 maxpacket: 32 [ 687.437478][ T5999] usb 2-1: config 0 interface 0 altsetting 128 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 687.437515][ T5999] usb 2-1: config 0 interface 0 has no altsetting 0 [ 687.437555][ T5999] usb 2-1: New USB device found, idVendor=1b1c, idProduct=0c10, bcdDevice= 0.00 [ 687.437581][ T5999] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 687.510188][ T5999] usb 2-1: config 0 descriptor?? [ 687.985793][ T5999] usbhid 2-1:0.0: can't add hid device: -71 [ 687.985943][ T5999] usbhid 2-1:0.0: probe with driver usbhid failed with error -71 [ 688.036992][ T5999] usb 2-1: USB disconnect, device number 43 [ 688.594143][ T5999] usb 6-1: new high-speed USB device number 44 using dummy_hcd [ 688.755389][ T5999] usb 6-1: Using ep0 maxpacket: 16 [ 688.757752][ T5999] usb 6-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 688.757790][ T5999] usb 6-1: config 0 interface 0 has no altsetting 0 [ 688.757829][ T5999] usb 6-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00 [ 688.757854][ T5999] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 688.814281][ T5999] usb 6-1: config 0 descriptor?? [ 689.269385][ T5999] nzxt-smart2 0003:1E71:2009.0042: unknown main item tag 0x0 [ 689.269431][ T5999] nzxt-smart2 0003:1E71:2009.0042: unknown main item tag 0x0 [ 689.269472][ T5999] nzxt-smart2 0003:1E71:2009.0042: unknown main item tag 0x0 [ 689.269502][ T5999] nzxt-smart2 0003:1E71:2009.0042: unknown main item tag 0x0 [ 689.269530][ T5999] nzxt-smart2 0003:1E71:2009.0042: unknown main item tag 0x0 [ 689.341652][ T5999] nzxt-smart2 0003:1E71:2009.0042: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.5-1/input0 [ 689.483015][ C0] usb 6-1: input irq status -75 received [ 689.690852][ T5803] usb 6-1: USB disconnect, device number 44 [ 691.219076][ T1320] ieee802154 phy0 wpan0: encryption failed: -22 [ 691.219176][ T1320] ieee802154 phy1 wpan1: encryption failed: -22 [ 692.174878][T23911] mkiss: ax0: crc mode is auto. [ 692.504152][ T5803] IPVS: starting estimator thread 0... [ 692.594826][T23931] IPVS: using max 7 ests per chain, 16800 per kthread [ 694.383308][T23988] mkiss: ax0: crc mode is auto. [ 697.697865][T24073] syz.5.8317 (24073): drop_caches: 2 [ 698.022953][T24102] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 699.294199][ T5999] usb 2-1: new high-speed USB device number 44 using dummy_hcd [ 699.444243][ T5999] usb 2-1: Using ep0 maxpacket: 16 [ 699.448807][ T5999] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 699.448841][ T5999] usb 2-1: config 1 has no interface number 1 [ 699.448914][ T5999] usb 2-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0 [ 699.448976][ T5999] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 699.502049][ T5999] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 699.502085][ T5999] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 699.502107][ T5999] usb 2-1: Product: syz [ 699.502124][ T5999] usb 2-1: Manufacturer: syz [ 699.502139][ T5999] usb 2-1: SerialNumber: syz [ 699.647256][ C0] vkms_vblank_simulate: vblank timer overrun [ 699.974414][ T5999] usb 2-1: 2:1 : UAC_AS_GENERAL descriptor not found [ 700.386403][ T5803] usb 2-1: USB disconnect, device number 44 [ 701.504300][ T5803] usb 6-1: new full-speed USB device number 45 using dummy_hcd [ 701.644567][ T5847] usb 2-1: new high-speed USB device number 45 using dummy_hcd [ 701.672246][ T5803] usb 6-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a [ 701.672281][ T5803] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 701.672304][ T5803] usb 6-1: Product: syz [ 701.672330][ T5803] usb 6-1: Manufacturer: syz [ 701.672345][ T5803] usb 6-1: SerialNumber: syz [ 701.687108][ T5803] usb 6-1: config 0 descriptor?? [ 701.692822][ T5803] gspca_main: sq930x-2.14.0 probing 2770:930c [ 701.794408][ T5847] usb 2-1: Using ep0 maxpacket: 32 [ 701.805488][ T5847] usb 2-1: config 0 has an invalid interface number: 51 but max is 0 [ 701.805517][ T5847] usb 2-1: config 0 has no interface number 0 [ 701.818148][ T5847] usb 2-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 701.818180][ T5847] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 701.818201][ T5847] usb 2-1: Product: syz [ 701.818270][ T5847] usb 2-1: Manufacturer: syz [ 701.818285][ T5847] usb 2-1: SerialNumber: syz [ 701.956952][ T5847] usb 2-1: config 0 descriptor?? [ 702.023911][ T5847] quatech2 2-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 702.198703][ T5847] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 702.280844][ T5847] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 702.599734][ C1] usb 2-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 702.600602][ T5999] usb 2-1: USB disconnect, device number 45 [ 702.605866][ T5803] gspca_sq930x: ucbus_write failed -71 [ 702.657414][ T5999] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 702.690969][ T5999] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 702.693695][ T5999] quatech2 2-1:0.51: device disconnected [ 702.834031][ T5803] gspca_sq930x: Sensor ov9630 not yet treated [ 702.834238][ T5803] sq930x 6-1:0.0: probe with driver sq930x failed with error -22 [ 702.839587][ T5803] usb 6-1: USB disconnect, device number 45 [ 705.230057][T24331] tap0: tun_chr_ioctl cmd 1074025677 [ 705.230264][T24331] tap0: linktype set to 780 [ 705.440090][T24335] syzkaller0: tun_chr_ioctl cmd 1074025677 [ 705.440283][T24335] syzkaller0: linktype set to 774 [ 705.616790][ T37] kauditd_printk_skb: 3 callbacks suppressed [ 705.616812][ T37] audit: type=1326 audit(1763006433.385:837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24343 comm="syz.7.8446" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7faa59cbf6c9 code=0x0 [ 706.132452][T24360] netlink: 'syz.6.8451': attribute type 10 has an invalid length. [ 706.238792][T24360] bond0: (slave dummy0): Releasing backup interface [ 706.379424][T24360] team0: Port device dummy0 added [ 706.584616][T24368] netlink: 8 bytes leftover after parsing attributes in process `syz.5.8456'. [ 707.010016][T24391] netlink: 36 bytes leftover after parsing attributes in process `syz.7.8466'. [ 707.975019][T24419] netlink: 28 bytes leftover after parsing attributes in process `syz.6.8480'. [ 707.975085][T24419] netem: change failed [ 708.165015][ T5883] kernel write not supported for file bpf-map (pid: 5883 comm: kworker/0:6) [ 709.660907][T24475] sch_tbf: burst 3 is lower than device lo mtu (65550) ! [ 709.993102][ T5809] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201' [ 709.993131][ T5809] CPU: 1 UID: 0 PID: 5809 Comm: kworker/u9:5 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 709.993157][ T5809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 709.993172][ T5809] Workqueue: hci1 hci_rx_work [ 709.993203][ T5809] Call Trace: [ 709.993212][ T5809] [ 709.993222][ T5809] dump_stack_lvl+0x189/0x250 [ 709.993264][ T5809] ? __pfx_dump_stack_lvl+0x10/0x10 [ 709.993298][ T5809] ? __pfx__printk+0x10/0x10 [ 709.993333][ T5809] ? kernfs_path_from_node+0x2c/0x280 [ 709.993365][ T5809] ? kernfs_path_from_node+0x243/0x280 [ 709.993387][ T5809] ? kernfs_path_from_node+0x2c/0x280 [ 709.993414][ T5809] sysfs_create_dir_ns+0x259/0x280 [ 709.993436][ T5809] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 709.993464][ T5809] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 709.993492][ T5809] ? rt_spin_unlock+0x161/0x200 [ 709.993521][ T5809] kobject_add_internal+0x5a5/0xb50 [ 709.993553][ T5809] kobject_add+0x155/0x220 [ 709.993592][ T5809] ? __pfx_kobject_add+0x10/0x10 [ 709.993636][ T5809] ? get_device_parent+0x370/0x3a0 [ 709.993671][ T5809] device_add+0x408/0xb50 [ 709.993705][ T5809] hci_conn_add_sysfs+0xd5/0x1e0 [ 709.993731][ T5809] le_conn_complete_evt+0xf39/0x1500 [ 709.993778][ T5809] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 709.993809][ T5809] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 709.993841][ T5809] ? lockdep_hardirqs_on+0x9c/0x150 [ 709.993878][ T5809] ? skb_pull_data+0xfb/0x200 [ 709.993918][ T5809] hci_le_conn_complete_evt+0x187/0x450 [ 709.993956][ T5809] hci_event_packet+0x78f/0x1200 [ 709.993985][ T5809] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 709.994017][ T5809] ? __pfx_hci_event_packet+0x10/0x10 [ 709.994056][ T5809] ? hci_send_to_monitor+0xe2/0x570 [ 709.994093][ T5809] hci_rx_work+0x46a/0xe80 [ 709.994131][ T5809] ? process_scheduled_works+0x9ef/0x17b0 [ 709.994164][ T5809] process_scheduled_works+0xae1/0x17b0 [ 709.994232][ T5809] ? __pfx_process_scheduled_works+0x10/0x10 [ 709.994284][ T5809] worker_thread+0x8a0/0xda0 [ 709.994317][ T5809] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 709.994368][ T5809] ? __kthread_parkme+0x7b/0x200 [ 709.994413][ T5809] kthread+0x711/0x8a0 [ 709.994452][ T5809] ? __pfx_worker_thread+0x10/0x10 [ 709.994481][ T5809] ? __pfx_kthread+0x10/0x10 [ 709.994512][ T5809] ? rt_spin_unlock+0x150/0x200 [ 709.994544][ T5809] ? rt_spin_unlock+0x161/0x200 [ 709.994568][ T5809] ? __pfx_kthread+0x10/0x10 [ 709.994603][ T5809] ret_from_fork+0x4bc/0x870 [ 709.994635][ T5809] ? __pfx_ret_from_fork+0x10/0x10 [ 709.994674][ T5809] ? __switch_to_asm+0x39/0x70 [ 709.994696][ T5809] ? __switch_to_asm+0x33/0x70 [ 709.994718][ T5809] ? __pfx_kthread+0x10/0x10 [ 709.994753][ T5809] ret_from_fork_asm+0x1a/0x30 [ 709.994801][ T5809] [ 709.995041][ T5809] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 709.995086][ T5809] Bluetooth: hci1: failed to register connection device [ 710.439631][T24500] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 712.453276][T24568] program syz.5.8549 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 712.742724][ C0] vkms_vblank_simulate: vblank timer overrun [ 713.981154][T24555] syz.6.8543 (24555): drop_caches: 2 [ 714.103521][ C0] vkms_vblank_simulate: vblank timer overrun [ 714.241920][ C0] vkms_vblank_simulate: vblank timer overrun [ 714.448525][ C0] vkms_vblank_simulate: vblank timer overrun [ 715.331466][ C0] vkms_vblank_simulate: vblank timer overrun [ 716.370037][ T37] audit: type=1326 audit(1763006444.135:838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24699 comm="syz.1.8607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53abf4f6c9 code=0x7ffc0000 [ 716.370420][ T37] audit: type=1326 audit(1763006444.135:839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24699 comm="syz.1.8607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f53abf4f6c9 code=0x7ffc0000 [ 716.370826][ T37] audit: type=1326 audit(1763006444.135:840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24699 comm="syz.1.8607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53abf4f6c9 code=0x7ffc0000 [ 716.372494][ T37] audit: type=1326 audit(1763006444.135:841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24699 comm="syz.1.8607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53abf4f6c9 code=0x7ffc0000 [ 716.373046][ T37] audit: type=1326 audit(1763006444.135:842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24699 comm="syz.1.8607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f53abf4f6c9 code=0x7ffc0000 [ 716.373554][ T37] audit: type=1326 audit(1763006444.135:843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24699 comm="syz.1.8607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53abf4f6c9 code=0x7ffc0000 [ 716.375112][ T37] audit: type=1326 audit(1763006444.135:844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24699 comm="syz.1.8607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53abf4f6c9 code=0x7ffc0000 [ 716.375826][ T37] audit: type=1326 audit(1763006444.145:845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24699 comm="syz.1.8607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f53abeeb779 code=0x7ffc0000 [ 716.377736][ T37] audit: type=1326 audit(1763006444.145:846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24699 comm="syz.1.8607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f53abeeb779 code=0x7ffc0000 [ 716.378160][ T37] audit: type=1326 audit(1763006444.145:847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24699 comm="syz.1.8607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f53abeeb779 code=0x7ffc0000 [ 716.568739][T24702] vlan0: entered promiscuous mode [ 716.568763][T24702] bond0: entered promiscuous mode [ 716.568778][T24702] bond_slave_0: entered promiscuous mode [ 716.569060][T24702] bond_slave_1: entered promiscuous mode [ 716.569293][T24702] bond2: entered promiscuous mode [ 716.955028][ C0] vkms_vblank_simulate: vblank timer overrun [ 718.766812][T24791] ip6gre1: entered promiscuous mode [ 718.766844][T24791] ip6gre1: entered allmulticast mode [ 719.361189][T24816] netlink: 172 bytes leftover after parsing attributes in process `syz.1.8661'. [ 720.333379][ T31] usb 2-1: new high-speed USB device number 46 using dummy_hcd [ 720.502620][ T31] usb 2-1: Using ep0 maxpacket: 32 [ 720.509379][ T31] usb 2-1: config 0 has an invalid interface number: 125 but max is 0 [ 720.509412][ T31] usb 2-1: config 0 has no interface number 0 [ 720.509450][ T31] usb 2-1: config 0 interface 125 has no altsetting 0 [ 720.517142][ T31] usb 2-1: New USB device found, idVendor=1039, idProduct=2120, bcdDevice= 2.a7 [ 720.517173][ T31] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 720.517204][ T31] usb 2-1: Product: syz [ 720.517218][ T31] usb 2-1: Manufacturer: syz [ 720.517232][ T31] usb 2-1: SerialNumber: syz [ 720.540215][ T31] usb 2-1: config 0 descriptor?? [ 720.769664][ T31] usb 2-1: [ueagle-atm] ADSL device founded vid (0X1039) pid (0X2120) Rev (0X2A7): Eagle II [ 721.034051][ T1230] usb 6-1: new high-speed USB device number 46 using dummy_hcd [ 721.037428][T24873] ptrace attach of "./syz-executor exec"[8498] was attempted by "\x09   Àÿ Àÿ Ðÿ àÿ ðÿ °ÿ Àÿ ÿÿÿÿ [ 721.192365][ T1230] usb 6-1: Using ep0 maxpacket: 8 [ 721.195002][ T1230] usb 6-1: config 0 has no interfaces? [ 721.195043][ T1230] usb 6-1: New USB device found, idVendor=0e8d, idProduct=2000, bcdDevice=21.c6 [ 721.195070][ T1230] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 721.201850][ T1230] usb 6-1: config 0 descriptor?? [ 721.305674][ T31] usb 2-1: reset high-speed USB device number 46 using dummy_hcd [ 721.491889][ T5803] usb 6-1: USB disconnect, device number 46 [ 721.576116][T24892] vxcan1: entered allmulticast mode [ 721.592963][T24892] vxcan1: left allmulticast mode [ 722.005078][ T31] ueagle-atm 2-1:0.125: usbatm_usb_probe: bind failed: -19! [ 722.009696][ T31] usb 2-1: USB disconnect, device number 46 [ 725.077778][T24997] netlink: 28 bytes leftover after parsing attributes in process `syz.7.8748'. [ 725.077821][T24997] netlink: 28 bytes leftover after parsing attributes in process `syz.7.8748'. [ 725.098807][T24997] erspan0: entered promiscuous mode [ 725.107621][T24997] gretap0: entered promiscuous mode [ 725.119423][T24996] netlink: 52 bytes leftover after parsing attributes in process `syz.1.8749'. [ 725.579671][T25015] loop4: detected capacity change from 0 to 7 [ 725.608812][T25015] Dev loop4: unable to read RDB block 7 [ 725.608849][T25015] loop4: AHDI p2 p3 [ 725.608884][T25015] loop4: partition table partially beyond EOD, truncated [ 725.609020][T25015] loop4: p2 size 150995200 extends beyond EOD, truncated [ 726.039647][T25033] netlink: 'syz.5.8766': attribute type 8 has an invalid length. [ 726.048071][T25033] netlink: 4 bytes leftover after parsing attributes in process `syz.5.8766'. [ 726.107680][T25033] gretap0: entered promiscuous mode [ 726.126300][T25033] debugfs: 'hsr1' already exists in 'hsr' [ 726.126334][T25033] Cannot create hsr debugfs directory [ 726.126359][T25033] hsr1: entered promiscuous mode [ 726.336301][T25044] netlink: 'syz.7.8772': attribute type 3 has an invalid length. [ 728.122616][ C0] vkms_vblank_simulate: vblank timer overrun [ 729.085242][T25137] tracefs: Invalid uid '0x00000000ffffffff' [ 731.057320][ T5883] usb 2-1: new high-speed USB device number 47 using dummy_hcd [ 731.211312][ T5883] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 731.211351][ T5883] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 731.211376][ T5883] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 731.211529][ T5883] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 731.211555][ T5883] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 731.283917][ T5883] usb 2-1: config 0 descriptor?? [ 731.751225][ T5883] plantronics 0003:047F:FFFF.0043: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 731.909501][ T5883] usb 2-1: USB disconnect, device number 47 [ 732.122922][T25222] geneve2: entered promiscuous mode [ 732.126276][T21517] netdevsim netdevsim5 netdevsim0: set [1, 1] type 2 family 0 port 37985 - 0 [ 732.169001][T21517] netdevsim netdevsim5 netdevsim1: set [1, 1] type 2 family 0 port 37985 - 0 [ 732.169062][T21517] netdevsim netdevsim5 netdevsim2: set [1, 1] type 2 family 0 port 37985 - 0 [ 732.169103][T21517] netdevsim netdevsim5 netdevsim3: set [1, 1] type 2 family 0 port 37985 - 0 [ 732.695216][T25246] ip6gre1: entered promiscuous mode [ 732.695248][T25246] ip6gre1: entered allmulticast mode [ 733.306431][T25268] vlan2: entered allmulticast mode [ 733.306821][T25268] bridge0: port 3(vlan2) entered blocking state [ 733.307076][T25268] bridge0: port 3(vlan2) entered disabled state [ 733.311058][T25268] vlan2: entered promiscuous mode [ 736.080615][T25350] netlink: 'syz.1.8914': attribute type 29 has an invalid length. [ 736.105233][T25350] netlink: 'syz.1.8914': attribute type 29 has an invalid length. [ 736.106603][T25350] netlink: 500 bytes leftover after parsing attributes in process `syz.1.8914'. [ 736.355591][ T5883] kernel write not supported for file bpf-prog (pid: 5883 comm: kworker/0:6) [ 738.359252][T25403] sctp: [Deprecated]: syz.7.8938 (pid 25403) Use of struct sctp_assoc_value in delayed_ack socket option. [ 738.359252][T25403] Use struct sctp_sack_info instead [ 738.401351][T25403] sctp: [Deprecated]: syz.7.8938 (pid 25403) Use of struct sctp_assoc_value in delayed_ack socket option. [ 738.401351][T25403] Use struct sctp_sack_info instead [ 738.797255][T25417] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 739.187832][ C0] vkms_vblank_simulate: vblank timer overrun [ 739.508758][T25438] netlink: 20 bytes leftover after parsing attributes in process `syz.6.8955'. [ 739.624308][ T37] kauditd_printk_skb: 125 callbacks suppressed [ 739.624327][ T37] audit: type=1326 audit(1763006723.403:973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25439 comm="syz.5.8957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f758deaf6c9 code=0x7ffc0000 [ 739.648453][ T37] audit: type=1326 audit(1763006723.413:974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25439 comm="syz.5.8957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f758deaf6c9 code=0x7ffc0000 [ 739.648508][ T37] audit: type=1326 audit(1763006723.433:975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25439 comm="syz.5.8957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f758deaf6c9 code=0x7ffc0000 [ 739.648553][ T37] audit: type=1326 audit(1763006723.433:976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25439 comm="syz.5.8957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f758deaf6c9 code=0x7ffc0000 [ 739.648812][ T37] audit: type=1326 audit(1763006723.433:977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25439 comm="syz.5.8957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f758deaf6c9 code=0x7ffc0000 [ 739.659985][ T37] audit: type=1326 audit(1763006723.443:978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25439 comm="syz.5.8957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f758deaf6c9 code=0x7ffc0000 [ 739.660039][ T37] audit: type=1326 audit(1763006723.443:979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25439 comm="syz.5.8957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f758deaf6c9 code=0x7ffc0000 [ 739.660089][ T37] audit: type=1326 audit(1763006723.443:980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25439 comm="syz.5.8957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f758deaf6c9 code=0x7ffc0000 [ 739.689452][ T37] audit: type=1326 audit(1763006723.473:981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25439 comm="syz.5.8957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f758deaf6c9 code=0x7ffc0000 [ 739.689511][ T37] audit: type=1326 audit(1763006723.473:982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25439 comm="syz.5.8957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f758deaf6c9 code=0x7ffc0000 [ 746.716433][T25634] input: syz0 as /devices/virtual/input/input26 [ 748.178836][ T5882] usb 2-1: new high-speed USB device number 48 using dummy_hcd [ 748.398827][ T5882] usb 2-1: Using ep0 maxpacket: 16 [ 748.438804][ T5882] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 748.438845][ T5882] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 748.438889][ T5882] usb 2-1: New USB device found, idVendor=0458, idProduct=5016, bcdDevice= 0.00 [ 748.438915][ T5882] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 748.447120][ T5882] usb 2-1: config 0 descriptor?? [ 748.982958][ T5882] kye 0003:0458:5016.0044: control desc unexpectedly large [ 749.007249][ T5882] input: HID 0458:5016 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0458:5016.0044/input/input27 [ 749.061044][ T5882] input: HID 0458:5016 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0458:5016.0044/input/input28 [ 749.168804][ T5882] kye 0003:0458:5016.0044: input,hiddev0,hidraw0: USB HID v0.09 Device [HID 0458:5016] on usb-dummy_hcd.1-1/input0 [ 749.460338][ T5882] usb 6-1: new full-speed USB device number 47 using dummy_hcd [ 749.490368][ T5999] usb 2-1: USB disconnect, device number 48 [ 749.529741][T25704] netlink: 8 bytes leftover after parsing attributes in process `syz.6.9073'. [ 749.646355][ T5882] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 749.646389][ T5882] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 749.646455][ T5882] usb 6-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8 [ 749.646482][ T5882] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 749.693094][ T5882] usb 6-1: config 0 descriptor?? [ 749.711123][ T5882] dvb-usb: found a 'Artec T1 USB2.0' in warm state. [ 749.711201][ T5882] dvb-usb: bulk message failed: -22 (3/0) [ 749.730536][ T5882] dvb-usb: will use the device's hardware PID filter (table count: 16). [ 749.732152][ T5882] dvbdev: DVB: registering new adapter (Artec T1 USB2.0) [ 749.732219][ T5882] usb 6-1: media controller created [ 749.764167][ T5882] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 749.790458][ T5882] dvb-usb: bulk message failed: -22 (6/0) [ 749.790564][ T5882] dvb-usb: no frontend was attached by 'Artec T1 USB2.0' [ 749.811978][ T5882] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.5/usb6/6-1/input/input29 [ 749.815380][ T5882] dvb-usb: schedule remote query interval to 150 msecs. [ 749.815403][ T5882] dvb-usb: Artec T1 USB2.0 successfully initialized and connected. [ 749.975353][T25685] dvb-usb: bulk message failed: -22 (1/0) [ 749.975418][T25685] dvb-usb: error while querying for an remote control event. [ 749.977138][T25695] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 749.977651][T25695] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 749.984764][ T5847] usb 6-1: USB disconnect, device number 47 [ 750.206898][ T5847] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected. [ 751.503145][ T37] kauditd_printk_skb: 4 callbacks suppressed [ 751.503167][ T37] audit: type=1326 audit(1763006735.289:987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25762 comm="syz.7.9101" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7faa59cbf6c9 code=0x0 [ 751.583390][T25768] block nbd1: Cannot use ioctl interface on a netlink controlled device. [ 751.585639][T25768] block nbd1: Cannot use ioctl interface on a netlink controlled device. [ 752.416356][T25804] netlink: 5364 bytes leftover after parsing attributes in process `syz.7.9121'. [ 752.517219][ T5803] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured! [ 752.616578][ T1320] ieee802154 phy0 wpan0: encryption failed: -22 [ 752.616660][ T1320] ieee802154 phy1 wpan1: encryption failed: -22 [ 752.666711][ T5847] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured! [ 752.877074][T25825] block nbd1: Cannot use ioctl interface on a netlink controlled device. [ 752.877534][T25825] block nbd1: Cannot use ioctl interface on a netlink controlled device. [ 752.878303][T25825] block nbd1: shutting down sockets [ 752.929359][T21517] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured! [ 753.444698][T25851] vxcan1: tx drop: invalid da for name 0xfffffffffffffffc [ 753.972514][ T12] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured! [ 753.972896][ T12] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured! [ 754.396188][ T5803] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured! [ 754.945356][ T5847] usb 2-1: new high-speed USB device number 49 using dummy_hcd [ 755.095262][ T5847] usb 2-1: Using ep0 maxpacket: 8 [ 755.114119][ T5847] usb 2-1: New USB device found, idVendor=2770, idProduct=9120, bcdDevice=6c.77 [ 755.114155][ T5847] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 755.114177][ T5847] usb 2-1: Product: syz [ 755.114194][ T5847] usb 2-1: Manufacturer: syz [ 755.114209][ T5847] usb 2-1: SerialNumber: syz [ 755.154035][ T5847] usb 2-1: config 0 descriptor?? [ 755.167609][ T5847] gspca_main: sq905-2.14.0 probing 2770:9120 [ 756.196132][ T5847] gspca_sq905: sq905_read_data: usb_control_msg failed (-71) [ 756.196245][ T5847] sq905 2-1:0.0: probe with driver sq905 failed with error -71 [ 756.234720][ T5847] usb 2-1: USB disconnect, device number 49 [ 757.561520][T26021] netlink: 20 bytes leftover after parsing attributes in process `syz.6.9226'. [ 757.770133][T26028] loop7: detected capacity change from 0 to 16384 [ 757.796125][T26028] loop7: detected capacity change from 16384 to 16383 [ 758.206434][ C1] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured! [ 759.271234][ T37] audit: type=1400 audit(1763006743.043:988): lsm=SMACK fn=smack_key_permission action=denied subject="w" object="_" requested=w pid=26081 comm="syz.1.9256" key_serial=799532813 key_desc="_uid_ses.0" [ 759.846249][T26109] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9268'. [ 759.978468][ T37] audit: type=1326 audit(1763006743.763:989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26113 comm="syz.7.9272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa59cbf6c9 code=0x7ffc0000 [ 759.978534][ T37] audit: type=1326 audit(1763006743.773:990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26113 comm="syz.7.9272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=161 compat=0 ip=0x7faa59cbf6c9 code=0x7ffc0000 [ 759.978585][ T37] audit: type=1326 audit(1763006743.773:991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26113 comm="syz.7.9272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa59cbf6c9 code=0x7ffc0000 [ 761.621073][ C0] vkms_vblank_simulate: vblank timer overrun [ 762.388292][T26187] input: syz0 as /devices/virtual/input/input30 [ 764.322404][ T37] audit: type=1326 audit(1763006748.105:992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26226 comm="syz.5.9323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f758de4b779 code=0x7ffc0000 [ 764.323224][ T37] audit: type=1326 audit(1763006748.115:993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26226 comm="syz.5.9323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f758deaf6c9 code=0x7ffc0000 [ 764.325708][ T37] audit: type=1326 audit(1763006748.115:994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26226 comm="syz.5.9323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f758deaf6c9 code=0x7ffc0000 [ 764.326336][ T37] audit: type=1326 audit(1763006748.115:995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26226 comm="syz.5.9323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f758deaf6c9 code=0x7ffc0000 [ 764.326434][ T37] audit: type=1326 audit(1763006748.115:996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26226 comm="syz.5.9323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f758deaf6c9 code=0x7ffc0000 [ 764.326993][ T37] audit: type=1326 audit(1763006748.115:997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26226 comm="syz.5.9323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f758de4b779 code=0x7ffc0000 [ 764.327609][ T37] audit: type=1326 audit(1763006748.115:998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26226 comm="syz.5.9323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f758deaf6c9 code=0x7ffc0000 [ 764.328344][ T37] audit: type=1326 audit(1763006748.115:999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26226 comm="syz.5.9323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f758deaf6c9 code=0x7ffc0000 [ 764.328661][ T37] audit: type=1326 audit(1763006748.115:1000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26226 comm="syz.5.9323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f758de4b779 code=0x7ffc0000 [ 764.330029][ T37] audit: type=1326 audit(1763006748.115:1001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26226 comm="syz.5.9323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f758deaf6c9 code=0x7ffc0000 [ 766.465467][ C0] vkms_vblank_simulate: vblank timer overrun [ 766.633745][T26293] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 766.633789][T26293] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 37985 - 0 [ 766.679703][ C1] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured! [ 767.101516][ C0] vkms_vblank_simulate: vblank timer overrun [ 767.137851][T26314] netlink: 64 bytes leftover after parsing attributes in process `syz.1.9374'. [ 767.307152][T26293] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 767.307197][T26293] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 37985 - 0 [ 767.664085][T25685] kernel read not supported for file /swradio3 (pid: 25685 comm: kworker/0:0) [ 767.842105][T26293] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 767.842149][T26293] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 37985 - 0 [ 767.924439][T26341] netlink: 36 bytes leftover after parsing attributes in process `syz.6.9377'. [ 768.530809][ C0] vkms_vblank_simulate: vblank timer overrun [ 768.858787][ C0] vkms_vblank_simulate: vblank timer overrun [ 769.158926][T26293] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 769.161874][T26293] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 37985 - 0 [ 770.045913][ T5809] Bluetooth: hci1: command 0x0406 tx timeout [ 770.063095][ T12] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 37985 - 0 [ 770.063121][ T12] netdevsim netdevsim5 eth0: set [1, 1] type 2 family 0 port 6081 - 0 [ 770.184646][ T12] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 37985 - 0 [ 770.184703][ T12] netdevsim netdevsim5 eth1: set [1, 1] type 2 family 0 port 6081 - 0 [ 770.274031][T21517] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 37985 - 0 [ 770.274071][T21517] netdevsim netdevsim5 eth2: set [1, 1] type 2 family 0 port 6081 - 0 [ 770.371971][T21490] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 37985 - 0 [ 770.371997][T21490] netdevsim netdevsim5 eth3: set [1, 1] type 2 family 0 port 6081 - 0 [ 770.519255][ T37] kauditd_printk_skb: 61 callbacks suppressed [ 770.519278][ T37] audit: type=1326 audit(1763006754.289:1063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26362 comm="syz.1.9386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f53abeeb779 code=0x7ffc0000 [ 770.519335][ T37] audit: type=1326 audit(1763006754.289:1064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26362 comm="syz.1.9386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53abf4f6c9 code=0x7ffc0000 [ 770.519386][ T37] audit: type=1326 audit(1763006754.289:1065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26362 comm="syz.1.9386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f53abeeb779 code=0x7ffc0000 [ 770.519437][ T37] audit: type=1326 audit(1763006754.289:1066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26362 comm="syz.1.9386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f53abeeb779 code=0x7ffc0000 [ 770.519488][ T37] audit: type=1326 audit(1763006754.289:1067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26362 comm="syz.1.9386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53abf4f6c9 code=0x7ffc0000 [ 770.519547][ T37] audit: type=1326 audit(1763006754.289:1068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26362 comm="syz.1.9386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53abf4f6c9 code=0x7ffc0000 [ 770.519597][ T37] audit: type=1326 audit(1763006754.289:1069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26362 comm="syz.1.9386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53abf4f6c9 code=0x7ffc0000 [ 770.519650][ T37] audit: type=1326 audit(1763006754.289:1070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26362 comm="syz.1.9386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53abf4f6c9 code=0x7ffc0000 [ 770.519702][ T37] audit: type=1326 audit(1763006754.289:1071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26362 comm="syz.1.9386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53abf4f6c9 code=0x7ffc0000 [ 770.519751][ T37] audit: type=1326 audit(1763006754.289:1072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26362 comm="syz.1.9386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53abf4f6c9 code=0x7ffc0000 [ 772.716551][T25685] usb 6-1: new high-speed USB device number 48 using dummy_hcd [ 772.868512][T25685] usb 6-1: Using ep0 maxpacket: 16 [ 772.872340][T25685] usb 6-1: config 0 has an invalid interface number: 105 but max is 0 [ 772.872369][T25685] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 772.872390][T25685] usb 6-1: config 0 has no interface number 0 [ 772.909068][T25685] usb 6-1: New USB device found, idVendor=046c, idProduct=14e8, bcdDevice= b.28 [ 772.909102][T25685] usb 6-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3 [ 772.909125][T25685] usb 6-1: Product: syz [ 772.909142][T25685] usb 6-1: Manufacturer: syz [ 772.909158][T25685] usb 6-1: SerialNumber: syz [ 772.950633][T25685] usb 6-1: config 0 descriptor?? [ 772.970368][T25685] uvcvideo 6-1:0.105: Found UVC 0.00 device syz (046c:14e8) [ 772.970452][T25685] uvcvideo 6-1:0.105: Entity type for entity Output 1 was not initialized! [ 772.971249][T25685] uvcvideo 6-1:0.105: Failed to create links for entity 1 [ 772.971270][T25685] uvcvideo 6-1:0.105: Failed to register entities (-22). [ 773.224237][ T5803] usb 6-1: USB disconnect, device number 48 [ 773.855896][ T5803] usb 2-1: new high-speed USB device number 50 using dummy_hcd [ 774.010148][ T5803] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 774.010188][ T5803] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 774.010233][ T5803] usb 2-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00 [ 774.010258][ T5803] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 774.029956][ T5803] usb 2-1: config 0 descriptor?? [ 774.066558][T26498] batadv_slave_1: entered promiscuous mode [ 774.071416][T26497] batadv_slave_1: left promiscuous mode [ 774.471400][ T5803] cp2112 0003:10C4:EA90.0045: unknown main item tag 0x0 [ 774.471446][ T5803] cp2112 0003:10C4:EA90.0045: unknown main item tag 0x0 [ 774.471473][ T5803] cp2112 0003:10C4:EA90.0045: unknown main item tag 0x0 [ 774.471499][ T5803] cp2112 0003:10C4:EA90.0045: unknown main item tag 0x0 [ 774.471525][ T5803] cp2112 0003:10C4:EA90.0045: unknown main item tag 0x0 [ 774.471551][ T5803] cp2112 0003:10C4:EA90.0045: unknown main item tag 0x0 [ 774.471577][ T5803] cp2112 0003:10C4:EA90.0045: unknown main item tag 0x0 [ 774.497373][ T5803] cp2112 0003:10C4:EA90.0045: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.1-1/input0 [ 774.671971][ T5803] cp2112 0003:10C4:EA90.0045: Part Number: 0x82 Device Version: 0xFE [ 775.077146][ T5803] cp2112 0003:10C4:EA90.0045: error setting SMBus config [ 775.087168][ T5803] cp2112 0003:10C4:EA90.0045: probe with driver cp2112 failed with error -71 [ 775.099116][ T5803] usb 2-1: USB disconnect, device number 50 [ 775.208142][ C0] vkms_vblank_simulate: vblank timer overrun [ 775.615557][T26542] loop9: detected capacity change from 0 to 7 [ 775.639811][T26542] Dev loop9: unable to read RDB block 7 [ 775.639864][T26542] loop9: unable to read partition table [ 775.640284][T26542] loop9: partition table beyond EOD, truncated [ 775.640306][T26542] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5) [ 776.224813][ T5803] usb 6-1: new high-speed USB device number 49 using dummy_hcd [ 776.374885][ T5803] usb 6-1: Using ep0 maxpacket: 8 [ 776.380946][ T5803] usb 6-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a [ 776.380979][ T5803] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 776.381001][ T5803] usb 6-1: Product: syz [ 776.381018][ T5803] usb 6-1: Manufacturer: syz [ 776.381034][ T5803] usb 6-1: SerialNumber: syz [ 776.397184][ T5803] usb 6-1: config 0 descriptor?? [ 776.441885][ T5803] gspca_main: sq930x-2.14.0 probing 2770:930c [ 777.504093][ T5803] gspca_sq930x: reg_w 0105 0f00 failed -71 [ 777.734224][ T5803] gspca_sq930x: Sensor ov9630 not yet treated [ 777.734339][ T5803] sq930x 6-1:0.0: probe with driver sq930x failed with error -22 [ 777.767941][ T5803] usb 6-1: USB disconnect, device number 49 [ 779.933967][T26661] netlink: 'syz.5.9523': attribute type 12 has an invalid length. [ 779.933994][T26661] netlink: 'syz.5.9523': attribute type 29 has an invalid length. [ 779.934011][T26661] netlink: 148 bytes leftover after parsing attributes in process `syz.5.9523'. [ 779.934552][T26661] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9523'. [ 780.142908][ T5882] usb 2-1: new high-speed USB device number 51 using dummy_hcd [ 780.282926][T18106] Bluetooth: hci3: command 0x0406 tx timeout [ 780.309067][ T5882] usb 2-1: config index 0 descriptor too short (expected 65069, got 45) [ 780.309102][ T5882] usb 2-1: config 0 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 0 [ 780.309126][ T5882] usb 2-1: config 0 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 255 [ 780.309148][ T5882] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 780.309168][ T5882] usb 2-1: config 0 has no interfaces? [ 780.309203][ T5882] usb 2-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00 [ 780.309230][ T5882] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 780.339971][ T5882] usb 2-1: config 0 descriptor?? [ 780.611599][ T5882] usb 2-1: USB disconnect, device number 51 [ 780.747565][T26679] netlink: 830 bytes leftover after parsing attributes in process `syz.5.9531'. [ 782.560503][T26750] netlink: 8 bytes leftover after parsing attributes in process `syz.7.9564'. [ 782.560539][T26750] netlink: 8 bytes leftover after parsing attributes in process `syz.7.9564'. [ 782.586968][T26751] sctp: [Deprecated]: syz.6.9562 (pid 26751) Use of int in maxseg socket option. [ 782.586968][T26751] Use struct sctp_assoc_value instead [ 783.498580][T26785] bond0: entered promiscuous mode [ 783.498607][T26785] bond_slave_0: entered promiscuous mode [ 783.498891][T26785] bond_slave_1: entered promiscuous mode [ 783.520773][T26785] batadv0: entered promiscuous mode [ 783.534826][T26785] debugfs: 'hsr1' already exists in 'hsr' [ 783.534858][T26785] Cannot create hsr debugfs directory [ 783.536242][T26785] 8021q: adding VLAN 0 to HW filter on device hsr1 [ 783.659357][T26792] netlink: 'syz.5.9580': attribute type 1 has an invalid length. [ 783.951061][ C1] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured! [ 785.136560][T26846] input: syz1 as /devices/virtual/input/input31 [ 786.982262][ T5803] kernel read not supported for file /dsp1 (pid: 5803 comm: kworker/1:2) [ 790.672445][ T5882] kernel write not supported for file bpf-prog (pid: 5882 comm: kworker/0:5) [ 792.051374][T27046] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 792.383254][T27054] netlink: 4 bytes leftover after parsing attributes in process `syz.6.9705'. [ 792.433138][T27054] macsec1: entered promiscuous mode [ 792.437223][T27054] macsec1: entered allmulticast mode [ 792.437245][T27054] gretap0: entered allmulticast mode [ 792.516006][T27054] gretap0: left allmulticast mode [ 792.602422][ C0] vkms_vblank_simulate: vblank timer overrun [ 792.766577][ T5882] usb 6-1: new high-speed USB device number 50 using dummy_hcd [ 792.941195][ T5882] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 792.941236][ T5882] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 792.942825][ T5882] usb 6-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 792.942855][ T5882] usb 6-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0 [ 792.942878][ T5882] usb 6-1: Manufacturer: syz [ 792.954850][ T5882] usb 6-1: config 0 descriptor?? [ 794.016221][ T5882] uclogic 0003:256C:006D.0046: failed retrieving string descriptor #100: -71 [ 794.016298][ T5882] uclogic 0003:256C:006D.0046: failed retrieving pen parameters: -71 [ 794.016318][ T5882] uclogic 0003:256C:006D.0046: failed probing pen v1 parameters: -71 [ 794.016380][ T5882] uclogic 0003:256C:006D.0046: failed probing parameters: -71 [ 794.016508][ T5882] uclogic 0003:256C:006D.0046: probe with driver uclogic failed with error -71 [ 794.040238][ T5882] usb 6-1: USB disconnect, device number 50 [ 796.624515][ T5803] usb 6-1: new full-speed USB device number 51 using dummy_hcd [ 796.720458][T27223] netlink: 12 bytes leftover after parsing attributes in process `syz.6.9784'. [ 796.779140][ T5803] usb 6-1: config 0 has no interfaces? [ 796.779186][ T5803] usb 6-1: New USB device found, idVendor=0586, idProduct=0102, bcdDevice=14.0a [ 796.779213][ T5803] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 796.816941][ T5803] usb 6-1: config 0 descriptor?? [ 796.878171][T27228] netlink: 64 bytes leftover after parsing attributes in process `syz.6.9785'. [ 797.059081][ T5882] usb 6-1: USB disconnect, device number 51 [ 797.813954][T27270] loop4: detected capacity change from 0 to 7 [ 797.822543][T27270] Dev loop4: unable to read RDB block 7 [ 797.822596][T27270] loop4: unable to read partition table [ 797.822833][T27270] loop4: partition table beyond EOD, truncated [ 797.822853][T27270] loop_reread_partitions: partition scan of loop4 (þ被xü—ŸÑà– ) failed (rc=-5) [ 799.433776][T27332] Bluetooth: hci0: load_link_keys: too big key_count value 65280 [ 801.515114][T27399] batadv_slave_1: entered promiscuous mode [ 801.523270][T27397] batadv_slave_1: left promiscuous mode [ 802.691477][T22072] usb 6-1: new high-speed USB device number 52 using dummy_hcd [ 802.841693][T22072] usb 6-1: Using ep0 maxpacket: 32 [ 802.844582][T22072] usb 6-1: config 0 has an invalid interface number: 72 but max is 0 [ 802.844613][T22072] usb 6-1: config 0 has no interface number 0 [ 802.844699][T22072] usb 6-1: config 0 interface 72 has no altsetting 0 [ 802.848702][T22072] usb 6-1: New USB device found, idVendor=6069, idProduct=0f39, bcdDevice=e8.f9 [ 802.848732][T22072] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 802.848755][T22072] usb 6-1: Product: syz [ 802.848771][T22072] usb 6-1: Manufacturer: syz [ 802.848787][T22072] usb 6-1: SerialNumber: syz [ 802.855511][T22072] usb 6-1: config 0 descriptor?? [ 803.155528][T22072] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 803.155597][T22072] usb 6-1: MIDIStreaming interface descriptor not found [ 803.346142][T22072] usb 6-1: USB disconnect, device number 52 [ 803.424783][T27475] netlink: 'syz.7.9900': attribute type 17 has an invalid length. [ 803.804376][T27475] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 804.135381][T27502] netlink: 8 bytes leftover after parsing attributes in process `syz.5.9912'. [ 804.795565][T27531] netlink: 48 bytes leftover after parsing attributes in process `syz.7.9924'. [ 804.865680][T27535] netlink: 'syz.5.9926': attribute type 6 has an invalid length. [ 805.860084][ T5803] usb 6-1: new high-speed USB device number 53 using dummy_hcd [ 806.011373][ T5803] usb 6-1: Using ep0 maxpacket: 32 [ 806.015921][ T5803] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32 [ 806.028087][ T5803] usb 6-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5 [ 806.028119][ T5803] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 806.028139][ T5803] usb 6-1: Product: syz [ 806.028153][ T5803] usb 6-1: Manufacturer: syz [ 806.028168][ T5803] usb 6-1: SerialNumber: syz [ 806.052002][ T5803] usb 6-1: config 0 descriptor?? [ 806.053258][T27569] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 806.072140][ T5803] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 806.399658][ T5882] usb 6-1: USB disconnect, device number 53 [ 810.310166][T27721] pimreg: entered allmulticast mode [ 810.316618][T27721] pimreg: left allmulticast mode [ 810.440942][ C0] vkms_vblank_simulate: vblank timer overrun [ 811.176442][T27754] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10028'. [ 811.307358][T18106] Bluetooth: hci5: command 0x1003 tx timeout [ 811.307751][ T5809] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 811.364210][ C0] vkms_vblank_simulate: vblank timer overrun [ 812.074469][T27786] netlink: 'syz.7.10043': attribute type 1 has an invalid length. [ 812.996717][T27811] overlayfs: invalid origin (000000790066696c6530000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000) [ 813.261155][ T37] kauditd_printk_skb: 76 callbacks suppressed [ 813.261178][ T37] audit: type=1326 audit(1763006797.080:1149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27820 comm="syz.5.10061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f758dea6567 code=0x7ffc0000 [ 813.261430][ T37] audit: type=1326 audit(1763006797.080:1150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27820 comm="syz.5.10061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f758de4b779 code=0x7ffc0000 [ 813.261793][ T37] audit: type=1326 audit(1763006797.080:1151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27820 comm="syz.5.10061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f758dea6567 code=0x7ffc0000 [ 813.262133][ T37] audit: type=1326 audit(1763006797.080:1152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27820 comm="syz.5.10061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f758de4b779 code=0x7ffc0000 [ 813.262492][ T37] audit: type=1326 audit(1763006797.080:1153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27820 comm="syz.5.10061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f758dea6567 code=0x7ffc0000 [ 813.262820][ T37] audit: type=1326 audit(1763006797.080:1154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27820 comm="syz.5.10061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f758de4b779 code=0x7ffc0000 [ 813.263170][ T37] audit: type=1326 audit(1763006797.080:1155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27820 comm="syz.5.10061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f758dea6567 code=0x7ffc0000 [ 813.266221][ T37] audit: type=1326 audit(1763006797.080:1156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27820 comm="syz.5.10061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f758de4b779 code=0x7ffc0000 [ 813.266280][ T37] audit: type=1326 audit(1763006797.080:1157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27820 comm="syz.5.10061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f758dea6567 code=0x7ffc0000 [ 813.266337][ T37] audit: type=1326 audit(1763006797.080:1158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27820 comm="syz.5.10061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f758de4b779 code=0x7ffc0000 [ 813.995850][ T5803] usb 6-1: new full-speed USB device number 54 using dummy_hcd [ 814.027821][ T1320] ieee802154 phy0 wpan0: encryption failed: -22 [ 814.027909][ T1320] ieee802154 phy1 wpan1: encryption failed: -22 [ 814.162472][ T5803] usb 6-1: config 1 has an invalid interface number: 105 but max is 0 [ 814.162506][ T5803] usb 6-1: config 1 has no interface number 0 [ 814.162568][ T5803] usb 6-1: config 1 interface 105 has no altsetting 0 [ 814.167967][ T5803] usb 6-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d [ 814.167996][ T5803] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 814.168016][ T5803] usb 6-1: Product: syz [ 814.168031][ T5803] usb 6-1: Manufacturer: syz [ 814.168045][ T5803] usb 6-1: SerialNumber: syz [ 814.543003][T27859] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 815.272766][ T5803] aqc111 6-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71 [ 815.273374][ T5803] aqc111 6-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71 [ 815.333576][ T5803] aqc111 6-1:1.105 eth9: register 'aqc111' at usb-dummy_hcd.5-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter, 3a:0e:a6:78:7c:17 [ 815.342827][ T5803] usb 6-1: USB disconnect, device number 54 [ 815.348514][ T5803] aqc111 6-1:1.105 eth9: unregister 'aqc111' usb-dummy_hcd.5-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter [ 815.540331][ T5803] aqc111 6-1:1.105 eth9 (unregistered): Failed to write(0x1) reg index 0x0002: -19 [ 815.540561][ T5803] aqc111 6-1:1.105 eth9 (unregistered): Failed to write(0x1) reg index 0x0002: -19 [ 815.540722][ T5803] aqc111 6-1:1.105 eth9 (unregistered): Failed to write(0x61) reg index 0x0000: -19 [ 817.219029][ C1] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured! [ 817.224457][ T5882] usb 6-1: new high-speed USB device number 55 using dummy_hcd [ 817.384125][ T5882] usb 6-1: Using ep0 maxpacket: 32 [ 817.386994][ T5882] usb 6-1: config 0 has an invalid interface number: 188 but max is 0 [ 817.387024][ T5882] usb 6-1: config 0 has no interface number 0 [ 817.387080][ T5882] usb 6-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32 [ 817.391479][ T5882] usb 6-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36 [ 817.391510][ T5882] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 817.391533][ T5882] usb 6-1: Product: syz [ 817.391547][ T5882] usb 6-1: Manufacturer: syz [ 817.391562][ T5882] usb 6-1: SerialNumber: syz [ 817.467450][ T5882] usb 6-1: config 0 descriptor?? [ 817.469266][T27933] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 817.697871][T27933] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 818.529990][ T5882] asix 6-1:0.188 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 818.530026][ T5882] asix 6-1:0.188 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9 [ 818.530344][ T5882] asix 6-1:0.188: probe with driver asix failed with error -71 [ 818.580936][ T5882] usb 6-1: USB disconnect, device number 55 [ 821.842900][T28083] netlink: 8 bytes leftover after parsing attributes in process `syz.6.10186'. [ 821.842943][T28083] netlink: 'syz.6.10186': attribute type 29 has an invalid length. [ 821.842959][T28083] netlink: 4 bytes leftover after parsing attributes in process `syz.6.10186'. [ 825.090710][T28163] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10224'. [ 826.498731][T28203] netlink: 28 bytes leftover after parsing attributes in process `syz.6.10242'. [ 826.498770][T28203] netlink: 'syz.6.10242': attribute type 7 has an invalid length. [ 826.498786][T28203] netlink: 'syz.6.10242': attribute type 8 has an invalid length. [ 826.498800][T28203] netlink: 4 bytes leftover after parsing attributes in process `syz.6.10242'. [ 828.108773][T25685] usb 6-1: new high-speed USB device number 56 using dummy_hcd [ 828.240736][T28249] netlink: 104 bytes leftover after parsing attributes in process `syz.6.10264'. [ 828.260536][T25685] usb 6-1: Using ep0 maxpacket: 32 [ 828.277748][T25685] usb 6-1: config 4 has an invalid interface number: 128 but max is 0 [ 828.277781][T25685] usb 6-1: config 4 has no interface number 0 [ 828.277841][T25685] usb 6-1: config 4 interface 128 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 828.277873][T25685] usb 6-1: config 4 interface 128 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 828.277918][T25685] usb 6-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 828.277945][T25685] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 828.353457][T25685] hub 6-1:4.128: USB hub found [ 828.580019][T25685] hub 6-1:4.128: 7 ports detected [ 828.580125][T25685] hub 6-1:4.128: Using single TT (err -22) [ 828.582243][T25685] hub 6-1:4.128: insufficient power available to use all downstream ports [ 828.648055][T28259] netlink: 12 bytes leftover after parsing attributes in process `syz.6.10270'. [ 828.786226][T25685] hub 6-1:4.128: hub_hub_status failed (err = -71) [ 828.786260][T25685] hub 6-1:4.128: config failed, can't get hub status (err -71) [ 828.829523][T25685] usb 6-1: USB disconnect, device number 56 [ 829.322357][T28277] netlink: 16 bytes leftover after parsing attributes in process `syz.6.10279'. [ 829.631402][T28285] overlayfs: failed to clone lowerpath [ 829.878013][T28013] Set syz1 is full, maxelem 65536 reached [ 831.901721][T28373] netlink: 4 bytes leftover after parsing attributes in process `syz.5.10321'. [ 832.089617][T28379] bridge0: entered allmulticast mode [ 832.112923][T28379] pim6reg: entered allmulticast mode [ 832.179096][T28383] overlayfs: failed to clone upperpath [ 832.999659][T28419] netlink: 'syz.6.10343': attribute type 29 has an invalid length. [ 833.014824][T28419] netlink: 'syz.6.10343': attribute type 29 has an invalid length. [ 833.016539][T28419] netlink: 500 bytes leftover after parsing attributes in process `syz.6.10343'. [ 833.106321][ T5803] usb 6-1: new high-speed USB device number 57 using dummy_hcd [ 833.256162][ T5803] usb 6-1: Using ep0 maxpacket: 16 [ 833.258722][ T5803] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 833.258760][ T5803] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 833.258787][ T5803] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 833.258837][ T5803] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 833.258865][ T5803] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 833.265285][ T5803] usb 6-1: config 0 descriptor?? [ 833.738964][ T5803] microsoft 0003:045E:07DA.0047: unknown main item tag 0x0 [ 833.739006][ T5803] microsoft 0003:045E:07DA.0047: unknown main item tag 0x0 [ 833.739036][ T5803] microsoft 0003:045E:07DA.0047: unknown main item tag 0x0 [ 833.739064][ T5803] microsoft 0003:045E:07DA.0047: unknown main item tag 0x0 [ 833.739092][ T5803] microsoft 0003:045E:07DA.0047: unknown main item tag 0x0 [ 833.739120][ T5803] microsoft 0003:045E:07DA.0047: unknown main item tag 0x0 [ 833.739148][ T5803] microsoft 0003:045E:07DA.0047: unknown main item tag 0x0 [ 833.739176][ T5803] microsoft 0003:045E:07DA.0047: unknown main item tag 0x0 [ 833.739204][ T5803] microsoft 0003:045E:07DA.0047: unknown main item tag 0x0 [ 833.739233][ T5803] microsoft 0003:045E:07DA.0047: unknown main item tag 0x0 [ 833.742240][ T5803] HID 045e:07da: Invalid code 65791 type 1 [ 833.834257][ T5803] input: HID 045e:07da as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:045E:07DA.0047/input/input33 [ 833.858309][ T5803] microsoft 0003:045E:07DA.0047: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.5-1/input0 [ 833.939640][ T5803] usb 6-1: USB disconnect, device number 57 [ 835.439901][T21506] netdevsim netdevsim6 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 835.439958][T21506] netdevsim netdevsim6 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 835.440022][T21506] netdevsim netdevsim6 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 835.440068][T21506] netdevsim netdevsim6 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 838.393787][ T37] kauditd_printk_skb: 20 callbacks suppressed [ 838.393809][ T37] audit: type=1326 audit(1763006822.222:1179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=28592 comm="syz.1.10425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53abf4f6c9 code=0x7ffc0000 [ 838.393869][ T37] audit: type=1326 audit(1763006822.233:1180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=28592 comm="syz.1.10425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53abf4f6c9 code=0x7ffc0000 [ 838.395314][ T37] audit: type=1326 audit(1763006822.233:1181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=28592 comm="syz.1.10425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53abf4f6c9 code=0x7ffc0000 [ 838.395540][ T37] audit: type=1326 audit(1763006822.233:1182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=28592 comm="syz.1.10425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7f53abf4f6c9 code=0x7ffc0000 [ 838.395795][ T37] audit: type=1326 audit(1763006822.233:1183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=28592 comm="syz.1.10425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53abf4f6c9 code=0x7ffc0000 [ 838.395974][ T37] audit: type=1326 audit(1763006822.233:1184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=28592 comm="syz.1.10425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53abf4f6c9 code=0x7ffc0000 [ 838.396219][ T37] audit: type=1326 audit(1763006822.233:1185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=28592 comm="syz.1.10425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53abf4f6c9 code=0x7ffc0000 [ 838.396872][ T37] audit: type=1326 audit(1763006822.233:1186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=28592 comm="syz.1.10425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53abf4f6c9 code=0x7ffc0000 [ 838.397082][ T37] audit: type=1326 audit(1763006822.233:1187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=28592 comm="syz.1.10425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=428 compat=0 ip=0x7f53abf4f6c9 code=0x7ffc0000 [ 838.397316][ T37] audit: type=1326 audit(1763006822.233:1188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=28592 comm="syz.1.10425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53abf4f6c9 code=0x7ffc0000 [ 838.554880][T28598] input: syz0 as /devices/virtual/input/input34 [ 838.555889][T28598] input: failed to attach handler leds to device input34, error: -6 [ 838.780617][T28563] Bluetooth: hci3: unexpected event for opcode 0x0c58 [ 841.427152][T21517] ------------[ cut here ]------------ [ 841.427169][T21517] wlan1: Dropped data frame as no usable bitrate found while scanning and associated. Target station: 08:02:11:00:00:00 on 5 GHz band [ 841.428101][T21517] WARNING: CPU: 1 PID: 21517 at net/mac80211/tx.c:758 ieee80211_tx_h_rate_ctrl+0xc56/0x1760 [ 841.428141][T21517] Modules linked in: [ 841.428161][T21517] CPU: 1 UID: 0 PID: 21517 Comm: kworker/u8:39 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 841.428187][T21517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 841.428201][T21517] Workqueue: events_unbound cfg80211_wiphy_work [ 841.428230][T21517] RIP: 0010:ieee80211_tx_h_rate_ctrl+0xc56/0x1760 [ 841.428253][T21517] Code: 31 f6 83 e6 07 41 0f 95 c6 31 ff e8 e4 7b 7f f7 43 8d 0c 76 83 c1 02 48 c7 c7 00 1f fa 8b 48 89 de 4c 89 e2 e8 1b be 43 f7 90 <0f> 0b 90 90 41 be 01 00 00 00 e9 92 03 00 00 e8 06 77 7f f7 e9 69 [ 841.428272][T21517] RSP: 0000:ffffc90006237360 EFLAGS: 00010246 [ 841.428300][T21517] RAX: fc0d002228ccc400 RBX: ffff88805d9ad9c8 RCX: ffff888021798000 [ 841.428316][T21517] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 841.428330][T21517] RBP: ffffc900062374c8 R08: 0000000000000000 R09: 0000000000000000 [ 841.428344][T21517] R10: dffffc0000000000 R11: ffffed101712487b R12: ffff88805cd2ea84 [ 841.428361][T21517] R13: 1ffff92000c46e80 R14: 0000000000000001 R15: dffffc0000000000 [ 841.428376][T21517] FS: 0000000000000000(0000) GS:ffff888126ef7000(0000) knlGS:0000000000000000 [ 841.428395][T21517] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 841.428411][T21517] CR2: 00007f2a9d12ea90 CR3: 000000004cafc000 CR4: 00000000003526f0 [ 841.428432][T21517] Call Trace: [ 841.428441][T21517] [ 841.428475][T21517] ? __pfx_ieee80211_tx_h_rate_ctrl+0x10/0x10 [ 841.428508][T21517] ? ieee80211_is_bufferable_mmpdu+0x103/0x200 [ 841.428546][T21517] invoke_tx_handlers_late+0xbd/0x18b0 [ 841.428585][T21517] ? invoke_tx_handlers_early+0xa24/0x1d70 [ 841.428624][T21517] ieee80211_tx+0x2ac/0x460 [ 841.428662][T21517] ? __pfx_ieee80211_tx+0x10/0x10 [ 841.428738][T21517] ? __ieee80211_tx_skb_tid_band+0x4cb/0x680 [ 841.428765][T21517] __ieee80211_tx_skb_tid_band+0x50f/0x680 [ 841.428796][T21517] ? ieee80211_scan_state_send_probe+0x4e8/0xa00 [ 841.428824][T21517] ieee80211_scan_state_send_probe+0x594/0xa00 [ 841.428883][T21517] ieee80211_scan_work+0x65f/0x1c50 [ 841.428949][T21517] cfg80211_wiphy_work+0x2bb/0x470 [ 841.428980][T21517] ? process_scheduled_works+0x9ef/0x17b0 [ 841.429011][T21517] process_scheduled_works+0xae1/0x17b0 [ 841.429077][T21517] ? __pfx_process_scheduled_works+0x10/0x10 [ 841.429129][T21517] worker_thread+0x8a0/0xda0 [ 841.429193][T21517] kthread+0x711/0x8a0 [ 841.429232][T21517] ? __pfx_worker_thread+0x10/0x10 [ 841.429260][T21517] ? __pfx_kthread+0x10/0x10 [ 841.429299][T21517] ? rt_spin_unlock+0x150/0x200 [ 841.429332][T21517] ? rt_spin_unlock+0x161/0x200 [ 841.429355][T21517] ? __pfx_kthread+0x10/0x10 [ 841.429390][T21517] ret_from_fork+0x4bc/0x870 [ 841.429420][T21517] ? __pfx_ret_from_fork+0x10/0x10 [ 841.429457][T21517] ? __switch_to_asm+0x39/0x70 [ 841.429478][T21517] ? __switch_to_asm+0x33/0x70 [ 841.429497][T21517] ? __pfx_kthread+0x10/0x10 [ 841.429530][T21517] ret_from_fork_asm+0x1a/0x30 [ 841.429578][T21517] [ 841.429589][T21517] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 841.429604][T21517] CPU: 1 UID: 0 PID: 21517 Comm: kworker/u8:39 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 841.429628][T21517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 841.429642][T21517] Workqueue: events_unbound cfg80211_wiphy_work [ 841.429670][T21517] Call Trace: [ 841.429680][T21517] [ 841.429688][T21517] dump_stack_lvl+0x99/0x250 [ 841.429720][T21517] ? __asan_memcpy+0x40/0x70 [ 841.429747][T21517] ? __pfx_dump_stack_lvl+0x10/0x10 [ 841.429778][T21517] ? __pfx__printk+0x10/0x10 [ 841.429822][T21517] vpanic+0x237/0x6d0 [ 841.429845][T21517] ? __pfx_vpanic+0x10/0x10 [ 841.429881][T21517] panic+0xb9/0xc0 [ 841.429903][T21517] ? __pfx_panic+0x10/0x10 [ 841.429945][T21517] __warn+0x31b/0x4b0 [ 841.429965][T21517] ? ieee80211_tx_h_rate_ctrl+0xc56/0x1760 [ 841.429992][T21517] ? ieee80211_tx_h_rate_ctrl+0xc56/0x1760 [ 841.430016][T21517] report_bug+0x2be/0x4f0 [ 841.430043][T21517] ? ieee80211_tx_h_rate_ctrl+0xc56/0x1760 [ 841.430067][T21517] ? ieee80211_tx_h_rate_ctrl+0xc56/0x1760 [ 841.430090][T21517] ? ieee80211_tx_h_rate_ctrl+0xc58/0x1760 [ 841.430112][T21517] handle_bug+0x84/0x160 [ 841.430135][T21517] exc_invalid_op+0x1a/0x50 [ 841.430156][T21517] asm_exc_invalid_op+0x1a/0x20 [ 841.430177][T21517] RIP: 0010:ieee80211_tx_h_rate_ctrl+0xc56/0x1760 [ 841.430200][T21517] Code: 31 f6 83 e6 07 41 0f 95 c6 31 ff e8 e4 7b 7f f7 43 8d 0c 76 83 c1 02 48 c7 c7 00 1f fa 8b 48 89 de 4c 89 e2 e8 1b be 43 f7 90 <0f> 0b 90 90 41 be 01 00 00 00 e9 92 03 00 00 e8 06 77 7f f7 e9 69 [ 841.430219][T21517] RSP: 0000:ffffc90006237360 EFLAGS: 00010246 [ 841.430237][T21517] RAX: fc0d002228ccc400 RBX: ffff88805d9ad9c8 RCX: ffff888021798000 [ 841.430254][T21517] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 841.430268][T21517] RBP: ffffc900062374c8 R08: 0000000000000000 R09: 0000000000000000 [ 841.430282][T21517] R10: dffffc0000000000 R11: ffffed101712487b R12: ffff88805cd2ea84 [ 841.430306][T21517] R13: 1ffff92000c46e80 R14: 0000000000000001 R15: dffffc0000000000 [ 841.430371][T21517] ? __pfx_ieee80211_tx_h_rate_ctrl+0x10/0x10 [ 841.430401][T21517] ? ieee80211_is_bufferable_mmpdu+0x103/0x200 [ 841.430439][T21517] invoke_tx_handlers_late+0xbd/0x18b0 [ 841.430477][T21517] ? invoke_tx_handlers_early+0xa24/0x1d70 [ 841.430515][T21517] ieee80211_tx+0x2ac/0x460 [ 841.430552][T21517] ? __pfx_ieee80211_tx+0x10/0x10 [ 841.430628][T21517] ? __ieee80211_tx_skb_tid_band+0x4cb/0x680 [ 841.430655][T21517] __ieee80211_tx_skb_tid_band+0x50f/0x680 [ 841.430688][T21517] ? ieee80211_scan_state_send_probe+0x4e8/0xa00 [ 841.430715][T21517] ieee80211_scan_state_send_probe+0x594/0xa00 [ 841.430772][T21517] ieee80211_scan_work+0x65f/0x1c50 [ 841.430836][T21517] cfg80211_wiphy_work+0x2bb/0x470 [ 841.430868][T21517] ? process_scheduled_works+0x9ef/0x17b0 [ 841.430897][T21517] process_scheduled_works+0xae1/0x17b0 [ 841.430962][T21517] ? __pfx_process_scheduled_works+0x10/0x10 [ 841.431013][T21517] worker_thread+0x8a0/0xda0 [ 841.431074][T21517] kthread+0x711/0x8a0 [ 841.431113][T21517] ? __pfx_worker_thread+0x10/0x10 [ 841.431139][T21517] ? __pfx_kthread+0x10/0x10 [ 841.431167][T21517] ? rt_spin_unlock+0x150/0x200 [ 841.431198][T21517] ? rt_spin_unlock+0x161/0x200 [ 841.431222][T21517] ? __pfx_kthread+0x10/0x10 [ 841.431255][T21517] ret_from_fork+0x4bc/0x870 [ 841.431293][T21517] ? __pfx_ret_from_fork+0x10/0x10 [ 841.431331][T21517] ? __switch_to_asm+0x39/0x70 [ 841.431351][T21517] ? __switch_to_asm+0x33/0x70 [ 841.431369][T21517] ? __pfx_kthread+0x10/0x10 [ 841.431400][T21517] ret_from_fork_asm+0x1a/0x30 [ 841.431445][T21517] [ 841.431731][T21517] Kernel Offset: disabled