last executing test programs: 58.837124565s ago: executing program 4 (id=1299): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000040), r0) sendmsg$IEEE802154_LLSEC_LIST_SECLEVEL(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, r1, 0x44d7cc91675747ab, 0x0, 0x0, {0x26}}, 0x14}}, 0x0) 58.06494639s ago: executing program 4 (id=1303): r0 = signalfd(0xffffffffffffffff, &(0x7f0000000140), 0x8) r1 = syz_io_uring_setup(0x5b43, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000040)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x20, 0x3, r0}) io_uring_enter(r1, 0x353, 0x0, 0x0, 0x0, 0x0) signalfd(r0, &(0x7f0000002340), 0x8) 55.838596704s ago: executing program 4 (id=1308): r0 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x0, 0x0, 0x3}, 0x10) r1 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r0, 0x0, 0x0) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x0, 0x3}, 0x10) bind$tipc(r1, 0x0, 0x0) setsockopt$TIPC_GROUP_LEAVE(r1, 0x10f, 0x88) 55.639868982s ago: executing program 4 (id=1310): r0 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)={0x24, 0x140f, 0x1, 0x0, 0x0, "", [@RDMA_NLDEV_ATTR_CHARDEV_TYPE={0xc, 0x45, 'rdma_cm\x00'}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}]}, 0x24}}, 0x0) 55.499655148s ago: executing program 4 (id=1313): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a01040000000000000000010000000800024000000002090001"], 0x50}}, 0x0) r1 = syz_usb_connect$printer(0x0, 0x2d, &(0x7f0000000200)=ANY=[@ANYBLOB="13010000000000402505a8a440000102030109021b00010100000009040000020701010009050102"], 0x0) madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe) madvise(&(0x7f0000e3a000/0x2000)=nil, 0x2000, 0x17) r2 = userfaultfd(0x80801) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x3}) ioctl$UFFDIO_WRITEPROTECT(r2, 0xc018aa06, &(0x7f0000000140)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1}) mbind(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, 0x0) syz_usb_control_io$printer(r1, 0x0, &(0x7f00000011c0)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001180)={0x20, 0x0, 0x1}}) r3 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) syz_usb_disconnect(r1) ioctl$EVIOCGMASK(r3, 0x604, 0x0) r4 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) mkdir(&(0x7f00000003c0)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) linkat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0) close_range(r4, 0xffffffffffffffff, 0x0) 51.893210522s ago: executing program 4 (id=1320): socketpair$unix(0x1, 0x0, 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) gettid() bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x1, 0x0, 0x2, 0xd, 0x1940, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x4, 0x2}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) bind$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed}, 0xe) listen(r1, 0x0) setsockopt$bt_BT_DEFER_SETUP(r1, 0x112, 0x7, &(0x7f0000000340), 0x4) socket$inet_udplite(0x2, 0x2, 0x88) syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYBLOB="02c9"], 0x5) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000018c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16aef0a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0e3ccae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d2434b1bfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde4990000000e000000010000000000000000000000000000000000000000000cabbdebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c19bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0842b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d30586ae00460a6a6caf5741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b53c3fca5206cb000000d357d0c3d9d90b53a5d3e207b82b457bff9636bd79f4158fd1bbdc41babf5b17c0479221c93f71da5d87f726ae402b80cf0daa0c3429d39027e795c451075cc88d056c4fe1bbc2bc0106d0ceb07a3eb31ec752c8cf1af4735b79ed848716dc705fac8e94e8fc37185fa8c923726621748fa916fd10ac5b9a1d966318feda951ca6ed43f474c5976d150ca82e0694d28958b5338c083317b906367d"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x70) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000140), 0xc4382, 0x0) dup(r3) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r4 = getpid() sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) 32.530238662s ago: executing program 1 (id=1354): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000108500000075000000250000002300000095"], &(0x7f0000000080)='syzkaller\x00'}, 0xe0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r0}, 0x10) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='fd\x00') fchdir(r1) syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0) wait4(0x0, 0x0, 0x40000000, 0x0) 30.989002484s ago: executing program 1 (id=1358): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r0) sendmsg$IEEE802154_ASSOCIATE_REQ(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x30, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_COORD_PAN_ID={0x6}, @IEEE802154_ATTR_CHANNEL={0x5}, @IEEE802154_ATTR_COORD_HW_ADDR={0xc}]}, 0x30}}, 0x0) 30.634274229s ago: executing program 1 (id=1360): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$SO_TIMESTAMP(r0, 0x1, 0x3f, &(0x7f0000000080)=0x1, 0x4) bind$inet(r0, &(0x7f0000000480)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000000)={0x2, 0x0, @loopback}, 0x10) sendmsg$inet(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x61) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="18025783c23ff8f3165643e866880000000000000000000000000000850000009e0000009500000000000000500a310cdc5925e76e34636ca38af2053d9b365e93df240f751acdddd7f5998c6aca1a80b9f4fe39988445845d058f90558abd66007201142408fe665736c16b75b9c40c32f5d772544d0e438ab0e65d3ea4c950738282516d203120bba1d8de34a892ca2f2f76bfb772374e09d09066e62dcdf2db4707e9ab4b89ddf87b35a6110a96462908d10539cf5faedf24a76fd7efbcd9e5a838d9a92759d5e9bec0"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r3}, 0xc) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) ioprio_get$uid(0x0, 0xffffffffffffffff) socket$inet6(0xa, 0x80000, 0x7f) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48) r8 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r7, r8, 0x5}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r7}, &(0x7f00000006c0), &(0x7f0000000700)=r6}, 0x20) sendmsg$inet(r5, &(0x7f0000000980)={0x0, 0x6000, &(0x7f0000000900)=[{&(0x7f0000000640)='U', 0xa00120}], 0x1}, 0x3) 28.251110566s ago: executing program 1 (id=1362): syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) socket$nl_netfilter(0x10, 0x3, 0xc) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x2000000000000087}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="180000ffec07449e0020000000000000180158034d0c920000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) symlinkat(0x0, 0xffffffffffffffff, &(0x7f0000000000)='./file0\x00') chdir(&(0x7f0000000140)='./bus\x00') r3 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) sendmsg$802154_raw(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)="fba59e92bf709fcb6fcf29a3a09997f163af4538391d09967c80b6e561dddf38f209b8fc10aa20aaa405a60cc2b5e91d881a8ce00a6b0b51fd112a5f0b07efe841965e4ae6cb9c2514059c1451d79e480e59a0265b3a", 0x56}, 0x1, 0x0, 0x0, 0x200440c0}, 0x4008000) syz_open_dev$tty20(0xc, 0x4, 0x1) r4 = socket(0xa, 0x3, 0x3a) setsockopt$MRT6_ADD_MFC_PROXY(r4, 0x29, 0xd2, &(0x7f0000000600)={{0xa, 0x0, 0x0, @local}, {0xa, 0x0, 0x0, @empty}, 0x0, {[0x0, 0xb8e]}}, 0x5c) r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r6 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f0000000000)={0x6000001c}) setsockopt$MRT6_ADD_MFC_PROXY(r4, 0x29, 0xd3, &(0x7f00000000c0)={{0xa, 0x0, 0x0, @local}, {0xa, 0x0, 0x0, @empty}}, 0x5c) setrlimit(0x1, &(0x7f0000000080)={0x3, 0x80000001}) r7 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="5c0000002a00090000000000000014000400002c450011"], 0x5c}, 0x1, 0x3000000}, 0x0) add_key(&(0x7f0000000000)='big_key\x00', 0x0, &(0x7f0000000180)="a3", 0xfffff, 0xfffffffffffffffc) socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00'}, 0x90) 25.412739202s ago: executing program 1 (id=1369): r0 = socket$nl_route(0x10, 0x3, 0x0) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000800)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0xffea, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3000000071000100000000000000000007000000", @ANYRES32=r2, @ANYBLOB="0c00018008000100000004000c0002"], 0x30}}, 0x0) 24.576924233s ago: executing program 1 (id=1373): openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) msgget$private(0x0, 0x0) msgctl$IPC_SET(0x0, 0x1, &(0x7f00000000c0)={{0x2, 0x0, 0xee00, 0x0, 0xffffffffffffffff}}) msgsnd(0x0, 0x0, 0x8, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) recvfrom$unix(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) preadv(r0, &(0x7f0000000740)=[{0x0}, {&(0x7f00000003c0)=""/69, 0x45}, {&(0x7f0000000240)=""/24, 0x18}, {0x0}, {0x0}], 0x5, 0x0, 0xffff0001) syz_open_dev$sndctrl(&(0x7f00000000c0), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, &(0x7f0000000040)) r1 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_PORT_GET(r1, &(0x7f0000000480)={0x0, 0x60, &(0x7f0000000100)={&(0x7f00000003c0)={0x20, 0x1405, 0x621, 0x0, 0x0, "", [{{0x8}, {0x10}}]}, 0x20}}, 0x0) 17.773815523s ago: executing program 2 (id=1376): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0x0, 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_UNSUBSCRIBE_EVENT(r1, 0x4020565b, &(0x7f00000001c0)) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x0, 0x3, 0x0, &(0x7f00002bf000)='syzkaller\x00'}, 0x90) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r3 = socket$isdn_base(0x22, 0x3, 0x0) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x4004084}, 0x48060) accept4$tipc(0xffffffffffffffff, &(0x7f00000000c0)=@name, &(0x7f0000000500)=0x10, 0x80000) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$userio(0xffffffffffffff9c, 0x0, 0x0, 0x0) ppoll(&(0x7f0000000200)=[{r3, 0x4}, {r2, 0x1410}, {r1, 0x88}], 0x3, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) r5 = syz_genetlink_get_family_id$nfc(&(0x7f0000000080), r0) sendmsg$NFC_CMD_ENABLE_SE(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="0100000000000000000011000004080015000000000008000100e5"], 0x24}}, 0x0) 15.588952111s ago: executing program 3 (id=1377): ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000000)) r0 = socket$kcm(0x2b, 0x0, 0x0) sendmsg$inet(r0, &(0x7f0000000040)={&(0x7f00000000c0)={0x2, 0x4001, @loopback}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x2000488c) recvmsg$kcm(r0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0) close(r0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_GET(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)={0x14, 0x0, 0x1, 0x0, 0x0, {0x6}}, 0x14}}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x6) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, 0x0) syz_80211_inject_frame(0x0, 0x0, 0x47) openat$kvm(0xffffffffffffff9c, 0x0, 0x1810c0, 0x0) r4 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/oss_mixer\x00', 0x2002, 0x0) write$proc_mixer(r4, &(0x7f0000000180)=ANY=[@ANYBLOB="5245434c45560a50484f4e454f55540a535045414b455220274344272030303030303030303030303030303030303030300a4449474954414c32202706006e652043617074557265272030303030303034303030303030303030303030300a20"], 0xb8) r5 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/oss_mixer\x00', 0x0, 0x0) dup3(r5, r4, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r6, 0x8914, &(0x7f0000000000)={'wlan1\x00'}) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_GET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0) 12.618699803s ago: executing program 0 (id=1378): syz_usb_connect(0x0, 0x24, &(0x7f0000000280)=ANY=[@ANYBLOB="12010000ac3c4240450caa60d943000000010902"], 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_usb_connect$cdc_ncm(0x0, 0x6f, &(0x7f0000000380)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5d, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x6, 0x24, 0x6, 0x0, 0x1, "a1"}, {0x5}, {0xd}, {0x6}}}}}}]}}, &(0x7f0000000640)={0x0, 0x0, 0x19, &(0x7f00000001c0)={0x5, 0xf, 0x19, 0x1, [@ss_container_id={0x14, 0x10, 0x4, 0x0, "a5146a0734e9d05b46f164eb4f4b007e"}]}}) sendmsg$NL80211_CMD_REGISTER_BEACONS(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000), 0xc, 0x0}, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2004c8]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12.465917941s ago: executing program 2 (id=1380): r0 = getpid() prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$NL802154_CMD_NEW_SEC_KEY(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000500)={0x178, r3, 0x500, 0x0, 0x25dfdbfd, {}, [@NL802154_ATTR_SEC_KEY={0x98, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_BYTES={0x14, 0x4, "99a737bd19e2df3dbaba5621a087911c"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "b8dff079028044950b1f92a7dcaeca8b"}, @NL802154_KEY_ATTR_ID={0x44, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0xd99a}, @NL802154_KEY_ID_ATTR_INDEX={0x5}]}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0xfe}, @NL802154_KEY_ATTR_ID={0x20, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x3}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x1}, @NL802154_KEY_ID_ATTR_IMPLICIT={0xc, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa0}]}]}]}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}, @NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_SEC_KEY={0xa8, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x1}, @NL802154_KEY_ATTR_ID={0x64, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x24, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_MODE={0x8}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x1}, @NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x1}, @NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x1}]}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x5}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x2}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x4}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x1}]}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "c414e1fe648b12c7c21b0db4c16a5120d47a3244d6d60d45510328297e2b45bd"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "8ad47e421901b9b44e407498ed9e3c14"}]}]}, 0x178}}, 0x0) r4 = timerfd_create(0x0, 0x0) r5 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) dup2(0xffffffffffffffff, r5) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00'}, 0x10) timerfd_gettime(r4, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000240)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000014040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="030300000000000000000700000008000300", @ANYRES32=r6], 0x1c}}, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f00000001c0)={'team_slave_1\x00'}) r8 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r8, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x12, &(0x7f0000000080)=ANY=[@ANYBLOB="180200000000000000000000000031d08510000006", @ANYRES32], &(0x7f0000000000)='GPL\x00', 0x2}, 0x90) 12.178793354s ago: executing program 3 (id=1381): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x2a, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) r1 = getpid() socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x10000000013, 0x0, 0x0) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000280)='wlan1\x00', 0x10) setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0) statx(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x4000, 0x0, 0x0) shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000340)={{0x2, 0x0, 0xee00}, 0x0, 0x9, 0x0, 0x0, r1, r1, 0x7ff}) setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000240)={@private, @broadcast, @multicast1}, 0xc) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0) chdir(&(0x7f00000020c0)='./file0\x00') creat(&(0x7f0000000040)='./bus\x00', 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0, 0x10, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='net/rt_cache\x00') pread64(0xffffffffffffffff, &(0x7f0000000000)=""/161, 0xa1, 0x0) write$FUSE_LK(0xffffffffffffffff, &(0x7f0000000040)={0x28}, 0x28) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0xc0606610, &(0x7f0000000040)) r2 = socket$inet(0x2, 0x2, 0x1) setsockopt$inet_opts(r2, 0x0, 0x4, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) 11.210946206s ago: executing program 3 (id=1382): mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x0, 0x7, 0x8, 0x8, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000280)=@framed, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x8, &(0x7f0000002e00)=ANY=[@ANYBLOB="620af8ff0c011021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c767056a982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf9943134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2eed44d69fe32b0142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff90326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000070000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6a04006bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b17690158969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583584acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb4d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f8957727da5122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0ae500000000000000dc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6eada31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000d58c08acaf30235b918a31d2eca55f74a23641f6022d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7c48de61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e4000000000d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb8434503680300383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd574d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718fd02cde45eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff1500000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9ab48620f144ff72ac579e4a5240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d0104361c37c61a43b5afd865b60d4cae891b73220f17d25979a7f76834995e53a93a1c7b9eef267df651bc25070b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5500ff49d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e9611d2e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e64701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b08faa4bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4faa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a2689217380400a9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef6853f35c28bc57665f6212f875b2a000000000000000000000000000020bd79e41c682139c58ac1deb039a691ad640e12c12fe11d70fe495906f2d5d71778acbd4eee53a3996cb0de84bd2b0504789d60c0f96a53ea44e0b293865aa68df494f87db976e36ad6c06912244d4c883c4aaa60b4a1392ce0b2f2c519663b4652ff871e0f6dfff9f7d34ecf04be0a58c3d53174b67d1886e34b81ad8c60da56acc64739c3acab24aa8d0ac92d465074f915608b1b60a948bad401b1a7fb3627bbe6c45123ed44bfdf8cc143bd1b7a663dc3d0476b8e39becffc429e41f66b1e37ae52aacaff0f1dc8ea70b68c25072e20586b19127d75fa71577f265c5100000000000000000000000000000000000000000000000070a45784f793e88e477e48f7d87acf12a6731eb5350831f500461ed55897f517923c73f731c139464c6383e580ce222a3250dd12ba25f71de8c94f56f418460dff5678c7c3f51ab4ddc29ffdf496bd8c579401c734fd5ac11a1008ce1d63f5b516d92bf5d718b267017b3ecd7200a7db0ef6b3a8e1f22186961f8c86c29b3144aa71d1623f9053dcf2a445c69d0f14b24884e83a94ad02647b8959c4eef7516546040c83e04484d7f2b65456e2da0dcc7f5a9024b8f4d35cbb03da118cb5f25b97894eafca8140fadcac67c5b17efea5a65b9a66cedb68619f2622733254650fe28f8233f40bed514bdfb199bf21cf421f2f70b1a285e86b542947cba56e23c3ae82d62e99d20d803bab995faae7389946ac0773194a5c2dcb3b57f6dcc6cb564e1dc7f0499df2b10bb50b470197ea7e8892c600"/4141], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x49) r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x9, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r1}, {}, {0x85, 0x0, 0x0, 0x6b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000000c0)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() ioctl$EXT4_IOC_GROUP_ADD(0xffffffffffffffff, 0x40286608, &(0x7f0000000040)={0xfffffff7, 0x80000001, 0x0, 0x0, 0x4}) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/block/loop0', 0x0, 0x0) r6 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r6, 0x0, 0x0) recvfrom$inet(r6, 0x0, 0x78, 0x0, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000000480)="e1e1d73f743c66a8a03f28e49f8c50ca8ab5f022483684c506cbc2076891479d4c6c605f9a204a5d599c3db4d7e6daa762a0d9e8c8d0895b2f0ed5f93a65fd8286c7fc00d3cc1952aa0a1f08759d3d2147d3e427a54034b2f8573c94cfe85563fade876655d293ff6de6c5fe", 0x6c) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB], 0x0}, 0x90) r7 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$sock_int(r7, 0x1, 0x49, &(0x7f0000000240), 0x4) mount(&(0x7f00000001c0)=@filename='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000001200)='vfat\x00', 0x0, 0x0) 10.508157108s ago: executing program 2 (id=1383): ioctl$DRM_IOCTL_MODE_ADDFB2(0xffffffffffffffff, 0xc06864b8, 0x0) sendmsg$inet_sctp(0xffffffffffffffff, 0x0, 0x0) socket(0x0, 0x80000, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000100)) openat$sysctl(0xffffffffffffff9c, 0x0, 0x1, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405668, &(0x7f0000000080)={0x0, 0x3, 0x0, "b800020000000000000000110fd3f1000000000000000000b700"}) preadv(r0, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xb, &(0x7f0000000000), 0x4) bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0xfffffffe, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x6}, 0x1c) add_key$user(0x0, &(0x7f0000000440), &(0x7f00000000c0), 0x0, 0xfffffffffffffffd) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x2000)=nil, 0x8000000, 0x9) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) 10.10362579s ago: executing program 2 (id=1384): ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000240)={'bridge_slave_0\x00', 0x0}) mbind(&(0x7f0000bdf000/0x4000)=nil, 0x4000, 0x1, 0x0, 0x0, 0x0) mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil) munmap(&(0x7f0000ba0000/0x2000)=nil, 0x2000) munmap(&(0x7f000045e000/0x1000)=nil, 0x1000) mremap(&(0x7f0000dde000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000bb3000/0x1000)=nil) mremap(&(0x7f00006bd000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000721000/0x4000)=nil) munmap(&(0x7f0000b45000/0x1000)=nil, 0x1000) madvise(&(0x7f0000ad2000/0x4000)=nil, 0x4000, 0x10) mremap(&(0x7f00007b2000/0x4000)=nil, 0x4000, 0x3000, 0x3, &(0x7f0000968000/0x3000)=nil) mremap(&(0x7f000040b000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f00004b3000/0x4000)=nil) mremap(&(0x7f000046b000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000769000/0x1000)=nil) mremap(&(0x7f0000ccc000/0x4000)=nil, 0x4000, 0x2000, 0x3, &(0x7f0000b0e000/0x2000)=nil) mremap(&(0x7f000041b000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000c67000/0x4000)=nil) munmap(&(0x7f00003fe000/0xc00000)=nil, 0xc00000) 10.017983822s ago: executing program 3 (id=1385): modify_ldt$write2(0x11, &(0x7f0000000040), 0x10) modify_ldt$read(0x0, &(0x7f0000000840)=""/4096, 0x1000) 9.807543909s ago: executing program 0 (id=1386): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000140), 0x40082) write$sndseq(r0, 0x0, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) r2 = syz_io_uring_setup(0x2ddd, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000240), &(0x7f0000000380)=0x0) syz_io_uring_setup(0x5e2, &(0x7f0000000280), &(0x7f0000000040)=0x0, &(0x7f0000000180)) syz_io_uring_submit(r4, r3, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x4}) io_uring_enter(r2, 0xa3d, 0x0, 0x0, 0x0, 0x0) r5 = syz_io_uring_setup(0x238, &(0x7f0000000400)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=0x0, &(0x7f0000000480)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000380)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r5, 0x2def, 0x0, 0x0, 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r1, 0x4058534c, &(0x7f00000000c0)={0x80, 0x7}) 9.782145341s ago: executing program 2 (id=1387): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$binfmt_aout(r0, &(0x7f0000000340)=ANY=[], 0xff2e) ioctl$TCXONC(r0, 0x540a, 0x0) ioctl$TCXONC(r0, 0x540a, 0x2) ioctl$TCXONC(r0, 0x540a, 0x1) ioctl$TCXONC(r0, 0x540a, 0x3) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)) 9.780928001s ago: executing program 3 (id=1388): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) pipe2(0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000800)={&(0x7f00000003c0)=ANY=[@ANYBLOB="9feb01001800000000000000200000002000000002000000000000000100000d0000001bae000000020000000000000046adac7dc700000002050000000000"], &(0x7f0000000840)=""/253, 0x3a, 0xfd, 0x1}, 0x20) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x11, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=@framed={{}, [@call={0x85, 0x0, 0x0, 0xbc}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {0x4}, {0x6, 0x0, 0xa}, {}, {}, {0x85, 0x0, 0x0, 0x33}}]}, &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r4}, 0xc) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040), 0x4) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10) accept$inet6(0xffffffffffffffff, &(0x7f0000000400)={0xa, 0x0, 0x0, @initdev}, &(0x7f0000000440)=0x1c) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/fscaps', 0x210100, 0x91) r6 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000640)=ANY=[@ANYBLOB="12010000000000406a0531030000000000010902240001000000000904d6142b900000220300000009210000000022050009058103000000000004f0e6232208835b860ad48957e3d7cf3f5b678e05c8695bae6c997ec459e47a0c46651a7b81f1f6c622ff7577486b2ea8d51abf21bf8934e2f0192c8cdf569a95b6ec3dc73f1ed751441df8c10b8879a55385847bb17d3f52da8e83cd522ba848d6318e9ac975ee69205688963c4396f635627f821c431a54de03511052c85e213839a36153d5eb658ad7e0206811fb9b5be4c4f5bc12667ba73a2055403fd6b9338b617c29a6ef2613f103a268c8874eba64bc79a1a32bbeab81eed2418aae3fbf9589a2eb0771f79d0add619abb9f149c8002cae54d75a3cfa112864187d2f5d88fa8d186ded3029162933a2cb6622a"], 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) syz_usb_control_io(r6, &(0x7f0000000240)={0x2c, &(0x7f0000000300)={0x0, 0x0, 0x7, {0x7, 0x0, "a05e19f8a1"}}, 0x0, 0x0, 0x0, 0x0}, 0x0) r7 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000580)=ANY=[@ANYBLOB="12010000459bb240580403500000000000010902", @ANYRES32], 0x0) syz_usb_control_io$uac1(r7, &(0x7f0000000100)={0x14, &(0x7f0000000040)={0x40, 0x8, 0x75, {0x75, 0x0, "eeed2d77287b0030c873e68059b7a6b22f8d921b65ce3408e63e368a890601911e8795be368f0e7da1e2b5c2a32adccba5986fd7aa07564056bb051ec545859d9efa99db12f56ccbcb8d7ef70399e8c5f4c6c0c60d178d72cd6b0f817626090e1418cecb4a7e63e4ce459e5b66fbb653124dcf"}}, &(0x7f00000000c0)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x41e}}}, &(0x7f0000000440)={0x44, &(0x7f0000000140)={0x40, 0xc, 0x89, "f4476dad3ef742e6865bf22c538b8d7f8b944442300c6dcecfa372e1386be01ad7daff4fae8ebfb026c17f19d079812609796306f38052f35ca155810f5bc2163a3ccb84ad0432eb2960a5b6435adebb773db81e2c6543c8c1d88f43252765676d3f81476df00215a664f21e5301f52bd957056718a73303ffff9878f107db6672fb83acddc1731134"}, &(0x7f0000000200)={0x0, 0xa, 0x1, 0x4}, &(0x7f0000000280)={0x0, 0x8, 0x1, 0xf9}, &(0x7f00000005c0)=ANY=[@ANYBLOB="0000000000000003a6"], &(0x7f0000000340)={0x20, 0x82, 0x2, "80eb"}, &(0x7f0000000380)={0x20, 0x83, 0x1, 'z'}, 0x0, &(0x7f0000000400)={0x20, 0x85, 0x3, "06cf85"}}) 9.489940212s ago: executing program 0 (id=1389): sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) capget(0x0, 0x0) r0 = syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f00000005c0)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0) syz_usb_ep_write(r0, 0x1, 0x0, 0x0) 9.250745299s ago: executing program 2 (id=1390): socket$nl_route(0x10, 0x3, 0x0) futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0) futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) r1 = syz_open_dev$video4linux(&(0x7f0000000000), 0x5, 0x0) ioctl$VIDIOC_SUBDEV_S_FMT(r1, 0xc040564a, &(0x7f00000000c0)) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000140)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x87}, @printk={@s}]}, &(0x7f0000000080)='GPL\x00'}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r3, 0x0, 0xe, 0x0, &(0x7f00000003c0)="386d177329a39dea18dd3f87d7a5", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) connect$inet6(0xffffffffffffffff, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x6) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) write$FUSE_NOTIFY_RETRIEVE(r4, &(0x7f0000000100)={0x30, 0x5, 0x0, {0x0, 0x1}}, 0x30) read$FUSE(r4, &(0x7f00000021c0)={0x2020, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x2020) umount2(&(0x7f00000001c0)='./file0\x00', 0x0) write$FUSE_NOTIFY_INVAL_ENTRY(r4, 0x0, 0x29) syz_open_dev$tty1(0xc, 0x4, 0x1) ptrace$ARCH_SHSTK_ENABLE(0x1e, r5, 0x0, 0x5001) socket$packet(0x11, 0x2, 0x300) futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, &(0x7f0000048000), 0x0) socket(0x200000000000011, 0x3, 0x0) 3.994198075s ago: executing program 0 (id=1391): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) sendmmsg$sock(r0, &(0x7f0000000800)=[{{&(0x7f00000005c0)=@qipcrtr={0x2a, 0x1}, 0x80, 0x0}}], 0x1, 0x0) 3.381667177s ago: executing program 0 (id=1392): madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x3}) ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000040)={&(0x7f000021b000/0x4000)=nil, &(0x7f00006c4000/0x1000)=nil, 0x4000}) 3.106474627s ago: executing program 0 (id=1393): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000126abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3acb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00'}, 0x41) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001d40)={&(0x7f00000009c0)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) keyctl$session_to_parent(0x12) r4 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r4, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x1000}, 0x20) 0s ago: executing program 3 (id=1394): r0 = socket$nl_route(0x10, 0x3, 0x0) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000800)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0xffea, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3000000071000100000000000000000007000000", @ANYRES32=r2, @ANYBLOB="0c00018008000100000004000c0002"], 0x30}}, 0x0) kernel console output (not intermixed with test programs): -003: ================== END STATUS ================== [ 496.310844][ T9176] netlink: 'syz.4.881': attribute type 4 has an invalid length. [ 497.735270][ T9224] syz.2.893: attempt to access beyond end of device [ 497.735270][ T9224] nbd2: rw=0, sector=2, nr_sectors = 2 limit=0 [ 497.749482][ T9224] MINIX-fs: unable to read superblock [ 498.887963][ T30] audit: type=1326 audit(1722186702.945:921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9247 comm="syz.4.898" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f6bf9977299 code=0x0 [ 499.249163][ T9252] syzkaller0: entered promiscuous mode [ 499.255295][ T9252] syzkaller0: entered allmulticast mode [ 499.274927][ T9015] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 499.304891][ T9015] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 499.354231][ T9015] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 500.337657][ T9264] trusted_key: encrypted_key: insufficient parameters specified [ 501.324070][ T9269] 9pnet_fd: Insufficient options for proto=fd [ 502.063727][ T1259] ieee802154 phy0 wpan0: encryption failed: -22 [ 502.070741][ T1259] ieee802154 phy1 wpan1: encryption failed: -22 [ 504.553571][ T9015] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 504.853203][ T9282] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.908'. [ 505.954325][ T1174] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 506.276375][ T1174] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 506.354030][ T1174] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 506.582171][ T1174] usb 5-1: config 0 descriptor?? [ 506.622533][ T1174] cp210x 5-1:0.0: cp210x converter detected [ 506.701847][ T9015] 8021q: adding VLAN 0 to HW filter on device bond0 [ 506.803956][ T30] audit: type=1400 audit(1722186710.865:922): avc: denied { getopt } for pid=9300 comm="syz.2.912" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 506.910919][ T9015] 8021q: adding VLAN 0 to HW filter on device team0 [ 507.003820][ T9282] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 507.052423][ T9282] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 507.082948][ T5274] bridge0: port 1(bridge_slave_0) entered blocking state [ 507.090187][ T5274] bridge0: port 1(bridge_slave_0) entered forwarding state [ 507.134439][ T5274] bridge0: port 2(bridge_slave_1) entered blocking state [ 507.141741][ T5274] bridge0: port 2(bridge_slave_1) entered forwarding state [ 507.240462][ T9304] input: syz1 as /devices/virtual/input/input11 [ 507.257257][ T5234] Bluetooth: hci1: unknown advertising packet type: 0x23 [ 507.257361][ T5234] Bluetooth: hci1: unknown advertising packet type: 0x56 [ 507.265379][ T5234] Bluetooth: hci1: unknown advertising packet type: 0x8e [ 507.267329][ T30] audit: type=1400 audit(1722186711.315:923): avc: denied { read } for pid=9281 comm="syz.4.908" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 507.272799][ T5234] Bluetooth: hci1: unknown advertising packet type: 0x1a [ 507.306574][ T5234] Bluetooth: hci1: unknown advertising packet type: 0x12 [ 507.313895][ T5234] Bluetooth: hci1: unknown advertising packet type: 0xfa [ 507.321116][ T5234] Bluetooth: hci1: unknown advertising packet type: 0x66 [ 507.575382][ T30] audit: type=1400 audit(1722186711.635:924): avc: denied { setopt } for pid=9316 comm="syz.3.914" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 507.639150][ T1174] cp210x 5-1:0.0: failed to get vendor val 0x000e size 3: -71 [ 507.670682][ T1174] cp210x 5-1:0.0: failed to get vendor val 0x3711 size 2: -71 [ 507.729007][ T1174] cp210x 5-1:0.0: GPIO initialisation failed: -71 [ 507.790197][ T1174] usb 5-1: cp210x converter now attached to ttyUSB0 [ 507.831174][ T1174] usb 5-1: USB disconnect, device number 14 [ 507.875208][ T1174] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 507.911468][ T1174] cp210x 5-1:0.0: device disconnected [ 509.301131][ T9015] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 509.405040][ T9348] vivid-004: disconnect [ 509.898569][ T9341] vivid-004: reconnect [ 510.363742][ T9015] veth0_vlan: entered promiscuous mode [ 510.467295][ T9015] veth1_vlan: entered promiscuous mode [ 510.576964][ T9015] veth0_macvtap: entered promiscuous mode [ 510.624611][ T9015] veth1_macvtap: entered promiscuous mode [ 510.874777][ T9367] netlink: 16 bytes leftover after parsing attributes in process `syz.2.920'. [ 511.469598][ T9360] delete_channel: no stack [ 511.652283][ T9015] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 511.730265][ T9015] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 511.798961][ T9015] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 511.844972][ T9015] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 511.868378][ T9015] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 511.903961][ T9015] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 511.934115][ T9015] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 511.988486][ T9015] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 512.028796][ T9015] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 512.073708][ T9015] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 512.109084][ T9015] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 512.148734][ T9015] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 512.188357][ T9015] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 512.285591][ T9371] netlink: 16 bytes leftover after parsing attributes in process `syz.2.922'. [ 512.319110][ T9371] netlink: 76 bytes leftover after parsing attributes in process `syz.2.922'. [ 512.357299][ T9371] vlan0: entered allmulticast mode [ 512.369455][ T9371] veth0_vlan: entered allmulticast mode [ 512.394337][ T9373] netlink: 'syz.3.923': attribute type 10 has an invalid length. [ 512.466995][ T9373] team0: Port device netdevsim0 added [ 512.490127][ T9378] netlink: 'syz.3.923': attribute type 10 has an invalid length. [ 512.565870][ T9015] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 512.602968][ T9015] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 512.638878][ T9015] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 512.679994][ T9015] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 512.742007][ T9015] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 512.759990][ T9015] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 512.789627][ T9015] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 512.811354][ T9015] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 512.949152][ T9015] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 513.006406][ T9015] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 513.073490][ T9015] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 513.136639][ T9015] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 513.167804][ T9015] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 514.324390][ T9015] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 514.369946][ T9015] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 514.430036][ T9015] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 514.460845][ T9015] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 516.729113][ T2924] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 516.748899][ T2924] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 516.969492][ T2924] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 517.005387][ T2924] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 518.239248][ T30] audit: type=1400 audit(1722186722.305:925): avc: denied { setopt } for pid=9443 comm="syz.2.937" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1 [ 518.261304][ T9447] netlink: 'syz.0.839': attribute type 11 has an invalid length. [ 518.301262][ T9447] netlink: 210876 bytes leftover after parsing attributes in process `syz.0.839'. [ 519.595550][ T9453] Invalid/unusable pipe [ 520.734080][ T9461] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns [ 520.743224][ T9461] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer. [ 523.144806][ T9480] openvswitch: netlink: Unexpected mask (mask=440, allowed=10048) [ 523.512398][ T9472] [U]  [ 526.740430][ T9515] netlink: 188 bytes leftover after parsing attributes in process `syz.3.958'. [ 526.761935][ T9515] netlink: 48 bytes leftover after parsing attributes in process `syz.3.958'. [ 526.794588][ T9515] netlink: 16 bytes leftover after parsing attributes in process `syz.3.958'. [ 526.850342][ T5274] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 526.919129][ T5234] Bluetooth: hci5: Malformed LE Event: 0x1b [ 527.103230][ T5274] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 527.121459][ T5274] usb 2-1: New USB device found, idVendor=05ab, idProduct=0301, bcdDevice= 1.00 [ 527.137957][ T5274] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 527.150784][ T5274] usb 2-1: Product: syz [ 527.155213][ T5274] usb 2-1: Manufacturer: syz [ 527.161271][ T5274] usb 2-1: SerialNumber: syz [ 527.178072][ T5274] usb 2-1: config 0 descriptor?? [ 527.187871][ T5274] ums-isd200 2-1:0.0: USB Mass Storage device detected [ 527.447208][ T5274] usb 2-1: USB disconnect, device number 13 [ 528.819206][ T9543] netlink: 'syz.1.964': attribute type 10 has an invalid length. [ 528.895024][ T9543] netdevsim netdevsim1 netdevsim0: entered promiscuous mode [ 528.951776][ T9543] netdevsim netdevsim1 netdevsim0: entered allmulticast mode [ 528.970863][ T9543] team0: Port device netdevsim0 added [ 529.064353][ T9547] netlink: 'syz.1.964': attribute type 10 has an invalid length. [ 529.936225][ T9552] vivid-000: kernel_thread() failed [ 530.233296][ T30] audit: type=1400 audit(1722186734.285:926): avc: denied { create } for pid=9554 comm="syz.0.969" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_nflog_socket permissive=1 [ 531.540739][ T5278] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 531.549520][ T30] audit: type=1400 audit(1722186735.595:927): avc: denied { read write } for pid=9563 comm="syz.4.972" name="nullb0" dev="devtmpfs" ino=682 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 531.618652][ T30] audit: type=1400 audit(1722186735.595:928): avc: denied { open } for pid=9563 comm="syz.4.972" path="/dev/nullb0" dev="devtmpfs" ino=682 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 531.727348][ T30] audit: type=1326 audit(1722186735.605:929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9574 comm="syz.3.974" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbad3177299 code=0x7ffc0000 [ 531.766799][ T9578] netlink: 8 bytes leftover after parsing attributes in process `syz.3.974'. [ 531.778728][ T30] audit: type=1326 audit(1722186735.605:930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9574 comm="syz.3.974" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbad3177299 code=0x7ffc0000 [ 531.842727][ T5278] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 531.862524][ T30] audit: type=1326 audit(1722186735.645:931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9574 comm="syz.3.974" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbad3175cd0 code=0x7ffc0000 [ 531.927912][ T30] audit: type=1326 audit(1722186735.645:932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9574 comm="syz.3.974" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fbad3178a27 code=0x7ffc0000 [ 531.929263][ T5234] Bluetooth: hci1: Malformed LE Event: 0x1b [ 531.960970][ T5278] usb 2-1: New USB device found, idVendor=05ab, idProduct=0301, bcdDevice= 1.00 [ 531.980737][ T5278] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 531.989041][ T5278] usb 2-1: Product: syz [ 531.993421][ T5278] usb 2-1: Manufacturer: syz [ 531.998163][ T5278] usb 2-1: SerialNumber: syz [ 532.011038][ T5278] usb 2-1: config 0 descriptor?? [ 532.046052][ T5278] ums-isd200 2-1:0.0: USB Mass Storage device detected [ 532.080712][ T30] audit: type=1326 audit(1722186735.645:933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9574 comm="syz.3.974" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fbad3177299 code=0x7ffc0000 [ 532.155438][ T30] audit: type=1326 audit(1722186735.645:934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9574 comm="syz.3.974" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fbad3178a27 code=0x7ffc0000 [ 532.186064][ T30] audit: type=1326 audit(1722186735.645:935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9574 comm="syz.3.974" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fbad3175fca code=0x7ffc0000 [ 532.491000][ T5268] usb 2-1: USB disconnect, device number 14 [ 535.065071][ T9632] cgroup: noprefix used incorrectly [ 535.890179][ T5234] Bluetooth: hci1: unexpected event for opcode 0x080f [ 535.996622][ T5234] Bluetooth: hci1: ACL packet for unknown connection handle 712 [ 536.041622][ T5234] Bluetooth: hci1: ISO packet for unknown connection handle 2560 [ 537.980865][ T5234] Bluetooth: hci1: command 0x0406 tx timeout [ 538.462263][ T30] kauditd_printk_skb: 63 callbacks suppressed [ 538.462280][ T30] audit: type=1107 audit(1722186742.525:999): pid=9679 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='' [ 538.515901][ T9682] netlink: 'syz.4.1002': attribute type 4 has an invalid length. [ 538.526491][ T9682] netlink: 'syz.4.1002': attribute type 4 has an invalid length. [ 539.598373][ T9694] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 539.604056][ T30] audit: type=1326 audit(1722186743.655:1000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9689 comm="syz.1.1004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86ec377299 code=0x7ffc0000 [ 539.716409][ T30] audit: type=1326 audit(1722186743.655:1001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9689 comm="syz.1.1004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86ec377299 code=0x7ffc0000 [ 539.797589][ T9693] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1004'. [ 539.806816][ T30] audit: type=1326 audit(1722186743.695:1002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9689 comm="syz.1.1004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f86ec375cd0 code=0x7ffc0000 [ 539.848732][ T30] audit: type=1326 audit(1722186743.695:1003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9689 comm="syz.1.1004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f86ec378a27 code=0x7ffc0000 [ 539.888634][ T30] audit: type=1326 audit(1722186743.695:1004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9689 comm="syz.1.1004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f86ec377299 code=0x7ffc0000 [ 539.919202][ T5234] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 539.935964][ T30] audit: type=1326 audit(1722186743.695:1005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9689 comm="syz.1.1004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f86ec378a27 code=0x7ffc0000 [ 539.938023][ T5234] Bluetooth: hci1: Injecting HCI hardware error event [ 539.973195][ T4608] Bluetooth: hci1: hardware error 0x00 [ 540.016335][ T30] audit: type=1326 audit(1722186743.695:1006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9689 comm="syz.1.1004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f86ec375fca code=0x7ffc0000 [ 540.163928][ T30] audit: type=1326 audit(1722186743.695:1007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9689 comm="syz.1.1004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86ec377299 code=0x7ffc0000 [ 540.282991][ T30] audit: type=1326 audit(1722186743.715:1008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9689 comm="syz.1.1004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86ec377299 code=0x7ffc0000 [ 540.307769][ T9709] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.1011'. [ 541.830440][ T1849] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 542.080435][ T1849] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 542.088363][ T9730] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1016'. [ 542.091270][ T1849] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 542.141292][ T9730] openvswitch: netlink: Multiple metadata blocks provided [ 542.155795][ T1849] usb 5-1: config 0 descriptor?? [ 542.161170][ T4608] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 542.192416][ T1849] cp210x 5-1:0.0: cp210x converter detected [ 542.789616][ T4608] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 542.800246][ T4608] Bluetooth: hci0: Injecting HCI hardware error event [ 542.923309][ T5234] Bluetooth: hci0: hardware error 0x00 [ 543.547518][ T30] kauditd_printk_skb: 65 callbacks suppressed [ 543.547539][ T30] audit: type=1400 audit(1722186747.605:1074): avc: denied { setattr } for pid=9737 comm="syz.1.1020" name="tty1" dev="devtmpfs" ino=20 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tty_device_t tclass=chr_file permissive=1 [ 543.616583][ T9709] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 543.654408][ T9709] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 544.000840][ T1849] cp210x 5-1:0.0: failed to get vendor val 0x000e size 3: -71 [ 544.014829][ T1849] cp210x 5-1:0.0: failed to get vendor val 0x3711 size 2: -71 [ 544.052506][ T1849] cp210x 5-1:0.0: GPIO initialisation failed: -71 [ 544.101884][ T1849] usb 5-1: cp210x converter now attached to ttyUSB0 [ 544.148728][ T1849] usb 5-1: USB disconnect, device number 15 [ 544.183641][ T1849] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 544.231784][ T1849] cp210x 5-1:0.0: device disconnected [ 544.281275][ T30] audit: type=1326 audit(1722186748.345:1075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9754 comm="syz.1.1025" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f86ec377299 code=0x0 [ 544.461127][ T30] audit: type=1400 audit(1722186748.525:1076): avc: denied { connect } for pid=9734 comm="syz.0.1018" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 544.509343][ T30] audit: type=1400 audit(1722186748.555:1077): avc: denied { read } for pid=9754 comm="syz.1.1025" laddr=::ffff:127.0.0.1 lport=20003 faddr=::ffff:127.0.0.1 fport=43636 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 545.091386][ T9754] dccp_close: ABORT with 32 bytes unread [ 545.349022][ T5234] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 546.329594][ T30] audit: type=1326 audit(1722186749.665:1078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9765 comm="syz.2.1029" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f745f777299 code=0x0 [ 546.669948][ T5278] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 546.713948][ T4608] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 546.746417][ T4608] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 546.777294][ T4608] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 546.808057][ T4608] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 546.847206][ T4608] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 546.873796][ T4608] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 546.947568][ T29] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 546.974649][ T5278] usb 3-1: Using ep0 maxpacket: 8 [ 547.019995][ T5278] usb 3-1: config 0 has an invalid descriptor of length 123, skipping remainder of the config [ 547.059331][ T5278] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 547.116483][ T5278] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice=2f.d8 [ 547.131701][ T5278] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 547.140063][ T5278] usb 3-1: Product: syz [ 547.145467][ T5278] usb 3-1: Manufacturer: syz [ 547.152265][ T5278] usb 3-1: SerialNumber: syz [ 547.168184][ T5278] usb 3-1: config 0 descriptor?? [ 547.397544][ T29] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 547.655792][ T29] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 548.627676][ T9] usb 3-1: USB disconnect, device number 14 [ 548.821347][ T29] team0: Port device netdevsim0 removed [ 548.866718][ T29] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 548.939945][ T5234] Bluetooth: hci3: command tx timeout [ 548.951715][ T5268] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 548.961687][ T5268] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 548.972122][ T5268] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 548.981231][ T5268] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 548.991871][ T5268] hid-generic 0000:0000:0000.000C: hidraw0: HID v0.00 Device [syz0] on syz0 [ 549.168963][ T1174] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 549.406664][ T1174] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 549.450859][ T1174] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 549.473841][ T29] bridge_slave_1: left allmulticast mode [ 549.498557][ T29] bridge_slave_1: left promiscuous mode [ 549.504537][ T1174] usb 2-1: Product: syz [ 549.519016][ T1174] usb 2-1: Manufacturer: syz [ 549.523960][ T29] bridge0: port 2(bridge_slave_1) entered disabled state [ 549.533131][ T1174] usb 2-1: SerialNumber: syz [ 549.557960][ T1174] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 549.608155][ T29] bridge_slave_0: left allmulticast mode [ 549.633848][ T29] bridge_slave_0: left promiscuous mode [ 549.656109][ T29] bridge0: port 1(bridge_slave_0) entered disabled state [ 549.695518][ T9] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 549.964158][ T5278] usb 2-1: USB disconnect, device number 15 [ 550.008409][ T9821] syz.4.1041 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 550.785536][ T9] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive [ 550.793380][ T9] ath9k_htc: Failed to initialize the device [ 551.020562][ T5234] Bluetooth: hci3: command tx timeout [ 551.421648][ T5278] usb 2-1: ath9k_htc: USB layer deinitialized [ 553.099064][ T5234] Bluetooth: hci3: command tx timeout [ 554.050064][ T30] audit: type=1400 audit(1722186758.105:1079): avc: denied { getopt } for pid=9838 comm="syz.0.1047" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 554.341011][ T9841] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns [ 554.349495][ T9841] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer. [ 555.021138][ T9849] vim2m vim2m.0: vidioc_s_fmt queue busy [ 555.299086][ T5234] Bluetooth: hci3: command tx timeout [ 555.904353][ T29] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 555.993021][ T29] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 556.048355][ T29] bond0 (unregistering): Released all slaves [ 556.135757][ T9778] chnl_net:caif_netlink_parms(): no params data found [ 556.553815][ T30] audit: type=1107 audit(1722186760.585:1080): pid=9865 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='' [ 558.190370][ T9870] netlink: 'syz.4.1055': attribute type 4 has an invalid length. [ 558.224150][ T9876] netlink: 'syz.4.1055': attribute type 4 has an invalid length. [ 559.891301][ T9778] bridge0: port 1(bridge_slave_0) entered blocking state [ 559.898542][ T9778] bridge0: port 1(bridge_slave_0) entered disabled state [ 559.968351][ T9778] bridge_slave_0: entered allmulticast mode [ 560.023475][ T9778] bridge_slave_0: entered promiscuous mode [ 560.158964][ T30] audit: type=1400 audit(1722186764.215:1081): avc: denied { getopt } for pid=9918 comm="syz.1.1067" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 560.255377][ T30] audit: type=1400 audit(1722186764.225:1082): avc: denied { bind } for pid=9920 comm="syz.0.1068" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 560.329404][ T29] hsr_slave_0: left promiscuous mode [ 560.370223][ T29] hsr_slave_1: left promiscuous mode [ 560.396850][ T29] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 560.417672][ T29] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 560.450566][ T29] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 560.475082][ T29] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 560.565162][ T30] audit: type=1400 audit(1722186764.625:1083): avc: denied { module_load } for pid=9937 comm="syz.2.1072" path=2F6D656D66643A10376DAD4ADC3A46A006E6BBB8B0E8C387122B8F59EEC7D02CC6012A881455DEFA3AEEE81D91468629202864656C6574656429 dev="tmpfs" ino=1126 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=system permissive=1 [ 560.565286][ T9938] Invalid architecture in ELF header: 0 [ 560.621788][ T29] veth1_macvtap: left promiscuous mode [ 560.657414][ T29] veth0_macvtap: left promiscuous mode [ 560.680725][ T29] veth1_vlan: left promiscuous mode [ 560.681735][ T9929] input: syz1 as /devices/virtual/input/input12 [ 560.698586][ T29] veth0_vlan: left promiscuous mode [ 560.736435][ T9941] netlink: 'syz.1.1070': attribute type 1 has an invalid length. [ 560.759179][ T9941] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1070'. [ 560.859345][ T30] audit: type=1400 audit(1722186764.885:1084): avc: denied { map } for pid=9926 comm="syz.0.1071" path="/dev/nullb0" dev="devtmpfs" ino=682 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 560.897504][ T9941] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1070'. [ 560.948051][ T9944] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1070'. [ 561.338406][ T30] audit: type=1107 audit(1722186765.395:1085): pid=9952 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='' [ 562.227942][ T29] team0 (unregistering): Port device team_slave_1 removed [ 562.309383][ T29] team0 (unregistering): Port device team_slave_0 removed [ 562.977910][ T9778] bridge0: port 2(bridge_slave_1) entered blocking state [ 562.988633][ T9778] bridge0: port 2(bridge_slave_1) entered disabled state [ 562.996289][ T9778] bridge_slave_1: entered allmulticast mode [ 563.004109][ T9778] bridge_slave_1: entered promiscuous mode [ 563.068031][ T9956] netlink: 'syz.0.1074': attribute type 4 has an invalid length. [ 563.109549][ T9957] netlink: 'syz.0.1074': attribute type 4 has an invalid length. [ 563.208635][ T9778] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 563.302155][ T9778] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 563.508014][ T1259] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.519635][ T1259] ieee802154 phy1 wpan1: encryption failed: -22 [ 563.548571][ T9778] team0: Port device team_slave_0 added [ 563.561760][ T9778] team0: Port device team_slave_1 added [ 563.616105][ T9966] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns [ 563.624689][ T9966] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer. [ 564.357125][ T9778] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 564.447209][ T9778] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 564.687809][ T9778] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 564.707812][ T9987] Invalid architecture in ELF header: 0 [ 564.909899][ T9778] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 564.916886][ T9778] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 564.969848][ T9778] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 565.016751][ C0] eth0: bad gso: type: 1, size: 1408 [ 565.074542][ T9992] xt_connbytes: Forcing CT accounting to be enabled [ 565.094846][ T9992] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 565.159040][ T9992] xt_bpf: check failed: parse error [ 565.294264][T10001] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1086'. [ 565.370852][ T9778] hsr_slave_0: entered promiscuous mode [ 565.561782][ T9778] hsr_slave_1: entered promiscuous mode [ 565.583561][ T9778] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 566.463427][ T9778] Cannot create hsr debugfs directory [ 566.544853][T10012] SELinux: Context system_u:object_r:var_lib_t:s0 is not valid (left unmapped). [ 566.592771][ T30] audit: type=1400 audit(1722186770.615:1086): avc: denied { relabelto } for pid=10003 comm="syz.1.1088" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:var_lib_t:s0" [ 566.592834][ T30] audit: type=1400 audit(1722186770.635:1087): avc: denied { associate } for pid=10003 comm="syz.1.1088" name="/" dev="tmpfs" ino=1 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:var_lib_t:s0" [ 566.596153][T10018] SELinux: Context system_u:object_r:modules_object_t:s0 is not valid (left unmapped). [ 566.598568][ T30] audit: type=1400 audit(1722186770.655:1088): avc: denied { relabelto } for pid=10003 comm="syz.1.1088" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:modules_object_t:s0" [ 566.622187][ T30] audit: type=1107 audit(1722186770.685:1090): pid=10005 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='' [ 566.683447][ T30] audit: type=1400 audit(1722186770.675:1089): avc: denied { associate } for pid=10003 comm="syz.1.1088" name="/" dev="tmpfs" ino=1 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:modules_object_t:s0" [ 566.877877][T10013] netlink: 'syz.4.1089': attribute type 4 has an invalid length. [ 567.040728][T10022] netlink: 'syz.4.1089': attribute type 4 has an invalid length. [ 567.670412][T10015] tty tty20: ldisc open failed (-12), clearing slot 19 [ 567.755515][T10023] ptm ptm0: ldisc open failed (-12), clearing slot 0 [ 571.274614][ T30] audit: type=1326 audit(1722186774.955:1091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10055 comm="syz.1.1095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86ec377299 code=0x7ffc0000 [ 571.314404][ T30] audit: type=1326 audit(1722186774.955:1092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10055 comm="syz.1.1095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86ec377299 code=0x7ffc0000 [ 571.540413][ T30] audit: type=1326 audit(1722186774.955:1093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10055 comm="syz.1.1095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f86ec377299 code=0x7ffc0000 [ 571.718677][ T30] audit: type=1326 audit(1722186774.955:1094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10055 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86ec377299 code=0x7ffc0000 [ 571.778055][ T30] audit: type=1326 audit(1722186774.955:1095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10055 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86ec377299 code=0x7ffc0000 [ 572.069046][ T30] audit: type=1326 audit(1722186774.955:1096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10055 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f86ec377299 code=0x7ffc0000 [ 572.373028][ T30] audit: type=1326 audit(1722186774.955:1097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10055 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86ec377299 code=0x7ffc0000 [ 577.759269][ T30] audit: type=1326 audit(1722186774.955:1098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10055 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86ec377299 code=0x7ffc0000 [ 577.904023][ T30] audit: type=1326 audit(1722186774.965:1099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10055 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f86ec377299 code=0x7ffc0000 [ 578.004289][ T9778] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 578.093359][ T30] audit: type=1326 audit(1722186774.965:1100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10055 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86ec377299 code=0x7ffc0000 [ 578.194568][ T9778] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 578.235563][ T9778] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 578.259027][ T30] audit: type=1326 audit(1722186774.965:1101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10055 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86ec377299 code=0x7ffc0000 [ 578.360947][ T9778] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 578.416928][ T30] audit: type=1326 audit(1722186774.965:1102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10055 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f86ec377299 code=0x7ffc0000 [ 578.599028][ T30] audit: type=1326 audit(1722186774.965:1103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10055 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f86ec36e2e7 code=0x7ffc0000 [ 578.713437][ T30] audit: type=1326 audit(1722186774.965:1104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10055 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f86ec312cb9 code=0x7ffc0000 [ 578.819652][ T30] audit: type=1326 audit(1722186774.965:1105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10055 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f86ec36e2e7 code=0x7ffc0000 [ 578.929591][ T30] audit: type=1326 audit(1722186774.965:1106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10055 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f86ec312cb9 code=0x7ffc0000 [ 578.967589][ T9778] 8021q: adding VLAN 0 to HW filter on device bond0 [ 579.058383][ T30] audit: type=1326 audit(1722186774.965:1107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10055 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86ec377299 code=0x7ffc0000 [ 579.086159][ T9778] 8021q: adding VLAN 0 to HW filter on device team0 [ 579.178015][ C0] eth0: bad gso: type: 1, size: 1408 [ 579.218032][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 579.225950][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 579.256575][T10088] openvswitch: netlink: Unexpected mask (mask=440, allowed=10048) [ 579.259020][ T5278] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 579.303666][T10091] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1103'. [ 579.327788][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 579.335183][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 579.348673][T10091] openvswitch: netlink: IP tunnel attribute has 3040 unknown bytes. [ 579.522056][ T5278] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 579.574432][ T5278] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 579.627866][ T5278] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 579.689138][ T5278] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 579.726942][ T5278] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 579.815854][ T5278] usb 3-1: config 0 descriptor?? [ 579.853601][T10082] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 580.166709][T10084] [U]  [ 580.274128][T10077] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 580.309266][T10077] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 580.573006][ T9778] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 580.761906][ T9778] veth0_vlan: entered promiscuous mode [ 580.806770][ T9778] veth1_vlan: entered promiscuous mode [ 580.820040][ T46] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 580.850092][ T5278] plantronics 0003:047F:FFFF.000D: unknown main item tag 0xd [ 580.900698][ T5278] plantronics 0003:047F:FFFF.000D: No inputs registered, leaving [ 580.968693][ T5278] plantronics 0003:047F:FFFF.000D: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 580.988613][ T9778] veth0_macvtap: entered promiscuous mode [ 581.043463][ T9778] veth1_macvtap: entered promiscuous mode [ 581.081996][ T46] usb 5-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=4b.d6 [ 581.129964][ T46] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 581.167338][ T46] usb 5-1: Product: syz [ 581.184155][ T46] usb 5-1: Manufacturer: syz [ 581.196249][ T46] usb 5-1: SerialNumber: syz [ 581.221082][ T46] usb 5-1: config 0 descriptor?? [ 581.227818][ T9778] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 581.252102][ T46] asix 5-1:0.0: probe with driver asix failed with error -22 [ 581.264817][ T9778] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 581.308937][ T9778] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 581.377955][ T9778] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 581.423931][ T9778] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 581.459495][ T9778] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 581.477254][ T5340] usb 3-1: USB disconnect, device number 15 [ 581.486228][ T9778] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 581.546660][ T9778] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 581.618212][ T9778] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 581.659083][ T9778] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 581.685996][ T46] usb 5-1: USB disconnect, device number 16 [ 581.700956][ T9778] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 581.733312][ T9778] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 581.764620][ T9778] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 581.798390][ T9778] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 581.858281][ T9778] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 581.895645][ T9778] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 581.919004][ T9778] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 581.952357][ T9778] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 581.973279][ T9778] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 582.024548][ T9778] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 582.068754][ T9778] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 582.095392][ T9778] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 582.119773][ T9778] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 582.150099][ T9778] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 582.173459][ T9778] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 582.214386][ T9778] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 582.257780][ T9778] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 582.298375][ T9778] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 582.363000][ T9778] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 582.393626][ T9778] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 582.793046][ T46] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 582.823067][ T30] kauditd_printk_skb: 54 callbacks suppressed [ 582.823086][ T30] audit: type=1400 audit(1722186786.885:1162): avc: denied { unlink } for pid=6755 comm="syz-executor" name="file0" dev="tmpfs" ino=924 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 582.870184][ T2514] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 582.897071][ T2514] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 582.964620][ C0] eth0: bad gso: type: 1, size: 1408 [ 583.031861][ T46] usb 3-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d [ 583.310370][ T46] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 583.318424][ T46] usb 3-1: Product: syz [ 583.320689][ T30] audit: type=1326 audit(1722186787.105:1163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10146 comm="syz.0.1112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ad3577299 code=0x7ffc0000 [ 583.325224][ T46] usb 3-1: Manufacturer: syz [ 583.598378][ T2924] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 583.606496][ T2924] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 583.629009][ T30] audit: type=1326 audit(1722186787.105:1164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10146 comm="syz.0.1112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ad3577299 code=0x7ffc0000 [ 584.017608][ T46] usb 3-1: SerialNumber: syz [ 584.025710][ T30] audit: type=1326 audit(1722186787.115:1165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10146 comm="syz.0.1112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f7ad3577299 code=0x7ffc0000 [ 584.060067][ T46] r8152-cfgselector 3-1: Unknown version 0x0000 [ 584.073194][ T46] r8152-cfgselector 3-1: config 0 descriptor?? [ 584.158540][ T30] audit: type=1326 audit(1722186787.115:1166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10146 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ad3577299 code=0x7ffc0000 [ 584.263958][ T30] audit: type=1326 audit(1722186787.115:1167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10146 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ad3577299 code=0x7ffc0000 [ 584.292414][ T30] audit: type=1326 audit(1722186787.115:1168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10146 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f7ad3577299 code=0x7ffc0000 [ 584.366682][T10166] xt_TPROXY: Can be used only with -p tcp or -p udp [ 584.399518][ T30] audit: type=1326 audit(1722186787.115:1169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10146 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ad3577299 code=0x7ffc0000 [ 584.454840][ T30] audit: type=1326 audit(1722186787.115:1170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10146 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ad3577299 code=0x7ffc0000 [ 584.549051][ T30] audit: type=1326 audit(1722186787.115:1171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10146 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f7ad3577299 code=0x7ffc0000 [ 584.626593][ T5234] Bluetooth: hci6: Controller not accepting commands anymore: ncmd = 0 [ 584.638040][ T5234] Bluetooth: hci6: Injecting HCI hardware error event [ 584.649474][ T5234] Bluetooth: hci6: hardware error 0x00 [ 584.746601][ C0] eth0: bad gso: type: 1, size: 1408 [ 584.920285][ T5304] r8152-cfgselector 3-1: USB disconnect, device number 16 [ 585.768191][T10205] libceph: resolve '0' (ret=-3): failed [ 586.147751][ T9] kernel write not supported for file /127/net/fib_triestat (pid: 9 comm: kworker/0:1) [ 586.393912][T10224] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1123'. [ 586.859448][ T5234] Bluetooth: hci6: Opcode 0x0c03 failed: -110 [ 587.039040][ T9] usb 4-1: new high-speed USB device number 18 using dummy_hcd [ 587.882117][ T9] usb 4-1: Using ep0 maxpacket: 32 [ 588.637219][ T9] usb 4-1: config 0 has an invalid interface number: 1 but max is 0 [ 588.671325][ T9] usb 4-1: config 0 has no interface number 0 [ 588.692903][ T9] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 588.761257][ T9] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 588.799924][ T9] usb 4-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00 [ 588.839768][T10245] netlink: 'syz.0.1129': attribute type 9 has an invalid length. [ 588.846039][ T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 588.899634][ T9] usb 4-1: config 0 descriptor?? [ 588.903041][T10245] netlink: 134712 bytes leftover after parsing attributes in process `syz.0.1129'. [ 589.034528][ T30] kauditd_printk_skb: 57 callbacks suppressed [ 589.034548][ T30] audit: type=1326 audit(1722186793.065:1229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10242 comm="syz.2.1128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f745f777299 code=0x7ffc0000 [ 589.065074][ T30] audit: type=1326 audit(1722186793.065:1230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10242 comm="syz.2.1128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f745f777299 code=0x7ffc0000 [ 589.688919][ T30] audit: type=1326 audit(1722186793.065:1231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10242 comm="syz.2.1128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f745f777299 code=0x7ffc0000 [ 589.779916][ T30] audit: type=1326 audit(1722186793.065:1232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10242 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f745f777299 code=0x7ffc0000 [ 589.856912][ T30] audit: type=1326 audit(1722186793.065:1233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10242 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f745f777299 code=0x7ffc0000 [ 589.895478][ T30] audit: type=1326 audit(1722186793.065:1234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10242 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f745f777299 code=0x7ffc0000 [ 589.962601][ T30] audit: type=1326 audit(1722186793.065:1235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10242 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f745f777299 code=0x7ffc0000 [ 590.068988][ T46] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 590.087264][ T30] audit: type=1326 audit(1722186793.065:1236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10242 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f745f777299 code=0x7ffc0000 [ 590.174102][ T30] audit: type=1326 audit(1722186793.065:1237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10242 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f745f777299 code=0x7ffc0000 [ 590.709462][ T9] uclogic 0003:28BD:0094.000E: failed retrieving string descriptor #100: -71 [ 590.718386][ T9] uclogic 0003:28BD:0094.000E: failed retrieving pen parameters: -71 [ 590.769100][ T46] usb 2-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d [ 590.778660][ T30] audit: type=1326 audit(1722186793.065:1238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10242 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f745f777299 code=0x7ffc0000 [ 590.811909][ T9] uclogic 0003:28BD:0094.000E: pen probing failed: -71 [ 590.839070][ T9] uclogic 0003:28BD:0094.000E: failed probing parameters: -71 [ 590.846781][ T46] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 590.869128][ T9] uclogic 0003:28BD:0094.000E: probe with driver uclogic failed with error -71 [ 590.884884][ T46] usb 2-1: Product: syz [ 590.895643][ T46] usb 2-1: Manufacturer: syz [ 590.933246][ T9] usb 4-1: USB disconnect, device number 18 [ 590.959978][ T46] usb 2-1: SerialNumber: syz [ 590.999545][ T46] r8152-cfgselector 2-1: Unknown version 0x0000 [ 591.005867][ T46] r8152-cfgselector 2-1: config 0 descriptor?? [ 591.127289][T10274] binder: 10271:10274 ioctl c018620b 0 returned -14 [ 591.750402][T10278] netlink: 84 bytes leftover after parsing attributes in process `syz.2.1136'. [ 591.922168][ T5234] Bluetooth: hci5: command 0x0406 tx timeout [ 592.559569][T10287] xt_hashlimit: overflow, try lower: 1125899906842624/8 [ 592.845829][ T5274] r8152-cfgselector 2-1: USB disconnect, device number 16 [ 594.900269][ T4608] Bluetooth: hci3: command 0x0405 tx timeout [ 595.092349][T10292] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1138'. [ 595.300284][T10292] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1138'. [ 596.045242][T10294] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1138'. [ 597.345266][ T5234] Bluetooth: hci5: unexpected event for opcode 0x0c47 [ 599.849656][T10350] netlink: 84 bytes leftover after parsing attributes in process `syz.4.1154'. [ 600.601768][ T30] kauditd_printk_skb: 57 callbacks suppressed [ 600.601790][ T30] audit: type=1400 audit(1722186804.655:1296): avc: denied { setattr } for pid=10355 comm="syz.2.1156" name="/" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1 [ 600.652693][T10359] xt_TPROXY: Can be used only with -p tcp or -p udp [ 600.711365][ T30] audit: type=1400 audit(1722186804.775:1297): avc: denied { write } for pid=10355 comm="syz.2.1156" name="/" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1 [ 601.809166][ T4608] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0 [ 601.820007][ T4608] Bluetooth: hci5: Injecting HCI hardware error event [ 601.831900][ T5238] Bluetooth: hci5: hardware error 0x00 [ 601.951941][ T30] audit: type=1400 audit(1722186805.165:1298): avc: denied { mount } for pid=10340 comm="syz.3.1153" name="/" dev="configfs" ino=1156 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1 [ 602.147989][T10349] overlayfs: failed to resolve './file1': -2 [ 602.219475][ T4608] Bluetooth: hci3: command 0x0405 tx timeout [ 602.449998][ T30] audit: type=1400 audit(1722186806.515:1299): avc: denied { ioctl } for pid=10382 comm="syz.4.1163" path="socket:[31875]" dev="sockfs" ino=31875 ioctlcmd=0x8982 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 604.087323][ T5238] Bluetooth: hci5: Opcode 0x0c03 failed: -110 [ 604.631473][T10399] vim2m vim2m.0: vidioc_s_fmt queue busy [ 605.601218][ T30] audit: type=1400 audit(1722186809.665:1300): avc: denied { unmount } for pid=9778 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1 [ 606.423421][ C0] eth0: bad gso: type: 1, size: 1408 [ 608.248283][T10423] xt_TPROXY: Can be used only with -p tcp or -p udp [ 608.459149][ T5304] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 608.693509][ T5304] usb 2-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d [ 608.719285][ T5304] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 608.740107][ T5304] usb 2-1: Product: syz [ 608.748334][ T5304] usb 2-1: Manufacturer: syz [ 608.765987][ T5304] usb 2-1: SerialNumber: syz [ 608.803734][ T5304] r8152-cfgselector 2-1: Unknown version 0x0000 [ 608.826019][ T5304] r8152-cfgselector 2-1: config 0 descriptor?? [ 609.242278][T10439] 9pnet_fd: Insufficient options for proto=fd [ 609.961881][ T30] audit: type=1400 audit(1722186813.895:1301): avc: denied { mount } for pid=10431 comm="syz.4.1176" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1 [ 610.090325][ T30] audit: type=1400 audit(1722186814.005:1302): avc: denied { unmount } for pid=6755 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1 [ 610.167705][ T9] r8152-cfgselector 2-1: USB disconnect, device number 17 [ 610.469040][ T5340] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 610.479237][ T5304] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 610.690991][ T5304] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 610.721657][ T5340] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 610.755727][ T5304] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 610.781231][ T5340] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 610.808999][ T5304] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 610.833715][ T5340] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 610.849437][ T5340] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 610.863326][ T5304] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 610.873530][ T5304] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 610.885604][ T5304] usb 5-1: Product: syz [ 610.895426][ T5340] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 610.904313][ T5304] usb 5-1: Manufacturer: syz [ 610.916725][ T5304] usb 5-1: SerialNumber: syz [ 610.924051][ T5340] usb 1-1: config 0 descriptor?? [ 610.942267][T10444] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 611.208610][ T5304] usblp 5-1:1.0: usblp0: USB Unidirectional printer dev 17 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 611.330407][T10443] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 611.609251][T10443] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 612.567906][ T30] audit: type=1400 audit(1722186816.625:1303): avc: denied { read write } for pid=10445 comm="syz.4.1178" name="lp0" dev="devtmpfs" ino=2568 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:printer_device_t tclass=chr_file permissive=1 [ 612.612891][ T5304] usb 5-1: USB disconnect, device number 17 [ 612.624258][ T30] audit: type=1400 audit(1722186816.625:1304): avc: denied { open } for pid=10445 comm="syz.4.1178" path="/dev/usb/lp0" dev="devtmpfs" ino=2568 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:printer_device_t tclass=chr_file permissive=1 [ 613.663650][T10469] audit: audit_backlog=65 > audit_backlog_limit=64 [ 613.836991][ T30] audit: type=1326 audit(1722186817.515:1305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10459 comm="syz.1.1182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86ec377299 code=0x7ffc0000 [ 613.866915][T10469] audit: audit_lost=3 audit_rate_limit=0 audit_backlog_limit=64 [ 613.897457][ T30] audit: type=1326 audit(1722186817.515:1306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10459 comm="syz.1.1182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86ec377299 code=0x7ffc0000 [ 613.924224][ T30] audit: type=1326 audit(1722186817.515:1307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10459 comm="syz.1.1182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f86ec377299 code=0x7ffc0000 [ 613.953257][T10469] audit: backlog limit exceeded [ 614.126061][T10469] usblp0: removed [ 614.136007][ T5340] usbhid 1-1:0.0: can't add hid device: -71 [ 614.187115][ T5340] usbhid 1-1:0.0: probe with driver usbhid failed with error -71 [ 614.240342][ T5340] usb 1-1: USB disconnect, device number 8 [ 614.303049][T10479] libceph: resolve '0' (ret=-3): failed [ 615.648970][ T30] kauditd_printk_skb: 65 callbacks suppressed [ 615.648989][ T30] audit: type=1400 audit(1722186819.705:1373): avc: denied { bind } for pid=10503 comm="syz.4.1193" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 616.738986][ T46] usb 4-1: new high-speed USB device number 19 using dummy_hcd [ 616.951839][T10523] netlink: 88 bytes leftover after parsing attributes in process `syz.4.1198'. [ 616.973851][ T46] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 617.013087][ T46] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 617.048925][ T46] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 617.102894][ T46] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 617.155803][ T46] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 617.202879][ T46] usb 4-1: Product: syz [ 617.208366][ T46] usb 4-1: Manufacturer: syz [ 617.214175][ T46] usb 4-1: SerialNumber: syz [ 618.866416][ T46] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 19 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 620.034125][ T5304] usb 4-1: USB disconnect, device number 19 [ 620.056352][ T5304] usblp0: removed [ 620.277376][T10521] overlayfs: failed to resolve './file1': -2 [ 620.789626][ T46] usb 2-1: new high-speed USB device number 18 using dummy_hcd [ 621.042062][ T46] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 621.121478][ T46] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 621.150761][ T46] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 621.189101][ T46] usb 2-1: SerialNumber: syz [ 621.430532][T10562] vim2m vim2m.0: vidioc_s_fmt queue busy [ 621.624581][ T46] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 621.678999][ T46] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 621.716130][ T46] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 621.717069][T10570] overlayfs: failed to get index nlink (file1/file0, err=-61) [ 621.791376][ T46] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 621.829752][ T46] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 621.858167][ T46] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 621.929034][ T46] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 621.946788][ T46] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 621.963060][ T46] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 621.982446][T10575] overlayfs: failed to resolve './file1': -2 [ 622.023135][ T46] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 622.047898][ T46] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 622.064995][ T46] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 622.088629][ T46] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 622.133692][ T46] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 622.172775][ T46] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 622.210580][ T46] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 622.249761][ T46] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 622.257207][ T46] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 622.312715][ T46] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 622.333962][ T46] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 622.352119][ T46] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 622.383972][ T46] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 622.417388][ T46] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 622.438948][ T46] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 622.468060][ T46] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 622.506649][ T46] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 622.707412][ T46] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 623.588057][ T46] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 623.598163][ T46] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 623.616952][ T46] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 623.650201][ T46] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 623.677324][ T46] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 623.715370][ T46] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 623.752301][ T46] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 623.780060][ T46] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 623.820209][ T46] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 623.883620][ T46] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 623.892436][ T46] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 623.904307][ T46] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 623.936631][ T46] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 623.973193][ T30] audit: type=1400 audit(1722186828.035:1374): avc: denied { name_bind } for pid=10587 comm="syz.3.1218" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1 [ 624.002519][ T46] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 624.040642][ T46] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 624.066486][ T46] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 624.103153][ T46] hid-generic 0000:0000:0000.000F: hidraw0: HID v0.00 Device [syz0] on syz0 [ 624.164201][ T1849] usb 2-1: USB disconnect, device number 18 [ 624.947313][ T1259] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.953785][ T1259] ieee802154 phy1 wpan1: encryption failed: -22 [ 626.371869][T10607] netlink: 'syz.3.1223': attribute type 1 has an invalid length. [ 626.419282][T10607] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1223'. [ 626.432579][T10616] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1225'. [ 626.519756][T10603] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1223'. [ 626.560269][T10603] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1223'. [ 626.602097][T10620] vim2m vim2m.0: vidioc_s_fmt queue busy [ 627.469509][ T5274] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 628.457855][ T5274] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 628.482851][ T5274] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 628.498584][ T5274] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 628.566175][ T5274] usb 5-1: SerialNumber: syz [ 628.579248][T10649] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1239'. [ 629.088704][ T46] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 629.112835][ T46] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 629.141366][ T46] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 629.169667][ T46] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 629.200520][ T46] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 629.257767][ T46] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 629.282204][ T46] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 629.317409][ T46] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 629.345568][ T46] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 629.355276][ T46] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 629.369733][ T46] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 629.402224][ T46] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 629.466429][ T46] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 629.495271][ T46] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 629.520165][ T46] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 629.528542][ T46] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 629.563350][ T46] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 629.580140][ T46] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 629.637817][ T46] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 629.700803][ T46] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 629.711286][T10667] netlink: 'syz.2.1241': attribute type 1 has an invalid length. [ 629.739101][ T46] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 629.752686][T10667] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1241'. [ 629.779018][ T46] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 629.788633][ T46] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 629.814284][ T46] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 629.831017][ T46] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 629.897948][T10662] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1241'. [ 629.907798][ T46] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 629.923963][ T46] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 629.946401][ T46] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 629.994371][ T46] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 630.009455][T10662] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1241'. [ 630.028228][ T46] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 630.058583][ T46] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 630.108756][ T46] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 630.134858][ T46] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 630.173373][ T46] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 630.210460][ T46] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 630.242701][ T46] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 630.258243][ T46] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 630.281538][ T46] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 630.316921][ T46] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 630.349031][ T46] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 630.385052][ T46] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 630.420213][ T46] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 630.453276][ T46] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 630.520051][ T46] hid-generic 0000:0000:0000.0010: hidraw0: HID v0.00 Device [syz0] on syz0 [ 630.604258][ T46] usb 5-1: USB disconnect, device number 18 [ 631.240433][T10686] ieee802154 phy0 wpan0: encryption failed: -22 [ 632.329208][ T30] audit: type=1400 audit(1722186836.385:1375): avc: denied { relabelfrom } for pid=10679 comm="syz.2.1247" name="" dev="pipefs" ino=32519 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1 [ 632.351799][ C1] vkms_vblank_simulate: vblank timer overrun [ 632.930069][ T30] audit: type=1401 audit(1722186836.385:1376): op=setxattr invalid_context=73797374656D5F753A6F626A6563745F723A646863705F73746174655F743A7330000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073656375726974792E73656C696E7578000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 [ 634.529871][T10701] IPv6: NLM_F_REPLACE set, but no existing node found! [ 634.621190][ C1] vkms_vblank_simulate: vblank timer overrun [ 634.736364][T10706] trusted_key: syz.4.1252 sent an empty control message without MSG_MORE. [ 635.799439][T10701] netlink: 88 bytes leftover after parsing attributes in process `syz.3.1250'. [ 636.073257][ T30] audit: type=1400 audit(1722186840.135:1377): avc: denied { getopt } for pid=10704 comm="syz.1.1253" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 636.257590][T10718] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1257'. [ 636.303725][T10718] nbd: must specify at least one socket [ 636.641419][T10729] 9pnet_fd: Insufficient options for proto=fd [ 637.538192][T10734] 8021q: VLANs not supported on lo [ 637.885846][ T30] audit: type=1400 audit(1722186841.945:1378): avc: denied { ioctl } for pid=10735 comm="syz.0.1261" path="socket:[32584]" dev="sockfs" ino=32584 ioctlcmd=0x8946 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 638.972075][ C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 639.676277][T10746] netlink: 'syz.1.1264': attribute type 1 has an invalid length. [ 639.719095][T10746] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1264'. [ 639.779920][T10750] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1264'. [ 639.978566][T10746] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1264'. [ 640.359910][T10767] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1270'. [ 640.391237][T10767] nbd: must specify at least one socket [ 640.687033][T10776] ALSA: mixer_oss: invalid OSS volume '' [ 641.208336][T10769] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 643.474263][ T30] audit: type=1400 audit(1722186847.415:1379): avc: denied { mount } for pid=10786 comm="syz.1.1274" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1 [ 644.984149][T10808] netlink: 84 bytes leftover after parsing attributes in process `syz.3.1279'. [ 646.714336][T10822] netlink: 'syz.3.1281': attribute type 1 has an invalid length. [ 646.767618][T10822] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1281'. [ 646.820786][T10831] cgroup: noprefix used incorrectly [ 646.843281][T10816] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1281'. [ 646.893440][T10822] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1281'. [ 647.019153][ T5304] usb 5-1: new high-speed USB device number 19 using dummy_hcd [ 647.262076][ T5234] Bluetooth: hci3: command 0x0405 tx timeout [ 647.275490][ T5304] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 647.291232][ T5304] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 647.309014][ T5304] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 647.317189][ T5304] usb 5-1: SerialNumber: syz [ 648.684129][T10847] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1289'. [ 648.738637][T10847] nbd: must specify at least one socket [ 648.814411][ T5274] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 648.843931][ T5274] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 648.872797][ T5274] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 648.908957][ T5274] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 648.947948][ T5274] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 648.975957][ T5274] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 649.010988][ T5274] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 649.029159][ T5274] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 649.059189][ T5274] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 649.085433][ T5274] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 649.107487][ T5274] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 649.115923][ T5274] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 649.133224][ T5274] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 649.164339][ T5274] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 649.187732][ T5274] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 649.219523][ T5274] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 649.249009][ T5274] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 649.293035][ T5274] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 649.325754][ T5274] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 649.356137][ T30] audit: type=1400 audit(1722186853.415:1380): avc: denied { ioctl } for pid=10856 comm="syz.2.1292" path="socket:[34854]" dev="sockfs" ino=34854 ioctlcmd=0x5411 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 649.391843][ T5274] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 649.403928][T10858] dccp_close: ABORT with 68 bytes unread [ 649.410045][ T5274] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 649.410209][ T5274] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 649.410345][ T5274] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 649.410480][ T5274] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 649.410615][ T5274] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 649.410751][ T5274] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 649.410891][ T5274] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 649.411025][ T5274] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 649.411159][ T5274] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 649.411295][ T5274] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 649.411428][ T5274] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 649.411563][ T5274] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 649.411697][ T5274] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 649.411839][ T5274] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 649.412073][ T5274] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 649.412210][ T5274] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 649.412345][ T5274] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 649.412479][ T5274] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 649.412614][ T5274] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 649.412748][ T5274] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 649.412888][ T5274] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 649.413023][ T5274] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 649.413159][ T5274] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 649.493067][ T5274] hid-generic 0000:0000:0000.0011: hidraw0: HID v0.00 Device [syz0] on syz0 [ 649.846686][ T5274] usb 5-1: USB disconnect, device number 19 [ 652.183414][T10891] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1300'. [ 652.614031][T10901] 9pnet_fd: Insufficient options for proto=fd [ 654.705136][ T30] audit: type=1400 audit(1722186858.765:1381): avc: denied { connect } for pid=10923 comm="syz.0.1312" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 654.738474][ T30] audit: type=1400 audit(1722186858.765:1382): avc: denied { read } for pid=10923 comm="syz.0.1312" laddr=fe80::11 lport=6 faddr=ff01::1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 654.879060][ T30] audit: type=1400 audit(1722186858.925:1383): avc: denied { mount } for pid=10929 comm="syz.0.1314" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1 [ 654.954729][ T30] audit: type=1400 audit(1722186858.985:1384): avc: denied { mounton } for pid=10929 comm="syz.0.1314" path="/78/file0" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=dir permissive=1 [ 655.032783][ T5275] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 655.149040][ T9836] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 655.367176][T10936] netlink: 84 bytes leftover after parsing attributes in process `syz.1.1311'. [ 655.965850][ T5275] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 655.965977][ T9836] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 655.978891][ T5275] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 655.995357][ T5275] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 656.033394][ T5275] usb 3-1: SerialNumber: syz [ 656.180376][ T9836] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 656.228986][ T9836] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 656.283564][ T9836] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 656.429381][ T9836] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 656.437390][ T9836] usb 5-1: Product: syz [ 656.560293][T10944] ieee802154 phy0 wpan0: encryption failed: -22 [ 657.339474][ T9836] usb 5-1: Manufacturer: syz [ 657.344136][ T9836] usb 5-1: SerialNumber: syz [ 657.750483][ T5234] Bluetooth: hci3: command 0x0405 tx timeout [ 658.110342][ T5278] usb 3-1: USB disconnect, device number 17 [ 658.244576][ T9836] usblp 5-1:1.0: usblp0: USB Unidirectional printer dev 20 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 659.115639][ T9836] usb 5-1: USB disconnect, device number 20 [ 659.128497][ T9836] usblp0: removed [ 660.595388][T10953] 9pnet_fd: Insufficient options for proto=fd [ 661.400542][ T30] audit: type=1400 audit(1722186865.465:1385): avc: denied { map } for pid=10978 comm="syz.3.1325" path="/dev/sg0" dev="devtmpfs" ino=699 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 661.908941][T10994] ieee802154 phy0 wpan0: encryption failed: -22 [ 668.661920][ T30] audit: type=1400 audit(1722186872.715:1386): avc: denied { mounton } for pid=10996 comm="syz.1.1331" path="/159/file0" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=dir permissive=1 [ 668.743256][T11006] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 669.393542][T11021] 9pnet_fd: Insufficient options for proto=fd [ 670.545253][ T30] audit: type=1400 audit(1722186874.605:1387): avc: denied { unmount } for pid=7531 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1 [ 670.642783][ T30] audit: type=1400 audit(1722186874.705:1388): avc: denied { mounton } for pid=11028 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 670.723358][ T5234] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 670.736111][ T5234] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 670.745550][ T5234] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 670.756379][ T5234] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 670.766091][ T5234] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 670.773803][ T5234] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 671.409460][ T9836] usb 2-1: new high-speed USB device number 19 using dummy_hcd [ 671.884622][T11050] ieee802154 phy0 wpan0: encryption failed: -22 [ 674.581172][ T5234] Bluetooth: hci4: command tx timeout [ 674.588231][ T5234] Bluetooth: hci3: command 0x0405 tx timeout [ 674.730942][ T9] usb 4-1: new high-speed USB device number 20 using dummy_hcd [ 674.895360][ T9836] usb 2-1: unable to read config index 0 descriptor/start: -71 [ 674.938260][ T9836] usb 2-1: can't read configurations, error -71 [ 675.106428][ T30] audit: type=1400 audit(1722186879.165:1389): avc: denied { listen } for pid=11052 comm="syz.0.1344" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 676.164639][ T2924] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 676.520852][ T2924] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 676.619168][ T5238] Bluetooth: hci4: command tx timeout [ 676.717235][ T2924] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 676.747575][T11028] chnl_net:caif_netlink_parms(): no params data found [ 676.849130][ T9836] usb 4-1: new high-speed USB device number 21 using dummy_hcd [ 677.049691][ T2924] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 677.083400][ T30] audit: type=1400 audit(1722186881.135:1390): avc: denied { setopt } for pid=11069 comm="syz.1.1349" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 677.131639][ T9836] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 677.608269][ T30] audit: type=1400 audit(1722186881.135:1391): avc: denied { mounton } for pid=11069 comm="syz.1.1349" path="/163/file0" dev="tmpfs" ino=878 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 677.633846][ T9836] usb 4-1: New USB device found, idVendor=0698, idProduct=2003, bcdDevice=25.06 [ 677.643296][ T9836] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 677.651981][ T9836] usb 4-1: Product: syz [ 677.656186][ T9836] usb 4-1: Manufacturer: syz [ 677.663257][ T9836] usb 4-1: SerialNumber: syz [ 677.684395][ T9836] usb 4-1: config 0 descriptor?? [ 677.802689][ T9836] gspca_main: gspca_zc3xx-2.14.0 probing 0698:2003 [ 678.084162][T11087] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1353'. [ 678.097927][T11028] bridge0: port 1(bridge_slave_0) entered blocking state [ 678.122774][T11028] bridge0: port 1(bridge_slave_0) entered disabled state [ 678.139304][T11028] bridge_slave_0: entered allmulticast mode [ 678.172771][T11028] bridge_slave_0: entered promiscuous mode [ 678.226189][T11074] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 678.260110][T11074] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 678.275072][T11028] bridge0: port 2(bridge_slave_1) entered blocking state [ 678.299402][T11028] bridge0: port 2(bridge_slave_1) entered disabled state [ 678.299698][ T30] audit: type=1400 audit(1722186882.355:1392): avc: denied { write } for pid=11092 comm="syz.1.1354" name="fd" dev="proc" ino=34590 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1 [ 678.306709][T11028] bridge_slave_1: entered allmulticast mode [ 678.520265][ T9836] gspca_zc3xx: reg_w_i err -110 [ 678.685478][T11074] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 678.815690][ T30] audit: type=1400 audit(1722186882.395:1393): avc: denied { add_name } for pid=11092 comm="syz.1.1354" name="core" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1 [ 678.827114][ T5238] Bluetooth: hci4: command tx timeout [ 678.920032][T11074] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 678.930444][T11028] bridge_slave_1: entered promiscuous mode [ 678.985447][ T30] audit: type=1400 audit(1722186882.395:1394): avc: denied { create } for pid=11092 comm="syz.1.1354" name="core" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=file permissive=1 [ 679.074797][ T30] audit: type=1400 audit(1722186882.395:1395): avc: denied { associate } for pid=11092 comm="syz.1.1354" name="core" scontext=root:object_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 679.252020][T11028] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 679.292043][T11028] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 679.418984][ T9836] gspca_zc3xx: Unknown sensor - set to TAS5130C [ 679.425347][ T9836] gspca_zc3xx 4-1:0.0: probe with driver gspca_zc3xx failed with error -110 [ 679.453789][ T2924] team0: left allmulticast mode [ 679.468881][ T2924] team_slave_0: left allmulticast mode [ 679.489861][ T2924] team_slave_1: left allmulticast mode [ 679.512864][ T2924] bridge0: port 3(team0) entered disabled state [ 679.565263][ T2924] bridge_slave_1: left allmulticast mode [ 679.591302][ T9836] usb 4-1: USB disconnect, device number 21 [ 679.608292][T11031] udevd[11031]: failed to send result of seq 18662 to main daemon: Connection refused [ 679.629205][ T2924] bridge_slave_1: left promiscuous mode [ 679.743021][T11105] ALSA: mixer_oss: invalid OSS volume '' [ 680.375054][T11101] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 680.954975][ T5238] Bluetooth: hci4: command tx timeout [ 680.961738][ T2924] bridge0: port 2(bridge_slave_1) entered disabled state [ 681.674546][ T2924] bridge_slave_0: left allmulticast mode [ 681.724676][ T2924] bridge_slave_0: left promiscuous mode [ 681.781454][ T2924] bridge0: port 1(bridge_slave_0) entered disabled state [ 682.539610][T11129] ieee802154 phy0 wpan0: encryption failed: -22 [ 682.863998][ T5278] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 683.480787][ T5278] usb 3-1: config 0 has no interfaces? [ 683.486344][ T5278] usb 3-1: New USB device found, idVendor=0c45, idProduct=60aa, bcdDevice=43.d9 [ 683.496031][ T5278] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 683.528274][ T5278] usb 3-1: config 0 descriptor?? [ 683.923324][T11127] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 683.932385][T11127] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 684.077686][ T5340] usb 3-1: USB disconnect, device number 18 [ 684.228378][ T2924] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 684.242379][ T2924] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 684.260474][ T2924] bond0 (unregistering): Released all slaves [ 684.283046][ T2924] bond1 (unregistering): Released all slaves [ 684.323608][T11028] team0: Port device team_slave_0 added [ 684.499497][T11028] team0: Port device team_slave_1 added [ 684.953032][T11028] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 685.005254][T11028] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 685.129858][T11028] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 685.143724][T11028] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 685.153166][T11028] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 685.180301][T11028] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 685.225052][T11148] block device autoloading is deprecated and will be removed. [ 685.236952][T11148] syz.0.1367: attempt to access beyond end of device [ 685.236952][T11148] loop1: rw=0, sector=0, nr_sectors = 1 limit=0 [ 685.252135][T11148] FAT-fs (loop1): unable to read boot sector [ 685.644845][ T30] audit: type=1400 audit(1722187145.678:1396): avc: denied { ioctl } for pid=7531 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=2597 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 687.159272][ T1259] ieee802154 phy0 wpan0: encryption failed: -22 [ 687.338220][ T1259] ieee802154 phy1 wpan1: encryption failed: -22 [ 689.622199][T11028] hsr_slave_0: entered promiscuous mode [ 691.426391][T11028] hsr_slave_1: entered promiscuous mode [ 691.498592][T11028] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 691.558496][T11028] Cannot create hsr debugfs directory [ 694.448981][ T5340] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 694.669972][ T5340] usb 1-1: config 0 has an invalid interface number: 214 but max is 0 [ 694.700825][ T5340] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 694.739205][ T5340] usb 1-1: config 0 has no interface number 0 [ 694.755792][ T5340] usb 1-1: too many endpoints for config 0 interface 214 altsetting 20: 43, using maximum allowed: 30 [ 694.807133][ T5340] usb 1-1: config 0 interface 214 altsetting 20 has 0 endpoint descriptors, different from the interface descriptor's value: 43 [ 694.868948][ T5340] usb 1-1: config 0 interface 214 has no altsetting 0 [ 694.936100][ T5340] usb 1-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00 [ 694.986286][T11204] ALSA: mixer_oss: invalid OSS volume '' [ 695.058454][ T5340] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 695.822972][T11200] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 697.515836][ T5340] usb 1-1: config 0 descriptor?? [ 697.529416][ T5340] usb 1-1: can't set config #0, error -71 [ 697.595685][ T5340] usb 1-1: USB disconnect, device number 9 [ 698.038609][ T5340] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 698.165423][ T2924] hsr_slave_0: left promiscuous mode [ 698.374443][ T5340] usb 1-1: config 0 has no interfaces? [ 698.666351][ T5340] usb 1-1: New USB device found, idVendor=0c45, idProduct=60aa, bcdDevice=43.d9 [ 698.700129][ T5340] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 698.720678][ T2924] hsr_slave_1: left promiscuous mode [ 698.744104][ T5340] usb 1-1: config 0 descriptor?? [ 698.782519][ T2924] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 698.811477][ T2924] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 698.912530][ T2924] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 698.924866][ T2924] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 699.009343][ T5234] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 699.029956][ T5234] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 699.040506][ T5234] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 699.059158][ T5234] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 699.083437][ T2924] veth1_macvtap: left promiscuous mode [ 699.093818][ T5234] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 699.101646][ T5234] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 699.179548][ T2924] veth0_macvtap: left promiscuous mode [ 699.212214][ T2924] veth1_vlan: left promiscuous mode [ 699.217842][ T2924] veth0_vlan: left promiscuous mode [ 699.557132][T11221] syz.3.1382: attempt to access beyond end of device [ 699.557132][T11221] loop7: rw=0, sector=0, nr_sectors = 1 limit=0 [ 699.570060][T11221] FAT-fs (loop7): unable to read boot sector [ 699.590485][T11207] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 699.628546][T11207] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 699.772867][ T5340] usb 1-1: USB disconnect, device number 10 [ 701.091424][ T5340] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 701.149187][ T9] usb 4-1: new high-speed USB device number 22 using dummy_hcd [ 701.247235][ T5234] Bluetooth: hci1: command tx timeout [ 701.365956][ T5340] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 701.402037][ T5340] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 701.432477][ T5340] usb 1-1: Product: syz [ 701.436692][ T5340] usb 1-1: Manufacturer: syz [ 701.452272][ T9] usb 4-1: config 0 has an invalid interface number: 214 but max is 0 [ 701.498113][ T9] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 701.514527][ T5340] usb 1-1: SerialNumber: syz [ 701.543166][ T5340] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 701.568749][ T9] usb 4-1: config 0 has no interface number 0 [ 701.586387][ T1174] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 701.606232][ T9] usb 4-1: too many endpoints for config 0 interface 214 altsetting 20: 43, using maximum allowed: 30 [ 701.689128][ T9] usb 4-1: config 0 interface 214 altsetting 20 has 0 endpoint descriptors, different from the interface descriptor's value: 43 [ 701.768445][ T9] usb 4-1: config 0 interface 214 has no altsetting 0 [ 701.834415][ T9] usb 4-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00 [ 701.913763][ T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 702.001018][ T9] usb 4-1: config 0 descriptor?? [ 702.363526][ C0] hrtimer: interrupt took 14710886 ns [ 703.519352][ T5234] Bluetooth: hci1: command tx timeout [ 704.816489][ T2924] team_slave_1 (unregistering): left promiscuous mode [ 705.132221][ T2924] team0 (unregistering): Port device team_slave_1 removed [ 705.589182][ T5234] Bluetooth: hci1: command tx timeout [ 707.225911][ T2924] team_slave_0 (unregistering): left promiscuous mode [ 707.486732][ T2924] team0 (unregistering): Port device team_slave_0 removed [ 707.679202][ T5234] Bluetooth: hci1: command tx timeout [ 712.095356][ T5238] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 712.108782][ T5238] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 712.119837][ T5238] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 712.128633][ T5238] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 712.142381][ T5238] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 712.150761][ T5238] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 712.715789][T11269] chnl_net:caif_netlink_parms(): no params data found [ 712.984406][ T30] audit: type=1400 audit(1722187173.038:1397): avc: denied { sys_chroot } for pid=11267 comm="dhcpcd" capability=18 scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability permissive=1 [ 713.024730][ T30] audit: type=1400 audit(1722187173.068:1398): avc: denied { setgid } for pid=11267 comm="dhcpcd" capability=6 scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability permissive=1 [ 714.199597][T11269] bridge0: port 1(bridge_slave_0) entered blocking state [ 714.206910][T11269] bridge0: port 1(bridge_slave_0) entered disabled state [ 714.226653][T11269] bridge_slave_0: entered allmulticast mode [ 714.235040][ T5234] Bluetooth: hci7: command tx timeout [ 714.261289][T11269] bridge_slave_0: entered promiscuous mode [ 714.278450][T11269] bridge0: port 2(bridge_slave_1) entered blocking state [ 714.297286][T11269] bridge0: port 2(bridge_slave_1) entered disabled state [ 714.317947][T11269] bridge_slave_1: entered allmulticast mode [ 714.326661][T11269] bridge_slave_1: entered promiscuous mode [ 714.715796][T11269] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 714.768368][T11269] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 715.135362][T11269] team0: Port device team_slave_0 added [ 715.164384][T11269] team0: Port device team_slave_1 added [ 715.432008][T11269] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 715.449830][T11269] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 715.508817][T11269] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 715.538240][T11269] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 715.557148][T11269] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 715.605926][T11269] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 716.114516][T11269] hsr_slave_0: entered promiscuous mode [ 716.200737][T11269] hsr_slave_1: entered promiscuous mode [ 716.278120][T11269] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 716.288882][T11269] Cannot create hsr debugfs directory [ 716.309110][ T5234] Bluetooth: hci7: command tx timeout [ 718.213863][ T5238] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 718.228222][ T5238] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 718.257294][ T5238] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 718.270765][ T5238] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 718.279358][ T5238] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3 [ 718.286956][ T5238] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 718.379376][ T5234] Bluetooth: hci7: command tx timeout [ 718.878410][T11280] chnl_net:caif_netlink_parms(): no params data found [ 719.670797][T11280] bridge0: port 1(bridge_slave_0) entered blocking state [ 719.678006][T11280] bridge0: port 1(bridge_slave_0) entered disabled state [ 719.701040][T11280] bridge_slave_0: entered allmulticast mode [ 719.713667][T11280] bridge_slave_0: entered promiscuous mode [ 719.732937][T11280] bridge0: port 2(bridge_slave_1) entered blocking state [ 719.747085][T11280] bridge0: port 2(bridge_slave_1) entered disabled state [ 719.790119][T11280] bridge_slave_1: entered allmulticast mode [ 719.809312][T11280] bridge_slave_1: entered promiscuous mode [ 720.400852][ T5234] Bluetooth: hci8: command tx timeout [ 720.469743][ T5234] Bluetooth: hci7: command tx timeout [ 720.672349][T11280] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 720.746743][T11280] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 720.999957][ T5238] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 721.025094][ T5238] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 721.034759][ T5238] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 721.080608][ T5238] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 721.096150][ T5238] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3 [ 721.117578][ T5238] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 721.690376][T11280] team0: Port device team_slave_0 added [ 721.717933][T11280] team0: Port device team_slave_1 added [ 722.280085][T11280] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 722.287076][T11280] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 722.346118][T11280] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 722.373731][T11280] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 722.386484][T11280] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 722.422500][T11280] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 722.471828][ T5238] Bluetooth: hci8: command tx timeout [ 723.195575][ T5238] Bluetooth: hci9: command tx timeout [ 723.374569][T11280] hsr_slave_0: entered promiscuous mode [ 723.549923][T11280] hsr_slave_1: entered promiscuous mode [ 723.647317][T11280] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 723.674051][T11280] Cannot create hsr debugfs directory [ 724.549200][ T5238] Bluetooth: hci8: command tx timeout [ 725.269703][ T5238] Bluetooth: hci9: command tx timeout [ 726.629276][ T5238] Bluetooth: hci8: command tx timeout [ 727.350252][ T5238] Bluetooth: hci9: command tx timeout [ 729.429587][ T5234] Bluetooth: hci9: command tx timeout [ 729.450677][ T5234] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 729.462755][ T5234] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 729.473220][ T5234] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 729.482392][ T5234] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 729.492112][ T5234] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3 [ 729.500397][ T5234] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 730.127486][T11292] chnl_net:caif_netlink_parms(): no params data found [ 731.240537][T11292] bridge0: port 1(bridge_slave_0) entered blocking state [ 731.247845][T11292] bridge0: port 1(bridge_slave_0) entered disabled state [ 731.287096][T11292] bridge_slave_0: entered allmulticast mode [ 731.313735][T11292] bridge_slave_0: entered promiscuous mode [ 731.333736][T11292] bridge0: port 2(bridge_slave_1) entered blocking state [ 731.349363][T11292] bridge0: port 2(bridge_slave_1) entered disabled state [ 731.356898][T11292] bridge_slave_1: entered allmulticast mode [ 731.379340][T11292] bridge_slave_1: entered promiscuous mode [ 731.579301][ T5234] Bluetooth: hci10: command tx timeout [ 732.051145][T11292] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 732.091084][T11292] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 732.831287][T11292] team0: Port device team_slave_0 added [ 732.881205][T11292] team0: Port device team_slave_1 added [ 733.561657][T11292] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 733.568730][T11292] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 733.627593][T11292] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 733.648355][T11292] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 733.673343][ T5234] Bluetooth: hci10: command tx timeout [ 733.680482][T11292] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 733.724940][T11292] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 734.772416][T11292] hsr_slave_0: entered promiscuous mode [ 734.832629][T11292] hsr_slave_1: entered promiscuous mode [ 735.118272][T11292] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 735.145777][T11292] Cannot create hsr debugfs directory [ 735.749177][ T5234] Bluetooth: hci10: command tx timeout [ 737.829218][ T5234] Bluetooth: hci10: command tx timeout [ 748.046671][ T1259] ieee802154 phy0 wpan0: encryption failed: -22 [ 748.053254][ T1259] ieee802154 phy1 wpan1: encryption failed: -22 [ 759.286439][ T5238] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 759.297747][ T5238] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 759.307867][ T5238] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 759.320144][ T5238] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 759.329765][ T5238] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3 [ 759.337431][ T5238] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 759.956168][T11301] chnl_net:caif_netlink_parms(): no params data found [ 761.429415][ T5238] Bluetooth: hci11: command tx timeout [ 761.868366][T11301] bridge0: port 1(bridge_slave_0) entered blocking state [ 761.899087][T11301] bridge0: port 1(bridge_slave_0) entered disabled state [ 761.906572][T11301] bridge_slave_0: entered allmulticast mode [ 761.931534][T11301] bridge_slave_0: entered promiscuous mode [ 761.959588][T11301] bridge0: port 2(bridge_slave_1) entered blocking state [ 761.966788][T11301] bridge0: port 2(bridge_slave_1) entered disabled state [ 761.975122][T11301] bridge_slave_1: entered allmulticast mode [ 761.983795][T11301] bridge_slave_1: entered promiscuous mode [ 762.572664][T11301] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 762.615839][T11301] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 763.509398][ T5238] Bluetooth: hci11: command tx timeout [ 764.379096][T11301] team0: Port device team_slave_0 added [ 764.421000][T11301] team0: Port device team_slave_1 added [ 765.028589][T11301] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 765.058928][T11301] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 765.139100][T11301] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 765.162329][T11301] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 765.179650][T11301] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 765.227021][T11301] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 765.589335][ T5238] Bluetooth: hci11: command tx timeout [ 766.066445][T11301] hsr_slave_0: entered promiscuous mode [ 766.191109][T11301] hsr_slave_1: entered promiscuous mode [ 766.421972][T11301] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 766.441439][T11301] Cannot create hsr debugfs directory [ 767.669277][ T5238] Bluetooth: hci11: command tx timeout [ 772.669602][ T5238] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 772.682186][ T5238] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 772.691676][ T5238] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 772.703794][ T5238] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 772.715058][ T5238] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3 [ 772.724262][ T5238] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2 [ 773.421858][T11310] chnl_net:caif_netlink_parms(): no params data found [ 774.785109][ T5238] Bluetooth: hci12: command tx timeout [ 775.194922][T11310] bridge0: port 1(bridge_slave_0) entered blocking state [ 775.229361][T11310] bridge0: port 1(bridge_slave_0) entered disabled state [ 775.236839][T11310] bridge_slave_0: entered allmulticast mode [ 775.271421][T11310] bridge_slave_0: entered promiscuous mode [ 775.300920][T11310] bridge0: port 2(bridge_slave_1) entered blocking state [ 775.308140][T11310] bridge0: port 2(bridge_slave_1) entered disabled state [ 775.328701][T11310] bridge_slave_1: entered allmulticast mode [ 775.341253][T11310] bridge_slave_1: entered promiscuous mode [ 776.003383][T11310] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 776.048144][T11310] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 776.859672][ T5238] Bluetooth: hci12: command tx timeout [ 776.871889][T11310] team0: Port device team_slave_0 added [ 776.907541][T11310] team0: Port device team_slave_1 added [ 778.020573][T11310] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 778.058960][T11310] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 778.157691][T11310] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 778.199199][T11310] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 778.206191][T11310] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 778.328991][T11310] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 778.900799][ T5234] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1 [ 778.912895][ T5234] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9 [ 778.923233][ T5234] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9 [ 778.932757][ T5234] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4 [ 778.941284][ T5234] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3 [ 778.952528][ T5234] Bluetooth: hci12: command tx timeout [ 778.958722][ T5234] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2 [ 779.615684][T11310] hsr_slave_0: entered promiscuous mode [ 780.027816][T11310] hsr_slave_1: entered promiscuous mode [ 780.169619][T11310] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 780.189103][T11310] Cannot create hsr debugfs directory [ 781.029518][T11321] Bluetooth: hci12: command tx timeout [ 781.035190][ T5234] Bluetooth: hci13: command tx timeout [ 781.850917][T11321] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1 [ 781.864084][T11321] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9 [ 781.873521][T11321] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9 [ 781.882686][T11321] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4 [ 781.892727][T11321] Bluetooth: hci14: unexpected cc 0x0c25 length: 249 > 3 [ 781.900818][T11321] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2 [ 783.112071][T11321] Bluetooth: hci13: command tx timeout [ 783.989338][T11321] Bluetooth: hci14: command tx timeout [ 785.189314][T11321] Bluetooth: hci13: command tx timeout [ 786.069235][T11321] Bluetooth: hci14: command tx timeout [ 787.268895][T11321] Bluetooth: hci13: command tx timeout [ 788.153291][T11321] Bluetooth: hci14: command tx timeout [ 789.692393][ T5234] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1 [ 789.707067][ T5234] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9 [ 789.716958][ T5234] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9 [ 789.727169][ T5234] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4 [ 789.735977][ T5234] Bluetooth: hci15: unexpected cc 0x0c25 length: 249 > 3 [ 789.746265][ T5234] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2 [ 790.237505][ T5234] Bluetooth: hci14: command tx timeout [ 790.449934][T11326] chnl_net:caif_netlink_parms(): no params data found [ 791.620090][T11326] bridge0: port 1(bridge_slave_0) entered blocking state [ 791.627301][T11326] bridge0: port 1(bridge_slave_0) entered disabled state [ 791.678282][T11326] bridge_slave_0: entered allmulticast mode [ 791.703534][T11326] bridge_slave_0: entered promiscuous mode [ 791.722723][T11326] bridge0: port 2(bridge_slave_1) entered blocking state [ 791.739480][T11326] bridge0: port 2(bridge_slave_1) entered disabled state [ 791.782963][T11326] bridge_slave_1: entered allmulticast mode [ 791.805393][T11326] bridge_slave_1: entered promiscuous mode [ 791.829469][ T5234] Bluetooth: hci15: command tx timeout [ 792.618358][T11326] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 792.676136][T11326] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 793.153518][T11326] team0: Port device team_slave_0 added [ 793.187831][T11326] team0: Port device team_slave_1 added [ 793.565360][T11326] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 793.609038][T11326] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 793.656764][T11326] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 793.694528][T11326] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 793.708888][T11326] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 793.793805][T11326] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 793.918738][ T5234] Bluetooth: hci15: command tx timeout [ 796.000295][ T5234] Bluetooth: hci15: command tx timeout [ 796.005844][ T5234] Bluetooth: hci4: command 0x0406 tx timeout [ 797.643039][T11326] hsr_slave_0: entered promiscuous mode [ 797.810059][T11326] hsr_slave_1: entered promiscuous mode [ 798.003156][T11326] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 798.019179][T11326] Cannot create hsr debugfs directory [ 798.069920][T11321] Bluetooth: hci15: command tx timeout [ 809.797572][ T1259] ieee802154 phy0 wpan0: encryption failed: -22 [ 809.803963][ T1259] ieee802154 phy1 wpan1: encryption failed: -22 [ 819.778623][ T4608] Bluetooth: hci16: unexpected cc 0x0c03 length: 249 > 1 [ 819.791858][ T4608] Bluetooth: hci16: unexpected cc 0x1003 length: 249 > 9 [ 819.801046][ T4608] Bluetooth: hci16: unexpected cc 0x1001 length: 249 > 9 [ 819.820233][ T4608] Bluetooth: hci16: unexpected cc 0x0c23 length: 249 > 4 [ 819.830473][ T4608] Bluetooth: hci16: unexpected cc 0x0c25 length: 249 > 3 [ 819.838122][ T4608] Bluetooth: hci16: unexpected cc 0x0c38 length: 249 > 2 [ 820.536802][T11335] chnl_net:caif_netlink_parms(): no params data found [ 821.751872][ T4608] Bluetooth: hci1: command 0x0406 tx timeout [ 821.909448][ T4608] Bluetooth: hci16: command tx timeout [ 823.241439][T11335] bridge0: port 1(bridge_slave_0) entered blocking state [ 823.248652][T11335] bridge0: port 1(bridge_slave_0) entered disabled state [ 823.269327][T11335] bridge_slave_0: entered allmulticast mode [ 823.285181][T11335] bridge_slave_0: entered promiscuous mode [ 823.336632][T11335] bridge0: port 2(bridge_slave_1) entered blocking state [ 823.359137][T11335] bridge0: port 2(bridge_slave_1) entered disabled state [ 823.366511][T11335] bridge_slave_1: entered allmulticast mode [ 823.389762][T11335] bridge_slave_1: entered promiscuous mode [ 823.990527][ T5234] Bluetooth: hci16: command tx timeout [ 824.929660][T11335] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 824.982105][T11335] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 826.069606][ T5234] Bluetooth: hci16: command tx timeout [ 826.779608][T11335] team0: Port device team_slave_0 added [ 826.812284][T11335] team0: Port device team_slave_1 added [ 827.459284][T11335] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 827.466267][T11335] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 827.567502][T11335] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 827.582443][T11335] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 827.599692][T11335] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 827.647071][T11335] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 828.139815][ T5234] Bluetooth: hci16: command tx timeout [ 828.887798][T11335] hsr_slave_0: entered promiscuous mode [ 829.070317][T11335] hsr_slave_1: entered promiscuous mode [ 829.366008][T11335] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 829.378903][T11335] Cannot create hsr debugfs directory [ 833.260200][ T4608] Bluetooth: hci17: unexpected cc 0x0c03 length: 249 > 1 [ 833.281960][ T4608] Bluetooth: hci17: unexpected cc 0x1003 length: 249 > 9 [ 833.291010][ T4608] Bluetooth: hci17: unexpected cc 0x1001 length: 249 > 9 [ 833.309149][ T4608] Bluetooth: hci17: unexpected cc 0x0c23 length: 249 > 4 [ 833.323099][ T4608] Bluetooth: hci17: unexpected cc 0x0c25 length: 249 > 3 [ 833.332541][ T4608] Bluetooth: hci17: unexpected cc 0x0c38 length: 249 > 2 [ 833.981174][T11344] chnl_net:caif_netlink_parms(): no params data found [ 835.429379][ T5234] Bluetooth: hci17: command tx timeout [ 836.951636][ T5234] Bluetooth: hci7: command 0x0406 tx timeout [ 837.084724][T11344] bridge0: port 1(bridge_slave_0) entered blocking state [ 837.099196][T11344] bridge0: port 1(bridge_slave_0) entered disabled state [ 837.106627][T11344] bridge_slave_0: entered allmulticast mode [ 837.151263][T11344] bridge_slave_0: entered promiscuous mode [ 837.167599][T11344] bridge0: port 2(bridge_slave_1) entered blocking state [ 837.189398][T11344] bridge0: port 2(bridge_slave_1) entered disabled state [ 837.196743][T11344] bridge_slave_1: entered allmulticast mode [ 837.219151][T11344] bridge_slave_1: entered promiscuous mode [ 837.509116][ T5234] Bluetooth: hci17: command tx timeout [ 838.620136][ T5234] Bluetooth: hci18: unexpected cc 0x0c03 length: 249 > 1 [ 838.639644][ T5234] Bluetooth: hci18: unexpected cc 0x1003 length: 249 > 9 [ 838.651404][ T5234] Bluetooth: hci18: unexpected cc 0x1001 length: 249 > 9 [ 838.669782][ T5234] Bluetooth: hci18: unexpected cc 0x0c23 length: 249 > 4 [ 838.677908][ T5234] Bluetooth: hci18: unexpected cc 0x0c25 length: 249 > 3 [ 838.689844][ T5234] Bluetooth: hci18: unexpected cc 0x0c38 length: 249 > 2 [ 839.051225][T11344] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 839.104983][T11344] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 839.589433][ T5234] Bluetooth: hci17: command tx timeout [ 840.730319][T11344] team0: Port device team_slave_0 added [ 840.776720][T11344] team0: Port device team_slave_1 added [ 840.789295][ T4608] Bluetooth: hci18: command tx timeout [ 841.670063][ T4608] Bluetooth: hci17: command tx timeout [ 841.944986][T11321] Bluetooth: hci19: unexpected cc 0x0c03 length: 249 > 1 [ 841.957153][T11321] Bluetooth: hci19: unexpected cc 0x1003 length: 249 > 9 [ 841.978245][T11321] Bluetooth: hci19: unexpected cc 0x1001 length: 249 > 9 [ 841.988548][T11321] Bluetooth: hci19: unexpected cc 0x0c23 length: 249 > 4 [ 842.009178][T11321] Bluetooth: hci19: unexpected cc 0x0c25 length: 249 > 3 [ 842.016965][T11321] Bluetooth: hci19: unexpected cc 0x0c38 length: 249 > 2 [ 842.075957][T11321] Bluetooth: hci8: command 0x0406 tx timeout [ 842.480369][T11344] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 842.487438][T11344] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 842.558887][T11344] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 842.582414][T11344] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 842.599542][T11344] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 842.679181][T11344] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 842.869266][T11321] Bluetooth: hci18: command tx timeout [ 844.069601][ T5234] Bluetooth: hci19: command tx timeout [ 844.682214][T11344] hsr_slave_0: entered promiscuous mode [ 844.958803][ T5234] Bluetooth: hci18: command tx timeout [ 845.184342][T11344] hsr_slave_1: entered promiscuous mode [ 846.149646][ T5234] Bluetooth: hci19: command tx timeout [ 846.628823][T11344] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 846.668974][T11344] Cannot create hsr debugfs directory [ 847.029830][ T4608] Bluetooth: hci18: command tx timeout [ 847.196555][ T5234] Bluetooth: hci9: command 0x0406 tx timeout [ 848.229177][T11321] Bluetooth: hci19: command tx timeout [ 850.304619][ T4608] Bluetooth: hci20: unexpected cc 0x0c03 length: 249 > 1 [ 850.317839][ T4608] Bluetooth: hci19: command tx timeout [ 850.329555][ T4608] Bluetooth: hci20: unexpected cc 0x1003 length: 249 > 9 [ 850.338658][ T4608] Bluetooth: hci20: unexpected cc 0x1001 length: 249 > 9 [ 850.349559][ T4608] Bluetooth: hci20: unexpected cc 0x0c23 length: 249 > 4 [ 850.357748][ T4608] Bluetooth: hci20: unexpected cc 0x0c25 length: 249 > 3 [ 850.366030][ T4608] Bluetooth: hci20: unexpected cc 0x0c38 length: 249 > 2 [ 851.069486][T11359] chnl_net:caif_netlink_parms(): no params data found [ 852.150101][ T31] INFO: task hwrng:759 blocked for more than 143 seconds. [ 852.157278][ T31] Not tainted 6.10.0-syzkaller-12888-g5437f30d3458 #0 [ 852.199258][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 852.208069][ T31] task:hwrng state:D stack:29616 pid:759 tgid:759 ppid:2 flags:0x00004000 [ 852.238982][ T31] Call Trace: [ 852.242309][ T31] [ 852.245254][ T31] __schedule+0xe37/0x5490 [ 852.258894][ T31] ? __pfx___lock_acquire+0x10/0x10 [ 852.273738][ T31] ? __pfx___schedule+0x10/0x10 [ 852.278652][ T31] ? schedule+0x298/0x350 [ 852.295709][ T31] ? __pfx_lock_release+0x10/0x10 [ 852.309416][T11361] Bluetooth: hci10: command 0x0406 tx timeout [ 852.319082][ T31] ? __mutex_lock+0x5b3/0x9c0 [ 852.323876][ T31] ? __mutex_trylock_common+0x78/0x250 [ 852.353297][ T31] schedule+0xe7/0x350 [ 852.357435][ T31] schedule_preempt_disabled+0x13/0x30 [ 852.379542][ T31] __mutex_lock+0x5b8/0x9c0 [ 852.384102][ T31] ? hwrng_fillfn+0xb8/0x380 [ 852.388721][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 852.408982][ T31] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 852.415204][ T31] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 852.433888][ T31] ? hwrng_fillfn+0xb8/0x380 [ 852.438534][ T31] hwrng_fillfn+0xb8/0x380 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 852.469693][T11361] Bluetooth: hci20: command tx timeout [ 852.519293][ T31] ? __pfx_hwrng_fillfn+0x10/0x10 [ 852.524373][ T31] kthread+0x2c1/0x3a0 [ 852.528470][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 852.578991][ T31] ? __pfx_kthread+0x10/0x10 [ 852.583642][ T31] ret_from_fork+0x45/0x80 [ 852.588093][ T31] ? __pfx_kthread+0x10/0x10 [ 852.668969][ T31] ret_from_fork_asm+0x1a/0x30 [ 852.736130][ T31] [ 852.754445][ T31] INFO: task syz.1.1373:11171 blocked for more than 143 seconds. [ 852.778971][ T31] Not tainted 6.10.0-syzkaller-12888-g5437f30d3458 #0 [ 852.786299][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 852.819153][ T31] task:syz.1.1373 state:D stack:26480 pid:11171 tgid:11163 ppid:7531 flags:0x00004006 [ 852.839413][ T31] Call Trace: [ 852.842732][ T31] [ 852.845677][ T31] __schedule+0xe37/0x5490 [ 852.879234][ T31] ? __pfx___lock_acquire+0x10/0x10 [ 852.884509][ T31] ? __pfx___schedule+0x10/0x10 [ 852.908991][ T31] ? schedule+0x298/0x350 [ 852.913394][ T31] ? __pfx_lock_release+0x10/0x10 [ 852.918453][ T31] ? __mutex_lock+0x5b3/0x9c0 [ 852.938943][ T31] ? __mutex_trylock_common+0x78/0x250 [ 852.944555][ T31] schedule+0xe7/0x350 [ 852.959042][ T31] schedule_preempt_disabled+0x13/0x30 [ 852.964571][ T31] __mutex_lock+0x5b8/0x9c0 [ 852.983172][ T31] ? tun_chr_close+0x3e/0x250 [ 852.987907][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 852.995510][ T31] ? locks_remove_file+0x399/0x5a0 [ 853.023785][ T31] ? __pfx_locks_remove_file+0x10/0x10 [ 853.038567][ T31] ? __pfx_tun_chr_close+0x10/0x10 [ 853.058996][ T31] ? tun_chr_close+0x3e/0x250 [ 853.063740][ T31] ? rtnl_lock+0x9/0x20 [ 853.068116][ T31] tun_chr_close+0x3e/0x250 [ 853.082595][ T31] __fput+0x408/0xbb0 [ 853.086640][ T31] task_work_run+0x14e/0x250 [ 853.098661][ T31] ? __pfx_task_work_run+0x10/0x10 [ 853.119092][ T31] ? switch_task_namespaces+0xe0/0x110 [ 853.124709][ T31] do_exit+0xaa3/0x2bb0 [ 853.139223][ T31] ? get_signal+0x8f2/0x2770 [ 853.143903][ T31] ? __pfx_do_exit+0x10/0x10 [ 853.148526][ T31] ? do_raw_spin_lock+0x12d/0x2c0 [ 853.186076][ T31] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 853.198881][ T31] do_group_exit+0xd3/0x2a0 [ 853.203534][ T31] get_signal+0x25fd/0x2770 [ 853.219004][ T31] ? vfs_read+0x46b/0xbd0 [ 853.223411][ T31] ? __pfx_get_signal+0x10/0x10 [ 853.228303][ T31] ? __pfx_vfs_read+0x10/0x10 [ 853.248948][ T31] arch_do_signal_or_restart+0x90/0x7e0 [ 853.254569][ T31] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 853.269344][ T31] ? ksys_read+0x1ab/0x260 [ 853.273814][ T31] ? __pfx_ksys_read+0x10/0x10 [ 853.278599][ T31] syscall_exit_to_user_mode+0x150/0x2a0 [ 853.305620][ T31] do_syscall_64+0xda/0x250 [ 853.338886][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 853.344845][ T31] RIP: 0033:0x7f86ec377299 [ 853.368987][ T31] RSP: 002b:00007f86ebdff048 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 853.377475][ T31] RAX: 0000000000018ff8 RBX: 00007f86ec505f80 RCX: 00007f86ec377299 [ 853.398961][ T31] RDX: 0000000000018ff8 RSI: 0000000020019680 RDI: 0000000000000003 [ 853.406988][ T31] RBP: 00007f86ec3e48e6 R08: 0000000000000000 R09: 0000000000000000 [ 853.439174][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 853.447206][ T31] R13: 000000000000000b R14: 00007f86ec505f80 R15: 00007ffcbe940698 [ 853.488962][ T31] [ 853.509110][ T31] INFO: task kworker/u8:7:11176 blocked for more than 144 seconds. [ 853.517050][ T31] Not tainted 6.10.0-syzkaller-12888-g5437f30d3458 #0 [ 853.539013][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 853.547724][ T31] task:kworker/u8:7 state:D stack:26464 pid:11176 tgid:11176 ppid:2 flags:0x00004000 [ 853.578363][ T31] Workqueue: ipv6_addrconf addrconf_verify_work [ 853.595373][ T31] Call Trace: [ 853.599512][ T31] [ 853.602467][ T31] __schedule+0xe37/0x5490 [ 853.606921][ T31] ? __pfx___lock_acquire+0x10/0x10 [ 853.645689][ T31] ? __pfx___schedule+0x10/0x10 [ 853.651094][ T31] ? schedule+0x298/0x350 [ 853.655578][ T31] ? __pfx_lock_release+0x10/0x10 [ 853.678894][ T31] ? __mutex_lock+0x5b3/0x9c0 [ 853.683633][ T31] ? __mutex_trylock_common+0x78/0x250 [ 853.696976][ T31] schedule+0xe7/0x350 [ 853.701974][ T31] schedule_preempt_disabled+0x13/0x30 [ 853.707468][ T31] __mutex_lock+0x5b8/0x9c0 [ 853.732363][ T31] ? addrconf_verify_work+0x12/0x30 [ 853.737626][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 853.749413][ T31] ? __pfx_lock_acquire+0x10/0x10 [ 853.754498][ T31] ? addrconf_verify_work+0x12/0x30 [ 853.800028][ T31] addrconf_verify_work+0x12/0x30 [ 853.805112][ T31] process_one_work+0x9c5/0x1b40 [ 853.819564][ T31] ? __pfx_lock_acquire+0x10/0x10 [ 853.824643][ T31] ? __pfx_process_one_work+0x10/0x10 [ 853.849096][ T31] ? assign_work+0x1a0/0x250 [ 853.853744][ T31] worker_thread+0x6c8/0xf20 [ 853.858368][ T31] ? __pfx_worker_thread+0x10/0x10 [ 853.878918][ T31] kthread+0x2c1/0x3a0 [ 853.883044][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 853.888571][ T31] ? __pfx_kthread+0x10/0x10 [ 853.902635][ T31] ret_from_fork+0x45/0x80 [ 853.907145][ T31] ? __pfx_kthread+0x10/0x10 [ 853.939162][ T31] ret_from_fork_asm+0x1a/0x30 [ 853.944007][ T31] [ 853.969065][ T31] INFO: task syz-executor:11218 blocked for more than 145 seconds. [ 853.977004][ T31] Not tainted 6.10.0-syzkaller-12888-g5437f30d3458 #0 [ 854.018886][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 854.027603][ T31] task:syz-executor state:D stack:27552 pid:11218 tgid:11218 ppid:1 flags:0x00000004 [ 854.080017][ T31] Call Trace: [ 854.083355][ T31] [ 854.086303][ T31] __schedule+0xe37/0x5490 [ 854.098945][ T31] ? __pfx___lock_acquire+0x10/0x10 [ 854.104380][ T31] ? __pfx___schedule+0x10/0x10 [ 854.128889][ T31] ? schedule+0x298/0x350 [ 854.133290][ T31] ? __pfx_lock_release+0x10/0x10 [ 854.138340][ T31] ? __mutex_lock+0x5b3/0x9c0 [ 854.158907][ T31] ? __mutex_trylock_common+0x78/0x250 [ 854.164431][ T31] schedule+0xe7/0x350 [ 854.168537][ T31] schedule_preempt_disabled+0x13/0x30 [ 854.188926][ T31] __mutex_lock+0x5b8/0x9c0 [ 854.193770][ T31] ? rtnetlink_rcv_msg+0x372/0xea0 [ 854.229594][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 854.234686][ T31] ? rtnetlink_rcv_msg+0x372/0xea0 [ 854.259050][ T31] rtnetlink_rcv_msg+0x372/0xea0 [ 854.264060][ T31] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 854.279123][ T31] ? __pfx___lock_acquire+0x10/0x10 [ 854.284385][ T31] ? avc_has_perm+0x11b/0x1c0 [ 854.299470][ T31] ? __pfx___lock_acquire+0x10/0x10 [ 854.304721][ T31] ? __pfx_avc_has_perm+0x10/0x10 [ 854.328934][ T31] ? __lock_acquire+0xbdd/0x3cb0 [ 854.333947][ T31] netlink_rcv_skb+0x16b/0x440 [ 854.338736][ T31] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 854.359545][ T31] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 854.364908][ T31] ? netlink_deliver_tap+0x1ae/0xd90 [ 854.390565][ T31] netlink_unicast+0x544/0x830 [ 854.395386][ T31] ? __pfx_netlink_unicast+0x10/0x10 [ 854.428960][ T31] netlink_sendmsg+0x8b8/0xd70 [ 854.433799][ T31] ? __pfx_netlink_sendmsg+0x10/0x10 [ 854.449108][ T31] __sys_sendto+0x47f/0x4e0 [ 854.453677][ T31] ? __pfx___sys_sendto+0x10/0x10 [ 854.458731][ T31] ? reacquire_held_locks+0x20b/0x4c0 [ 854.479181][ T31] ? do_user_addr_fault+0xdc7/0x13f0 [ 854.484544][ T31] __x64_sys_sendto+0xe0/0x1c0 [ 854.500472][ T31] ? do_syscall_64+0x91/0x250 [ 854.505209][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 854.529034][ T31] do_syscall_64+0xcd/0x250 [ 854.533605][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 854.561947][T11321] Bluetooth: hci20: command tx timeout [ 854.567611][ T31] RIP: 0033:0x7fe086f7902c [ 854.576173][ T31] RSP: 002b:00007fff0274b500 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 854.598095][ T31] RAX: ffffffffffffffda RBX: 00007fe087c34620 RCX: 00007fe086f7902c [ 854.619628][ T31] RDX: 0000000000000028 RSI: 00007fe087c34670 RDI: 0000000000000003 [ 854.627741][ T31] RBP: 0000000000000000 R08: 00007fff0274b554 R09: 000000000000000c [ 854.648965][ T31] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 854.656987][ T31] R13: 0000000000000000 R14: 00007fe087c34670 R15: 0000000000000000 [ 854.685165][ T31] [ 854.719100][ T31] [ 854.719100][ T31] Showing all locks held in the system: [ 854.749061][ T31] 5 locks held by kworker/0:1/9: [ 854.754045][ T31] 1 lock held by khungtaskd/31: [ 854.799135][ T31] #0: ffffffff8ddb5220 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x75/0x340 [ 854.818992][ T31] 1 lock held by hwrng/759: [ 854.844085][ T31] #0: ffffffff8e9e9988 (reading_mutex){+.+.}-{3:3}, at: hwrng_fillfn+0xb8/0x380 [ 854.869283][ T31] 2 locks held by kworker/0:2/1174: [ 854.874525][ T31] 3 locks held by kworker/1:2/1849: [ 854.909207][ T31] #0: ffff888015880948 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x1277/0x1b40 [ 854.958960][ T31] #1: ffffc9000497fd80 (deferred_process_work){+.+.}-{0:0}, at: process_one_work+0x921/0x1b40 [ 854.988959][ T31] #2: ffffffff8fa1f7a8 (rtnl_mutex){+.+.}-{3:3}, at: switchdev_deferred_process_work+0xe/0x20 [ 855.031953][ T31] 4 locks held by kworker/u8:9/2924: [ 855.037287][ T31] #0: ffff8880166e3148 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x1277/0x1b40 [ 855.079338][ T31] #1: ffffc90009807d80 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x921/0x1b40 [ 855.128964][ T31] #2: ffffffff8fa0a050 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0xbb/0xbf0 [ 855.169055][ T31] #3: ffffffff8fa1f7a8 (rtnl_mutex){+.+.}-{3:3}, at: wg_destruct+0x22/0x3d0 [ 855.190445][ T31] 1 lock held by dhcpcd/4884: [ 855.195172][ T31] #0: ffffffff8fa1f7a8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 855.240061][ T31] 2 locks held by getty/4976: [ 855.244792][ T31] #0: ffff8880301ba0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 855.299084][ T31] #1: ffffc900031232f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0xfc8/0x1490 [ 855.328942][ T31] 3 locks held by kworker/0:6/5304: [ 855.352353][ T31] 2 locks held by kworker/u8:0/9835: [ 855.357683][ T31] #0: ffff888015889148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x1277/0x1b40 [ 855.411707][ T31] #1: ffffc90003aa7d80 ((work_completion)(&(&kfence_timer)->work)){+.+.}-{0:0}, at: process_one_work+0x921/0x1b40 [ 855.448900][ T31] 7 locks held by syz-executor/11028: [ 855.454316][ T31] #0: ffff8880303c0420 (sb_writers#9){.+.+}-{0:0}, at: ksys_write+0x12f/0x260 [ 855.478943][ T31] #1: ffff88805ef49488 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x281/0x500 [ 855.499141][ T31] #2: ffff888023e52698 (kn->active#50){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2a4/0x500 [ 855.519408][ T31] #3: ffffffff8efb81a8 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xd2/0x4b0 [ 855.541475][ T31] #4: ffff8880211520e8 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0xa4/0x610 [ 855.581824][ T31] #5: ffff888063bd6250 (&devlink->lock_key#8){+.+.}-{3:3}, at: nsim_drv_remove+0x4a/0x1d0 [ 855.608964][ T31] #6: ffffffff8fa1f7a8 (rtnl_mutex){+.+.}-{3:3}, at: nsim_destroy+0x6f/0x6a0 [ 855.617937][ T31] 1 lock held by syz.1.1373/11171: [ 855.638958][ T31] #0: ffffffff8fa1f7a8 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3e/0x250 [ 855.659105][ T31] 3 locks held by kworker/u8:7/11176: [ 855.664520][ T31] #0: ffff88802b007948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_one_work+0x1277/0x1b40 [ 855.689404][ T31] #1: ffffc900031dfd80 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_one_work+0x921/0x1b40 [ 855.739190][ T31] #2: ffffffff8fa1f7a8 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0x12/0x30 [ 855.759155][ T31] 2 locks held by kworker/u8:13/11177: [ 855.764754][ T31] 1 lock held by syz-executor/11218: [ 855.789020][ T31] #0: ffffffff8fa1f7a8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 855.798529][ T31] 1 lock held by syz.2.1390/11251: [ 855.818920][ T31] 5 locks held by syz.0.1393/11260: [ 855.824175][ T31] 1 lock held by syz.3.1394/11263: [ 855.838996][ T31] #0: ffffffff8fa1f7a8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 855.874943][ T31] 4 locks held by syz-executor/11269: [ 855.898959][ T31] #0: ffff8880303c0420 (sb_writers#9){.+.+}-{0:0}, at: ksys_write+0x12f/0x260 [ 855.908031][ T31] #1: ffff8880244b8088 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x281/0x500 [ 855.939125][ T31] #2: ffff888023e52698 (kn->active#50){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2a4/0x500 [ 855.959210][ T31] #3: ffffffff8efb81a8 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xd2/0x4b0 [ 855.989444][ T31] 4 locks held by syz-executor/11280: [ 855.994856][ T31] #0: ffff8880303c0420 (sb_writers#9){.+.+}-{0:0}, at: ksys_write+0x12f/0x260 [ 856.038942][ T31] #1: ffff88802a2ae488 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x281/0x500 [ 856.048796][ T31] #2: ffff888023e52698 (kn->active#50){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2a4/0x500 [ 856.089229][ T31] #3: ffffffff8efb81a8 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xd2/0x4b0 [ 856.109642][ T31] 1 lock held by syz-executor/11289: [ 856.114980][ T31] #0: ffffffff8fa1f7a8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 856.139416][ T31] 4 locks held by syz-executor/11292: [ 856.144822][ T31] #0: ffff8880303c0420 (sb_writers#9){.+.+}-{0:0}, at: ksys_write+0x12f/0x260 [ 856.189227][ T31] #1: ffff88806ee07488 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x281/0x500 [ 856.218938][ T31] #2: ffff888023e52698 (kn->active#50){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2a4/0x500 [ 856.241151][ T31] #3: ffffffff8efb81a8 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xd2/0x4b0 [ 856.268933][ T31] 4 locks held by syz-executor/11301: [ 856.274354][ T31] #0: ffff8880303c0420 (sb_writers#9){.+.+}-{0:0}, at: ksys_write+0x12f/0x260 [ 856.299408][ T31] #1: ffff88801260e488 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x281/0x500 [ 856.326426][ T31] #2: ffff888023e52698 (kn->active#50){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2a4/0x500 [ 856.348940][ T31] #3: ffffffff8efb81a8 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xd2/0x4b0 [ 856.389273][ T31] 4 locks held by syz-executor/11310: [ 856.394698][ T31] #0: ffff8880303c0420 (sb_writers#9){.+.+}-{0:0}, at: ksys_write+0x12f/0x260 [ 856.418976][ T31] #1: ffff888025c02c88 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x281/0x500 [ 856.439148][ T31] #2: ffff888023e52698 (kn->active#50){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2a4/0x500 [ 856.459060][ T31] #3: ffffffff8efb81a8 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xd2/0x4b0 [ 856.488940][ T31] 1 lock held by syz-executor/11319: [ 856.494364][ T31] #0: ffffffff8fa1f7a8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 856.528911][ T31] 1 lock held by syz-executor/11323: [ 856.534245][ T31] #0: ffffffff8fa1f7a8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 856.559416][ T31] 4 locks held by syz-executor/11326: [ 856.579092][ T31] #0: ffff8880303c0420 (sb_writers#9){.+.+}-{0:0}, at: ksys_write+0x12f/0x260 [ 856.588176][ T31] #1: ffff8880698d8488 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x281/0x500 [ 856.619231][ T31] #2: ffff888023e52698 (kn->active#50){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2a4/0x500 [ 856.630614][T11321] Bluetooth: hci20: command tx timeout [ 856.659063][ T31] #3: ffffffff8efb81a8 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xd2/0x4b0 [ 856.688980][ T31] 4 locks held by syz-executor/11335: [ 856.694426][ T31] #0: ffff8880303c0420 (sb_writers#9){.+.+}-{0:0}, at: ksys_write+0x12f/0x260 [ 856.729472][ T31] #1: ffff88802a027488 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x281/0x500 [ 856.756253][ T31] #2: ffff888023e52698 (kn->active#50){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2a4/0x500 [ 856.778991][ T31] #3: ffffffff8efb81a8 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xd2/0x4b0 [ 856.819548][ T31] 4 locks held by syz-executor/11344: [ 856.824966][ T31] #0: ffff8880303c0420 (sb_writers#9){.+.+}-{0:0}, at: ksys_write+0x12f/0x260 [ 856.848958][ T31] #1: ffff88807e2dd488 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x281/0x500 [ 856.869606][ T31] #2: ffff888023e52698 (kn->active#50){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2a4/0x500 [ 856.898904][ T31] #3: ffffffff8efb81a8 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xd2/0x4b0 [ 856.919104][ T31] 1 lock held by syz-executor/11353: [ 856.924443][ T31] #0: ffffffff8fa1f7a8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 856.968460][ T31] 1 lock held by syz-executor/11356: [ 856.988979][ T31] #0: ffffffff8fa1f7a8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 856.998573][ T31] 4 locks held by syz-executor/11359: [ 857.018892][ T31] #0: ffff8880621ccd80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_dev_do_close+0x26/0x90 [ 857.028574][ T31] #1: ffff8880621cc078 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_close_sync+0x346/0x1110 [ 857.062373][ T31] #2: ffffffff8fc83f28 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xc4/0x260 [ 857.088956][ T31] #3: ffffffff8ddc09b8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: exp_funnel_lock+0x282/0x3b0 [ 857.109343][ T31] [ 857.111730][ T31] ============================================= [ 857.111730][ T31] [ 857.153837][ T31] NMI backtrace for cpu 1 [ 857.158209][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.10.0-syzkaller-12888-g5437f30d3458 #0 [ 857.168388][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 857.178456][ T31] Call Trace: [ 857.181747][ T31] [ 857.184701][ T31] dump_stack_lvl+0x116/0x1f0 [ 857.189415][ T31] nmi_cpu_backtrace+0x27b/0x390 [ 857.194390][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 857.200407][ T31] nmi_trigger_cpumask_backtrace+0x29c/0x300 [ 857.206410][ T31] watchdog+0xf4e/0x1280 [ 857.210683][ T31] ? __pfx_watchdog+0x10/0x10 [ 857.215405][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 857.220643][ T31] ? __kthread_parkme+0x148/0x220 [ 857.225703][ T31] ? __pfx_watchdog+0x10/0x10 [ 857.230410][ T31] kthread+0x2c1/0x3a0 [ 857.234496][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 857.239730][ T31] ? __pfx_kthread+0x10/0x10 [ 857.244337][ T31] ret_from_fork+0x45/0x80 [ 857.248784][ T31] ? __pfx_kthread+0x10/0x10 [ 857.253391][ T31] ret_from_fork_asm+0x1a/0x30 [ 857.258194][ T31] [ 857.262762][ T31] Sending NMI from CPU 1 to CPUs 0: [ 857.267997][ C0] NMI backtrace for cpu 0 [ 857.268010][ C0] CPU: 0 UID: 0 PID: 11260 Comm: syz.0.1393 Not tainted 6.10.0-syzkaller-12888-g5437f30d3458 #0 [ 857.268037][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 857.268050][ C0] RIP: 0010:write_comp_data+0x2a/0x90 [ 857.268084][ C0] Code: 49 89 d2 49 89 f8 49 89 f1 65 48 8b 15 3f 52 79 7e 65 8b 05 40 52 79 7e a9 00 01 ff 00 74 0f f6 c4 01 74 59 8b 82 1c 16 00 00 <85> c0 74 4f 8b 82 f8 15 00 00 83 f8 03 75 44 48 8b 82 00 16 00 00 [ 857.268105][ C0] RSP: 0000:ffffc900000061d0 EFLAGS: 00000002 [ 857.268122][ C0] RAX: 0000000000000000 RBX: ffffc90000006258 RCX: ffffffff813ce50d [ 857.268138][ C0] RDX: ffff888022bcda00 RSI: 0000000000000001 RDI: 0000000000000001 [ 857.268152][ C0] RBP: 0000000000000002 R08: 0000000000000001 R09: 0000000000000001 [ 857.268166][ C0] R10: 0000000000000002 R11: 0000000000000000 R12: ffffffff90b06f70 [ 857.268181][ C0] R13: ffffffff90b06f75 R14: 0000000000000002 R15: ffffc9000000628d [ 857.268196][ C0] FS: 0000000000000000(0000) GS:ffff8880b9200000(0000) knlGS:0000000000000000 [ 857.268218][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 857.268234][ C0] CR2: 0000001b2e608ff8 CR3: 000000000db7c000 CR4: 00000000003506f0 [ 857.268249][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 857.268263][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 857.268277][ C0] Call Trace: [ 857.268284][ C0] [ 857.268292][ C0] ? show_regs+0x8c/0xa0 [ 857.268324][ C0] ? nmi_cpu_backtrace+0x1d8/0x390 [ 857.268347][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 857.268378][ C0] ? nmi_handle+0x1a9/0x5c0 [ 857.268399][ C0] ? write_comp_data+0x2a/0x90 [ 857.268425][ C0] ? default_do_nmi+0x6a/0x160 [ 857.268453][ C0] ? exc_nmi+0x170/0x1e0 [ 857.268479][ C0] ? end_repeat_nmi+0xf/0x53 [ 857.268508][ C0] ? unwind_next_frame+0x60d/0x23a0 [ 857.268531][ C0] ? write_comp_data+0x2a/0x90 [ 857.268557][ C0] ? write_comp_data+0x2a/0x90 [ 857.268584][ C0] ? write_comp_data+0x2a/0x90 [ 857.268610][ C0] [ 857.268616][ C0] [ 857.268623][ C0] unwind_next_frame+0x60d/0x23a0 [ 857.268645][ C0] ? __kasan_kmalloc+0xaa/0xb0 [ 857.268671][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 857.268696][ C0] arch_stack_walk+0x100/0x170 [ 857.268721][ C0] ? __kasan_kmalloc+0xaa/0xb0 [ 857.268745][ C0] stack_trace_save+0x95/0xd0 [ 857.268768][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 857.268790][ C0] ? hlock_class+0x4e/0x130 [ 857.268809][ C0] ? __lock_acquire+0x1620/0x3cb0 [ 857.268836][ C0] kasan_save_stack+0x33/0x60 [ 857.268860][ C0] ? kasan_save_stack+0x33/0x60 [ 857.268884][ C0] ? kasan_save_track+0x14/0x30 [ 857.268910][ C0] ? __kasan_kmalloc+0xaa/0xb0 [ 857.268953][ C0] kasan_save_track+0x14/0x30 [ 857.268981][ C0] __kasan_kmalloc+0xaa/0xb0 [ 857.269008][ C0] dummy_urb_enqueue+0x8d/0x8a0 [ 857.269044][ C0] ? usb_hcd_map_urb_for_dma+0x39e/0x1190 [ 857.269084][ C0] usb_hcd_submit_urb+0x2d1/0x2090 [ 857.269122][ C0] ? __pfx_usb_hcd_submit_urb+0x10/0x10 [ 857.269158][ C0] ? lock_acquire+0x1b1/0x560 [ 857.269187][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 857.269214][ C0] ? find_held_lock+0x2d/0x110 [ 857.269251][ C0] ? ath9k_hif_usb_reg_in_cb+0x487/0x690 [ 857.269280][ C0] usb_submit_urb+0x87c/0x1730 [ 857.269307][ C0] ? do_raw_spin_unlock+0x172/0x230 [ 857.269338][ C0] ath9k_hif_usb_reg_in_cb+0x494/0x690 [ 857.269369][ C0] __usb_hcd_giveback_urb+0x389/0x6e0 [ 857.269402][ C0] usb_hcd_giveback_urb+0x396/0x450 [ 857.269434][ C0] dummy_timer+0x17c3/0x38d0 [ 857.269469][ C0] ? debug_object_deactivate+0x1f0/0x370 [ 857.269499][ C0] ? __pfx___lock_acquire+0x10/0x10 [ 857.269530][ C0] ? __hrtimer_run_queues+0x5a7/0xcc0 [ 857.269563][ C0] ? __pfx_lock_release+0x10/0x10 [ 857.269589][ C0] ? __pfx_dummy_timer+0x10/0x10 [ 857.269621][ C0] ? timerqueue_del+0x83/0x150 [ 857.269657][ C0] ? __pfx_dummy_timer+0x10/0x10 [ 857.269688][ C0] __hrtimer_run_queues+0x20c/0xcc0 [ 857.269722][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 857.269755][ C0] ? ktime_get_update_offsets_now+0x201/0x310 [ 857.269787][ C0] hrtimer_interrupt+0x31b/0x800 [ 857.269827][ C0] __sysvec_apic_timer_interrupt+0x10f/0x450 [ 857.269853][ C0] sysvec_apic_timer_interrupt+0x43/0xb0 [ 857.269890][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 857.269930][ C0] RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x60 [ 857.269964][ C0] Code: be b0 01 00 00 e8 a0 ff ff ff 31 c0 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1e fa 65 48 8b 15 84 4b 79 7e 65 8b 05 85 4b 79 7e a9 00 01 [ 857.269988][ C0] RSP: 0000:ffffc90000006d88 EFLAGS: 00000202 [ 857.270007][ C0] RAX: ffffc90003ae7b80 RBX: ffffc90000006e58 RCX: ffffffff813cdd16 [ 857.270026][ C0] RDX: ffff888022bcda00 RSI: ffffffff813cde75 RDI: 0000000000000005 [ 857.270043][ C0] RBP: ffffc90003ae7b78 R08: 0000000000000005 R09: 0000000000000000 [ 857.270059][ C0] R10: 0000000000000001 R11: ffff8880b9229418 R12: ffffc90000006e60 [ 857.270074][ C0] R13: ffffc90000006e68 R14: 0000000000000001 R15: ffffc90003ae8000 [ 857.270093][ C0] ? stack_access_ok+0x96/0x270 [ 857.270116][ C0] ? stack_access_ok+0x1f5/0x270 [ 857.270142][ C0] ? __orc_find+0x104/0x130 [ 857.270164][ C0] stack_access_ok+0xf9/0x270 [ 857.270188][ C0] unwind_next_frame+0xd9b/0x23a0 [ 857.270213][ C0] ? cleanup_mnt+0x222/0x450 [ 857.270244][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 857.270268][ C0] arch_stack_walk+0x100/0x170 [ 857.270293][ C0] ? cleanup_mnt+0x222/0x450 [ 857.270322][ C0] ? ieee802_11_parse_elems_full+0xea/0x1680 [ 857.270357][ C0] stack_trace_save+0x95/0xd0 [ 857.270379][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 857.270401][ C0] ? lockdep_hardirqs_on+0x7c/0x110 [ 857.270435][ C0] kasan_save_stack+0x33/0x60 [ 857.270460][ C0] ? kasan_save_stack+0x33/0x60 [ 857.270484][ C0] ? kasan_save_track+0x14/0x30 [ 857.270508][ C0] ? __kasan_kmalloc+0xaa/0xb0 [ 857.270531][ C0] ? __kmalloc_noprof+0x1e8/0x400 [ 857.270556][ C0] ? ieee802_11_parse_elems_full+0xea/0x1680 [ 857.270589][ C0] ? ieee80211_inform_bss+0xfd/0x1100 [ 857.270621][ C0] ? cfg80211_inform_single_bss_data+0x8e2/0x1dc0 [ 857.270652][ C0] ? cfg80211_inform_bss_data+0x205/0x39c0 [ 857.270681][ C0] ? cfg80211_inform_bss_frame_data+0x271/0x7b0 [ 857.270712][ C0] ? ieee80211_bss_info_update+0x311/0xab0 [ 857.270744][ C0] ? ieee80211_scan_rx+0x474/0xac0 [ 857.270774][ C0] ? ieee80211_rx_list+0x1be3/0x2e90 [ 857.270795][ C0] ? ieee80211_rx_napi+0xdd/0x400 [ 857.270814][ C0] ? ieee80211_handle_queued_frames+0xd5/0x130 [ 857.270846][ C0] ? tasklet_action_common.constprop.0+0x24c/0x3e0 [ 857.270880][ C0] ? handle_softirqs+0x216/0x8f0 [ 857.270910][ C0] ? irq_exit_rcu+0xbb/0x120 [ 857.270944][ C0] ? sysvec_apic_timer_interrupt+0x95/0xb0 [ 857.270977][ C0] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 857.271004][ C0] ? __sanitizer_cov_trace_switch+0x40/0x90 [ 857.271033][ C0] ? unwind_next_frame+0xebe/0x23a0 [ 857.271053][ C0] ? arch_stack_walk+0x100/0x170 [ 857.271075][ C0] ? stack_trace_save+0x95/0xd0 [ 857.271096][ C0] ? kasan_save_stack+0x33/0x60 [ 857.271120][ C0] ? __kasan_record_aux_stack+0xba/0xd0 [ 857.271152][ C0] ? __call_rcu_common.constprop.0+0x9a/0x790 [ 857.271177][ C0] ? destroy_inode+0x12c/0x1b0 [ 857.271199][ C0] ? iput.part.0+0x5a8/0x7f0 [ 857.271222][ C0] ? iput+0x5c/0x80 [ 857.271244][ C0] ? dentry_unlink_inode+0x29c/0x480 [ 857.271269][ C0] ? __dentry_kill+0x1d0/0x600 [ 857.271295][ C0] ? shrink_dentry_list+0x140/0x5d0 [ 857.271323][ C0] ? shrink_dcache_parent+0xe2/0x530 [ 857.271353][ C0] ? shrink_dcache_for_umount+0xa1/0x3e0 [ 857.271383][ C0] ? generic_shutdown_super+0x76/0x3d0 [ 857.271412][ C0] ? kill_anon_super+0x3a/0x60 [ 857.271442][ C0] ? proc_kill_sb+0x99/0x110 [ 857.271472][ C0] ? deactivate_locked_super+0xbe/0x1a0 [ 857.271503][ C0] ? deactivate_super+0xde/0x100 [ 857.271533][ C0] ? cleanup_mnt+0x222/0x450 [ 857.271564][ C0] kasan_save_track+0x14/0x30 [ 857.271589][ C0] __kasan_kmalloc+0xaa/0xb0 [ 857.271613][ C0] __kmalloc_noprof+0x1e8/0x400 [ 857.271639][ C0] ? mmu_spte_clear_track_bits+0x1f8/0x5b0 [ 857.271664][ C0] ieee802_11_parse_elems_full+0xea/0x1680 [ 857.271699][ C0] ? stack_trace_save+0x95/0xd0 [ 857.271719][ C0] ? kasan_save_stack+0x33/0x60 [ 857.271743][ C0] ? __kasan_record_aux_stack+0xba/0xd0 [ 857.271775][ C0] ? hlock_class+0x4e/0x130 [ 857.271794][ C0] ? mark_lock+0xb5/0xc60 [ 857.271817][ C0] ? lock_acquire+0x1b1/0x560 [ 857.271843][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 857.271868][ C0] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 857.271897][ C0] ? __pfx_ieee802_11_parse_elems_full+0x10/0x10 [ 857.271944][ C0] ? cfg80211_update_known_bss+0x39f/0x1150 [ 857.271971][ C0] ? __pfx_lock_release+0x10/0x10 [ 857.271997][ C0] ? mark_held_locks+0x9f/0xe0 [ 857.272023][ C0] ieee80211_inform_bss+0xfd/0x1100 [ 857.272057][ C0] ? __pfx_ieee80211_inform_bss+0x10/0x10 [ 857.272090][ C0] ? trace_kmalloc+0x2d/0xe0 [ 857.272109][ C0] ? __kmalloc_noprof+0x207/0x400 [ 857.272135][ C0] ? __pfx_ieee80211_inform_bss+0x10/0x10 [ 857.272168][ C0] cfg80211_inform_single_bss_data+0x8e2/0x1dc0 [ 857.272199][ C0] ? hlock_class+0x4e/0x130 [ 857.272220][ C0] ? __pfx_cfg80211_inform_single_bss_data+0x10/0x10 [ 857.272255][ C0] ? mark_held_locks+0x9f/0xe0 [ 857.272281][ C0] ? find_held_lock+0x2d/0x110 [ 857.272313][ C0] ? cfg80211_inform_bss_data+0x205/0x39c0 [ 857.272342][ C0] cfg80211_inform_bss_data+0x205/0x39c0 [ 857.272375][ C0] ? __local_bh_enable_ip+0xa4/0x120 [ 857.272406][ C0] ? lockdep_hardirqs_on+0x7c/0x110 [ 857.272438][ C0] ? ieee80211_rx_handlers+0xf10/0x9a50 [ 857.272471][ C0] ? __local_bh_enable_ip+0xa4/0x120 [ 857.272502][ C0] ? __pfx_cfg80211_inform_bss_data+0x10/0x10 [ 857.272534][ C0] ? hlock_class+0x4e/0x130 [ 857.272553][ C0] ? hlock_class+0x4e/0x130 [ 857.272572][ C0] ? __lock_acquire+0xbdd/0x3cb0 [ 857.272602][ C0] ? lock_acquire+0x1b1/0x560 [ 857.272626][ C0] ? find_held_lock+0x2d/0x110 [ 857.272658][ C0] ? ieee80211_bss_info_update+0x2cb/0xab0 [ 857.272692][ C0] cfg80211_inform_bss_frame_data+0x271/0x7b0 [ 857.272725][ C0] ieee80211_bss_info_update+0x311/0xab0 [ 857.272759][ C0] ? __pfx_ieee80211_bss_info_update+0x10/0x10 [ 857.272795][ C0] ? ieee80211_get_channel_khz+0x14d/0x1e0 [ 857.272847][ C0] ieee80211_scan_rx+0x474/0xac0 [ 857.272880][ C0] ieee80211_rx_list+0x1be3/0x2e90 [ 857.272903][ C0] ? __pfx_ieee80211_rx_list+0x10/0x10 [ 857.272940][ C0] ? lock_acquire+0x1b1/0x560 [ 857.272969][ C0] ? skb_dequeue+0x126/0x180 [ 857.272993][ C0] ieee80211_rx_napi+0xdd/0x400 [ 857.273014][ C0] ? __pfx_ieee80211_rx_napi+0x10/0x10 [ 857.273035][ C0] ? lockdep_hardirqs_on+0x7c/0x110 [ 857.273067][ C0] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 857.273102][ C0] ieee80211_handle_queued_frames+0xd5/0x130 [ 857.273134][ C0] tasklet_action_common.constprop.0+0x24c/0x3e0 [ 857.273171][ C0] handle_softirqs+0x216/0x8f0 [ 857.273202][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 857.273235][ C0] irq_exit_rcu+0xbb/0x120 [ 857.273265][ C0] sysvec_apic_timer_interrupt+0x95/0xb0 [ 857.273298][ C0] [ 857.273305][ C0] [ 857.273312][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 857.273341][ C0] RIP: 0010:__sanitizer_cov_trace_switch+0x40/0x90 [ 857.273372][ C0] Code: 48 83 f8 20 74 6b 77 48 48 83 f8 08 74 5b 48 83 f8 10 75 2f 41 bd 03 00 00 00 4c 8b 75 00 31 db 4d 85 f6 74 1e 48 8b 74 dd 10 <4c> 89 e2 4c 89 ef 48 83 c3 01 48 8b 4c 24 28 e8 8c fd ff ff 49 39 [ 857.273393][ C0] RSP: 0000:ffffc90003ae73e0 EFLAGS: 00000202 [ 857.273410][ C0] RAX: 0000000000000000 RBX: 0000000000000001 RCX: ffffffff813cedbe [ 857.273424][ C0] RDX: ffff888022bcda00 RSI: 0000000000000001 RDI: 0000000000000001 [ 857.273438][ C0] RBP: ffffffff8b49d680 R08: 0000000000000001 R09: 0000000000000000 [ 857.273453][ C0] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000001 [ 857.273466][ C0] R13: 0000000000000001 R14: 0000000000000003 R15: 0000000000000001 [ 857.273481][ C0] ? unwind_next_frame+0xebe/0x23a0 [ 857.273506][ C0] unwind_next_frame+0xebe/0x23a0 [ 857.273528][ C0] ? shrink_dcache_for_umount+0xa1/0x3e0 [ 857.273560][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 857.273583][ C0] arch_stack_walk+0x100/0x170 [ 857.273608][ C0] ? generic_shutdown_super+0x76/0x3d0 [ 857.273639][ C0] stack_trace_save+0x95/0xd0 [ 857.273661][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 857.273685][ C0] kasan_save_stack+0x33/0x60 [ 857.273709][ C0] ? kasan_save_stack+0x33/0x60 [ 857.273732][ C0] ? __kasan_record_aux_stack+0xba/0xd0 [ 857.273763][ C0] ? __call_rcu_common.constprop.0+0x9a/0x790 [ 857.273788][ C0] ? destroy_inode+0x12c/0x1b0 [ 857.273812][ C0] ? iput.part.0+0x5a8/0x7f0 [ 857.273835][ C0] ? iput+0x5c/0x80 [ 857.273856][ C0] ? dentry_unlink_inode+0x29c/0x480 [ 857.273881][ C0] ? __dentry_kill+0x1d0/0x600 [ 857.273907][ C0] ? shrink_dentry_list+0x140/0x5d0 [ 857.273970][ C0] ? shrink_dcache_parent+0xe2/0x530 [ 857.273999][ C0] ? shrink_dcache_for_umount+0xa1/0x3e0 [ 857.274039][ C0] __kasan_record_aux_stack+0xba/0xd0 [ 857.274070][ C0] ? __pfx_i_callback+0x10/0x10 [ 857.274101][ C0] __call_rcu_common.constprop.0+0x9a/0x790 [ 857.274126][ C0] ? __destroy_inode+0x2db/0x750 [ 857.274150][ C0] ? __pfx_proc_free_inode+0x10/0x10 [ 857.274178][ C0] destroy_inode+0x12c/0x1b0 [ 857.274203][ C0] iput.part.0+0x5a8/0x7f0 [ 857.274227][ C0] ? __pfx_generic_delete_inode+0x10/0x10 [ 857.274260][ C0] iput+0x5c/0x80 [ 857.274282][ C0] dentry_unlink_inode+0x29c/0x480 [ 857.274309][ C0] __dentry_kill+0x1d0/0x600 [ 857.274336][ C0] ? shrink_dentry_list+0x11a/0x5d0 [ 857.274365][ C0] shrink_dentry_list+0x140/0x5d0 [ 857.274396][ C0] ? shrink_dcache_parent+0x75/0x530 [ 857.274426][ C0] shrink_dcache_parent+0xe2/0x530 [ 857.274457][ C0] ? __pfx_shrink_dcache_parent+0x10/0x10 [ 857.274490][ C0] shrink_dcache_for_umount+0xa1/0x3e0 [ 857.274521][ C0] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 857.274555][ C0] generic_shutdown_super+0x76/0x3d0 [ 857.274586][ C0] kill_anon_super+0x3a/0x60 [ 857.274616][ C0] proc_kill_sb+0x99/0x110 [ 857.274646][ C0] deactivate_locked_super+0xbe/0x1a0 [ 857.274678][ C0] deactivate_super+0xde/0x100 [ 857.274710][ C0] cleanup_mnt+0x222/0x450 [ 857.274739][ C0] task_work_run+0x14e/0x250 [ 857.274766][ C0] ? __pfx_task_work_run+0x10/0x10 [ 857.274792][ C0] ? switch_task_namespaces+0xe0/0x110 [ 857.274826][ C0] do_exit+0xaa3/0x2bb0 [ 857.274850][ C0] ? get_signal+0x8f2/0x2770 [ 857.274881][ C0] ? __pfx_do_exit+0x10/0x10 [ 857.274904][ C0] ? do_raw_spin_lock+0x12d/0x2c0 [ 857.274941][ C0] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 857.274972][ C0] do_group_exit+0xd3/0x2a0 [ 857.274996][ C0] get_signal+0x25fd/0x2770 [ 857.275027][ C0] ? __schedule+0x3a31/0x5490 [ 857.275058][ C0] ? lockdep_hardirqs_on+0x7c/0x110 [ 857.275091][ C0] ? __pfx_get_signal+0x10/0x10 [ 857.275122][ C0] ? __pfx_rcu_core+0x10/0x10 [ 857.275149][ C0] arch_do_signal_or_restart+0x90/0x7e0 [ 857.275177][ C0] ? handle_softirqs+0x5be/0x8f0 [ 857.275214][ C0] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 857.275244][ C0] ? trace_irq_enable.constprop.0+0x36/0x130 [ 857.275274][ C0] irqentry_exit_to_user_mode+0x13f/0x280 [ 857.275297][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 857.275326][ C0] RIP: 0033:0x7f7ad3438803 [ 857.275342][ C0] Code: Unable to access opcode bytes at 0x7f7ad34387d9. [ 857.275351][ C0] RSP: 002b:00007ffe2aacc708 EFLAGS: 00000206 [ 857.275368][ C0] RAX: 00000000813cdeac RBX: 00007f7ad4235720 RCX: ffffffff81307eac [ 857.275383][ C0] RDX: 0000000000001eac RSI: ffffffff813cdeac RDI: 00000000000000ff [ 857.275398][ C0] RBP: 0000000000000000 R08: 00007f7ad36f0000 R09: 00007f7ad36f2000 [ 857.275412][ C0] R10: 00000000813cdeb0 R11: 00000000000000ff R12: ffffffff813cd437 [ 857.275427][ C0] R13: 00007f7ad3705f40 R14: 0000000000000008 R15: 00000000000336f0 [ 857.275442][ C0] ? __orc_find+0xd7/0x130 [ 857.275463][ C0] ? ksys_ioperm+0x1cc/0x4f0 [ 857.275492][ C0] ? stack_access_ok+0x22c/0x270 [ 857.275514][ C0] [ 858.907615][ T31] Kernel panic - not syncing: hung_task: blocked tasks [ 858.914494][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.10.0-syzkaller-12888-g5437f30d3458 #0 [ 858.924693][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 858.935292][ T31] Call Trace: [ 858.938590][ T31] [ 858.941534][ T31] dump_stack_lvl+0x3d/0x1f0 [ 858.946181][ T31] panic+0x6f5/0x7a0 [ 858.950096][ T31] ? __pfx_panic+0x10/0x10 [ 858.954596][ T31] ? preempt_schedule_thunk+0x1a/0x30 [ 858.959996][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 858.966026][ T31] ? preempt_schedule_thunk+0x1a/0x30 [ 858.971421][ T31] ? watchdog+0xd8a/0x1280 [ 858.975862][ T31] ? watchdog+0xd7d/0x1280 [ 858.980303][ T31] watchdog+0xd9b/0x1280 [ 858.984606][ T31] ? __pfx_watchdog+0x10/0x10 [ 858.989314][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 858.994545][ T31] ? __kthread_parkme+0x148/0x220 [ 858.999605][ T31] ? __pfx_watchdog+0x10/0x10 [ 859.004308][ T31] kthread+0x2c1/0x3a0 [ 859.008415][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 859.013645][ T31] ? __pfx_kthread+0x10/0x10 [ 859.018338][ T31] ret_from_fork+0x45/0x80 [ 859.022784][ T31] ? __pfx_kthread+0x10/0x10 [ 859.027388][ T31] ret_from_fork_asm+0x1a/0x30 [ 859.032184][ T31] [ 859.036692][ T31] Kernel Offset: disabled [ 859.041013][ T31] Rebooting in 86400 seconds..