last executing test programs: 8m38.107489999s ago: executing program 2 (id=11496): r0 = openat$smackfs_access(0xffffff9c, &(0x7f0000001140)='/sys/fs/smackfs/access2\x00', 0x2, 0x0) write$smackfs_access(r0, 0x0, 0x3e) preadv(r0, &(0x7f0000000600)=[{&(0x7f0000000380)=""/9, 0x9}, {0x0}], 0x2, 0x8, 0xb) 8m37.987039339s ago: executing program 2 (id=11499): r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) ioctl$sock_ifreq(r0, 0x8910, &(0x7f0000000000)={'veth0_vlan\x00', @ifru_ivalue=0x4}) ioctl$sock_netdev_private(r0, 0x89f3, &(0x7f0000000000)) 8m37.860873777s ago: executing program 2 (id=11502): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000fc0), 0xffffffffffffffff) sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000001c00)={0x2c, r1, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@WGDEVICE_A_IFNAME={0x14, 0x2, 'wg2\x00'}, @WGDEVICE_A_PEERS={0x4}]}, 0x2c}}, 0x20048084) 8m37.811259161s ago: executing program 2 (id=11504): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$nfs4(&(0x7f0000000040)='/', &(0x7f0000000080)='./file0\x00', 0x0, 0x197841, 0x0) mount_setattr(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x8100, &(0x7f0000000000)={0x0, 0x0, 0x20000}, 0x20) 8m37.68077638s ago: executing program 2 (id=11506): r0 = socket$tipc(0x1e, 0x5, 0x0) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000280)={0x41}, 0x10) sendmsg$tipc(r0, &(0x7f0000000240)={&(0x7f0000000000)=@name={0x1e, 0x2, 0x3, {{0x42, 0x2}, 0x4}}, 0x10, 0x0}, 0x0) 8m37.454159973s ago: executing program 2 (id=11508): r0 = fsopen(&(0x7f0000000100)='gadgetfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) fsmount(r0, 0x0, 0x0) 8m37.178587523s ago: executing program 32 (id=11508): r0 = fsopen(&(0x7f0000000100)='gadgetfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) fsmount(r0, 0x0, 0x0) 4m17.911175102s ago: executing program 1 (id=16079): r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) sendfile(r0, r0, 0x0, 0x40040f63c) ioprio_set$uid(0x3, 0x0, 0x0) 4m16.612493871s ago: executing program 1 (id=16102): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)={0x8c, 0x0, 0x1, 0x0, 0x0, 0x0, {}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @ipv4={'\x00', '\xff\xff', @dev}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @private2}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x8c}, 0x1, 0xfffff000}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000600)={&(0x7f00000001c0)=ANY=[@ANYBLOB="980000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="800000deff000000700012800e0001006970366772657461700000005c000280050008004000000006000f00810000000800140006000000060011004e2000000800040008000000060003000600000004001200140007"], 0x98}}, 0x0) 4m16.351777925s ago: executing program 1 (id=16107): r0 = socket$packet(0x11, 0x2, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendto$packet(r0, &(0x7f0000000080)="18", 0x4c, 0x804, &(0x7f00000000c0)={0x11, 0xc, r1, 0x1, 0x7}, 0x14) 4m16.140826995s ago: executing program 1 (id=16112): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000002500), r0) sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r0, &(0x7f0000002640)={0x0, 0x0, &(0x7f0000002600)={&(0x7f0000002540)={0x3c, r1, 0x1, 0x70bd27, 0x25dfdbfc, {}, [@NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010101}}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @mcast1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8010}, 0x4040) 4m16.008899951s ago: executing program 1 (id=16116): r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x10) symlinkat(&(0x7f00000011c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00') 4m15.857318136s ago: executing program 1 (id=16119): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000940)={{0x14}, [@NFT_MSG_NEWRULE={0x48, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2, 0x0, 0xfffe}, [@NFTA_RULE_EXPRESSIONS={0x1c, 0x4, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x11}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0x70}}, 0x0) 3m59.652380515s ago: executing program 33 (id=16119): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000940)={{0x14}, [@NFT_MSG_NEWRULE={0x48, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2, 0x0, 0xfffe}, [@NFTA_RULE_EXPRESSIONS={0x1c, 0x4, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x11}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0x70}}, 0x0) 2m51.820445399s ago: executing program 4 (id=17299): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$vsock_stream(0x28, 0x1, 0x0) getsockname(r1, &(0x7f00000014c0)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000001540)=0x80) sendmsg$nl_route_sched(r0, &(0x7f00000099c0)={0x0, 0x0, &(0x7f0000009980)={&(0x7f0000009100)=@delchain={0x24, 0x65, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2}}, 0x24}}, 0x0) 2m51.669484907s ago: executing program 4 (id=17300): r0 = io_uring_setup(0x30d5, &(0x7f0000000000)) close_range(r0, 0xffffffffffffffff, 0x0) io_setup(0x3, &(0x7f0000000180)=0x0) io_getevents(r1, 0x2, 0x2, &(0x7f0000000080)=[{}, {}], 0x0) 2m51.421196874s ago: executing program 4 (id=17304): inotify_init() write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x7, 0x3, 0x6, 0xfffa}, 0x1d, [0x8000, 0xc95a, 0xf, 0x9, 0x80, 0x2, 0x3, 0x7f, 0x6, 0x4d, 0x39cc191a, 0x5f, 0x9, 0x5, 0xffff2d39, 0xffffff01, 0x6, 0x3, 0x0, 0x5, 0x4, 0x7, 0x9, 0x3c5b, 0x1, 0x24, 0x9, 0x1, 0x1f461e2c, 0x2, 0xe661, 0x4, 0x7, 0x3, 0x7fff, 0x4c74, 0x80000000, 0x242, 0x3, 0xe, 0x0, 0x71, 0x7, 0x7, 0x1, 0x9, 0x5, 0x1, 0x8f, 0x6, 0x6, 0x0, 0x5, 0x4, 0x8, 0x0, 0x80, 0x0, 0x4, 0x6, 0x200008, 0x4, 0x1, 0x40], [0x10000007, 0xffff, 0x8000012f, 0x8000, 0x10, 0xfffffff3, 0x129432e6, 0xff, 0xf9, 0xe, 0x2bf, 0x6c9, 0x9, 0xfffffffc, 0x3, 0x0, 0xa, 0x5, 0x2f, 0xe, 0x312, 0x78, 0xea4, 0x2000003, 0x4, 0x8fee, 0x8000, 0x209, 0x400, 0x401, 0x6, 0x1, 0x35, 0x5, 0x3, 0x5f31, 0x4, 0xffffffff, 0x2, 0x2, 0x200009, 0x4, 0x9, 0x8, 0xe, 0x10001, 0x7, 0x8000, 0x1, 0xfe000000, 0xffff, 0x2, 0x7f, 0x9, 0x3, 0x3, 0xd, 0x0, 0x7, 0x3, 0x7, 0x48c93690, 0x42, 0x2], [0x7, 0x4, 0x0, 0x5, 0xfffffffe, 0x100, 0x8da, 0x7ff, 0x5, 0x7fff, 0x0, 0x1, 0x200b, 0x4, 0x100005, 0x5, 0x0, 0x4, 0x5, 0xfffffbff, 0x86, 0x1, 0x9, 0x3e7, 0x9, 0x5, 0x2, 0x40000002, 0x3, 0x8, 0x4, 0x6d00, 0x1, 0x39, 0x800003, 0x200, 0x80, 0x3, 0x4, 0x2950bfaf, 0x1000, 0xa2, 0x7, 0x5, 0x1, 0x7fffffff, 0xac8, 0x2, 0x2, 0x6, 0x7ff, 0xfffffff9, 0x0, 0x1, 0xffff, 0x0, 0x6, 0x1c, 0x6, 0x3, 0x6, 0xa2ed, 0x4, 0x25], [0x9, 0xbb31, 0x4, 0xb, 0x5, 0x938, 0xa, 0x3, 0x0, 0x5, 0xce7, 0x1ff, 0x2, 0x7, 0x5, 0x3, 0x9, 0x10000, 0x6, 0x7fff, 0xffff, 0xa620, 0x2, 0x5, 0x8, 0x2, 0x14c, 0x60a7, 0x6, 0x6, 0xffffffff, 0x80000000, 0x0, 0x8, 0xc8, 0xee1, 0xfffff000, 0xffff, 0x4003, 0x7e, 0x100, 0x9602, 0x7, 0x2, 0x8, 0x7f, 0x1, 0x10080, 0x5, 0x8, 0x30b1d693, 0x9, 0xc, 0x7, 0x1, 0x6c1b, 0x0, 0x0, 0x5, 0xb1e, 0x1, 0x200, 0xfdff3441, 0xfff]}, 0x45c) unshare(0x22020600) ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0) 2m51.347059742s ago: executing program 4 (id=17305): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$bind(&(0x7f0000000280)='.\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(&(0x7f0000000040)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0) mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000480)='./file0/file0\x00', 0x0, 0x2000, 0x0) 2m51.264721415s ago: executing program 4 (id=17307): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x20000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) rmdir(0x0) 2m50.963239568s ago: executing program 4 (id=17311): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.stat\x00', 0x275a, 0x0) fsetxattr$security_ima(r0, &(0x7f0000000080), &(0x7f0000000280)=ANY=[@ANYBLOB="0415"], 0x8, 0x1) write$sndseq(r0, &(0x7f0000000140)=[{0x7, 0xa4, 0x0, 0x5, @tick=0x401, {0x59, 0x1}, {}, @addr={0x80, 0x1}}], 0x1c) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0) 2m50.721059484s ago: executing program 34 (id=17311): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.stat\x00', 0x275a, 0x0) fsetxattr$security_ima(r0, &(0x7f0000000080), &(0x7f0000000280)=ANY=[@ANYBLOB="0415"], 0x8, 0x1) write$sndseq(r0, &(0x7f0000000140)=[{0x7, 0xa4, 0x0, 0x5, @tick=0x401, {0x59, 0x1}, {}, @addr={0x80, 0x1}}], 0x1c) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0) 2m4.923200936s ago: executing program 6 (id=17989): r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x2e, &(0x7f0000000180)=0x7b, 0x4) shutdown(r0, 0x0) recvmmsg(r0, &(0x7f00000066c0), 0xa0d, 0x0, 0x0) 2m4.735219306s ago: executing program 6 (id=17992): r0 = socket$inet6_sctp(0xa, 0x801, 0x84) sendto$inet6(r0, &(0x7f0000000040)="aa", 0x1, 0x0, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) shutdown(r0, 0x1) listen(r0, 0x6) 2m4.628081209s ago: executing program 6 (id=17995): r0 = syz_io_uring_setup(0xe41, &(0x7f0000000140)={0x0, 0x2119, 0x1000}, &(0x7f0000000240)=0x0, &(0x7f00000001c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f00000004c0)={0x40102, 0x0, 0x3d}, &(0x7f0000000040)='./file0/file0\x00', 0xff52}) io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0) 2m4.317754466s ago: executing program 6 (id=17999): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262) 2m4.174638762s ago: executing program 6 (id=18001): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x1, 0x1, 0x4, 0x4, 0x0, 0xffffffffffffffff, 0x20, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000000000000850000008600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000040)={r2}, 0xc) 2m3.744740095s ago: executing program 6 (id=18008): bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000300)='cpu.weight.nice\x00', 0x2, 0x0) write$cgroup_subtree(r1, &(0x7f00000000c0)=ANY=[], 0x51) 2m3.485826209s ago: executing program 35 (id=18008): bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000300)='cpu.weight.nice\x00', 0x2, 0x0) write$cgroup_subtree(r1, &(0x7f00000000c0)=ANY=[], 0x51) 4.114412133s ago: executing program 7 (id=19818): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz1\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x7, [0x8000, 0xc95a, 0xf, 0x8, 0xdf, 0x2, 0x3, 0x7f, 0x20000006, 0x4d, 0x806, 0x5e, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x6, 0x3, 0x0, 0x5, 0x4, 0x0, 0x800, 0x3c5b, 0x1, 0x24, 0xd, 0x1, 0x0, 0xffffffff, 0xe661, 0x4, 0x7, 0x3, 0x8, 0x4, 0x80000000, 0x242, 0x3, 0xe, 0x0, 0x80008071, 0x7, 0x17, 0x1, 0x7, 0x5, 0x3e, 0x8f, 0x6, 0x6, 0xc57, 0x5, 0x4, 0x8, 0x3ff, 0x80, 0x0, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0x9, 0x8000012f, 0x8004, 0x5, 0xfffffff3, 0x129432e6, 0xc8, 0xf9, 0xe, 0x2bf, 0x6ca, 0x9, 0x6, 0x3, 0x0, 0x0, 0x5, 0x2f, 0xe, 0x312, 0x78, 0xea4, 0x0, 0x4, 0x7, 0x7fff, 0x6, 0x400, 0x401, 0x6, 0x1, 0xff, 0x5, 0x1000005, 0x5f31, 0xd, 0x4e0, 0x2, 0x4, 0xb, 0x4, 0x9, 0xa, 0x9, 0x6, 0x47, 0x8000, 0x1, 0xfe000000, 0x7e78, 0x2, 0x4, 0x9, 0x3, 0x5, 0x9, 0x1, 0x3, 0x3, 0xbc45, 0x48c93690, 0x42, 0x3], [0x7, 0x408, 0x4, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x5, 0x5, 0x0, 0x1ef, 0x7, 0xc4, 0x86, 0x3, 0x303c, 0x1, 0xb, 0x5, 0x2, 0x2, 0x3, 0x20000008, 0x4, 0x2, 0x6, 0x38, 0x800003, 0x200, 0x80, 0x3, 0x4, 0x2950bfaf, 0x1000, 0xa2, 0x7, 0xa9, 0x5, 0x6, 0xac8, 0xbf, 0x2, 0x3, 0x7ff, 0x12b, 0x4, 0x1, 0xa, 0x0, 0x5, 0x1c, 0x120000, 0x3, 0x2006, 0x80a2ed, 0x4, 0x25], [0x8, 0xbb33, 0x7, 0xb, 0x5, 0x1ff, 0x6, 0x6, 0x0, 0xb9, 0xce7, 0x1ff, 0x2, 0x56, 0x5, 0x3, 0x20101, 0x10000, 0x4, 0x7fff, 0xffff, 0xa620, 0x1, 0x5, 0x1, 0x2, 0x14c, 0x60a7, 0x6, 0x16, 0xffffffff, 0x80000000, 0x5, 0x4, 0xc8, 0x1, 0x5, 0x10000, 0x3, 0x7e, 0x100, 0x9602, 0x7, 0xaf, 0x8, 0x6, 0x226, 0x5, 0x5, 0x8, 0x30b1d693, 0xa1f, 0xf40, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1e, 0xd7, 0x200, 0xffff3441, 0xfff]}, 0x45c) syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0) 3.889212649s ago: executing program 7 (id=19822): r0 = socket(0x10, 0x3, 0x0) r1 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth1_vlan\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f0000000800)=@newqdisc={0x58, 0x24, 0xf0b, 0x70bd2d, 0x25dfdc02, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x0, 0xc}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0xb, 0x6, 0x8, 0xb, 0x1, 0x4c47e143, 0x6db}}, {0x4}}]}]}, 0x58}}, 0x80) 3.679302332s ago: executing program 7 (id=19826): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000080)='blkio.throttle.read_iops_device\x00', 0x2, 0x0) preadv(r1, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/186, 0xba}], 0x1, 0x0, 0x0) 3.384770195s ago: executing program 7 (id=19829): r0 = io_uring_setup(0x6ddd, &(0x7f00000002c0)) write$FUSE_LK(0xffffffffffffffff, &(0x7f0000000040)={0x28, 0x0, 0x0, {{0x0, 0xfffffffffffe}}}, 0x28) io_uring_register$IORING_REGISTER_FILES_UPDATE2(r0, 0xd, &(0x7f0000000140)={0x7, 0x0, 0x0, 0x0}, 0x20) io_uring_register$IORING_REGISTER_FILES_UPDATE2(r0, 0xe, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000040)=[{0x0, 0xffffffff00000000}], &(0x7f0000000100), 0x7}, 0x20) 3.174259072s ago: executing program 7 (id=19835): bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='&'], 0x48) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0xa, 0x200, 0x7, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000140)={r0, &(0x7f0000000a40)='&', &(0x7f0000000040)=""/98}, 0x20) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000140)={r0, &(0x7f0000000000), &(0x7f0000000040)=""/89}, 0x20) 2.985151677s ago: executing program 7 (id=19840): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000000000020bd28940000000000000109022400010000000009040100010300000009210000000122070009058103"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f00000000c0)={0x2c, &(0x7f0000000000)={0x0, 0x0, 0x7, {0x7, 0x10, "12273a0500"}}, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) 1.914656845s ago: executing program 0 (id=19859): r0 = socket$kcm(0x10, 0x2, 0x4) close(r0) socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000011c0)=[{&(0x7f00000001c0)="5c00000011006bcc9e3be35c6e17aa31076f876c1d0000007ea60864160af36514001ac008000f0007000200060004c00364bc24eab556a705251e618294ff0051f60a84c9f4d4938037e786a6d0001000000e4509c5bbcd72c6c953", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x240400d0) 1.765118747s ago: executing program 0 (id=19861): openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x9, 0x1b, 0x8, 0x40, 0x42, 0x1, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100), &(0x7f0000000580), 0x1000, r0}, 0x38) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000001600)={r0, &(0x7f0000000580), &(0x7f0000001580)=""/92}, 0x20) 1.724102774s ago: executing program 3 (id=19863): r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) listen(r0, 0x7) r1 = socket$netlink(0x10, 0x3, 0x4) writev(r1, &(0x7f0000000000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560a84476080ffe00600000001590000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x40b}], 0x1) 1.544638958s ago: executing program 3 (id=19864): r0 = syz_open_dev$radio(&(0x7f0000000000), 0xffffffffffffffff, 0x2) io_setup(0x8, &(0x7f0000004200)=0x0) io_submit(r1, 0x1, &(0x7f0000004540)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}]) ioctl$VIDIOC_S_EXT_CTRLS(r0, 0xc0205648, &(0x7f00000001c0)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000080)={0xf0f041, 0x0, '\x00', @ptr}}) 1.504865437s ago: executing program 5 (id=19865): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000300)=@framed, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000001c0)='kfree\x00', r0}, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='user.incfs.metadata\x00') 1.445808832s ago: executing program 8 (id=19866): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={[{@dyn}]}) chdir(&(0x7f00000000c0)='./file0\x00') mkdir(&(0x7f0000000240)='./bus\x00', 0x1e2) 1.418638366s ago: executing program 0 (id=19867): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x7, 0x4008032, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) r0 = socket$phonet_pipe(0x23, 0x5, 0x2) ioctl$sock_proto_private(r0, 0x89ef, &(0x7f0000004bc0)) 1.245858982s ago: executing program 8 (id=19868): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0xe, 0x4, 0x4, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r1, 0x2000300, 0xe, 0x0, &(0x7f0000000000)="63eced8e46dc3f0adf3389f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) 1.224298149s ago: executing program 5 (id=19869): r0 = socket(0x1e, 0x4, 0x0) setsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f0000000480), 0x4) recvmmsg(r0, &(0x7f00000000c0)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000002c0)=""/55, 0x37}], 0x1, 0x0, 0x1800}}], 0x1, 0x0, 0x0) sendmsg$tipc(r0, &(0x7f00000004c0)={&(0x7f00000003c0)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x4}}, 0x10, 0x0}, 0x8) 1.223874964s ago: executing program 3 (id=19870): r0 = socket$nl_crypto(0x10, 0x3, 0x15) sendmsg$nl_crypto(r0, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="e00000001500000029bd7000000000006469676573745f6e756c6c2d67656e65726963"], 0xe0}, 0x1, 0x0, 0x0, 0x20008800}, 0x0) sendmsg$DEVLINK_CMD_RATE_NEW(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000000000000000000004c0000000c00a6000000000000000000080001"], 0x3c}}, 0x0) sendmsg$nl_crypto(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="f0000000120003"], 0xf0}}, 0x0) 1.043359488s ago: executing program 3 (id=19871): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="2c00000013000100000000000000000007000000", @ANYRES32=r2, @ANYBLOB="00000000000000000c001a800800058004000380"], 0x2c}}, 0x0) 1.025627014s ago: executing program 8 (id=19872): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_ACCT_NEW(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x20, 0x0, 0x7, 0x401, 0x0, 0x0, {}, [@NFACCT_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x48d5}, 0x8010) sendmsg$NFNL_MSG_ACCT_NEW(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000240)={0x0}}, 0x0) sendmsg$NFNL_MSG_ACCT_DEL(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000500)={0x14, 0x3, 0x7, 0x301, 0x0, 0x0, {0x5}}, 0x14}}, 0x4040000) 960.036284ms ago: executing program 5 (id=19873): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x48882, 0x0) r1 = dup(r0) fallocate(r1, 0x11, 0x0, 0x74000) 892.413673ms ago: executing program 3 (id=19874): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = dup(r0) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000200)={0x2, 0x11b2943a, 0x0, 0x6, 0x11, "9425c9c45686ce80a96b72e3d3c4e7780b80ea"}) write$UHID_INPUT(r1, &(0x7f0000001300)={0xc, {"a2e3ad214fc752f91b4847f70e06d038e7ff7fc6e5539b3f6d078b089b3b1b3872090890e0878f0e1ac6e7049b3367959b669a240d5b67f3988f7e0319520100ffe8d178708c523c921b1b5b31300d095d0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4040d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a4d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d606495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07840900000000000000f5c8f4ceb360c7e658828163e2d25c4aa348561f097e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f028dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c000003716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f22b625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a605fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b611fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47afed367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0xfffffffffffffebd}}, 0x1006) 883.050761ms ago: executing program 8 (id=19875): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000100)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10) r1 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000380)='/proc/asound/card1/oss_mixer\x00', 0x1, 0x0) writev(r1, &(0x7f0000000180)=[{0x0}, {&(0x7f0000000000)="d6", 0x1}], 0x2) 772.768229ms ago: executing program 5 (id=19876): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0xbfa35000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(0xffffffffffffffff, 0x13, 0x0, 0x2) 735.614931ms ago: executing program 8 (id=19877): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="01000000000000008702"]) 672.91048ms ago: executing program 3 (id=19878): connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e) r0 = getpid() process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) 480.850878ms ago: executing program 8 (id=19879): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0xffffe000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) r0 = openat$ttyS3(0xffffff9c, &(0x7f0000000b00), 0x1, 0x0) ioctl$TIOCSERGETLSR(r0, 0x5459, &(0x7f0000003ec0)) 402.850474ms ago: executing program 0 (id=19880): mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x180000a, 0x31, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0) mbind(&(0x7f00005f7000/0x2000)=nil, 0x2000, 0x0, 0x0, 0x0, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0) 195.233574ms ago: executing program 0 (id=19881): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f00000001c0)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_NEW_SEC_KEY(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000040)={0x20, r1, 0x5eae78d9c54e9d3f, 0xfffffffd, 0x25dfdbfe, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}, @NL802154_ATTR_SEC_KEY={0x4}]}, 0x20}}, 0x10) 112.297382ms ago: executing program 5 (id=19882): r0 = openat$smackfs_relabel_self(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0) write$smackfs_labels_list(r0, &(0x7f0000000340)=ANY=[@ANYBLOB='$$! @ $'], 0x10) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000300)='attr/current\x00') writev(r1, &(0x7f00000015c0)=[{&(0x7f00000000c0)='w', 0x1}], 0x1) 32.890505ms ago: executing program 5 (id=19883): r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2) ppoll(&(0x7f0000000280)=[{r0, 0x540}], 0x1, 0x0, 0x0, 0x0) r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2) ioctl$vim2m_VIDIOC_G_FMT(r1, 0xc0285629, &(0x7f0000000080)={0x3, @win={{0x2}, 0x7, 0x0, &(0x7f0000000040), 0x0, 0x0}}) 0s ago: executing program 0 (id=19884): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x181040, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000004c0)=ANY=[@ANYBLOB="010000004000000080000040"]) kernel console output (not intermixed with test programs): length: 249 > 4 [ 1041.591692][ T5832] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 1041.599535][ T5832] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 1042.313254][ T30] smc: removing net device bond0 with user defined pnetid S [ 1042.323190][ T30] bond0 (unregistering): (slave 1): Releasing backup interface [ 1042.333706][ T30] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1042.348551][ T30] bond0 (unregistering): Released all slaves [ 1042.362981][ T30] bond1 (unregistering): Released all slaves [ 1042.380323][T15538] netlink: 24 bytes leftover after parsing attributes in process `syz.0.17046'. [ 1042.486266][ T30] tipc: Disabling bearer [ 1042.511578][T15570] netlink: 'syz.6.17058': attribute type 4 has an invalid length. [ 1042.519564][ T30] tipc: Left network mode [ 1042.581253][T15528] wg1 speed is unknown, defaulting to 1000 [ 1042.655189][T15528] XD_h3KI speed is unknown, defaulting to 1000 [ 1042.798367][ T30] mac80211_hwsim hwsim7 wlan0 (unregistering): left allmulticast mode [ 1042.819213][ T30] mac80211_hwsim hwsim7 wlan0 (unregistering): left promiscuous mode [ 1043.420995][T15646] netlink: 12 bytes leftover after parsing attributes in process `syz.5.17074'. [ 1043.583325][ T30] hsr_slave_0: left promiscuous mode [ 1043.596965][ T30] hsr_slave_1: left promiscuous mode [ 1043.615653][ T30] macvtap0: left promiscuous mode [ 1043.727490][ T30] pim6reg (unregistering): left allmulticast mode [ 1043.795499][ T5135] Bluetooth: hci2: command tx timeout [ 1044.088770][T15739] netlink: 8 bytes leftover after parsing attributes in process `syz.0.17085'. [ 1044.114806][ C1] hrtimer: interrupt took 25622 ns [ 1044.485323][ T30] hsr0 (unregistering): left allmulticast mode [ 1045.802709][T15528] chnl_net:caif_netlink_parms(): no params data found [ 1046.017976][ T5135] Bluetooth: hci2: command tx timeout [ 1046.143240][T15808] can0: slcan on ttyS3. [ 1046.143353][T15528] bridge0: port 1(bridge_slave_0) entered blocking state [ 1046.158145][T15528] bridge0: port 1(bridge_slave_0) entered disabled state [ 1046.165455][T15528] bridge_slave_0: entered allmulticast mode [ 1046.194980][T15528] bridge_slave_0: entered promiscuous mode [ 1046.219383][T15528] bridge0: port 2(bridge_slave_1) entered blocking state [ 1046.238466][T15528] bridge0: port 2(bridge_slave_1) entered disabled state [ 1046.253038][T15528] bridge_slave_1: entered allmulticast mode [ 1046.265001][T15528] bridge_slave_1: entered promiscuous mode [ 1046.329928][T15851] netlink: 8 bytes leftover after parsing attributes in process `syz.0.17103'. [ 1046.361957][T15826] can0 (unregistered): slcan off ttyS3. [ 1046.437610][T15528] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1046.483761][T15528] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1046.534803][ T30] IPVS: stop unused estimator thread 0... [ 1046.633237][T15528] team0: Port device team_slave_0 added [ 1046.659103][T15528] team0: Port device team_slave_1 added [ 1046.798976][T15528] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1046.806461][T15528] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1046.851612][T15528] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1046.874069][T15528] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1046.881072][T15528] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1046.937481][T15528] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1047.174181][T15528] hsr_slave_0: entered promiscuous mode [ 1047.180723][T15528] hsr_slave_1: entered promiscuous mode [ 1047.197073][T15981] netlink: 8 bytes leftover after parsing attributes in process `syz.3.17116'. [ 1047.216306][T15528] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1047.225781][T15981] netlink: 16 bytes leftover after parsing attributes in process `syz.3.17116'. [ 1047.246040][T15528] Cannot create hsr debugfs directory [ 1047.665185][ T5875] usb 4-1: new high-speed USB device number 57 using dummy_hcd [ 1047.851272][ T5875] usb 4-1: New USB device found, idVendor=055f, idProduct=c230, bcdDevice=b6.ac [ 1047.860779][ T5875] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1047.875109][ T5875] usb 4-1: Product: syz [ 1047.890057][ T5875] usb 4-1: Manufacturer: syz [ 1047.894698][ T5875] usb 4-1: SerialNumber: syz [ 1047.906451][ T5875] usb 4-1: config 0 descriptor?? [ 1047.915158][ T5875] gspca_main: sunplus-2.14.0 probing 055f:c230 [ 1048.079027][T15528] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 1048.117466][T15528] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 1048.137648][T15528] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 1048.147566][T15528] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 1048.243121][ T5135] Bluetooth: hci2: command tx timeout [ 1048.271556][T15528] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1048.353477][T15528] 8021q: adding VLAN 0 to HW filter on device team0 [ 1048.397502][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 1048.404684][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1048.451501][ T1135] bridge0: port 2(bridge_slave_1) entered blocking state [ 1048.458713][ T1135] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1048.533946][T15528] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1048.803670][ T5875] gspca_sunplus: reg_r err -71 [ 1048.809128][ T5875] sunplus 4-1:0.0: probe with driver sunplus failed with error -71 [ 1048.820467][ T5875] usb 4-1: USB disconnect, device number 57 [ 1048.999684][T15528] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1049.696961][T15528] veth0_vlan: entered promiscuous mode [ 1049.744673][T16143] sch_fq: defrate 13850 ignored. [ 1049.760751][T15528] veth1_vlan: entered promiscuous mode [ 1049.833531][T15528] veth0_macvtap: entered promiscuous mode [ 1049.860578][T15528] veth1_macvtap: entered promiscuous mode [ 1049.902930][T15528] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1049.923021][T15528] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1049.953953][T15528] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1049.971726][T15528] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1049.983905][T15528] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1050.020800][T15528] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1050.046715][T15528] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1050.071831][T15528] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1050.099898][T15528] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1050.111119][T15528] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1050.155262][T15528] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1050.165902][T15528] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1050.192570][T15528] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1050.224762][T15528] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1050.468288][ T5135] Bluetooth: hci2: command tx timeout [ 1050.477485][ T1135] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1050.534501][ T1135] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1050.621072][ T5893] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1050.653164][ T5893] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1050.874435][T16190] netlink: 12 bytes leftover after parsing attributes in process `syz.5.17153'. [ 1051.406784][ T31] kauditd_printk_skb: 76 callbacks suppressed [ 1051.406805][ T31] audit: type=1326 audit(2000000880.122:6959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16220 comm="syz.4.17164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f811818d169 code=0x7ffc0000 [ 1051.461873][ T31] audit: type=1326 audit(2000000880.122:6960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16220 comm="syz.4.17164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f811818d169 code=0x7ffc0000 [ 1051.485084][ T31] audit: type=1326 audit(2000000880.122:6961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16220 comm="syz.4.17164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f811818d169 code=0x7ffc0000 [ 1051.557136][ T31] audit: type=1326 audit(2000000880.169:6962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16220 comm="syz.4.17164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f811818d169 code=0x7ffc0000 [ 1051.601192][ T5875] usb 4-1: new high-speed USB device number 58 using dummy_hcd [ 1051.624046][ T31] audit: type=1326 audit(2000000880.178:6963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16220 comm="syz.4.17164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f811818d169 code=0x7ffc0000 [ 1051.689475][ T31] audit: type=1326 audit(2000000880.178:6964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16220 comm="syz.4.17164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=427 compat=0 ip=0x7f811818d169 code=0x7ffc0000 [ 1051.743753][ T31] audit: type=1326 audit(2000000880.178:6965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16220 comm="syz.4.17164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f811818d169 code=0x7ffc0000 [ 1051.793671][ T5875] usb 4-1: Using ep0 maxpacket: 8 [ 1051.804135][ T31] audit: type=1326 audit(2000000880.178:6966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16220 comm="syz.4.17164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f811818d169 code=0x7ffc0000 [ 1051.825716][ T5875] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1051.848387][ T5875] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 1051.857493][ T5875] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1051.885539][ T31] audit: type=1326 audit(2000000880.178:6967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16220 comm="syz.4.17164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=427 compat=0 ip=0x7f811818d169 code=0x7ffc0000 [ 1051.909804][ T5875] usb 4-1: config 0 descriptor?? [ 1051.958800][ T31] audit: type=1326 audit(2000000880.178:6968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16220 comm="syz.4.17164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f811818d169 code=0x7ffc0000 [ 1052.287208][ T5875] iowarrior 4-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 1052.369044][ T5875] usb 4-1: USB disconnect, device number 58 [ 1053.928805][T16310] bridge0: entered promiscuous mode [ 1053.950946][T16310] bridge0: port 3(macsec1) entered blocking state [ 1053.974644][T16310] bridge0: port 3(macsec1) entered disabled state [ 1054.018069][T16316] dlm: no local IP address has been set [ 1054.023912][T16316] dlm: cannot start dlm midcomms -107 [ 1054.040122][T16310] macsec1: entered allmulticast mode [ 1054.045744][T16310] bridge0: entered allmulticast mode [ 1054.067581][T16310] macsec1: left allmulticast mode [ 1054.081741][T16310] bridge0: left allmulticast mode [ 1054.099171][T16310] bridge0: left promiscuous mode [ 1054.194763][T16326] input: syz0 as /devices/virtual/input/input130 [ 1055.402971][T16388] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 1055.486789][T16392] trusted_key: encrypted_key: keyword 'upcate' not recognized [ 1055.508966][T16395] netlink: 8 bytes leftover after parsing attributes in process `syz.3.17224'. [ 1056.756648][ T31] kauditd_printk_skb: 956 callbacks suppressed [ 1056.756671][ T31] audit: type=1326 audit(2000000885.114:7925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16399 comm="syz.4.17226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8118129359 code=0x7ffc0000 [ 1056.835490][ T31] audit: type=1326 audit(2000000885.114:7926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16399 comm="syz.4.17226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8118129359 code=0x7ffc0000 [ 1056.924667][ T31] audit: type=1326 audit(2000000885.114:7927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16399 comm="syz.4.17226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8118129359 code=0x7ffc0000 [ 1057.034934][ T31] audit: type=1326 audit(2000000885.114:7928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16399 comm="syz.4.17226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8118129359 code=0x7ffc0000 [ 1057.086938][ T5135] block nbd3: Receive control failed (result -32) [ 1057.087619][T16418] block nbd3: shutting down sockets [ 1057.120934][ T31] audit: type=1326 audit(2000000885.114:7929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16399 comm="syz.4.17226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8118129359 code=0x7ffc0000 [ 1057.120980][ T31] audit: type=1326 audit(2000000885.114:7930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16399 comm="syz.4.17226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8118129359 code=0x7ffc0000 [ 1057.387841][ T31] audit: type=1326 audit(2000000885.114:7931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16399 comm="syz.4.17226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8118129359 code=0x7ffc0000 [ 1057.464768][ T31] audit: type=1326 audit(2000000885.114:7932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16399 comm="syz.4.17226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8118129359 code=0x7ffc0000 [ 1057.526023][T16438] netlink: 8 bytes leftover after parsing attributes in process `syz.3.17237'. [ 1057.559015][ T31] audit: type=1326 audit(2000000885.114:7933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16399 comm="syz.4.17226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8118129359 code=0x7ffc0000 [ 1057.612650][ T31] audit: type=1326 audit(2000000885.114:7934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16399 comm="syz.4.17226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8118129359 code=0x7ffc0000 [ 1057.876205][T16449] netlink: 92 bytes leftover after parsing attributes in process `syz.5.17244'. [ 1058.003086][T16454] netlink: 'syz.3.17245': attribute type 1 has an invalid length. [ 1058.067768][T16454] netlink: 224 bytes leftover after parsing attributes in process `syz.3.17245'. [ 1059.871636][T13745] usb 6-1: new high-speed USB device number 38 using dummy_hcd [ 1060.044594][T13745] usb 6-1: Using ep0 maxpacket: 8 [ 1060.059774][T13745] usb 6-1: config 179 has an invalid interface number: 65 but max is 0 [ 1060.068798][T13745] usb 6-1: config 179 has no interface number 0 [ 1060.083272][T13745] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 1060.095007][T16533] block nbd3: NBD_DISCONNECT [ 1060.104705][T13745] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 1060.145372][T13745] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 1060.163396][T13745] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 1060.178327][T13745] usb 6-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 1060.192750][T13745] usb 6-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 1060.202005][T13745] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1060.213409][T16510] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22 [ 1060.496141][ T5820] input: Generic X-Box pad as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:179.65/input/input131 [ 1060.716326][ T2640] usb 6-1: USB disconnect, device number 38 [ 1060.716442][ C0] xpad 6-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 1060.730759][ T2640] xpad 6-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 1060.731279][ C0] dummy_hcd dummy_hcd.5: timer fired with no URBs pending? [ 1060.971272][ T5820] usb 4-1: new high-speed USB device number 59 using dummy_hcd [ 1061.121347][ T2640] kernel write not supported for file /snd/seq (pid: 2640 comm: kworker/1:1) [ 1061.137666][ T5820] usb 4-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 1061.157889][ T5820] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1061.181854][ T5820] usb 4-1: config 0 descriptor?? [ 1061.199398][ T5820] gspca_main: cpia1-2.14.0 probing 0813:0001 [ 1061.436788][T16596] input: syz1 as /devices/virtual/input/input132 [ 1061.630309][ T5820] cpia1 4-1:0.0: unexpected state after lo power cmd: 00 [ 1062.063485][ T5820] gspca_cpia1: usb_control_msg 02, error -71 [ 1062.071155][ T5820] cpia1 4-1:0.0: only firmware version 1 is supported (got: 0) [ 1062.092091][ T5820] usb 4-1: USB disconnect, device number 59 [ 1062.770780][ T12] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1062.956595][ T12] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1063.208170][ T12] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1063.387944][T16670] 9p: Unknown Cache mode or invalid value PL [ 1063.411549][ T12] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1063.459379][ T5832] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 1063.471990][ T5832] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 1063.489852][ T5832] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 1063.500564][ T5832] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 1063.509348][ T5832] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 1063.516963][ T5832] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 1063.610287][T16671] XD_h3KI speed is unknown, defaulting to 1000 [ 1063.846694][ T12] bridge_slave_1: left allmulticast mode [ 1063.863536][ T12] bridge_slave_1: left promiscuous mode [ 1063.869346][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 1063.988917][ T12] bridge_slave_0: left allmulticast mode [ 1063.994812][ T12] bridge_slave_0: left promiscuous mode [ 1064.036441][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 1065.118257][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1065.149086][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1065.185054][ T12] bond0 (unregistering): Released all slaves [ 1065.553785][T16768] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 1065.699027][ T5135] Bluetooth: hci2: command tx timeout [ 1065.720366][ T5820] usb 4-1: new high-speed USB device number 60 using dummy_hcd [ 1065.864816][T16671] chnl_net:caif_netlink_parms(): no params data found [ 1065.902140][ T5820] usb 4-1: Using ep0 maxpacket: 32 [ 1065.937076][ T5820] usb 4-1: config 0 has an invalid interface number: 51 but max is 0 [ 1065.981799][ T5820] usb 4-1: config 0 has no interface number 0 [ 1066.005724][ T5820] usb 4-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 1066.018686][ T5820] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1066.034815][ T5820] usb 4-1: Product: syz [ 1066.039165][ T5820] usb 4-1: Manufacturer: syz [ 1066.049132][ T5820] usb 4-1: SerialNumber: syz [ 1066.062211][ T5820] usb 4-1: config 0 descriptor?? [ 1066.120751][ T5820] quatech2 4-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 1066.341500][ T5820] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 1066.394484][T16671] bridge0: port 1(bridge_slave_0) entered blocking state [ 1066.413589][ T5820] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 1066.428157][T16671] bridge0: port 1(bridge_slave_0) entered disabled state [ 1066.447946][T16671] bridge_slave_0: entered allmulticast mode [ 1066.455955][T16671] bridge_slave_0: entered promiscuous mode [ 1066.483801][ T12] hsr_slave_0: left promiscuous mode [ 1066.510959][ T12] hsr_slave_1: left promiscuous mode [ 1066.519157][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1066.535234][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1066.546542][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1066.563195][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1066.567117][T16759] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1066.620094][T16759] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1066.684677][ T12] veth1_macvtap: left promiscuous mode [ 1066.715214][ T12] veth0_macvtap: left promiscuous mode [ 1066.730263][ T12] veth1_vlan: left promiscuous mode [ 1066.735770][ T12] veth0_vlan: left promiscuous mode [ 1066.889542][ T5873] usb 4-1: USB disconnect, device number 60 [ 1066.889550][ C0] usb 4-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 1066.929344][ T5873] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 1066.974593][ T5873] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 1067.000574][ T5873] quatech2 4-1:0.51: device disconnected [ 1067.106863][ T31] kauditd_printk_skb: 1315 callbacks suppressed [ 1067.106883][ T31] audit: type=1326 audit(2000000894.800:9250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16961 comm="syz.5.17354" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f580f18d169 code=0x0 [ 1067.867871][ T12] team0 (unregistering): Port device team_slave_1 removed [ 1067.932495][ T12] team0 (unregistering): Port device team_slave_0 removed [ 1067.934552][ T5135] Bluetooth: hci2: command tx timeout [ 1068.570614][T16671] bridge0: port 2(bridge_slave_1) entered blocking state [ 1068.580509][T16671] bridge0: port 2(bridge_slave_1) entered disabled state [ 1068.592325][T16671] bridge_slave_1: entered allmulticast mode [ 1068.601100][T16671] bridge_slave_1: entered promiscuous mode [ 1068.607878][T16968] netlink: 12 bytes leftover after parsing attributes in process `syz.6.17356'. [ 1068.783679][T16671] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1068.824641][T16671] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1068.976922][T16671] team0: Port device team_slave_0 added [ 1069.011750][T16671] team0: Port device team_slave_1 added [ 1069.142281][T16671] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1069.175826][T16671] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1069.224886][T16671] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1069.304838][T16671] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1069.325958][T16671] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1069.380091][T16671] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1069.554679][T16671] hsr_slave_0: entered promiscuous mode [ 1069.563328][T16671] hsr_slave_1: entered promiscuous mode [ 1069.569900][T16671] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1069.589439][T16671] Cannot create hsr debugfs directory [ 1069.949716][T17185] mkiss: ax0: crc mode is auto. [ 1069.997927][T16671] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 1070.024209][T16671] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 1070.052913][T16671] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 1070.116771][T16671] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 1070.148678][ T5135] Bluetooth: hci2: command tx timeout [ 1070.351429][T16671] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1070.373266][T16671] 8021q: adding VLAN 0 to HW filter on device team0 [ 1070.389411][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 1070.396591][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1070.418319][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 1070.425461][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1070.516775][T16671] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1070.565889][ T5820] usb 6-1: new high-speed USB device number 39 using dummy_hcd [ 1070.744392][ T5820] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1070.779676][ T5820] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 1070.795267][ T5820] usb 6-1: config 1 has no interface number 0 [ 1070.815391][ T5820] usb 6-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 1070.843850][ T5820] usb 6-1: config 1 interface 1 has no altsetting 0 [ 1070.864765][ T5820] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1070.878227][T16671] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1070.885117][ T5820] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1070.901296][ T5820] usb 6-1: Product: syz [ 1070.910871][ T5820] usb 6-1: Manufacturer: syz [ 1070.921542][ T5820] usb 6-1: SerialNumber: syz [ 1071.374053][ T5820] usb 6-1: USB disconnect, device number 39 [ 1071.606669][T16671] veth0_vlan: entered promiscuous mode [ 1071.633689][T16671] veth1_vlan: entered promiscuous mode [ 1071.664440][T16671] veth0_macvtap: entered promiscuous mode [ 1071.686949][T16671] veth1_macvtap: entered promiscuous mode [ 1071.736636][T16671] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1071.760881][T16671] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1071.771482][T16671] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1071.789764][T16671] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1071.803647][T16671] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1071.825144][T16671] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1071.852905][T16671] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1071.874965][T16671] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1071.906759][T16671] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1071.933946][T16671] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1071.974740][T16671] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1071.995266][T16671] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1072.014638][T16671] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1072.028695][T16671] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1072.340369][ T53] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1072.373760][ T5135] Bluetooth: hci2: command tx timeout [ 1072.383675][ T53] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1072.498401][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1072.527238][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1075.254295][T17404] input: syz0 as /devices/virtual/input/input133 [ 1076.103456][T17460] unknown channel width for channel at 909000KHz? [ 1076.137638][T17462] ip6tnl1: entered promiscuous mode [ 1076.150541][T17462] ip6tnl1: entered allmulticast mode [ 1076.232846][T17466] netlink: zone id is out of range [ 1076.241502][T17466] netlink: set zone limit has 8 unknown bytes [ 1076.249805][T17472] netlink: 60 bytes leftover after parsing attributes in process `syz.3.17462'. [ 1076.640553][T17490] mac80211_hwsim hwsim34 wlan0: entered promiscuous mode [ 1076.665723][T17490] macsec2: entered promiscuous mode [ 1076.671365][T17490] macsec2: entered allmulticast mode [ 1076.678860][T17490] mac80211_hwsim hwsim34 wlan0: entered allmulticast mode [ 1076.705664][ T5873] usb 4-1: new high-speed USB device number 61 using dummy_hcd [ 1076.872464][ T5873] usb 4-1: Using ep0 maxpacket: 8 [ 1076.879959][ T5873] usb 4-1: config index 0 descriptor too short (expected 301, got 45) [ 1076.888460][ T5873] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 1076.908837][ T5873] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 1076.921644][ T5873] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 1076.932609][ T5873] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1076.946498][ T5873] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 1076.955964][ T5873] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1077.233686][ T5873] usb 4-1: GET_CAPABILITIES returned 0 [ 1077.239252][ T5873] usbtmc 4-1:16.0: can't read capabilities [ 1077.445622][ T5820] usb 4-1: USB disconnect, device number 61 [ 1080.008785][T17645] wireguard1: entered promiscuous mode [ 1080.019486][T17645] wireguard1: entered allmulticast mode [ 1081.798576][ T5873] kernel write not supported for file /uinput (pid: 5873 comm: kworker/1:3) [ 1082.232352][ T31] audit: type=1800 audit(2000000908.936:9251): pid=17751 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.0.17573" name=20019C1437B3CFFCC3A25729EB7393A7C721518FF6ECA56673F56C7B548772D22972A7D6084F9A98F5323A22F412C0542BCD9F767C8DD5B24476638E93D8D6A0C536D278E3633A dev="mqueue" ino=141475 res=0 errno=0 [ 1082.770627][T17760] tap0: tun_chr_ioctl cmd 2147767511 [ 1083.193514][T17774] netlink: 8 bytes leftover after parsing attributes in process `syz.7.17581'. [ 1083.232577][T17774] vlan2: entered allmulticast mode [ 1083.256011][T17774] dummy0: entered allmulticast mode [ 1083.274932][T17778] sch_tbf: burst 0 is lower than device lo mtu (39799) ! [ 1083.317017][T17781] trusted_key: encrypted_key: keyword 'load' not allowed when called from .update method [ 1083.979263][T17812] netem: incorrect ge model size [ 1083.985057][T17812] netem: change failed [ 1084.232812][T17822] tipc: Started in network mode [ 1084.237918][T17822] tipc: Node identity ac14140f, cluster identity 4711 [ 1084.245196][T17822] tipc: New replicast peer: 255.255.255.255 [ 1084.273385][T17822] tipc: Enabled bearer , priority 11 [ 1084.860228][T17847] netlink: 40 bytes leftover after parsing attributes in process `syz.7.17612'. [ 1085.466537][T13745] tipc: Node number set to 2886997007 [ 1086.115206][T17897] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 1086.420294][T17916] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 1086.728586][ T2640] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 1086.921876][ T2640] usb 8-1: Using ep0 maxpacket: 32 [ 1086.932321][ T2640] usb 8-1: config 0 has an invalid interface number: 85 but max is 0 [ 1086.940545][ T2640] usb 8-1: config 0 has no interface number 0 [ 1086.957697][ T2640] usb 8-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1086.979743][ T2640] usb 8-1: config 0 interface 85 has no altsetting 0 [ 1087.000358][ T2640] usb 8-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72 [ 1087.015053][ T2640] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1087.038025][ T2640] usb 8-1: Product: syz [ 1087.042248][ T2640] usb 8-1: Manufacturer: syz [ 1087.058411][ T2640] usb 8-1: SerialNumber: syz [ 1087.069839][ T2640] usb 8-1: config 0 descriptor?? [ 1087.095278][ T5832] Bluetooth: hci2: command 0x0405 tx timeout [ 1087.625244][T17957] netlink: 312 bytes leftover after parsing attributes in process `syz.0.17656'. [ 1087.734420][ T2640] appletouch 8-1:0.85: Geyser mode initialized. [ 1087.752767][ T2640] input: appletouch as /devices/platform/dummy_hcd.7/usb8/8-1/8-1:0.85/input/input134 [ 1087.965059][ T2640] usb 8-1: USB disconnect, device number 2 [ 1087.965204][ C0] appletouch 8-1:0.85: atp_complete: usb_submit_urb failed with result -19 [ 1088.019944][ T2640] appletouch 8-1:0.85: input: appletouch disconnected [ 1089.316425][ T5832] Bluetooth: hci2: command 0x0405 tx timeout [ 1089.657010][T18039] XD_h3KI speed is unknown, defaulting to 1000 [ 1089.968947][ T2640] usb 4-1: new high-speed USB device number 62 using dummy_hcd [ 1090.166734][ T2640] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0 [ 1090.192749][ T2640] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8E has invalid maxpacket 0 [ 1090.222895][ T2640] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 1090.268454][ T2640] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0xA has invalid maxpacket 0 [ 1090.309534][ T2640] usb 4-1: New USB device found, idVendor=05ab, idProduct=0301, bcdDevice= 1.00 [ 1090.321810][ T2640] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1090.363410][ T2640] usb 4-1: Product: syz [ 1090.372372][ T2640] usb 4-1: Manufacturer: syz [ 1090.387328][ T2640] usb 4-1: SerialNumber: syz [ 1090.449171][ T2640] usb 4-1: config 0 descriptor?? [ 1090.467878][ T2640] ums-isd200 4-1:0.0: USB Mass Storage device detected [ 1090.491295][T18075] XD_h3KI speed is unknown, defaulting to 1000 [ 1090.720179][ T2640] scsi host1: usb-storage 4-1:0.0 [ 1090.929636][ T5974] usb 4-1: USB disconnect, device number 62 [ 1093.331015][T18217] netlink: 4 bytes leftover after parsing attributes in process `syz.0.17728'. [ 1093.927113][T18249] netlink: 596 bytes leftover after parsing attributes in process `syz.0.17743'. [ 1093.976173][T18251] input: syz0 as /devices/virtual/input/input135 [ 1095.138916][ T31] audit: type=1326 audit(2000000921.005:9252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18301 comm="syz.6.17762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f789bf8d169 code=0x7ffc0000 [ 1095.196231][ T31] audit: type=1326 audit(2000000921.005:9253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18301 comm="syz.6.17762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f789bf8d169 code=0x7ffc0000 [ 1095.266507][ T31] audit: type=1326 audit(2000000921.005:9254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18301 comm="syz.6.17762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=189 compat=0 ip=0x7f789bf8d169 code=0x7ffc0000 [ 1095.319681][ T31] audit: type=1326 audit(2000000921.005:9255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18301 comm="syz.6.17762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f789bf8d169 code=0x7ffc0000 [ 1095.394553][ T31] audit: type=1326 audit(2000000921.005:9256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18301 comm="syz.6.17762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f789bf8d169 code=0x7ffc0000 [ 1095.466812][ T31] audit: type=1326 audit(2000000921.005:9257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18301 comm="syz.6.17762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=191 compat=0 ip=0x7f789bf8d169 code=0x7ffc0000 [ 1095.523438][ T31] audit: type=1326 audit(2000000921.005:9258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18301 comm="syz.6.17762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f789bf8d169 code=0x7ffc0000 [ 1095.546475][ T31] audit: type=1326 audit(2000000921.005:9259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18301 comm="syz.6.17762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f789bf8d169 code=0x7ffc0000 [ 1096.184198][T18348] netlink: 28 bytes leftover after parsing attributes in process `syz.7.17779'. [ 1097.106095][T18390] IPVS: set_ctl: invalid protocol: 41 172.20.20.28:20001 [ 1097.138102][T18390] Non-string source [ 1097.164335][T18394] netlink: 'syz.5.17795': attribute type 1 has an invalid length. [ 1097.319092][T18398] netlink: 24 bytes leftover after parsing attributes in process `syz.5.17798'. [ 1097.339013][T18398] bridge: RTM_NEWNEIGH with unconfigured vlan 16 on bridge0 [ 1097.458906][T18402] netlink: 4 bytes leftover after parsing attributes in process `syz.6.17800'. [ 1097.474340][T18407] netlink: 72 bytes leftover after parsing attributes in process `syz.0.17803'. [ 1098.414073][T18441] loop9: detected capacity change from 0 to 7 [ 1098.444890][T18441] Dev loop9: unable to read RDB block 7 [ 1098.469386][T18441] loop9: unable to read partition table [ 1098.494911][T18441] loop9: partition table beyond EOD, truncated [ 1098.508818][T18441] loop_reread_partitions: partition scan of loop9 (被x󟣑 ) failed (rc=-5) [ 1098.626874][T18451] netlink: 12 bytes leftover after parsing attributes in process `syz.3.17819'. [ 1099.124920][ T5820] usb 6-1: new high-speed USB device number 40 using dummy_hcd [ 1099.260653][T18473] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1099.289434][ T5820] usb 6-1: Using ep0 maxpacket: 32 [ 1099.314077][ T5820] usb 6-1: config 0 interface 0 has no altsetting 0 [ 1099.322252][ T5820] usb 6-1: New USB device found, idVendor=056a, idProduct=037a, bcdDevice= 0.00 [ 1099.353826][ T5820] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1099.356703][ T5820] usb 6-1: config 0 descriptor?? [ 1099.513428][T18491] cifs: Unknown parameter 'mode' [ 1099.796900][ T5820] wacom 0003:056A:037A.0054: Unknown device_type for 'HID 056a:037a'. Assuming pen. [ 1099.818008][ T5820] wacom 0003:056A:037A.0054: hidraw0: USB HID v0.07 Device [HID 056a:037a] on usb-dummy_hcd.5-1/input0 [ 1099.842783][ T5820] input: Wacom One by Wacom S Pen as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:056A:037A.0054/input/input136 [ 1100.020027][ T5820] usb 6-1: USB disconnect, device number 40 [ 1101.046251][T18580] netlink: 24 bytes leftover after parsing attributes in process `syz.0.17862'. [ 1101.850125][T18613] netlink: 56 bytes leftover after parsing attributes in process `syz.0.17875'. [ 1102.026776][T18619] random: crng reseeded on system resumption [ 1102.349754][T18632] openvswitch: netlink: Duplicate or invalid key (type 0). [ 1102.378760][T18632] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 1102.870675][T18662] pimreg0: tun_chr_ioctl cmd 1074025677 [ 1102.876700][T18662] pimreg0: linktype set to 780 [ 1103.082524][ T5820] usb 6-1: new full-speed USB device number 41 using dummy_hcd [ 1103.256588][ T5820] usb 6-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43 [ 1103.278571][ T5820] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1103.304243][ T5820] usb 6-1: config 0 descriptor?? [ 1103.324136][ T5820] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state. [ 1103.529882][T18689] IPv6: addrconf: prefix option has invalid lifetime [ 1103.775657][T18695] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported [ 1103.805038][T18697] XD_h3KI speed is unknown, defaulting to 1000 [ 1103.967260][T18705] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1103.986820][ T5820] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 1104.004144][T18705] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1104.017181][ T5820] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19) [ 1104.025059][T18705] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1104.036256][T18709] loop2: detected capacity change from 0 to 1 [ 1104.052293][T18705] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1104.055180][T18709] Dev loop2: unable to read RDB block 1 [ 1104.069819][T18709] loop2: unable to read partition table [ 1104.075651][T18709] loop2: partition table beyond EOD, truncated [ 1104.079835][T18705] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1104.082099][T18709] loop_reread_partitions: partition scan of loop2 (被x ) failed (rc=-5) [ 1104.114458][T18705] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1104.148962][T18705] batadv_slave_0: entered promiscuous mode [ 1104.186238][T18705] batadv_slave_0: left promiscuous mode [ 1104.222820][ T5974] usb 6-1: USB disconnect, device number 41 [ 1104.481021][T18749] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null. [ 1104.490261][T18749] overlayfs: conflicting options: metacopy=off,verity=require [ 1105.611153][T18790] netlink: 8 bytes leftover after parsing attributes in process `syz.5.17934'. [ 1105.751877][T18795] netlink: 24 bytes leftover after parsing attributes in process `syz.0.17938'. [ 1105.755933][T18796] netlink: 16 bytes leftover after parsing attributes in process `syz.5.17937'. [ 1105.928294][T18801] tun0: tun_chr_ioctl cmd 1074025675 [ 1105.939732][T18801] tun0: persist disabled [ 1106.038669][T18813] netlink: 104 bytes leftover after parsing attributes in process `syz.7.17943'. [ 1106.130404][T18815] netlink: 8 bytes leftover after parsing attributes in process `syz.5.17944'. [ 1106.366667][T18825] netlink: 88 bytes leftover after parsing attributes in process `syz.0.17950'. [ 1106.671827][T18844] tap0: tun_chr_ioctl cmd 1074025677 [ 1106.681329][T18844] tap0: linktype set to 1 [ 1107.806621][T18904] CUSE: unknown device info "#! sched_switch" [ 1107.820227][T18904] CUSE: unknown device info "(" [ 1107.825781][T18904] CUSE: DEVNAME unspecified [ 1108.056422][ T2640] usb 6-1: new high-speed USB device number 42 using dummy_hcd [ 1108.247841][ T2640] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1108.270823][ T2640] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1108.280648][ T2640] usb 6-1: New USB device found, idVendor=06cb, idProduct=73f5, bcdDevice= 0.00 [ 1108.299521][ T2640] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1108.325535][ T2640] usb 6-1: config 0 descriptor?? [ 1108.338015][T18932] netlink: 'syz.7.17981': attribute type 1 has an invalid length. [ 1108.672735][T18950] netlink: 8 bytes leftover after parsing attributes in process `syz.3.17990'. [ 1108.775859][ T2640] itetech 0003:06CB:73F5.0055: unbalanced collection at end of report description [ 1108.787840][ T2640] itetech 0003:06CB:73F5.0055: probe with driver itetech failed with error -22 [ 1109.015456][ T5974] usb 6-1: USB disconnect, device number 42 [ 1109.240270][T18985] netlink: 'syz.3.17998': attribute type 8 has an invalid length. [ 1109.263066][T18985] netlink: 8 bytes leftover after parsing attributes in process `syz.3.17998'. [ 1109.610174][ T31] audit: type=1326 audit(2000000934.543:9260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18998 comm="syz.3.18004" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f72d6f8d169 code=0x0 [ 1109.743402][T19007] netlink: 8 bytes leftover after parsing attributes in process `syz.5.18006'. [ 1109.955562][T19017] overlayfs: disabling nfs_export due to verity=on [ 1110.237769][T19027] netlink: 8 bytes leftover after parsing attributes in process `syz.7.18015'. [ 1110.307229][T19027] netlink: 27 bytes leftover after parsing attributes in process `syz.7.18015'. [ 1110.633135][T19039] netlink: 48 bytes leftover after parsing attributes in process `syz.0.18019'. [ 1110.778925][ T5135] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1110.788878][ T5135] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1110.799420][ T5135] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1110.807637][ T5135] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1110.818307][ T5135] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 1110.831136][ T5135] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1110.876649][T19048] XD_h3KI speed is unknown, defaulting to 1000 [ 1111.009868][T19064] netlink: 8 bytes leftover after parsing attributes in process `syz.7.18026'. [ 1111.122907][T19073] netlink: 8 bytes leftover after parsing attributes in process `syz.0.18028'. [ 1111.269490][T19073] netlink: 4 bytes leftover after parsing attributes in process `syz.0.18028'. [ 1111.318859][T19073] netlink: 'syz.0.18028': attribute type 1 has an invalid length. [ 1111.334607][T19048] chnl_net:caif_netlink_parms(): no params data found [ 1111.357578][T19073] nbd: error processing sock list [ 1111.761746][T19048] bridge0: port 1(bridge_slave_0) entered blocking state [ 1111.769161][T19048] bridge0: port 1(bridge_slave_0) entered disabled state [ 1111.776521][T19048] bridge_slave_0: entered allmulticast mode [ 1111.784208][T19048] bridge_slave_0: entered promiscuous mode [ 1111.794793][T19048] bridge0: port 2(bridge_slave_1) entered blocking state [ 1111.802101][T19048] bridge0: port 2(bridge_slave_1) entered disabled state [ 1111.809453][T19048] bridge_slave_1: entered allmulticast mode [ 1111.816893][T19048] bridge_slave_1: entered promiscuous mode [ 1111.883334][T19048] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1111.896951][T19048] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1112.035115][T19048] team0: Port device team_slave_0 added [ 1112.063823][T19048] team0: Port device team_slave_1 added [ 1112.149749][T19048] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1112.167949][T19048] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1112.233872][T19048] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1112.384002][ T12] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1112.434635][T19048] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1112.454383][T19048] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1112.547117][T19048] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1112.686752][ T12] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1112.884261][ T12] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1112.933606][T19048] hsr_slave_0: entered promiscuous mode [ 1112.942328][T19048] hsr_slave_1: entered promiscuous mode [ 1112.950050][T19048] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1112.982481][T19048] Cannot create hsr debugfs directory [ 1113.019970][ T5832] Bluetooth: hci1: command tx timeout [ 1113.060990][T19387] netlink: 16 bytes leftover after parsing attributes in process `syz.3.18053'. [ 1113.138232][ T5873] usb 6-1: new high-speed USB device number 43 using dummy_hcd [ 1113.150158][ T12] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1113.240816][T19390] XD_h3KI speed is unknown, defaulting to 1000 [ 1113.308641][ T5873] usb 6-1: Using ep0 maxpacket: 32 [ 1113.328595][ T5873] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1113.350312][ T5873] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 1113.375079][ T5873] usb 6-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00 [ 1113.414188][ T5873] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1113.480522][ T5873] usb 6-1: config 0 descriptor?? [ 1113.750425][T19048] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 1113.807528][T19048] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 1113.879524][T19048] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 1113.933219][T19048] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 1113.990216][ T5873] uclogic 0003:28BD:0071.0056: interface is invalid, ignoring [ 1113.992797][ T12] bridge_slave_1: left allmulticast mode [ 1114.024920][ T12] bridge_slave_1: left promiscuous mode [ 1114.030705][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 1114.125071][ T12] bridge_slave_0: left allmulticast mode [ 1114.131329][ T12] bridge_slave_0: left promiscuous mode [ 1114.154773][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 1114.174976][T13745] usb 6-1: USB disconnect, device number 43 [ 1114.769089][T19508] cgroup: fork rejected by pids controller in /syz0 [ 1115.121922][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1115.167002][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1115.195749][ T12] bond0 (unregistering): Released all slaves [ 1115.245368][ T5832] Bluetooth: hci1: command tx timeout [ 1115.379587][ T12] tipc: Disabling bearer [ 1115.398593][ T12] tipc: Left network mode [ 1115.593443][T20636] random: crng reseeded on system resumption [ 1115.874898][T19048] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1115.988610][ T12] mac80211_hwsim hwsim34 wlan0 (unregistering): left allmulticast mode [ 1116.205325][T19048] 8021q: adding VLAN 0 to HW filter on device team0 [ 1116.295834][ T5893] bridge0: port 1(bridge_slave_0) entered blocking state [ 1116.302984][ T5893] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1116.397620][ T5893] bridge0: port 2(bridge_slave_1) entered blocking state [ 1116.405045][ T5893] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1116.603444][ T12] hsr_slave_0: left promiscuous mode [ 1116.623315][T20727] __nla_validate_parse: 1 callbacks suppressed [ 1116.623335][T20727] netlink: 47 bytes leftover after parsing attributes in process `syz.3.18077'. [ 1116.639863][ T12] hsr_slave_1: left promiscuous mode [ 1116.666454][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1116.674899][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1116.695714][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1116.710353][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1116.751578][ T12] veth1_macvtap: left promiscuous mode [ 1116.757472][ T12] veth0_macvtap: left promiscuous mode [ 1116.763542][ T12] veth1_vlan: left promiscuous mode [ 1116.768879][ T12] veth0_vlan: left promiscuous mode [ 1117.470853][ T5832] Bluetooth: hci1: command tx timeout [ 1117.477924][ T12] team0 (unregistering): Port device team_slave_1 removed [ 1117.538184][ T12] team0 (unregistering): Port device team_slave_0 removed [ 1118.187597][T20731] netlink: 8 bytes leftover after parsing attributes in process `syz.0.18079'. [ 1118.210073][T20731] bridge_slave_1: default FDB implementation only supports local addresses [ 1118.223963][T20735] netlink: 4 bytes leftover after parsing attributes in process `syz.5.18081'. [ 1118.629170][T19048] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1119.260918][T19048] veth0_vlan: entered promiscuous mode [ 1119.320147][T19048] veth1_vlan: entered promiscuous mode [ 1119.561451][T19048] veth0_macvtap: entered promiscuous mode [ 1119.627425][T19048] veth1_macvtap: entered promiscuous mode [ 1119.694648][ T5832] Bluetooth: hci1: command tx timeout [ 1119.717499][T19048] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1119.750057][T19048] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1119.779056][T19048] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1119.796967][T20796] netlink: 'syz.0.18101': attribute type 3 has an invalid length. [ 1119.811571][T19048] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1119.822363][T20796] netlink: 8 bytes leftover after parsing attributes in process `syz.0.18101'. [ 1119.858354][T19048] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1119.900618][T20796] netlink: 'syz.0.18101': attribute type 3 has an invalid length. [ 1119.917057][T20796] netlink: 8 bytes leftover after parsing attributes in process `syz.0.18101'. [ 1119.947039][T19048] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1119.993480][T19048] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1120.026447][T19048] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1120.046003][T19048] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1120.101775][T19048] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1120.125247][T19048] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1120.164837][T19048] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1120.192872][T19048] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1120.212932][T19048] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1120.235074][T20807] netlink: 28 bytes leftover after parsing attributes in process `syz.0.18105'. [ 1120.340407][T20807] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check. [ 1120.514865][ T2640] hid (null): unknown global tag 0xe [ 1120.522586][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1120.530683][ T2640] hid (null): unknown global tag 0xc [ 1120.547827][ T2640] hid (null): unknown global tag 0xd [ 1120.555023][ T2640] hid (null): unknown global tag 0xd [ 1120.560547][ T2640] hid (null): report_id 46516 is invalid [ 1120.570426][ T2640] hid-generic 0005:046D:0A0E.0057: unknown global tag 0xe [ 1120.577744][ T2640] hid-generic 0005:046D:0A0E.0057: item 0 2 1 14 parsing failed [ 1120.586636][ T2640] hid-generic 0005:046D:0A0E.0057: probe with driver hid-generic failed with error -22 [ 1120.603052][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1120.663562][T15709] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1120.687212][T15709] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1120.807226][T20837] netlink: 16 bytes leftover after parsing attributes in process `syz.7.18113'. [ 1120.974799][T20845] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 1121.461571][T20872] netlink: 'syz.3.18125': attribute type 10 has an invalid length. [ 1121.470128][T20872] netlink: 40 bytes leftover after parsing attributes in process `syz.3.18125'. [ 1121.479306][T20872] team0: entered promiscuous mode [ 1121.498481][T20872] team_slave_0: entered promiscuous mode [ 1121.520392][T20872] team_slave_1: entered promiscuous mode [ 1121.534082][T20872] team0: entered allmulticast mode [ 1121.545539][T20872] team_slave_0: entered allmulticast mode [ 1121.564119][T20872] team_slave_1: entered allmulticast mode [ 1121.582180][T20872] 8021q: adding VLAN 0 to HW filter on device team0 [ 1121.609211][T20872] bridge0: port 3(team0) entered blocking state [ 1121.622637][T20872] bridge0: port 3(team0) entered disabled state [ 1122.011389][T20892] vlan2: entered allmulticast mode [ 1122.026983][T20892] batadv0: entered allmulticast mode [ 1122.050199][T20892] batadv0: left allmulticast mode [ 1122.319434][T20908] netlink: 'syz.3.18139': attribute type 1 has an invalid length. [ 1122.433419][T20910] tap0: tun_chr_ioctl cmd 1074812118 [ 1123.168398][T20947] netlink: 12 bytes leftover after parsing attributes in process `syz.0.18152'. [ 1123.952570][T20967] netlink: 20 bytes leftover after parsing attributes in process `syz.5.18163'. [ 1124.040233][T20969] program syz.8.18165 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1124.588174][T20994] netlink: 12 bytes leftover after parsing attributes in process `syz.3.18176'. [ 1124.718636][T20998] input: syz1 as /devices/virtual/input/input140 [ 1124.986576][T21012] netlink: 8 bytes leftover after parsing attributes in process `syz.8.18181'. [ 1125.743153][T21052] netlink: 'syz.7.18195': attribute type 1 has an invalid length. [ 1126.699172][T21086] team0: entered promiscuous mode [ 1126.705728][T21086] team_slave_0: entered promiscuous mode [ 1126.712237][T21086] team_slave_1: entered promiscuous mode [ 1126.719452][T21081] team0: left promiscuous mode [ 1126.730980][T21081] team_slave_0: left promiscuous mode [ 1126.739186][T21081] team_slave_1: left promiscuous mode [ 1126.947614][T13745] usb 6-1: new high-speed USB device number 44 using dummy_hcd [ 1126.998641][T21101] netlink: 20 bytes leftover after parsing attributes in process `syz.0.18215'. [ 1127.120905][T13745] usb 6-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 1127.138656][T13745] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1127.166782][T13745] usb 6-1: config 0 descriptor?? [ 1127.180525][T13745] cp210x 6-1:0.0: cp210x converter detected [ 1127.332704][T21119] netlink: 32 bytes leftover after parsing attributes in process `syz.3.18222'. [ 1127.543600][ T31] audit: type=1326 audit(2000000011.527:9261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21125 comm="syz.7.18227" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3b32b8d169 code=0x0 [ 1127.628726][T13745] cp210x 6-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 1127.670173][T13745] usb 6-1: cp210x converter now attached to ttyUSB0 [ 1127.882253][T13745] usb 6-1: USB disconnect, device number 44 [ 1127.895169][T13745] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 1127.972692][T13745] cp210x 6-1:0.0: device disconnected [ 1128.210381][T21182] random: crng reseeded on system resumption [ 1128.517601][T21191] netlink: 16 bytes leftover after parsing attributes in process `syz.7.18243'. [ 1128.591972][T21193] overlayfs: missing 'workdir' [ 1129.398653][T21225] ALSA: mixer_oss: invalid OSS volume '' [ 1129.480742][T13745] usb 6-1: new high-speed USB device number 45 using dummy_hcd [ 1129.652037][T13745] usb 6-1: unable to get BOS descriptor or descriptor too short [ 1129.668027][T13745] usb 6-1: unable to read config index 0 descriptor/start: -71 [ 1129.689579][T13745] usb 6-1: can't read configurations, error -71 [ 1129.879915][ T31] audit: type=1326 audit(2000000001.169:9262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21213 comm="syz.7.18252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b32b8d169 code=0x7fc00000 [ 1130.150926][T21260] trusted_key: syz.7.18268 sent an empty control message without MSG_MORE. [ 1130.219203][T21269] netlink: 'syz.0.18271': attribute type 18 has an invalid length. [ 1130.447591][ T5873] usb 4-1: new high-speed USB device number 63 using dummy_hcd [ 1130.613857][ T5873] usb 4-1: Using ep0 maxpacket: 16 [ 1130.623454][ T5873] usb 4-1: config 0 has an invalid interface number: 1 but max is 0 [ 1130.634559][ T5873] usb 4-1: config 0 has no interface number 0 [ 1130.644416][ T5873] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1130.657238][ T5873] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1130.709048][T21286] netlink: 'syz.8.18277': attribute type 10 has an invalid length. [ 1130.717391][ T5873] usb 4-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00 [ 1130.733236][ T5873] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1130.735831][T21286] netlink: 40 bytes leftover after parsing attributes in process `syz.8.18277'. [ 1130.765387][ T5873] usb 4-1: config 0 descriptor?? [ 1130.788587][T21286] batman_adv: batadv0: Adding interface: virt_wifi0 [ 1130.799904][T21286] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1130.834892][T21286] batman_adv: batadv0: Interface activated: virt_wifi0 [ 1131.427899][ T5873] uclogic 0003:28BD:0071.0058: pen parameters not found [ 1131.451683][ T5873] uclogic 0003:28BD:0071.0058: interface is invalid, ignoring [ 1131.677032][T13745] usb 4-1: USB disconnect, device number 63 [ 1132.298854][ T31] audit: type=1326 audit(2000000003.432:9263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21361 comm="syz.5.18303" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f580f18d169 code=0x0 [ 1133.735750][ T5876] usb 6-1: new high-speed USB device number 47 using dummy_hcd [ 1133.908116][ T5876] usb 6-1: Using ep0 maxpacket: 8 [ 1133.918658][ T5876] usb 6-1: config 179 has an invalid interface number: 65 but max is 0 [ 1133.942175][ T5876] usb 6-1: config 179 has no interface number 0 [ 1133.959569][ T5876] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 1133.971729][ T5876] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 1133.983332][ T5876] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 1134.019655][ T5876] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 1134.031377][ T5876] usb 6-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 1134.051805][ T5876] usb 6-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 1134.062001][ T5876] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1134.081241][T21410] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 1134.278802][T21445] input: syz0 as /devices/virtual/input/input141 [ 1134.336251][ T5876] input: Generic X-Box pad as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:179.65/input/input142 [ 1134.546967][ T5873] usb 6-1: USB disconnect, device number 47 [ 1134.553369][ C1] xpad 6-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 1134.553433][ C1] xpad 6-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 1134.596596][ T5873] xpad 6-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 1134.864129][T21481] syz_tun: entered promiscuous mode [ 1134.881735][T21481] syz_tun: left promiscuous mode [ 1135.854589][T21532] netlink: 12 bytes leftover after parsing attributes in process `syz.8.18356'. [ 1135.873747][T21532] netlink: 152 bytes leftover after parsing attributes in process `syz.8.18356'. [ 1136.513653][T21557] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 1137.146007][T13745] usb 6-1: new high-speed USB device number 48 using dummy_hcd [ 1137.334276][T21596] ref_ctr_offset mismatch. inode: 0x10e offset: 0x7 ref_ctr_offset(old): 0x2 ref_ctr_offset(new): 0x0 [ 1137.340005][T13745] usb 6-1: Using ep0 maxpacket: 16 [ 1137.385606][T13745] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 1137.404905][T13745] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 1137.429466][T13745] usb 6-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 1137.439306][T13745] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1137.447530][T13745] usb 6-1: Product: syz [ 1137.451958][T13745] usb 6-1: Manufacturer: syz [ 1137.457413][T13745] usb 6-1: SerialNumber: syz [ 1137.482113][T13745] usb 6-1: config 0 descriptor?? [ 1137.514650][T13745] em28xx 6-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 1137.552165][T13745] em28xx 6-1:0.0: Audio interface 0 found (Vendor Class) [ 1137.817123][T21627] trusted_key: encrypted key: instantiation of keys using provided decrypted data is disabled since CONFIG_USER_DECRYPTED_DATA is set to false [ 1137.935258][ T31] audit: type=1326 audit(2000000008.708:9264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21630 comm="syz.0.18393" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f116e98d169 code=0x0 [ 1137.976030][T21634] netlink: 830 bytes leftover after parsing attributes in process `syz.7.18394'. [ 1138.183098][T13745] em28xx 6-1:0.0: chip ID is em2874 [ 1138.428249][ T5974] usb 6-1: USB disconnect, device number 48 [ 1138.441716][ T5974] em28xx 6-1:0.0: Disconnecting em28xx [ 1138.467933][ T5974] em28xx 6-1:0.0: Freeing device [ 1139.459984][T21713] netlink: 4 bytes leftover after parsing attributes in process `syz.0.18424'. [ 1139.480638][T21713] netlink: 'syz.0.18424': attribute type 2 has an invalid length. [ 1139.495357][T21713] netlink: 4 bytes leftover after parsing attributes in process `syz.0.18424'. [ 1139.608825][T21723] openvswitch: netlink: nsh attribute has unmatched MD type 0. [ 1139.631255][T21723] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 1140.524101][ T31] audit: type=1326 audit(2000000011.112:9265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21757 comm="syz.5.18444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f580f18d169 code=0x7ffc0000 [ 1140.566078][T21763] netlink: 20 bytes leftover after parsing attributes in process `syz.7.18443'. [ 1140.610368][ T31] audit: type=1326 audit(2000000011.112:9266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21757 comm="syz.5.18444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f580f18d169 code=0x7ffc0000 [ 1140.663775][ T31] audit: type=1326 audit(2000000011.131:9267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21757 comm="syz.5.18444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f580f18d169 code=0x7ffc0000 [ 1140.739542][ T31] audit: type=1326 audit(2000000011.131:9268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21757 comm="syz.5.18444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f580f18d169 code=0x7ffc0000 [ 1140.792246][ T31] audit: type=1326 audit(2000000011.131:9269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21757 comm="syz.5.18444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f580f18d169 code=0x7ffc0000 [ 1140.868450][ T31] audit: type=1326 audit(2000000011.131:9270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21757 comm="syz.5.18444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f580f18d169 code=0x7ffc0000 [ 1140.951630][ T31] audit: type=1326 audit(2000000011.159:9271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21757 comm="syz.5.18444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f580f18d169 code=0x7ffc0000 [ 1141.014712][ T31] audit: type=1326 audit(2000000011.159:9272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21757 comm="syz.5.18444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=160 compat=0 ip=0x7f580f18d169 code=0x7ffc0000 [ 1141.116652][ T31] audit: type=1326 audit(2000000011.159:9273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21757 comm="syz.5.18444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f580f18d169 code=0x7ffc0000 [ 1141.343300][ T5832] Bluetooth: hci0: unexpected event for opcode 0x1004 [ 1141.611877][T21816] netlink: 60 bytes leftover after parsing attributes in process `syz.0.18465'. [ 1141.627270][T21816] netlink: 28 bytes leftover after parsing attributes in process `syz.0.18465'. [ 1141.745100][T21818] netlink: 11 bytes leftover after parsing attributes in process `syz.0.18467'. [ 1141.772602][T21818] netlink: 20 bytes leftover after parsing attributes in process `syz.0.18467'. [ 1142.195504][T21837] gretap0: left allmulticast mode [ 1142.269811][T21837] bridge0: port 2(bridge_slave_1) entered disabled state [ 1142.277308][T21837] bridge0: port 1(bridge_slave_0) entered disabled state [ 1142.492462][T21837] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1142.508692][T21837] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1142.535200][ T5832] Bluetooth: hci1: command tx timeout [ 1142.661206][T21837] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1142.670921][T21837] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1142.680289][T21837] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1142.690128][T21837] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1142.812032][T21837] netdevsim netdevsim5 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 1142.821750][T21837] netdevsim netdevsim5 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 1142.831101][T21837] netdevsim netdevsim5 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 1142.840851][T21837] netdevsim netdevsim5 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 1143.488906][T21877] netlink: 8 bytes leftover after parsing attributes in process `syz.7.18486'. [ 1143.922556][ T2640] kernel write not supported for file /input/mouse0 (pid: 2640 comm: kworker/1:1) [ 1145.702764][ T5832] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 1145.711746][ T5832] Bluetooth: hci0: Injecting HCI hardware error event [ 1145.725198][ T5832] Bluetooth: hci0: hardware error 0x00 [ 1145.867671][T21984] netlink: 4 bytes leftover after parsing attributes in process `syz.5.18530'. [ 1145.906033][T21984] bridge_slave_1: left allmulticast mode [ 1145.911747][T21984] bridge_slave_1: left promiscuous mode [ 1145.941188][T21984] bridge0: port 2(bridge_slave_1) entered disabled state [ 1145.983499][T21984] bridge_slave_0: left allmulticast mode [ 1146.015601][T21984] bridge_slave_0: left promiscuous mode [ 1146.033424][T21984] bridge0: port 1(bridge_slave_0) entered disabled state [ 1146.802672][T22020] vim2m vim2m.0: vidioc_s_fmt queue busy [ 1147.306026][T22044] lo: entered promiscuous mode [ 1147.314893][T22044] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1147.365140][T22048] netlink: 4 bytes leftover after parsing attributes in process `syz.3.18556'. [ 1147.922433][ T5832] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 1148.147531][T22067] bridge0: port 2(bridge_slave_1) entered disabled state [ 1148.155122][T22067] bridge0: port 1(bridge_slave_0) entered disabled state [ 1148.321469][T22067] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1148.337465][T22067] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1148.373903][T22067] batman_adv: batadv0: Interface deactivated: virt_wifi0 [ 1148.430440][T22067] netdevsim netdevsim8 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1148.440626][T22067] netdevsim netdevsim8 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1148.449648][T22067] netdevsim netdevsim8 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1148.458628][T22067] netdevsim netdevsim8 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1148.541979][ T5974] usb 6-1: new high-speed USB device number 49 using dummy_hcd [ 1148.712998][ T5974] usb 6-1: Using ep0 maxpacket: 16 [ 1148.725433][ T5974] usb 6-1: too many endpoints for config 1 interface 0 altsetting 0: 255, using maximum allowed: 30 [ 1148.737204][ T5974] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 1148.748544][ T5974] usb 6-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 1148.760552][ T5974] usb 6-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 8 [ 1148.790979][ T5974] usb 6-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 255 [ 1148.817631][ T5974] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1148.827143][ T5974] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 1148.841939][ T5974] usb 6-1: SerialNumber: syz [ 1148.850692][T22083] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 1148.866566][ T5974] cdc_acm 6-1:1.0: Control and data interfaces are not separated! [ 1148.885242][ T5974] cdc_acm 6-1:1.0: probe with driver cdc_acm failed with error -12 [ 1149.095195][ T5974] usb 6-1: USB disconnect, device number 49 [ 1149.278254][T22118] netlink: 24 bytes leftover after parsing attributes in process `syz.7.18583'. [ 1149.301187][T22118] netlink: 24 bytes leftover after parsing attributes in process `syz.7.18583'. [ 1149.310564][T22118] netlink: 'syz.7.18583': attribute type 4 has an invalid length. [ 1149.919906][T22142] loop4: detected capacity change from 0 to 524287999 [ 1149.964880][ C1] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1149.974448][ C1] Buffer I/O error on dev loop4, logical block 0, async page read [ 1150.000841][ C1] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1150.010076][ C1] Buffer I/O error on dev loop4, logical block 0, async page read [ 1150.034660][ C1] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1150.043985][ C1] Buffer I/O error on dev loop4, logical block 0, async page read [ 1150.060835][ C1] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1150.070047][ C1] Buffer I/O error on dev loop4, logical block 0, async page read [ 1150.079422][ C1] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1150.088728][ C1] Buffer I/O error on dev loop4, logical block 0, async page read [ 1150.100352][ C1] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1150.109578][ C1] Buffer I/O error on dev loop4, logical block 0, async page read [ 1150.118889][ C1] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1150.128113][ C1] Buffer I/O error on dev loop4, logical block 0, async page read [ 1150.136871][ C1] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1150.146075][ C1] Buffer I/O error on dev loop4, logical block 0, async page read [ 1150.154043][T22142] ldm_validate_partition_table(): Disk read failed. [ 1150.161527][ C1] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1150.170729][ C1] Buffer I/O error on dev loop4, logical block 0, async page read [ 1150.179305][ C0] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1150.188555][ C0] Buffer I/O error on dev loop4, logical block 0, async page read [ 1150.208479][T22142] Dev loop4: unable to read RDB block 0 [ 1150.233593][T22142] loop4: unable to read partition table [ 1150.239523][T22142] loop_reread_partitions: partition scan of loop4 (3 ) failed (rc=-5) [ 1150.842577][T22169] smc: net device ip_vti0 applied user defined pnetid SYZ0 [ 1150.874889][T22169] smc: net device bond0 erased user defined pnetid SYZ0 [ 1150.915387][T22169] smc: net device ip_vti0 erased user defined pnetid SYZ0 [ 1153.185891][T22244] input: syz0 as /devices/virtual/input/input143 [ 1153.690548][T22262] netlink: 56 bytes leftover after parsing attributes in process `syz.8.18638'. [ 1153.711187][T22262] netlink: 576 bytes leftover after parsing attributes in process `syz.8.18638'. [ 1154.142923][ T5832] Bluetooth: hci1: Received unexpected HCI Event 0x00 [ 1156.068288][T22288] netdevsim netdevsim0 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1156.080096][T22288] netdevsim netdevsim0 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1156.092844][T22288] netdevsim netdevsim0 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1156.103326][T22288] netdevsim netdevsim0 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1156.157764][T22298] netlink: 36 bytes leftover after parsing attributes in process `syz.8.18654'. [ 1156.763748][T22371] bond0: option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0) [ 1156.965629][T22381] vlan2: entered allmulticast mode [ 1156.982536][T22381] vlan1: entered allmulticast mode [ 1157.011345][T22381] vlan1: left allmulticast mode [ 1157.693251][T13745] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 1157.853572][T13745] usb 8-1: Using ep0 maxpacket: 16 [ 1157.867367][T13745] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1157.889533][T13745] usb 8-1: New USB device found, idVendor=0e8f, idProduct=0003, bcdDevice= 0.00 [ 1157.913581][T13745] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1157.934937][T13745] usb 8-1: config 0 descriptor?? [ 1158.416718][T13745] pantherlord 0003:0E8F:0003.0059: hidraw0: USB HID v0.03 Device [HID 0e8f:0003] on usb-dummy_hcd.7-1/input0 [ 1158.454213][T13745] pantherlord 0003:0E8F:0003.0059: no output reports found [ 1158.619202][ T26] usb 8-1: USB disconnect, device number 3 [ 1158.970915][T22487] geneve2: entered promiscuous mode [ 1158.977114][T22487] geneve2: entered allmulticast mode [ 1159.636048][T22523] netlink: 8 bytes leftover after parsing attributes in process `syz.0.18734'. [ 1159.654128][T22523] netlink: 4 bytes leftover after parsing attributes in process `syz.0.18734'. [ 1159.671209][T22523] nbd: socks must be embedded in a SOCK_ITEM attr [ 1161.511161][T22598] vhci_hcd vhci_hcd.0: pdev(8) rhport(0) sockfd(3) [ 1161.517747][T22598] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 1161.541995][T22598] vhci_hcd vhci_hcd.0: Device attached [ 1161.588437][T22599] vhci_hcd: cannot find the pending unlink 8 [ 1161.605477][T22599] vhci_hcd: connection closed [ 1161.630076][ T1135] vhci_hcd: stop threads [ 1161.648666][ T1135] vhci_hcd: release socket [ 1161.653240][ T1135] vhci_hcd: disconnect device [ 1161.740014][T13745] Process accounting resumed [ 1162.004695][T22619] bridge_slave_0: invalid flags given to default FDB implementation [ 1162.360853][T22632] bond0: Device is already in use. [ 1162.523936][T22638] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 1164.637138][T22720] netlink: 40 bytes leftover after parsing attributes in process `syz.3.18818'. [ 1165.309912][ T31] audit: type=1326 audit(2000000290.317:9274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22749 comm="syz.8.18832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd66d78d169 code=0x7ffc0000 [ 1165.331738][ C1] vkms_vblank_simulate: vblank timer overrun [ 1165.357453][T22753] netlink: 4 bytes leftover after parsing attributes in process `syz.3.18833'. [ 1165.421774][ T31] audit: type=1326 audit(2000000290.317:9275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22749 comm="syz.8.18832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd66d78d169 code=0x7ffc0000 [ 1165.484586][ T31] audit: type=1326 audit(2000000290.345:9276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22749 comm="syz.8.18832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7fd66d78d169 code=0x7ffc0000 [ 1165.528615][ T31] audit: type=1326 audit(2000000290.345:9277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22749 comm="syz.8.18832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd66d78d169 code=0x7ffc0000 [ 1165.583324][ T31] audit: type=1326 audit(2000000290.345:9278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22749 comm="syz.8.18832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd66d78d169 code=0x7ffc0000 [ 1165.612452][ T31] audit: type=1326 audit(2000000290.345:9279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22749 comm="syz.8.18832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=166 compat=0 ip=0x7fd66d78d169 code=0x7ffc0000 [ 1165.661210][ T31] audit: type=1326 audit(2000000290.345:9280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22749 comm="syz.8.18832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd66d78d169 code=0x7ffc0000 [ 1165.701614][ T31] audit: type=1326 audit(2000000290.345:9281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22749 comm="syz.8.18832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd66d78d169 code=0x7ffc0000 [ 1165.834319][T22773] netlink: 1256 bytes leftover after parsing attributes in process `syz.7.18842'. [ 1166.032143][T13745] usb 6-1: new high-speed USB device number 50 using dummy_hcd [ 1166.192376][T13745] usb 6-1: Using ep0 maxpacket: 16 [ 1166.201724][T13745] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 1166.214137][T13745] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 1166.230186][T13745] usb 6-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 1166.240095][T13745] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1166.245820][ T2640] usb 9-1: new high-speed USB device number 2 using dummy_hcd [ 1166.248618][T13745] usb 6-1: Product: syz [ 1166.260460][T13745] usb 6-1: Manufacturer: syz [ 1166.265432][T13745] usb 6-1: SerialNumber: syz [ 1166.289062][T13745] usb 6-1: config 0 descriptor?? [ 1166.297352][T13745] em28xx 6-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 1166.306880][T13745] em28xx 6-1:0.0: Audio interface 0 found (Vendor Class) [ 1166.374214][ T26] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 1166.416738][ T2640] usb 9-1: Using ep0 maxpacket: 16 [ 1166.433251][ T2640] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1166.444894][ T2640] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1166.455012][ T2640] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4 [ 1166.468996][ T2640] usb 9-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00 [ 1166.478278][ T2640] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1166.499206][ T2640] usb 9-1: config 0 descriptor?? [ 1166.567687][ T26] usb 8-1: Using ep0 maxpacket: 32 [ 1166.578551][ T26] usb 8-1: config 0 has an invalid interface number: 51 but max is 0 [ 1166.595799][ T26] usb 8-1: config 0 has no interface number 0 [ 1166.605379][ T26] usb 8-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 1166.616325][ T26] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1166.628013][ T26] usb 8-1: Product: syz [ 1166.632982][ T26] usb 8-1: Manufacturer: syz [ 1166.637668][ T26] usb 8-1: SerialNumber: syz [ 1166.645460][ T26] usb 8-1: config 0 descriptor?? [ 1166.658272][ T26] quatech2 8-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 1166.689041][T22820] netlink: 92 bytes leftover after parsing attributes in process `syz.3.18855'. [ 1166.889012][ T26] usb 8-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 1166.901573][ T26] usb 8-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 1166.953005][ T2640] kovaplus 0003:1E7D:2D50.005A: unknown main item tag 0x0 [ 1166.953298][T13745] em28xx 6-1:0.0: chip ID is em2882/3 [ 1166.960439][ T2640] kovaplus 0003:1E7D:2D50.005A: unknown main item tag 0x0 [ 1166.975303][ T2640] kovaplus 0003:1E7D:2D50.005A: unknown main item tag 0x0 [ 1166.984684][ T2640] kovaplus 0003:1E7D:2D50.005A: hidraw0: USB HID v0.00 Device [HID 1e7d:2d50] on usb-dummy_hcd.8-1/input0 [ 1167.174893][T13745] em28xx 6-1:0.0: Config register raw data: 0xfffffffb [ 1167.184565][T13745] em28xx 6-1:0.0: AC97 chip type couldn't be determined [ 1167.191642][T13745] em28xx 6-1:0.0: No AC97 audio processor [ 1167.202416][T13745] usb 6-1: USB disconnect, device number 50 [ 1167.209429][T13745] em28xx 6-1:0.0: Disconnecting em28xx [ 1167.215882][T13745] em28xx 6-1:0.0: Freeing device [ 1167.324392][ C1] usb 8-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 1167.332595][ T26] usb 8-1: USB disconnect, device number 4 [ 1167.344523][ T26] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 1167.359759][ T26] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 1167.371841][ T26] quatech2 8-1:0.51: device disconnected [ 1167.377789][ T2640] kovaplus 0003:1E7D:2D50.005A: couldn't init struct kovaplus_device [ 1167.390166][ T2640] kovaplus 0003:1E7D:2D50.005A: couldn't install mouse [ 1167.398840][ T2640] kovaplus 0003:1E7D:2D50.005A: probe with driver kovaplus failed with error -71 [ 1167.411955][ T2640] usb 9-1: USB disconnect, device number 2 [ 1168.070725][ T31] audit: type=1326 audit(2000000292.898:9282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22899 comm="syz.5.18870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f580f18d169 code=0x7ffc0000 [ 1168.159342][ T31] audit: type=1326 audit(2000000292.898:9283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22899 comm="syz.5.18870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f580f18d169 code=0x7ffc0000 [ 1168.592478][T22924] netlink: 8 bytes leftover after parsing attributes in process `syz.5.18879'. [ 1168.853371][T22936] sctp: [Deprecated]: syz.7.18885 (pid 22936) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1168.853371][T22936] Use struct sctp_sack_info instead [ 1169.966452][ T26] usb 6-1: new high-speed USB device number 51 using dummy_hcd [ 1170.126596][ T26] usb 6-1: Using ep0 maxpacket: 16 [ 1170.145103][ T26] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 8 [ 1170.176137][ T26] usb 6-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00 [ 1170.191515][ T26] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1170.199841][ T26] usb 6-1: Product: syz [ 1170.210670][ T26] usb 6-1: Manufacturer: syz [ 1170.216383][ T26] usb 6-1: SerialNumber: syz [ 1170.234493][ T26] usb 6-1: config 0 descriptor?? [ 1170.250590][ T26] ftdi_sio 6-1:0.0: FTDI USB Serial Device converter detected [ 1170.260386][ T26] usb 6-1: Detected FT232R [ 1170.471374][ T26] ftdi_sio ttyUSB0: Unable to read latency timer: -32 [ 1170.706250][ T26] usb 6-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 1170.931324][ T2640] usb 6-1: USB disconnect, device number 51 [ 1170.959642][ T2640] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 1170.989177][ T2640] ftdi_sio 6-1:0.0: device disconnected [ 1171.056634][T22302] usb 9-1: new full-speed USB device number 3 using dummy_hcd [ 1171.224143][T22302] usb 9-1: config 7 has an invalid interface number: 34 but max is 0 [ 1171.248756][T22302] usb 9-1: config 7 has no interface number 0 [ 1171.292217][T22302] usb 9-1: New USB device found, idVendor=0fe9, idProduct=db51, bcdDevice=5e.35 [ 1171.301698][T22302] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1171.334375][T22302] usb 9-1: Product: syz [ 1171.338616][T22302] usb 9-1: Manufacturer: syz [ 1171.343238][T22302] usb 9-1: SerialNumber: syz [ 1171.821723][T13745] kernel write not supported for file /input/event2 (pid: 13745 comm: kworker/0:1) [ 1171.954875][ T2640] usb 6-1: new high-speed USB device number 52 using dummy_hcd [ 1172.158001][ T2640] usb 6-1: Using ep0 maxpacket: 32 [ 1172.164943][ T2640] usb 6-1: config 0 has an invalid interface number: 51 but max is 0 [ 1172.178981][ T2640] usb 6-1: config 0 has no interface number 0 [ 1172.199340][T22302] dvb-usb: found a 'DViCO FusionHDTV DVB-T Dual USB' in warm state. [ 1172.200199][ T2640] usb 6-1: config 0 has an invalid interface number: 51 but max is 0 [ 1172.224345][T22302] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 1172.241116][ T2640] usb 6-1: config 0 has no interface number 0 [ 1172.251969][T22302] dvb-usb: DViCO FusionHDTV DVB-T Dual USB error while loading driver (-19) [ 1172.264993][ T2640] usb 6-1: config 0 has an invalid interface number: 51 but max is 0 [ 1172.273127][ T2640] usb 6-1: config 0 has no interface number 0 [ 1172.274823][T22302] dvb_usb_cxusb 9-1:7.34: probe with driver dvb_usb_cxusb failed with error -22 [ 1172.303323][ T2640] usb 6-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 1172.317786][ T2640] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1172.325913][ T2640] usb 6-1: Product: syz [ 1172.339490][ T2640] usb 6-1: Manufacturer: syz [ 1172.344227][ T2640] usb 6-1: SerialNumber: syz [ 1172.362154][ T2640] usb 6-1: config 0 descriptor?? [ 1172.384362][ T2640] quatech2 6-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 1172.446978][T22302] usb 9-1: USB disconnect, device number 3 [ 1172.627616][ T2640] usb 6-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 1172.656672][ T2640] usb 6-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 1172.672081][T23114] netlink: 44 bytes leftover after parsing attributes in process `syz.3.18943'. [ 1173.101623][ C1] usb 6-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 1173.102588][T22302] usb 6-1: USB disconnect, device number 52 [ 1173.152241][T22302] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 1173.178763][T22302] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 1173.198821][T22302] quatech2 6-1:0.51: device disconnected [ 1173.655044][T22319] kernel write not supported for file /amidi2 (pid: 22319 comm: kworker/1:2) [ 1173.714253][T23182] netlink: 40 bytes leftover after parsing attributes in process `syz.7.18962'. [ 1174.142711][T23199] sctp: [Deprecated]: syz.3.18970 (pid 23199) Use of int in max_burst socket option. [ 1174.142711][T23199] Use struct sctp_assoc_value instead [ 1174.304507][T23210] netlink: 'syz.0.18973': attribute type 3 has an invalid length. [ 1174.321347][T23210] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.18973'. [ 1174.763164][ T31] kauditd_printk_skb: 10 callbacks suppressed [ 1174.763185][ T31] audit: type=1800 audit(2000000299.156:9294): pid=23242 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.5.18986" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0 [ 1174.894582][T22302] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 1175.081244][T22302] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1175.099325][T22302] usb 8-1: config 0 has no interfaces? [ 1175.115780][T22302] usb 8-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 1175.143589][T22302] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1175.171263][T22302] usb 8-1: config 0 descriptor?? [ 1175.427938][T22302] usb 8-1: USB disconnect, device number 5 [ 1176.342494][T23323] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 1176.383556][T23323] bridge0: port 2(bridge_slave_1) entered disabled state [ 1176.396793][T23323] bridge0: port 1(bridge_slave_0) entered disabled state [ 1176.718706][T23341] netlink: 76 bytes leftover after parsing attributes in process `syz.3.19026'. [ 1179.780631][ T26] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 1179.940256][ T26] usb 8-1: Using ep0 maxpacket: 16 [ 1179.947530][ T26] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1179.959232][ T26] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1179.970737][ T26] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1179.980733][ T26] usb 8-1: config 0 interface 0 has no altsetting 0 [ 1179.988079][ T26] usb 8-1: New USB device found, idVendor=0458, idProduct=0153, bcdDevice= 0.00 [ 1180.015647][ T26] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1180.031836][ T26] usb 8-1: config 0 descriptor?? [ 1180.426273][T23483] Invalid source name [ 1180.430327][T23483] UBIFS error (pid: 23483): cannot open "./file0", error -22 [ 1180.479745][ T26] kye 0003:0458:0153.005B: unexpected long global item [ 1180.516919][ T26] kye 0003:0458:0153.005B: parse failed [ 1180.523091][ T26] kye 0003:0458:0153.005B: probe with driver kye failed with error -22 [ 1180.697155][T13745] usb 8-1: USB disconnect, device number 6 [ 1180.931928][T23559] 8021q: adding VLAN 0 to HW filter on device bond3 [ 1181.152242][T23559] bond3 (unregistering): Released all slaves [ 1181.404146][T23596] infiniband syz0: set down [ 1181.408934][T23596] infiniband syz0: added ipvlan1 [ 1181.440075][T23596] RDS/IB: syz0: added [ 1181.444246][T23596] smc: adding ib device syz0 with port count 1 [ 1181.450729][T23596] smc: ib device syz0 port 1 has pnetid [ 1182.387971][T23658] netlink: 'syz.3.19120': attribute type 1 has an invalid length. [ 1182.401564][T23658] netlink: 134708 bytes leftover after parsing attributes in process `syz.3.19120'. [ 1182.925478][T23684] input: syz1 as /devices/virtual/input/input144 [ 1183.661014][ T26] usb 6-1: new full-speed USB device number 53 using dummy_hcd [ 1183.693935][T23729] netlink: 12 bytes leftover after parsing attributes in process `syz.3.19143'. [ 1183.844516][ T26] usb 6-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 2.00 [ 1183.855301][ T26] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1183.877921][ T26] usb 6-1: config 0 descriptor?? [ 1183.885851][ T26] ftdi_sio 6-1:0.0: FTDI USB Serial Device converter detected [ 1184.123315][ T26] usb 6-1: Detected FT232B [ 1184.343893][ T26] ftdi_sio ttyUSB0: Unable to read latency timer: -32 [ 1184.362555][ T26] usb 6-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 1184.603636][T22302] usb 6-1: USB disconnect, device number 53 [ 1184.613121][T22302] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 1184.640728][T22302] ftdi_sio 6-1:0.0: device disconnected [ 1184.755933][T23782] tun0: tun_chr_ioctl cmd 1074025678 [ 1184.761494][T23782] tun0: group set to 0 [ 1185.035999][T23793] netlink: 20 bytes leftover after parsing attributes in process `syz.0.19159'. [ 1185.670579][T13745] usb 8-1: new high-speed USB device number 7 using dummy_hcd [ 1185.852120][T13745] usb 8-1: Using ep0 maxpacket: 32 [ 1185.878515][T13745] usb 8-1: config 0 interface 0 has no altsetting 0 [ 1185.914997][T13745] usb 8-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e [ 1185.924422][T13745] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1185.937681][T13745] usb 8-1: Product: syz [ 1185.944495][T13745] usb 8-1: Manufacturer: syz [ 1185.959124][T13745] usb 8-1: SerialNumber: syz [ 1185.987567][T13745] usb 8-1: config 0 descriptor?? [ 1186.428833][T13745] gs_usb 8-1:0.0: Configuring for 167 interfaces [ 1186.445494][T13745] gs_usb 8-1:0.0: Driver cannot handle more that 3 CAN interfaces [ 1186.455917][T13745] gs_usb 8-1:0.0: probe with driver gs_usb failed with error -22 [ 1186.524008][T23854] netlink: 4 bytes leftover after parsing attributes in process `syz.3.19181'. [ 1186.659033][T22319] usb 8-1: USB disconnect, device number 7 [ 1186.789031][ T26] kernel write not supported for file /snd/seq (pid: 26 comm: kworker/1:0) [ 1187.522518][T23913] netlink: 8 bytes leftover after parsing attributes in process `syz.3.19204'. [ 1187.868994][T23934] netlink: 8 bytes leftover after parsing attributes in process `syz.7.19213'. [ 1187.886872][T23935] netlink: 16402 bytes leftover after parsing attributes in process `syz.5.19211'. [ 1187.917260][T23929] netlink: 16402 bytes leftover after parsing attributes in process `syz.5.19211'. [ 1188.177939][ T31] audit: type=1326 audit(2000000311.709:9295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23944 comm="syz.5.19218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f580f18d169 code=0x7ffc0000 [ 1188.246693][ T31] audit: type=1326 audit(2000000311.709:9296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23944 comm="syz.5.19218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f580f18d169 code=0x7ffc0000 [ 1188.310732][ T31] audit: type=1326 audit(2000000311.709:9297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23944 comm="syz.5.19218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=121 compat=0 ip=0x7f580f18d169 code=0x7ffc0000 [ 1188.364396][ T31] audit: type=1326 audit(2000000311.709:9298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23944 comm="syz.5.19218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f580f18d169 code=0x7ffc0000 [ 1188.417061][T23958] netlink: 10 bytes leftover after parsing attributes in process `syz.7.19223'. [ 1188.417835][ T31] audit: type=1326 audit(2000000311.709:9299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23944 comm="syz.5.19218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f580f18d169 code=0x7ffc0000 [ 1188.503903][ T31] audit: type=1326 audit(2000000311.709:9300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23944 comm="syz.5.19218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f580f18d169 code=0x7ffc0000 [ 1188.536455][T22319] usb 9-1: new full-speed USB device number 4 using dummy_hcd [ 1188.567985][ T31] audit: type=1326 audit(2000000311.709:9301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23944 comm="syz.5.19218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f580f18d169 code=0x7ffc0000 [ 1188.610369][ T31] audit: type=1326 audit(2000000311.709:9302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23944 comm="syz.5.19218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f580f18d169 code=0x7ffc0000 [ 1188.670467][ T31] audit: type=1326 audit(2000000311.709:9303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23944 comm="syz.5.19218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=297 compat=0 ip=0x7f580f18d169 code=0x7ffc0000 [ 1188.692219][ C1] vkms_vblank_simulate: vblank timer overrun [ 1188.729843][T22319] usb 9-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43 [ 1188.739294][T22319] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1188.749938][ T31] audit: type=1326 audit(2000000311.709:9304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23944 comm="syz.5.19218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f580f18d169 code=0x7ffc0000 [ 1188.782419][T22319] usb 9-1: config 0 descriptor?? [ 1188.794679][T22319] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state. [ 1188.846877][T23970] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 1189.022693][T22319] gp8psk: usb in 128 operation failed. [ 1189.244324][T22319] gp8psk: FW Version = 115.40.187 (0x7328bb) Build 2254/175/131 [ 1189.478146][T22319] gp8psk: usb in 149 operation failed. [ 1189.484492][T22319] gp8psk: failed to get FPGA version [ 1189.492692][T22319] gp8psk: usb in 138 operation failed. [ 1189.503175][T22319] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 1189.525490][T22319] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19) [ 1189.548103][T22319] usb 9-1: USB disconnect, device number 4 [ 1189.721907][T24018] netlink: 16 bytes leftover after parsing attributes in process `syz.7.19245'. [ 1189.839116][T24025] gfs2: gfs2 mount does not exist [ 1189.941829][T24031] netlink: 8 bytes leftover after parsing attributes in process `syz.3.19250'. [ 1191.986693][T24128] netlink: 40 bytes leftover after parsing attributes in process `syz.8.19293'. [ 1192.062930][T24132] netlink: 4 bytes leftover after parsing attributes in process `syz.0.19295'. [ 1193.439477][T24194] kvm: kvm [24193]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x4000002a) = 0x4 [ 1194.522737][T22330] usb 9-1: new high-speed USB device number 5 using dummy_hcd [ 1194.693384][T22330] usb 9-1: Using ep0 maxpacket: 32 [ 1194.706646][T22330] usb 9-1: config 0 has an invalid interface number: 85 but max is 0 [ 1194.729568][T22330] usb 9-1: config 0 has no interface number 0 [ 1194.747035][T22330] usb 9-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1194.770789][T22330] usb 9-1: config 0 interface 85 has no altsetting 0 [ 1194.783402][T22330] usb 9-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72 [ 1194.793242][T22330] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1194.802178][T22330] usb 9-1: Product: syz [ 1194.806667][T22330] usb 9-1: Manufacturer: syz [ 1194.811614][T22330] usb 9-1: SerialNumber: syz [ 1194.821262][T22330] usb 9-1: config 0 descriptor?? [ 1195.512223][T22330] appletouch 9-1:0.85: Geyser mode initialized. [ 1195.528342][T22330] input: appletouch as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.85/input/input145 [ 1195.749065][T22330] usb 9-1: USB disconnect, device number 5 [ 1195.765624][T22330] appletouch 9-1:0.85: input: appletouch disconnected [ 1195.923235][T24306] loop9: detected capacity change from 0 to 8 [ 1195.944695][T24306] Dev loop9: unable to read RDB block 8 [ 1195.954519][T24306] loop9: unable to read partition table [ 1195.971990][T24306] loop9: partition table beyond EOD, truncated [ 1195.986887][T24306] loop_reread_partitions: partition scan of loop9 (被x󟣑 ) failed (rc=-5) [ 1196.347766][T24325] input: syz0 as /devices/virtual/input/input146 [ 1196.431122][T24333] smc: ib device syz0 ibport 1 applied user defined pnetid SYZ2 [ 1198.242620][T22302] usb 6-1: new high-speed USB device number 54 using dummy_hcd [ 1198.404669][T22302] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1198.436187][T22302] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 1198.460476][T22302] usb 6-1: config 1 has no interface number 0 [ 1198.482369][T22302] usb 6-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1198.508062][T22302] usb 6-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping [ 1198.535862][T22302] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1198.568946][T22302] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1198.578011][T22302] usb 6-1: Product: syz [ 1198.582360][T22302] usb 6-1: Manufacturer: syz [ 1198.592636][T22302] usb 6-1: SerialNumber: syz [ 1199.474048][T22302] cdc_ncm 6-1:1.1: bind() failure [ 1199.507898][T22302] usb 6-1: USB disconnect, device number 54 [ 1200.218057][T24489] netlink: 24 bytes leftover after parsing attributes in process `syz.5.19422'. [ 1200.755073][T22302] usb 9-1: new high-speed USB device number 6 using dummy_hcd [ 1200.929090][T22302] usb 9-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a [ 1200.949586][T22302] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1200.971237][T22302] usb 9-1: Product: syz [ 1200.975468][T22302] usb 9-1: Manufacturer: syz [ 1200.992892][T22302] usb 9-1: SerialNumber: syz [ 1201.014072][T22302] usb 9-1: config 0 descriptor?? [ 1201.909647][T22302] usb 9-1: Firmware version (0.0) predates our first public release. [ 1201.917773][T22302] usb 9-1: Please update to version 0.2 or newer [ 1201.975578][T22302] usb 9-1: USB disconnect, device number 6 [ 1202.410751][T24586] XD_h3KI speed is unknown, defaulting to 1000 [ 1203.744263][T24662] netlink: 'syz.3.19475': attribute type 25 has an invalid length. [ 1203.773611][T24662] netlink: 'syz.3.19475': attribute type 7 has an invalid length. [ 1204.986608][T24695] netdevsim netdevsim7: loading /lib/firmware/. failed with error -22 [ 1205.014779][T24695] netdevsim netdevsim7: Direct firmware load for . failed with error -22 [ 1205.037829][T24695] netdevsim netdevsim7: Falling back to sysfs fallback for: . [ 1205.506399][T24728] netlink: 452 bytes leftover after parsing attributes in process `syz.5.19499'. [ 1206.160099][T24764] cgroup: fork rejected by pids controller in /syz3 [ 1206.510882][T24774] loop5: detected capacity change from 0 to 7 [ 1206.518631][T24774] buffer_io_error: 7 callbacks suppressed [ 1206.518731][T24774] Buffer I/O error on dev loop5, logical block 0, async page read [ 1206.552214][T24774] Buffer I/O error on dev loop5, logical block 0, async page read [ 1206.590011][T24774] Buffer I/O error on dev loop5, logical block 0, async page read [ 1206.635001][T24774] Buffer I/O error on dev loop5, logical block 0, async page read [ 1206.667116][T24774] Buffer I/O error on dev loop5, logical block 0, async page read [ 1206.676283][T24774] Buffer I/O error on dev loop5, logical block 0, async page read [ 1206.684773][T24774] Buffer I/O error on dev loop5, logical block 0, async page read [ 1206.710321][T24774] ldm_validate_partition_table(): Disk read failed. [ 1206.728093][T24774] Buffer I/O error on dev loop5, logical block 0, async page read [ 1206.739010][T24774] Buffer I/O error on dev loop5, logical block 0, async page read [ 1206.758681][T24774] Buffer I/O error on dev loop5, logical block 0, async page read [ 1206.774859][T24774] Dev loop5: unable to read RDB block 0 [ 1206.795308][T24774] loop5: unable to read partition table [ 1206.835177][T24774] loop5: partition table beyond EOD, truncated [ 1206.845817][T24774] loop_reread_partitions: partition scan of loop5 (被xڬdƤݡ [ 1206.845817][T24774] ) failed (rc=-5) [ 1207.709539][ T3023] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1207.787714][T24815] 8021q: adding VLAN 0 to HW filter on device bond1 [ 1207.906976][ T5135] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 1207.920304][ T5135] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 1207.929043][ T5135] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 1207.936990][ T5135] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 1207.946236][ T5135] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 1207.954109][ T5135] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 1207.990119][ T3023] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1208.063019][T24851] XD_h3KI speed is unknown, defaulting to 1000 [ 1208.133657][ T3023] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1208.259913][ T3023] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1208.647199][ T3023] bridge0: port 3(team0) entered disabled state [ 1208.687757][ T3023] bridge_slave_1: left allmulticast mode [ 1208.693456][ T3023] bridge_slave_1: left promiscuous mode [ 1208.735181][ T3023] bridge0: port 2(bridge_slave_1) entered disabled state [ 1208.798613][ T3023] bridge_slave_0: left allmulticast mode [ 1208.804343][ T3023] bridge_slave_0: left promiscuous mode [ 1208.832574][ T3023] bridge0: port 1(bridge_slave_0) entered disabled state [ 1209.515473][T24920] Failed to get privilege flags for destination (handle=0x2:0x9) [ 1209.946458][ T3023] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1209.972606][ T3023] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1209.998685][ T3023] bond0 (unregistering): Released all slaves [ 1210.024719][ T3023] bond1 (unregistering): Released all slaves [ 1210.038141][ T3023] bond2 (unregistering): Released all slaves [ 1210.164998][T24937] tap0: tun_chr_ioctl cmd 1074025677 [ 1210.175404][T24937] tap0: linktype set to 769 [ 1210.194086][ T5832] Bluetooth: hci3: command tx timeout [ 1210.349103][ T3023] f: left promiscuous mode [ 1210.448357][ T3023] : left promiscuous mode [ 1210.558185][ T26] usb 6-1: new high-speed USB device number 55 using dummy_hcd [ 1210.603265][ T3023] tipc: Left network mode [ 1210.658362][T24851] chnl_net:caif_netlink_parms(): no params data found [ 1210.732794][ T26] usb 6-1: Using ep0 maxpacket: 16 [ 1210.760066][ T26] usb 6-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3 [ 1210.775343][ T26] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1210.809804][ T26] usb 6-1: Product: syz [ 1210.814047][ T26] usb 6-1: Manufacturer: syz [ 1210.837257][ T26] usb 6-1: SerialNumber: syz [ 1210.853512][ T26] usb 6-1: config 0 descriptor?? [ 1211.297604][T24851] bridge0: port 1(bridge_slave_0) entered blocking state [ 1211.314816][ T26] dvb-usb: found a 'AME DTV-5100 USB2.0 DVB-T' in warm state. [ 1211.319376][T24851] bridge0: port 1(bridge_slave_0) entered disabled state [ 1211.337568][T24851] bridge_slave_0: entered allmulticast mode [ 1211.339248][ T26] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 1211.372302][T24851] bridge_slave_0: entered promiscuous mode [ 1211.386472][ T26] dvbdev: DVB: registering new adapter (AME DTV-5100 USB2.0 DVB-T) [ 1211.393210][T24851] bridge0: port 2(bridge_slave_1) entered blocking state [ 1211.412415][ T26] usb 6-1: media controller created [ 1211.433773][T24851] bridge0: port 2(bridge_slave_1) entered disabled state [ 1211.444289][T24851] bridge_slave_1: entered allmulticast mode [ 1211.457508][T24851] bridge_slave_1: entered promiscuous mode [ 1211.464389][ T26] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 1211.481191][T25147] netlink: 12 bytes leftover after parsing attributes in process `syz.7.19581'. [ 1211.617065][ T26] dvb-usb: no frontend was attached by 'AME DTV-5100 USB2.0 DVB-T' [ 1211.650571][ T26] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully initialized and connected. [ 1211.731413][T24851] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1211.750937][ T26] kernel write not supported for file /input/event2 (pid: 26 comm: kworker/1:0) [ 1211.759155][T24851] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1211.878633][ T26] usb 6-1: USB disconnect, device number 55 [ 1212.006822][ T26] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully deinitialized and disconnected. [ 1212.096796][T24851] team0: Port device team_slave_0 added [ 1212.125989][ T3023] : left promiscuous mode [ 1212.149457][ T3023] hsr_slave_1: left promiscuous mode [ 1212.408046][ T5832] Bluetooth: hci3: command tx timeout [ 1213.915753][ T3023] team_slave_1 (unregistering): left promiscuous mode [ 1213.947094][ T3023] team_slave_1 (unregistering): left allmulticast mode [ 1213.958893][ T5820] usb 9-1: new high-speed USB device number 7 using dummy_hcd [ 1213.976267][ T3023] team0 (unregistering): Port device team_slave_1 removed [ 1214.034296][ T3023] team_slave_0 (unregistering): left promiscuous mode [ 1214.044463][ T3023] team_slave_0 (unregistering): left allmulticast mode [ 1214.059114][ T3023] team0 (unregistering): Port device team_slave_0 removed [ 1214.142597][ T13] smc: removing ib device syz1 [ 1214.159335][ T5820] usb 9-1: config 0 has an invalid interface number: 230 but max is 0 [ 1214.176550][ T5820] usb 9-1: config 0 has no interface number 0 [ 1214.210149][ T5820] usb 9-1: New USB device found, idVendor=05da, idProduct=00a3, bcdDevice=83.43 [ 1214.230406][ T5820] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1214.246441][ T5820] usb 9-1: Product: syz [ 1214.250739][ T5820] usb 9-1: Manufacturer: syz [ 1214.266339][ T5820] usb 9-1: SerialNumber: syz [ 1214.280770][ T5820] usb 9-1: config 0 descriptor?? [ 1214.300603][ T5820] microtek usb (rev 0.4.3): expecting 3 got 0 endpoints! Bailing out. [ 1214.534204][ T26] usb 9-1: USB disconnect, device number 7 [ 1214.632895][ T5832] Bluetooth: hci3: command tx timeout [ 1215.400763][T25307] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 1216.070790][T24851] team0: Port device team_slave_1 added [ 1216.253086][T24851] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1216.277754][T24851] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1216.356258][T24851] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1216.438527][T24851] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1216.445616][T24851] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1216.523420][T24851] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1216.839336][T24851] hsr_slave_0: entered promiscuous mode [ 1216.855029][ T5832] Bluetooth: hci3: command tx timeout [ 1216.906684][T24851] hsr_slave_1: entered promiscuous mode [ 1216.926274][T24851] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1216.980625][T24851] Cannot create hsr debugfs directory [ 1218.207838][T24851] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 1218.227494][T24851] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 1218.243835][T24851] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 1218.277301][T24851] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 1218.415574][T24851] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1218.452198][T24851] 8021q: adding VLAN 0 to HW filter on device team0 [ 1218.500299][ T5893] bridge0: port 1(bridge_slave_0) entered blocking state [ 1218.507519][ T5893] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1218.534955][ T5893] bridge0: port 2(bridge_slave_1) entered blocking state [ 1218.542101][ T5893] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1218.627816][T25510] netlink: 4 bytes leftover after parsing attributes in process `syz.7.19638'. [ 1218.647157][ T3023] IPVS: stop unused estimator thread 0... [ 1219.064142][T24851] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1219.108765][T25533] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check. [ 1219.180190][T24851] veth0_vlan: entered promiscuous mode [ 1219.203005][T24851] veth1_vlan: entered promiscuous mode [ 1219.296386][T24851] veth0_macvtap: entered promiscuous mode [ 1219.327322][T24851] veth1_macvtap: entered promiscuous mode [ 1219.343221][T24851] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1219.356241][T24851] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1219.383146][T24851] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1219.398824][T24851] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1219.410904][T24851] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1219.433119][T24851] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1219.470953][T24851] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1219.507046][T24851] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1219.515845][T24851] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1219.536217][ T2640] hid-generic 0000:0003:0000.005C: unknown main item tag 0x0 [ 1219.538580][T24851] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1219.554944][ T2640] hid-generic 0000:0003:0000.005C: unknown main item tag 0x0 [ 1219.576774][ T2640] hid-generic 0000:0003:0000.005C: hidraw0: HID v0.00 Device [syz0] on syz1 [ 1219.776207][ T3023] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1219.805933][ T3023] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1219.875186][ T3023] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1219.901213][ T3023] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1220.062279][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 1220.181972][T25582] --map-set only usable from mangle table [ 1220.302345][T25592] netlink: 8 bytes leftover after parsing attributes in process `syz.5.19661'. [ 1220.762639][T25621] netlink: 24 bytes leftover after parsing attributes in process `syz.8.19671'. [ 1221.154121][T25652] netlink: 104 bytes leftover after parsing attributes in process `syz.0.19679'. [ 1221.663548][T25679] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 1221.670657][ T5820] usb 4-1: new high-speed USB device number 64 using dummy_hcd [ 1221.874074][ T5820] usb 4-1: unable to get BOS descriptor or descriptor too short [ 1221.890860][ T5820] usb 4-1: unable to read config index 0 descriptor/start: -71 [ 1221.912714][ T5820] usb 4-1: can't read configurations, error -71 [ 1222.130673][T25707] netlink: 8 bytes leftover after parsing attributes in process `syz.7.19696'. [ 1222.198764][T25709] netlink: 4 bytes leftover after parsing attributes in process `syz.8.19697'. [ 1222.282155][T25709] team0: Device ipvlan2 failed to register rx_handler [ 1222.756240][T22302] usb 9-1: new full-speed USB device number 8 using dummy_hcd [ 1222.932530][T22302] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1222.944900][T22302] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 1222.966658][T22302] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 1222.992167][T22302] usb 9-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5 [ 1223.021488][T22302] usb 9-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 1223.037237][T22302] usb 9-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 1223.048020][T22302] usb 9-1: Manufacturer: syz [ 1223.054936][T22302] usb 9-1: config 0 descriptor?? [ 1223.351970][T25759] netlink: 4 bytes leftover after parsing attributes in process `syz.5.19713'. [ 1223.395782][T25761] netlink: 8 bytes leftover after parsing attributes in process `syz.3.19714'. [ 1223.408274][T22302] rc_core: IR keymap rc-hauppauge not found [ 1223.414234][T22302] Registered IR keymap rc-empty [ 1223.430326][T22302] mceusb 9-1:0.0: Error: mce write submit urb error = -90 [ 1223.475588][T22302] mceusb 9-1:0.0: Error: mce write submit urb error = -90 [ 1223.486390][T25764] netlink: 8 bytes leftover after parsing attributes in process `syz.5.19715'. [ 1223.505978][T25764] netlink: 'syz.5.19715': attribute type 30 has an invalid length. [ 1223.513943][T25764] netlink: 12 bytes leftover after parsing attributes in process `syz.5.19715'. [ 1223.515880][T22302] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/rc/rc0 [ 1223.540483][T22302] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/rc/rc0/input147 [ 1223.558641][T22302] mceusb 9-1:0.0: Error: mce write submit urb error = -90 [ 1223.580780][T22302] mceusb 9-1:0.0: Error: mce write submit urb error = -90 [ 1223.622546][T22302] mceusb 9-1:0.0: Error: mce write submit urb error = -90 [ 1223.644047][T22302] mceusb 9-1:0.0: Error: mce write submit urb error = -90 [ 1223.668017][T22302] mceusb 9-1:0.0: Error: mce write submit urb error = -90 [ 1223.697193][T22302] mceusb 9-1:0.0: Error: mce write submit urb error = -90 [ 1223.729168][T22302] mceusb 9-1:0.0: Error: mce write submit urb error = -90 [ 1223.761237][T22302] mceusb 9-1:0.0: Error: mce write submit urb error = -90 [ 1223.782990][T22302] mceusb 9-1:0.0: Error: mce write submit urb error = -90 [ 1223.814868][T22302] mceusb 9-1:0.0: Error: mce write submit urb error = -90 [ 1223.878702][T22302] mceusb 9-1:0.0: Error: mce write submit urb error = -90 [ 1223.912797][T22302] mceusb 9-1:0.0: Registered 424242424242 with mce emulator interface version 1 [ 1223.927810][T22302] mceusb 9-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 1223.944610][T22302] usb 9-1: USB disconnect, device number 8 [ 1224.289518][T25818] __nla_validate_parse: 1 callbacks suppressed [ 1224.289540][T25818] netlink: 830 bytes leftover after parsing attributes in process `syz.5.19731'. [ 1224.525738][T25825] netlink: 4 bytes leftover after parsing attributes in process `syz.5.19733'. [ 1225.303739][ T31] kauditd_printk_skb: 1 callbacks suppressed [ 1225.303761][ T31] audit: type=1326 audit(2000000346.441:9306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25859 comm="syz.7.19751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b32b8d169 code=0x7ffc0000 [ 1225.361982][ T31] audit: type=1326 audit(2000000346.441:9307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25859 comm="syz.7.19751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b32b8d169 code=0x7ffc0000 [ 1225.384328][ T31] audit: type=1326 audit(2000000346.459:9308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25859 comm="syz.7.19751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3b32b8d169 code=0x7ffc0000 [ 1225.407069][ T31] audit: type=1326 audit(2000000346.469:9309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25859 comm="syz.7.19751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b32b8d169 code=0x7ffc0000 [ 1225.476855][ T31] audit: type=1326 audit(2000000346.469:9310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25859 comm="syz.7.19751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b32b8d169 code=0x7ffc0000 [ 1225.513990][T25867] netlink: 4 bytes leftover after parsing attributes in process `syz.7.19753'. [ 1225.522330][ T31] audit: type=1326 audit(2000000346.469:9311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25859 comm="syz.7.19751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=190 compat=0 ip=0x7f3b32b8d169 code=0x7ffc0000 [ 1225.578274][ T31] audit: type=1326 audit(2000000346.469:9312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25859 comm="syz.7.19751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b32b8d169 code=0x7ffc0000 [ 1225.640986][ T31] audit: type=1326 audit(2000000346.469:9313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25859 comm="syz.7.19751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b32b8d169 code=0x7ffc0000 [ 1225.686062][ T31] audit: type=1326 audit(2000000346.469:9314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25859 comm="syz.7.19751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=193 compat=0 ip=0x7f3b32b8d169 code=0x7ffc0000 [ 1225.758307][ T31] audit: type=1326 audit(2000000346.469:9315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25859 comm="syz.7.19751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b32b8d169 code=0x7ffc0000 [ 1225.958828][T25887] netlink: 6 bytes leftover after parsing attributes in process `syz.8.19759'. [ 1226.430878][T25912] netlink: 72 bytes leftover after parsing attributes in process `syz.3.19768'. [ 1226.474291][T25912] netlink: 12 bytes leftover after parsing attributes in process `syz.3.19768'. [ 1226.501420][T25912] netlink: 20 bytes leftover after parsing attributes in process `syz.3.19768'. [ 1226.600801][T25909] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1226.622423][T25909] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 1226.663898][T25909] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 1226.678546][T25909] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1226.684960][T25909] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 1226.712708][T25909] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 1226.727564][T25909] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1226.737462][T25909] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 1226.750711][T25909] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 1226.911796][T25939] netlink: 'syz.0.19777': attribute type 29 has an invalid length. [ 1226.939036][T25939] netlink: 'syz.0.19777': attribute type 29 has an invalid length. [ 1226.966553][T25939] netlink: 'syz.0.19777': attribute type 29 has an invalid length. [ 1226.967774][T25941] openvswitch: netlink: nsh attribute has 65512 unknown bytes. [ 1226.975232][T25939] netlink: 'syz.0.19777': attribute type 29 has an invalid length. [ 1226.992154][T25941] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 1227.011247][T25939] netlink: 'syz.0.19777': attribute type 29 has an invalid length. [ 1227.019553][T25939] netlink: 'syz.0.19777': attribute type 29 has an invalid length. [ 1227.059275][T25939] netlink: 'syz.0.19777': attribute type 29 has an invalid length. [ 1227.076582][T25939] netlink: 'syz.0.19777': attribute type 29 has an invalid length. [ 1227.578058][T25969] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1228.089482][T25984] input: syz0 as /devices/virtual/input/input148 [ 1228.395533][T25999] ipvlan2: entered promiscuous mode [ 1228.412405][T25999] ipvlan2: entered allmulticast mode [ 1228.417850][T25999] bridge0: entered allmulticast mode [ 1228.446885][T25999] bridge0: port 3(ipvlan2) entered blocking state [ 1228.480404][T25999] bridge0: port 3(ipvlan2) entered disabled state [ 1228.743091][ T5832] Bluetooth: hci2: command 0x0405 tx timeout [ 1228.817051][T26017] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 1228.828761][ T5832] Bluetooth: hci1: command 0x0c1a tx timeout [ 1228.914047][ T5832] Bluetooth: hci3: command 0x0405 tx timeout [ 1229.467945][T26044] netlink: 8 bytes leftover after parsing attributes in process `syz.3.19816'. [ 1229.804985][ T2640] kernel write not supported for file /bluetooth/6lowpan_control (pid: 2640 comm: kworker/1:1) [ 1230.966927][ T5832] Bluetooth: hci2: command 0x0405 tx timeout [ 1231.052781][ T5832] Bluetooth: hci1: command 0x0c1a tx timeout [ 1231.137863][ T5135] Bluetooth: hci3: command 0x0405 tx timeout [ 1232.121897][T26185] vivid-000: disconnect [ 1232.136755][T26184] vivid-000: reconnect [ 1232.413733][T26195] netlink: 8 bytes leftover after parsing attributes in process `syz.3.19870'. [ 1232.739018][T26210] ALSA: mixer_oss: invalid OSS volume '' [ 1233.190428][ T5135] Bluetooth: hci2: command 0x0405 tx timeout [ 1233.275800][ T5135] Bluetooth: hci1: command 0x0c1a tx timeout [ 1233.361617][ T5135] Bluetooth: hci3: command 0x0405 tx timeout [ 1233.631843][T26235] ================================================================== [ 1233.639988][T26235] BUG: KASAN: vmalloc-out-of-bounds in tpg_fill_plane_buffer+0x1ad6/0x5ca0 [ 1233.648699][T26235] Write of size 3840 at addr ffffc9000d56d000 by task vivid-000-vid-c/26235 [ 1233.657391][T26235] [ 1233.659746][T26235] CPU: 1 UID: 0 PID: 26235 Comm: vivid-000-vid-c Not tainted 6.14.0-rc6-syzkaller-00253-gcb82ca153949 #0 [ 1233.659773][T26235] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 1233.659787][T26235] Call Trace: [ 1233.659796][T26235] [ 1233.659805][T26235] dump_stack_lvl+0x241/0x360 [ 1233.659847][T26235] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1233.659868][T26235] ? __pfx__printk+0x10/0x10 [ 1233.659899][T26235] ? _printk+0xd5/0x120 [ 1233.659934][T26235] print_report+0x16e/0x5b0 [ 1233.659974][T26235] ? __virt_addr_valid+0xbd/0x530 [ 1233.660008][T26235] ? tpg_fill_plane_buffer+0x1ad6/0x5ca0 [ 1233.660033][T26235] kasan_report+0x143/0x180 [ 1233.660064][T26235] ? tpg_fill_plane_buffer+0x1ad6/0x5ca0 [ 1233.660093][T26235] kasan_check_range+0x282/0x290 [ 1233.660123][T26235] ? tpg_fill_plane_buffer+0x1ad6/0x5ca0 [ 1233.660147][T26235] __asan_memcpy+0x40/0x70 [ 1233.660172][T26235] tpg_fill_plane_buffer+0x1ad6/0x5ca0 [ 1233.660231][T26235] vivid_thread_vid_cap_tick+0xfbc/0x6090 [ 1233.660260][T26235] ? mark_lock+0x9a/0x360 [ 1233.660318][T26235] ? __pfx_vivid_thread_vid_cap_tick+0x10/0x10 [ 1233.660355][T26235] ? _raw_spin_unlock_irq+0x23/0x50 [ 1233.660381][T26235] ? lockdep_hardirqs_on+0x99/0x150 [ 1233.660415][T26235] vivid_thread_vid_cap+0x8aa/0xf30 [ 1233.660452][T26235] ? __pfx_vivid_thread_vid_cap+0x10/0x10 [ 1233.660479][T26235] kthread+0x7a9/0x920 [ 1233.660507][T26235] ? __pfx_kthread+0x10/0x10 [ 1233.660537][T26235] ? __pfx_vivid_thread_vid_cap+0x10/0x10 [ 1233.660564][T26235] ? __pfx_kthread+0x10/0x10 [ 1233.660592][T26235] ? __pfx_kthread+0x10/0x10 [ 1233.660622][T26235] ? __pfx_kthread+0x10/0x10 [ 1233.660650][T26235] ? _raw_spin_unlock_irq+0x23/0x50 [ 1233.660675][T26235] ? lockdep_hardirqs_on+0x99/0x150 [ 1233.660704][T26235] ? __pfx_kthread+0x10/0x10 [ 1233.660734][T26235] ret_from_fork+0x4b/0x80 [ 1233.660760][T26235] ? __pfx_kthread+0x10/0x10 [ 1233.660790][T26235] ret_from_fork_asm+0x1a/0x30 [ 1233.660821][T26235] [ 1233.660829][T26235] [ 1233.852192][T26235] The buggy address belongs to the virtual mapping at [ 1233.852192][T26235] [ffffc9000d531000, ffffc9000d56e000) created by: [ 1233.852192][T26235] vb2_vmalloc_alloc+0xf2/0x340 [ 1233.870094][T26235] [ 1233.872416][T26235] Memory state around the buggy address: SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 1233.878044][T26235] ffffc9000d56cf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 1233.886102][T26235] ffffc9000d56cf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 1233.894162][T26235] >ffffc9000d56d000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 1233.902222][T26235] ^ [ 1233.906286][T26235] ffffc9000d56d080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 1233.914351][T26235] ffffc9000d56d100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 1233.922408][T26235] ================================================================== [ 1233.999776][T26235] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 1234.007045][T26235] CPU: 1 UID: 0 PID: 26235 Comm: vivid-000-vid-c Not tainted 6.14.0-rc6-syzkaller-00253-gcb82ca153949 #0 [ 1234.018270][T26235] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 1234.028349][T26235] Call Trace: [ 1234.031632][T26235] [ 1234.034571][T26235] dump_stack_lvl+0x241/0x360 [ 1234.039269][T26235] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1234.044472][T26235] ? __pfx__printk+0x10/0x10 [ 1234.049074][T26235] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1234.055067][T26235] ? vscnprintf+0x5d/0x90 [ 1234.059413][T26235] panic+0x349/0x880 [ 1234.063323][T26235] ? check_panic_on_warn+0x21/0xb0 [ 1234.068445][T26235] ? __pfx_panic+0x10/0x10 [ 1234.072870][T26235] ? _raw_spin_unlock_irqrestore+0x130/0x140 [ 1234.078854][T26235] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 1234.085193][T26235] check_panic_on_warn+0x86/0xb0 [ 1234.090145][T26235] ? tpg_fill_plane_buffer+0x1ad6/0x5ca0 [ 1234.095788][T26235] end_report+0x77/0x160 [ 1234.100043][T26235] kasan_report+0x154/0x180 [ 1234.104559][T26235] ? tpg_fill_plane_buffer+0x1ad6/0x5ca0 [ 1234.110200][T26235] kasan_check_range+0x282/0x290 [ 1234.115147][T26235] ? tpg_fill_plane_buffer+0x1ad6/0x5ca0 [ 1234.120790][T26235] __asan_memcpy+0x40/0x70 [ 1234.125213][T26235] tpg_fill_plane_buffer+0x1ad6/0x5ca0 [ 1234.130706][T26235] vivid_thread_vid_cap_tick+0xfbc/0x6090 [ 1234.136434][T26235] ? mark_lock+0x9a/0x360 [ 1234.140795][T26235] ? __pfx_vivid_thread_vid_cap_tick+0x10/0x10 [ 1234.146983][T26235] ? _raw_spin_unlock_irq+0x23/0x50 [ 1234.152222][T26235] ? lockdep_hardirqs_on+0x99/0x150 [ 1234.157448][T26235] vivid_thread_vid_cap+0x8aa/0xf30 [ 1234.162675][T26235] ? __pfx_vivid_thread_vid_cap+0x10/0x10 [ 1234.168411][T26235] kthread+0x7a9/0x920 [ 1234.172584][T26235] ? __pfx_kthread+0x10/0x10 [ 1234.177187][T26235] ? __pfx_vivid_thread_vid_cap+0x10/0x10 [ 1234.182922][T26235] ? __pfx_kthread+0x10/0x10 [ 1234.187612][T26235] ? __pfx_kthread+0x10/0x10 [ 1234.192235][T26235] ? __pfx_kthread+0x10/0x10 [ 1234.196838][T26235] ? _raw_spin_unlock_irq+0x23/0x50 [ 1234.202050][T26235] ? lockdep_hardirqs_on+0x99/0x150 [ 1234.207263][T26235] ? __pfx_kthread+0x10/0x10 [ 1234.211869][T26235] ret_from_fork+0x4b/0x80 [ 1234.216308][T26235] ? __pfx_kthread+0x10/0x10 [ 1234.220935][T26235] ret_from_fork_asm+0x1a/0x30 [ 1234.225722][T26235] [ 1234.229030][T26235] Kernel Offset: disabled [ 1234.233353][T26235] Rebooting in 86400 seconds..