last executing test programs: 8m26.74473545s ago: executing program 4 (id=395): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x143ff9, 0x7fe4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) unshare(0x2a020400) bpf$MAP_GET_NEXT_KEY(0x15, &(0x7f00000000c0)={r0, 0x0, 0x0}, 0x20) 8m26.538335077s ago: executing program 4 (id=399): r0 = getpid() r1 = syz_pidfd_open(r0, 0x0) open_by_handle_at(r1, &(0x7f0000000180)=ANY=[@ANYBLOB="15000000fe00000005"], 0x1) 8m26.378063126s ago: executing program 4 (id=403): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) ioctl$TUNGETVNETLE(r0, 0x800454dd, &(0x7f0000000180)) 8m26.160517547s ago: executing program 4 (id=407): r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) readv(r0, &(0x7f0000000d00)=[{&(0x7f0000000700)=""/222, 0xde}, {0x0}], 0x2) ioctl$SG_IO(r0, 0x2285, &(0x7f00000005c0)={0x53, 0xfffffffe, 0x6, 0x2, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000080)="0000501ef663", 0x0, 0x2800004, 0x10030, 0x0, 0x0}) 8m25.22901881s ago: executing program 4 (id=426): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f00000000c0)='sysfs\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000200)='./file0/bus\x00', &(0x7f00000001c0)='sysfs\x00', 0x0, 0x0) 8m24.967103628s ago: executing program 4 (id=432): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0xc048) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a78000000060a0b0400000000000000000200000038000480340001800b00010074617267657400002400028010000100434f4e4e5345434d41524b0005000300ef00000008000240000000000900010073797a30000000000900020073797a3200000000140005"], 0xa0}, 0x1, 0x0, 0x0, 0x40000}, 0x44110) 8m9.886571335s ago: executing program 32 (id=432): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0xc048) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a78000000060a0b0400000000000000000200000038000480340001800b00010074617267657400002400028010000100434f4e4e5345434d41524b0005000300ef00000008000240000000000900010073797a30000000000900020073797a3200000000140005"], 0xa0}, 0x1, 0x0, 0x0, 0x40000}, 0x44110) 2m57.340513591s ago: executing program 1 (id=5714): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TCFLSH(r0, 0x400455c8, 0x104000000008) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000100)=0x31) 2m57.229994695s ago: executing program 1 (id=5716): r0 = syz_io_uring_setup(0x24f8, &(0x7f0000000300)={0x0, 0x0, 0x10100, 0x1, 0xfffffffd}, &(0x7f0000000040)=0x0, &(0x7f0000000080)=0x0) r3 = socket$inet6_sctp(0xa, 0x801, 0x84) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000140)=@un=@file={0x0, './file0\x00'}}) io_uring_enter(r0, 0x5b43, 0x0, 0x0, 0x0, 0x0) 2m57.034090986s ago: executing program 1 (id=5718): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000980)=ANY=[@ANYBLOB="18000000000000040000000000000000850000000e000000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000400)='io_uring_cqe_overflow\x00', r0}, 0x10) r1 = syz_io_uring_setup(0x5078, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000940), &(0x7f0000000000)) io_uring_enter(r1, 0xb15, 0x0, 0x0, 0x0, 0xfffffd45) 2m56.807293359s ago: executing program 1 (id=5723): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x1e) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(&(0x7f0000000080)='./file0/../file0\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x1041, 0x0) umount2(&(0x7f0000000000)='./file0/../file0\x00', 0x1) 2m56.686386349s ago: executing program 1 (id=5725): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x60240) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0xc0a85320, &(0x7f0000001400)={{0x80}, 'port1\x00', 0xe3, 0x1b1c07}) readv(r0, &(0x7f0000000080)=[{&(0x7f0000002600)=""/46, 0x2e}], 0x1) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140), 0x8417f, 0x0) 2m55.860824513s ago: executing program 1 (id=5741): syz_io_uring_setup(0x42e6, &(0x7f00000002c0)={0x0, 0x1943, 0x10100, 0x2002}, 0x0, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0xfffffffffffffe01, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a78000000060a0b0400000000000000000200000038000480340001800b00010074617267657400002400028010000100434f4e4e5345434d41524b0005000300ef00000008000240000000000900010073797a30000000000900020073797a320000000014000580080002400000000008"], 0xa0}}, 0x0) 2m55.481080077s ago: executing program 33 (id=5741): syz_io_uring_setup(0x42e6, &(0x7f00000002c0)={0x0, 0x1943, 0x10100, 0x2002}, 0x0, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0xfffffffffffffe01, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a78000000060a0b0400000000000000000200000038000480340001800b00010074617267657400002400028010000100434f4e4e5345434d41524b0005000300ef00000008000240000000000900010073797a30000000000900020073797a320000000014000580080002400000000008"], 0xa0}}, 0x0) 2m54.516379645s ago: executing program 2 (id=5760): write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0xc95a, 0xf, 0x8, 0x80, 0x2, 0x3, 0x7f, 0x20000006, 0x4d, 0x6, 0x5f, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x7, 0x3, 0x0, 0x5, 0x24, 0x1, 0x7, 0x3c5b, 0x1, 0x24, 0x6, 0x1, 0x5, 0xffffffff, 0xe661, 0x4, 0x7, 0x5, 0x8, 0x4c74, 0x80000000, 0x40000, 0x3, 0xe, 0x0, 0x80008071, 0x7, 0x17, 0x1, 0x407, 0x5, 0x3e, 0x8f, 0x4006, 0x6, 0x0, 0x0, 0x4, 0x8, 0x400, 0x80, 0x0, 0x5, 0x7, 0x8, 0x4, 0xfffffffe, 0x40], [0x10000007, 0xf0000000, 0x8000012f, 0x8004, 0x5, 0x6, 0x129432e6, 0xc8, 0xf9, 0xe, 0x10, 0x6c7, 0x9, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2f, 0xe, 0x312, 0xd, 0xea4, 0xffffffff, 0x4, 0x7, 0x7fff, 0x5a7c, 0x420, 0x401, 0x6, 0x0, 0xff, 0x1, 0x1000005, 0x5f31, 0xd, 0x4e0, 0x2, 0x4, 0xb, 0x4, 0x9, 0x8, 0x9, 0x9, 0x47, 0x8000, 0x1, 0xfe000000, 0xffff, 0xfffffffe, 0x7, 0x9, 0x5, 0x3, 0x9, 0x1, 0x3, 0x6c0, 0xbc45, 0x48c93690, 0x42, 0x3], [0x7, 0x408, 0x8004, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x0, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x9, 0x5, 0x0, 0x2, 0x5, 0x8, 0x10000, 0x3, 0x5, 0x3e7, 0xb, 0x5, 0x2, 0x2, 0x3, 0x20000008, 0x4, 0x6d01, 0x6, 0x1, 0x800003, 0x200, 0x80, 0x3, 0x4, 0x2950bfaf, 0xffe, 0xa2, 0x7, 0xa9, 0x5, 0x9, 0xac8, 0xbf, 0x2, 0x3, 0x7ff, 0x12b, 0x4, 0x1, 0x0, 0x0, 0x5, 0x1c, 0x120000, 0x3, 0x2006, 0x80a2ed, 0x4, 0x25], [0x9, 0xbb33, 0x7, 0xb, 0x5, 0x938, 0x7, 0x6, 0x0, 0xb9, 0xce7, 0x9, 0x2, 0x57, 0x5, 0x3, 0x101, 0x10000, 0x4, 0x7fff, 0xffff, 0x2000a620, 0x2, 0x5, 0x1, 0x2, 0x5, 0xe7, 0x6, 0x16, 0xffffffff, 0x80000003, 0x5, 0x4, 0xc8, 0x9, 0xfffff000, 0x10000, 0x3, 0x7e, 0x100, 0x9602, 0x1, 0xaf, 0x8, 0x6, 0x226, 0x5, 0x5, 0x8, 0x30b1d693, 0xa1f, 0xf40, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1e, 0xd7, 0x200, 0xffff3441, 0xfff]}, 0x45c) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)) unshare(0x26060400) ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0) 2m54.364230136s ago: executing program 2 (id=5761): r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0) syz_usb_disconnect(r0) syz_usb_connect(0x4, 0x1b, &(0x7f0000000200)=ANY=[], 0x0) ioctl$EVIOCRMFF(r0, 0x5501, &(0x7f0000000080)=0x3) 2m53.425158562s ago: executing program 2 (id=5769): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) listen(r0, 0x6) r1 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x258, &(0x7f0000000140)=[{&(0x7f0000000280)="89000000120081ae08060cdc030ec0007f03e3f70003000000e2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec08120800030006010000bdad446b9bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x0) 2m53.138997523s ago: executing program 2 (id=5774): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0) mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x23cdc43, 0x0) umount2(&(0x7f00000002c0)='./file0\x00', 0x0) 2m52.940194341s ago: executing program 2 (id=5778): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4048aecb, 0x0) 2m51.152622021s ago: executing program 2 (id=5782): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000010c0)='/proc/consoles\x00', 0x0, 0x0) read$hiddev(r0, &(0x7f00000000c0)=""/4092, 0xffc) preadv(r0, &(0x7f0000001300)=[{&(0x7f0000000040)=""/17, 0x11}], 0x1, 0x0, 0x0) read$hiddev(r0, &(0x7f0000001100)=""/234, 0xea) 2m50.763028619s ago: executing program 34 (id=5782): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000010c0)='/proc/consoles\x00', 0x0, 0x0) read$hiddev(r0, &(0x7f00000000c0)=""/4092, 0xffc) preadv(r0, &(0x7f0000001300)=[{&(0x7f0000000040)=""/17, 0x11}], 0x1, 0x0, 0x0) read$hiddev(r0, &(0x7f0000001100)=""/234, 0xea) 2m44.097417285s ago: executing program 3 (id=5826): mkdir(&(0x7f0000000180)='./bus\x00', 0x121) r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r0, 0x402, 0x8000003d) rename(&(0x7f0000000040)='./bus\x00', &(0x7f0000000600)='./file0\x00') 2m43.840811693s ago: executing program 3 (id=5829): r0 = socket$inet6(0xa, 0x2, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r1, &(0x7f0000000140)={0xa, 0xe22, 0x0, @loopback={0xff00000000000000}}, 0x1c) bind$inet6(r0, &(0x7f0000000140)={0xa, 0xe22, 0x0, @loopback={0xff00000000000002}}, 0x1c) 2m43.57465567s ago: executing program 3 (id=5831): mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0) remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x10) syz_clone(0xab048400, 0x0, 0x0, 0x0, 0x0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) 2m43.183633046s ago: executing program 3 (id=5833): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn']) chdir(&(0x7f00000000c0)='./file0\x00') mount$afs(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='dyn,']) 2m42.965576233s ago: executing program 3 (id=5834): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {}, 0x2c, {}, 0x2c, {[{@allow_other}]}}) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000000)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) 2m42.228760739s ago: executing program 3 (id=5838): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CAP_DIRTY_LOG_RING(r1, 0x4068aea3, &(0x7f0000000000)={0xc0, 0x0, 0x8000}) ioctl$KVM_GET_DIRTY_LOG(r1, 0x4010ae42, &(0x7f0000000080)={0x8007, 0x0, &(0x7f0000ffb000/0x4000)=nil}) 2m41.880706139s ago: executing program 35 (id=5838): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CAP_DIRTY_LOG_RING(r1, 0x4068aea3, &(0x7f0000000000)={0xc0, 0x0, 0x8000}) ioctl$KVM_GET_DIRTY_LOG(r1, 0x4010ae42, &(0x7f0000000080)={0x8007, 0x0, &(0x7f0000ffb000/0x4000)=nil}) 38.771700236s ago: executing program 6 (id=7758): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000080)=ANY=[@ANYBLOB="01000000000000009f02"]) 38.577015446s ago: executing program 6 (id=7762): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000ff000040720501cb6526010203010902120001000000000904"], 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000f00)={0x24, 0x0, &(0x7f0000000d80)={0x0, 0x3, 0x4, @lang_id={0xd, 0x3, 0x2c01}}, 0x0, 0x0}, 0x0) syz_usb_control_io(r0, &(0x7f0000000340)={0x2c, 0x0, &(0x7f0000000e40)={0x0, 0x3, 0x2, @string={0x2}}, 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io$printer(r0, &(0x7f0000000a80)={0x14, 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="0003a0000000a00389fd598ce73c3ad7b425102707c1aa1090787d78bedb3f15854729b19acf7b7d9376c677034d74572ba6af"]}, 0x0) 36.616521683s ago: executing program 6 (id=7791): getsockopt$inet_udp_int(0xffffffffffffffff, 0x11, 0x0, 0x0, &(0x7f0000000040)) madvise(&(0x7f0000000000/0x600000)=nil, 0x600707, 0x19) mremap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000481000/0x1000)=nil) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 36.496922278s ago: executing program 6 (id=7794): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="010000000000080071000040"]) 36.136053653s ago: executing program 6 (id=7803): r0 = socket$unix(0x1, 0x2, 0x0) r1 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000200)=0x10) bind$unix(r0, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) 35.880734596s ago: executing program 6 (id=7807): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000300)={0x26, 'hash\x00', 0x0, 0x0, 'sha512-generic\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000040)="5e4e13cfdbddcfa18448bf40758737bd6415608291912b9ae4", 0x19}, {&(0x7f0000000100)="1ab667fff78fcae68e59deb5cacb7c84a50f370a41e5", 0x16}, {&(0x7f00000001c0)="0fdb289de6ca60823abbaa702ff53e101928e426f708efd4846128269bc84a7559e4fdccecf1e09b13fd49aaf361885417f89c5809ae74196e9d0edced130f377b14645f0829bf0ebe6d3644d42d220a9f941a6d7a7573d29dfefdbc5f59082be53151c38214d53c7c9c90d7e1bec2116c0b2a7795d57ff271cd48a3e21722a8ed6d763953a004041bd7d17778c3773f5ab262689db527d65ba8f0aea06321c728a5f7b572ef93f61bd99fe41341ad0507cc7f67c785b55703b85c999bbd67ce5f7f6b15a64e8052827cac9b31df0327fb", 0xd1}], 0x3, &(0x7f0000000400), 0x0, 0x8000}, 0x10004000) 20.874336237s ago: executing program 36 (id=7807): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000300)={0x26, 'hash\x00', 0x0, 0x0, 'sha512-generic\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000040)="5e4e13cfdbddcfa18448bf40758737bd6415608291912b9ae4", 0x19}, {&(0x7f0000000100)="1ab667fff78fcae68e59deb5cacb7c84a50f370a41e5", 0x16}, {&(0x7f00000001c0)="0fdb289de6ca60823abbaa702ff53e101928e426f708efd4846128269bc84a7559e4fdccecf1e09b13fd49aaf361885417f89c5809ae74196e9d0edced130f377b14645f0829bf0ebe6d3644d42d220a9f941a6d7a7573d29dfefdbc5f59082be53151c38214d53c7c9c90d7e1bec2116c0b2a7795d57ff271cd48a3e21722a8ed6d763953a004041bd7d17778c3773f5ab262689db527d65ba8f0aea06321c728a5f7b572ef93f61bd99fe41341ad0507cc7f67c785b55703b85c999bbd67ce5f7f6b15a64e8052827cac9b31df0327fb", 0xd1}], 0x3, &(0x7f0000000400), 0x0, 0x8000}, 0x10004000) 2.078892309s ago: executing program 7 (id=8265): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a01000/0x4000)=nil, 0x4000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) mremap(&(0x7f00009a1000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000fef000/0x4000)=nil) mremap(&(0x7f000040b000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f00004b3000/0x4000)=nil) 2.013951951s ago: executing program 9 (id=8267): openat$ppp(0xffffffffffffff9c, &(0x7f00000001c0), 0x88802, 0x0) r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 1.780835086s ago: executing program 5 (id=8270): r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) io_setup(0x7ff, &(0x7f0000002080)=0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001000)={{0x14}, [], {0x14, 0x11, 0x1, 0x0, 0x0, {0xa}}}, 0x28}}, 0x0) io_submit(r1, 0x1, &(0x7f0000000100)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7, 0x2, r0, &(0x7f0000000000)='P', 0x1}]) 1.581722744s ago: executing program 5 (id=8273): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="0100000000e1ffff050001c0"]) 1.448587765s ago: executing program 7 (id=8275): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000dfff75390000000000000000850000007500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00', r0}, 0x10) r1 = io_uring_setup(0x1f93, &(0x7f0000000000)={0x0, 0x0, 0x40}) io_uring_register$IORING_REGISTER_RESTRICTIONS(r1, 0xb, 0x0, 0x0) 1.346954437s ago: executing program 5 (id=8278): r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000), 0x420a0, 0x0) r1 = syz_open_dev$usbfs(&(0x7f0000000040), 0x20000007d, 0x292200) pread64(r1, &(0x7f0000000140)=""/4075, 0xfeb, 0x8) ioctl$IOCTL_STOP_ACCEL_DEV(r0, 0x40096101, &(0x7f0000000100)={{}, 0xc6}) 1.32771571s ago: executing program 7 (id=8279): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000080)=ANY=[@ANYBLOB="0100000000000000e1"]) 1.299587519s ago: executing program 0 (id=8280): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'\x00', 0x1}) ioctl$TUNSETPERSIST(r0, 0x400454c9, 0x1) ioctl$TUNSETNOCSUM(r0, 0x400454c8, 0x1) 1.164718864s ago: executing program 5 (id=8281): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000f000000850000007500000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r1}, 0x18) sendmsg$nl_xfrm(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000005d00)=@newsa={0xf0, 0x10, 0x1, 0x0, 0x2, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in6=@empty, 0x0, 0x0, 0x4e21, 0x0, 0xa, 0x0, 0x80, 0x2c}, {@in=@rand_addr=0x64010101, 0x4d4, 0x33}, @in6=@mcast1, {0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x2000, 0x0, 0x0, 0x8000000000}, {0x0, 0x0, 0xffc2, 0x4}, {0x0, 0x0, 0x8}, 0x70bd29, 0x0, 0xa, 0x3}}, 0xf0}}, 0x80) 1.147057872s ago: executing program 8 (id=8282): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)="5c00000026006bab9a3fe3d86e17aa31106b876c1d0000007ea60864160af36504001a0038001d004231a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb5b64f69853362ac3407173ec", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) 1.108736325s ago: executing program 5 (id=8283): unshare(0x8040600) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000005c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0e3ccae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0842b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730302b66a99f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca20508011132153c528f7bca92980a3223c5b9cdddedb0a14adddf9a6e70a26b5c0ee0879c349814bee9d96d8bd23db4e801d49201ae84090455682794098afa42b34196b1d849020eeeb1ef48d003d71524683d7cdfa841bca708414fb8ff49742420d1ab7fa678aa4806d5247616e8bc0b02887f8efe9310ccf9bec1c9b7f6671c9d59ac6b09b4436cafdd1887c8e884c930d21ace088ccc99a94d4b33da2fc1b1310bb607a9ad65844655de1ac9fd36d12e07a821fb950368a970c58fb4f3f403fdaf68902874"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000180)={r1, 0x7}, 0xa) 1.086103008s ago: executing program 9 (id=8284): mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0) mount$afs(0x0, &(0x7f0000002840)='./file0\x00', &(0x7f0000002880), 0x700, &(0x7f00000000c0)={[{@dyn}]}) r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='mounts\x00') read$FUSE(r0, &(0x7f0000000cc0)={0x2020}, 0x2020) 1.012643964s ago: executing program 0 (id=8285): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$UHID_INPUT(r0, &(0x7f0000001980)={0x8, {"85f080884e142b266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb69e6f4048f2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778681ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659e506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b560300020000000000005131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa812a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe65701000000000000000742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d158607883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca89db0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7f6ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a00", 0x1000}}, 0x1006) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080)=0x4) 1.000839726s ago: executing program 7 (id=8286): unshare(0x22020600) r0 = getpid() r1 = syz_pidfd_open(r0, 0x0) open_by_handle_at(r1, 0x0, 0x200000) 957.37144ms ago: executing program 8 (id=8287): r0 = open(&(0x7f0000000080)='./bus\x00', 0x400040042, 0x129) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x13, r0, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_ADD_COUNTERS(r1, 0x29, 0x41, &(0x7f0000000fc0)=ANY=[@ANYBLOB="6e6174000000000000000000000000000000000000000000000000000000000005"], 0x78) 927.37232ms ago: executing program 5 (id=8288): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) nanosleep(0x0, 0x0) 912.398166ms ago: executing program 0 (id=8289): mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000000000/0x9000)=nil, 0x600000, 0x600000, 0x3, &(0x7f0000a00000/0x600000)=nil) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0) 884.758309ms ago: executing program 7 (id=8290): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000033bc0e00000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000800)=ANY=[@ANYBLOB="240000001a001fffffffff7f0000000080"], 0x24}}, 0x0) 861.969301ms ago: executing program 9 (id=8291): r0 = syz_io_uring_setup(0x33f, &(0x7f0000000180)={0x0, 0x89aa, 0x10100, 0x3, 0xe6}, &(0x7f0000000200), &(0x7f0000000380)) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000610000001801000020207325000000000020"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) io_uring_register$IORING_REGISTER_SYNC_CANCEL(r0, 0x18, &(0x7f0000000000)={0xfff, r0, 0x2d, {0x6, 0x5}, 0x6}, 0x1) 817.708289ms ago: executing program 8 (id=8292): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'netdevsim0\x00', 0x0}) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_inet6_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={@private1, 0xe8, r1}) 735.801217ms ago: executing program 7 (id=8293): timer_create(0x0, &(0x7f0000000680)={0x0, 0x21}, &(0x7f0000000100)) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x20082, 0x0) writev(r0, &(0x7f0000000040)=[{&(0x7f0000000e40)='\b', 0x17ff}], 0x5) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) 652.695351ms ago: executing program 8 (id=8294): r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_ERR_FILTER(r0, 0x65, 0x7, &(0x7f0000000100)=0x43, 0x4) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000000c0)={'vxcan1\x00', 0x0}) sendmsg$can_raw(r0, &(0x7f0000000180)={&(0x7f00000005c0)={0x1d, r1}, 0x10, &(0x7f0000000140)={&(0x7f0000000040)=@canfd={{}, 0x0, 0x3, 0x0, 0x0, "f124a6bed4a6e874c28a9af81606b403693c64c130d1c03d41c1da8ebbbd090ffdef352b1d82f25c7719aa569b4e29f1b1c3200d701547228df8a88f7c32e749"}, 0x48}, 0x2, 0x0, 0x0, 0x80}, 0x0) 640.195066ms ago: executing program 0 (id=8295): r0 = io_uring_setup(0x4975, &(0x7f0000000380)={0x0, 0x6fbe, 0x400, 0x0, 0xfffffffe}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) bind$unix(r1, &(0x7f0000000180)=@file={0x1, './file0\x00'}, 0x6e) close_range(r0, 0xffffffffffffffff, 0x0) 613.858913ms ago: executing program 9 (id=8296): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=@bridge_dellink={0x34, 0x11, 0x5, 0x0, 0x0, {0x7, 0x0, 0x0, r2}, [@IFLA_AF_SPEC={0x14, 0x1a, 0x0, 0x1, [@AF_INET={0x10, 0x4, 0x0, 0x1, {0xc, 0x2, 0x0, 0x1, [{0x8, 0x1a, 0x0, 0x0, 0x1000}]}}]}]}, 0x34}}, 0x0) 457.21747ms ago: executing program 8 (id=8297): r0 = socket$netlink(0x10, 0x3, 0x4) r1 = socket$inet(0x2, 0x80001, 0x84) listen(r1, 0x3) writev(r0, &(0x7f0000000080)=[{&(0x7f0000000000)="480000001400190d09004beafc0d8c560a8447608004000000000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1) 360.611726ms ago: executing program 9 (id=8298): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000000)='oom_adj\x00') ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000040)={0x8, 0x0, 0x4, r2, 0xd}) 356.659114ms ago: executing program 0 (id=8299): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000180)={0x0, 0x0, 0x0, 'queue0\x00'}) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @dev={'\xaa\xaa\xaa\xaa\xaa', 0x26}}) write$sndseq(r0, &(0x7f0000000000)=[{0x22, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32={[0x0, 0x0, 0x95ffffff]}}], 0xffc8) 197.930283ms ago: executing program 8 (id=8300): syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='attr/exec\x00') prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000001800)='fd/3\x00') write$RDMA_USER_CM_CMD_BIND_IP(r0, 0x0, 0x0) 986.481µs ago: executing program 9 (id=8301): listen(0xffffffffffffffff, 0x0) clock_settime(0x0, &(0x7f0000000240)={0x77359400}) clock_adjtime(0x0, &(0x7f0000000640)={0x7, 0x9, 0x380000, 0x8, 0xfffffffffffffff9, 0xfffffffffffffff7, 0x9, 0x0, 0xae, 0x6, 0x7, 0x4, 0xfffffffffffff04f, 0x7, 0x80000000, 0xfffffffffffffff8, 0xffffffffffffffff, 0x6, 0x0, 0x100, 0x4, 0x2, 0x5, 0x3, 0x8, 0x8}) clock_adjtime(0x0, &(0x7f0000000900)={0x6, 0xe, 0xf, 0x0, 0xf, 0x8000000000000000, 0xa, 0x2, 0x9, 0x2, 0x4, 0x8000000000000000, 0xc, 0x9, 0x7, 0x9, 0x7, 0x3, 0x8, 0xfffffffffffffffa, 0x0, 0x5, 0x8, 0x7, 0x3, 0x6}) 0s ago: executing program 0 (id=8302): r0 = socket(0x10, 0x3, 0x0) r1 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f00000000c0)=@newqdisc={0x64, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x34, 0x2, {{0x59b, 0xb, 0xfffffffa, 0x10001, 0x1, 0xfffffff3}, [@TCA_NETEM_RATE64={0xc, 0x8, 0x7cd152924d735855}, @TCA_NETEM_LATENCY64={0xc, 0xa, 0x81}]}}}]}, 0x64}}, 0x0) kernel console output (not intermixed with test programs): 9200 comm="syz.0.5870" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6fcf38e169 code=0x0 [ 470.528552][ T53] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 470.540417][ T53] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 470.551386][ T53] bond0 (unregistering): Released all slaves [ 470.706028][ T53] team0: Port device bond1 removed [ 470.713695][ T53] bond1 (unregistering): Released all slaves [ 470.861150][ T53] : left promiscuous mode [ 470.888620][T19131] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 470.896643][T19131] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 470.923584][T19131] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 470.939929][T19131] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 470.948489][T19131] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 470.974997][T19131] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 471.052988][ T53] tipc: Left network mode [ 471.104134][T19131] hsr_slave_0: entered promiscuous mode [ 471.111144][T19131] hsr_slave_1: entered promiscuous mode [ 471.118329][T19131] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 471.126173][T19131] Cannot create hsr debugfs directory [ 471.243780][T18976] 8021q: adding VLAN 0 to HW filter on device bond0 [ 471.290440][T19212] netlink: 20 bytes leftover after parsing attributes in process `syz.5.5875'. [ 471.420748][T18976] 8021q: adding VLAN 0 to HW filter on device team0 [ 471.503611][ T53] hsr_slave_0: left promiscuous mode [ 471.526597][ T53] hsr_slave_1: left promiscuous mode [ 471.545983][ T53] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 471.553463][ T53] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 471.572998][ T53] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 471.583632][ T53] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 471.605576][ T53] veth1_macvtap: left promiscuous mode [ 471.611137][ T53] veth0_macvtap: left promiscuous mode [ 471.616947][ T53] veth1_vlan: left promiscuous mode [ 471.622352][ T53] veth0_vlan: left promiscuous mode [ 472.119139][ T53] team0 (unregistering): Port device team_slave_1 removed [ 472.158888][ T53] team0 (unregistering): Port device team_slave_0 removed [ 472.185642][ T5847] Bluetooth: hci0: command tx timeout [ 472.652224][ T131] bridge0: port 1(bridge_slave_0) entered blocking state [ 472.659456][ T131] bridge0: port 1(bridge_slave_0) entered forwarding state [ 472.712560][T12679] bridge0: port 2(bridge_slave_1) entered blocking state [ 472.719744][T12679] bridge0: port 2(bridge_slave_1) entered forwarding state [ 472.987946][T18858] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 473.014998][T19131] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 473.056107][T19131] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 473.076125][T19131] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 473.090744][T19131] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 473.314223][T19131] 8021q: adding VLAN 0 to HW filter on device bond0 [ 473.331972][T18976] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 473.378631][T19131] 8021q: adding VLAN 0 to HW filter on device team0 [ 473.402021][T12682] bridge0: port 1(bridge_slave_0) entered blocking state [ 473.409258][T12682] bridge0: port 1(bridge_slave_0) entered forwarding state [ 473.433700][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 473.440949][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 473.604739][T18858] veth0_vlan: entered promiscuous mode [ 473.634855][T18858] veth1_vlan: entered promiscuous mode [ 473.719728][T18858] veth0_macvtap: entered promiscuous mode [ 473.741338][T18858] veth1_macvtap: entered promiscuous mode [ 473.778126][T18858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 473.795299][T18858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 473.809898][T18858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 473.820830][T18858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 473.832688][T18858] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 473.858797][T18858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 473.870507][T18858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 473.881843][T18858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 473.893207][T18858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 473.906326][T18858] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 473.936643][T18858] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 473.947116][T18858] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 473.957356][T18858] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 473.966488][T18858] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 474.018329][T18976] veth0_vlan: entered promiscuous mode [ 474.034766][T19131] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 474.058063][T18976] veth1_vlan: entered promiscuous mode [ 474.137820][T18976] veth0_macvtap: entered promiscuous mode [ 474.167598][T18976] veth1_macvtap: entered promiscuous mode [ 474.200910][T18976] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 474.214954][T18976] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.231116][T18976] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 474.241935][T18976] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.252387][T18976] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 474.263289][T18976] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.266070][ T5847] Bluetooth: hci0: command tx timeout [ 474.277110][T18976] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 474.301914][T18976] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 474.321956][T18976] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.333555][T18976] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 474.349953][T18976] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.364255][T18976] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 474.375899][T18976] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.387943][T18976] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 474.403049][T18976] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 474.412967][T18976] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 474.422293][T18976] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 474.433109][T18976] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 474.500948][T19218] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 474.515976][T19218] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 474.549245][T19131] veth0_vlan: entered promiscuous mode [ 474.557658][T19218] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 474.564339][T19218] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 474.576904][T19131] veth1_vlan: entered promiscuous mode [ 474.603845][T19218] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 474.629108][T19218] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 474.635139][T19218] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 474.643914][T19131] veth0_macvtap: entered promiscuous mode [ 474.654142][T19131] veth1_macvtap: entered promiscuous mode [ 474.666813][ T5847] Bluetooth: hci2: command 0x0406 tx timeout [ 474.677202][T19218] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 474.688983][T19131] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 474.699659][T19131] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.710840][T19131] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 474.724200][T19131] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.734285][T19131] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 474.745001][T19131] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.756021][T19131] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 474.766566][T19131] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.778500][T19131] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 474.781281][T19218] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 474.793813][T19218] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 474.805147][T19131] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 474.807274][T19218] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 474.824563][T19131] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.835713][T19131] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 474.847349][T19131] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.857357][T19131] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 474.868319][T19131] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.878273][T19131] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 474.889877][T19131] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 474.901635][T19131] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 474.916518][T19218] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 474.922628][T19218] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 474.927838][T19131] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 474.940276][T19131] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 474.949777][T19131] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 474.960111][T19131] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 474.974211][T19218] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 475.142220][T12678] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 475.169498][T12678] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 475.222485][T12679] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 475.251414][T12679] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 475.320633][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 475.352928][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 475.395649][T12678] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 475.403520][T12678] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 475.474046][T12679] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 475.516499][T12679] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 475.553233][T12678] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 475.561261][T12678] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 476.367926][T19289] wireguard0: entered promiscuous mode [ 476.382785][T19289] wireguard0: entered allmulticast mode [ 476.585413][ T5847] Bluetooth: hci1: command 0x0405 tx timeout [ 476.665894][ T5847] Bluetooth: hci3: command 0x0c1a tx timeout [ 476.745497][ T5847] Bluetooth: hci2: command 0x0406 tx timeout [ 476.774012][T19300] netlink: 20 bytes leftover after parsing attributes in process `syz.5.5896'. [ 476.825868][ T5847] Bluetooth: hci4: command 0x0c1a tx timeout [ 476.995974][ T5847] Bluetooth: hci0: command 0x0c1a tx timeout [ 477.171433][T19308] netlink: 4 bytes leftover after parsing attributes in process `syz.8.5899'. [ 478.675418][ T5847] Bluetooth: hci1: command 0x0405 tx timeout [ 478.758561][ T5847] Bluetooth: hci3: command 0x0c1a tx timeout [ 478.907719][ T5847] Bluetooth: hci4: command 0x0c1a tx timeout [ 479.075461][ T5847] Bluetooth: hci0: command 0x0c1a tx timeout [ 480.006069][T19389] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5936'. [ 480.137369][T19391] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 480.137457][T19391] IPv6: NLM_F_CREATE should be set when creating new route [ 480.137503][T19391] IPv6: NLM_F_CREATE should be set when creating new route [ 480.137530][T19391] IPv6: NLM_F_CREATE should be set when creating new route [ 480.745924][ T5847] Bluetooth: hci1: command 0x0405 tx timeout [ 480.826542][ T5847] Bluetooth: hci3: command 0x0c1a tx timeout [ 480.834922][T19410] netlink: 48 bytes leftover after parsing attributes in process `syz.6.5945'. [ 480.985519][ T5847] Bluetooth: hci4: command 0x0c1a tx timeout [ 481.147969][ T5847] Bluetooth: hci0: command 0x0c1a tx timeout [ 481.281779][T19423] netlink: 8 bytes leftover after parsing attributes in process `syz.8.5952'. [ 481.935166][T19450] loop6: detected capacity change from 0 to 524287999 [ 481.979183][T18858] buffer_io_error: 27 callbacks suppressed [ 481.979203][T18858] Buffer I/O error on dev loop6, logical block 0, async page read [ 481.995166][T19455] Buffer I/O error on dev loop6, logical block 1048575, async page read [ 482.014638][T18858] Buffer I/O error on dev loop6, logical block 0, async page read [ 482.038427][T18858] Buffer I/O error on dev loop6, logical block 0, async page read [ 482.083849][T18858] Buffer I/O error on dev loop6, logical block 0, async page read [ 482.110750][T18858] Buffer I/O error on dev loop6, logical block 0, async page read [ 482.123070][T18858] Buffer I/O error on dev loop6, logical block 0, async page read [ 482.134472][T18858] Buffer I/O error on dev loop6, logical block 0, async page read [ 482.152562][T18858] Buffer I/O error on dev loop6, logical block 0, async page read [ 482.166388][T19461] netlink: 8 bytes leftover after parsing attributes in process `syz.8.5969'. [ 482.179239][T19461] netlink: 'syz.8.5969': attribute type 15 has an invalid length. [ 482.188507][T18858] ldm_validate_partition_table(): Disk read failed. [ 482.195235][T18858] Buffer I/O error on dev loop6, logical block 0, async page read [ 482.208572][T18858] Dev loop6: unable to read RDB block 0 [ 482.214212][T19461] netlink: 4 bytes leftover after parsing attributes in process `syz.8.5969'. [ 482.226021][T18858] loop6: unable to read partition table [ 482.233911][T19450] ldm_validate_partition_table(): Disk read failed. [ 482.249237][T19450] Dev loop6: unable to read RDB block 0 [ 482.264095][T19450] loop6: unable to read partition table [ 482.264736][T19461] netdevsim netdevsim8 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 482.286670][T19461] netdevsim netdevsim8 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 482.288977][T19450] loop_reread_partitions: partition scan of loop6 (3 xC) failed (rc=-5) [ 482.295977][T19461] netdevsim netdevsim8 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 482.313918][T19461] netdevsim netdevsim8 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 482.353538][ T5202] ldm_validate_partition_table(): Disk read failed. [ 482.392280][ T5202] Dev loop6: unable to read RDB block 0 [ 482.416118][ T5202] loop6: unable to read partition table [ 483.005176][T19491] netlink: 192 bytes leftover after parsing attributes in process `syz.0.5981'. [ 485.180667][T19562] netlink: 'syz.5.6015': attribute type 2 has an invalid length. [ 485.195168][T19562] netlink: 132 bytes leftover after parsing attributes in process `syz.5.6015'. [ 485.488747][T19578] tun0: tun_chr_ioctl cmd 1074812117 [ 485.843959][T19596] syzkaller0: tun_chr_ioctl cmd 35111 [ 486.019359][T19601] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 486.111359][T12678] bond0: (slave syz_tun): interface is now down [ 486.123515][T12678] bond0: now running without any active interface! [ 486.535739][T19619] pim6reg0: tun_chr_ioctl cmd 1074025681 [ 488.245389][ T47] usb 6-1: new full-speed USB device number 25 using dummy_hcd [ 488.427665][ T47] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 488.450097][ T47] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 488.477360][ T47] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 488.486754][ T47] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 488.494798][ T47] usb 6-1: Product: syz [ 488.509748][ T47] usb 6-1: Manufacturer: syz [ 488.519590][ T47] usb 6-1: SerialNumber: syz [ 488.747766][ T47] usb 6-1: 0:2 : does not exist [ 488.820479][ T47] usb 6-1: 5:0: failed to get current value for ch 0 (-22) [ 488.900021][ T47] usb 6-1: USB disconnect, device number 25 [ 490.139495][T19761] netlink: 'syz.6.6103': attribute type 10 has an invalid length. [ 490.201462][T19761] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 490.235098][T19761] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 490.292581][T19764] netlink: 'syz.6.6103': attribute type 10 has an invalid length. [ 490.324060][T19764] netlink: 40 bytes leftover after parsing attributes in process `syz.6.6103'. [ 490.365616][T19764] batadv0: entered promiscuous mode [ 490.376005][T19764] batadv0: entered allmulticast mode [ 490.393301][T19764] bond0: (slave batadv0): Releasing backup interface [ 490.431331][T19764] bridge0: port 3(batadv0) entered blocking state [ 490.453537][T19764] bridge0: port 3(batadv0) entered disabled state [ 490.645125][T19776] mkiss: ax0: crc mode is auto. [ 490.708775][T12682] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 490.718393][T12682] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 491.222848][T19803] vxcan1: tx address claim with dlc 0 [ 491.259516][T19808] input: syz0 as /devices/virtual/input/input36 [ 492.182472][T19842] netlink: 'syz.7.6142': attribute type 18 has an invalid length. [ 494.042373][T19901] netlink: 10 bytes leftover after parsing attributes in process `syz.8.6169'. [ 495.299464][T19974] netlink: 32 bytes leftover after parsing attributes in process `syz.8.6204'. [ 495.327269][T19974] bridge0: port 2(bridge_slave_1) entered disabled state [ 495.428646][T19981] cifs: Unknown parameter 'mode' [ 495.653058][T19993] batman_adv: batadv0: Adding interface: dummy0 [ 495.659578][T19993] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 495.690639][T19993] batman_adv: batadv0: Interface activated: dummy0 [ 495.746305][T19135] usb 9-1: new high-speed USB device number 2 using dummy_hcd [ 495.809189][T19997] netlink: 164 bytes leftover after parsing attributes in process `syz.0.6215'. [ 495.906086][T19135] usb 9-1: Using ep0 maxpacket: 16 [ 495.918207][T19135] usb 9-1: config 8 has an invalid interface number: 39 but max is 0 [ 495.938667][T19135] usb 9-1: config 8 has no interface number 0 [ 495.953798][T19135] usb 9-1: config 8 interface 39 altsetting 1 has an endpoint descriptor with address 0xDF, changing to 0x8F [ 495.984781][T19135] usb 9-1: config 8 interface 39 altsetting 1 endpoint 0x8F has invalid wMaxPacketSize 0 [ 496.000421][T19135] usb 9-1: config 8 interface 39 altsetting 1 bulk endpoint 0x8F has invalid maxpacket 0 [ 496.010451][T19135] usb 9-1: config 8 interface 39 has no altsetting 0 [ 496.033680][T19135] usb 9-1: New USB device found, idVendor=05ac, idProduct=c704, bcdDevice=62.77 [ 496.044653][T19135] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 496.055669][T20008] nbd: socks must be embedded in a SOCK_ITEM attr [ 496.060105][T19135] usb 9-1: Product: syz [ 496.067202][T19135] usb 9-1: Manufacturer: syz [ 496.071920][T19135] usb 9-1: SerialNumber: syz [ 496.552491][ T30] audit: type=1326 audit(1745217967.948:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20030 comm="syz.6.6229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcf238e169 code=0x7ffc0000 [ 496.579330][ T30] audit: type=1326 audit(1745217967.948:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20030 comm="syz.6.6229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcf238e169 code=0x7ffc0000 [ 496.610310][T20033] blk_print_req_error: 27 callbacks suppressed [ 496.610332][T20033] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 496.626856][ T30] audit: type=1326 audit(1745217967.978:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20030 comm="syz.6.6229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=232 compat=0 ip=0x7fbcf238e169 code=0x7ffc0000 [ 496.649152][T20033] buffer_io_error: 40 callbacks suppressed [ 496.649172][T20033] Buffer I/O error on dev nbd0, logical block 0, async page read [ 496.676019][T20033] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 496.685192][T20033] Buffer I/O error on dev nbd0, logical block 0, async page read [ 496.699224][ T30] audit: type=1326 audit(1745217967.978:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20030 comm="syz.6.6229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcf238e169 code=0x7ffc0000 [ 496.737755][T19135] ipheth 9-1:8.39: ipheth_enable_ncm: usb_control_msg: 0 [ 496.750664][T20033] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 496.761899][T20036] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 496.777935][ T30] audit: type=1326 audit(1745217967.978:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20030 comm="syz.6.6229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcf238e169 code=0x7ffc0000 [ 496.795678][T20033] Buffer I/O error on dev nbd0, logical block 0, async page read [ 496.823974][T19135] ipheth 9-1:8.39: Apple iPhone USB Ethernet device attached [ 496.836400][T20033] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 496.875384][T20033] Buffer I/O error on dev nbd0, logical block 0, async page read [ 496.883523][T20033] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 496.898544][T20033] Buffer I/O error on dev nbd0, logical block 0, async page read [ 496.909178][T20033] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 496.924054][T20033] Buffer I/O error on dev nbd0, logical block 0, async page read [ 496.964828][ T5893] usb 9-1: USB disconnect, device number 2 [ 496.997105][T20033] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 497.017163][T20033] Buffer I/O error on dev nbd0, logical block 0, async page read [ 497.031928][T20033] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 497.044006][T20033] Buffer I/O error on dev nbd0, logical block 0, async page read [ 497.054017][ T5893] ipheth 9-1:8.39: Apple iPhone USB Ethernet now disconnected [ 497.072984][T20033] ldm_validate_partition_table(): Disk read failed. [ 497.083153][T20033] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 497.099157][T20033] Buffer I/O error on dev nbd0, logical block 0, async page read [ 497.108603][T20033] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 497.123078][T20033] Buffer I/O error on dev nbd0, logical block 0, async page read [ 497.140912][T20033] Dev nbd0: unable to read RDB block 0 [ 497.153664][T20033] nbd0: unable to read partition table [ 498.173727][T20081] 8021q: adding VLAN 0 to HW filter on device bond1 [ 498.183757][T20081] bridge0: port 3(bond1) entered blocking state [ 498.191748][T20081] bridge0: port 3(bond1) entered disabled state [ 498.199578][T20081] bond1: entered allmulticast mode [ 498.209632][T20081] bond1: entered promiscuous mode [ 498.215726][T20081] bridge0: port 3(bond1) entered blocking state [ 498.222149][T20081] bridge0: port 3(bond1) entered forwarding state [ 498.233312][T12679] bridge0: port 3(bond1) entered disabled state [ 498.345453][T19135] usb 6-1: new high-speed USB device number 26 using dummy_hcd [ 498.378901][T20091] (syz.6.6257,20091,1):dlmfs_mkdir:421 ERROR: invalid domain name for directory. [ 498.516665][T19135] usb 6-1: config 0 has an invalid interface number: 104 but max is 0 [ 498.536155][T19135] usb 6-1: config 0 has no interface number 0 [ 498.542283][T19135] usb 6-1: config 0 interface 104 has no altsetting 0 [ 498.568467][T19135] usb 6-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=a1.c9 [ 498.584749][T19135] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 498.594588][T19135] usb 6-1: Product: syz [ 498.599254][T19135] usb 6-1: Manufacturer: syz [ 498.604002][T19135] usb 6-1: SerialNumber: syz [ 498.613188][T19135] usb 6-1: config 0 descriptor?? [ 498.631809][T19135] gspca_main: vc032x-2.14.0 probing 0ac8:0321 [ 498.683838][T20106] vxcan1: tx address claim with dest, not broadcast [ 498.826769][T19135] gspca_vc032x: reg_r err -71 [ 498.831530][T19135] gspca_vc032x: I2c Bus Busy Wait 00 [ 498.838639][T19135] gspca_vc032x: I2c Bus Busy Wait 00 [ 498.843986][T19135] gspca_vc032x: I2c Bus Busy Wait 00 [ 498.854350][T19135] gspca_vc032x: I2c Bus Busy Wait 00 [ 498.862202][T19135] gspca_vc032x: I2c Bus Busy Wait 00 [ 498.868051][T19135] gspca_vc032x: I2c Bus Busy Wait 00 [ 498.873509][T19135] gspca_vc032x: I2c Bus Busy Wait 00 [ 498.879229][T19135] gspca_vc032x: I2c Bus Busy Wait 00 [ 498.884643][T19135] gspca_vc032x: I2c Bus Busy Wait 00 [ 498.907306][T19135] gspca_vc032x: I2c Bus Busy Wait 00 [ 498.912684][T19135] gspca_vc032x: I2c Bus Busy Wait 00 [ 498.935403][T19135] gspca_vc032x: I2c Bus Busy Wait 00 [ 498.940765][T19135] gspca_vc032x: I2c Bus Busy Wait 00 [ 498.954376][T19135] gspca_vc032x: I2c Bus Busy Wait 00 [ 498.961054][T19135] gspca_vc032x: I2c Bus Busy Wait 00 [ 498.969965][T19135] gspca_vc032x: I2c Bus Busy Wait 00 [ 498.986087][T19135] gspca_vc032x: I2c Bus Busy Wait 00 [ 498.991434][T19135] gspca_vc032x: I2c Bus Busy Wait 00 [ 499.012652][T19135] gspca_vc032x: Unknown sensor... [ 499.020377][T19135] vc032x 6-1:0.104: probe with driver vc032x failed with error -22 [ 499.033971][T19135] usb 6-1: USB disconnect, device number 26 [ 499.665687][ T5893] usb 6-1: new high-speed USB device number 27 using dummy_hcd [ 499.734220][T20145] netlink: 10 bytes leftover after parsing attributes in process `syz.7.6282'. [ 499.839154][ T5893] usb 6-1: Using ep0 maxpacket: 32 [ 499.858880][ T5893] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 499.883589][ T5893] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 499.911453][ T5893] usb 6-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 499.929654][ T5893] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 499.942369][ T5893] usb 6-1: config 0 descriptor?? [ 499.957190][ T5893] hub 6-1:0.0: USB hub found [ 500.169095][ T5893] hub 6-1:0.0: config failed, hub doesn't have any ports! (err -19) [ 500.399312][ T5893] usbhid 6-1:0.0: can't add hid device: -71 [ 500.405816][ T5893] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 500.451040][ T5893] usb 6-1: USB disconnect, device number 27 [ 500.626996][T20160] tap0: tun_chr_ioctl cmd 1074025677 [ 500.634780][T20160] tap0: linktype set to 805 [ 500.712196][T20164] netlink: 12 bytes leftover after parsing attributes in process `syz.8.6291'. [ 501.081165][ T5893] kernel write not supported for file /amidi2 (pid: 5893 comm: kworker/1:5) [ 501.715551][ T5893] usb 6-1: new high-speed USB device number 28 using dummy_hcd [ 501.901226][ T5893] usb 6-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36 [ 501.920942][ T5893] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 501.965540][ T5893] usb 6-1: Product: syz [ 501.969848][ T5893] usb 6-1: Manufacturer: syz [ 501.974475][ T5893] usb 6-1: SerialNumber: syz [ 502.006731][ T5893] usb 6-1: config 0 descriptor?? [ 502.018297][ T5893] ch341 6-1:0.0: ch341-uart converter detected [ 502.232969][T20197] netlink: 156 bytes leftover after parsing attributes in process `syz.5.6306'. [ 502.261300][ T5893] usb 6-1: failed to receive control message: -71 [ 502.281195][ T5893] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71 [ 502.297352][ T5893] usb 6-1: USB disconnect, device number 28 [ 502.304570][ T5893] ch341 6-1:0.0: device disconnected [ 502.892416][T20228] lo: entered allmulticast mode [ 502.911558][T20228] tunl0: entered allmulticast mode [ 502.920058][T20228] gre0: entered allmulticast mode [ 502.930213][T20228] gretap0: entered allmulticast mode [ 502.940690][T20228] erspan0: entered allmulticast mode [ 502.950265][T20228] ip_vti0: entered allmulticast mode [ 502.962377][T20228] ip6_vti0: entered allmulticast mode [ 502.970491][T20228] sit0: entered allmulticast mode [ 502.979695][T20228] ip6tnl0: entered allmulticast mode [ 502.988355][T20228] ip6gre0: entered allmulticast mode [ 503.001142][T20228] syz_tun: entered allmulticast mode [ 503.012335][T20228] ip6gretap0: entered allmulticast mode [ 503.039393][T20228] bridge0: port 2(bridge_slave_1) entered disabled state [ 503.047342][T20228] bridge0: port 1(bridge_slave_0) entered disabled state [ 503.066346][T20228] bridge0: entered allmulticast mode [ 503.090650][T20228] vcan0: entered allmulticast mode [ 503.103325][T20228] bond0: entered allmulticast mode [ 503.108598][T20228] bond_slave_0: entered allmulticast mode [ 503.114503][T20228] bond_slave_1: entered allmulticast mode [ 503.133895][T20228] team0: entered allmulticast mode [ 503.146920][T20228] team_slave_0: entered allmulticast mode [ 503.166453][T20228] team_slave_1: entered allmulticast mode [ 503.186670][T20228] dummy0: entered allmulticast mode [ 503.210033][T20228] nlmon0: entered allmulticast mode [ 503.227608][T20228] caif0: entered allmulticast mode [ 503.233421][T20228] batadv0: entered allmulticast mode [ 503.262467][T20228] vxcan0: entered allmulticast mode [ 503.275132][T20228] vxcan1: entered allmulticast mode [ 503.292629][T20228] veth0: entered allmulticast mode [ 503.303509][T20228] veth1: entered allmulticast mode [ 503.328593][T20228] wg0: entered allmulticast mode [ 503.350763][T20228] wg1: entered allmulticast mode [ 503.370552][T20228] wg2: entered allmulticast mode [ 503.384503][T20228] veth0_to_bridge: entered allmulticast mode [ 503.417824][T20228] veth1_to_bridge: entered allmulticast mode [ 503.439586][T20228] veth0_to_bond: entered allmulticast mode [ 503.474108][T20228] veth1_to_bond: entered allmulticast mode [ 503.503165][T20228] veth0_to_team: entered allmulticast mode [ 503.534161][T20228] veth1_to_team: entered allmulticast mode [ 503.591184][T20228] veth0_to_batadv: entered allmulticast mode [ 503.602702][T20228] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 503.615147][T20228] batadv_slave_0: entered allmulticast mode [ 503.657763][T20228] veth1_to_batadv: entered allmulticast mode [ 503.690463][T20228] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 503.701409][T20228] batadv_slave_1: entered allmulticast mode [ 503.719078][T20228] xfrm0: entered allmulticast mode [ 503.733450][T20228] veth0_to_hsr: entered allmulticast mode [ 503.751246][T20228] hsr_slave_0: entered allmulticast mode [ 503.764992][T20228] veth1_to_hsr: entered allmulticast mode [ 503.778248][T20228] hsr_slave_1: entered allmulticast mode [ 503.795988][T20228] hsr0: entered allmulticast mode [ 503.804879][T20228] veth1_virt_wifi: entered allmulticast mode [ 503.827184][T20228] veth0_virt_wifi: entered allmulticast mode [ 503.848187][T20228] net veth1_virt_wifi virt_wifi0: entered allmulticast mode [ 503.858568][T20228] veth1_vlan: entered allmulticast mode [ 503.869564][T20228] veth0_vlan: entered allmulticast mode [ 503.895101][T20228] vlan0: entered allmulticast mode [ 503.902958][T20228] vlan1: entered allmulticast mode [ 503.917257][T20228] macvlan0: entered allmulticast mode [ 503.935956][T20228] macvlan1: entered allmulticast mode [ 503.949132][T20228] ipvlan0: entered allmulticast mode [ 503.961771][T20228] ipvlan1: entered allmulticast mode [ 503.970168][T20228] veth1_macvtap: entered allmulticast mode [ 503.986671][T20228] veth0_macvtap: entered allmulticast mode [ 503.999548][T20228] macvtap0: entered allmulticast mode [ 504.017144][T20228] macsec0: entered allmulticast mode [ 504.034304][T20228] geneve0: entered allmulticast mode [ 504.049394][T20228] netdevsim netdevsim7 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 504.058678][T20228] netdevsim netdevsim7 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 504.069753][T20228] netdevsim netdevsim7 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 504.079448][T20228] netdevsim netdevsim7 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 504.089203][T20228] geneve1: entered allmulticast mode [ 504.099560][T20228] netdevsim netdevsim7 netdevsim0: entered allmulticast mode [ 504.110931][T20228] netdevsim netdevsim7 netdevsim1: entered allmulticast mode [ 504.123715][T20228] netdevsim netdevsim7 netdevsim2: entered allmulticast mode [ 504.134771][T20228] netdevsim netdevsim7 netdevsim3: entered allmulticast mode [ 504.147545][T20228] mac80211_hwsim hwsim20 wlan0: entered allmulticast mode [ 504.155188][T20228] mac80211_hwsim hwsim23 wlan1: entered allmulticast mode [ 504.942304][T20291] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6348'. [ 505.007114][T20294] loop8: detected capacity change from 0 to 7 [ 505.016686][T20294] Dev loop8: unable to read RDB block 7 [ 505.022313][T20294] loop8: unable to read partition table [ 505.082170][T20294] loop8: partition table beyond EOD, truncated [ 505.089664][T20294] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5) [ 505.146560][T20299] overlayfs: only single ':' or double '::' sequences of unescaped colons in lowerdir mount option allowed. [ 505.495029][T20315] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6357'. [ 506.476610][T20359] netlink: 88 bytes leftover after parsing attributes in process `syz.8.6376'. [ 506.592226][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 506.721133][T20368] mac80211_hwsim hwsim14 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33) [ 507.166140][T20387] kvm: kvm [20386]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010004) = 0x3 [ 507.425714][ T24] usb 7-1: new full-speed USB device number 2 using dummy_hcd [ 507.598452][ T24] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 507.610779][ T24] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 507.623351][ T24] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 507.632843][ T24] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 507.641515][ T24] usb 7-1: Product: syz [ 507.646132][ T24] usb 7-1: Manufacturer: syz [ 507.657376][ T24] usb 7-1: SerialNumber: syz [ 507.884228][ T24] usb 7-1: 0:2 : does not exist [ 507.898257][ T24] usb 7-1: 5:0: failed to get current value for ch 0 (-22) [ 507.942644][ T24] usb 7-1: USB disconnect, device number 2 [ 508.061440][T20417] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6404'. [ 508.332965][T20417] team0 (unregistering): Port device team_slave_0 removed [ 508.366516][T20417] team0 (unregistering): Port device team_slave_1 removed [ 508.430783][T20422] netlink: 'syz.0.6406': attribute type 6 has an invalid length. [ 508.669865][T20438] smc: net device bond0 erased user defined pnetid SYZ0 [ 508.715585][ T10] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 508.910388][ T10] usb 7-1: Using ep0 maxpacket: 32 [ 508.929023][ T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 508.951196][ T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 508.973756][ T10] usb 7-1: New USB device found, idVendor=10c4, idProduct=8acf, bcdDevice= 0.00 [ 508.994827][ T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 509.019119][ T10] usb 7-1: config 0 descriptor?? [ 509.476466][ T10] hid-u2fzero 0003:10C4:8ACF.0040: hidraw0: USB HID v0.00 Device [HID 10c4:8acf] on usb-dummy_hcd.6-1/input0 [ 509.497825][ T10] hid-u2fzero 0003:10C4:8ACF.0040: U2F Zero LED initialised [ 509.505771][ T10] hid-u2fzero 0003:10C4:8ACF.0040: U2F Zero RNG initialised [ 509.682776][ T10] usb 7-1: USB disconnect, device number 3 [ 510.321075][T20499] 8021q: adding VLAN 0 to HW filter on device bond1 [ 510.330527][T20499] bond1: entered allmulticast mode [ 510.336691][T20499] bond0: (slave bond1): Enslaving as an active interface with a down link [ 510.505741][ T24] usb 6-1: new high-speed USB device number 29 using dummy_hcd [ 510.619541][ T10] usb 7-1: new full-speed USB device number 4 using dummy_hcd [ 510.686453][ T24] usb 6-1: config 0 interface 0 altsetting 14 endpoint 0x81 has invalid wMaxPacketSize 0 [ 510.697249][ T24] usb 6-1: config 0 interface 0 has no altsetting 0 [ 510.715400][ T24] usb 6-1: New USB device found, idVendor=09da, idProduct=001a, bcdDevice= 0.00 [ 510.734813][ T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 510.763873][ T24] usb 6-1: config 0 descriptor?? [ 510.810666][ T10] usb 7-1: config 7 has an invalid interface number: 101 but max is 0 [ 510.835565][ T10] usb 7-1: config 7 has no interface number 0 [ 510.848438][T20512] netlink: zone id is out of range [ 510.848877][ T10] usb 7-1: New USB device found, idVendor=0fd9, idProduct=002c, bcdDevice= 6.6b [ 510.882525][ T10] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 510.892037][ T10] usb 7-1: Product: syz [ 510.906056][ T10] usb 7-1: Manufacturer: syz [ 510.910692][ T10] usb 7-1: SerialNumber: syz [ 511.221457][ T24] a4tech 0003:09DA:001A.0041: unbalanced collection at end of report description [ 511.243491][ T24] a4tech 0003:09DA:001A.0041: parse failed [ 511.255444][ T24] a4tech 0003:09DA:001A.0041: probe with driver a4tech failed with error -22 [ 511.291771][T20529] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6454'. [ 511.440941][T19135] usb 6-1: USB disconnect, device number 29 [ 511.709101][ T10] as10x_usb: device has been detected [ 511.723283][ T10] dvbdev: DVB: registering new adapter (Elgato EyeTV DTT Deluxe) [ 511.771112][ T10] usb 7-1: DVB: registering adapter 2 frontend 0 (Elgato EyeTV DTT Deluxe)... [ 512.025949][ T10] as10x_usb: error during firmware upload part1 [ 512.039760][ T10] Registered device Elgato EyeTV DTT Deluxe [ 512.109497][ T24] usb 7-1: USB disconnect, device number 4 [ 512.160251][ T24] Unregistered device Elgato EyeTV DTT Deluxe [ 512.166435][ T24] as10x_usb: device has been disconnected [ 512.379735][T20569] netlink: 12 bytes leftover after parsing attributes in process `syz.5.6473'. [ 512.892134][T20583] netlink: 'syz.0.6479': attribute type 6 has an invalid length. [ 513.057671][T20586] --map-set only usable from mangle table [ 513.415694][T20603] Bluetooth: MGMT ver 1.23 [ 513.463492][T20608] input: syz0 as /devices/virtual/input/input38 [ 514.224916][T20648] netlink: 40 bytes leftover after parsing attributes in process `syz.7.6509'. [ 514.266771][T19135] usb 6-1: new high-speed USB device number 30 using dummy_hcd [ 514.425311][T19135] usb 6-1: Using ep0 maxpacket: 16 [ 514.435211][T19135] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 514.438744][T20662] dummy0: entered promiscuous mode [ 514.448769][T19135] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 514.461736][T20661] dummy0: left promiscuous mode [ 514.482255][T19135] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 514.508605][T19135] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 514.527999][T19135] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 514.558132][T19135] usb 6-1: config 0 descriptor?? [ 514.975066][T19135] microsoft 0003:045E:07DA.0042: unknown main item tag 0x2 [ 514.994725][T19135] microsoft 0003:045E:07DA.0042: unknown main item tag 0x0 [ 515.013177][T19135] microsoft 0003:045E:07DA.0042: unknown main item tag 0x0 [ 515.033490][T19135] microsoft 0003:045E:07DA.0042: unknown main item tag 0x0 [ 515.043634][T19135] microsoft 0003:045E:07DA.0042: unknown main item tag 0x0 [ 515.074612][T19135] microsoft 0003:045E:07DA.0042: unknown main item tag 0x0 [ 515.091631][T19135] microsoft 0003:045E:07DA.0042: unknown main item tag 0x0 [ 515.108338][T19135] microsoft 0003:045E:07DA.0042: unknown main item tag 0x0 [ 515.130621][T19135] microsoft 0003:045E:07DA.0042: unknown main item tag 0x0 [ 515.159031][T19135] input: HID 045e:07da as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:045E:07DA.0042/input/input39 [ 515.188607][T19135] microsoft 0003:045E:07DA.0042: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.5-1/input0 [ 515.213823][T19135] usb 6-1: USB disconnect, device number 30 [ 515.749147][T20719] netlink: 8 bytes leftover after parsing attributes in process `syz.8.6542'. [ 515.839408][T20723] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 516.032647][T20737] vivid-006: disconnect [ 516.133027][T20735] vivid-006: reconnect [ 517.043679][T20777] netlink: 'syz.6.6567': attribute type 10 has an invalid length. [ 517.084962][T20777] 8021q: adding VLAN 0 to HW filter on device team0 [ 517.117028][T20777] bond0: (slave team0): Enslaving as an active interface with an up link [ 517.433041][T20787] loop8: detected capacity change from 0 to 1 [ 517.444789][T20787] Dev loop8: unable to read RDB block 1 [ 517.480590][T20787] loop8: unable to read partition table [ 517.504185][T20787] loop8: partition table beyond EOD, truncated [ 517.528866][T20787] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5) [ 518.578851][T20833] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6592'. [ 520.363047][T20886] overlayfs: missing 'workdir' [ 520.994694][T20912] lo: entered allmulticast mode [ 521.018418][T20912] tunl0: entered allmulticast mode [ 521.038088][T20912] gre0: entered allmulticast mode [ 521.080219][T20912] gretap0: entered allmulticast mode [ 521.129644][T20912] erspan0: entered allmulticast mode [ 521.155016][T20912] ip_vti0: entered allmulticast mode [ 521.182851][T20912] ip6_vti0: entered allmulticast mode [ 521.211958][T20912] sit0: entered allmulticast mode [ 521.232381][T20912] ip6tnl0: entered allmulticast mode [ 521.243591][T20912] ip6gre0: entered allmulticast mode [ 521.288770][T20912] syz_tun: entered allmulticast mode [ 521.326852][T20912] ip6gretap0: entered allmulticast mode [ 521.343362][T20912] bridge0: port 1(bridge_slave_0) entered disabled state [ 521.356718][T20912] bridge0: entered allmulticast mode [ 521.389661][T20912] vcan0: entered allmulticast mode [ 521.409171][T20912] bond0: entered allmulticast mode [ 521.414335][T20912] bond_slave_0: entered allmulticast mode [ 521.435343][T20912] bond_slave_1: entered allmulticast mode [ 521.456318][T20912] dummy0: entered allmulticast mode [ 521.470789][T20912] nlmon0: entered allmulticast mode [ 521.487320][T20912] caif0: entered allmulticast mode [ 521.493124][T20912] batadv0: entered allmulticast mode [ 521.521874][T20912] vxcan0: entered allmulticast mode [ 521.527728][T20924] netlink: 'syz.7.6633': attribute type 10 has an invalid length. [ 521.532584][T20912] vxcan1: entered allmulticast mode [ 521.543592][T20912] veth0: entered allmulticast mode [ 521.553855][T20912] veth1: entered allmulticast mode [ 521.561819][T20924] netlink: 152 bytes leftover after parsing attributes in process `syz.7.6633'. [ 521.579931][T20912] wg0: entered allmulticast mode [ 521.589767][T20912] wg1: entered allmulticast mode [ 521.599305][T20912] wg2: entered allmulticast mode [ 521.613876][T20912] veth0_to_bridge: entered allmulticast mode [ 521.644787][T20912] veth1_to_bridge: entered allmulticast mode [ 521.656900][T20912] veth0_to_bond: entered allmulticast mode [ 521.669295][T20912] veth1_to_bond: entered allmulticast mode [ 521.681712][T20912] veth0_to_team: entered allmulticast mode [ 521.693915][T20912] team_slave_0: entered allmulticast mode [ 521.701101][T20912] veth1_to_team: entered allmulticast mode [ 521.711178][T20912] team_slave_1: entered allmulticast mode [ 521.718793][T20912] veth0_to_batadv: entered allmulticast mode [ 521.729638][T20912] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 521.740342][T20912] batadv_slave_0: entered allmulticast mode [ 521.751489][T20912] veth1_to_batadv: entered allmulticast mode [ 521.760947][T20912] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 521.769517][T20912] batadv_slave_1: entered allmulticast mode [ 521.778890][T20912] xfrm0: entered allmulticast mode [ 521.787332][T20912] veth0_to_hsr: entered allmulticast mode [ 521.798536][T20912] hsr_slave_0: entered allmulticast mode [ 521.807608][T20912] veth1_to_hsr: entered allmulticast mode [ 521.817160][T20912] hsr_slave_1: entered allmulticast mode [ 521.827808][T20912] hsr0: entered allmulticast mode [ 521.836641][T20912] veth1_virt_wifi: entered allmulticast mode [ 521.850321][T20912] veth0_virt_wifi: entered allmulticast mode [ 521.860287][T20912] net veth1_virt_wifi virt_wifi0: entered allmulticast mode [ 521.869729][T20912] veth1_vlan: entered allmulticast mode [ 521.879604][T20912] veth0_vlan: entered allmulticast mode [ 521.896506][T20912] vlan0: entered allmulticast mode [ 521.901874][T20912] vlan1: entered allmulticast mode [ 521.909816][T20912] macvlan0: entered allmulticast mode [ 521.919046][T20912] macvlan1: entered allmulticast mode [ 521.928397][T20912] ipvlan0: entered allmulticast mode [ 521.933864][T20912] ipvlan1: entered allmulticast mode [ 521.940115][T20912] veth1_macvtap: entered allmulticast mode [ 521.946911][ T12] bond0: (slave bond1): link status definitely up [ 521.962442][T20912] veth0_macvtap: entered allmulticast mode [ 521.972757][T20912] macvtap0: entered allmulticast mode [ 521.983111][T20912] macsec0: entered allmulticast mode [ 521.991828][T20912] geneve0: entered allmulticast mode [ 522.001203][T20912] netdevsim netdevsim8 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 522.010389][T20912] netdevsim netdevsim8 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 522.021191][T20912] netdevsim netdevsim8 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 522.031268][T20912] netdevsim netdevsim8 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 522.043578][T20912] geneve1: entered allmulticast mode [ 522.053609][T20912] netdevsim netdevsim8 netdevsim0: entered allmulticast mode [ 522.068517][T20912] netdevsim netdevsim8 netdevsim1: entered allmulticast mode [ 522.084794][T20912] netdevsim netdevsim8 netdevsim2: entered allmulticast mode [ 522.102593][T20912] netdevsim netdevsim8 netdevsim3: entered allmulticast mode [ 522.115011][T20912] mac80211_hwsim hwsim21 wlan0: entered allmulticast mode [ 522.127153][T20912] mac80211_hwsim hwsim24 wlan1: entered allmulticast mode [ 522.135753][T20912] netdevsim netdevsim8 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 522.145079][T20912] netdevsim netdevsim8 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 522.154141][T20912] netdevsim netdevsim8 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 522.163478][T20912] netdevsim netdevsim8 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 522.173254][T20912] vxlan0: entered allmulticast mode [ 523.555488][ T24] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 523.706355][ T24] usb 7-1: Using ep0 maxpacket: 32 [ 523.718722][ T24] usb 7-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 523.743544][ T24] usb 7-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 523.757411][ T24] usb 7-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 523.772496][ T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 523.790639][ T24] hub 7-1:4.0: USB hub found [ 523.840057][T20992] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6664'. [ 523.991725][T20996] kernel read not supported for file /]--.\- (pid: 20996 comm: syz.0.6666) [ 524.000749][ T30] audit: type=1800 audit(1745217995.398:218): pid=20996 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.0.6666" name="]--.\-" dev="mqueue" ino=69801 res=0 errno=0 [ 524.032958][ T24] hub 7-1:4.0: config failed, hub has too many ports! (err -19) [ 524.356321][T19135] usb 7-1: USB disconnect, device number 5 [ 525.920801][T21053] netlink: 36 bytes leftover after parsing attributes in process `syz.5.6691'. [ 525.954622][T21053] vlan0: entered promiscuous mode [ 525.960239][T21055] netlink: 20 bytes leftover after parsing attributes in process `syz.0.6692'. [ 525.965422][T21053] bridge0: entered promiscuous mode [ 527.291840][T21112] netlink: 40 bytes leftover after parsing attributes in process `syz.0.6719'. [ 527.678863][T21131] netlink: 16 bytes leftover after parsing attributes in process `syz.7.6726'. [ 527.714210][T21131] netlink: 16 bytes leftover after parsing attributes in process `syz.7.6726'. [ 527.886464][T21135] syz_tun: entered promiscuous mode [ 527.900046][T21134] syz_tun: left promiscuous mode [ 528.725698][ T30] audit: type=1800 audit(1745218000.118:219): pid=21174 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.0.6745" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 528.945623][T12682] bridge_slave_1: left promiscuous mode [ 528.951573][T12682] bridge0: port 2(bridge_slave_1) entered disabled state [ 529.002289][T12682] bridge_slave_0: left promiscuous mode [ 529.035765][T12682] bridge0: port 1(bridge_slave_0) entered disabled state [ 529.422295][ T5838] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 529.433171][ T5838] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 529.443827][ T5838] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 529.453500][ T5838] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 529.461623][ T5838] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 530.080777][T21221] netlink: 8 bytes leftover after parsing attributes in process `syz.8.6770'. [ 530.089922][T21221] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6770'. [ 530.129968][T12682] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 530.141851][T12682] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 530.157690][T12682] bond0 (unregistering): Released all slaves [ 530.399584][T21229] program syz.0.6772 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 531.155432][T12682] hsr_slave_0: left promiscuous mode [ 531.184492][T12682] hsr_slave_1: left promiscuous mode [ 531.193075][T12682] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 531.220815][T12682] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 531.545822][ T5838] Bluetooth: hci4: command tx timeout [ 532.043618][T21270] loop9: detected capacity change from 0 to 7 [ 532.069340][T21270] Dev loop9: unable to read RDB block 7 [ 532.083638][T21270] loop9: unable to read partition table [ 532.093171][T21270] loop9: partition table beyond EOD, truncated [ 532.114447][T21270] loop_reread_partitions: partition scan of loop9 (被x󟣑 ) failed (rc=-5) [ 532.332172][T12682] team0 (unregistering): Port device team_slave_1 removed [ 532.399469][T12682] team0 (unregistering): Port device team_slave_0 removed [ 532.943276][T21279] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 532.950672][T21279] IPv6: NLM_F_CREATE should be set when creating new route [ 532.958006][T21279] IPv6: NLM_F_CREATE should be set when creating new route [ 532.965300][T21279] IPv6: NLM_F_CREATE should be set when creating new route [ 533.021035][T21197] chnl_net:caif_netlink_parms(): no params data found [ 533.144632][ T30] audit: type=1326 audit(1745218260.521:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21283 comm="syz.8.6798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f966058e169 code=0x7ffc0000 [ 533.211193][ T30] audit: type=1326 audit(1745218260.521:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21283 comm="syz.8.6798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f966058e169 code=0x7ffc0000 [ 533.250939][ T30] audit: type=1326 audit(1745218260.531:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21283 comm="syz.8.6798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=126 compat=0 ip=0x7f966058e169 code=0x7ffc0000 [ 533.288811][ T30] audit: type=1326 audit(1745218260.531:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21283 comm="syz.8.6798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f966058e169 code=0x7ffc0000 [ 533.332900][ T30] audit: type=1326 audit(1745218260.531:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21283 comm="syz.8.6798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f966058e169 code=0x7ffc0000 [ 533.435939][T21197] bridge0: port 1(bridge_slave_0) entered blocking state [ 533.443193][T21197] bridge0: port 1(bridge_slave_0) entered disabled state [ 533.451228][T21197] bridge_slave_0: entered allmulticast mode [ 533.460595][T21197] bridge_slave_0: entered promiscuous mode [ 533.470162][T21197] bridge0: port 2(bridge_slave_1) entered blocking state [ 533.479522][T21197] bridge0: port 2(bridge_slave_1) entered disabled state [ 533.487113][T21197] bridge_slave_1: entered allmulticast mode [ 533.497595][T21197] bridge_slave_1: entered promiscuous mode [ 533.623894][T21197] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 533.626185][ T5838] Bluetooth: hci4: command tx timeout [ 533.690514][T21197] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 533.916938][T21197] team0: Port device team_slave_0 added [ 533.940955][T21197] team0: Port device team_slave_1 added [ 534.077653][T21197] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 534.099326][T21197] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 534.166137][T21197] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 534.203953][T21197] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 534.225303][T21197] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 534.314866][T21197] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 534.519500][T21335] netlink: 8 bytes leftover after parsing attributes in process `syz.8.6818'. [ 534.569682][T21197] hsr_slave_0: entered promiscuous mode [ 534.589727][T21197] hsr_slave_1: entered promiscuous mode [ 535.260844][T21357] netlink: 'syz.0.6828': attribute type 4 has an invalid length. [ 535.705459][ T5838] Bluetooth: hci4: command tx timeout [ 535.769266][T21370] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6834'. [ 536.196149][T21197] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 536.301585][T21197] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 536.332855][T21197] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 536.401174][T21197] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 536.629711][T21197] 8021q: adding VLAN 0 to HW filter on device bond0 [ 536.683258][T21197] 8021q: adding VLAN 0 to HW filter on device team0 [ 536.722968][T12678] bridge0: port 1(bridge_slave_0) entered blocking state [ 536.730227][T12678] bridge0: port 1(bridge_slave_0) entered forwarding state [ 536.779557][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 536.786802][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 536.976516][ T30] audit: type=1326 audit(1745218264.361:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21390 comm="syz.6.6843" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fbcf238e169 code=0x0 [ 537.299546][T21408] netlink: 28 bytes leftover after parsing attributes in process `syz.8.6847'. [ 537.341203][T21197] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 537.585698][ T5893] usb 6-1: new high-speed USB device number 31 using dummy_hcd [ 537.755382][ T5893] usb 6-1: Using ep0 maxpacket: 16 [ 537.762927][ T5893] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 537.763254][T21197] veth0_vlan: entered promiscuous mode [ 537.785185][ T5893] usb 6-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 537.799839][ T5838] Bluetooth: hci4: command tx timeout [ 537.813383][T21197] veth1_vlan: entered promiscuous mode [ 537.857054][T21197] veth0_macvtap: entered promiscuous mode [ 537.862915][ T5893] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 537.869075][T21197] veth1_macvtap: entered promiscuous mode [ 537.891356][T21197] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 537.902243][T21197] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 537.913291][T21197] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 537.914264][ T5893] usb 6-1: config 0 descriptor?? [ 537.924800][T21197] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 537.939936][T21197] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 537.966284][T21197] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 537.988708][T21197] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 538.034475][T21197] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 538.057139][T21197] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 538.075422][T21197] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 538.091776][T21197] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 538.102072][T21197] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 538.120950][T21197] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 538.133091][T21197] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 538.151143][T21197] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 538.163946][T21197] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 538.174624][T21197] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 538.188369][T21197] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 538.396625][ T131] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 538.414171][ T131] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 538.433484][ T5893] mcp2221 0003:04D8:00DD.0043: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.5-1/input0 [ 538.489096][ T131] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 538.532262][ T131] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 538.774468][T21458] A link change request failed with some changes committed already. Interface ip6gretap0 may have been left with an inconsistent configuration, please check. [ 538.796004][ T5884] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 538.827497][ T5884] usb 6-1: USB disconnect, device number 31 [ 539.035790][ T10] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 539.115632][ T5896] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 539.825355][T21505] overlayfs: missing 'lowerdir' [ 540.415609][T21525] netlink: 20 bytes leftover after parsing attributes in process `syz.5.6899'. [ 540.455406][ T5893] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 540.478063][T19135] kernel write not supported for file /input/mouse0 (pid: 19135 comm: kworker/0:2) [ 540.616627][ T5893] usb 7-1: Using ep0 maxpacket: 32 [ 540.650489][ T5893] usb 7-1: New USB device found, idVendor=04f1, idProduct=1001, bcdDevice=19.63 [ 540.665939][ T5893] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 540.687848][ T5893] usb 7-1: Product: syz [ 540.692077][ T5893] usb 7-1: Manufacturer: syz [ 540.707322][ T5893] usb 7-1: SerialNumber: syz [ 540.751064][ T5893] usb 7-1: config 0 descriptor?? [ 540.780085][ T5893] gspca_main: sunplus-2.14.0 probing 04f1:1001 [ 541.060323][T21548] sctp: [Deprecated]: syz.7.6909 (pid 21548) Use of int in max_burst socket option. [ 541.060323][T21548] Use struct sctp_assoc_value instead [ 541.099320][T21550] netlink: 12 bytes leftover after parsing attributes in process `syz.8.6910'. [ 541.146042][ T10] usb 6-1: new full-speed USB device number 32 using dummy_hcd [ 541.307251][ T10] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 541.338123][ T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 541.364514][ T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 541.393335][ T10] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5 [ 541.414456][ T10] usb 6-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 541.423879][ T10] usb 6-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 541.439706][ T10] usb 6-1: Manufacturer: syz [ 541.447676][ T10] usb 6-1: config 0 descriptor?? [ 541.467115][T21556] netlink: 16 bytes leftover after parsing attributes in process `syz.7.6913'. [ 541.596204][ T5893] gspca_sunplus: reg_w_riv err -71 [ 541.601448][ T5893] sunplus 7-1:0.0: probe with driver sunplus failed with error -71 [ 541.616451][ T5893] usb 7-1: USB disconnect, device number 6 [ 541.756120][ T10] rc_core: IR keymap rc-hauppauge not found [ 541.769528][ T10] Registered IR keymap rc-empty [ 541.784145][ T10] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 541.819253][ T10] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 541.856378][ T10] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0 [ 541.885012][ T10] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0/input40 [ 541.911520][ T10] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 541.935905][ T10] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 541.955685][ T10] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 541.979674][ T10] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 542.016267][ T10] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 542.055700][ T10] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 542.096125][ T10] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 542.148617][ T10] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 542.190033][ T10] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 542.216211][ T10] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 542.250980][ T10] mceusb 6-1:0.0: Registered 424242424242 with mce emulator interface version 1 [ 542.290594][ T10] mceusb 6-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 542.318989][ T10] usb 6-1: USB disconnect, device number 32 [ 542.665557][ C1] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 542.807417][T21592] netlink: 4 bytes leftover after parsing attributes in process `syz.6.6928'. [ 543.800319][T21641] bridge_slave_0: left promiscuous mode [ 543.816091][T21641] bridge0: port 1(bridge_slave_0) entered disabled state [ 543.841924][T21641] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 543.968081][T21645] netlink: 'syz.8.6954': attribute type 1 has an invalid length. [ 545.083958][T21685] input: syz0 as /devices/virtual/input/input41 [ 545.729240][T21708] macsec2: entered allmulticast mode [ 545.734589][T21708] veth1_macvtap: entered allmulticast mode [ 545.885888][T21716] syzkaller0: tun_chr_ioctl cmd 1074025681 [ 546.012509][T21724] netlink: 20 bytes leftover after parsing attributes in process `syz.6.6989'. [ 546.346720][ T30] audit: type=1326 audit(1745218273.741:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21739 comm="syz.5.6997" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2a11d8e169 code=0x0 [ 546.384802][T21742] netlink: 16 bytes leftover after parsing attributes in process `syz.7.6998'. [ 546.853510][ T30] audit: type=1326 audit(1745218274.241:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21767 comm="syz.7.7010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f284458e169 code=0x7ffc0000 [ 546.878748][ T30] audit: type=1326 audit(1745218274.271:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21767 comm="syz.7.7010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f284458e169 code=0x7ffc0000 [ 546.902748][ T30] audit: type=1326 audit(1745218274.301:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21767 comm="syz.7.7010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f284458e169 code=0x7ffc0000 [ 546.962957][ T30] audit: type=1326 audit(1745218274.301:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21767 comm="syz.7.7010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f284458e169 code=0x7ffc0000 [ 546.990254][ T30] audit: type=1326 audit(1745218274.301:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21767 comm="syz.7.7010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f284458e169 code=0x7ffc0000 [ 547.019061][ T30] audit: type=1326 audit(1745218274.301:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21767 comm="syz.7.7010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f284458e169 code=0x7ffc0000 [ 547.047821][ T30] audit: type=1326 audit(1745218274.321:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21767 comm="syz.7.7010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f284458e169 code=0x7ffc0000 [ 547.131736][ T30] audit: type=1326 audit(1745218274.321:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21767 comm="syz.7.7010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f2844585127 code=0x7ffc0000 [ 547.169165][ T30] audit: type=1326 audit(1745218274.321:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21767 comm="syz.7.7010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f284452a359 code=0x7ffc0000 [ 547.248678][T21776] tap0: tun_chr_ioctl cmd 35108 [ 547.334163][T21782] overlayfs: workdir and upperdir must be separate subtrees [ 547.500606][T21790] netlink: 632 bytes leftover after parsing attributes in process `syz.8.7020'. [ 547.706677][ T10] usb 6-1: new high-speed USB device number 33 using dummy_hcd [ 547.722828][T21800] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 547.731907][T21800] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 547.740785][T21800] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 547.750147][T21800] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 547.937903][ T10] usb 6-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 547.951470][ T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 547.990957][ T10] usb 6-1: config 0 descriptor?? [ 548.023713][ T10] cp210x 6-1:0.0: cp210x converter detected [ 548.097451][T21814] loop8: detected capacity change from 0 to 1 [ 548.104856][T21814] Dev loop8: unable to read RDB block 1 [ 548.124090][T21814] loop8: unable to read partition table [ 548.134898][T21814] loop8: partition table beyond EOD, truncated [ 548.150595][T21814] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5) [ 548.444186][ T10] cp210x 6-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 548.474819][ T10] usb 6-1: cp210x converter now attached to ttyUSB0 [ 548.531499][T21830] netlink: 8 bytes leftover after parsing attributes in process `syz.7.7036'. [ 548.675895][ T10] usb 6-1: USB disconnect, device number 33 [ 548.696706][ T10] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 548.721916][ T10] cp210x 6-1:0.0: device disconnected [ 549.459532][T21857] netlink: 1068 bytes leftover after parsing attributes in process `syz.8.7048'. [ 550.226323][ T24] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 550.385748][ T24] usb 7-1: Using ep0 maxpacket: 16 [ 550.393211][T21901] netlink: 88 bytes leftover after parsing attributes in process `syz.7.7069'. [ 550.403088][ T24] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 550.414691][ T24] usb 7-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 550.424289][ T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 550.447324][ T24] usb 7-1: config 0 descriptor?? [ 550.550462][T21907] netlink: 8 bytes leftover after parsing attributes in process `syz.7.7071'. [ 550.732246][T21913] netlink: 52 bytes leftover after parsing attributes in process `syz.0.7075'. [ 550.745665][ C1] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 550.874535][ T24] mcp2221 0003:04D8:00DD.0044: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.6-1/input0 [ 551.075747][T19135] usb 6-1: new high-speed USB device number 34 using dummy_hcd [ 551.238186][T19135] usb 6-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 551.258956][T19135] usb 6-1: config 0 interface 0 has no altsetting 0 [ 551.271532][T19135] usb 6-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 551.284120][T19135] usb 6-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 551.305107][T19135] usb 6-1: Product: syz [ 551.312814][T19135] usb 6-1: Manufacturer: syz [ 551.317065][ T47] usb 7-1: USB disconnect, device number 7 [ 551.322916][T19135] usb 6-1: SerialNumber: syz [ 551.335178][T19135] usb 6-1: config 0 descriptor?? [ 551.354212][T19135] usb 6-1: selecting invalid altsetting 0 [ 551.576286][ T24] usb 6-1: USB disconnect, device number 34 [ 551.600434][T21949] netlink: 4 bytes leftover after parsing attributes in process `syz.7.7092'. [ 551.929809][T21964] syz.6.7099: attempt to access beyond end of device [ 551.929809][T21964] nbd6: rw=0, sector=64, nr_sectors = 1 limit=0 [ 551.946464][T21964] syz.6.7099: attempt to access beyond end of device [ 551.946464][T21964] nbd6: rw=0, sector=256, nr_sectors = 1 limit=0 [ 551.960771][T21964] UDF-fs: error (device nbd6): udf_read_tagged: read failed, block=256, location=256 [ 551.990296][T21964] syz.6.7099: attempt to access beyond end of device [ 551.990296][T21964] nbd6: rw=0, sector=512, nr_sectors = 1 limit=0 [ 552.003770][T21964] UDF-fs: error (device nbd6): udf_read_tagged: read failed, block=512, location=512 [ 552.019683][T21964] syz.6.7099: attempt to access beyond end of device [ 552.019683][T21964] nbd6: rw=0, sector=64, nr_sectors = 2 limit=0 [ 552.043528][T21964] syz.6.7099: attempt to access beyond end of device [ 552.043528][T21964] nbd6: rw=0, sector=512, nr_sectors = 2 limit=0 [ 552.057379][T21964] UDF-fs: error (device nbd6): udf_read_tagged: read failed, block=256, location=256 [ 552.086993][T21964] syz.6.7099: attempt to access beyond end of device [ 552.086993][T21964] nbd6: rw=0, sector=1024, nr_sectors = 2 limit=0 [ 552.120811][T21964] UDF-fs: error (device nbd6): udf_read_tagged: read failed, block=512, location=512 [ 552.136474][T21971] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7102'. [ 552.149354][T21971] netlink: 39 bytes leftover after parsing attributes in process `syz.0.7102'. [ 552.159614][T21964] syz.6.7099: attempt to access beyond end of device [ 552.159614][T21964] nbd6: rw=0, sector=64, nr_sectors = 4 limit=0 [ 552.181474][T21964] syz.6.7099: attempt to access beyond end of device [ 552.181474][T21964] nbd6: rw=0, sector=1024, nr_sectors = 4 limit=0 [ 552.182600][T21973] input: syz0 as /devices/virtual/input/input42 [ 552.195130][T21964] UDF-fs: error (device nbd6): udf_read_tagged: read failed, block=256, location=256 [ 552.211161][T21964] syz.6.7099: attempt to access beyond end of device [ 552.211161][T21964] nbd6: rw=0, sector=2048, nr_sectors = 4 limit=0 [ 552.234779][T21964] UDF-fs: error (device nbd6): udf_read_tagged: read failed, block=512, location=512 [ 552.246666][T21964] syz.6.7099: attempt to access beyond end of device [ 552.246666][T21964] nbd6: rw=0, sector=64, nr_sectors = 8 limit=0 [ 552.268276][T21964] UDF-fs: error (device nbd6): udf_read_tagged: read failed, block=256, location=256 [ 552.282998][T21964] UDF-fs: error (device nbd6): udf_read_tagged: read failed, block=512, location=512 [ 552.297013][T21964] UDF-fs: warning (device nbd6): udf_fill_super: No partition found (1) [ 552.338422][T21976] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 552.672422][T21993] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 552.690779][T21991] tipc: Started in network mode [ 552.702009][T21993] iommufd_mock iommufd_mock1: Adding to iommu group 1 [ 552.720797][T21991] tipc: Node identity type_len, cluster identity 4711 [ 552.752492][T21991] tipc: Enabling of bearer rejected, failed to enable media [ 552.805376][T21999] netlink: 'syz.7.7115': attribute type 1 has an invalid length. [ 552.813161][T21999] netlink: 'syz.7.7115': attribute type 3 has an invalid length. [ 552.851990][T21999] netlink: 216 bytes leftover after parsing attributes in process `syz.7.7115'. [ 552.882071][T21999] NCSI netlink: No device for ifindex 813332851 [ 553.562007][T22034] input: syz1 as /devices/virtual/input/input43 [ 553.966881][T22046] program syz.8.7138 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 554.345774][ T5893] usb 6-1: new high-speed USB device number 35 using dummy_hcd [ 554.510363][ T5893] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 554.534790][ T5893] usb 6-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d [ 554.545562][ T5893] usb 6-1: New USB device strings: Mfr=32, Product=0, SerialNumber=9 [ 554.553732][ T5893] usb 6-1: Manufacturer: syz [ 554.563436][T22074] mkiss: ax0: crc mode is auto. [ 554.568631][ T5893] usb 6-1: SerialNumber: syz [ 554.571984][ T5893] usb 6-1: config 0 descriptor?? [ 554.770811][T22085] netlink: 8 bytes leftover after parsing attributes in process `syz.8.7155'. [ 554.808357][ T5893] usb 6-1: USB disconnect, device number 35 [ 555.096573][T22100] block nbd8: shutting down sockets [ 555.218961][ T30] kauditd_printk_skb: 84 callbacks suppressed [ 555.218981][ T30] audit: type=1326 audit(1745218282.611:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22107 comm="syz.7.7166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f284458e169 code=0x7ffc0000 [ 555.251084][ T30] audit: type=1326 audit(1745218282.611:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22107 comm="syz.7.7166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f284458e169 code=0x7ffc0000 [ 555.302016][ T30] audit: type=1326 audit(1745218282.641:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22107 comm="syz.7.7166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f284458e169 code=0x7ffc0000 [ 555.324669][ T30] audit: type=1326 audit(1745218282.641:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22107 comm="syz.7.7166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f284458e169 code=0x7ffc0000 [ 555.364967][ T30] audit: type=1326 audit(1745218282.641:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22107 comm="syz.7.7166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f284458e169 code=0x7ffc0000 [ 555.424626][ T30] audit: type=1326 audit(1745218282.641:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22107 comm="syz.7.7166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f284458e169 code=0x7ffc0000 [ 555.458256][ T30] audit: type=1326 audit(1745218282.671:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22107 comm="syz.7.7166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f284458e169 code=0x7ffc0000 [ 555.480564][ T30] audit: type=1326 audit(1745218282.671:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22107 comm="syz.7.7166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f2844585127 code=0x7ffc0000 [ 555.488122][T22113] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 555.510492][ T30] audit: type=1326 audit(1745218282.671:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22107 comm="syz.7.7166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f284452a359 code=0x7ffc0000 [ 555.549236][ T30] audit: type=1326 audit(1745218282.671:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22107 comm="syz.7.7166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f2844585127 code=0x7ffc0000 [ 555.731559][T22120] vxcan1: entered allmulticast mode [ 555.757305][T22120] vxcan1: left allmulticast mode [ 555.796950][T22123] random: crng reseeded on system resumption [ 556.762208][T22174] netlink: 'syz.0.7196': attribute type 8 has an invalid length. [ 556.794849][T22174] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7196'. [ 556.842782][T22181] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7199'. [ 556.910524][T22181] netlink: 24 bytes leftover after parsing attributes in process `syz.5.7199'. [ 557.760699][T22225] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7221'. [ 559.526037][T22309] netlink: 47 bytes leftover after parsing attributes in process `syz.0.7260'. [ 559.600959][T22313] netlink: 12 bytes leftover after parsing attributes in process `syz.6.7262'. [ 559.948469][T22333] input: syz1 as /devices/virtual/input/input44 [ 560.038446][T22337] bond0: (slave bond_slave_0): Error -28 calling ndo_bpf [ 561.070567][T22374] overlayfs: missing 'workdir' [ 562.334570][T22431] bridge_slave_0: vlans aren't supported yet for dev_uc|mc_add() [ 562.470029][ T47] kernel write not supported for file /input/event2 (pid: 47 comm: kworker/1:1) [ 562.653229][T22449] netlink: 12 bytes leftover after parsing attributes in process `syz.8.7323'. [ 562.981139][ T30] kauditd_printk_skb: 293 callbacks suppressed [ 562.981160][ T30] audit: type=1326 audit(1745218290.371:623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22464 comm="syz.7.7331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f284458e169 code=0x7ffc0000 [ 563.073233][T22469] misc userio: Can't change port type on an already running userio instance [ 563.112233][ T30] audit: type=1326 audit(1745218290.401:624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22464 comm="syz.7.7331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f284458e169 code=0x7ffc0000 [ 563.175971][T22473] netlink: 16 bytes leftover after parsing attributes in process `syz.8.7335'. [ 563.186046][ T30] audit: type=1326 audit(1745218290.401:625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22464 comm="syz.7.7331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=189 compat=0 ip=0x7f284458e169 code=0x7ffc0000 [ 563.272021][ T30] audit: type=1326 audit(1745218290.401:626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22464 comm="syz.7.7331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f284458e169 code=0x7ffc0000 [ 563.361925][ T30] audit: type=1326 audit(1745218290.401:627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22464 comm="syz.7.7331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f284458e169 code=0x7ffc0000 [ 563.455398][ T30] audit: type=1326 audit(1745218290.411:628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22464 comm="syz.7.7331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=191 compat=0 ip=0x7f284458e169 code=0x7ffc0000 [ 563.574475][ T30] audit: type=1326 audit(1745218290.411:629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22464 comm="syz.7.7331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f284458e169 code=0x7ffc0000 [ 563.680745][ T30] audit: type=1326 audit(1745218290.411:630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22464 comm="syz.7.7331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f284458e169 code=0x7ffc0000 [ 563.799058][T22494] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(3) [ 563.805720][T22494] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 563.835740][T22494] vhci_hcd vhci_hcd.0: Device attached [ 563.847786][T22496] vhci_hcd: connection closed [ 563.849435][ T131] vhci_hcd: stop threads [ 563.873471][ T131] vhci_hcd: release socket [ 563.883083][ T131] vhci_hcd: disconnect device [ 564.045872][ T5884] usb 6-1: new high-speed USB device number 36 using dummy_hcd [ 564.206802][ T5884] usb 6-1: Using ep0 maxpacket: 32 [ 564.224722][ T5884] usb 6-1: unable to get BOS descriptor or descriptor too short [ 564.247067][ T5884] usb 6-1: config 127 has an invalid interface number: 25 but max is 0 [ 564.263633][ T5884] usb 6-1: config 127 has no interface number 0 [ 564.277815][ T5884] usb 6-1: config 127 interface 25 has no altsetting 0 [ 564.306966][ T5884] usb 6-1: New USB device found, idVendor=1110, idProduct=9000, bcdDevice=f4.11 [ 564.324684][ T5884] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 564.348861][ T5884] usb 6-1: Product: syz [ 564.361622][ T5884] usb 6-1: Manufacturer: syz [ 564.370943][ T5884] usb 6-1: SerialNumber: syz [ 564.629593][ T5884] usb 6-1: [ueagle-atm] ADSL device founded vid (0X1110) pid (0X9000) Rev (0XF411): ADI930 [ 564.801865][T22536] netlink: 20 bytes leftover after parsing attributes in process `syz.6.7362'. [ 564.953097][T22546] ceph: missing cluster fsid [ 564.959995][T22546] ceph: separator ':' missing in source [ 565.102059][T22556] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7372'. [ 565.111714][T22556] netlink: 'syz.0.7372': attribute type 30 has an invalid length. [ 565.120287][T22556] netlink: 12 bytes leftover after parsing attributes in process `syz.0.7372'. [ 565.217168][T22560] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7374'. [ 565.241887][T22560] netlink: 16 bytes leftover after parsing attributes in process `syz.6.7374'. [ 565.303159][ T5884] ueagle-atm 6-1:127.25: usbatm_usb_probe: bind failed: -19! [ 565.325704][ T5884] usb 6-1: USB disconnect, device number 36 [ 565.478342][T22572] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check. [ 565.485349][ T5884] usb 6-1: new full-speed USB device number 37 using dummy_hcd [ 565.727767][ T5884] usb 6-1: unable to get BOS descriptor or descriptor too short [ 565.737643][ T5884] usb 6-1: unable to read config index 0 descriptor/start: -71 [ 565.754701][ T5884] usb 6-1: can't read configurations, error -71 [ 566.676629][ T30] audit: type=1326 audit(1745218294.071:631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22593 comm="syz.8.7390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f966058e169 code=0x7fc00000 [ 566.746194][ C1] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 566.761179][T22628] netlink: 8 bytes leftover after parsing attributes in process `syz.8.7405'. [ 567.940509][ T12] bond1: left promiscuous mode [ 567.960211][ T12] bridge0: port 3(bond1) entered disabled state [ 568.003344][ T12] bridge_slave_1: left promiscuous mode [ 568.014993][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 568.053249][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 568.279764][T22676] ALSA: mixer_oss: invalid OSS volume '' [ 568.349459][ T5847] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 568.364610][ T5847] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 568.375778][ T5847] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 568.384469][ T5847] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 568.393934][ T5847] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 568.615405][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 568.640769][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 568.659764][ T12] bond0 (unregistering): Released all slaves [ 569.002785][ T12] bond1 (unregistering): Released all slaves [ 569.031103][T22674] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7429'. [ 569.563287][ T12] hsr_slave_0: left promiscuous mode [ 569.662106][ T12] hsr_slave_1: left promiscuous mode [ 569.687781][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 569.704412][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 570.436925][ T5847] Bluetooth: hci0: command tx timeout [ 571.019050][ T5847] Bluetooth: hci2: Unknown advertising packet type: 0x75 [ 571.022353][ T5847] Bluetooth: hci2: adv larger than maximum supported [ 571.031797][ T5847] Bluetooth: hci2: Malformed LE Event: 0x0d [ 571.288447][T22727] sch_fq: defrate 9 ignored. [ 571.484846][T22677] chnl_net:caif_netlink_parms(): no params data found [ 571.802205][T22677] bridge0: port 1(bridge_slave_0) entered blocking state [ 571.824739][T22677] bridge0: port 1(bridge_slave_0) entered disabled state [ 571.832139][T22677] bridge_slave_0: entered allmulticast mode [ 571.840212][T22677] bridge_slave_0: entered promiscuous mode [ 571.888126][T22677] bridge0: port 2(bridge_slave_1) entered blocking state [ 571.907333][T22677] bridge0: port 2(bridge_slave_1) entered disabled state [ 571.914714][T22677] bridge_slave_1: entered allmulticast mode [ 571.940493][T22677] bridge_slave_1: entered promiscuous mode [ 572.218814][T22677] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 572.254146][T22677] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 572.428941][T22677] team0: Port device team_slave_0 added [ 572.469501][T22677] team0: Port device team_slave_1 added [ 572.506666][ T5847] Bluetooth: hci0: command tx timeout [ 572.671380][T22677] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 572.727895][T22677] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 572.790551][T22677] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 572.927004][T22677] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 572.934087][T22677] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 572.977262][T22677] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 573.155511][T22677] hsr_slave_0: entered promiscuous mode [ 573.167486][T22677] hsr_slave_1: entered promiscuous mode [ 573.174129][T22677] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 573.193887][T22677] Cannot create hsr debugfs directory [ 573.612051][T22822] netlink: 428 bytes leftover after parsing attributes in process `syz.7.7493'. [ 573.633242][T22822] netlink: 32 bytes leftover after parsing attributes in process `syz.7.7493'. [ 573.901624][T22832] netlink: 'syz.7.7498': attribute type 11 has an invalid length. [ 573.930222][T22832] netlink: 60 bytes leftover after parsing attributes in process `syz.7.7498'. [ 574.247073][T22677] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 574.260347][T22677] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 574.309945][T22677] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 574.343940][T22677] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 574.587944][ T5847] Bluetooth: hci0: command tx timeout [ 574.600525][T22857] netlink: 12 bytes leftover after parsing attributes in process `syz.7.7508'. [ 574.695792][T22677] 8021q: adding VLAN 0 to HW filter on device bond0 [ 574.771467][T22677] 8021q: adding VLAN 0 to HW filter on device team0 [ 574.809914][T22865] netlink: 8 bytes leftover after parsing attributes in process `syz.7.7512'. [ 574.887592][T12662] bridge0: port 1(bridge_slave_0) entered blocking state [ 574.894757][T12662] bridge0: port 1(bridge_slave_0) entered forwarding state [ 574.953045][T12662] bridge0: port 2(bridge_slave_1) entered blocking state [ 574.960262][T12662] bridge0: port 2(bridge_slave_1) entered forwarding state [ 575.114756][T22877] netlink: 165 bytes leftover after parsing attributes in process `syz.0.7518'. [ 575.542952][T22677] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 576.114027][T22677] veth0_vlan: entered promiscuous mode [ 576.151629][T22677] veth1_vlan: entered promiscuous mode [ 576.252387][T22677] veth0_macvtap: entered promiscuous mode [ 576.270960][T22677] veth1_macvtap: entered promiscuous mode [ 576.320056][T22677] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 576.354231][T22677] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 576.364722][T22677] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 576.375548][T22677] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 576.389859][T22677] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 576.415280][T22677] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 576.425159][T22677] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 576.439272][T22677] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 576.451051][T22677] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 576.479053][T22677] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 576.527606][T22677] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 576.542682][T22677] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 576.556580][T22677] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 576.579611][T22677] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 576.613727][T22677] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 576.633701][T22677] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 576.659007][T22677] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 576.673753][ T5847] Bluetooth: hci0: command tx timeout [ 576.681330][T22677] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 576.703220][T22677] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 576.714559][T22677] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 576.723438][T22677] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 576.733060][T22677] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 576.750600][T22940] tun0: tun_chr_ioctl cmd 1074025678 [ 576.774113][T22940] tun0: group set to 0 [ 576.999273][T22956] netlink: 6 bytes leftover after parsing attributes in process `syz.0.7550'. [ 577.038142][T12662] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 577.064645][T12662] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 577.134755][T12662] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 577.154702][T12662] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 577.734681][T22986] netlink: 20 bytes leftover after parsing attributes in process `syz.5.7563'. [ 578.907061][ T5847] Bluetooth: hci1: command 0x0405 tx timeout [ 578.930871][T23033] sock: sock_set_timeout: `syz.6.7583' (pid 23033) tries to set negative timeout [ 579.200606][T23044] sctp: [Deprecated]: syz.7.7589 (pid 23044) Use of struct sctp_assoc_value in delayed_ack socket option. [ 579.200606][T23044] Use struct sctp_sack_info instead [ 579.678364][T23070] veth1_macvtap: left promiscuous mode [ 580.035927][ T5893] usb 9-1: new high-speed USB device number 3 using dummy_hcd [ 580.197880][ T5893] usb 9-1: Using ep0 maxpacket: 16 [ 580.209549][ T5893] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 77, changing to 10 [ 580.221400][ T5893] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 16384, setting to 1024 [ 580.234797][ T5893] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 580.248417][ T5893] usb 9-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.00 [ 580.257722][ T5893] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 580.270980][ T5893] usb 9-1: config 0 descriptor?? [ 580.283405][ T5893] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/input/input45 [ 580.482289][ T5893] usb 9-1: USB disconnect, device number 3 [ 580.765686][T23108] netlink: 56 bytes leftover after parsing attributes in process `syz.5.7619'. [ 580.785399][T23108] netlink: 576 bytes leftover after parsing attributes in process `syz.5.7619'. [ 582.236323][T23160] vlan2: entered allmulticast mode [ 582.241503][T23160] vlan0: entered allmulticast mode [ 582.282199][T23160] bridge0: entered allmulticast mode [ 582.692605][T23180] openvswitch: netlink: Missing key (keys=40, expected=200000) [ 582.847329][ T30] audit: type=1326 audit(1745218311.248:632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23184 comm="syz.5.7656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a11d8e169 code=0x7ffc0000 [ 582.926958][ T30] audit: type=1326 audit(1745218311.268:633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23184 comm="syz.5.7656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a11d8e169 code=0x7ffc0000 [ 582.989246][T23190] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7657'. [ 583.009932][ T30] audit: type=1326 audit(1745218311.278:634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23184 comm="syz.5.7656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f2a11d8e169 code=0x7ffc0000 [ 583.054206][ T30] audit: type=1326 audit(1745218311.278:635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23184 comm="syz.5.7656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a11d8e169 code=0x7ffc0000 [ 583.152409][ T30] audit: type=1326 audit(1745218311.278:636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23184 comm="syz.5.7656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=216 compat=0 ip=0x7f2a11d8e169 code=0x7ffc0000 [ 583.215400][ T30] audit: type=1326 audit(1745218311.288:637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23184 comm="syz.5.7656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a11d8e169 code=0x7ffc0000 [ 583.294681][ T30] audit: type=1326 audit(1745218311.288:638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23184 comm="syz.5.7656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=216 compat=0 ip=0x7f2a11d8e169 code=0x7ffc0000 [ 583.358901][ T30] audit: type=1326 audit(1745218311.298:639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23184 comm="syz.5.7656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a11d8e169 code=0x7ffc0000 [ 584.815739][T23268] netlink: 'syz.0.7693': attribute type 15 has an invalid length. [ 585.610196][T23299] netlink: 8 bytes leftover after parsing attributes in process `syz.7.7706'. [ 585.737980][ T47] kernel read not supported for file /dsp1 (pid: 47 comm: kworker/1:1) [ 586.313819][T23337] netlink: 'syz.0.7720': attribute type 10 has an invalid length. [ 586.363026][T23337] batman_adv: batadv0: Interface deactivated: dummy0 [ 586.437852][T23337] batman_adv: batadv0: Removing interface: dummy0 [ 586.485538][T23337] dummy0: entered allmulticast mode [ 586.550241][T23344] openvswitch: netlink: IPv4 tunnel dst address is zero [ 586.911331][ T30] audit: type=1326 audit(1745218315.308:640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23357 comm="syz.6.7730" exe="/root/syz-executor" sig=31 arch=c000003e syscall=39 compat=0 ip=0x7fbcf2385127 code=0x0 [ 587.128942][ T47] kernel read not supported for file /dsp (pid: 47 comm: kworker/1:1) [ 587.589293][T23386] bridge0: port 2(bridge_slave_1) entered disabled state [ 587.790636][T23403] netlink: 40 bytes leftover after parsing attributes in process `syz.7.7747'. [ 587.981274][T23410] netlink: 136784 bytes leftover after parsing attributes in process `syz.6.7751'. [ 588.072574][T23410] netlink: zone id is out of range [ 588.095586][T23410] netlink: zone id is out of range [ 588.100770][T23410] netlink: zone id is out of range [ 588.134760][T23410] netlink: zone id is out of range [ 588.163798][T23410] netlink: zone id is out of range [ 588.169326][T23410] netlink: zone id is out of range [ 588.174507][T23410] netlink: zone id is out of range [ 588.179823][T23410] netlink: zone id is out of range [ 588.186740][T23410] netlink: zone id is out of range [ 588.288376][T23420] tun0: tun_chr_ioctl cmd 1074025675 [ 588.305456][T23420] tun0: persist enabled [ 588.835558][ T5884] usb 7-1: new high-speed USB device number 8 using dummy_hcd [ 588.846493][T23449] syzkaller0: tun_chr_ioctl cmd 1074025677 [ 588.852455][T23449] syzkaller0: linktype set to 769 [ 589.014468][ T5884] usb 7-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65 [ 589.044789][ T5884] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 589.053056][ T5884] usb 7-1: Product: syz [ 589.057634][ T5884] usb 7-1: Manufacturer: syz [ 589.062293][ T5884] usb 7-1: SerialNumber: syz [ 589.079395][ T5884] usb 7-1: config 0 descriptor?? [ 589.239560][ T47] usb 6-1: new low-speed USB device number 39 using dummy_hcd [ 589.305013][ T5884] usb 7-1: ignoring: probably an ADSL modem [ 589.407251][ T47] usb 6-1: config 0 interface 0 altsetting 6 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 589.422055][ T47] usb 6-1: config 0 interface 0 altsetting 6 endpoint 0x81 has invalid wMaxPacketSize 0 [ 589.441679][ T47] usb 6-1: config 0 interface 0 has no altsetting 0 [ 589.448824][ T47] usb 6-1: New USB device found, idVendor=04d9, idProduct=a067, bcdDevice= 0.00 [ 589.464126][ T47] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 589.484539][ T47] usb 6-1: config 0 descriptor?? [ 589.711116][ T5884] cxacru 7-1:0.0: usbatm_usb_probe: bind failed: -19! [ 589.904262][ T47] holtek_mouse 0003:04D9:A067.0045: unknown main item tag 0x0 [ 589.915986][ T24] usb 7-1: USB disconnect, device number 8 [ 589.936676][ T47] holtek_mouse 0003:04D9:A067.0045: unknown main item tag 0x0 [ 589.944220][ T47] holtek_mouse 0003:04D9:A067.0045: unknown main item tag 0x7 [ 589.960774][ T47] holtek_mouse 0003:04D9:A067.0045: unknown main item tag 0x0 [ 589.971330][ T47] holtek_mouse 0003:04D9:A067.0045: unknown main item tag 0x0 [ 589.979900][ T47] holtek_mouse 0003:04D9:A067.0045: unknown main item tag 0x0 [ 589.992094][ T47] holtek_mouse 0003:04D9:A067.0045: unknown main item tag 0x0 [ 590.003704][ T47] holtek_mouse 0003:04D9:A067.0045: hidraw0: USB HID v0.00 Device [HID 04d9:a067] on usb-dummy_hcd.5-1/input0 [ 590.107575][ T24] usb 6-1: USB disconnect, device number 39 [ 591.160141][T23529] netlink: 56 bytes leftover after parsing attributes in process `syz.7.7804'. [ 591.331635][ T5884] kernel write not supported for file /sequencer (pid: 5884 comm: kworker/0:4) [ 591.354866][T23536] dummy0: entered promiscuous mode [ 591.379797][T23536] macsec1: entered allmulticast mode [ 591.385146][T23536] dummy0: entered allmulticast mode [ 591.444753][T23536] dummy0: left allmulticast mode [ 591.451960][T23536] dummy0: left promiscuous mode [ 592.945716][ T5893] usb 9-1: new high-speed USB device number 4 using dummy_hcd [ 593.128671][ T5893] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 64, changing to 10 [ 593.146488][ T5893] usb 9-1: New USB device found, idVendor=0c70, idProduct=f011, bcdDevice= 0.00 [ 593.165440][ T5893] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 593.186329][ T5893] usb 9-1: config 0 descriptor?? [ 593.600420][ T5893] hid (null): report_id 3552984689 is invalid [ 593.635972][ T5893] aquacomputer_d5next 0003:0C70:F011.0046: report_id 3552984689 is invalid [ 593.644631][ T5893] aquacomputer_d5next 0003:0C70:F011.0046: item 0 4 1 8 parsing failed [ 593.690783][ T5893] aquacomputer_d5next 0003:0C70:F011.0046: probe with driver aquacomputer_d5next failed with error -22 [ 593.837120][ T5884] usb 9-1: USB disconnect, device number 4 [ 595.231898][ T5893] usb 9-1: new high-speed USB device number 5 using dummy_hcd [ 595.385796][ T5893] usb 9-1: Using ep0 maxpacket: 16 [ 595.397595][ T5893] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 595.413491][ T5893] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 595.439976][ T5893] usb 9-1: New USB device found, idVendor=1b1c, idProduct=1b02, bcdDevice= 0.00 [ 595.466068][ T5893] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 595.489397][ T5893] usb 9-1: config 0 descriptor?? [ 595.883356][T23659] netlink: 12 bytes leftover after parsing attributes in process `syz.5.7865'. [ 595.921059][ T5893] corsair 0003:1B1C:1B02.0047: hidraw0: USB HID v0.00 Device [HID 1b1c:1b02] on usb-dummy_hcd.8-1/input0 [ 596.163063][ T5893] corsair 0003:1B1C:1B02.0047: Failed to get K90 initial state (error -71). [ 596.188930][ T5893] usb 9-1: USB disconnect, device number 5 [ 596.836693][T23688] netlink: 4 bytes leftover after parsing attributes in process `syz.8.7878'. [ 596.862427][T23688] netlink: 4 bytes leftover after parsing attributes in process `syz.8.7878'. [ 598.035763][ T30] audit: type=1326 audit(1745218326.438:641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23723 comm="syz.8.7895" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3c5d38e169 code=0x0 [ 598.105456][ C1] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 599.245471][ T5884] usb 6-1: new high-speed USB device number 40 using dummy_hcd [ 599.409963][ T5884] usb 6-1: Using ep0 maxpacket: 8 [ 599.423138][ T5884] usb 6-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 599.444161][ T5884] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 599.469792][ T5884] usb 6-1: config 0 descriptor?? [ 599.700898][ T5884] asix 6-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random [ 599.746829][T23762] Bluetooth: MGMT ver 1.23 [ 600.314035][ T5884] asix 6-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 600.344486][ T5884] asix 6-1:0.0 (unnamed net_device) (uninitialized): Failed to write GPIO value 0x0080: ffffffb9 [ 600.385562][ T5884] asix 6-1:0.0: probe with driver asix failed with error -71 [ 600.413583][ T5884] usb 6-1: USB disconnect, device number 40 [ 601.017526][T23778] net_ratelimit: 4053 callbacks suppressed [ 601.017549][T23778] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 603.523546][T23841] netem: incorrect gi model size [ 603.576126][T23841] netem: change failed [ 604.009722][T23858] netlink: 'syz.8.7954': attribute type 25 has an invalid length. [ 604.035787][T23858] netlink: 40 bytes leftover after parsing attributes in process `syz.8.7954'. [ 604.609294][ T30] audit: type=1326 audit(1745218333.008:642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23878 comm="syz.5.7962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a11d8e169 code=0x7ffc0000 [ 604.689200][ T30] audit: type=1326 audit(1745218333.008:643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23878 comm="syz.5.7962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a11d8e169 code=0x7ffc0000 [ 604.755962][ T30] audit: type=1326 audit(1745218333.038:644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23878 comm="syz.5.7962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f2a11d8e169 code=0x7ffc0000 [ 604.817187][ T30] audit: type=1326 audit(1745218333.038:645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23878 comm=04 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a11d8e169 code=0x7ffc0000 [ 604.848770][T23885] netlink: 136 bytes leftover after parsing attributes in process `syz.5.7966'. [ 604.905483][ T30] audit: type=1326 audit(1745218333.038:646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23878 comm=04 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a11d8e169 code=0x7ffc0000 [ 604.961049][ T30] audit: type=1326 audit(1745218333.038:647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23878 comm=04 exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2a11d8e169 code=0x7ffc0000 [ 605.013354][ T30] audit: type=1326 audit(1745218333.038:648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23878 comm=04 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a11d8e169 code=0x7ffc0000 [ 605.095363][ T30] audit: type=1326 audit(1745218333.038:649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23878 comm=04 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a11d8e169 code=0x7ffc0000 [ 605.175707][ T30] audit: type=1326 audit(1745218333.038:650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23878 comm=04 exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2a11d8e169 code=0x7ffc0000 [ 605.245360][ T30] audit: type=1326 audit(1745218333.038:651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23878 comm=04 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a11d8e169 code=0x7ffc0000 [ 605.629426][T23910] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7977'. [ 605.978727][T23919] openvswitch: netlink: Message has 744 unknown bytes. [ 606.995856][T23946] vivid-000: disconnect [ 607.006414][T23945] vivid-000: reconnect [ 607.094951][ T5847] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 607.118409][ T5847] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 607.142376][ T5847] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 607.159722][ T5847] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 607.167570][ T5847] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 607.178279][T23951] netlink: 'syz.7.7995': attribute type 1 has an invalid length. [ 607.206025][T23951] nbd: error processing sock list [ 607.217952][T23951] block nbd2: shutting down sockets [ 607.371558][ T36] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 607.631273][ T36] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 607.780911][T23974] futex_wake_op: syz.7.8007 tries to shift op by 32; fix this program [ 607.934216][ T36] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 608.071656][ T36] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 608.606406][ T36] bridge0: port 3(batadv0) entered disabled state [ 608.631830][ T36] bridge_slave_1: left allmulticast mode [ 608.657531][ T36] bridge_slave_1: left promiscuous mode [ 608.671201][ T36] bridge0: port 2(bridge_slave_1) entered disabled state [ 608.739458][ T36] bridge_slave_0: left allmulticast mode [ 608.750140][ T36] bridge_slave_0: left promiscuous mode [ 608.774434][ T36] bridge0: port 1(bridge_slave_0) entered disabled state [ 609.226193][ T5838] Bluetooth: hci3: command tx timeout [ 609.926769][ T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 609.953910][ T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 609.981591][ T36] bond0 (unregistering): (slave team0): Releasing backup interface [ 609.992722][ T36] bond0 (unregistering): Released all slaves [ 610.024262][T23950] chnl_net:caif_netlink_parms(): no params data found [ 610.031340][ T5885] usb 9-1: new high-speed USB device number 6 using dummy_hcd [ 610.195566][ T5885] usb 9-1: Using ep0 maxpacket: 16 [ 610.210802][ T5885] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 8 [ 610.234413][ T5885] usb 9-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00 [ 610.247288][ T5885] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 610.261180][ T5885] usb 9-1: Product: syz [ 610.273970][ T36] tipc: Left network mode [ 610.286008][ T5885] usb 9-1: Manufacturer: syz [ 610.295545][ T5885] usb 9-1: SerialNumber: syz [ 610.307739][ T5885] usb 9-1: config 0 descriptor?? [ 610.329399][ T5885] ftdi_sio 9-1:0.0: FTDI USB Serial Device converter detected [ 610.356564][ T5885] usb 9-1: Detected FT232R [ 610.480365][T23950] bridge0: port 1(bridge_slave_0) entered blocking state [ 610.504491][T23950] bridge0: port 1(bridge_slave_0) entered disabled state [ 610.519723][T23950] bridge_slave_0: entered allmulticast mode [ 610.528479][T23950] bridge_slave_0: entered promiscuous mode [ 610.541237][T23950] bridge0: port 2(bridge_slave_1) entered blocking state [ 610.548679][ T5885] ftdi_sio ttyUSB0: Unable to read latency timer: -32 [ 610.561246][T23950] bridge0: port 2(bridge_slave_1) entered disabled state [ 610.589177][T23950] bridge_slave_1: entered allmulticast mode [ 610.608205][T23950] bridge_slave_1: entered promiscuous mode [ 610.752101][T23950] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 610.776025][T23950] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 610.777244][ T5885] usb 9-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 610.921974][ T36] hsr_slave_0: left promiscuous mode [ 610.933608][ T36] hsr_slave_1: left promiscuous mode [ 610.944587][ T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 610.958922][ T36] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 610.972593][ T5885] usb 9-1: USB disconnect, device number 6 [ 610.984851][ T5885] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 611.005974][ T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 611.013301][ T5885] ftdi_sio 9-1:0.0: device disconnected [ 611.023921][ T36] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 611.092997][T24062] ptrace attach of "./syz-executor exec"[7327] was attempted by ""[24062] [ 611.095887][ T36] veth1_macvtap: left promiscuous mode [ 611.115428][ T36] veth0_macvtap: left promiscuous mode [ 611.125566][ T36] veth1_vlan: left promiscuous mode [ 611.141590][ T36] veth0_vlan: left promiscuous mode [ 611.306217][ T5838] Bluetooth: hci3: command tx timeout [ 612.468842][ T36] team0 (unregistering): Port device team_slave_1 removed [ 612.542220][ T36] team0 (unregistering): Port device team_slave_0 removed [ 613.078094][T23950] team0: Port device team_slave_0 added [ 613.109323][T23950] team0: Port device team_slave_1 added [ 613.207618][T23950] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 613.214703][T23950] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 613.275382][T23950] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 613.298840][T24098] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 613.317018][T23950] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 613.334714][T24098] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 613.341327][T24098] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 613.342485][T23950] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 613.351911][T24098] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 613.392335][ T5838] Bluetooth: hci3: command tx timeout [ 613.406479][T23950] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 613.451730][T24098] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 613.515889][T24098] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 613.530340][T24098] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 613.550455][T24098] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 613.572611][T23950] hsr_slave_0: entered promiscuous mode [ 613.573137][T24098] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 613.588653][T24098] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 613.598073][T23950] hsr_slave_1: entered promiscuous mode [ 613.604678][T24098] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 613.612179][T23950] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 613.620022][T23950] Cannot create hsr debugfs directory [ 613.932768][T24117] can0: slcan on ttyS3. [ 614.029140][T24117] can0 (unregistered): slcan off ttyS3. [ 614.049736][T24117] Falling back ldisc for ttyS3. [ 614.143831][T23950] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 614.169617][T23950] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 614.212525][T23950] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 614.244251][T23950] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 614.464069][T23950] 8021q: adding VLAN 0 to HW filter on device bond0 [ 614.510206][T23950] 8021q: adding VLAN 0 to HW filter on device team0 [ 614.534421][T12666] bridge0: port 1(bridge_slave_0) entered blocking state [ 614.541704][T12666] bridge0: port 1(bridge_slave_0) entered forwarding state [ 614.574853][T12702] bridge0: port 2(bridge_slave_1) entered blocking state [ 614.582090][T12702] bridge0: port 2(bridge_slave_1) entered forwarding state [ 614.933740][T23950] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 615.020817][ T5885] kernel read not supported for file /dsp (pid: 5885 comm: kworker/0:5) [ 615.305355][ T5838] Bluetooth: hci2: command 0x0406 tx timeout [ 615.386126][ T5838] Bluetooth: hci4: command 0x0c1a tx timeout [ 615.392215][ T5838] Bluetooth: hci1: command 0x0405 tx timeout [ 615.483959][T23950] veth0_vlan: entered promiscuous mode [ 615.497420][T23950] veth1_vlan: entered promiscuous mode [ 615.545475][ T5838] Bluetooth: hci0: command 0x0c1a tx timeout [ 615.584310][T23950] veth0_macvtap: entered promiscuous mode [ 615.594680][T23950] veth1_macvtap: entered promiscuous mode [ 615.627705][T23950] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 615.638443][ T5838] Bluetooth: hci3: command 0x0c1a tx timeout [ 615.657356][T23950] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 615.667299][T23950] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 615.678206][T23950] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 615.688966][T23950] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 615.700372][T23950] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 615.710820][T23950] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 615.722171][T23950] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 615.738893][T23950] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 615.751851][T23950] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 615.762780][T23950] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 615.772712][T23950] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 615.783462][T23950] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 615.793720][T23950] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 615.804423][T23950] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 615.814314][T23950] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 615.825701][T23950] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 615.851738][T23950] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 615.899041][T23950] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 615.945456][T23950] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 615.954282][T23950] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 616.005556][T23950] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 616.313274][T12680] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 616.332694][T12680] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 616.406933][T12702] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 616.545285][T12702] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 617.466328][ T5838] Bluetooth: hci4: command 0x0c1a tx timeout [ 617.595712][T24233] kvm: user requested TSC rate below hardware speed [ 617.626097][ T5838] Bluetooth: hci0: command 0x0c1a tx timeout [ 617.662906][T24238] netlink: 28 bytes leftover after parsing attributes in process `syz.8.8120'. [ 617.711203][T24241] o2cb: This node has not been configured. [ 617.717107][ T5838] Bluetooth: hci3: command 0x0c1a tx timeout [ 617.750847][T24241] o2cb: Cluster check failed. Fix errors before retrying. [ 617.783772][T24241] (syz.9.8121,24241,1):user_dlm_register:674 ERROR: status = -22 [ 617.831175][T24241] (syz.9.8121,24241,1):dlmfs_mkdir:438 ERROR: Error -22 could not register domain "file1" [ 618.421617][T24273] Context (ID=0x1) not attached to queue pair (handle=0x2:0x784e) [ 618.717588][T24286] netlink: 36 bytes leftover after parsing attributes in process `syz.8.8142'. [ 618.731161][T24286] netlink: 28 bytes leftover after parsing attributes in process `syz.8.8142'. [ 619.162503][T24307] loop5: detected capacity change from 0 to 63 [ 619.545737][ T5838] Bluetooth: hci4: command 0x0c1a tx timeout [ 619.705614][ T5838] Bluetooth: hci0: command 0x0c1a tx timeout [ 619.723479][T24329] netlink: 8 bytes leftover after parsing attributes in process `syz.9.8162'. [ 619.786036][ T5838] Bluetooth: hci3: command 0x0c1a tx timeout [ 620.144318][ T10] kernel write not supported for file /midi2 (pid: 10 comm: kworker/0:1) [ 620.687121][T24373] netlink: 'syz.0.8181': attribute type 4 has an invalid length. [ 620.694922][T24373] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8181'. [ 620.705352][ T24] usb 6-1: new high-speed USB device number 41 using dummy_hcd [ 620.868483][ T24] usb 6-1: Using ep0 maxpacket: 8 [ 620.877584][T24382] netlink: 8 bytes leftover after parsing attributes in process `syz.9.8187'. [ 620.888677][ T24] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 620.904995][ T24] usb 6-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a [ 620.914680][ T5893] usb 9-1: new low-speed USB device number 7 using dummy_hcd [ 620.923076][ T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 620.935167][ T24] usb 6-1: config 0 descriptor?? [ 620.944741][ T24] gspca_main: vc032x-2.14.0 probing 046d:0892 [ 621.081015][ T5893] usb 9-1: config index 0 descriptor too short (expected 6427, got 27) [ 621.095119][ T5893] usb 9-1: config 0 has an invalid interface number: 21 but max is 0 [ 621.103791][ T5893] usb 9-1: config 0 has no interface number 0 [ 621.115015][ T5893] usb 9-1: config 0 interface 21 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 621.127240][ T5893] usb 9-1: config 0 interface 21 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 621.138675][ T5893] usb 9-1: config 0 interface 21 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 621.156881][ T5893] usb 9-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 621.168529][ T5893] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 621.187549][ T5893] usb 9-1: config 0 descriptor?? [ 621.725042][T24411] netlink: 'syz.0.8200': attribute type 1 has an invalid length. [ 621.735495][T24411] netlink: 'syz.0.8200': attribute type 2 has an invalid length. [ 621.743383][T24411] netlink: 'syz.0.8200': attribute type 1 has an invalid length. [ 621.759629][ T24] gspca_vc032x: reg_w err -71 [ 621.769918][ T24] vc032x 6-1:0.0: probe with driver vc032x failed with error -71 [ 621.801380][ T24] usb 6-1: USB disconnect, device number 41 [ 621.809943][ T5893] input: USB Keyspan Remote 06cd:0202 as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.21/input/input47 [ 621.839184][ T5893] input: failed to attach handler kbd to device input47, error: -5 [ 622.022933][ T5885] usb 9-1: USB disconnect, device number 7 [ 622.240748][T24427] input: syz1 as /devices/virtual/input/input48 [ 622.625502][ T5893] usb 6-1: new high-speed USB device number 42 using dummy_hcd [ 622.790808][ T5893] usb 6-1: Using ep0 maxpacket: 16 [ 622.821632][ T5893] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 622.850198][ T5893] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 622.872061][ T5893] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 622.887697][ T5893] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 622.906106][ T5893] usb 6-1: Product: syz [ 622.937703][ T5893] usb 6-1: Manufacturer: syz [ 622.947908][ T5893] usb 6-1: SerialNumber: syz [ 623.383730][ T5893] usb 6-1: 0:2 : does not exist [ 623.552907][T19135] kernel write not supported for file /699/attr/sockcreate (pid: 19135 comm: kworker/0:2) [ 623.578353][ T5885] usb 9-1: new high-speed USB device number 8 using dummy_hcd [ 623.659089][T24485] can0: slcan on ttyS3. [ 623.715352][T24485] can0 (unregistered): slcan off ttyS3. [ 623.745279][ T5885] usb 9-1: Using ep0 maxpacket: 16 [ 623.764426][ T5885] usb 9-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 623.790077][ T5885] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 623.801104][ T5893] usb 6-1: 5:0: failed to get current value for ch 0 (-22) [ 623.840969][ T5893] usb 6-1: USB disconnect, device number 42 [ 623.879656][ T5885] usb 9-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 623.910162][ T5885] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 623.927011][ T5885] usb 9-1: Product: syz [ 623.939244][ T5885] usb 9-1: Manufacturer: syz [ 623.957998][ T5885] usb 9-1: SerialNumber: syz [ 623.966705][ T5885] usb 9-1: config 0 descriptor?? [ 623.978043][ T5885] em28xx 9-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 624.005852][ T5885] em28xx 9-1:0.0: Audio interface 0 found (Vendor Class) [ 624.643420][ T5885] em28xx 9-1:0.0: chip ID is em28174 [ 624.875095][ T5893] usb 9-1: USB disconnect, device number 8 [ 624.887188][ T5893] em28xx 9-1:0.0: Disconnecting em28xx [ 624.900732][ T5893] em28xx 9-1:0.0: Freeing device [ 625.050084][T24542] blktrace: Concurrent blktraces are not allowed on sg0 [ 625.145438][ T5838] Bluetooth: hci2: command 0x0406 tx timeout [ 625.832906][T24575] QAT: Device 198 not found [ 625.898071][T24578] tun0: tun_chr_ioctl cmd 1074025672 [ 625.922254][T24578] tun0: ignored: set checksum disabled [ 627.034673][ T30] kauditd_printk_skb: 2 callbacks suppressed [ 627.034696][ T30] audit: type=1326 audit(1745218355.428:654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24619 comm="syz.8.8300" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3c5d38e169 code=0x0 [ 660.187120][ C1] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 732.175175][ C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 732.182172][ C1] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P12684/1:b..l P24623/3:b..l [ 732.191976][ C1] rcu: (detected by 1, t=10502 jiffies, g=109601, q=225 ncpus=2) [ 732.199794][ C1] task:syz-executor state:R running task stack:27080 pid:24623 tgid:24623 ppid:5834 task_flags:0x400040 flags:0x00000000 [ 732.214225][ C1] Call Trace: [ 732.217529][ C1] [ 732.220484][ C1] __schedule+0x1b33/0x51f0 [ 732.225067][ C1] ? preempt_schedule_common+0x84/0xd0 [ 732.230558][ C1] ? __pfx___schedule+0x10/0x10 [ 732.235449][ C1] ? page_table_check_set+0x4d2/0x700 [ 732.240844][ C1] ? page_table_check_set+0x164/0x700 [ 732.246250][ C1] ? __pfx___page_table_check_ptes_set+0x10/0x10 [ 732.252608][ C1] ? preempt_schedule+0xe4/0xf0 [ 732.257486][ C1] preempt_schedule_common+0x84/0xd0 [ 732.262804][ C1] preempt_schedule+0xe4/0xf0 [ 732.267509][ C1] ? __pfx_preempt_schedule+0x10/0x10 [ 732.272923][ C1] preempt_schedule_thunk+0x16/0x30 [ 732.278148][ C1] _raw_spin_unlock+0x3e/0x50 [ 732.282854][ C1] filemap_map_pages+0x13d4/0x1900 [ 732.287986][ C1] ? filemap_map_pages+0x230/0x1900 [ 732.293223][ C1] ? __pfx_filemap_map_pages+0x10/0x10 [ 732.298728][ C1] ? __pfx_filemap_map_pages+0x10/0x10 [ 732.304237][ C1] handle_pte_fault+0x3d6d/0x61c0 [ 732.309301][ C1] ? handle_pte_fault+0x2b0a/0x61c0 [ 732.314557][ C1] ? arch_stack_walk+0xff/0x150 [ 732.319438][ C1] ? __pfx_cgroup_rstat_updated+0x10/0x10 [ 732.325192][ C1] ? __pfx_handle_pte_fault+0x10/0x10 [ 732.330602][ C1] ? rcu_is_watching+0x15/0xb0 [ 732.335384][ C1] ? __count_memcg_events+0x1e1/0x3d0 [ 732.340796][ C1] ? count_memcg_event_mm+0x96/0x440 [ 732.346104][ C1] ? count_memcg_event_mm+0x96/0x440 [ 732.351415][ C1] ? count_memcg_event_mm+0x388/0x440 [ 732.356809][ C1] ? count_memcg_event_mm+0x96/0x440 [ 732.362120][ C1] ? __pfx_count_memcg_event_mm+0x10/0x10 [ 732.367871][ C1] ? __lock_acquire+0xad5/0xd80 [ 732.372752][ C1] handle_mm_fault+0x1030/0x1aa0 [ 732.377747][ C1] ? __pfx_handle_mm_fault+0x10/0x10 [ 732.383055][ C1] ? lock_vma_under_rcu+0x1f0/0x9a0 [ 732.388300][ C1] ? exc_page_fault+0x115/0x920 [ 732.393172][ C1] exc_page_fault+0x45b/0x920 [ 732.397878][ C1] asm_exc_page_fault+0x26/0x30 [ 732.402748][ C1] RIP: 0033:0x7f6fcf339777 [ 732.407190][ C1] RSP: 002b:00007fff1458ddf0 EFLAGS: 00010246 [ 732.413278][ C1] RAX: 000000000000004c RBX: 00007fff1458e350 RCX: 00007f6fcf438ba0 [ 732.421269][ C1] RDX: 0000000000000000 RSI: 00007f6fcf4121a6 RDI: 00007fff1458e640 [ 732.429255][ C1] RBP: 0000000000000016 R08: 0000000000000000 R09: 0000000000000000 [ 732.437247][ C1] R10: 00000000ffffffff R11: 0000000000000000 R12: 000000000000006c [ 732.445253][ C1] R13: 00007fff1458e4d0 R14: 0000000000000000 R15: 0000000000000000 [ 732.453260][ C1] [ 732.456314][ C1] task:kworker/u8:29 state:R running task stack:21032 pid:12684 tgid:12684 ppid:2 task_flags:0x4208060 flags:0x00004000 [ 732.469913][ C1] Workqueue: bat_events batadv_nc_worker [ 732.475588][ C1] Call Trace: [ 732.478879][ C1] [ 732.481828][ C1] __schedule+0x1b33/0x51f0 [ 732.486382][ C1] ? preempt_schedule_irq+0xfe/0x1c0 [ 732.491699][ C1] ? __pfx___schedule+0x10/0x10 [ 732.496675][ C1] ? __lock_acquire+0xad5/0xd80 [ 732.501556][ C1] ? do_raw_spin_lock+0x151/0x370 [ 732.506614][ C1] ? preempt_schedule_irq+0xf3/0x1c0 [ 732.511934][ C1] preempt_schedule_irq+0xfe/0x1c0 [ 732.517072][ C1] ? __pfx_preempt_schedule_irq+0x10/0x10 [ 732.522833][ C1] irqentry_exit+0x5e/0x90 [ 732.527263][ C1] asm_sysvec_reschedule_ipi+0x1a/0x20 [ 732.532737][ C1] RIP: 0010:batadv_nc_worker+0xd4/0x610 [ 732.538308][ C1] Code: 89 f7 e8 3f ad 38 f6 4a 8d 2c ed 00 00 00 00 4c 89 f3 49 03 2e e8 4c 41 b7 f5 48 8d 05 00 00 00 00 48 c7 c7 20 df d3 8e 31 f6 <31> d2 b9 02 00 00 00 45 31 c0 45 31 c9 48 89 44 24 10 50 e8 34 ae [ 732.557930][ C1] RSP: 0018:ffffc9000483fab8 EFLAGS: 00000246 [ 732.564015][ C1] RAX: ffffffff8bf1b81b RBX: ffff88802a03a540 RCX: ffff8880316b5a00 [ 732.572006][ C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff8ed3df20 [ 732.579990][ C1] RBP: ffff88807eb31d90 R08: ffffffff8bf1b94e R09: 0000000000000000 [ 732.587977][ C1] R10: 0000000000000000 R11: 0000000000000000 R12: ffff88806dc10d80 [ 732.595963][ C1] R13: 00000000000003b2 R14: ffff88802a03a540 R15: dffffc0000000000 [ 732.603959][ C1] ? batadv_nc_worker+0x1fe/0x610 [ 732.609008][ C1] ? batadv_nc_worker+0xcb/0x610 [ 732.613980][ C1] ? batadv_nc_worker+0xc4/0x610 [ 732.618942][ C1] ? batadv_nc_worker+0xcb/0x610 [ 732.623910][ C1] ? process_scheduled_works+0x9cb/0x18e0 [ 732.629654][ C1] process_scheduled_works+0xac3/0x18e0 [ 732.635263][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 732.641286][ C1] ? assign_work+0x367/0x3d0 [ 732.645907][ C1] worker_thread+0x870/0xd50 [ 732.650537][ C1] ? __kthread_parkme+0x1a8/0x200 [ 732.655597][ C1] ? __pfx_worker_thread+0x10/0x10 [ 732.660737][ C1] kthread+0x7b7/0x940 [ 732.664849][ C1] ? __pfx_worker_thread+0x10/0x10 [ 732.669991][ C1] ? __pfx_kthread+0x10/0x10 [ 732.674598][ C1] ? __pfx_kthread+0x10/0x10 [ 732.679244][ C1] ? __pfx_kthread+0x10/0x10 [ 732.683861][ C1] ? __pfx_kthread+0x10/0x10 [ 732.688466][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 732.693691][ C1] ? lockdep_hardirqs_on+0x9d/0x150 [ 732.698905][ C1] ? __pfx_kthread+0x10/0x10 [ 732.703511][ C1] ret_from_fork+0x4b/0x80 [ 732.707945][ C1] ? __pfx_kthread+0x10/0x10 [ 732.712560][ C1] ret_from_fork_asm+0x1a/0x30 [ 732.717374][ C1] [ 732.720421][ C1] rcu: rcu_preempt kthread timer wakeup didn't happen for 10499 jiffies! g109601 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 [ 732.732843][ C1] rcu: Possible timer handling issue on cpu=0 timer-softirq=51124 [ 732.740742][ C1] rcu: rcu_preempt kthread starved for 10500 jiffies! g109601 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=0 [ 732.752215][ C1] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 732.762197][ C1] rcu: RCU grace-period kthread stack dump: [ 732.768094][ C1] task:rcu_preempt state:I stack:26688 pid:16 tgid:16 ppid:2 task_flags:0x208040 flags:0x00004000 [ 732.780039][ C1] Call Trace: [ 732.783329][ C1] [ 732.786287][ C1] __schedule+0x1b33/0x51f0 [ 732.790830][ C1] ? _raw_spin_unlock_irqrestore+0x90/0x140 [ 732.796759][ C1] ? rcu_is_watching+0x15/0xb0 [ 732.801545][ C1] ? schedule+0x163/0x360 [ 732.805910][ C1] ? __pfx___schedule+0x10/0x10 [ 732.810806][ C1] ? schedule+0x90/0x360 [ 732.815077][ C1] ? schedule+0x90/0x360 [ 732.819347][ C1] schedule+0x163/0x360 [ 732.823537][ C1] schedule_timeout+0x15b/0x2b0 [ 732.828424][ C1] ? __pfx_schedule_timeout+0x10/0x10 [ 732.833824][ C1] ? __pfx_process_timeout+0x10/0x10 [ 732.839142][ C1] ? prepare_to_swait_event+0x1e5/0x340 [ 732.844736][ C1] ? prepare_to_swait_event+0x308/0x340 [ 732.850308][ C1] rcu_gp_fqs_loop+0x2e1/0x1340 [ 732.855195][ C1] ? rcu_gp_init+0x1279/0x1690 [ 732.859991][ C1] ? __pfx_rcu_gp_init+0x10/0x10 [ 732.864950][ C1] ? __pfx_rcu_watching_snap_save+0x10/0x10 [ 732.870868][ C1] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 732.876180][ C1] ? _raw_spin_unlock_irqrestore+0xde/0x140 [ 732.882134][ C1] ? finish_swait+0xdb/0x200 [ 732.886757][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 732.891987][ C1] rcu_gp_kthread+0xa7/0x3b0 [ 732.896638][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 732.901961][ C1] ? __kthread_parkme+0x1a8/0x200 [ 732.907036][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 732.912278][ C1] kthread+0x7b7/0x940 [ 732.916460][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 732.921684][ C1] ? __pfx_kthread+0x10/0x10 [ 732.926295][ C1] ? __pfx_kthread+0x10/0x10 [ 732.930909][ C1] ? __pfx_kthread+0x10/0x10 [ 732.935522][ C1] ? __pfx_kthread+0x10/0x10 [ 732.940194][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 732.945424][ C1] ? lockdep_hardirqs_on+0x9d/0x150 [ 732.950638][ C1] ? __pfx_kthread+0x10/0x10 [ 732.955247][ C1] ret_from_fork+0x4b/0x80 [ 732.959689][ C1] ? __pfx_kthread+0x10/0x10 [ 732.964332][ C1] ret_from_fork_asm+0x1a/0x30 [ 732.969141][ C1] [ 732.972177][ C1] rcu: Stack dump where RCU GP kthread last ran: [ 732.978523][ C1] Sending NMI from CPU 1 to CPUs 0: [ 732.983750][ C0] NMI backtrace for cpu 0 [ 732.983768][ C0] CPU: 0 UID: 0 PID: 24605 Comm: syz.7.8293 Not tainted 6.15.0-rc3-syzkaller-00001-g9d7a0577c9db #0 PREEMPT(full) [ 732.983797][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 732.983812][ C0] RIP: 0010:advance_sched+0x5ad/0xca0 [ 732.983837][ C0] Code: 4d 39 e6 75 25 e8 83 bf a4 f7 48 bb ff ff ff ff ff ff ff 7f 49 bc 00 00 00 00 00 fc ff df 4c 8b 74 24 28 48 8b 6c 24 40 eb 49 5e bf a4 f7 49 bc 00 00 00 00 00 fc ff df 48 8b 44 24 48 42 80 [ 732.983852][ C0] RSP: 0018:ffffc90000007c70 EFLAGS: 00000087 [ 732.983867][ C0] RAX: 0000000000010000 RBX: ffff88805b12dd30 RCX: ffff88807c231e00 [ 732.983879][ C0] RDX: ffff88807c231e00 RSI: 0000000004000000 RDI: 0000000000000000 [ 732.983890][ C0] RBP: 1ffff1100b625e80 R08: ffffffff8a1dfcd3 R09: fffff52000000f7c [ 732.983902][ C0] R10: dffffc0000000000 R11: fffff52000000f7c R12: 0000000004000000 [ 732.983914][ C0] R13: ffff88805b12f400 R14: 0000000000000000 R15: 0000000000000000 [ 732.983925][ C0] FS: 00007f284548b6c0(0000) GS:ffff888124fcf000(0000) knlGS:0000000000000000 [ 732.983939][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 732.983950][ C0] CR2: 000055556984c808 CR3: 000000004a5f8000 CR4: 00000000003526f0 [ 732.983964][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 732.983974][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 732.983983][ C0] Call Trace: [ 732.983991][ C0] [ 732.984009][ C0] ? __pfx_advance_sched+0x10/0x10 [ 732.984040][ C0] __hrtimer_run_queues+0x5a6/0xd40 [ 732.984075][ C0] ? ktime_get_update_offsets_now+0x2d/0x3b0 [ 732.984120][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 732.984152][ C0] ? sched_clock_cpu+0x77/0x4d0 [ 732.984186][ C0] ? read_tsc+0x9/0x20 [ 732.984214][ C0] ? ktime_get_update_offsets_now+0x38e/0x3b0 [ 732.984249][ C0] hrtimer_interrupt+0x403/0xa40 [ 732.984289][ C0] __sysvec_apic_timer_interrupt+0x110/0x420 [ 732.984311][ C0] sysvec_apic_timer_interrupt+0xa1/0xc0 [ 732.984337][ C0] [ 732.984342][ C0] [ 732.984348][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 732.984366][ C0] RIP: 0010:_raw_spin_unlock_irq+0x29/0x50 [ 732.984391][ C0] Code: 90 f3 0f 1e fa 53 48 89 fb 48 83 c7 18 48 8b 74 24 08 e8 aa 05 74 f5 48 89 df e8 e2 ae 74 f5 e8 0d 3c a0 f5 fb bf 01 00 00 00 12 90 65 f5 65 8b 05 3b 9e 3a 07 85 c0 74 06 5b c3 cc cc cc cc [ 732.984404][ C0] RSP: 0018:ffffc90002e57c70 EFLAGS: 00000286 [ 732.984418][ C0] RAX: 77a458894e4bf400 RBX: ffff8880267d0940 RCX: ffffffff81caacec [ 732.984430][ C0] RDX: 0000000000000000 RSI: ffffffff8e635648 RDI: 0000000000000001 [ 732.984441][ C0] RBP: ffffc90002e57db0 R08: ffffffff905ebb77 R09: 1ffffffff20bd76e [ 732.984454][ C0] R10: dffffc0000000000 R11: fffffbfff20bd76f R12: 0000000000000021 [ 732.984465][ C0] R13: 1ffff11004cfa1bb R14: ffff8880267d0dd8 R15: ffff8880267d0940 [ 732.984483][ C0] ? trace_irq_enable+0x2c/0x120 [ 732.984512][ C0] get_signal+0x14d2/0x1730 [ 732.984544][ C0] ? __pfx_get_signal+0x10/0x10 [ 732.984572][ C0] arch_do_signal_or_restart+0x98/0x810 [ 732.984599][ C0] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 732.984631][ C0] ? syscall_exit_to_user_mode+0xa3/0x340 [ 732.984649][ C0] syscall_exit_to_user_mode+0xce/0x340 [ 732.984668][ C0] do_syscall_64+0x100/0x210 [ 732.984685][ C0] ? clear_bhb_loop+0x45/0xa0 [ 732.984703][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 732.984719][ C0] RIP: 0033:0x7f284458e167 [ 732.984734][ C0] Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 [ 732.984748][ C0] RSP: 002b:00007f284548b0e8 EFLAGS: 00000246 [ 732.984760][ C0] RAX: 00000000000000ca RBX: 00007f28447b5fa8 RCX: 00007f284458e169 [ 732.984772][ C0] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f28447b5fa8 [ 732.984782][ C0] RBP: 00007f28447b5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 732.984791][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f28447b5fac [ 732.984802][ C0] R13: 0000000000000000 R14: 00007ffc490fe5d0 R15: 00007ffc490fe6b8 [ 732.984822][ C0]