last executing test programs: 2m57.592868054s ago: executing program 2 (id=7321): io_setup(0x9, &(0x7f0000000100)=0x0) r1 = openat$fuse(0xffffff9c, &(0x7f00000000c0), 0x2, 0x0) io_submit(r0, 0x3, &(0x7f0000001780)=[&(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0]) 2m56.627882773s ago: executing program 2 (id=7354): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x38, r1, 0x21, 0x70bd2c, 0x25dfd9ff, {}, [@ETHTOOL_A_FEATURES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg0\x00'}]}, @ETHTOOL_A_FEATURES_WANTED={0xc, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4}, @ETHTOOL_A_BITSET_MASK={0x4}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x818}, 0x20000004) 2m56.59346851s ago: executing program 2 (id=7357): pipe2(&(0x7f0000000000)={0x0, 0x0}, 0x0) pselect6(0x40, &(0x7f0000000000)={0x8, 0x0, 0x0, 0x300, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0x0, 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 2m56.454030211s ago: executing program 2 (id=7361): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x1c3902, 0x0) sendfile(r0, r0, 0x0, 0x200000) cachestat(r0, &(0x7f0000000000)={0x9}, &(0x7f0000000040), 0x0) 2m56.369963172s ago: executing program 2 (id=7368): mkdir(&(0x7f0000005800)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f00000000c0)='sysfs\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000200)='./file0/bus\x00', &(0x7f00000001c0)='sysfs\x00', 0x0, 0x0) 2m56.278988891s ago: executing program 2 (id=7370): r0 = syz_open_dev$media(&(0x7f0000000000), 0x100000000, 0x200) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000f80)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) 2m48.052760968s ago: executing program 1 (id=7593): r0 = socket$kcm(0x2, 0x200000000000001, 0x106) sendmsg$inet(r0, &(0x7f0000000240)={&(0x7f0000000000)={0x2, 0x4001, @local}, 0x10, 0x0}, 0x34004000) ioctl$sock_kcm_SIOCKCMUNATTACH(r0, 0x894b, 0x0) 2m47.130644429s ago: executing program 1 (id=7610): sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)={0x3c, 0x0, 0x1, 0x401, 0x0, 0x1a14, {0x2, 0x0, 0x10}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @rand_addr=0x64010101}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x4}]}, 0x3c}}, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000080900010073797a30000000005c000000030a03000000000000000000050000000900010073797a30000000000900030073797a300000000008000a4000000003280004800800024000000012080001"], 0xa4}}, 0x0) 2m47.08179666s ago: executing program 1 (id=7612): syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a000008048002000905", @ANYRES64], 0x0) r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) close(r0) 2m45.82163362s ago: executing program 1 (id=7631): bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000000)={@fallback, 0xffffffffffffffff, 0x2f, 0x2028, 0x4, @void, @void, @value=0xffffffffffffffff}, 0x20) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xd50, 0xfffffffffffffee0, &(0x7f0000000000)="259a53f271a76d2608004c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 2m45.573223003s ago: executing program 1 (id=7636): r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000001c0)=0x10) link(&(0x7f0000000140)='.\x00', &(0x7f00000001c0)='./file0\x00') 2m45.471865522s ago: executing program 1 (id=7638): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000900)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [@NFT_MSG_NEWRULE={0x60, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2, 0x0, 0x4003}, [@NFTA_RULE_EXPRESSIONS={0x34, 0x4, 0x0, 0x1, [{0x30, 0x1, 0x0, 0x1, @immediate={{0xe}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_IMMEDIATE_DATA={0x10, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0xc, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}]}]}, @NFTA_IMMEDIATE_DREG={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFT_MSG_DELCHAIN={0x2c, 0x5, 0xa, 0x201, 0x0, 0x0, {0x2}, [@NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x1}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xb4}}, 0x0) 2m45.25389411s ago: executing program 0 (id=7644): r0 = socket$kcm(0x11, 0x3, 0x0) setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000), 0x4) sendmsg$kcm(r0, &(0x7f00000000c0)={&(0x7f0000000100)=@qipcrtr={0x2a, 0x4, 0x1}, 0x80, &(0x7f00000001c0)=[{&(0x7f0000000040)="27031c00160014000000002f1eafacf706e10500000086dd00", 0x19}, {&(0x7f00000017c0)="44504f81d37c356952483f9244dd24e9721f7301f0dd0efe110d5e42", 0x1c}], 0x2}, 0x2404c0d0) 2m45.253643331s ago: executing program 0 (id=7645): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) lsm_get_self_attr(0x65, 0x0, 0x0, 0x0) 2m45.193966225s ago: executing program 0 (id=7646): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000140)='cubic', 0x3) getsockopt$inet6_tcp_buf(r0, 0x6, 0x1a, 0x0, &(0x7f0000000180)) 2m45.193715476s ago: executing program 0 (id=7647): r0 = socket$inet_smc(0x2b, 0x1, 0x0) listen(r0, 0x8) listen(r0, 0x7fff) 2m45.163439066s ago: executing program 0 (id=7648): r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x100) fcntl$notify(r0, 0x402, 0x8000000b) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)=0x20) 2m45.078771094s ago: executing program 0 (id=7650): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$FOU_CMD_ADD(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="5b5e26bd7000ffdbdf2501000000050004000100000008000600ac1414aa08000b004d3b81c5"], 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x90) 2m41.022102355s ago: executing program 32 (id=7370): r0 = syz_open_dev$media(&(0x7f0000000000), 0x100000000, 0x200) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000f80)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) 2m30.032809243s ago: executing program 33 (id=7650): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$FOU_CMD_ADD(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="5b5e26bd7000ffdbdf2501000000050004000100000008000600ac1414aa08000b004d3b81c5"], 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x90) 2m29.998537393s ago: executing program 34 (id=7638): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000900)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [@NFT_MSG_NEWRULE={0x60, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2, 0x0, 0x4003}, [@NFTA_RULE_EXPRESSIONS={0x34, 0x4, 0x0, 0x1, [{0x30, 0x1, 0x0, 0x1, @immediate={{0xe}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_IMMEDIATE_DATA={0x10, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0xc, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}]}]}, @NFTA_IMMEDIATE_DREG={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFT_MSG_DELCHAIN={0x2c, 0x5, 0xa, 0x201, 0x0, 0x0, {0x2}, [@NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x1}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xb4}}, 0x0) 2m20.43261125s ago: executing program 5 (id=7929): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x400000000003, 0x7ffff, &(0x7f0000006680)) r0 = shmget$private(0x0, 0x3000, 0x40, &(0x7f0000a42000/0x3000)=nil) shmat(r0, &(0x7f0000ffd000/0x3000)=nil, 0x5000) 2m20.381896858s ago: executing program 5 (id=7932): r0 = socket$inet_sctp(0x2, 0x5, 0x84) bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e21, @empty}, 0x10) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000001c40), &(0x7f0000001c80)=0x8) 2m20.333046919s ago: executing program 5 (id=7935): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWTABLE={0x28, 0x0, 0xa, 0x801, 0x0, 0x0, {0x2, 0x0, 0x9}, [@NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x301, 0x0, 0x0, {0x2, 0x0, 0x6}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x64}]}]}], {0x14}}, 0x90}, 0x1, 0x0, 0x0, 0x24000144}, 0x2000) close(r0) 2m20.271128349s ago: executing program 5 (id=7938): timer_create(0xb, &(0x7f0000000680)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) syz_usb_connect$lan78xx(0x2, 0x3f, &(0x7f0000000500)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0x424, 0x7850, 0x0, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d}}]}}, 0x0) 2m20.230571738s ago: executing program 5 (id=7941): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20) unlink(&(0x7f0000000000)='./cgroup\x00') 2m20.183093819s ago: executing program 5 (id=7944): r0 = syz_open_dev$cec(&(0x7f0000000040), 0x0, 0x8982) ioctl$CEC_S_MODE(r0, 0x40046109, &(0x7f0000000100)=0x22) ioctl$CEC_S_MODE(r0, 0x40046109, &(0x7f0000000180)=0x2) 2m5.03225681s ago: executing program 35 (id=7944): r0 = syz_open_dev$cec(&(0x7f0000000040), 0x0, 0x8982) ioctl$CEC_S_MODE(r0, 0x40046109, &(0x7f0000000100)=0x22) ioctl$CEC_S_MODE(r0, 0x40046109, &(0x7f0000000180)=0x2) 540.298613ms ago: executing program 4 (id=11150): r0 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000280)="89000000120081ae08060cdc030000007f03e3f7000000006ee2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec0012100001400a0c0c00bdad446b9bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x4000010) close(r0) 462.471655ms ago: executing program 4 (id=11155): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_MON_PEER_GET(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000180)={0x20, r1, 0x30d, 0x0, 0x0, {}, [@TIPC_NLA_MON={0xc, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8}]}]}, 0x20}}, 0x0) 409.425717ms ago: executing program 6 (id=11158): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x1e) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$cgroup2(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x20000, 0x0) 409.177886ms ago: executing program 4 (id=11159): socket$packet(0x11, 0x3, 0x300) migrate_pages(0x0, 0x0, 0x0, &(0x7f0000000000)=0xfffffffffffffffc) syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="040e06f40908"], 0xa) 351.442908ms ago: executing program 6 (id=11161): r0 = syz_open_dev$dvb_dvr(&(0x7f0000001040), 0x0, 0x100) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$sock_inet_udp_SIOCINQ(r1, 0x541b, 0x0) 351.330726ms ago: executing program 4 (id=11162): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f0000002540)={0x0, 0x0, &(0x7f0000002500)={&(0x7f0000000140)={0x18, r1, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_FEATURES_WANTED={0x4}]}, 0x18}}, 0x0) 301.159771ms ago: executing program 6 (id=11164): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) r0 = fsopen(&(0x7f0000000340)='binder\x00', 0x1) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) 300.960019ms ago: executing program 3 (id=11165): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000ab4000000060a01040000000000000000020000280900010073797a30000000000900020073797a320000000088000480100001800c000100636f756e7465720014000180090001006d6173710000000004000280600001800a0001006c696d6974000000500002800c000140000000000000000808000440000000010c00014000000000000080010c0002"], 0xdc}}, 0x0) 300.859721ms ago: executing program 4 (id=11166): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x101002, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000740)=0xe) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000340)=0xff) 229.722398ms ago: executing program 6 (id=11168): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x2}}, [@NFT_MSG_NEWRULE={0x64, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x405}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @inner={{0xa}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_INNER_HDRSIZE={0x8, 0x4, 0x1, 0x0, 0x17}, @NFTA_INNER_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_INNER_TYPE={0x8, 0x2, 0x1, 0x0, 0x84}, @NFTA_INNER_NUM={0x8}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x8c}, 0x1, 0x0, 0x0, 0x8890}, 0x24000000) 224.941765ms ago: executing program 4 (id=11169): r0 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000700)='source', &(0x7f0000000780)='c:::/\x83\xc1\xcfD\xc4AO\x06)\xb03\xfcI\x95w\x96\x9b\xe9\xa6\x1a\x96\xael\x11\xa6\x06\xe3G\xb1\x1d$\xc2;\x8f\xf3\x13\xebB\x93\x94\x01\x8b\x88\xeb\xa3\x01\rx\x86bK&\x13a~//\x18\x14ZM\xcb\xad\x92>\xe5\x01V\xdc\x05#\x13\xe9F\xa0\x1b\xf8\xe12\xe9\x80\x988\xd8?\x86\xe9i\x7f\xa8\xe0c\x94\xc1\xae\x9c\xba\x1c\xfa\xbc\xa8\xbf\xff\xfe\xfe!\x7f2\xf1\xc7P\x80A\x1c2k\xf6}P\x19\xee:i|0\x1c\x13u\xb0I\xaa\xe3\x14\x9a\x1f\x9f(\xd1$\x06\xa8&t&A0\xa7\xef\x9cL\x8e1K', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) 224.841031ms ago: executing program 3 (id=11170): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x20000001}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000070000000000000700000aa0000000060a0b0400000000000000000200000074000480700001800a0001006d617463680000006000028008000240000000000c0001007068797364657600460003007e6b92c43235dc7e977221f83c3f179e65022fc067b787cd67b6d9983b1bddafbdf6a37da5ed332cd2ee94b31d2ec330ce34cc676c0783a4bcc10466554b0470571f00000900010073797a30000000000900020073797a32"], 0xc8}, 0x1, 0x0, 0x0, 0x4008011}, 0x40040c0) 151.17165ms ago: executing program 7 (id=11171): r0 = syz_genetlink_get_family_id$devlink(&(0x7f0000000100), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000580)={0x4c, r0, 0x1, 0x70bd2c, 0x0, {0x3d}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}, {0x5, 0x83, 0x1}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4080}, 0x0) 150.907543ms ago: executing program 6 (id=11172): r0 = socket$kcm(0xa, 0x3, 0x3a) sendmsg$kcm(r0, &(0x7f00000031c0)={&(0x7f00000001c0)=@l2tp6={0xa, 0x0, 0x0, @mcast1}, 0x80, &(0x7f00000006c0)=[{&(0x7f0000000740)="4f0461e980a3df614c952ba937542c3956c268ef9da7fc364c6d5c543c3bd84159a349884fb4df8936363169ce8541c090bb5871df329e56747592fa4d29a09dcb4c416503ec1113680af76cba6417576ac2c0d3570f91a9c661f10e9bdab3c038f68844db4a19a8a613d78adb0405e27a1dea217288306169ac437c2401514510725ff144e75b83b8c67735520151c1018c3542bdfa2cae78aeb5d328f7d134706eb4d03bf4018be0f581f55e82cc1e851b8585d48a881144bfd5e96b52b62e62abe7ace71093fe8779d41feea0eb401dc005f2e3fe47320e7f945fb04e06c713f062ca47794f9c0b7fa88ccfacc4a51a4e816e0cb832c42d9f60561d5086ff512190d1129892fd541a0fbc9a41d70cd0d4501fed5545cd04b7800814bcbf492339bbfe784baba895beda447447a447e088a8d7cb795b3543a8cd8d8efb830dabc88b5b6466cd1d903833fca0e1049480810da129e746e2c9726a846ce85003a6bb9949e5dd140ab97a001c91323d5cb6648d4f61d40d4951ae36a1a404ba3452ae9a969c16a0918b4afe0b7b6afe4d59d8abfed8e7b38ce7c6c4daf306d0136c353c109f0a63c26df5f8866e763dc2fcd93b7c9b7143823cd8272533aa2eb47f873da2e1aeba66332990f5033c712108f71bc055f29317d8dd9b227b524d61381ed55fdb83ee0849", 0x1e9}, {&(0x7f0000000e00)="5c6817db84aafc4ba93b3b7b773c1f7c014e2a2e2192542afa9748dcd0a777e403000000290d970e2f9a1d8f527923b0f362103e5bbeda2dca0d9d2b1e5238329691753f1860286f1aaa0786ba5cb644966e7b7566d2960bab4c5ba6da8e730af484c4850e243e0e95803437dfd6b95b5d3ffbb5d9fb8bc5b2358837f79985f063bfb4e982bdbd79b6aff84a010d1a97960158de81236aa66640e348b98794dd9ca277d910243cf4d9c6d38979d81faac0930900"/207, 0xcf}, {&(0x7f0000000f00)="9eb8a2c0e241fb0402ac67d48d04ecbc724648d79b443d283855fdba1e1dc6283591a8a07eb1436788b6b641ed5ea90be62fc7499c9b017d2e73973395411b7efb244a226ba0ae7657c57101711c5aa138abd03dec1e0899824e678aced03a92fec128f69d27d84ee2ff2e4ad3a3db73f406c4aec4ba5a715bf5abce312346bb7d7345e8df1fc10fa733c98030cb193341700961aa2ccb9f0f029190a1d34386c53e7017cf0fe0275d2d6f9531b12f12e29b903ffd774272360efe35269a1835d8f3e07382952f4fd47c9025f538c0bf576243026ed3d16af515d4e31055e765380602c4b42cb4e178350c5f387bdf01ff822a6a26b4cbd04523921adb0bddfd4c657e626ffa46f0a565ee807b56f98d90a48858679c0e5cada93389b479e4547690951c952e877d4139aaddd84d8b01dd791eff7b2c20cad352b1adc9f4e99da7f78d9ee00abe19e8e7a12840486f9d5e815d09095e482f0567ab86ff97caa5b1752897becb6e5985de8f", 0x16b}, {&(0x7f0000000b40)="b5640aae1e407af01eecff9e22e152a958b96c15ffd051d17c6c712f21a8abb26b561e7af56b164829c35642692c102092e1f43782559cb76acaa20f83d5e807ad43b3e153ccdf10b894d755e849d01e91b7b49af88a501bc937c19203d32e33610f090c9d9e0d5972ac64142f8f4b71f27cc89c43c9bec897b53fee3e5f94497031ff2e460d2c011dfd60030db5a289bde09ac884de124e62b5b6921c326a85bc8791473d2828d1e28b5f20e286b061c4dadef878b72e6095841189db4da6e671677ca72a3c1b69c2ec25d3ce", 0xcd}, {&(0x7f00000004c0)="6f5a805865eeef6df56a4a066060a57f040815401a8ba9f3022a97141eaafc45fcdccd0978326dd08efa751bba43d86d0f0dc7d9233096dfedc763587a0910455725b18469a62cb29e2476a098", 0x4d}, {&(0x7f00000005c0)="eaa496f21cfe2c370920a46df4841a22c0b729953454967ccef4aaaa4f3dd95ec6892c6ec59d0ad89dbdc90ecd3fd366efa6d9ec0f2bb2d5f25fc025bba196657382f98920cc3e28f83a9589d7cb9e13bf66f519910125c69089863262281b3a726e017505ed1b6509538f7b", 0x6c}], 0x6, &(0x7f0000000580)=ANY=[@ANYBLOB="180000"], 0x18}, 0x8080) sendmsg$kcm(r0, &(0x7f0000000000)={&(0x7f0000000100)=@l2tp6={0xa, 0x0, 0x2, @remote}, 0x80, &(0x7f0000000240)=[{&(0x7f0000000180)='S\x00', 0x5a0}], 0x1, 0x0, 0x0, 0x900}, 0x0) 150.785733ms ago: executing program 3 (id=11173): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x2}, 0x6) syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="03"], 0x4f) 150.206483ms ago: executing program 7 (id=11174): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000100), r0) sendmsg$NLBL_CIPSOV4_C_REMOVE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x14, r1, 0x1, 0x70bd2c, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x4000000) 149.79583ms ago: executing program 6 (id=11175): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) mincore(&(0x7f0000000000/0x800000)=nil, 0x800000, &(0x7f0000000180)=""/188) 70.428688ms ago: executing program 7 (id=11176): r0 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000100)={0x2098, 0x5, 0x1000, 0xfffffffd}, 0x10) sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000540)=@delchain={0x24, 0x5f, 0xf31, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x5, 0x2}}}, 0x24}, 0x1, 0x0, 0x0, 0x4800}, 0x40) 70.312151ms ago: executing program 3 (id=11177): r0 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x4, 0xffffffff, 0xfffffff8, 0xfffffffc}, 0x10) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB="240000001a00010003000000ffdbdf2502372009"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x48010) 70.163776ms ago: executing program 7 (id=11178): keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=@encrypted_new={'new ', 'default', 0x20, 'user:', 'syz', 0x20, 0xffd}, 0x2a, 0x0) r0 = add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe) keyctl$read(0xb, r0, 0x0, 0x0) 1.952514ms ago: executing program 3 (id=11179): r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="9feb01001800000000000000180000001800000004000000020000000100000c02000000000000000000000d0000000000005f"], 0x0, 0x34}, 0x20) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000100000000000000801800009500000000000000"], &(0x7f0000000000)='GPL\x00', 0xc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r0, 0x8, &(0x7f00000000c0)={0x0, 0x1}, 0x1}, 0x94) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000500)=@bpf_ext={0x1a, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0xc4f, 0x0, 0x0, 0x0, 0xfffffffc}}, &(0x7f0000000180)='GPL\x00', 0x7, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, 0x3a, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x1, r1, 0x0, 0x0, 0x0, 0x10, 0x4a6}, 0x94) 1.678705ms ago: executing program 7 (id=11180): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000640)={{0x14}, [@NFT_MSG_NEWRULE={0x5c, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x30, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @socket={{0xb}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_SOCKET_LEVEL={0x8, 0x3, 0x1e}, @NFTA_SOCKET_KEY={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SOCKET_DREG={0x8, 0x2, 0x1, 0x0, 0x17}]}}}]}]}], {0x14}}, 0x84}, 0x1, 0x0, 0x0, 0x40000}, 0x8044) 1.494965ms ago: executing program 3 (id=11181): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000a00)=@updpolicy={0xb8, 0x19, 0x1, 0x70bd29, 0x25dfdbfe, {{@in6=@mcast1, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x4, 0x0, 0x3, 0x0, 0x2, 0xfffffffffffffffd}, {0x0, 0x5, 0x6}, 0x0, 0x0, 0x1, 0x0, 0x2}}, 0xb8}, 0x1, 0x0, 0x0, 0x24008040}, 0x8000) syz_emit_ethernet(0x46, &(0x7f0000000400)={@local, @empty, @void, {@ipv4={0x800, @tcp={{0x9, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x6, 0x0, @private=0xa010102, @dev={0xac, 0x14, 0x14, 0x11}, {[@ssrr={0x89, 0x7, 0xa2, [@broadcast]}, @cipso={0x86, 0x6, 0x1}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0) 0s ago: executing program 7 (id=11182): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="180800000000100000000000000400008510000006"], 0x0, 0xa, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x20}, 0x94) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000080)=ANY=[@ANYBLOB="180000003f00010327bd7000fbdbdf2503"], 0x20}, 0x1, 0x0, 0x0, 0x10}, 0x20000800) kernel console output (not intermixed with test programs): altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0 [ 270.434449][ T34] usb 11-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 270.440206][ T34] usb 11-1: config 179 interface 65 has no altsetting 0 [ 270.444631][ T34] usb 11-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 270.453032][ T34] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 270.485697][ T34] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.6/usb11/11-1/11-1:179.65/input/input35 [ 270.695261][ T34] usb 11-1: USB disconnect, device number 2 [ 270.697880][ C3] xpad 11-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 270.841514][T25264] openvswitch: netlink: IP tunnel dst address not specified [ 270.847812][T25264] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 271.141002][T25285] sch_fq: defrate 4294967295 ignored. [ 271.458822][ T40] audit: type=1326 audit(1778608885.119:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25310 comm="syz.6.7990" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709efcc code=0x7ffc0000 [ 271.468646][ T40] audit: type=1326 audit(1778608885.119:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25310 comm="syz.6.7990" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709efcc code=0x7ffc0000 [ 271.478723][ T40] audit: type=1326 audit(1778608885.129:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25310 comm="syz.6.7990" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709efcc code=0x7ffc0000 [ 271.488495][ T40] audit: type=1326 audit(1778608885.129:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25310 comm="syz.6.7990" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709efcc code=0x7ffc0000 [ 271.497976][ T40] audit: type=1326 audit(1778608885.129:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25310 comm="syz.6.7990" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709efcc code=0x7ffc0000 [ 271.507874][ T40] audit: type=1326 audit(1778608885.129:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25310 comm="syz.6.7990" exe="/syz-executor" sig=0 arch=40000003 syscall=270 compat=1 ip=0xf709efcc code=0x7ffc0000 [ 271.518976][ T40] audit: type=1326 audit(1778608885.129:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25310 comm="syz.6.7990" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709efcc code=0x7ffc0000 [ 271.529753][ T40] audit: type=1326 audit(1778608885.129:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25310 comm="syz.6.7990" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709efcc code=0x7ffc0000 [ 271.539081][ T40] audit: type=1326 audit(1778608885.129:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25310 comm="syz.6.7990" exe="/syz-executor" sig=0 arch=40000003 syscall=436 compat=1 ip=0xf709efcc code=0x7ffc0000 [ 271.548331][ T40] audit: type=1326 audit(1778608885.129:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25310 comm="syz.6.7990" exe="/syz-executor" sig=0 arch=40000003 syscall=252 compat=1 ip=0xf709efcc code=0x7ffc0000 [ 271.595272][ T842] usb 9-1: new full-speed USB device number 2 using dummy_hcd [ 271.746409][ T842] usb 9-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 271.757269][ T842] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 271.766420][ T842] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 64 [ 271.774072][ T842] usb 9-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e [ 271.778080][ T842] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 271.781391][ T842] usb 9-1: Product: syz [ 271.784594][ T842] usb 9-1: Manufacturer: syz [ 271.786784][ T842] usb 9-1: SerialNumber: syz [ 271.794350][ T842] usb 9-1: config 0 descriptor?? [ 271.803410][T25301] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 271.892951][ T842] rc_core: IR keymap rc-streamzap not found [ 271.894944][ T842] Registered IR keymap rc-empty [ 271.904332][ T842] rc rc0: Streamzap PC Remote Infrared Receiver as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.0/rc/rc0 [ 271.915276][ T842] input: Streamzap PC Remote Infrared Receiver as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.0/rc/rc0/input36 [ 271.924415][T25362] sch_fq: defrate 4294967295 ignored. [ 272.022726][ T5849] usb 9-1: USB disconnect, device number 2 [ 272.390314][T25400] netlink: 8 bytes leftover after parsing attributes in process `syz.6.8012'. [ 273.973210][ T842] usb 9-1: new high-speed USB device number 3 using dummy_hcd [ 274.143014][ T842] usb 9-1: Using ep0 maxpacket: 8 [ 274.155651][ T842] usb 9-1: config 179 has an invalid interface number: 65 but max is 0 [ 274.159370][ T842] usb 9-1: config 179 has no interface number 0 [ 274.162149][ T842] usb 9-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9 [ 274.167181][ T842] usb 9-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024 [ 274.171914][ T842] usb 9-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 274.178283][ T842] usb 9-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0 [ 274.182433][ T842] usb 9-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 274.188084][ T842] usb 9-1: config 179 interface 65 has no altsetting 0 [ 274.191007][ T842] usb 9-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 274.195334][ T842] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 274.224229][ T842] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:179.65/input/input37 [ 274.412187][ T29] usb 9-1: USB disconnect, device number 3 [ 274.412248][ C1] xpad 9-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 284.425803][ T62] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 284.435219][ T62] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 284.440639][ T62] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 284.450602][ T62] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 284.455459][ T62] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 284.761874][ T13] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 284.878788][ T13] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 285.027863][ T13] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 285.044449][T25538] bridge0: port 1(bridge_slave_0) entered blocking state [ 285.048181][T25538] bridge0: port 1(bridge_slave_0) entered disabled state [ 285.051593][T25538] bridge_slave_0: entered allmulticast mode [ 285.056048][T25538] bridge_slave_0: entered promiscuous mode [ 285.061121][T25538] bridge0: port 2(bridge_slave_1) entered blocking state [ 285.065183][T25538] bridge0: port 2(bridge_slave_1) entered disabled state [ 285.068427][T25538] bridge_slave_1: entered allmulticast mode [ 285.072429][T25538] bridge_slave_1: entered promiscuous mode [ 285.100631][T25538] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 285.107391][T25538] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 285.150009][ T13] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 285.162366][T25538] team0: Port device team_slave_0 added [ 285.167829][T25538] team0: Port device team_slave_1 added [ 285.207935][T25538] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 285.210747][T25538] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 285.221066][T25538] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 285.230814][T25538] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 285.234458][T25538] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 285.245362][T25538] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 285.283848][T25538] hsr_slave_0: entered promiscuous mode [ 285.286306][T25538] hsr_slave_1: entered promiscuous mode [ 285.288428][T25538] debugfs: 'hsr0' already exists in 'hsr' [ 285.290255][T25538] Cannot create hsr debugfs directory [ 285.401241][ T13] bridge_slave_1: left allmulticast mode [ 285.403818][ T13] bridge_slave_1: left promiscuous mode [ 285.407062][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 285.413547][ T13] bridge_slave_0: left allmulticast mode [ 285.415806][ T13] bridge_slave_0: left promiscuous mode [ 285.417878][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 285.601342][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 285.608349][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 285.613731][ T13] bond0 (unregistering): Released all slaves [ 285.636522][ T5449] 8021q: adding VLAN 0 to HW filter on device eth10 [ 285.855070][T25538] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 285.872368][T25538] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 285.898833][T25538] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 285.905033][T25538] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 285.910445][ T5449] 8021q: adding VLAN 0 to HW filter on device eth11 [ 285.913779][T25538] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 285.919482][T25538] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 285.925538][T25538] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 285.931941][T25538] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 285.982639][ T13] hsr_slave_0: left promiscuous mode [ 285.991001][ T13] hsr_slave_1: left promiscuous mode [ 285.994132][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 285.997423][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 286.001889][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 286.006759][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 286.021861][ T13] veth1_macvtap: left promiscuous mode [ 286.025948][ T13] veth0_macvtap: left promiscuous mode [ 286.028567][ T13] veth1_vlan: left promiscuous mode [ 286.030891][ T13] veth0_vlan: left promiscuous mode [ 286.297570][ T13] team0 (unregistering): Port device team_slave_1 removed [ 286.310235][ T13] team0 (unregistering): Port device team_slave_0 removed [ 286.437047][ T5449] 8021q: adding VLAN 0 to HW filter on device eth12 [ 286.493675][T25538] 8021q: adding VLAN 0 to HW filter on device bond0 [ 286.509374][T25538] 8021q: adding VLAN 0 to HW filter on device team0 [ 286.517219][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 286.519963][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 286.526678][ T5748] Bluetooth: hci2: command tx timeout [ 286.562175][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 286.565233][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 286.661473][ T5449] 8021q: adding VLAN 0 to HW filter on device eth13 [ 286.940028][T25538] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 287.154913][T25538] veth0_vlan: entered promiscuous mode [ 287.167159][T25538] veth1_vlan: entered promiscuous mode [ 287.195122][T25538] veth0_macvtap: entered promiscuous mode [ 287.201397][T25538] veth1_macvtap: entered promiscuous mode [ 287.214924][T25538] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 287.227048][T25538] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 287.236015][ T13] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 287.239960][ T13] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 287.246291][ T13] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 287.250000][ T13] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 287.319398][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 287.324414][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 287.344594][ T1157] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 287.348523][ T1157] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 287.423718][T25905] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8048'. [ 287.428025][T25905] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8048'. [ 287.431850][T25905] netlink: 'syz.4.8048': attribute type 13 has an invalid length. [ 287.616097][ T842] hid_parser_main: 3 callbacks suppressed [ 287.616118][ T842] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 287.625054][ T842] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 287.628380][ T842] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 287.631415][ T842] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 287.634864][ T842] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 287.640518][ T842] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 287.650269][ T842] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 287.653899][ T842] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 287.657157][ T842] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 287.660232][ T842] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 287.668317][ T842] hid-generic 0000:0000:0000.0005: hidraw0: HID v0.03 Device [syz1] on syz1 [ 287.706911][T25949] fido_id[25949]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 287.789654][T25963] netlink: 'syz.3.8057': attribute type 14 has an invalid length. [ 287.873680][ T5834] usb 11-1: new high-speed USB device number 3 using dummy_hcd [ 288.029863][ T5834] usb 11-1: config 0 interface 0 altsetting 251 bulk endpoint 0x9 has invalid maxpacket 99 [ 288.037943][ T5834] usb 11-1: config 0 interface 0 has no altsetting 0 [ 288.060061][ T5834] usb 11-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 288.064289][ T5834] usb 11-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 288.068362][ T5834] usb 11-1: Product: syz [ 288.070563][ T5834] usb 11-1: Manufacturer: syz [ 288.073356][ T5834] usb 11-1: SerialNumber: syz [ 288.078122][ T5834] usb 11-1: config 0 descriptor?? [ 288.081442][T25934] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 288.096764][ T5834] usb 11-1: selecting invalid altsetting 0 [ 288.161737][T25993] syz.4.8065 (25993): drop_caches: 1 [ 288.290820][T25993] syz.4.8065 (25993): drop_caches: 1 [ 288.300107][T25934] usb 11-1: cannot submit urb 0, error -2: endpoint not enabled [ 288.305421][T25934] usb 11-1: cannot submit urb 0, error -2: endpoint not enabled [ 288.313922][T25932] usb 11-1: cannot submit urb 0, error -2: endpoint not enabled [ 288.317194][ T5834] usb 11-1: USB disconnect, device number 3 [ 288.334952][T26032] overlayfs: conflicting lowerdir path [ 288.535546][T26068] netlink: 8 bytes leftover after parsing attributes in process `syz.7.8077'. [ 288.541081][T26068] netlink: 4 bytes leftover after parsing attributes in process `syz.7.8077'. [ 288.545360][T26068] netlink: 'syz.7.8077': attribute type 13 has an invalid length. [ 288.548165][T26071] devpts: Bad value for 'max' [ 288.613191][ T5748] Bluetooth: hci2: command tx timeout [ 288.904750][T26118] netlink: 8 bytes leftover after parsing attributes in process `syz.6.8092'. [ 288.926384][T26118] netlink: 4 bytes leftover after parsing attributes in process `syz.6.8092'. [ 288.933865][T26118] netlink: 'syz.6.8092': attribute type 13 has an invalid length. [ 289.137477][T26159] netlink: 20 bytes leftover after parsing attributes in process `syz.7.8102'. [ 289.142531][T26159] netlink: 20 bytes leftover after parsing attributes in process `syz.7.8102'. [ 289.202177][ T5815] bridge0: entered promiscuous mode [ 289.438510][T26210] netlink: 4 bytes leftover after parsing attributes in process `syz.7.8117'. [ 289.542657][T26232] netlink: 4352 bytes leftover after parsing attributes in process `syz.4.8122'. [ 289.658943][ T55] bridge0: entered promiscuous mode [ 289.917982][T26290] vlan2: entered allmulticast mode [ 289.920265][T26290] netdevsim netdevsim7 netdevsim0: entered allmulticast mode [ 290.668467][T26394] netlink: 'syz.3.8170': attribute type 13 has an invalid length. [ 290.684770][ T5748] Bluetooth: hci2: command tx timeout [ 290.817132][T26409] overlayfs: conflicting lowerdir path [ 290.863356][ T34] usb 9-1: new high-speed USB device number 4 using dummy_hcd [ 291.025461][ T34] usb 9-1: config 0 interface 0 altsetting 251 bulk endpoint 0x9 has invalid maxpacket 99 [ 291.029654][ T34] usb 9-1: config 0 interface 0 has no altsetting 0 [ 291.034670][ T34] usb 9-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 291.038929][ T34] usb 9-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 291.042614][ T34] usb 9-1: Product: syz [ 291.045392][ T34] usb 9-1: Manufacturer: syz [ 291.047510][ T34] usb 9-1: SerialNumber: syz [ 291.054805][ T34] usb 9-1: config 0 descriptor?? [ 291.058738][T26387] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 291.066975][ T34] usb 9-1: selecting invalid altsetting 0 [ 291.175335][T26450] syz.3.8186 (26450): drop_caches: 1 [ 291.207921][T26450] syz.3.8186 (26450): drop_caches: 1 [ 291.271044][T26387] usb 9-1: cannot submit urb 0, error -2: endpoint not enabled [ 291.277794][T26387] usb 9-1: cannot submit urb 0, error -2: endpoint not enabled [ 291.286524][T26386] usb 9-1: cannot submit urb 0, error -2: endpoint not enabled [ 291.297286][ T34] usb 9-1: USB disconnect, device number 4 [ 291.638033][T26511] overlayfs: conflicting lowerdir path [ 291.645180][T26512] vlan3: entered allmulticast mode [ 291.647610][T26512] netdevsim netdevsim3 netdevsim0: entered allmulticast mode [ 291.985142][ T40] audit: type=1326 audit(1778608905.649:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26552 comm="syz.4.8210" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fc4fcc code=0x0 [ 292.076171][T26564] xt_cluster: you have exceeded the maximum number of cluster nodes (37482740 > 32) [ 292.616398][T26587] netlink: 'syz.3.8218': attribute type 1 has an invalid length. [ 292.773289][ T5748] Bluetooth: hci2: command tx timeout [ 292.809818][T26620] __nla_validate_parse: 5 callbacks suppressed [ 292.809835][T26620] netlink: 20 bytes leftover after parsing attributes in process `syz.7.8230'. [ 292.893966][T26631] binder_alloc: binder_alloc_mmap_handler: 26629 80ffd000-81000000 already mapped failed -16 [ 292.950891][T26640] netlink: 8 bytes leftover after parsing attributes in process `syz.6.8234'. [ 293.466952][T26723] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8260'. [ 293.534433][T26729] vlan2: entered allmulticast mode [ 293.537043][T26729] netdevsim netdevsim4 netdevsim0: entered allmulticast mode [ 293.958003][ T40] audit: type=1326 audit(1778608907.619:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26803 comm="syz.6.8285" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf709efcc code=0x0 [ 294.742834][T26831] netlink: 4 bytes leftover after parsing attributes in process `syz.7.8300'. [ 294.955073][T26867] netlink: 4 bytes leftover after parsing attributes in process `syz.6.8305'. [ 294.996020][T26870] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 295.085362][T26892] netlink: 184 bytes leftover after parsing attributes in process `syz.7.8311'. [ 296.030139][T27011] tipc: Started in network mode [ 296.031304][T27010] netlink: 68 bytes leftover after parsing attributes in process `syz.7.8345'. [ 296.032562][T27011] tipc: Node identity , cluster identity 4711 [ 296.040352][T27011] tipc: Failed to obtain node identity [ 296.046244][T27011] tipc: Enabling of bearer rejected, failed to enable media [ 296.304034][ T40] audit: type=1326 audit(1778608909.969:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27050 comm="syz.3.8357" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf70aefcc code=0x0 [ 296.495210][T27065] netlink: 10 bytes leftover after parsing attributes in process `syz.4.8363'. [ 297.338959][T27146] netlink: 8 bytes leftover after parsing attributes in process `syz.7.8387'. [ 297.349979][T27146] netlink: 4 bytes leftover after parsing attributes in process `syz.7.8387'. [ 297.355641][T27146] netlink: 'syz.7.8387': attribute type 15 has an invalid length. [ 297.973806][T27241] sctp: [Deprecated]: syz.4.8411 (pid 27241) Use of struct sctp_assoc_value in delayed_ack socket option. [ 297.973806][T27241] Use struct sctp_sack_info instead [ 297.979452][T27243] netlink: 8 bytes leftover after parsing attributes in process `syz.7.8412'. [ 298.368244][T27280] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8421'. [ 298.371138][T27280] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8421'. [ 298.373658][T27283] The dccp option matching is deprecated and scheduled to be removed in 2027. [ 298.373658][T27283] Please contact the netfilter-devel mailing list or update your nftables rules. [ 298.374082][T27280] netlink: 'syz.4.8421': attribute type 15 has an invalid length. [ 298.568960][T27313] tmpfs: Cannot change global quota limit on remount [ 298.741737][T27338] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8439'. [ 298.894761][T27369] tmpfs: Cannot change global quota limit on remount [ 299.318006][T27430] input input38: cannot allocate more than FF_MAX_EFFECTS effects [ 299.527463][T27458] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8480'. [ 299.580640][T27466] netlink: 80 bytes leftover after parsing attributes in process `syz.6.8476'. [ 299.583952][T27466] netlink: 8 bytes leftover after parsing attributes in process `syz.6.8476'. [ 299.612099][T27471] netlink: 4 bytes leftover after parsing attributes in process `syz.7.8475'. [ 299.732117][T27478] vivid-008: disconnect [ 299.738763][T27477] vivid-008: reconnect [ 300.312224][T27519] netlink: 'syz.3.8487': attribute type 7 has an invalid length. [ 300.317472][T27519] netlink: 'syz.3.8487': attribute type 5 has an invalid length. [ 300.321977][T27519] netlink: 17 bytes leftover after parsing attributes in process `syz.3.8487'. [ 300.625565][T27570] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8503'. [ 300.659586][T27576] netlink: zone id is out of range [ 300.672955][T27576] netlink: zone id is out of range [ 300.677547][T27576] netlink: zone id is out of range [ 300.680098][T27576] netlink: zone id is out of range [ 300.683326][T27576] netlink: zone id is out of range [ 300.686026][T27576] netlink: zone id is out of range [ 300.689013][T27576] netlink: zone id is out of range [ 300.691639][T27576] netlink: zone id is out of range [ 300.697365][T27576] netlink: zone id is out of range [ 300.699607][T27576] netlink: zone id is out of range [ 300.758883][ T40] audit: type=1326 audit(1778608914.419:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27591 comm="syz.3.8509" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70aefcc code=0x7ffc0000 [ 300.772110][ T40] audit: type=1326 audit(1778608914.419:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27591 comm="syz.3.8509" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70aefcc code=0x7ffc0000 [ 300.784805][ T40] audit: type=1326 audit(1778608914.449:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27591 comm="syz.3.8509" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf70aefcc code=0x7ffc0000 [ 300.785270][T27598] netlink: 'syz.7.8507': attribute type 7 has an invalid length. [ 300.796154][T27598] netlink: 'syz.7.8507': attribute type 5 has an invalid length. [ 300.798224][ T40] audit: type=1326 audit(1778608914.449:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27591 comm="syz.3.8509" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70aefcc code=0x7ffc0000 [ 300.811411][ T40] audit: type=1326 audit(1778608914.449:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27591 comm="syz.3.8509" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70aefcc code=0x7ffc0000 [ 300.824136][ T40] audit: type=1326 audit(1778608914.449:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27591 comm="syz.3.8509" exe="/syz-executor" sig=0 arch=40000003 syscall=52 compat=1 ip=0xf70aefcc code=0x7ffc0000 [ 300.837542][ T40] audit: type=1326 audit(1778608914.449:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27591 comm="syz.3.8509" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70aefcc code=0x7ffc0000 [ 300.864182][ T40] audit: type=1326 audit(1778608914.449:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27591 comm="syz.3.8509" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70aefcc code=0x7ffc0000 [ 301.289929][T27677] netlink: 'syz.4.8528': attribute type 7 has an invalid length. [ 301.294039][T27677] netlink: 'syz.4.8528': attribute type 5 has an invalid length. [ 302.078070][T27777] netlink: 'syz.6.8549': attribute type 7 has an invalid length. [ 302.101276][T27777] netlink: 'syz.6.8549': attribute type 5 has an invalid length. [ 302.356743][T27820] tipc: Started in network mode [ 302.359041][T27820] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711 [ 302.367837][T27820] tipc: Enabled bearer , priority 5 [ 302.779712][T27855] ALSA: mixer_oss: invalid index 20000 [ 303.086311][T27896] ALSA: mixer_oss: invalid index 20000 [ 303.212192][T27920] netlink: 'syz.7.8585': attribute type 7 has an invalid length. [ 303.217252][T27920] __nla_validate_parse: 8 callbacks suppressed [ 303.217269][T27920] netlink: 17 bytes leftover after parsing attributes in process `syz.7.8585'. [ 303.220191][T27918] netlink: 88 bytes leftover after parsing attributes in process `syz.4.8589'. [ 303.369283][T27958] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null. [ 303.440934][T27964] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null. [ 303.496177][ T5841] tipc: Node number set to 1 [ 303.701494][T28000] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null. [ 304.004039][ T34] kernel write not supported for file /sg0 (pid: 34 comm: kworker/3:0) [ 304.416218][T28110] [U]  [ 304.882054][T28192] [U]  [ 305.186212][ T40] audit: type=1800 audit(1778608918.849:245): pid=28248 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.8684" name="file0" dev="tmpfs" ino=11068 res=0 errno=0 [ 305.400358][T28265] vlan3: entered promiscuous mode [ 306.306325][T28373] vlan2: entered promiscuous mode [ 306.308426][T28373] bridge0: entered promiscuous mode [ 306.474645][T28409] netlink: 8 bytes leftover after parsing attributes in process `syz.6.8731'. [ 306.483046][T28409] netlink: 4 bytes leftover after parsing attributes in process `syz.6.8731'. [ 306.487435][T28409] validate_nla: 1 callbacks suppressed [ 306.487445][T28409] netlink: 'syz.6.8731': attribute type 11 has an invalid length. [ 306.491842][T28409] netlink: 'syz.6.8731': attribute type 12 has an invalid length. [ 306.502825][T28413] vlan3: entered promiscuous mode [ 306.521128][T28422] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8734'. [ 306.550788][T28425] netlink: 1208 bytes leftover after parsing attributes in process `syz.6.8736'. [ 306.715209][ T5815] hid (null): invalid report_size 51505 [ 306.719477][ T5815] hid (null): unknown global tag 0xc [ 306.721998][ T5815] hid (null): unknown global tag 0xc [ 306.726501][ T5815] hid (null): unknown global tag 0x9f [ 306.740269][ T5815] hid (null): unknown global tag 0xc [ 306.742715][ T5815] hid (null): unknown global tag 0x42 [ 306.750478][ T5815] hid (null): unknown global tag 0xd [ 306.753873][ T5815] hid (null): unknown global tag 0xc [ 306.756605][ T5815] hid (null): unknown global tag 0xc [ 306.759125][ T5815] hid (null): report_id 0 is invalid [ 306.761765][ T5815] hid (null): unknown global tag 0xe [ 306.765433][ T5815] hid (null): report_id 16697 is invalid [ 306.768062][ T5815] hid (null): bogus close delimiter [ 306.770367][ T5815] hid (null): unknown global tag 0xc [ 306.772701][ T5815] hid (null): invalid report_size 1234625101 [ 306.776751][ T5815] hid (null): unknown global tag 0xd [ 306.793608][ T5815] hid (null): unknown global tag 0xd [ 306.796239][ T5815] hid (null): invalid report_size -2125375034 [ 306.799525][ T5815] hid (null): report_id 0 is invalid [ 306.801845][ T5815] hid (null): invalid report_count -1724469666 [ 306.806000][ T5815] hid (null): unknown global tag 0xc [ 306.808565][ T5815] hid (null): unknown global tag 0xd [ 306.811520][ T5815] hid (null): global environment stack overflow [ 306.816485][ T5815] hid (null): unknown global tag 0xe [ 306.819149][ T5815] hid (null): unknown global tag 0xc [ 306.821553][ T5815] hid (null): unknown global tag 0xc [ 306.822251][T28471] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8750'. [ 306.833835][T28471] team0: Device is already in use. [ 306.840195][ T5815] hid_parser_main: 73 callbacks suppressed [ 306.840217][ T5815] hid-generic 0009:0007:0077.0006: unknown main item tag 0x1 [ 306.848007][ T5815] hid-generic 0009:0007:0077.0006: reserved main item tag 0xd [ 306.851634][ T5815] hid-generic 0009:0007:0077.0006: unknown main item tag 0x1 [ 306.855781][ T5815] hid-generic 0009:0007:0077.0006: unexpected long global item [ 306.859576][ T5815] hid-generic 0009:0007:0077.0006: probe with driver hid-generic failed with error -22 [ 307.032273][T28509] x_tables: ip6_tables: recent.0 match: invalid size 216 (kernel) != (user) 232 [ 307.222623][T28533] can0: slcan on ttyS3. [ 307.768890][T28625] netlink: 20 bytes leftover after parsing attributes in process `syz.7.8792'. [ 308.057444][T28673] x_tables: ip6_tables: recent.0 match: invalid size 216 (kernel) != (user) 232 [ 308.366559][T28717] netlink: 1208 bytes leftover after parsing attributes in process `syz.4.8819'. [ 308.489131][T28731] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8825'. [ 308.498840][ T842] hid (null): invalid report_size 51505 [ 308.502175][ T842] hid (null): unknown global tag 0xc [ 308.507074][ T842] hid (null): unknown global tag 0xc [ 308.509580][ T842] hid (null): unknown global tag 0x9f [ 308.515421][ T842] hid (null): unknown global tag 0xc [ 308.517863][ T842] hid (null): unknown global tag 0x42 [ 308.520249][ T842] hid (null): unknown global tag 0xd [ 308.523689][ T842] hid (null): unknown global tag 0xc [ 308.526325][ T842] hid (null): unknown global tag 0xc [ 308.528655][ T842] hid (null): report_id 0 is invalid [ 308.530971][ T842] hid (null): unknown global tag 0xe [ 308.534816][ T842] hid (null): report_id 16697 is invalid [ 308.543265][ T842] hid (null): bogus close delimiter [ 308.545681][ T842] hid (null): unknown global tag 0xc [ 308.548215][ T842] hid (null): invalid report_size 1234625101 [ 308.551104][ T842] hid (null): unknown global tag 0xd [ 308.563247][ T842] hid (null): unknown global tag 0xd [ 308.565885][ T842] hid (null): invalid report_size -2125375034 [ 308.573024][ T842] hid (null): report_id 0 is invalid [ 308.577616][ T842] hid (null): invalid report_count -1724469666 [ 308.583005][ T842] hid (null): unknown global tag 0xc [ 308.592070][ T842] hid (null): unknown global tag 0xd [ 308.594525][ T842] hid (null): global environment stack overflow [ 308.597254][ T842] hid (null): unknown global tag 0xe [ 308.599629][ T842] hid (null): unknown global tag 0xc [ 308.602009][ T842] hid (null): unknown global tag 0xc [ 308.608451][ T842] hid-generic 0009:0007:0077.0007: unknown main item tag 0x1 [ 308.612121][ T842] hid-generic 0009:0007:0077.0007: reserved main item tag 0xd [ 308.616279][ T842] hid-generic 0009:0007:0077.0007: unknown main item tag 0x1 [ 308.620059][ T842] hid-generic 0009:0007:0077.0007: unexpected long global item [ 308.624902][ T842] hid-generic 0009:0007:0077.0007: probe with driver hid-generic failed with error -22 [ 308.869523][T28777] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8835'. [ 308.876317][T28777] netlink: 24 bytes leftover after parsing attributes in process `syz.4.8835'. [ 308.880569][T28777] netlink: 24 bytes leftover after parsing attributes in process `syz.4.8835'. [ 308.942302][T28789] netlink: 20 bytes leftover after parsing attributes in process `syz.4.8840'. [ 309.409183][T28864] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth1_vlan, syncid = 0, id = 0 [ 310.582739][T28971] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth1_vlan, syncid = 0, id = 0 [ 310.733875][T28984] netlink: 'syz.7.8898': attribute type 1 has an invalid length. [ 310.738457][T28984] netlink: 224 bytes leftover after parsing attributes in process `syz.7.8898'. [ 310.742634][T28984] NCSI netlink: No device for ifindex 2164177684 [ 311.303718][T29052] tipc: Enabling of bearer rejected, failed to enable media [ 311.390061][T29064] netlink: 'syz.4.8921': attribute type 1 has an invalid length. [ 311.394918][T29064] netlink: 224 bytes leftover after parsing attributes in process `syz.4.8921'. [ 311.399133][T29064] NCSI netlink: No device for ifindex 2164177684 [ 311.582626][T29087] tipc: Enabling of bearer rejected, failed to enable media [ 311.675768][ T40] audit: type=1326 audit(1778608925.339:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29105 comm="syz.6.8935" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf709efcc code=0x0 [ 311.803584][ C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 313.590828][T29134] net_ratelimit: 44 callbacks suppressed [ 313.590847][T29134] openvswitch: netlink: Invalid MD length 0 for MD type 0 [ 313.596832][T29134] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 314.180635][T29243] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8974'. [ 314.390319][T29274] program syz.4.8985 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 314.421635][T29277] atomic_op ffff88806a15f198 conn xmit_atomic 0000000000000000 [ 314.496918][T29294] netlink: 'syz.6.8989': attribute type 10 has an invalid length. [ 314.549946][T29306] netlink: 8 bytes leftover after parsing attributes in process `syz.6.8992'. [ 314.651878][T29323] program syz.3.8997 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 314.707134][T29332] netlink: 'syz.3.9002': attribute type 10 has an invalid length. [ 314.721023][T29337] atomic_op ffff888047d32198 conn xmit_atomic 0000000000000000 [ 314.759926][T29344] ptrace attach of "/syz-executor exec"[23035] was attempted by ""[29344] [ 314.768296][T29345] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined [ 314.898828][T29375] atomic_op ffff888029b4c998 conn xmit_atomic 0000000000000000 [ 315.097966][ T40] audit: type=1326 audit(1778608928.759:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29408 comm="syz.6.9027" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf709efcc code=0x0 [ 315.187717][T29425] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9032'. [ 315.298253][T29443] netlink: 32 bytes leftover after parsing attributes in process `syz.3.9037'. [ 315.533058][ T5841] usb 12-1: new high-speed USB device number 2 using dummy_hcd [ 315.713928][ T5841] usb 12-1: Using ep0 maxpacket: 8 [ 315.720641][ T5841] usb 12-1: config index 0 descriptor too short (expected 5924, got 36) [ 315.727157][ T5841] usb 12-1: config 250 has an invalid interface number: 228 but max is -1 [ 315.731180][ T5841] usb 12-1: config 250 has 1 interface, different from the descriptor's value: 0 [ 315.735606][ T5841] usb 12-1: config 250 has no interface number 0 [ 315.738960][ T5841] usb 12-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024 [ 315.745199][ T5841] usb 12-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024 [ 315.749663][ T5841] usb 12-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0 [ 315.754755][ T5841] usb 12-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0 [ 315.759229][ T5841] usb 12-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17 [ 315.766323][ T5841] usb 12-1: config 250 interface 228 has no altsetting 0 [ 315.771208][ T5841] usb 12-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07 [ 315.776019][ T5841] usb 12-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59 [ 315.779937][ T5841] usb 12-1: Product: syz [ 315.781901][ T5841] usb 12-1: SerialNumber: syz [ 315.799397][ T5841] hub 12-1:250.228: bad descriptor, ignoring hub [ 315.802627][ T5841] hub 12-1:250.228: probe with driver hub failed with error -5 [ 316.011074][ T5841] usblp 12-1:250.228: usblp0: USB Bidirectional printer dev 2 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292 [ 316.078997][T29520] comedi comedi2: pcl711: I/O port conflict (0x100,16) [ 316.326181][ T10] usb 12-1: USB disconnect, device number 2 [ 316.344344][ T10] usblp0: removed [ 316.677710][T29592] nftables ruleset with unbound set [ 316.700132][T29593] kAFS: unable to lookup cell 'syz1' [ 316.703663][T29593] kAFS: unable to lookup cell 'syz1' [ 316.796259][T29596] syz.4.9078: page allocation failure: order:1, mode:0xcc1(GFP_KERNEL|GFP_DMA), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 316.804137][T29596] CPU: 2 UID: 0 PID: 29596 Comm: syz.4.9078 Tainted: G L syzkaller #0 PREEMPT(full) [ 316.804166][T29596] Tainted: [L]=SOFTLOCKUP [ 316.804173][T29596] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 316.804183][T29596] Call Trace: [ 316.804189][T29596] [ 316.804197][T29596] dump_stack_lvl+0x100/0x190 [ 316.804221][T29596] warn_alloc.cold+0x95/0x1c1 [ 316.804267][T29596] ? __pfx_warn_alloc+0x10/0x10 [ 316.804291][T29596] ? __mutex_unlock_slowpath+0x15d/0x8a0 [ 316.804320][T29596] ? _mutex_trylock_nest_lock+0x170/0x310 [ 316.804355][T29596] __alloc_frozen_pages_noprof+0xf25/0x2bc0 [ 316.804397][T29596] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 316.804423][T29596] ? comedi_isadma_alloc+0xc6/0x620 [ 316.804448][T29596] ? __pfx_stack_trace_save+0x10/0x10 [ 316.804472][T29596] ? stack_depot_save_flags+0x27/0x9d0 [ 316.804493][T29596] ? find_held_lock+0x2b/0x80 [ 316.804518][T29596] ? comedi_isadma_alloc+0xc6/0x620 [ 316.804539][T29596] ? kasan_save_stack+0x3f/0x50 [ 316.804555][T29596] ? kasan_save_stack+0x30/0x50 [ 316.804570][T29596] ? kasan_save_track+0x14/0x30 [ 316.804583][T29596] ? __kasan_kmalloc+0xaa/0xb0 [ 316.804602][T29596] ? __do_fast_syscall_32+0xe7/0x950 [ 316.804646][T29596] ? do_fast_syscall_32+0x32/0x70 [ 316.804671][T29596] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 316.804698][T29596] __alloc_pages_noprof+0xb/0x110 [ 316.804725][T29596] __dma_direct_alloc_pages.isra.0+0x47c/0x8f0 [ 316.804755][T29596] ? __pfx___dma_direct_alloc_pages.isra.0+0x10/0x10 [ 316.804780][T29596] ? dma_alloc_from_dev_coherent+0x2e0/0x570 [ 316.804808][T29596] dma_direct_alloc+0x8f/0x590 [ 316.804831][T29596] dma_alloc_attrs+0x185/0x2b0 [ 316.804850][T29596] ? __pfx_dma_alloc_attrs+0x10/0x10 [ 316.804866][T29596] ? dma_direct_supported+0xca/0x220 [ 316.804900][T29596] comedi_isadma_alloc+0x331/0x620 [ 316.804927][T29596] ? __pfx_comedi_isadma_alloc+0x10/0x10 [ 316.804951][T29596] ? request_threaded_irq+0x27b/0x3e0 [ 316.804982][T29596] pcl812_attach+0x18f5/0x2300 [ 316.805007][T29596] comedi_device_attach+0x40e/0x6b0 [ 316.805033][T29596] do_devconfig_ioctl+0x1b3/0x6d0 [ 316.805055][T29596] ? comedi_unlocked_ioctl+0x180/0x3310 [ 316.805083][T29596] ? __pfx_do_devconfig_ioctl+0x10/0x10 [ 316.805118][T29596] ? tomoyo_path_number_perm+0x46d/0x580 [ 316.805139][T29596] ? kasan_save_stack+0x3f/0x50 [ 316.805155][T29596] ? kasan_save_stack+0x30/0x50 [ 316.805170][T29596] ? kasan_save_track+0x14/0x30 [ 316.805185][T29596] ? kasan_save_free_info+0x3b/0x70 [ 316.805214][T29596] comedi_unlocked_ioctl+0x860/0x3310 [ 316.805247][T29596] ? __pfx_comedi_unlocked_ioctl+0x10/0x10 [ 316.805293][T29596] ? kasan_quarantine_put+0x104/0x240 [ 316.805308][T29596] ? lockdep_hardirqs_on+0x78/0x100 [ 316.805333][T29596] ? find_held_lock+0x2b/0x80 [ 316.805353][T29596] ? tomoyo_path_number_perm+0x28f/0x580 [ 316.805370][T29596] ? tomoyo_path_number_perm+0x28f/0x580 [ 316.805392][T29596] ? tomoyo_path_number_perm+0x188/0x580 [ 316.805416][T29596] comedi_compat_ioctl+0x438/0xe20 [ 316.805445][T29596] ? __pfx_comedi_compat_ioctl+0x10/0x10 [ 316.805471][T29596] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 316.805499][T29596] ? do_vfs_ioctl+0x226/0x13e0 [ 316.805517][T29596] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 316.805542][T29596] ? find_held_lock+0x2b/0x80 [ 316.805563][T29596] ? __fget_files+0x215/0x3d0 [ 316.805581][T29596] ? hook_file_ioctl_common+0x149/0x410 [ 316.805606][T29596] ? __fget_files+0x21f/0x3d0 [ 316.805630][T29596] ? __pfx_comedi_compat_ioctl+0x10/0x10 [ 316.805656][T29596] __ia32_compat_sys_ioctl+0x2cf/0x360 [ 316.805677][T29596] __do_fast_syscall_32+0xe7/0x950 [ 316.805707][T29596] do_fast_syscall_32+0x32/0x70 [ 316.805733][T29596] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 316.805755][T29596] RIP: 0023:0xf7fc4fcc [ 316.805770][T29596] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8 [ 316.805785][T29596] RSP: 002b:00000000f548650c EFLAGS: 00000292 ORIG_RAX: 0000000000000036 [ 316.805804][T29596] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000040946400 [ 316.805815][T29596] RDX: 0000000080000180 RSI: 0000000000000000 RDI: 0000000000000000 [ 316.805824][T29596] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 316.805833][T29596] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 316.805842][T29596] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 316.805866][T29596] [ 316.806015][T29596] Mem-Info: [ 316.923439][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 316.925972][T29596] active_anon:403 inactive_anon:3120 isolated_anon:0 [ 316.925972][T29596] active_file:3387 inactive_file:3298 isolated_file:0 [ 316.925972][T29596] unevictable:1768 dirty:236 writeback:0 [ 316.925972][T29596] slab_reclaimable:6495 slab_unreclaimable:62190 [ 316.925972][T29596] mapped:22677 shmem:1789 pagetables:1873 [ 316.925972][T29596] sec_pagetables:317 bounce:0 [ 316.925972][T29596] kernel_misc_reclaimable:0 [ 316.925972][T29596] free:71726 free_pcp:151 free_cma:0 [ 317.018044][T29596] Node 0 active_anon:4kB inactive_anon:96kB active_file:0kB inactive_file:12kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:28kB dirty:4kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8724kB pagetables:1660kB sec_pagetables:1132kB all_unreclaimable? yes Balloon:0kB gpu_active:0kB gpu_reclaim:0kB [ 317.032542][T29596] Node 0 DMA free:2164kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:604kB local_pcp:224kB free_cma:0kB [ 317.045044][T29596] lowmem_reserve[]: 0 285 285 285 285 [ 317.046904][T29596] Node 0 DMA: 107*4kB (U) 31*8kB (U) 13*16kB (U) 2*32kB (U) 1*64kB (U) 1*128kB (U) 0*256kB 2*512kB (U) 0*1024kB 0*2048kB 0*4096kB = 2164kB [ 317.051233][T29596] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 317.054271][T29596] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 317.057184][T29596] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 317.060137][T29596] Node 1 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 317.063239][T29596] 8949 total pagecache pages [ 317.065065][T29596] 479 pages in swap cache [ 317.066614][T29596] Free swap = 56324kB [ 317.068287][T29596] Total swap = 124996kB [ 317.069934][T29596] 524155 pages RAM [ 317.071546][T29596] 0 pages HighMem/MovableOnly [ 317.073720][T29596] 210119 pages reserved [ 317.075439][T29596] 0 pages cma reserved [ 318.007973][T29733] netlink: 40 bytes leftover after parsing attributes in process `syz.4.9118'. [ 318.013432][T29733] netlink: 40 bytes leftover after parsing attributes in process `syz.4.9118'. [ 318.070216][T29738] netlink: 4 bytes leftover after parsing attributes in process `syz.7.9119'. [ 318.077266][T29738] netlink: 8 bytes leftover after parsing attributes in process `syz.7.9119'. [ 318.814789][ T40] audit: type=1326 audit(1778608932.479:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29806 comm="syz.7.9139" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf706efcc code=0x0 [ 319.073009][ T842] usb 11-1: new high-speed USB device number 4 using dummy_hcd [ 319.223026][ T842] usb 11-1: Using ep0 maxpacket: 8 [ 319.227524][ T842] usb 11-1: config index 0 descriptor too short (expected 5924, got 36) [ 319.231271][ T842] usb 11-1: config 250 has an invalid interface number: 228 but max is -1 [ 319.235691][ T842] usb 11-1: config 250 has 1 interface, different from the descriptor's value: 0 [ 319.240009][ T842] usb 11-1: config 250 has no interface number 0 [ 319.243103][ T842] usb 11-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024 [ 319.248325][ T842] usb 11-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024 [ 319.253892][ T842] usb 11-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0 [ 319.258507][ T842] usb 11-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0 [ 319.263459][ T842] usb 11-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17 [ 319.269847][ T842] usb 11-1: config 250 interface 228 has no altsetting 0 [ 319.274752][ T842] usb 11-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07 [ 319.279049][ T842] usb 11-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59 [ 319.282664][ T842] usb 11-1: Product: syz [ 319.284708][ T842] usb 11-1: SerialNumber: syz [ 319.297164][ T842] hub 11-1:250.228: bad descriptor, ignoring hub [ 319.300339][ T842] hub 11-1:250.228: probe with driver hub failed with error -5 [ 319.511846][ T842] usblp 11-1:250.228: usblp0: USB Bidirectional printer dev 4 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292 [ 319.804820][ T34] usb 11-1: USB disconnect, device number 4 [ 319.819495][ T34] usblp0: removed [ 319.954079][ T3260] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 338.114617][T29954] netlink: 24 bytes leftover after parsing attributes in process `syz.4.9165'. [ 338.235535][T29977] netlink: 'syz.3.9171': attribute type 3 has an invalid length. [ 338.474334][T30007] hugetlbfs: Bad value 't1' for mount option 'nr_inodes' [ 338.474334][T30007] [ 339.434864][T30144] trusted_key: encrypted_key: key trusted:syz not found [ 339.522798][ T40] audit: type=1326 audit(1778608953.179:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30153 comm="syz.6.9227" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709efcc code=0x7ffc0000 [ 339.535098][ T40] audit: type=1326 audit(1778608953.179:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30153 comm="syz.6.9227" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709efcc code=0x7ffc0000 [ 339.567102][ T40] audit: type=1326 audit(1778608953.229:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30153 comm="syz.6.9227" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf71d616b code=0x7ffc0000 [ 339.580102][ T40] audit: type=1326 audit(1778608953.229:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30153 comm="syz.6.9227" exe="/syz-executor" sig=0 arch=40000003 syscall=346 compat=1 ip=0xf709efcc code=0x7ffc0000 [ 339.597903][ T40] audit: type=1326 audit(1778608953.229:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30153 comm="syz.6.9227" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf709efcc code=0x7ffc0000 [ 339.607442][ T40] audit: type=1326 audit(1778608953.229:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30153 comm="syz.6.9227" exe="/syz-executor" sig=0 arch=40000003 syscall=346 compat=1 ip=0xf709efcc code=0x7ffc0000 [ 339.617330][ T40] audit: type=1326 audit(1778608953.229:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30153 comm="syz.6.9227" exe="/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf71d616b code=0x7ffc0000 [ 339.628643][ T40] audit: type=1326 audit(1778608953.229:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30153 comm="syz.6.9227" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709efcc code=0x7ffc0000 [ 339.639595][ T40] audit: type=1326 audit(1778608953.229:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30153 comm="syz.6.9227" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709efcc code=0x7ffc0000 [ 339.649648][ T40] audit: type=1326 audit(1778608953.229:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30153 comm="syz.6.9227" exe="/syz-executor" sig=0 arch=40000003 syscall=373 compat=1 ip=0xf709efcc code=0x7ffc0000 [ 339.722379][T30185] overlayfs: only single ':' or double '::' sequences of unescaped colons in lowerdir mount option allowed. [ 339.956512][T30230] Option ' ' to dns_resolver key: bad/missing value [ 340.185436][T30272] netlink: 'syz.3.9265': attribute type 1 has an invalid length. [ 340.248738][T30279] syz.4.9266 (30279): drop_caches: 4 [ 341.118135][T30400] overlayfs: workdir and upperdir must reside under the same mount [ 341.185514][T30406] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(3) [ 341.187789][T30406] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 341.191422][T30406] vhci_hcd vhci_hcd.0: Device attached [ 341.201928][T30406] vhci_hcd vhci_hcd.0: port 0 already used [ 341.209938][T30407] vhci_hcd: connection closed [ 341.210841][T25202] vhci_hcd vhci_hcd.7: stop threads [ 341.229228][T25202] vhci_hcd vhci_hcd.7: release socket [ 341.231372][T25202] vhci_hcd vhci_hcd.7: disconnect device [ 341.994680][T30469] autofs: Bad value for 'fd' [ 342.487172][T30534] nd_bus ndbus0: __nd_ioctl:bus unknown input size cmd: cmd_call field: 1 [ 342.576249][T30552] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9348'. [ 342.579402][T30552] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9348'. [ 342.803032][ T5815] usb 12-1: new high-speed USB device number 3 using dummy_hcd [ 342.953304][ T5815] usb 12-1: Using ep0 maxpacket: 32 [ 342.959123][ T5815] usb 12-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 342.963045][ T842] usb 9-1: new high-speed USB device number 5 using dummy_hcd [ 342.967184][ T5815] usb 12-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 342.967209][ T5815] usb 12-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 342.967225][ T5815] usb 12-1: Product: syz [ 342.967246][ T5815] usb 12-1: Manufacturer: syz [ 342.967258][ T5815] usb 12-1: SerialNumber: syz [ 342.970217][ T5815] usb 12-1: config 0 descriptor?? [ 342.970977][T30543] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22 [ 343.118766][T30620] netlink: 4 bytes leftover after parsing attributes in process `syz.6.9368'. [ 343.135151][ T842] usb 9-1: config index 0 descriptor too short (expected 39, got 27) [ 343.138583][ T842] usb 9-1: config 0 interface 0 altsetting 251 has an endpoint descriptor with address 0x46, changing to 0x6 [ 343.148723][ T842] usb 9-1: config 0 interface 0 altsetting 251 endpoint 0x6 has an invalid bInterval 0, changing to 7 [ 343.160664][ T842] usb 9-1: config 0 interface 0 altsetting 251 endpoint 0x6 has invalid maxpacket 8459, setting to 1024 [ 343.166726][ T842] usb 9-1: config 0 interface 0 has no altsetting 0 [ 343.173643][ T842] usb 9-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 343.177347][ T842] usb 9-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 343.180466][ T842] usb 9-1: Product: syz [ 343.182146][ T842] usb 9-1: Manufacturer: syz [ 343.184248][ T842] usb 9-1: SerialNumber: syz [ 343.187376][ T842] usb 9-1: config 0 descriptor?? [ 343.191584][ T842] hub 9-1:0.0: bad descriptor, ignoring hub [ 343.197352][ T842] hub 9-1:0.0: probe with driver hub failed with error -5 [ 343.215383][ T5815] usb 12-1: USB disconnect, device number 3 [ 343.217090][ T842] usb 9-1: selecting invalid altsetting 0 [ 343.413463][ T842] usb 9-1: USB disconnect, device number 5 [ 343.420381][T30677] netlink: 24 bytes leftover after parsing attributes in process `syz.3.9380'. [ 343.686692][T30719] netlink: 8 bytes leftover after parsing attributes in process `syz.6.9389'. [ 343.690320][T30719] netlink: 4 bytes leftover after parsing attributes in process `syz.6.9389'. [ 343.694330][T30719] netlink: 'syz.6.9389': attribute type 19 has an invalid length. [ 343.697849][T30719] netlink: 'syz.6.9389': attribute type 20 has an invalid length. [ 343.738877][T30723] tipc: Enabled bearer , priority 10 [ 344.288849][T30808] wlan0 speed is unknown, defaulting to 1000 [ 344.291524][T30808] wlan0 speed is unknown, defaulting to 1000 [ 344.296541][T30808] wlan0 speed is unknown, defaulting to 1000 [ 344.300501][T30808] smbdirect: ib_dev[syz0]: added: RNIC max_fast_reg_page_list_len=256 device_cap_flags=0x200000 kernel_cap_flags=0x10 page_size_cap=0x1000 [ 344.305994][T30808] smbdirect: ib_dev[syz0]: num_ports=1 max_qp_rd_atom=128 max_qp_init_rd_atom=128 max_sgl_rd=0 max_sge_rd=1 max_cqe=3276800 max_qp_wr=32768 max_send_sge=6 max_recv_sge=6 [ 344.314382][T30808] smbdirect: ib_dev[syz0]PORT[1]: iwarp=1 ib=0 roce=0 v1=0 v2=0 core_cap_flags=0x400008 [ 344.329277][T30808] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 344.347619][T30808] wlan0 speed is unknown, defaulting to 1000 [ 344.350637][T30808] wlan0 speed is unknown, defaulting to 1000 [ 344.358070][T30808] wlan0 speed is unknown, defaulting to 1000 [ 344.360948][T30808] wlan0 speed is unknown, defaulting to 1000 [ 344.364895][T30808] wlan0 speed is unknown, defaulting to 1000 [ 344.645166][T30880] Invalid source name [ 345.136564][T30949] can0 (unregistered): slcan off ttyS3. [ 345.433754][T31010] : entered promiscuous mode [ 345.700742][T31043] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 346.196663][ T5833] usb 11-1: new high-speed USB device number 5 using dummy_hcd [ 346.346131][ T5833] usb 11-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 346.350553][ T5833] usb 11-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 346.355101][ T5833] usb 11-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 346.359060][ T5833] usb 11-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 346.365690][ T5833] usb 11-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 346.376263][ T5833] usb 11-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 346.380126][ T5833] usb 11-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 346.383690][ T5833] usb 11-1: Product: syz [ 346.385377][ T5833] usb 11-1: Manufacturer: syz [ 346.390936][ T5833] cdc_wdm 11-1:1.0: skipping garbage [ 346.393382][ T5833] cdc_wdm 11-1:1.0: skipping garbage [ 346.399627][ T5833] cdc_wdm 11-1:1.0: cdc-wdm0: USB WDM device [ 346.401788][ T5833] cdc_wdm 11-1:1.0: Unknown control protocol [ 346.407327][T31116] netlink: 'syz.7.9490': attribute type 1 has an invalid length. [ 346.411105][T31116] netlink: 96 bytes leftover after parsing attributes in process `syz.7.9490'. [ 346.415491][T31116] netlink: 1 bytes leftover after parsing attributes in process `syz.7.9490'. [ 346.419250][T31116] netlink: 'syz.7.9490': attribute type 1 has an invalid length. [ 346.422677][T31116] netlink: 'syz.7.9490': attribute type 8 has an invalid length. [ 346.426347][T31116] netlink: 606 bytes leftover after parsing attributes in process `syz.7.9490'. [ 346.597094][ T34] usb 11-1: USB disconnect, device number 5 [ 346.601651][T31080] cdc_wdm 11-1:1.0: Error submitting int urb - -19 [ 347.287831][T31177] IPVS: sync thread started: state = BACKUP, mcast_ifn = bond0, syncid = 4, id = 0 [ 347.289807][T31176] IPVS: stopping backup sync thread 31177 ... [ 347.401999][T31183] ALSA: mixer_oss: invalid OSS volume '' [ 347.433036][ T9] usb 11-1: new high-speed USB device number 6 using dummy_hcd [ 347.593006][ T9] usb 11-1: Using ep0 maxpacket: 8 [ 347.596046][ T9] usb 11-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 347.599652][ T9] usb 11-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82 [ 347.604098][ T9] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 347.609163][ T9] usb 11-1: New USB device found, idVendor=04e8, idProduct=ff30, bcdDevice=a6.d1 [ 347.612187][ T9] usb 11-1: New USB device strings: Mfr=1, Product=34, SerialNumber=3 [ 347.615083][ T9] usb 11-1: Product: syz [ 347.616541][ T9] usb 11-1: Manufacturer: syz [ 347.618289][ T9] usb 11-1: SerialNumber: syz [ 347.621842][ T9] usb 11-1: config 0 descriptor?? [ 347.694495][ T9] rc_core: IR keymap rc-imon-rsc not found [ 347.697587][ T9] Registered IR keymap rc-empty [ 347.700877][ T9] rc rc0: iMON Station as /devices/platform/dummy_hcd.6/usb11/11-1/11-1:0.0/rc/rc0 [ 347.708265][ T9] input: iMON Station as /devices/platform/dummy_hcd.6/usb11/11-1/11-1:0.0/rc/rc0/input40 [ 347.833425][ T34] usb 11-1: USB disconnect, device number 6 [ 348.396223][T31236] ICMPv6: RA: ndisc_router_discovery failed to add default route [ 348.402144][T31236] ICMPv6: RA: ndisc_router_discovery failed to add default route [ 348.406005][T31236] ICMPv6: RA: ndisc_router_discovery failed to add default route [ 348.409381][T31236] ICMPv6: RA: ndisc_router_discovery failed to add default route [ 348.412645][T31236] ICMPv6: RA: ndisc_router_discovery failed to add default route [ 348.415995][T31236] ICMPv6: RA: ndisc_router_discovery failed to add default route [ 348.419549][T31236] ICMPv6: RA: ndisc_router_discovery failed to add default route [ 348.423017][T31236] ICMPv6: RA: ndisc_router_discovery failed to add default route [ 348.426205][T31236] ICMPv6: RA: ndisc_router_discovery failed to add default route [ 348.639876][T31250] xt_socket: unknown flags 0xe4 [ 348.976782][T31257] bridge0: port 1(bridge_slave_0) entered forwarding state [ 349.083357][ T62] Bluetooth: hci1: command 0x1003 tx timeout [ 349.093655][ T5748] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 349.411465][ T40] kauditd_printk_skb: 2 callbacks suppressed [ 349.411481][ T40] audit: type=1326 audit(1778608963.069:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31328 comm="syz.7.9545" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf706efcc code=0x0 [ 349.624897][ T40] audit: type=1326 audit(1778608963.289:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31358 comm="syz.4.9555" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fc4fcc code=0x0 [ 350.229007][T31397] netlink: 'syz.3.9566': attribute type 32 has an invalid length. [ 350.232361][T31397] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9566'. [ 350.256003][T31397] bond4: Setting coupled_control to off (0) [ 350.464271][T31455] netlink: 12 bytes leftover after parsing attributes in process `syz.7.9574'. [ 350.815225][T31490] netlink: 20 bytes leftover after parsing attributes in process `syz.4.9585'. [ 351.132246][T31528] tipc: Enabling of bearer rejected, failed to enable media [ 351.422170][T31567] sg_write: data in/out 2069223589/3 bytes for SCSI command 0x91-- guessing data in; [ 351.422170][T31567] program syz.3.9610 not setting count and/or reply_len properly [ 351.553212][T31579] syz.3.9614 (31579) used obsolete PPPIOCDETACH ioctl [ 351.765358][T31606] netlink: 8 bytes leftover after parsing attributes in process `syz.6.9622'. [ 351.769754][T31606] netlink: 8 bytes leftover after parsing attributes in process `syz.6.9622'. [ 352.149003][T31658] net_ratelimit: 5267 callbacks suppressed [ 352.149025][T31658] ICMPv6: RA: ndisc_router_discovery failed to add default route [ 352.155539][T31658] ICMPv6: RA: ndisc_router_discovery failed to add default route [ 352.158283][T31658] ICMPv6: RA: ndisc_router_discovery failed to add default route [ 352.160768][T31658] ICMPv6: RA: ndisc_router_discovery failed to add default route [ 352.163771][T31658] ICMPv6: RA: ndisc_router_discovery failed to add default route [ 352.166807][T31658] ICMPv6: RA: ndisc_router_discovery failed to add default route [ 352.171137][T31658] ICMPv6: RA: ndisc_router_discovery failed to add default route [ 352.175115][T31658] ICMPv6: RA: ndisc_router_discovery failed to add default route [ 352.178798][T31658] ICMPv6: RA: ndisc_router_discovery failed to add default route [ 352.182224][T31658] ICMPv6: RA: ndisc_router_discovery failed to add default route [ 352.681396][T31669] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9640'. [ 353.353144][ T5841] usb 12-1: new high-speed USB device number 4 using dummy_hcd [ 353.518115][ T5841] usb 12-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 353.532982][ T5841] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 353.535574][ T5841] usb 12-1: Product: syz [ 353.537003][ T5841] usb 12-1: Manufacturer: syz [ 353.538527][ T5841] usb 12-1: SerialNumber: syz [ 353.549202][ T5841] usb 12-1: config 0 descriptor?? [ 353.750915][T31781] tmpfs: Cannot enable quota on remount [ 353.768514][ T5833] usb 12-1: USB disconnect, device number 4 [ 354.072732][T31822] netlink: 47 bytes leftover after parsing attributes in process `syz.4.9680'. [ 354.076869][T31822] netlink: 20 bytes leftover after parsing attributes in process `syz.4.9680'. [ 354.646361][T31864] netlink: 4 bytes leftover after parsing attributes in process `syz.7.9693'. [ 355.255959][T31888] netlink: 24 bytes leftover after parsing attributes in process `syz.6.9701'. [ 356.534384][T31930] netlink: 'syz.7.9716': attribute type 9 has an invalid length. [ 356.537864][T31930] netlink: 'syz.7.9716': attribute type 7 has an invalid length. [ 356.542391][T31930] netlink: 'syz.7.9716': attribute type 8 has an invalid length. [ 357.672675][T32032] vlan4: entered promiscuous mode [ 358.172560][T32103] netem: change failed [ 358.221052][T32109] xt_socket: unknown flags 0xd0 [ 358.296358][T32116] netlink: 40 bytes leftover after parsing attributes in process `syz.6.9776'. [ 358.299250][T32116] netlink: 28 bytes leftover after parsing attributes in process `syz.6.9776'. [ 358.410202][T32128] netlink: 48 bytes leftover after parsing attributes in process `syz.7.9779'. [ 358.711238][ T34] IPVS: starting estimator thread 0... [ 358.803081][T32152] IPVS: using max 27 ests per chain, 64800 per kthread [ 358.827245][ T5815] kernel read not supported for file /vcs (pid: 5815 comm: kworker/0:3) [ 358.906930][T32089] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 358.910200][T32089] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 358.926743][T32089] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 358.940276][T32089] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 358.943217][T32089] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 358.951228][T32089] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 358.963378][T32089] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 358.966148][T32089] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 358.976062][T32089] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 359.110324][T32187] netlink: 40 bytes leftover after parsing attributes in process `syz.4.9797'. [ 359.149076][T32193] netlink: 12 bytes leftover after parsing attributes in process `syz.6.9799'. [ 359.259759][T32212] netlink: 44 bytes leftover after parsing attributes in process `syz.4.9804'. [ 359.266328][T32212] netlink: 43 bytes leftover after parsing attributes in process `syz.4.9804'. [ 359.273799][T32212] netlink: 'syz.4.9804': attribute type 5 has an invalid length. [ 359.273836][T32212] netlink: 43 bytes leftover after parsing attributes in process `syz.4.9804'. [ 359.554366][T32260] netlink: 19 bytes leftover after parsing attributes in process `syz.7.9822'. [ 359.589071][T32270] vlan4: entered allmulticast mode [ 359.591670][T32270] macsec0: entered allmulticast mode [ 359.596499][T32270] veth1_macvtap: entered allmulticast mode [ 359.740063][ T5748] Bluetooth: hci2: ACL packet for unknown connection handle 201 [ 359.747430][ T5748] Bluetooth: hci2: ACL packet for unknown connection handle 201 [ 360.193107][ T9] usb 11-1: new high-speed USB device number 7 using dummy_hcd [ 360.203176][ T5748] Bluetooth: hci4: command 0x0c1a tx timeout [ 360.343400][ T9] usb 11-1: Using ep0 maxpacket: 32 [ 360.349714][ T9] usb 11-1: New USB device found, idVendor=2304, idProduct=0222, bcdDevice=77.3f [ 360.354849][ T9] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 360.358845][ T9] usb 11-1: Product: syz [ 360.361170][ T9] usb 11-1: Manufacturer: syz [ 360.366605][ T9] usb 11-1: SerialNumber: syz [ 360.371512][ T9] usb 11-1: config 0 descriptor?? [ 360.381044][ T9] dvb-usb: found a 'Pinnacle 450e DVB-S USB2.0' in warm state. [ 360.385641][ T9] dvb-usb: bulk message failed: -22 (4/0) [ 360.388314][ T9] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0) [ 360.393857][ T9] dvb-usb: bulk message failed: -22 (5/0) [ 360.396607][ T9] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0) [ 360.404766][ T9] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 360.409234][ T9] dvbdev: DVB: registering new adapter (Pinnacle 450e DVB-S USB2.0) [ 360.412695][ T9] usb 11-1: media controller created [ 360.426329][ T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 360.441379][T32345] team0: Device gtp0 is up. Set it down before adding it as a team port [ 360.441943][ T9] usb 11-1: selecting invalid altsetting 3 [ 360.448459][ T9] ttusb2: set interface to alts=3 failed [ 360.542956][ T9] DVB: Unable to find symbol tda10086_attach() [ 360.548007][ T9] dvb-usb: no frontend was attached by 'Pinnacle 450e DVB-S USB2.0' [ 360.552528][ T9] dvb-usb: bulk message failed: -22 (4/0) [ 360.562983][ T9] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0) [ 360.570386][ T9] dvb-usb: bulk message failed: -22 (5/0) [ 360.575211][ T9] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0) [ 360.589073][ T9] dvb-usb: Pinnacle 450e DVB-S USB2.0 successfully initialized and connected. [ 360.598086][T32310] ttusb2: i2c wr len=133 too high [ 360.614995][ T9] usb 11-1: USB disconnect, device number 7 [ 360.659578][ T9] dvb-usb: Pinnacle 450e DVB-S USB2.0 successfully deinitialized and disconnected. [ 360.706624][T32383] xt_limit: Overflow, try lower: 271964/0 [ 360.970591][ T40] audit: type=1326 audit(1778608974.629:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32417 comm="syz.4.9863" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fc4fcc code=0x0 [ 360.979720][T32419] netlink: 36 bytes leftover after parsing attributes in process `syz.7.9864'. [ 361.004174][ T5748] Bluetooth: hci5: command 0x0c1a tx timeout [ 361.013841][ T5748] Bluetooth: hci2: command 0x0c1a tx timeout [ 361.014320][T32422] xt_l2tp: missing protocol rule (udp|l2tpip) [ 361.534241][T32468] netlink: 4 bytes leftover after parsing attributes in process `syz.6.9881'. [ 361.986238][T32502] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9893'. [ 362.292987][ T5748] Bluetooth: hci4: command 0x0c1a tx timeout [ 362.344026][T32543] netlink: 'syz.7.9907': attribute type 2 has an invalid length. [ 362.346528][T32543] netlink: 'syz.7.9907': attribute type 1 has an invalid length. [ 362.348990][T32543] netlink: 'syz.7.9907': attribute type 1 has an invalid length. [ 362.389790][T32548] [U] [ 362.447449][T32563] raw_sendmsg: syz.6.9913 forgot to set AF_INET. Fix it! [ 362.636936][T32579] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 362.758120][T32579] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 362.892233][T32579] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 363.002380][T32579] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 363.083342][ T5748] Bluetooth: hci2: command 0x0c1a tx timeout [ 363.084712][ T62] Bluetooth: hci5: command 0x0c1a tx timeout [ 363.110599][ T1156] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 363.121166][T25202] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 363.132419][T25202] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 363.156162][ T1157] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 363.159812][T32658] tmpfs: Cannot change global quota limit on remount [ 363.655457][T32720] netlink: 39 bytes leftover after parsing attributes in process `syz.6.9960'. [ 363.659691][T32720] netlink: 1 bytes leftover after parsing attributes in process `syz.6.9960'. [ 364.012784][T32752] netlink: 4 bytes leftover after parsing attributes in process `syz.6.9972'. [ 364.363438][ T5748] Bluetooth: hci4: command 0x0c1a tx timeout [ 365.163026][ T5748] Bluetooth: hci2: command 0x0c1a tx timeout [ 365.173038][ T62] Bluetooth: hci5: command 0x0c1a tx timeout [ 365.417399][ T448] netlink: 84 bytes leftover after parsing attributes in process `syz.4.10028'. [ 365.626551][ T465] netlink: 8 bytes leftover after parsing attributes in process `syz.4.10034'. [ 365.762281][ T489] netlink: 'syz.3.10039': attribute type 178 has an invalid length. [ 365.934220][ T508] netlink: 24 bytes leftover after parsing attributes in process `syz.3.10047'. [ 365.934560][ T1305] hid-generic FFFF:0008:0003.0008: item fetching failed at offset 0/1 [ 365.943244][ T3260] usb 9-1: new high-speed USB device number 6 using dummy_hcd [ 365.951766][ T1305] hid-generic FFFF:0008:0003.0008: probe with driver hid-generic failed with error -22 [ 366.090288][ T535] rtc_cmos PNP0B00:00: Alarms can be up to one day in the future [ 366.123153][ T3260] usb 9-1: Using ep0 maxpacket: 16 [ 366.130393][ T3260] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 366.135878][ T3260] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 366.139731][ T3260] usb 9-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8 [ 366.144201][ T3260] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 366.152371][ T3260] usb 9-1: config 0 descriptor?? [ 366.159110][ T3260] dvb-usb: found a 'Artec T1 USB2.0' in warm state. [ 366.162064][ T3260] dvb-usb: bulk message failed: -22 (3/0) [ 366.173586][ T3260] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 366.177063][ T3260] dvbdev: DVB: registering new adapter (Artec T1 USB2.0) [ 366.179758][ T3260] usb 9-1: media controller created [ 366.187309][ T3260] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 366.201449][ T3260] dvb-usb: bulk message failed: -22 (6/0) [ 366.203563][ T3260] dvb-usb: no frontend was attached by 'Artec T1 USB2.0' [ 366.210071][ T3260] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb9/9-1/input/input41 [ 366.217560][ T3260] dvb-usb: schedule remote query interval to 150 msecs. [ 366.221657][ T3260] dvb-usb: Artec T1 USB2.0 successfully initialized and connected. [ 366.370200][ T34] usb 9-1: USB disconnect, device number 6 [ 366.416776][ T34] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected. [ 366.418351][ T598] netlink: 28 bytes leftover after parsing attributes in process `syz.7.10069'. [ 366.592979][ T1305] usb 11-1: new high-speed USB device number 8 using dummy_hcd [ 366.699816][ T3260] rtc_cmos PNP0B00:00: Alarms can be up to one day in the future [ 366.713926][ T3260] rtc_cmos PNP0B00:00: Alarms can be up to one day in the future [ 366.725103][ T3260] rtc_cmos PNP0B00:00: Alarms can be up to one day in the future [ 366.729469][ T3260] rtc_cmos PNP0B00:00: Alarms can be up to one day in the future [ 366.732783][ T3260] rtc rtc0: __rtc_set_alarm: err=-22 [ 366.743059][ T1305] usb 11-1: Using ep0 maxpacket: 32 [ 366.747435][ T1305] usb 11-1: unable to get BOS descriptor or descriptor too short [ 366.752079][ T1305] usb 11-1: config 8 has an invalid interface number: 188 but max is 0 [ 366.755940][ T1305] usb 11-1: config 8 has no interface number 0 [ 366.758617][ T1305] usb 11-1: config 8 interface 188 has no altsetting 0 [ 366.764875][ T1305] usb 11-1: string descriptor 0 read error: -22 [ 366.767446][ T1305] usb 11-1: New USB device found, idVendor=0ccd, idProduct=0102, bcdDevice=89.0e [ 366.771159][ T1305] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 366.785329][ T1305] dvb-usb: found a 'Terratec Cinergy S2 USB HD Rev.3' in warm state. [ 366.788279][ T1305] dw2102: su3000_power_ctrl: 1, initialized 0 [ 366.790749][ T1305] dvb-usb: bulk message failed: -22 (2/0) [ 366.798118][ T1305] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 366.803037][ T1305] dvbdev: DVB: registering new adapter (Terratec Cinergy S2 USB HD Rev.3) [ 366.807114][ T1305] usb 11-1: media controller created [ 366.809479][ T1305] dvb-usb: bulk message failed: -22 (6/0) [ 366.812001][ T1305] dw2102: i2c transfer failed. [ 366.814467][ T1305] dvb-usb: bulk message failed: -22 (6/0) [ 366.817037][ T1305] dw2102: i2c transfer failed. [ 366.819232][ T1305] dvb-usb: bulk message failed: -22 (6/0) [ 366.821536][ T1305] dw2102: i2c transfer failed. [ 366.823811][ T1305] dvb-usb: bulk message failed: -22 (6/0) [ 366.826233][ T1305] dw2102: i2c transfer failed. [ 366.828430][ T1305] dvb-usb: bulk message failed: -22 (6/0) [ 366.831312][ T1305] dw2102: i2c transfer failed. [ 366.833980][ T1305] dvb-usb: bulk message failed: -22 (6/0) [ 366.836257][ T1305] dw2102: i2c transfer failed. [ 366.837805][ T1305] dvb-usb: MAC address: 02:02:02:02:02:02 [ 366.850822][ T1305] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 366.867708][ T1305] dvb-usb: bulk message failed: -22 (3/0) [ 366.869985][ T1305] dw2102: command 0x0e transfer failed. [ 366.871746][ T1305] dvb-usb: bulk message failed: -22 (3/0) [ 366.874067][ T1305] dw2102: command 0x0e transfer failed. [ 366.970893][ T656] netlink: 4 bytes leftover after parsing attributes in process `syz.7.10082'. [ 367.183032][ T1305] dvb-usb: bulk message failed: -22 (3/0) [ 367.188510][ T1305] dw2102: command 0x0e transfer failed. [ 367.192679][ T1305] dvb-usb: bulk message failed: -22 (3/0) [ 367.197369][ T1305] dw2102: command 0x0e transfer failed. [ 367.201060][ T1305] dvb-usb: bulk message failed: -22 (1/0) [ 367.207231][ T1305] dw2102: command 0x51 transfer failed. [ 367.211598][ T585] dvb-usb: bulk message failed: -22 (5/0) [ 367.213728][ T585] dw2102: i2c transfer failed. [ 367.250360][ T1305] DVB: Unable to find symbol ds3000_attach() [ 367.253550][ T62] Bluetooth: hci2: command 0x0c1a tx timeout [ 367.254208][ T1305] dvb-usb: no frontend was attached by 'Terratec Cinergy S2 USB HD Rev.3' [ 367.324874][ T1305] rc_core: IR keymap rc-su3000 not found [ 367.327436][ T1305] Registered IR keymap rc-empty [ 367.332019][ T1305] rc rc0: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.6/usb11/11-1/rc/rc0 [ 367.340647][ T1305] input: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.6/usb11/11-1/rc/rc0/input42 [ 367.347019][ T1305] dvb-usb: schedule remote query interval to 150 msecs. [ 367.349989][ T1305] dw2102: su3000_power_ctrl: 0, initialized 1 [ 367.352555][ T1305] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully initialized and connected. [ 367.359829][ T1305] usb 11-1: USB disconnect, device number 8 [ 367.387218][ T1305] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully deinitialized and disconnected. [ 367.421533][ T708] smc: net device wlan0 applied user defined pnetid SYZ0 [ 367.936345][ T783] netem: change failed [ 368.190894][ T5833] IPVS: starting estimator thread 0... [ 368.293157][ T818] IPVS: using max 43 ests per chain, 103200 per kthread [ 368.535659][ T5833] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 368.560860][ T882] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10141'. [ 368.631316][ T889] netlink: 24 bytes leftover after parsing attributes in process `syz.3.10143'. [ 369.964824][ T62] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 369.964852][ T5748] Bluetooth: hci1: command 0x1003 tx timeout [ 378.759165][ T924] netlink: 19 bytes leftover after parsing attributes in process `syz.6.10146'. [ 378.856932][ T939] gfs2: error -5 reading superblock [ 378.859224][ T942] netlink: 120 bytes leftover after parsing attributes in process `syz.4.10152'. [ 378.862624][ T942] netlink: 'syz.4.10152': attribute type 1 has an invalid length. [ 378.866783][ T942] netlink: 64 bytes leftover after parsing attributes in process `syz.4.10152'. [ 379.168208][ T1005] ALSA: seq fatal error: cannot create timer (-19) [ 379.717478][ T1112] netlink: 24 bytes leftover after parsing attributes in process `syz.4.10199'. [ 379.803895][ T9] hid-generic 0007:0001:FFFFFFFF.0009: unknown main item tag 0x0 [ 379.811545][ T9] hid-generic 0007:0001:FFFFFFFF.0009: unknown main item tag 0x0 [ 379.816770][ T9] hid-generic 0007:0001:FFFFFFFF.0009: unknown main item tag 0x0 [ 379.824940][ T9] hid-generic 0007:0001:FFFFFFFF.0009: unknown main item tag 0x0 [ 379.831455][ T9] hid-generic 0007:0001:FFFFFFFF.0009: unknown main item tag 0x0 [ 379.834607][ T9] hid-generic 0007:0001:FFFFFFFF.0009: unknown main item tag 0x0 [ 379.838134][ T9] hid-generic 0007:0001:FFFFFFFF.0009: unknown main item tag 0x0 [ 379.844178][ T9] hid-generic 0007:0001:FFFFFFFF.0009: unknown main item tag 0x0 [ 379.849063][ T9] hid-generic 0007:0001:FFFFFFFF.0009: unknown main item tag 0x0 [ 379.854542][ T1183] netlink: 72 bytes leftover after parsing attributes in process `syz.4.10206'. [ 379.858747][ T9] hid-generic 0007:0001:FFFFFFFF.0009: unknown main item tag 0x0 [ 379.875468][ T9] hid-generic 0007:0001:FFFFFFFF.0009: hidraw0: HID va.e8 Device [syz0] on syz1 [ 380.048526][ T1191] fido_id[1191]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 380.436635][ T1278] [U]  [ 380.437848][ T1278] [U] K{ [ 380.440700][ T1278] [U] t 1ŠFfˊ`GJgo/mC [ 380.444652][ T1278] [U] tؖ/,~Ĝj}8'o1"7-JQKWq5c%"H12YX``+(!(z'tXlnIgjݭp~7!" (5Ob̓J [ 380.450624][ T1278] [U] k\&}66XHX .`a$40|϶9ި U4Vbz}wMTQΦr 4 [ 380.456384][ T1278] [U] ".h6"k[J4In[Z(C|T]z{3c=x4w)\TXJSH{q;칢t+gd.˂>ywUhfNhl]S2\g%O&z)'pul_< ذ`ұT;_"(u{7j2X /'cIHcճV=Ai%wEs RjgrhIa6-DV i"n Asc~48c*OO5/J~wvK+3Y)Mvyq潀DTrOtpem%fejA5T_-X~^aaۂq [ 380.471540][ T1278] [U] +wG?]'a: )' B>tf/<'U'hi.+]e.-ɿ%>2`^U8F.63+A«g3p6:^0tv'EtYCnrϩnPj ;Z8!\Aʖ2$­wi.#/Bai`4jdy@zgW5˿B ٜNy"vI2 [ 380.483608][ T1278] [U] T_K5tYJ9c$brLNul 9w|G"ʃ%C؝q 3qN^HP*$ .7yӱ2 [ 380.487907][ T1278] [U] ? h*37鍾^#Q"0~ (oX Lb,'v=CSGS0ւ`ه=1(p#2DO*Ƀ [ 380.500177][ T1278] [U] sgGud-{|&2Lc_!`oz֥B%>rwSsH"yA4O.Y䏄RTԶB[+/<>{q_՝LX8U{Z)7?rR;crhײڣ1>)Măt(aϝ}9ڥJ*Mќġ'Lq DW=|q ÆW;5Ž!dBx`/E`ƦMX"\ [ 380.534565][ T1278] [U] {; ٘_o2)o.2W2yx_ HPϱSD:]{ [ 380.537524][ T1278] [U] I,> 51^1N4oǶ'0?֒i9w._.WaV`)Zc6GiӹaXL[F*OW)+'\n[K@2Ǭp"^` [ 380.544406][ T1278] [U] 22Ʃx?0;3u [ 380.546316][ T1278] [U] ޜsObx8W4(~/KUԖoQe+G-ygY_>v3.hә]̈́2)D, D~d+w; A\FPȘ|$)KؐIɿkYT^R癵A=#ܜ aet1ݯ4K.e"RS|s:>p r"z#P!KY"}FN84hޱosߙ̫%Dlwm [ 380.557758][ T1278] [U] [['xn' ,mr/1D=!Dx91BwRlfKZ#` l؛˜b~m [ 380.561882][ T1278] [U] L>d+d"5h3<iR=F^fnvDOIO:U>Y [ 380.566045][ T1278] [U] 'B6v20瞥׌"t8{9FW]쩍 [ 380.568562][ T1278] [U] 72uC6τI]8ctۨQSkYI |V'TV/g$[ 9kh`"}[^=0]%̂TF_v4C [ 380.574038][ T1278] [U] ec [ 380.575406][ T1278] [U] |<:^3$7nK~-@?/mtl۾Iw@g~t{P+$jp| IRipm Y 8tV,l, [ 380.590412][ T1276] [U] K)0~ʪiP'fzr @B]5{ʼ'8ƥFUTqUdǩK;70c[yYCذmL8T͚5rxW xoQhVi'8L [ 381.104076][ T39] kernel write not supported for file /amidi2 (pid: 39 comm: kworker/1:1) [ 381.549354][ T1332] netlink: 20 bytes leftover after parsing attributes in process `syz.4.10252'. [ 382.187879][ T1411] netlink: 4 bytes leftover after parsing attributes in process `syz.6.10277'. [ 382.260238][ T1427] netlink: 268 bytes leftover after parsing attributes in process `syz.7.10280'. [ 382.264553][ T1427] netlink: 136 bytes leftover after parsing attributes in process `syz.7.10280'. [ 382.637077][ T1466] "syz.7.10292" (1466) uses obsolete ecb(arc4) skcipher [ 382.638337][ T1483] netlink: 28 bytes leftover after parsing attributes in process `syz.3.10297'. [ 382.900088][ T40] audit: type=1326 audit(1778608996.559:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1523 comm="syz.7.10313" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000 [ 382.911165][ T40] audit: type=1326 audit(1778608996.559:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1523 comm="syz.7.10313" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000 [ 382.922720][ T40] audit: type=1326 audit(1778608996.569:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1523 comm="syz.7.10313" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000 [ 382.932986][ T40] audit: type=1326 audit(1778608996.569:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1523 comm="syz.7.10313" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf706efcc code=0x7ffc0000 [ 382.935833][ T1529] tipc: New replicast peer: 0.0.0.0 [ 382.942664][ T40] audit: type=1326 audit(1778608996.569:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1523 comm="syz.7.10313" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000 [ 382.957419][ T1529] tipc: Enabled bearer , priority 5 [ 382.958396][ T40] audit: type=1326 audit(1778608996.569:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1523 comm="syz.7.10313" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000 [ 382.980122][ T40] audit: type=1326 audit(1778608996.569:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1523 comm="syz.7.10313" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000 [ 382.995169][ T40] audit: type=1326 audit(1778608996.569:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1523 comm="syz.7.10313" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000 [ 383.004270][ T40] audit: type=1326 audit(1778608996.569:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1523 comm="syz.7.10313" exe="/syz-executor" sig=0 arch=40000003 syscall=365 compat=1 ip=0xf706efcc code=0x7ffc0000 [ 383.013825][ T40] audit: type=1326 audit(1778608996.569:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1523 comm="syz.7.10313" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000 [ 383.673823][ T9] usb 9-1: new high-speed USB device number 7 using dummy_hcd [ 383.823017][ T9] usb 9-1: Using ep0 maxpacket: 32 [ 383.827429][ T9] usb 9-1: config 0 has an invalid interface number: 1 but max is 0 [ 383.831040][ T9] usb 9-1: config 0 has no interface number 0 [ 383.836635][ T9] usb 9-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8 [ 383.840585][ T9] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 383.844513][ T9] usb 9-1: Product: syz [ 383.846415][ T9] usb 9-1: Manufacturer: syz [ 383.848454][ T9] usb 9-1: SerialNumber: syz [ 383.852620][ T9] usb 9-1: config 0 descriptor?? [ 383.860281][ T9] usb 9-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state [ 383.864342][ T9] usb 9-1: selecting invalid altsetting 1 [ 383.866912][ T9] usb 9-1: dvb_usb_ce6230: usb_set_interface() failed=-22 [ 383.872173][ T9] usb 9-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 383.877399][ T9] dvbdev: DVB: registering new adapter (Intel CE9500 reference design) [ 383.881776][ T9] usb 9-1: media controller created [ 383.893665][ T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 384.501687][ T1632] sock: sock_timestamping_bind_phc: sock not bind to device [ 384.567963][ T1635] __nla_validate_parse: 1 callbacks suppressed [ 384.567984][ T1635] netlink: 12 bytes leftover after parsing attributes in process `syz.6.10346'. [ 384.706644][ T1653] netlink: 24 bytes leftover after parsing attributes in process `syz.7.10351'. [ 385.005952][ T9] usb 9-1: dvb_usb_ce6230: usb_control_msg() failed=-110 [ 385.026400][ T9] zl10353_read_register: readreg error (reg=127, ret==-110) [ 385.040737][ T1593] usb 9-1: dvb_usb_ce6230: I2C read not implemented [ 385.109516][ T9] usb 9-1: USB disconnect, device number 7 [ 385.604532][ T1760] gtp0: entered allmulticast mode [ 385.796139][ T1788] program syz.7.10391 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 385.862695][ T1801] CIFS mount error: No usable UNC path provided in device string! [ 385.862695][ T1801] [ 385.866942][ T1801] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 385.939274][ T29] kernel write not supported for file /uinput (pid: 29 comm: kworker/1:0) [ 386.220419][ T1854] netlink: 256 bytes leftover after parsing attributes in process `syz.3.10414'. [ 386.841519][ T1930] [U] k [ 387.323039][ T842] usb 12-1: new high-speed USB device number 5 using dummy_hcd [ 387.494506][ T2008] netlink: 35 bytes leftover after parsing attributes in process `syz.3.10461'. [ 387.502968][ T842] usb 12-1: Using ep0 maxpacket: 32 [ 387.509293][ T842] usb 12-1: New USB device found, idVendor=2304, idProduct=0222, bcdDevice=77.3f [ 387.513668][ T842] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 387.516366][ T842] usb 12-1: Product: syz [ 387.517796][ T842] usb 12-1: Manufacturer: syz [ 387.519388][ T842] usb 12-1: SerialNumber: syz [ 387.550295][ T842] usb 12-1: config 0 descriptor?? [ 387.556506][ T842] dvb-usb: found a 'Pinnacle 450e DVB-S USB2.0' in warm state. [ 387.559759][ T842] dvb-usb: bulk message failed: -22 (4/0) [ 387.562024][ T842] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0) [ 387.566228][ T842] dvb-usb: bulk message failed: -22 (5/0) [ 387.568313][ T842] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0) [ 387.582119][ T842] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 387.588605][ T842] dvbdev: DVB: registering new adapter (Pinnacle 450e DVB-S USB2.0) [ 387.595586][ T842] usb 12-1: media controller created [ 387.605809][ T842] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 387.616010][ T842] usb 12-1: selecting invalid altsetting 3 [ 387.618057][ T842] ttusb2: set interface to alts=3 failed [ 387.630218][ T2027] ALSA: seq fatal error: cannot create timer (-19) [ 387.641701][ T842] DVB: Unable to find symbol tda10086_attach() [ 387.645184][ T842] dvb-usb: no frontend was attached by 'Pinnacle 450e DVB-S USB2.0' [ 387.649006][ T842] dvb-usb: bulk message failed: -22 (4/0) [ 387.650744][ T2032] [U] k [ 387.655138][ T842] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0) [ 387.673064][ T842] dvb-usb: bulk message failed: -22 (5/0) [ 387.675604][ T842] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0) [ 387.679892][ T842] dvb-usb: Pinnacle 450e DVB-S USB2.0 successfully initialized and connected. [ 387.723847][ T2041] syz.3.10469: page allocation failure: order:10, mode:0x40dc0(GFP_KERNEL|__GFP_ZERO|__GFP_COMP), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 387.732640][ T2041] CPU: 1 UID: 0 PID: 2041 Comm: syz.3.10469 Tainted: G L syzkaller #0 PREEMPT(full) [ 387.732674][ T2041] Tainted: [L]=SOFTLOCKUP [ 387.732680][ T2041] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 387.732692][ T2041] Call Trace: [ 387.732698][ T2041] [ 387.732707][ T2041] dump_stack_lvl+0x100/0x190 [ 387.732732][ T2041] warn_alloc.cold+0x95/0x1c1 [ 387.732752][ T2041] ? __pfx_warn_alloc+0x10/0x10 [ 387.732789][ T2041] ? __pfx___might_resched+0x10/0x10 [ 387.732814][ T2041] __alloc_frozen_pages_noprof+0xf25/0x2bc0 [ 387.732871][ T2041] ? __lock_acquire+0x4a5/0x2630 [ 387.732890][ T2041] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 387.732923][ T2041] ? find_held_lock+0x2b/0x80 [ 387.732952][ T2041] ? find_held_lock+0x2b/0x80 [ 387.732973][ T2041] ? aa_file_perm+0x7e4/0x14d0 [ 387.732995][ T2041] ? aa_file_perm+0x7e4/0x14d0 [ 387.733019][ T2041] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 387.733046][ T2041] ? policy_nodemask+0xed/0x4f0 [ 387.733068][ T2041] alloc_pages_mpol+0x1fb/0x540 [ 387.733090][ T2041] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 387.733120][ T2041] ? qrtr_tun_write_iter+0xc1/0x1b0 [ 387.733142][ T2041] ___kmalloc_large_node+0xe5/0x120 [ 387.733170][ T2041] __kmalloc_large_node_noprof+0x1c/0x70 [ 387.733196][ T2041] __kmalloc_noprof+0x5be/0x850 [ 387.733219][ T2041] qrtr_tun_write_iter+0xc1/0x1b0 [ 387.733244][ T2041] aio_write+0x3ba/0x920 [ 387.733273][ T2041] ? __pfx_aio_write+0x10/0x10 [ 387.733297][ T2041] ? __lock_acquire+0x4a5/0x2630 [ 387.733332][ T2041] ? __might_fault+0xc5/0x140 [ 387.733369][ T2041] ? io_submit_one+0x1142/0x1fb0 [ 387.733395][ T2041] io_submit_one+0x1142/0x1fb0 [ 387.733426][ T2041] ? __lock_acquire+0x4a5/0x2630 [ 387.733448][ T2041] ? __pfx_io_submit_one+0x10/0x10 [ 387.733484][ T2041] ? __might_fault+0xc5/0x140 [ 387.733526][ T2041] ? __ia32_compat_sys_io_submit+0x1a7/0x3b0 [ 387.733555][ T2041] __ia32_compat_sys_io_submit+0x1a7/0x3b0 [ 387.733589][ T2041] ? __pfx___ia32_compat_sys_io_submit+0x10/0x10 [ 387.733620][ T2041] ? xfd_validate_state+0x129/0x190 [ 387.733651][ T2041] ? rcu_is_watching+0x12/0xc0 [ 387.733678][ T2041] __do_fast_syscall_32+0xe7/0x950 [ 387.733711][ T2041] do_fast_syscall_32+0x32/0x70 [ 387.733742][ T2041] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 387.733766][ T2041] RIP: 0023:0xf70aefcc [ 387.733782][ T2041] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8 [ 387.733799][ T2041] RSP: 002b:00000000f549d50c EFLAGS: 00000292 ORIG_RAX: 00000000000000f8 [ 387.733819][ T2041] RAX: ffffffffffffffda RBX: 00000000f747f000 RCX: 0000000000000001 [ 387.733831][ T2041] RDX: 0000000080000080 RSI: 0000000000000000 RDI: 0000000000000000 [ 387.733843][ T2041] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 387.733855][ T2041] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 387.733869][ T2041] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 387.733896][ T2041] [ 387.869662][ T2041] Mem-Info: [ 387.871137][ T2041] active_anon:1150 inactive_anon:1082 isolated_anon:0 [ 387.871137][ T2041] active_file:4831 inactive_file:8201 isolated_file:0 [ 387.871137][ T2041] unevictable:1768 dirty:370 writeback:0 [ 387.871137][ T2041] slab_reclaimable:6468 slab_unreclaimable:63427 [ 387.871137][ T2041] mapped:22430 shmem:1775 pagetables:2114 [ 387.871137][ T2041] sec_pagetables:323 bounce:0 [ 387.871137][ T2041] kernel_misc_reclaimable:0 [ 387.871137][ T2041] free:79312 free_pcp:697 free_cma:0 [ 387.876449][ T1961] ttusb2: i2c rd len=58 too high [ 387.891106][ T2041] Node 0 active_anon:44kB inactive_anon:32kB active_file:188kB inactive_file:108kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:44kB dirty:8kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8756kB pagetables:1660kB sec_pagetables:1132kB all_unreclaimable? yes Balloon:0kB gpu_active:0kB gpu_reclaim:0kB [ 387.906756][ T2041] Node 1 active_anon:4556kB inactive_anon:4296kB active_file:19136kB inactive_file:32696kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:89676kB dirty:1472kB writeback:0kB shmem:3564kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:6248kB pagetables:6996kB sec_pagetables:160kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB [ 387.921899][ T2041] Node 0 DMA free:3016kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 387.927477][ T5841] usb 12-1: USB disconnect, device number 5 [ 387.934570][ T2041] lowmem_reserve[]: 0 285 285 285 285 [ 387.939268][ T2041] Node 0 DMA32 free:27092kB boost:12288kB min:25376kB low:28648kB high:31920kB reserved_highatomic:2048KB free_highatomic:404KB active_anon:44kB inactive_anon:32kB active_file:188kB inactive_file:108kB unevictable:3536kB writepending:8kB zspages:1456kB present:1032196kB managed:292572kB mlocked:0kB bounce:0kB free_pcp:60kB local_pcp:0kB free_cma:0kB [ 387.952521][ T2041] lowmem_reserve[]: 0 0 0 0 0 [ 387.959449][ T5841] dvb-usb: Pinnacle 450e DVB-S USB2.0 successfully deinitialized and disconnected. [ 387.961049][ T2041] Node 1 DMA32 free:277016kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4556kB inactive_anon:4296kB active_file:23436kB inactive_file:32696kB unevictable:3536kB writepending:1472kB zspages:5012kB present:1048432kB managed:948212kB mlocked:0kB bounce:0kB free_pcp:10412kB local_pcp:2572kB free_cma:0kB [ 387.984491][ T2041] lowmem_reserve[]: 0 0 0 0 0 [ 387.986659][ T2041] Node 0 DMA: 154*4kB (U) 34*8kB (U) 13*16kB (U) 8*32kB (U) 2*64kB (U) 0*128kB 0*256kB 1*512kB (U) 1*1024kB (U) 0*2048kB 0*4096kB = 3016kB [ 387.993723][ T2041] Node 0 DMA32: 1064*4kB (UMEH) 269*8kB (UMEH) 295*16kB (UMEH) 185*32kB (UMEH) 67*64kB (UME) 25*128kB (UME) 4*256kB (UME) 3*512kB (U) 0*1024kB 0*2048kB 0*4096kB = 27096kB [ 388.001357][ T2041] Node 1 DMA32: 6498*4kB (UME) 5195*8kB (U) 3776*16kB (UE) 373*32kB (UME) 167*64kB (UME) 103*128kB (UME) 48*256kB (UME) 79*512kB (UM) 43*1024kB (UME) 8*2048kB (UM) 0*4096kB = 276928kB [ 388.009160][ T2041] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 388.014317][ T2041] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 388.018381][ T2041] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 388.022139][ T2041] Node 1 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 388.026401][ T2041] 16810 total pagecache pages [ 388.028650][ T2041] 900 pages in swap cache [ 388.030720][ T2041] Free swap = 48664kB [ 388.032610][ T2041] Total swap = 124996kB [ 388.034586][ T2041] 524155 pages RAM [ 388.036241][ T2041] 0 pages HighMem/MovableOnly [ 388.038193][ T2041] 210119 pages reserved [ 388.039918][ T2041] 0 pages cma reserved [ 388.070574][ T2075] tipc: Started in network mode [ 388.072803][ T2075] tipc: Node identity ac14142f, cluster identity 4711 [ 388.076183][ T2075] tipc: New replicast peer: 0.0.0.0 [ 388.077655][ T2077] netlink: 68 bytes leftover after parsing attributes in process `syz.6.10483'. [ 388.081882][ T2075] tipc: Enabled bearer , priority 5 [ 388.082041][ T2077] netlink: 16 bytes leftover after parsing attributes in process `syz.6.10483'. [ 388.316580][ T2097] [U]  [ 388.317725][ T2097] [U] K{ [ 388.319019][ T2097] [U] t 1ŠFfˊ`GJgo/mC [ 388.321391][ T2097] [U] tؖ/,~Ĝj}8'o1"7-JQKWq5c%"H12YX``+(!(z'tXlnIgjݭp~7!" (5Ob̓J [ 388.327076][ T2097] [U] k\&}66XHX .`a$40|϶9ި U4Vbz}wMTQΦr 4 [ 388.330418][ T2097] [U] ".h6"k[J4In[Z(C|T]z{3c=x4w)\TXJSH{q;칢t+gd.˂>ywUhfNhl]S2\g%O&z)'pul_< ذ`ұT;_"(u{7j2X /'cIHcճV=Ai%wEs RjgrhIa6-DV i"n Asc~48c*OO5/J~wvK+3Y)Mvyq潀DTrOtpem%fejA5T_-X~^aaۂq [ 388.345304][ T2097] [U] +wG?]'a: )' B>tf/<'U'hi.+]e.-ɿ%>2`^U8F.63+A«g3p6:^0tv'EtYCnrϩnPj ;Z8!\Aʖ2$­wi.#/Bai`4jdy@zgW5˿B ٜNy"vI2 [ 388.354791][ T2097] [U] T_K5tYJ9c$brLNul 9w|G"ʃ%C؝q 3qN^HP*$ .7yӱ2 [ 388.361523][ T2097] [U] ? h*37鍾^#Q"0~ (oX Lb,'v=CSGS0ւ`ه=1(p#2DO*Ƀ [ 388.366932][ T2097] [U] sgGud-{|&2Lc_!`oz֥B%>rwSsH"yA4O.Y䏄RTԶB[+/<>{q_՝LX8U{Z)7?rR;crhײڣ1>)Măt(aϝ}9ڥJ*Mќġ'Lq DW=|q ÆW;5Ž!dBx`/E`ƦMX"\ [ 388.408546][ T2097] [U] {; ٘_o2)o.2W2yx_ HPϱSD:]{ [ 388.412120][ T2097] [U] I,> 51^1N4oǶ'0?֒i9w._.WaV`)Zc6GiӹaXL[F*OW)+'\n[K@2Ǭp"^` [ 388.417777][ T2097] [U] 22Ʃx?0;3u [ 388.419792][ T2097] [U] ޜsObx8W4(~/KUԖoQe+G-ygY_>v3.hә]̈́2)D, D~d+w; A\FPȘ|$)KؐIɿkYT^R癵A=#ܜ aet1ݯ4K.e"RS|s:>p r"z#P!KY"}FN84hޱosߙ̫%Dlwm [ 388.431725][ T2097] [U] [['xn' ,mr/1D=!Dx91BwRlfKZ#` l؛˜b~m [ 388.435947][ T2097] [U] L>d+d"5h3<iR=F^fnvDOIO:U>Y [ 388.446105][ T2097] [U] 'B6v20瞥׌"t8{9FW]쩍 [ 388.449218][ T2097] [U] 72uC6τI]8ctۨQSkYI |V'TV/g$[ 9kh`"}[^=0]%̂TF_v4C [ 388.454996][ T2097] [U] ec [ 388.456467][ T2097] [U] |<:^3$7nK~-@?/mtl۾Iw@g~t{P+$jp| IRipm Y 8tV,l, [ 388.472643][ T2096] [U] K)0~ʪiP'fzr @B]5{ʼ'8ƥFUTqUdǩK;70c[yYCذmL8T͚5rxW xoQhVi'8L [ 388.536466][ T2110] ALSA: seq fatal error: cannot create timer (-19) [ 389.087808][ T5841] tipc: Node number set to 2886997039 [ 389.264446][ T2177] xt_l2tp: v2 sid > 0xffff: 1114112 [ 389.754495][ T842] kernel read not supported for file /5344/net/snmp6 (pid: 842 comm: kworker/1:2) [ 390.219275][ T2233] program syz.3.10529 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 390.598023][ T40] kauditd_printk_skb: 17 callbacks suppressed [ 390.598039][ T40] audit: type=1326 audit(1778609004.259:291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2271 comm="syz.3.10542" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf70aefcc code=0x0 [ 391.606013][ T2366] netlink: 180 bytes leftover after parsing attributes in process `syz.6.10574'. [ 391.992125][ T2403] random: crng reseeded on system resumption [ 392.295731][ T2428] xt_time: invalid argument - start or stop time greater than 23:59:59 [ 393.004407][ T5748] Bluetooth: hci1: command 0x1003 tx timeout [ 393.005502][ T62] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 393.231570][ T2550] netlink: 24 bytes leftover after parsing attributes in process `syz.4.10636'. [ 393.287220][ T2582] netlink: 16 bytes leftover after parsing attributes in process `syz.7.10639'. [ 393.380413][ T40] audit: type=1326 audit(1778609007.039:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2618 comm="syz.7.10644" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000 [ 393.390055][ T40] audit: type=1326 audit(1778609007.039:293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2618 comm="syz.7.10644" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000 [ 393.399083][ T40] audit: type=1326 audit(1778609007.049:294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2618 comm="syz.7.10644" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000 [ 393.408523][ T40] audit: type=1326 audit(1778609007.049:295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2618 comm="syz.7.10644" exe="/syz-executor" sig=0 arch=40000003 syscall=291 compat=1 ip=0xf706efcc code=0x7ffc0000 [ 393.420533][ T40] audit: type=1326 audit(1778609007.049:296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2618 comm="syz.7.10644" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000 [ 393.428149][ T40] audit: type=1326 audit(1778609007.049:297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2618 comm="syz.7.10644" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000 [ 393.443022][ T40] audit: type=1326 audit(1778609007.049:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2618 comm="syz.7.10644" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000 [ 393.452403][ T40] audit: type=1326 audit(1778609007.049:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2618 comm="syz.7.10644" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000 [ 393.473090][ T40] audit: type=1326 audit(1778609007.049:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2618 comm="syz.7.10644" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000 [ 393.499463][ T2630] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined [ 393.705355][ T2647] IPVS: Scheduler module ip_vs_sip not found [ 394.459952][ T2693] xt_time: unknown flags 0xf4 [ 395.125971][ T842] libceph: connect (1)[c::]:6789 error -1 [ 395.133063][ T842] libceph: mon0 (1)[c::]:6789 connect error [ 395.396018][ T842] libceph: connect (1)[c::]:6789 error -1 [ 395.398540][ T842] libceph: mon0 (1)[c::]:6789 connect error [ 395.917168][ T842] libceph: connect (1)[c::]:6789 error -1 [ 395.919703][ T842] libceph: mon0 (1)[c::]:6789 connect error [ 395.928861][ T2764] ceph: No mds server is up or the cluster is laggy [ 396.090297][ T2789] netlink: 12 bytes leftover after parsing attributes in process `syz.7.10694'. [ 396.141535][ T2792] tipc: Started in network mode [ 396.144187][ T2792] tipc: Node identity aaaaaaaaaa3a, cluster identity 4711 [ 396.148430][ T2792] tipc: Enabled bearer , priority 5 [ 396.283961][ T62] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 396.284209][ T5748] Bluetooth: hci1: command 0x1003 tx timeout [ 396.561163][ T2868] netlink: 64 bytes leftover after parsing attributes in process `syz.7.10704'. [ 396.588777][ T2871] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10705'. [ 396.990361][ T2938] netlink: 24 bytes leftover after parsing attributes in process `syz.7.10722'. [ 397.278354][ T34] tipc: Node number set to 9480874 [ 397.285875][ T2985] netlink: 128 bytes leftover after parsing attributes in process `syz.4.10734'. [ 397.614687][ T3022] netlink: 220 bytes leftover after parsing attributes in process `syz.4.10742'. [ 397.617741][ T3022] netlink: 8 bytes leftover after parsing attributes in process `syz.4.10742'. [ 397.667170][ T3033] netlink: 8 bytes leftover after parsing attributes in process `syz.7.10745'. [ 397.670595][ T3033] netlink: 4 bytes leftover after parsing attributes in process `syz.7.10745'. [ 397.674057][ T3033] netlink: 'syz.7.10745': attribute type 7 has an invalid length. [ 397.676808][ T3033] netlink: 'syz.7.10745': attribute type 13 has an invalid length. [ 397.973046][ T3078] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10758'. [ 398.102289][ T3099] netlink: 67 bytes leftover after parsing attributes in process `syz.3.10765'. [ 398.175825][ T3115] netlink: 16 bytes leftover after parsing attributes in process `syz.3.10772'. [ 399.302721][ T3268] batman_adv: batadv0: Adding interface: gretap1 [ 399.305922][ T3268] batman_adv: batadv0: Interface activated: gretap1 [ 399.340550][ T3278] loop6: detected capacity change from 0 to 524287999 [ 399.348126][ T3278] Buffer I/O error on dev loop6, logical block 0, async page read [ 399.352076][ T3278] Buffer I/O error on dev loop6, logical block 0, async page read [ 399.357117][ T3278] Buffer I/O error on dev loop6, logical block 0, async page read [ 399.360798][ T3278] Buffer I/O error on dev loop6, logical block 0, async page read [ 399.365048][ T3278] Buffer I/O error on dev loop6, logical block 0, async page read [ 399.369171][ T3278] Buffer I/O error on dev loop6, logical block 0, async page read [ 399.372819][ T3278] Buffer I/O error on dev loop6, logical block 0, async page read [ 399.377925][ T3278] Buffer I/O error on dev loop6, logical block 0, async page read [ 399.381528][ T3278] ldm_validate_partition_table(): Disk read failed. [ 399.385282][ T3278] Buffer I/O error on dev loop6, logical block 0, async page read [ 399.388836][ T3278] Buffer I/O error on dev loop6, logical block 0, async page read [ 399.392765][ T3278] Dev loop6: unable to read RDB block 0 [ 399.396459][ T3278] loop6: unable to read partition table [ 399.399195][ T3278] loop_reread_partitions: partition scan of loop6 (3 xC) failed (rc=-5) [ 399.720678][ T3329] netlink: 212368 bytes leftover after parsing attributes in process `syz.6.10834'. [ 400.018770][ T3351] fuse: blksize only supported for fuseblk [ 400.929564][ T3457] comedi: valid board names for 8255 driver are: [ 400.937627][ T3457] 8255 [ 400.938933][ T3457] comedi: valid board names for vmk80xx driver are: [ 400.941955][ T3457] vmk80xx [ 400.943752][ T3457] comedi: valid board names for usbduxsigma driver are: [ 400.946087][ T3457] usbduxsigma [ 400.950029][ T3457] comedi: valid board names for usbduxfast driver are: [ 400.960598][ T3457] usbduxfast [ 400.961722][ T3457] comedi: valid board names for usbdux driver are: [ 400.974173][ T3457] usbdux [ 400.975215][ T3457] comedi: valid board names for ni6501 driver are: [ 400.984908][ T3457] ni6501 [ 400.985953][ T3457] comedi: valid board names for dt9812 driver are: [ 400.989473][ T3457] dt9812 [ 400.990524][ T3457] comedi: valid board names for ni_labpc_cs driver are: [ 400.993394][ T3457] ni_labpc_cs [ 400.994507][ T3457] comedi: valid board names for ni_daq_700 driver are: [ 400.997299][ T3457] ni_daq_700 [ 400.998697][ T3457] comedi: valid board names for labpc_pci driver are: [ 401.001586][ T3457] labpc_pci [ 401.002730][ T3457] comedi: valid board names for adl_pci9118 driver are: [ 401.006143][ T3457] pci9118dg [ 401.007238][ T3457] pci9118hg [ 401.008278][ T3457] pci9118hr [ 401.009325][ T3457] comedi: valid board names for 8255_pci driver are: [ 401.011430][ T3457] 8255_pci [ 401.012457][ T3457] comedi: valid board names for s526 driver are: [ 401.014540][ T3457] s526 [ 401.015445][ T3457] comedi: valid board names for multiq3 driver are: [ 401.017863][ T3457] multiq3 [ 401.019145][ T3457] comedi: valid board names for pcmuio driver are: [ 401.022099][ T3457] pcmuio48 [ 401.023395][ T3457] pcmuio96 [ 401.024667][ T3457] comedi: valid board names for pcmmio driver are: [ 401.028273][ T3457] pcmmio [ 401.029584][ T3457] comedi: valid board names for pcmda12 driver are: [ 401.032828][ T3457] pcmda12 [ 401.035517][ T3457] comedi: valid board names for pcmad driver are: [ 401.038529][ T3457] pcmad12 [ 401.040089][ T3457] pcmad16 [ 401.041600][ T3457] comedi: valid board names for ni_labpc driver are: [ 401.045399][ T3457] lab-pc-1200 [ 401.046873][ T3457] lab-pc-1200ai [ 401.048579][ T3457] lab-pc+ [ 401.049670][ T3457] comedi: valid board names for atmio16 driver are: [ 401.051851][ T3457] atmio16 [ 401.052991][ T3457] atmio16d [ 401.054098][ T3457] comedi: valid board names for ni_at_ao driver are: [ 401.056663][ T3457] at-ao-6 [ 401.057939][ T3457] at-ao-10 [ 401.059135][ T3457] comedi: valid board names for ni_at_a2150 driver are: [ 401.061259][ T3457] ni_at_a2150 [ 401.062403][ T3457] comedi: valid board names for adq12b driver are: [ 401.065344][ T3457] adq12b [ 401.066390][ T3457] comedi: valid board names for mpc624 driver are: [ 401.068508][ T3457] mpc624 [ 401.069518][ T3457] comedi: valid board names for c6xdigio driver are: [ 401.071726][ T3457] c6xdigio [ 401.072834][ T3457] comedi: valid board names for aio_iiro_16 driver are: [ 401.075906][ T3457] aio_iiro_16 [ 401.077159][ T3457] comedi: valid board names for aio_aio12_8 driver are: [ 401.079667][ T3457] aio_aio12_8 [ 401.082949][ T3457] aio_ai12_8 [ 401.084265][ T3457] aio_ao12_4 [ 401.088037][ T3457] comedi: valid board names for fl512 driver are: [ 401.092655][ T3457] fl512 [ 401.093814][ T3457] comedi: valid board names for dmm32at driver are: [ 401.103078][ T3457] dmm32at [ 401.104110][ T3457] comedi: valid board names for dt282x driver are: [ 401.113280][ T3457] dt2821 [ 401.114378][ T3457] dt2821-f [ 401.119381][ T3457] dt2821-g [ 401.120475][ T3457] dt2823 [ 401.121453][ T3457] dt2824-pgh [ 401.123184][ T3457] dt2824-pgl [ 401.124759][ T3457] dt2825 [ 401.126303][ T3457] dt2827 [ 401.127829][ T3457] dt2828 [ 401.129301][ T3457] dt2829 [ 401.130799][ T3457] dt21-ez [ 401.132327][ T3457] dt23-ez [ 401.134498][ T3457] dt24-ez [ 401.135990][ T3457] dt24-ez-pgl [ 401.137557][ T3457] comedi: valid board names for dt2817 driver are: [ 401.140374][ T3457] dt2817 [ 401.141758][ T3457] comedi: valid board names for dt2815 driver are: [ 401.145066][ T3457] dt2815 [ 401.146156][ T3457] comedi: valid board names for dt2814 driver are: [ 401.148429][ T3457] dt2814 [ 401.149464][ T3457] comedi: valid board names for dt2811 driver are: [ 401.151633][ T3457] dt2811-pgh [ 401.152762][ T3457] dt2811-pgl [ 401.153944][ T3457] comedi: valid board names for dt2801 driver are: [ 401.156035][ T3457] dt2801 [ 401.157097][ T3457] comedi: valid board names for das6402 driver are: [ 401.160323][ T3457] das6402-12 [ 401.161587][ T3457] das6402-16 [ 401.163840][ T3457] comedi: valid board names for das1800 driver are: [ 401.171831][ T3457] das-1701st [ 401.176987][ T3457] das-1701st-da [ 401.179956][ T3457] das-1702st [ 401.181253][ T3457] das-1702st-da [ 401.184623][ T3457] das-1702hr [ 401.189982][ T3457] das-1702hr-da [ 401.191318][ T3457] das-1701ao [ 401.192403][ T3457] das-1702ao [ 401.193581][ T3457] das-1801st [ 401.194665][ T3457] das-1801st-da [ 401.195868][ T3457] das-1802st [ 401.196944][ T3457] das-1802st-da [ 401.197896][ T3494] sctp: [Deprecated]: syz.7.10882 (pid 3494) Use of struct sctp_assoc_value in delayed_ack socket option. [ 401.197896][ T3494] Use struct sctp_sack_info instead [ 401.198147][ T3457] das-1802hr [ 401.198154][ T3457] das-1802hr-da [ 401.198157][ T3457] das-1801hc [ 401.207334][ T3494] sctp: [Deprecated]: syz.7.10882 (pid 3494) Use of struct sctp_assoc_value in delayed_ack socket option. [ 401.207334][ T3494] Use struct sctp_sack_info instead [ 401.207636][ T3457] das-1802hc [ 401.207644][ T3457] das-1801ao [ 401.207648][ T3457] das-1802ao [ 401.207653][ T3457] comedi: valid board names for das800 driver are: [ 401.207659][ T3457] das-800 [ 401.207663][ T3457] cio-das800 [ 401.207667][ T3457] das-801 [ 401.207671][ T3457] cio-das801 [ 401.207675][ T3457] das-802 [ 401.207678][ T3457] cio-das802 [ 401.207682][ T3457] cio-das802/16 [ 401.228335][ T3457] comedi: valid board names for isa-das08 driver are: [ 401.230778][ T3457] isa-das08 [ 401.231858][ T3457] das08-pgm [ 401.233198][ T3457] das08-pgh [ 401.234458][ T3457] das08-pgl [ 401.235639][ T3457] das08-aoh [ 401.236694][ T3457] das08-aol [ 401.237797][ T3457] das08-aom [ 401.238943][ T3457] das08/jr-ao [ 401.240066][ T3457] das08jr-16-ao [ 401.241247][ T3457] pc104-das08 [ 401.242462][ T3457] das08jr/16 [ 401.243676][ T3457] comedi: valid board names for das16m1 driver are: [ 401.245649][ T3457] das16m1 [ 401.246703][ T3457] comedi: valid board names for dac02 driver are: [ 401.248851][ T3457] dac02 [ 401.252094][ T3457] comedi: valid board names for rti802 driver are: [ 401.254931][ T3457] rti802 [ 401.256040][ T3457] comedi: valid board names for rti800 driver are: [ 401.259864][ T3457] rti800 [ 401.260909][ T3457] rti815 [ 401.265841][ T3457] comedi: valid board names for pcm3724 driver are: [ 401.268076][ T3457] pcm3724 [ 401.269084][ T3457] comedi: valid board names for pcl818 driver are: [ 401.271478][ T3457] pcl818l [ 401.272509][ T3457] pcl818h [ 401.273695][ T3457] pcl818hd [ 401.274753][ T3457] pcl818hg [ 401.275874][ T3457] pcl818 [ 401.276832][ T3457] pcl718 [ 401.277888][ T3457] pcm3718 [ 401.278885][ T3457] comedi: valid board names for pcl816 driver are: [ 401.281557][ T3457] pcl816 [ 401.282528][ T3457] pcl814b [ 401.286686][ T3457] comedi: valid board names for pcl812 driver are: [ 401.288857][ T3457] pcl812 [ 401.290303][ T3457] pcl812pg [ 401.291423][ T3457] acl8112pg [ 401.292637][ T3457] acl8112dg [ 401.295940][ T3457] acl8112hg [ 401.297124][ T3457] a821pgl [ 401.299956][ T3457] a821pglnda [ 401.301379][ T3457] a821pgh [ 401.302517][ T3457] a822pgl [ 401.303767][ T3457] a822pgh [ 401.304865][ T3457] a823pgl [ 401.305998][ T3457] a823pgh [ 401.307080][ T3457] pcl813 [ 401.308127][ T3457] pcl813b [ 401.309177][ T3457] acl8113 [ 401.310211][ T3457] iso813 [ 401.311209][ T3457] acl8216 [ 401.312184][ T3457] a826pg [ 401.313509][ T3457] comedi: valid board names for pcl730 driver are: [ 401.315610][ T3457] pcl730 [ 401.316616][ T3457] iso730 [ 401.317632][ T3457] acl7130 [ 401.318634][ T3457] pcm3730 [ 401.319716][ T3457] pcl725 [ 401.320763][ T3457] p8r8dio [ 401.321805][ T3457] acl7225b [ 401.322831][ T3457] p16r16dio [ 401.326274][ T3457] pcl733 [ 401.327267][ T3457] pcl734 [ 401.328258][ T3457] opmm-1616-xt [ 401.336908][ T3457] pearl-mm-p [ 401.338179][ T3457] ir104-pbf [ 401.342690][ T3457] comedi: valid board names for pcl726 driver are: [ 401.351971][ T3457] pcl726 [ 401.353053][ T3457] pcl727 [ 401.354042][ T3457] pcl728 [ 401.356301][ T3457] acl6126 [ 401.357444][ T3457] acl6128 [ 401.358572][ T3457] comedi: valid board names for pcl724 driver are: [ 401.360838][ T3457] pcl724 [ 401.364051][ T3457] pcl722 [ 401.365026][ T3457] pcl731 [ 401.365990][ T3457] acl7122 [ 401.369219][ T3457] acl7124 [ 401.370245][ T3457] pet48dio [ 401.371316][ T3457] pcmio48 [ 401.379299][ T3457] onyx-mm-dio [ 401.380438][ T3457] comedi: valid board names for pcl711 driver are: [ 401.389952][ T3457] pcl711 [ 401.390986][ T3457] pcl711b [ 401.394718][ T3457] acl8112hg [ 401.395886][ T3457] acl8112dg [ 401.397041][ T3457] comedi: valid board names for amplc_pc263 driver are: [ 401.399380][ T3457] pc263 [ 401.402606][ T3457] comedi: valid board names for amplc_pc236 driver are: [ 401.409012][ T3457] pc36at [ 401.409995][ T3457] comedi: valid board names for amplc_dio200 driver are: [ 401.417115][ T3457] pc212e [ 401.418359][ T3457] pc214e [ 401.420850][ T3457] pc215e [ 401.421953][ T3457] pc218e [ 401.423342][ T3457] pc272e [ 401.424245][ T3457] comedi: valid board names for comedi_parport driver are: [ 401.426574][ T3457] comedi_parport [ 401.427824][ T3457] comedi: valid board names for comedi_test driver are: [ 401.430354][ T3457] comedi_test [ 401.431527][ T3457] comedi: valid board names for comedi_bond driver are: [ 401.437133][ T3457] comedi_bond [ 401.503086][ T3531] netlink: 'syz.4.10895': attribute type 1 has an invalid length. [ 402.140459][ T3631] __nla_validate_parse: 6 callbacks suppressed [ 402.140476][ T3631] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10923'. [ 402.997038][ T3754] program syz.6.10963 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 403.018884][ T3757] netlink: 52 bytes leftover after parsing attributes in process `syz.7.10964'. [ 403.689287][ T3856] pim6reg: entered allmulticast mode [ 403.691665][ T3858] netlink: 28 bytes leftover after parsing attributes in process `syz.3.10994'. [ 403.698219][ T3858] netlink: 28 bytes leftover after parsing attributes in process `syz.3.10994'. [ 403.704422][ T3856] pim6reg: left allmulticast mode [ 403.715691][ T3858] netlink: 28 bytes leftover after parsing attributes in process `syz.3.10994'. [ 403.720499][ T3858] netlink: 28 bytes leftover after parsing attributes in process `syz.3.10994'. [ 403.776996][ T3871] netlink: 12 bytes leftover after parsing attributes in process `syz.3.10997'. [ 403.833149][ T3260] usb 9-1: new high-speed USB device number 8 using dummy_hcd [ 403.993026][ T3260] usb 9-1: Using ep0 maxpacket: 32 [ 403.997253][ T3260] usb 9-1: config 0 has an invalid interface number: 119 but max is 0 [ 404.001375][ T3260] usb 9-1: config 0 has no interface number 0 [ 404.004751][ T3260] usb 9-1: config 0 interface 119 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 404.009907][ T3260] usb 9-1: config 0 interface 119 altsetting 0 has an endpoint descriptor with address 0xE3, changing to 0x83 [ 404.015333][ T3260] usb 9-1: config 0 interface 119 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 27 [ 404.019844][ T3260] usb 9-1: config 0 interface 119 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 404.028459][ T3260] usb 9-1: New USB device found, idVendor=05ac, idProduct=0292, bcdDevice=88.73 [ 404.032735][ T3260] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 404.036642][ T3260] usb 9-1: Product: syz [ 404.038519][ T3260] usb 9-1: Manufacturer: syz [ 404.040650][ T3260] usb 9-1: SerialNumber: syz [ 404.050036][ T3260] usb 9-1: config 0 descriptor?? [ 404.053160][ T3836] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 404.061148][ T3260] input: bcm5974 as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.119/input/input44 [ 404.170879][ C0] bcm5974 9-1:0.119: trackpad urb failed: -1 [ 404.267205][ T842] usb 9-1: USB disconnect, device number 8 [ 404.774500][ T3924] tipc: Enabling of bearer rejected, already enabled [ 405.071003][ T3974] netlink: 4 bytes leftover after parsing attributes in process `syz.4.11020'. [ 405.075560][ T3974] netlink: 4 bytes leftover after parsing attributes in process `syz.4.11020'. [ 405.413548][ T4027] netlink: 'syz.6.11036': attribute type 21 has an invalid length. [ 405.416909][ T4027] IPv6: NLM_F_CREATE should be specified when creating new route [ 405.420267][ T4027] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 405.422924][ T4027] IPv6: NLM_F_CREATE should be set when creating new route [ 405.426322][ T4027] IPv6: NLM_F_CREATE should be set when creating new route [ 405.429268][ T4027] IPv6: NLM_F_CREATE should be set when creating new route [ 405.435471][ T4027] netlink: 'syz.6.11036': attribute type 21 has an invalid length. [ 405.438611][ T4027] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 405.725185][ T4074] net_ratelimit: 10542 callbacks suppressed [ 405.725204][ T4074] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 405.836770][ T4093] netlink: 'syz.7.11056': attribute type 1 has an invalid length. [ 405.841862][ T4093] netlink: 216 bytes leftover after parsing attributes in process `syz.7.11056'. [ 406.421293][ T4138] netlink: 'syz.6.11070': attribute type 1 has an invalid length. [ 406.469135][ T4141] tipc: Enabling of bearer rejected, already enabled [ 407.365960][ T4224] __nla_validate_parse: 6 callbacks suppressed [ 407.365972][ T4224] netlink: 8 bytes leftover after parsing attributes in process `syz.7.11096'. [ 407.556591][ T4241] tipc: Enabled bearer , priority 10 [ 408.032355][ T4292] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 408.172357][ T40] kauditd_printk_skb: 6 callbacks suppressed [ 408.172372][ T40] audit: type=1326 audit(1778609021.829:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4308 comm="syz.6.11122" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709efcc code=0x7ffc0000 [ 408.192058][ T40] audit: type=1326 audit(1778609021.849:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4308 comm="syz.6.11122" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709efcc code=0x7ffc0000 [ 408.205670][ T40] audit: type=1326 audit(1778609021.849:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4308 comm="syz.6.11122" exe="/syz-executor" sig=0 arch=40000003 syscall=65 compat=1 ip=0xf709efcc code=0x7ffc0000 [ 408.218827][ T40] audit: type=1326 audit(1778609021.849:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4308 comm="syz.6.11122" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709efcc code=0x7ffc0000 [ 408.227758][ T40] audit: type=1326 audit(1778609021.849:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4308 comm="syz.6.11122" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709efcc code=0x7ffc0000 [ 408.237950][ T40] audit: type=1326 audit(1778609021.849:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4308 comm="syz.6.11122" exe="/syz-executor" sig=0 arch=40000003 syscall=26 compat=1 ip=0xf709efcc code=0x7ffc0000 [ 408.247347][ T40] audit: type=1326 audit(1778609021.849:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4308 comm="syz.6.11122" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709efcc code=0x7ffc0000 [ 408.260406][ T40] audit: type=1326 audit(1778609021.849:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4308 comm="syz.6.11122" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709efcc code=0x7ffc0000 [ 408.661541][ T842] kernel read not supported for file 1796/task/1797/cmdline (pid: 842 comm: kworker/1:2) [ 408.938221][ T62] Bluetooth: hci4: unexpected event for opcode 0x0809 [ 409.010392][ T4441] program syz.3.11163 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 409.068743][ T4447] netlink: 32 bytes leftover after parsing attributes in process `syz.3.11165'. [ 409.098303][ T4454] netlink: 'syz.7.11167': attribute type 11 has an invalid length. [ 409.163584][ T5841] libceph: connect (1)[c::]:6789 error -22 [ 409.166513][ T5841] libceph: mon0 (1)[c::]:6789 connect error [ 409.359387][ T4499] netlink: 4 bytes leftover after parsing attributes in process `syz.3.11181'. [ 409.364809][ T4499] ------------[ cut here ]------------ [ 409.368369][ T4499] 1 [ 409.368379][ T4499] WARNING: net/ipv4/route.c:1275 at ip_rt_bug+0x2b/0x150, CPU#0: syz.3.11181/4499 [ 409.372243][ T4499] Modules linked in: [ 409.376076][ T4499] CPU: 0 UID: 0 PID: 4499 Comm: syz.3.11181 Tainted: G L syzkaller #0 PREEMPT(full) [ 409.380131][ T4499] Tainted: [L]=SOFTLOCKUP [ 409.382184][ T4499] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 409.385897][ T4499] RIP: 0010:ip_rt_bug+0x2b/0x150 [ 409.387935][ T4499] Code: 0f 1e fa 41 54 55 53 48 89 d3 48 83 ec 08 e8 bc b7 1b f8 66 90 e8 b5 b7 1b f8 ba 02 00 00 00 48 89 de 31 ff e8 76 31 6c ff 90 <0f> 0b 90 48 83 c4 08 31 c0 5b 5d 41 5c c3 cc cc cc cc e8 8e b7 1b [ 409.396206][ T4499] RSP: 0000:ffffc9000ca57390 EFLAGS: 00010283 [ 409.398923][ T4499] RAX: 0000000000000d68 RBX: ffff88801b689680 RCX: ffffc9000cae1000 [ 409.402323][ T4499] RDX: 0000000000080000 RSI: ffffffff89587da4 RDI: ffffffff8c1c2800 [ 409.405664][ T4499] RBP: ffff88801b689680 R08: 0000000000000001 R09: 0000000000000000 [ 409.408738][ T4499] R10: 0000000000000001 R11: 0000000000000000 R12: ffff88804dd70000 [ 409.412177][ T4499] R13: ffff8880217e8f00 R14: 0000000000000000 R15: ffff88801b6896d8 [ 409.415635][ T4499] FS: 0000000000000000(0000) GS:ffff888097177000(0063) knlGS:00000000f549db40 [ 409.419327][ T4499] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 409.421988][ T4499] CR2: 00000000f7441900 CR3: 000000005c3b5000 CR4: 0000000000352ef0 [ 409.425330][ T4499] Call Trace: [ 409.426800][ T4499] [ 409.428137][ T4499] ? __pfx_ip_rt_bug+0x10/0x10 [ 409.430335][ T4499] ip_push_pending_frames+0x29e/0x300 [ 409.432766][ T4499] icmp_push_reply+0x30e/0x450 [ 409.433524][ T5841] libceph: connect (1)[c::]:6789 error -22 [ 409.434806][ T4499] __icmp_send+0x11b4/0x2c70 [ 409.438945][ T4499] ? __pfx___icmp_send+0x10/0x10 [ 409.439802][ T5841] libceph: mon0 (1)[c::]:6789 connect error SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 409.440981][ T4499] ? __pfx_ip_route_input_slow+0x10/0x10 [ 409.445879][ T4499] ? __lock_acquire+0x4a5/0x2630 [ 409.447796][ T4499] ? __ip_options_compile+0x604/0x16a0 [ 409.449904][ T4499] ? ip_route_input_noref+0x15f/0x2e0 [ 409.452077][ T4499] ip_options_compile+0xb6/0x100 [ 409.454228][ T4499] ? __pfx_ip_options_compile+0x10/0x10 [ 409.456342][ T4499] ? __pfx_ip_rcv_finish+0x10/0x10 [ 409.458293][ T4499] ip_rcv_finish_core+0x693/0x2c30 [ 409.460271][ T4499] ip_rcv+0x1c0/0x3c0 [ 409.461905][ T4499] ? __pfx_ip_rcv+0x10/0x10 [ 409.463891][ T4499] __netif_receive_skb_one_core+0x197/0x1e0 [ 409.466435][ T4499] ? __pfx___netif_receive_skb_one_core+0x10/0x10 [ 409.469129][ T4499] ? lock_acquire+0x1b1/0x370 [ 409.471057][ T4499] __netif_receive_skb+0x1f/0x120 [ 409.473011][ T4499] netif_receive_skb+0x13b/0x7f0 [ 409.475100][ T4499] ? __pfx_netif_receive_skb+0x10/0x10 [ 409.477420][ T4499] tun_rx_batched.isra.0+0x3f6/0x750 [ 409.479748][ T4499] ? __pfx_tun_rx_batched.isra.0+0x10/0x10 [ 409.482174][ T4499] ? rcu_is_watching+0x12/0xc0 [ 409.484395][ T4499] ? tun_get_user+0x1cc8/0x3c20 [ 409.486494][ T4499] tun_get_user+0x1e31/0x3c20 [ 409.488437][ T4499] ? __pfx_tun_get_user+0x10/0x10 [ 409.490497][ T4499] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 409.492712][ T4499] ? find_held_lock+0x2b/0x80 [ 409.494706][ T4499] ? tun_get+0x191/0x370 [ 409.496249][ T4499] ? tun_get+0x191/0x370 [ 409.497742][ T4499] tun_chr_write_iter+0xdc/0x200 [ 409.499580][ T4499] vfs_write+0x6ac/0x1070 [ 409.501089][ T4499] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 409.503105][ T4499] ? __pfx_vfs_write+0x10/0x10 [ 409.504725][ T4499] ? find_held_lock+0x2b/0x80 [ 409.506343][ T4499] ksys_write+0x12a/0x250 [ 409.507812][ T4499] ? __pfx_ksys_write+0x10/0x10 [ 409.509545][ T4499] ? rcu_is_watching+0x12/0xc0 [ 409.511689][ T4499] ? rcu_is_watching+0x12/0xc0 [ 409.513935][ T4499] do_int80_emulation+0x141/0x700 [ 409.515976][ T4499] asm_int80_emulation+0x1a/0x20 [ 409.518289][ T4499] RIP: 0023:0xf71e616b [ 409.520326][ T4499] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53 [ 409.528834][ T4499] RSP: 002b:00000000f549d44c EFLAGS: 00000246 ORIG_RAX: 0000000000000004 [ 409.532306][ T4499] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000080000400 [ 409.536027][ T4499] RDX: 0000000000000046 RSI: 0000000000000000 RDI: 0000000000000000 [ 409.539753][ T4499] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 409.543119][ T4499] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 409.545712][ T4499] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 409.548264][ T4499] [ 409.549269][ T4499] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 409.551589][ T4499] CPU: 0 UID: 0 PID: 4499 Comm: syz.3.11181 Tainted: G L syzkaller #0 PREEMPT(full) [ 409.555104][ T4499] Tainted: [L]=SOFTLOCKUP [ 409.556510][ T4499] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 409.560379][ T4499] Call Trace: [ 409.561600][ T4499] [ 409.562619][ T4499] dump_stack_lvl+0x100/0x190 [ 409.564348][ T4499] vpanic+0x552/0x970 [ 409.565987][ T4499] ? __pfx_vpanic+0x10/0x10 [ 409.567867][ T4499] panic+0xd1/0xe0 [ 409.569453][ T4499] ? __pfx_panic+0x10/0x10 [ 409.571269][ T4499] check_panic_on_warn.cold+0x19/0x34 [ 409.573248][ T4499] ? ip_rt_bug+0x2b/0x150 [ 409.575124][ T4499] __warn.cold+0x191/0x328 [ 409.577165][ T4499] __report_bug+0x296/0x3d0 [ 409.579530][ T4499] ? ip_rt_bug+0x2b/0x150 [ 409.581535][ T4499] ? __pfx___report_bug+0x10/0x10 [ 409.583625][ T4499] ? ip_rt_bug+0x2b/0x150 [ 409.585455][ T4499] report_bug+0xb2/0x220 [ 409.587370][ T4499] ? ip_rt_bug+0x2b/0x150 [ 409.589230][ T4499] handle_bug+0x16a/0x2a0 [ 409.591056][ T4499] exc_invalid_op+0x17/0x50 [ 409.592792][ T4499] asm_exc_invalid_op+0x1a/0x20 [ 409.594408][ T4499] RIP: 0010:ip_rt_bug+0x2b/0x150 [ 409.596063][ T4499] Code: 0f 1e fa 41 54 55 53 48 89 d3 48 83 ec 08 e8 bc b7 1b f8 66 90 e8 b5 b7 1b f8 ba 02 00 00 00 48 89 de 31 ff e8 76 31 6c ff 90 <0f> 0b 90 48 83 c4 08 31 c0 5b 5d 41 5c c3 cc cc cc cc e8 8e b7 1b [ 409.602647][ T4499] RSP: 0000:ffffc9000ca57390 EFLAGS: 00010283 [ 409.605103][ T4499] RAX: 0000000000000d68 RBX: ffff88801b689680 RCX: ffffc9000cae1000 [ 409.608213][ T4499] RDX: 0000000000080000 RSI: ffffffff89587da4 RDI: ffffffff8c1c2800 [ 409.611352][ T4499] RBP: ffff88801b689680 R08: 0000000000000001 R09: 0000000000000000 [ 409.614585][ T4499] R10: 0000000000000001 R11: 0000000000000000 R12: ffff88804dd70000 [ 409.617779][ T4499] R13: ffff8880217e8f00 R14: 0000000000000000 R15: ffff88801b6896d8 [ 409.621170][ T4499] ? sk_skb_reason_drop+0x114/0x1b0 [ 409.623630][ T4499] ? __pfx_ip_rt_bug+0x10/0x10 [ 409.625995][ T4499] ip_push_pending_frames+0x29e/0x300 [ 409.628481][ T4499] icmp_push_reply+0x30e/0x450 [ 409.630616][ T4499] __icmp_send+0x11b4/0x2c70 [ 409.632651][ T4499] ? __pfx___icmp_send+0x10/0x10 [ 409.634769][ T4499] ? __pfx_ip_route_input_slow+0x10/0x10 [ 409.637115][ T4499] ? __lock_acquire+0x4a5/0x2630 [ 409.639244][ T4499] ? __ip_options_compile+0x604/0x16a0 [ 409.641625][ T4499] ? ip_route_input_noref+0x15f/0x2e0 [ 409.644002][ T4499] ip_options_compile+0xb6/0x100 [ 409.646287][ T4499] ? __pfx_ip_options_compile+0x10/0x10 [ 409.648743][ T4499] ? __pfx_ip_rcv_finish+0x10/0x10 [ 409.650966][ T4499] ip_rcv_finish_core+0x693/0x2c30 [ 409.653158][ T4499] ip_rcv+0x1c0/0x3c0 [ 409.654868][ T4499] ? __pfx_ip_rcv+0x10/0x10 [ 409.656821][ T4499] __netif_receive_skb_one_core+0x197/0x1e0 [ 409.659414][ T4499] ? __pfx___netif_receive_skb_one_core+0x10/0x10 [ 409.661591][ T4499] ? lock_acquire+0x1b1/0x370 [ 409.663421][ T4499] __netif_receive_skb+0x1f/0x120 [ 409.665170][ T4499] netif_receive_skb+0x13b/0x7f0 [ 409.667037][ T4499] ? __pfx_netif_receive_skb+0x10/0x10 [ 409.669029][ T4499] tun_rx_batched.isra.0+0x3f6/0x750 [ 409.671052][ T4499] ? __pfx_tun_rx_batched.isra.0+0x10/0x10 [ 409.673048][ T4499] ? rcu_is_watching+0x12/0xc0 [ 409.674709][ T4499] ? tun_get_user+0x1cc8/0x3c20 [ 409.676448][ T4499] tun_get_user+0x1e31/0x3c20 [ 409.678138][ T4499] ? __pfx_tun_get_user+0x10/0x10 [ 409.679938][ T4499] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 409.681694][ T4499] ? find_held_lock+0x2b/0x80 [ 409.683222][ T4499] ? tun_get+0x191/0x370 [ 409.684575][ T4499] ? tun_get+0x191/0x370 [ 409.685954][ T4499] tun_chr_write_iter+0xdc/0x200 [ 409.687559][ T4499] vfs_write+0x6ac/0x1070 [ 409.688997][ T4499] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 409.691205][ T4499] ? __pfx_vfs_write+0x10/0x10 [ 409.693246][ T4499] ? find_held_lock+0x2b/0x80 [ 409.694915][ T4499] ksys_write+0x12a/0x250 [ 409.696373][ T4499] ? __pfx_ksys_write+0x10/0x10 [ 409.698050][ T4499] ? rcu_is_watching+0x12/0xc0 [ 409.699853][ T4499] ? rcu_is_watching+0x12/0xc0 [ 409.701778][ T4499] do_int80_emulation+0x141/0x700 [ 409.703790][ T4499] asm_int80_emulation+0x1a/0x20 [ 409.705913][ T4499] RIP: 0023:0xf71e616b [ 409.707619][ T4499] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53 [ 409.716407][ T4499] RSP: 002b:00000000f549d44c EFLAGS: 00000246 ORIG_RAX: 0000000000000004 [ 409.719903][ T4499] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000080000400 [ 409.723237][ T4499] RDX: 0000000000000046 RSI: 0000000000000000 RDI: 0000000000000000 [ 409.726502][ T4499] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 409.729745][ T4499] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 409.733038][ T4499] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 409.736675][ T4499] [ 409.739256][ T4499] Kernel Offset: disabled [ 409.741136][ T4499] Rebooting in 86400 seconds..