last executing test programs: 1m29.388400192s ago: executing program 2 (id=1476): socket$nl_route(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xdef0, 0x8000000000000000}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000480)={0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x1, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/partitions\x00', 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) r4 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0) sendfile(r4, r3, &(0x7f0000002080)=0x64, 0x23b) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000400)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) 1m27.500180523s ago: executing program 2 (id=1482): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = socket$inet6(0xa, 0x3, 0x8000000003c) connect$inet6(r4, &(0x7f0000000140)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c) r5 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488) sendmsg(r4, &(0x7f00000000c0)={0x0, 0x21, &(0x7f0000000100)=[{&(0x7f0000000000)=',', 0xff80}], 0x1, 0x0, 0x0, 0x2c}, 0x0) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r7, &(0x7f0000000200), 0x48400) r8 = socket$alg(0x26, 0x5, 0x0) bind$alg(r8, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'crc32\x00'}, 0x58) writev(r6, &(0x7f0000000140)=[{&(0x7f0000000500)="3ba84c5ad4d125977dc916a8a75a7c916d17e6e2cc6e6d74e5338de4e08a93910fe4f72b7638bfb9b7b82808975e39a546a01965d40976899076e48be911da5acaf0073fbbfd46bd", 0x48}], 0x1) accept4(r8, 0x0, 0x0, 0x0) 1m26.216008251s ago: executing program 2 (id=1484): socket$pppoe(0x18, 0x1, 0x0) socket$inet6(0xa, 0x2, 0x0) openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x88, 0x59, 0xf1, 0x10, 0x582, 0xe6, 0x4e06, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xff, 0xe2, 0xb2}}]}}]}}, 0x0) socket$packet(0x11, 0x2, 0x300) socket$alg(0x26, 0x5, 0x0) socket$netlink(0x10, 0x3, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) socket$nl_audit(0x10, 0x3, 0x9) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x2f, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="4000000010003b15000000000000000000004888", @ANYRES32=0x0, @ANYBLOB="d530d995212cf95a2000128008000100687372001400028008000200", @ANYRES32=r2, @ANYBLOB="08000100", @ANYRES64=r1], 0x40}}, 0x0) 1m22.614597873s ago: executing program 2 (id=1492): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSSOFTCAR(r3, 0x5453, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000002180)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000af00000095000000000000005715408489824b5660882e54eaa3b8291e5d34a71754f98d360fc95f5fae48b003353b37940cc0bb645955f6122d6c8e846c551c15aa65e90a42d1ee225cc4b3e851204601921b83070840d4ce538b296a5883f64caa408f1e3f7e6650edc63cd735a01a202b031b2bdbc87e6181df789e22d1f0"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) process_vm_readv(0x0, &(0x7f0000008400)=[{0x0}, {&(0x7f0000000340)=""/157, 0x9d}], 0x2, 0x0, 0x0, 0x0) r4 = socket$alg(0x26, 0x5, 0x0) bind$alg(r4, &(0x7f00000000c0)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58) r5 = accept4(r4, 0x0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000200)="ad00"/16, 0x10) sendmsg$ETHTOOL_MSG_TSINFO_GET(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0}, 0x1, 0x0, 0x0, 0x40000c0}, 0x40000) sendmmsg$unix(r5, &(0x7f0000003dc0)=[{{&(0x7f0000000000)=@file={0x0, './file0\x00'}, 0x6e, 0x0}}, {{&(0x7f0000000280)=@file={0x0, './file0\x00'}, 0x6e, 0x0}}], 0x299, 0x0) 1m21.073559357s ago: executing program 2 (id=1496): r0 = io_uring_setup(0x2869, &(0x7f0000000040)={0x0, 0x99ba, 0x800, 0x3, 0xdfffffff}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000040)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, 0x0, 0x0) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) io_uring_register$IORING_REGISTER_FILES2(r0, 0xd, &(0x7f0000000600)={0x0, 0x1, 0x0, &(0x7f0000000540), 0x0}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x0) socket$phonet_pipe(0x23, 0x5, 0x2) r4 = socket(0x1d, 0x2, 0x6) bind$can_j1939(r4, &(0x7f0000000080)={0x1d, 0x0, 0x2}, 0x18) syz_genetlink_get_family_id$devlink(&(0x7f00000002c0), r4) close_range(r0, 0xffffffffffffffff, 0x0) 1m18.820730812s ago: executing program 2 (id=1499): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) mq_notify(0xffffffffffffffff, 0x0) r2 = add_key$user(0x0, 0x0, &(0x7f00000000c0), 0x0, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000280)={r2, r2, r2}, 0x0, 0x0, 0x0) openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0) syz_io_uring_setup(0x10f, 0x0, &(0x7f0000000300), 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000040)='attr\x00') fchdir(r3) r4 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents(r4, &(0x7f00000001c0)=""/137, 0xa4) getdents(r4, &(0x7f0000001fc0)=""/184, 0xb8) 1m3.622661172s ago: executing program 32 (id=1499): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) mq_notify(0xffffffffffffffff, 0x0) r2 = add_key$user(0x0, 0x0, &(0x7f00000000c0), 0x0, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000280)={r2, r2, r2}, 0x0, 0x0, 0x0) openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0) syz_io_uring_setup(0x10f, 0x0, &(0x7f0000000300), 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000040)='attr\x00') fchdir(r3) r4 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents(r4, &(0x7f00000001c0)=""/137, 0xa4) getdents(r4, &(0x7f0000001fc0)=""/184, 0xb8) 11.397144898s ago: executing program 1 (id=1663): migrate_pages(0x0, 0x81, &(0x7f0000000100)=0x1000000, 0x0) 10.060231687s ago: executing program 1 (id=1665): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x8) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f00000025c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r3 = syz_open_procfs(0x0, &(0x7f0000000000)='net/snmp\x00') read(r3, &(0x7f0000001a00)=""/177, 0xb1) 9.776856599s ago: executing program 4 (id=1668): mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mount(0x0, &(0x7f0000000280)='./file1\x00', &(0x7f00000001c0)='mqueue\x00', 0x0, 0x0) chdir(&(0x7f0000000080)='./file1\x00') fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0) 9.480301605s ago: executing program 4 (id=1671): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x6, 0x10001, 0xd, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000340)={r3, &(0x7f0000000080), &(0x7f0000000380)=""/173}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) r4 = openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000140), 0x2, 0x0) mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000740)='syz1\x00', 0x1ff) sendfile(r4, r4, 0x0, 0x9) 9.444711164s ago: executing program 3 (id=1673): open(0x0, 0x80ff, 0x88) r0 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) fcntl$setlease(r0, 0x400, 0x1) fcntl$setlease(r0, 0x400, 0x0) 9.252441718s ago: executing program 0 (id=1675): unshare(0x20000400) landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(0xffffffffffffffff, 0xf4240, 0x0, 0x0) 9.042892437s ago: executing program 3 (id=1676): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x14, 0x2, 0x6, 0x401}, 0x14}, 0x1, 0x3000000}, 0x0) 9.042614738s ago: executing program 0 (id=1677): mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mkdir(&(0x7f0000000200)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) chdir(&(0x7f00000003c0)='./bus\x00') creat(&(0x7f0000000000)='./file0\x00', 0x0) setxattr$security_ima(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), &(0x7f0000000180)=@ng={0x4, 0x2}, 0x2, 0x1) open$dir(&(0x7f0000001640)='./file0\x00', 0x817, 0x0) 9.00046504s ago: executing program 1 (id=1678): mount$fuse(0x0, 0x0, 0x0, 0x18024, 0x0) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) readv(r0, &(0x7f0000000300)=[{&(0x7f0000000080)=""/107, 0x6b}], 0x1) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_NEW_INTERFACE(r2, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'wpan4\x00'}) 8.203847799s ago: executing program 4 (id=1679): r0 = socket$rds(0x15, 0x5, 0x0) bind$rds(r0, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10) mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001d40)={0x0}, 0x18) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/asound/timers\x00', 0x0, 0x0) syz_open_dev$usbfs(&(0x7f0000000080), 0x76, 0x101701) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000000)=0xe) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a41, 0x0) ioctl$EVIOCGPROP(r3, 0x40047438, &(0x7f0000000180)=""/246) ioctl$PPPIOCSMRRU(r3, 0x4020744f, 0x0) 8.033614469s ago: executing program 0 (id=1680): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) r1 = syz_io_uring_setup(0x24fc, &(0x7f0000000400)={0x0, 0x0, 0x10100}, &(0x7f00000003c0)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000180)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r0, 0x0, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0, 0x40012000}) io_uring_enter(r1, 0x1066, 0x0, 0x0, 0x0, 0x0) 8.032679261s ago: executing program 3 (id=1681): socket$key(0xf, 0x3, 0x2) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000), 0x102, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(0xffffffffffffffff, 0x7, 0x0, 0x0, 0x0) preadv(r3, &(0x7f0000000400)=[{&(0x7f00000005c0)=""/234, 0xea}], 0x1, 0x0, 0x0) 7.322403549s ago: executing program 1 (id=1682): madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) socket$inet_sctp(0x2, 0x1, 0x84) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000ec0), 0xffffffffffffffff) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000300), r0) sendmsg$TIPC_CMD_SET_LINK_PRI(r0, &(0x7f0000000400)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)={0x68, r1, 0x0, 0x70bd28, 0x25dfdbfe, {{}, {}, {0x4c, 0x18, {0x9, @link='broadcast-link\x00'}}}, [""]}, 0x68}, 0x1, 0x0, 0x0, 0x4048c10}, 0x40c0) prlimit64(0x0, 0x3, 0x0, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_clone(0x4010e000, 0x0, 0x0, 0x0, 0x0, 0x0) r5 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r5, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r5, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1}) ioctl$DRM_IOCTL_MODE_GET_LEASE(r5, 0xc01064c8, &(0x7f00000001c0)={0x42, 0x0, &(0x7f0000000180)}) r6 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r6, 0xc04064a0, 0x0) ioctl$DRM_IOCTL_MODE_ATOMIC(r5, 0xc03864bc, 0x0) 7.218283029s ago: executing program 5 (id=1683): iopl(0x3) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r1}, 0x10) r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8) close(r3) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r0}, 0x18) bpf$BPF_LINK_UPDATE(0x1d, 0x0, 0x0) 7.217422038s ago: executing program 0 (id=1684): socket$inet6_tcp(0xa, 0x1, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[], 0x50) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x9, 0x0, 0x7ffc0002}]}) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02030609100000000000004c9e000000020013000200000000000000ff0800ed05000600200000000a0006000000000026b900000000000000001ffeff0001000003f1dc7f7c6e7c0200010000000000004000020000000005000500000000000a"], 0x80}}, 0x0) sendmmsg(r5, &(0x7f0000000180), 0x400008a, 0x0) syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000008a306cd0c000000000001090224000100000000090400000103000000092100000001220b0009058103"], 0x0) 6.508383368s ago: executing program 5 (id=1685): r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000048c0)='/sys/kernel/address_bits', 0x0, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x32b}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @gtp={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GTP_FD0={0x8, 0x1, @udp=r2}, @IFLA_GTP_FD1={0x8, 0x2, @udp6=r0}]}}}]}, 0x40}}, 0x0) 6.35733674s ago: executing program 4 (id=1686): open(&(0x7f00000001c0)='./file0\x00', 0x80ff, 0x88) r0 = open(0x0, 0x0, 0x0) fcntl$setlease(r0, 0x400, 0x1) fcntl$setlease(r0, 0x400, 0x0) 6.081915819s ago: executing program 5 (id=1687): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x12, &(0x7f0000000080)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd, @generic={0x66}, @initr0={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, @exit, @printk={@x={0x18, 0x0}, {0x3, 0x0, 0x6}, {}, {}, {}, {0x5, 0x0, 0xb, 0x2}}]}, &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 5.123675669s ago: executing program 5 (id=1688): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x8) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f00000025c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r3 = syz_open_procfs(0x0, &(0x7f0000000000)='net/snmp\x00') read(r3, &(0x7f0000001a00)=""/177, 0xb1) 5.099783558s ago: executing program 4 (id=1689): ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x33, 0x4, 0x0, 0x0, 0xcc, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x0, [0x401, 0x5, 0x0, 0x5, 0x4]}, @timestamp_prespec={0x44, 0x44, 0xc0, 0x3, 0x0, [{@private=0xa010100}, {@multicast1}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x32}, 0x659}, {@broadcast}, {@empty}, {@multicast1}, {@private=0xa010100}]}, @timestamp_prespec={0x44, 0x34, 0x0, 0x3, 0x8, [{@dev}, {@remote}, {@multicast2}, {@private=0xa010101}, {@rand_addr=0x64010101}, {@broadcast, 0x52ae}]}, @noop, @noop, @noop, @lsrr={0x83, 0xf, 0xdc, [@private=0xa010102, @rand_addr=0x64010102, @multicast1]}, @rr={0x7, 0x13, 0x0, [@dev, @remote, @private, @remote]}]}}}}}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b) r3 = dup(r1) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000}) ioctl$KVM_NMI(r4, 0xae9a) ioctl$KVM_RUN(r4, 0xae80, 0x0) r5 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x8, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000c50018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70200000a000000b703000000000000850000002a000000bf090000000000004d090100000000009500000000000000bf91000000000000b7020000000000008500000000000000b70000000000080095"], &(0x7f0000000200)='syzkaller\x00', 0x9, 0x100b, &(0x7f0000001e40)=""/4107, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) 4.274517974s ago: executing program 5 (id=1690): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_dev$ttys(0xc, 0x2, 0x1) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r4, &(0x7f0000000080), &(0x7f0000001540)=""/155}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xe, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="250a00000000000061117c0000000000180000000000000000000000000000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) 3.976379424s ago: executing program 0 (id=1691): mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mkdir(&(0x7f0000000200)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) chdir(&(0x7f00000003c0)='./bus\x00') creat(&(0x7f0000000000)='./file0\x00', 0x0) setxattr$security_ima(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), &(0x7f0000000180)=@ng={0x4, 0x2}, 0x2, 0x1) open$dir(&(0x7f0000001640)='./file0\x00', 0x817, 0x0) 3.928375675s ago: executing program 3 (id=1692): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() keyctl$join(0x1, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) add_key$user(0x0, 0x0, 0x0, 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x601c2, 0x0) ftruncate(r3, 0x8800000) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) fchown(0xffffffffffffffff, 0x0, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb), 0x0) recvmmsg(r5, &(0x7f00000034c0)=[{{0x0, 0x0, &(0x7f0000001e40)=[{&(0x7f0000000b80)=""/4096, 0x1000}, {0x0}], 0x2}}], 0x1, 0x700, 0x0) sendfile(r4, r3, 0x0, 0x100000000) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0) timer_create(0x0, &(0x7f0000000180)={0x0, 0x13, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000240)=0x0) timer_settime(r6, 0x0, &(0x7f0000000340)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) 2.269125795s ago: executing program 3 (id=1693): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, &(0x7f00000000c0)='asymmetric\x00', &(0x7f00000001c0)=@chain) r4 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)={0x2, 0xe, 0x0, 0x9, 0x10, 0x0, 0x0, 0x0, [@sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x4, @initdev={0xac, 0x1e, 0x0, 0x0}}}, @sadb_address={0x3, 0x6}, @sadb_x_policy={0x8, 0x12, 0x0, 0x2, 0x0, 0x0, 0x0, {0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @in6=@mcast2, @in=@rand_addr=0x64010102}}]}, 0x80}}, 0x0) 2.220146807s ago: executing program 4 (id=1694): r0 = socket$nl_rdma(0x10, 0x3, 0x14) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1) r1 = syz_open_dev$MSR(0x0, 0x0, 0x0) read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8) ioctl$DRM_IOCTL_MODE_GETCRTC(0xffffffffffffffff, 0xc06864a1, &(0x7f00000000c0)={0x0, 0xfffffffffffffee3}) r2 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r2, 0x7a7, &(0x7f0000000080)=0xb0000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r2, 0x7a0, &(0x7f0000000000)={@my=0x0}) ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r2, 0x7a5, &(0x7f00000000c0)={{@my=0x0}, 0x1}) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x38, 0x1403, 0x1, 0x70bd2a, 0x25dfdbfe, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'bond0\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x20000000) r3 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_PORT_GET(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB="200000000414010026bd7000ffdbdf250800010000000000080003"], 0x20}, 0x1, 0x0, 0x0, 0x20048001}, 0x20000000) 1.852332829s ago: executing program 1 (id=1695): socket$key(0xf, 0x3, 0x2) syz_emit_ethernet(0x1e, &(0x7f0000000000)={@local, @broadcast, @void, {@can={0xc, {{0x1, 0x0, 0x1, 0x1}, 0x4, 0x1, 0x0, 0x0, "f7b56c830c28a8cf"}}}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0) syz_genetlink_get_family_id$nfc(0x0, 0xffffffffffffffff) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) socket$nl_generic(0x11, 0x3, 0x10) r3 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) r4 = fcntl$dupfd(r3, 0x0, r3) write$sndseq(r4, &(0x7f0000000200)=[{0x0, 0x0, 0x0, 0x0, @tick=0x2f, {}, {}, @raw32}, {0x0, 0x2, 0x0, 0x0, @time, {}, {}, @ext={0x0, 0x0}}], 0x38) pipe2$9p(&(0x7f0000000180), 0x4880) 990.645723ms ago: executing program 5 (id=1696): r0 = epoll_create1(0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)) epoll_pwait(r0, &(0x7f0000000080)=[{}], 0x1, 0xffff, 0x0, 0x0) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000040)) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000280)={0x60000004}) 775.461399ms ago: executing program 0 (id=1697): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mkdir(0x0, 0x0) umount2(&(0x7f00000001c0)='./file0\x00', 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0) ioctl$VIDIOC_S_FMT(r5, 0xc0d05605, &(0x7f0000000180)={0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfeedcafe, 0x3, 0x0, 0x2}}) r6 = socket(0x10, 0x3, 0x0) openat$dsp(0xffffff9c, &(0x7f0000000080), 0x0, 0x0) setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, 0x0, 0x0) write(r6, &(0x7f0000000000)="240000001a005f0414f9f407000901000aff8000034000030000000008001d0001000000", 0x24) 731.019993ms ago: executing program 3 (id=1698): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00'}, 0x10) r0 = socket$nl_audit(0x10, 0x3, 0x9) sendmsg$AUDIT_SET_FEATURE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x20, 0x3fa, 0x8, 0x70bd27, 0x25dfdbfc, {0x1, 0x0, 0x0, 0x1}}, 0x20}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000880) 0s ago: executing program 1 (id=1699): open(&(0x7f00000001c0)='./file0\x00', 0x80ff, 0x88) r0 = open(0x0, 0x0, 0x0) fcntl$setlease(r0, 0x400, 0x1) fcntl$setlease(r0, 0x400, 0x0) kernel console output (not intermixed with test programs): Z tick-stop error: local softirq work is pending, handler #41!!! [ 103.165538][ T5882] usb 5-1: USB disconnect, device number 2 [ 103.758976][ T6100] sctp: [Deprecated]: syz.1.61 (pid 6100) Use of int in maxseg socket option. [ 103.758976][ T6100] Use struct sctp_assoc_value instead [ 104.451252][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 104.552918][ T6111] netlink: 32 bytes leftover after parsing attributes in process `syz.1.63'. [ 104.892860][ T1220] IPVS: starting estimator thread 0... [ 105.011022][ T6116] IPVS: using max 16 ests per chain, 38400 per kthread [ 107.029024][ T6129] kernel profiling enabled (shift: 17) [ 107.519310][ T6127] netlink: 28 bytes leftover after parsing attributes in process `syz.0.66'. [ 107.633202][ T6125] block device autoloading is deprecated and will be removed. [ 107.809996][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 107.819761][ T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!! [ 107.972683][ T6137] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 109.149198][ T6146] random: crng reseeded on system resumption [ 109.242223][ T6148] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in; [ 109.242223][ T6148] program syz.4.73 not setting count and/or reply_len properly [ 109.933638][ T5887] IPVS: starting estimator thread 0... [ 110.039923][ T6159] IPVS: using max 17 ests per chain, 40800 per kthread [ 110.772569][ T6157] team0 (unregistering): Port device team_slave_0 removed [ 110.837026][ T6157] team0 (unregistering): Port device team_slave_1 removed [ 110.918769][ T6183] vxcan1: tx address claim with dest, not broadcast [ 112.246192][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 112.451242][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 112.605365][ T6200] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in; [ 112.605365][ T6200] program syz.4.89 not setting count and/or reply_len properly [ 115.391822][ T6232] Zero length message leads to an empty skb [ 115.680147][ T6240] dlm: Unknown command passed to DLM device : 0 [ 115.680147][ T6240] [ 117.319213][ T6256] netlink: 8 bytes leftover after parsing attributes in process `syz.3.103'. [ 118.907971][ T6274] vxcan1: tx address claim with dest, not broadcast [ 119.843810][ T6282] netlink: 32 bytes leftover after parsing attributes in process `syz.4.113'. [ 122.919741][ T6308] netlink: 25 bytes leftover after parsing attributes in process `syz.2.119'. [ 123.706038][ T6323] vxcan1: tx address claim with dest, not broadcast [ 124.628391][ T8] IPVS: starting estimator thread 0... [ 124.669843][ T5852] Bluetooth: hci1: Received unexpected HCI Event 0x00 [ 124.723290][ T6333] IPVS: using max 18 ests per chain, 43200 per kthread [ 126.010674][ T5852] block nbd1: Receive control failed (result -32) [ 126.267538][ T6363] block nbd1: shutting down sockets [ 126.729768][ T6358] could not allocate digest TFM handle cbcmac-aes-ce [ 126.830373][ T6371] dlm: Unknown command passed to DLM device : 0 [ 126.830373][ T6371] [ 126.940291][ T5852] Bluetooth: hci3: Received unexpected HCI Event 0x00 [ 128.213852][ T6381] IPv6: NLM_F_REPLACE set, but no existing node found! [ 128.460908][ T6390] netlink: 64 bytes leftover after parsing attributes in process `syz.3.135'. [ 128.754418][ T6398] netlink: 25 bytes leftover after parsing attributes in process `syz.0.151'. [ 128.908538][ T6401] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 129.020065][ T5852] Bluetooth: hci3: command tx timeout [ 130.752212][ T6420] dlm: Unknown command passed to DLM device : 0 [ 130.752212][ T6420] [ 132.926701][ T6435] vxcan1: tx address claim with dest, not broadcast [ 133.657130][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.669774][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 134.019690][ T5882] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 134.151401][ T5882] usb 4-1: device descriptor read/64, error -71 [ 134.449692][ T5882] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 134.459051][ T6458] netlink: 25 bytes leftover after parsing attributes in process `syz.1.170'. [ 134.583388][ T5882] usb 4-1: device descriptor read/64, error -71 [ 135.152286][ T5882] usb usb4-port1: attempt power cycle [ 135.869913][ T5852] Bluetooth: hci4: Malformed Event: 0x13 [ 136.319958][ T5882] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 136.350526][ T5882] usb 4-1: device descriptor read/8, error -71 [ 136.591406][ T5882] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 136.623926][ T5882] usb 4-1: device descriptor read/8, error -71 [ 136.742065][ T5882] usb usb4-port1: unable to enumerate USB device [ 136.823415][ T6498] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 139.379278][ T5852] Bluetooth: hci3: unknown advertising packet type: 0x65 [ 139.379373][ T5852] Bluetooth: hci3: unknown advertising packet type: 0x09 [ 139.387975][ T5852] Bluetooth: hci3: unknown advertising packet type: 0x05 [ 139.395657][ T5852] Bluetooth: hci3: Dropping invalid advertising data [ 139.409957][ T5852] Bluetooth: hci3: Malformed LE Event: 0x02 [ 141.710137][ T6531] netlink: 32 bytes leftover after parsing attributes in process `syz.4.196'. [ 141.940063][ T5852] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201' [ 141.953507][ T5852] CPU: 0 UID: 0 PID: 5852 Comm: kworker/u9:8 Not tainted 6.12.0-rc6-syzkaller-00110-gff7afaeca1a1 #0 [ 141.964454][ T5852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 141.974564][ T5852] Workqueue: hci1 hci_rx_work [ 141.979356][ T5852] Call Trace: [ 141.982694][ T5852] [ 141.985706][ T5852] dump_stack_lvl+0x241/0x360 [ 141.990447][ T5852] ? __pfx_dump_stack_lvl+0x10/0x10 [ 141.995702][ T5852] ? __pfx__printk+0x10/0x10 [ 142.000349][ T5852] ? sysfs_create_dir_ns+0x28a/0x3a0 [ 142.005685][ T5852] ? __kmalloc_cache_noprof+0x19c/0x2c0 [ 142.011354][ T5852] sysfs_create_dir_ns+0x2ce/0x3a0 [ 142.016529][ T5852] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 142.022512][ T5852] kobject_add_internal+0x435/0x8d0 [ 142.027959][ T5852] kobject_add+0x152/0x220 [ 142.032434][ T5852] ? do_raw_spin_unlock+0x13c/0x8b0 [ 142.037691][ T5852] ? device_add+0x3e7/0xbf0 [ 142.042338][ T5852] ? __pfx_kobject_add+0x10/0x10 [ 142.047341][ T5852] ? _raw_spin_unlock+0x28/0x50 [ 142.052256][ T5852] ? get_device_parent+0x165/0x410 [ 142.057423][ T5852] device_add+0x4e5/0xbf0 [ 142.061811][ T5852] hci_conn_add_sysfs+0xe8/0x200 [ 142.067337][ T5852] le_conn_complete_evt+0xc9f/0x12e0 [ 142.072705][ T5852] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 142.078520][ T5852] ? __mutex_unlock_slowpath+0x21d/0x750 [ 142.084232][ T5852] ? __copy_skb_header+0x437/0x5b0 [ 142.089502][ T5852] ? skb_pull_data+0x112/0x230 [ 142.094337][ T5852] hci_le_conn_complete_evt+0x18c/0x420 [ 142.100041][ T5852] hci_event_packet+0xa55/0x1540 [ 142.105139][ T5852] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 142.110495][ T5852] ? __pfx_hci_event_packet+0x10/0x10 [ 142.116023][ T5852] ? __hci_send_to_channel+0x360/0x650 [ 142.119875][ T5882] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 142.121523][ T5852] ? kcov_remote_start+0x97/0x7d0 [ 142.134118][ T5852] hci_rx_work+0x3fe/0xd80 [ 142.138653][ T5852] ? process_scheduled_works+0x976/0x1850 [ 142.144553][ T5852] process_scheduled_works+0xa63/0x1850 [ 142.150215][ T5852] ? __pfx_process_scheduled_works+0x10/0x10 [ 142.156280][ T5852] ? assign_work+0x364/0x3d0 [ 142.160959][ T5852] worker_thread+0x870/0xd30 [ 142.166065][ T5852] ? __kthread_parkme+0x169/0x1d0 [ 142.171162][ T5852] ? __pfx_worker_thread+0x10/0x10 [ 142.176345][ T5852] kthread+0x2f0/0x390 [ 142.180471][ T5852] ? __pfx_worker_thread+0x10/0x10 [ 142.185745][ T5852] ? __pfx_kthread+0x10/0x10 [ 142.190403][ T5852] ret_from_fork+0x4b/0x80 [ 142.194892][ T5852] ? __pfx_kthread+0x10/0x10 [ 142.199552][ T5852] ret_from_fork_asm+0x1a/0x30 [ 142.204410][ T5852] [ 142.212986][ T5852] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 142.229781][ T5852] Bluetooth: hci1: failed to register connection device [ 142.286361][ T5882] usb 3-1: Using ep0 maxpacket: 8 [ 142.314817][ T5882] usb 3-1: config 179 has an invalid interface number: 65 but max is 0 [ 142.327000][ T5882] usb 3-1: config 179 has no interface number 0 [ 142.471942][ T5882] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 142.711450][ T5882] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 142.790638][ T5882] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 48, changing to 9 [ 142.878410][ T5882] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 142.950140][ T5882] usb 3-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 143.045653][ T5882] usb 3-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 143.078503][ T5882] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 143.351888][ T6525] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 143.372375][ T5847] Bluetooth: hci1: unknown advertising packet type: 0x65 [ 143.372425][ T5847] Bluetooth: hci1: unknown advertising packet type: 0x09 [ 143.380609][ T5847] Bluetooth: hci1: unknown advertising packet type: 0x05 [ 143.387869][ T5847] Bluetooth: hci1: Dropping invalid advertising data [ 143.401936][ T5847] Bluetooth: hci1: Malformed LE Event: 0x02 [ 144.443817][ T5882] usb 3-1: USB disconnect, device number 3 [ 144.449893][ C1] xpad 3-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 144.449971][ C1] xpad 3-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 146.240301][ T6584] capability: warning: `syz.2.213' uses deprecated v2 capabilities in a way that may be insecure [ 147.567767][ T6592] random: crng reseeded on system resumption [ 148.130140][ T9] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 148.317441][ T6604] fuse: Bad value for 'fd' [ 149.914802][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 149.927544][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 149.987703][ T5847] Bluetooth: hci1: command 0x0406 tx timeout [ 150.009759][ T9] usb 5-1: New USB device found, idVendor=05ac, idProduct=029c, bcdDevice= 0.00 [ 150.040882][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 150.171097][ T9] usb 5-1: config 0 descriptor?? [ 150.619042][ T9] usbhid 5-1:0.0: can't add hid device: -71 [ 150.632084][ T9] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 150.666663][ T9] usb 5-1: USB disconnect, device number 3 [ 153.309810][ T6631] netlink: 12 bytes leftover after parsing attributes in process `syz.3.227'. [ 155.326797][ T6654] netlink: 104 bytes leftover after parsing attributes in process `syz.4.236'. [ 155.355246][ T6656] ieee802154 phy0 wpan0: encryption failed: -22 [ 158.939771][ T6697] netlink: 25 bytes leftover after parsing attributes in process `syz.2.251'. [ 161.040005][ T29] audit: type=1326 audit(1731001797.532:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6723 comm="syz.3.264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd303f7e719 code=0x7ffc0000 [ 161.061860][ T29] audit: type=1326 audit(1731001797.532:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6723 comm="syz.3.264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd303f7e719 code=0x7ffc0000 [ 161.084807][ T29] audit: type=1326 audit(1731001797.552:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6723 comm="syz.3.264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=273 compat=0 ip=0x7fd303f7e719 code=0x7ffc0000 [ 161.109901][ T29] audit: type=1326 audit(1731001797.552:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6723 comm="syz.3.264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd303f7e719 code=0x7ffc0000 [ 161.131435][ T29] audit: type=1326 audit(1731001797.552:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6723 comm="syz.3.264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd303f7e719 code=0x7ffc0000 [ 161.892778][ T6739] netlink: 25 bytes leftover after parsing attributes in process `syz.3.266'. [ 163.296310][ T5889] IPVS: starting estimator thread 0... [ 163.420344][ T6761] IPVS: using max 16 ests per chain, 38400 per kthread [ 164.258164][ T6768] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in; [ 164.258164][ T6768] program syz.1.279 not setting count and/or reply_len properly [ 166.673088][ T6813] vxcan1: tx address claim with dest, not broadcast [ 169.322123][ T6829] binder: 6826:6829 ioctl c0306201 0 returned -14 [ 171.326107][ T6860] vxcan1: tx address claim with dest, not broadcast [ 171.782991][ T29] audit: type=1804 audit(1731001808.882:8): pid=6857 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.4.306" name="/newroot/62/file1" dev="fuse" ino=1 res=1 errno=0 [ 171.788753][ T6868] syz.0.311 uses obsolete (PF_INET,SOCK_PACKET) [ 172.017371][ T29] audit: type=1800 audit(1731001808.892:9): pid=6857 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.4.306" name="/" dev="fuse" ino=1 res=0 errno=0 [ 172.308765][ T29] audit: type=1804 audit(1731001808.892:10): pid=6857 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.4.306" name="/newroot/62/file1" dev="fuse" ino=1 res=1 errno=0 [ 172.583460][ T6868] syzkaller1: entered promiscuous mode [ 172.589022][ T6868] syzkaller1: entered allmulticast mode [ 172.613872][ T29] audit: type=1804 audit(1731001808.892:11): pid=6857 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.4.306" name="/newroot/62/file1" dev="fuse" ino=1 res=1 errno=0 [ 172.615794][ T6872] netlink: 32 bytes leftover after parsing attributes in process `syz.3.312'. [ 172.685241][ T29] audit: type=1800 audit(1731001808.892:12): pid=6857 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.4.306" name="/" dev="fuse" ino=1 res=0 errno=0 [ 173.774535][ T6882] pim6reg1: entered promiscuous mode [ 173.801058][ T6882] pim6reg1: entered allmulticast mode [ 173.825347][ T29] audit: type=1326 audit(1731001810.972:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6885 comm="syz.2.317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f012537e719 code=0x7ffc0000 [ 173.846688][ C1] vkms_vblank_simulate: vblank timer overrun [ 173.930505][ T29] audit: type=1326 audit(1731001810.972:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6885 comm="syz.2.317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f012537e719 code=0x7ffc0000 [ 174.003025][ T29] audit: type=1326 audit(1731001810.972:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6885 comm="syz.2.317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=99 compat=0 ip=0x7f012537e719 code=0x7ffc0000 [ 174.273147][ T29] audit: type=1326 audit(1731001810.972:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6885 comm="syz.2.317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f012537e719 code=0x7ffc0000 [ 174.299911][ T29] audit: type=1326 audit(1731001810.972:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6885 comm="syz.2.317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f012537e719 code=0x7ffc0000 [ 175.347638][ T5837] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 175.735044][ T6908] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in; [ 175.735044][ T6908] program syz.3.325 not setting count and/or reply_len properly [ 176.239754][ T5837] usb 3-1: Using ep0 maxpacket: 32 [ 176.247440][ T5847] Bluetooth: hci4: unknown advertising packet type: 0x65 [ 176.248442][ T5847] Bluetooth: hci4: Malformed LE Event: 0x02 [ 176.263354][ T5837] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 176.274438][ T5837] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 176.285339][ T5837] usb 3-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00 [ 176.294604][ T5837] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 176.305022][ T5837] usb 3-1: config 0 descriptor?? [ 177.509147][ T6932] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 178.198993][ T5837] ft260 0003:0403:6030.0002: unknown main item tag 0x0 [ 178.250694][ T6949] mmap: syz.0.340 (6949) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 178.278432][ T5837] ft260 0003:0403:6030.0002: chip code: 6424 8183 [ 178.527093][ T5837] ft260 0003:0403:6030.0002: USB HID v0.00 Device [HID 0403:6030] on usb-dummy_hcd.2-1/input0 [ 179.179524][ T5837] ft260 0003:0403:6030.0002: failed to retrieve status: -71 [ 179.187549][ T5837] ft260 0003:0403:6030.0002: failed to reset I2C controller: -71 [ 180.065763][ T5837] usb 3-1: USB disconnect, device number 4 [ 180.920776][ T6996] netlink: 104 bytes leftover after parsing attributes in process `syz.1.355'. [ 181.670917][ T29] audit: type=1326 audit(1731001818.822:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6997 comm="syz.3.358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd303f7e719 code=0x7ffc0000 [ 181.730594][ T29] audit: type=1326 audit(1731001818.842:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6997 comm="syz.3.358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd303f7e719 code=0x7ffc0000 [ 181.800257][ T29] audit: type=1326 audit(1731001818.882:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6997 comm="syz.3.358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=261 compat=0 ip=0x7fd303f7e719 code=0x7ffc0000 [ 181.857442][ T29] audit: type=1326 audit(1731001818.882:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6997 comm="syz.3.358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd303f7e719 code=0x7ffc0000 [ 181.940465][ T7005] tipc: Failed to remove unknown binding: 66,1,1/0:2345419847/2345419849 [ 181.974964][ T29] audit: type=1326 audit(1731001818.882:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6997 comm="syz.3.358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd303f7e719 code=0x7ffc0000 [ 181.998283][ T7005] tipc: Failed to remove unknown binding: 66,1,1/0:2345419847/2345419849 [ 182.803453][ T7026] netlink: 60 bytes leftover after parsing attributes in process `syz.4.367'. [ 183.616025][ T7035] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in; [ 183.616025][ T7035] program syz.1.369 not setting count and/or reply_len properly [ 184.399285][ T7049] netlink: 32 bytes leftover after parsing attributes in process `syz.3.376'. [ 185.632946][ T7058] netlink: 52 bytes leftover after parsing attributes in process `syz.2.380'. [ 185.746216][ T7058] netlink: 16 bytes leftover after parsing attributes in process `syz.2.380'. [ 185.788633][ T7058] netlink: 52 bytes leftover after parsing attributes in process `syz.2.380'. [ 188.160883][ T7097] dlm: Unknown command passed to DLM device : 0 [ 188.160883][ T7097] [ 189.481145][ T29] audit: type=1804 audit(1731001826.452:23): pid=7104 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.0.397" name="/newroot/87/file1" dev="fuse" ino=1 res=1 errno=0 [ 189.503345][ T29] audit: type=1800 audit(1731001826.452:24): pid=7104 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.0.397" name="/" dev="fuse" ino=1 res=0 errno=0 [ 189.522691][ T29] audit: type=1804 audit(1731001826.462:25): pid=7104 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.0.397" name="/newroot/87/file1" dev="fuse" ino=1 res=1 errno=0 [ 190.355670][ T7113] Bluetooth: (null): Invalid header checksum [ 190.429831][ T29] audit: type=1804 audit(1731001826.462:26): pid=7104 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.0.397" name="/newroot/87/file1" dev="fuse" ino=1 res=1 errno=0 [ 190.471467][ T29] audit: type=1800 audit(1731001826.462:27): pid=7104 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.0.397" name="/" dev="fuse" ino=1 res=0 errno=0 [ 190.485088][ T3560] Bluetooth: (null): Invalid header checksum [ 190.498405][ T3560] Bluetooth: (null): Invalid header checksum [ 190.525980][ T5847] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 190.535177][ T5847] Bluetooth: hci0: Injecting HCI hardware error event [ 190.545263][ T5847] Bluetooth: hci0: hardware error 0x00 [ 190.587084][ T7110] sp0: Synchronizing with TNC [ 190.764992][ T7116] 9pnet_fd: Insufficient options for proto=fd [ 193.201284][ T5847] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 193.483867][ T29] audit: type=1804 audit(1731001829.862:28): pid=7142 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.3.411" name="/newroot/81/file1" dev="fuse" ino=1 res=1 errno=0 [ 193.661671][ T29] audit: type=1800 audit(1731001829.872:29): pid=7142 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.3.411" name="/" dev="fuse" ino=1 res=0 errno=0 [ 194.295016][ T29] audit: type=1804 audit(1731001829.872:30): pid=7140 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.3.411" name="/newroot/81/file1" dev="fuse" ino=1 res=1 errno=0 [ 194.314732][ T29] audit: type=1804 audit(1731001829.872:31): pid=7140 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.3.411" name="/newroot/81/file1" dev="fuse" ino=1 res=1 errno=0 [ 194.334512][ T29] audit: type=1800 audit(1731001829.872:32): pid=7140 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.3.411" name="/" dev="fuse" ino=1 res=0 errno=0 [ 195.098943][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 195.105427][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.519848][ T29] audit: type=1326 audit(1731001832.622:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7165 comm="syz.0.416" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe71197e719 code=0x0 [ 195.730101][ T9] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 195.940983][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 196.049375][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 196.602700][ T9] usb 2-1: New USB device found, idVendor=05ac, idProduct=029c, bcdDevice= 0.00 [ 196.612069][ T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 196.641958][ T9] usb 2-1: config 0 descriptor?? [ 197.217290][ T7188] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 197.898891][ T9] usbhid 2-1:0.0: can't add hid device: -71 [ 197.905622][ T9] usbhid 2-1:0.0: probe with driver usbhid failed with error -71 [ 198.023311][ T9] usb 2-1: USB disconnect, device number 3 [ 199.144893][ T29] audit: type=1326 audit(1731001836.272:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7210 comm="syz.2.434" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f012537e719 code=0x0 [ 199.219788][ T7218] dlm: Unknown command passed to DLM device : 0 [ 199.219788][ T7218] [ 200.475614][ T7238] syzkaller1: entered promiscuous mode [ 200.484795][ T7238] syzkaller1: entered allmulticast mode [ 200.957152][ T5917] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 202.372758][ T5917] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 202.418857][ T5917] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 202.485366][ T5917] usb 4-1: New USB device found, idVendor=05ac, idProduct=029c, bcdDevice= 0.00 [ 202.646340][ T29] audit: type=1326 audit(1731001839.762:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7258 comm="syz.1.450" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f066117e719 code=0x0 [ 202.679872][ T5917] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 202.690240][ T5917] usb 4-1: config 0 descriptor?? [ 202.750252][ T7265] netlink: 60 bytes leftover after parsing attributes in process `syz.0.451'. [ 203.201085][ T5917] usbhid 4-1:0.0: can't add hid device: -71 [ 203.207412][ T5917] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 203.267901][ T5917] usb 4-1: USB disconnect, device number 6 [ 204.210415][ T7276] dlm: Unknown command passed to DLM device : 0 [ 204.210415][ T7276] [ 205.663904][ T7288] IPv6: NLM_F_REPLACE set, but no existing node found! [ 207.048527][ T5851] Bluetooth: hci3: command 0x0406 tx timeout [ 207.048707][ T5851] Bluetooth: hci1: command 0x0406 tx timeout [ 207.048849][ T5851] Bluetooth: hci2: command 0x0406 tx timeout [ 207.719702][ T29] audit: type=1326 audit(1731001844.832:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7310 comm="syz.3.466" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd303f7e719 code=0x0 [ 208.029091][ T7327] syzkaller1: entered promiscuous mode [ 208.037053][ T7327] syzkaller1: entered allmulticast mode [ 208.337052][ T7324] dlm: Unknown command passed to DLM device : 0 [ 208.337052][ T7324] [ 208.920730][ T7338] trusted_key: encrypted_key: master key parameter 'u' is invalid [ 210.158850][ T7354] netlink: 40 bytes leftover after parsing attributes in process `syz.3.481'. [ 210.221849][ T7354] netlink: 16 bytes leftover after parsing attributes in process `syz.3.481'. [ 210.249690][ T7354] netlink: 40 bytes leftover after parsing attributes in process `syz.3.481'. [ 210.412914][ T7339] fuse: Bad value for 'fd' [ 212.070180][ T5835] Bluetooth: hci4: command 0x0406 tx timeout [ 212.662081][ T7378] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in; [ 212.662081][ T7378] program syz.1.486 not setting count and/or reply_len properly [ 212.726484][ T7380] dlm: Unknown command passed to DLM device : 0 [ 212.726484][ T7380] [ 213.741792][ T7386] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 216.535520][ T29] audit: type=1326 audit(1731001852.832:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7392 comm="syz.0.494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe71197e719 code=0x7ffc0000 [ 216.715097][ T29] audit: type=1326 audit(1731001852.832:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7392 comm="syz.0.494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe71197e719 code=0x7ffc0000 [ 216.811394][ T7399] netlink: 'syz.1.493': attribute type 12 has an invalid length. [ 216.890250][ T25] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 216.953299][ T29] audit: type=1326 audit(1731001852.842:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7392 comm="syz.0.494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=294 compat=0 ip=0x7fe71197e719 code=0x7ffc0000 [ 217.129826][ T25] usb 1-1: Using ep0 maxpacket: 16 [ 217.142572][ T25] usb 1-1: config 0 has no interfaces? [ 217.143387][ T29] audit: type=1326 audit(1731001852.842:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7392 comm="syz.0.494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe71197e719 code=0x7ffc0000 [ 217.148256][ T25] usb 1-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40 [ 217.180026][ T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 217.203372][ T29] audit: type=1326 audit(1731001852.842:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7392 comm="syz.0.494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe71197e719 code=0x7ffc0000 [ 217.205356][ T25] usb 1-1: config 0 descriptor?? [ 217.254298][ T29] audit: type=1326 audit(1731001852.842:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7392 comm="syz.0.494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=254 compat=0 ip=0x7fe71197e719 code=0x7ffc0000 [ 217.418343][ T29] audit: type=1326 audit(1731001852.852:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7392 comm="syz.0.494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe71197e719 code=0x7ffc0000 [ 217.440403][ T29] audit: type=1326 audit(1731001852.852:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7392 comm="syz.0.494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe71197e719 code=0x7ffc0000 [ 217.461960][ T29] audit: type=1326 audit(1731001852.852:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7392 comm="syz.0.494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fe71197e719 code=0x7ffc0000 [ 217.483530][ T29] audit: type=1326 audit(1731001852.852:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7392 comm="syz.0.494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe71197e719 code=0x7ffc0000 [ 218.824895][ T5889] usb 1-1: USB disconnect, device number 2 [ 219.283839][ T7434] random: crng reseeded on system resumption [ 219.325615][ T8] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 219.345631][ T7433] netlink: 40 bytes leftover after parsing attributes in process `syz.0.503'. [ 219.400575][ T7436] netlink: 60 bytes leftover after parsing attributes in process `syz.2.500'. [ 219.594616][ T8] usb 4-1: Using ep0 maxpacket: 8 [ 219.608527][ T8] usb 4-1: config 179 has an invalid interface number: 65 but max is 0 [ 219.617544][ T8] usb 4-1: config 179 has an invalid descriptor of length 0, skipping remainder of the config [ 219.628309][ T8] usb 4-1: config 179 has no interface number 0 [ 219.635142][ T8] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0 [ 219.667521][ T8] usb 4-1: config 179 interface 65 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 23 [ 219.721538][ T8] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 219.736525][ T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 220.012870][ T25] usb 4-1: USB disconnect, device number 7 [ 221.700671][ T5852] Bluetooth: hci2: unknown advertising packet type: 0x65 [ 221.700769][ T5852] Bluetooth: hci2: unknown advertising packet type: 0x09 [ 221.708158][ T5852] Bluetooth: hci2: unknown advertising packet type: 0x05 [ 221.729836][ T5852] Bluetooth: hci2: Dropping invalid advertising data [ 221.744178][ T5852] Bluetooth: hci2: Malformed LE Event: 0x02 [ 221.910203][ T7460] devtmpfs: Unknown parameter 'posixacl' [ 222.985300][ T7470] netlink: 40 bytes leftover after parsing attributes in process `syz.0.515'. [ 223.057926][ T7478] random: crng reseeded on system resumption [ 228.309834][ T25] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 229.180635][ T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 229.223554][ T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 229.243915][ T7527] netlink: 60 bytes leftover after parsing attributes in process `syz.1.529'. [ 229.276304][ T25] usb 1-1: New USB device found, idVendor=05ac, idProduct=029c, bcdDevice= 0.00 [ 229.298725][ T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 229.443796][ T7536] dlm: Unknown command passed to DLM device : 0 [ 229.443796][ T7536] [ 230.265162][ T25] usb 1-1: config 0 descriptor?? [ 230.688845][ T25] usb 1-1: can't set config #0, error -71 [ 230.769787][ T25] usb 1-1: USB disconnect, device number 3 [ 230.830580][ T7540] random: crng reseeded on system resumption [ 231.285055][ T7552] fuse: Bad value for 'fd' [ 233.875200][ T5889] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 234.240931][ T7587] netlink: 60 bytes leftover after parsing attributes in process `syz.4.552'. [ 235.621019][ T5889] usb 2-1: device descriptor read/all, error -71 [ 235.907675][ T7604] sp0: Synchronizing with TNC [ 236.248558][ T7610] random: crng reseeded on system resumption [ 236.312734][ T29] kauditd_printk_skb: 51 callbacks suppressed [ 236.312756][ T29] audit: type=1804 audit(1731001873.462:98): pid=7613 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.3.555" name="/newroot/110/file1" dev="fuse" ino=1 res=1 errno=0 [ 236.783652][ T29] audit: type=1800 audit(1731001873.902:99): pid=7613 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.3.555" name="/" dev="fuse" ino=1 res=0 errno=0 [ 236.973358][ T29] audit: type=1326 audit(1731001874.082:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7618 comm="syz.0.560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe71197e719 code=0x7ffc0000 [ 237.021888][ T29] audit: type=1326 audit(1731001874.082:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7618 comm="syz.0.560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe71197e719 code=0x7ffc0000 [ 237.869429][ T29] audit: type=1326 audit(1731001874.082:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7618 comm="syz.0.560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=294 compat=0 ip=0x7fe71197e719 code=0x7ffc0000 [ 237.899136][ T29] audit: type=1326 audit(1731001874.092:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7618 comm="syz.0.560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe71197e719 code=0x7ffc0000 [ 238.434987][ T29] audit: type=1326 audit(1731001874.092:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7618 comm="syz.0.560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe71197e719 code=0x7ffc0000 [ 238.456849][ C0] vkms_vblank_simulate: vblank timer overrun [ 238.497073][ T29] audit: type=1326 audit(1731001874.092:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7618 comm="syz.0.560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=254 compat=0 ip=0x7fe71197e719 code=0x7ffc0000 [ 238.522861][ T29] audit: type=1326 audit(1731001874.092:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7618 comm="syz.0.560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe71197e719 code=0x7ffc0000 [ 238.544995][ T29] audit: type=1326 audit(1731001874.092:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7618 comm="syz.0.560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe71197e719 code=0x7ffc0000 [ 239.075525][ T7635] netlink: 60 bytes leftover after parsing attributes in process `syz.2.564'. [ 244.516299][ T6024] udevd[6024]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory [ 245.672199][ T29] kauditd_printk_skb: 9 callbacks suppressed [ 245.672643][ T29] audit: type=1804 audit(1731001882.672:117): pid=7693 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.4.577" name="/newroot/112/file1" dev="fuse" ino=1 res=1 errno=0 [ 245.699654][ T29] audit: type=1800 audit(1731001882.672:118): pid=7693 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.4.577" name="/" dev="fuse" ino=1 res=0 errno=0 [ 245.718945][ T29] audit: type=1804 audit(1731001882.672:119): pid=7693 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.4.577" name="/newroot/112/file1" dev="fuse" ino=1 res=1 errno=0 [ 245.740458][ T29] audit: type=1804 audit(1731001882.672:120): pid=7693 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.4.577" name="/newroot/112/file1" dev="fuse" ino=1 res=1 errno=0 [ 245.760027][ C0] vkms_vblank_simulate: vblank timer overrun [ 245.766201][ T29] audit: type=1800 audit(1731001882.682:121): pid=7693 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.4.577" name="/" dev="fuse" ino=1 res=0 errno=0 [ 246.039245][ T7697] sp0: Synchronizing with TNC [ 246.782503][ T7709] netlink: 60 bytes leftover after parsing attributes in process `syz.1.580'. [ 249.442319][ T29] audit: type=1804 audit(1731001886.492:122): pid=7734 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.0.590" name="/newroot/134/file1" dev="fuse" ino=1 res=1 errno=0 [ 250.150201][ T29] audit: type=1800 audit(1731001886.492:123): pid=7734 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.0.590" name="/" dev="fuse" ino=1 res=0 errno=0 [ 250.169691][ T29] audit: type=1804 audit(1731001886.492:124): pid=7734 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.0.590" name="/newroot/134/file1" dev="fuse" ino=1 res=1 errno=0 [ 250.189769][ T29] audit: type=1804 audit(1731001886.502:125): pid=7734 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.0.590" name="/newroot/134/file1" dev="fuse" ino=1 res=1 errno=0 [ 250.486706][ T29] audit: type=1800 audit(1731001886.502:126): pid=7734 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.0.590" name="/" dev="fuse" ino=1 res=0 errno=0 [ 253.080922][ T7761] netlink: 60 bytes leftover after parsing attributes in process `syz.2.596'. [ 255.189324][ T7778] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 256.064315][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.071066][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 257.222285][ T7785] sp0: Synchronizing with TNC [ 257.488803][ T29] audit: type=1804 audit(1731001894.572:127): pid=7797 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.0.603" name="/newroot/136/file1" dev="fuse" ino=1 res=1 errno=0 [ 258.114585][ T29] audit: type=1800 audit(1731001894.572:128): pid=7797 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.0.603" name="/" dev="fuse" ino=1 res=0 errno=0 [ 258.169812][ T29] audit: type=1804 audit(1731001894.582:129): pid=7797 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.0.603" name="/newroot/136/file1" dev="fuse" ino=1 res=1 errno=0 [ 258.190053][ T29] audit: type=1804 audit(1731001894.582:130): pid=7797 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.0.603" name="/newroot/136/file1" dev="fuse" ino=1 res=1 errno=0 [ 258.210869][ T29] audit: type=1800 audit(1731001894.582:131): pid=7797 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.0.603" name="/" dev="fuse" ino=1 res=0 errno=0 [ 258.742205][ T7811] netlink: 'syz.4.608': attribute type 10 has an invalid length. [ 258.842496][ T7811] batman_adv: batadv0: Adding interface: team0 [ 258.848741][ T7811] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 258.874728][ T7811] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 259.149408][ T7817] netlink: 16 bytes leftover after parsing attributes in process `syz.3.612'. [ 259.180151][ T5889] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 259.248243][ T7822] netlink: 60 bytes leftover after parsing attributes in process `syz.1.609'. [ 259.439820][ T5889] usb 5-1: Using ep0 maxpacket: 8 [ 259.462172][ T5889] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xC has invalid wMaxPacketSize 0 [ 259.494877][ T5889] usb 5-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=4b.1e [ 260.451808][ T5889] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 260.460032][ T5889] usb 5-1: Product: syz [ 260.464331][ T5889] usb 5-1: Manufacturer: syz [ 260.468980][ T5889] usb 5-1: SerialNumber: syz [ 260.491291][ T5889] usb 5-1: config 0 descriptor?? [ 261.457165][ T5889] streamzap 5-1:0.0: streamzap_probe: endpoint doesn't match input device 020c [ 262.764548][ T5917] usb 5-1: USB disconnect, device number 4 [ 264.001523][ T29] audit: type=1804 audit(1731001900.282:132): pid=7844 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.0.618" name="/newroot/139/file1" dev="fuse" ino=1 res=1 errno=0 [ 264.269770][ T29] audit: type=1800 audit(1731001900.282:133): pid=7844 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.0.618" name="/" dev="fuse" ino=1 res=0 errno=0 [ 264.349767][ T29] audit: type=1804 audit(1731001900.292:134): pid=7844 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.0.618" name="/newroot/139/file1" dev="fuse" ino=1 res=1 errno=0 [ 264.585785][ T7855] sp0: Synchronizing with TNC [ 264.683917][ T29] audit: type=1804 audit(1731001900.302:135): pid=7844 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.0.618" name="/newroot/139/file1" dev="fuse" ino=1 res=1 errno=0 [ 264.708081][ T29] audit: type=1800 audit(1731001900.302:136): pid=7844 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.0.618" name="/" dev="fuse" ino=1 res=0 errno=0 [ 266.913791][ T29] audit: type=1326 audit(1731001903.782:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7871 comm="syz.0.627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe71197e719 code=0x7ffc0000 [ 267.311389][ T29] audit: type=1326 audit(1731001903.782:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7871 comm="syz.0.627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe71197e719 code=0x7ffc0000 [ 267.407125][ T29] audit: type=1326 audit(1731001903.782:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7871 comm="syz.0.627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=294 compat=0 ip=0x7fe71197e719 code=0x7ffc0000 [ 267.434319][ T7880] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 267.553649][ T29] audit: type=1326 audit(1731001903.782:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7871 comm="syz.0.627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe71197e719 code=0x7ffc0000 [ 267.555538][ T5917] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 267.645742][ T29] audit: type=1326 audit(1731001903.782:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7871 comm="syz.0.627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe71197e719 code=0x7ffc0000 [ 270.784354][ T7896] netlink: 60 bytes leftover after parsing attributes in process `syz.2.631'. [ 270.905582][ T29] kauditd_printk_skb: 43 callbacks suppressed [ 270.905608][ T29] audit: type=1804 audit(1731001907.322:185): pid=7889 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.4.632" name="/newroot/123/file1" dev="fuse" ino=1 res=1 errno=0 [ 270.932113][ T29] audit: type=1800 audit(1731001907.322:186): pid=7889 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.4.632" name="/" dev="fuse" ino=1 res=0 errno=0 [ 270.951681][ T29] audit: type=1804 audit(1731001907.322:187): pid=7889 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.4.632" name="/newroot/123/file1" dev="fuse" ino=1 res=1 errno=0 [ 270.971871][ T29] audit: type=1804 audit(1731001907.322:188): pid=7889 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.4.632" name="/newroot/123/file1" dev="fuse" ino=1 res=1 errno=0 [ 270.992387][ T29] audit: type=1800 audit(1731001907.322:189): pid=7889 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.4.632" name="/" dev="fuse" ino=1 res=0 errno=0 [ 271.011952][ T29] audit: type=1326 audit(1731001907.322:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7871 comm="syz.0.627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fe71197e31b code=0x7ffc0000 [ 271.029947][ T5917] usb 1-1: Using ep0 maxpacket: 16 [ 271.312557][ T5917] usb 1-1: device descriptor read/all, error -71 [ 274.923568][ T7929] sp0: Synchronizing with TNC [ 280.969845][ T29] audit: type=1804 audit(1731001918.032:191): pid=7948 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.0.645" name="/newroot/144/file1" dev="fuse" ino=1 res=1 errno=0 [ 280.989663][ T29] audit: type=1800 audit(1731001918.032:192): pid=7948 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.0.645" name="/" dev="fuse" ino=1 res=0 errno=0 [ 281.500334][ T29] audit: type=1804 audit(1731001918.182:193): pid=7947 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.0.645" name="/newroot/144/file1" dev="fuse" ino=1 res=1 errno=0 [ 281.528707][ T29] audit: type=1804 audit(1731001918.182:194): pid=7947 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.0.645" name="/newroot/144/file1" dev="fuse" ino=1 res=1 errno=0 [ 281.555649][ T29] audit: type=1800 audit(1731001918.182:195): pid=7947 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.0.645" name="/" dev="fuse" ino=1 res=0 errno=0 [ 286.906544][ T8002] netlink: 60 bytes leftover after parsing attributes in process `syz.4.661'. [ 287.190762][ T29] audit: type=1804 audit(1731001924.232:196): pid=8003 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.0.659" name="/newroot/147/file1" dev="fuse" ino=1 res=1 errno=0 [ 287.657387][ T29] audit: type=1800 audit(1731001924.232:197): pid=8003 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.0.659" name="/" dev="fuse" ino=1 res=0 errno=0 [ 287.685903][ T29] audit: type=1804 audit(1731001924.232:198): pid=8003 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.0.659" name="/newroot/147/file1" dev="fuse" ino=1 res=1 errno=0 [ 287.717069][ T29] audit: type=1804 audit(1731001924.232:199): pid=8003 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.0.659" name="/newroot/147/file1" dev="fuse" ino=1 res=1 errno=0 [ 287.737204][ T29] audit: type=1800 audit(1731001924.232:200): pid=8003 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.0.659" name="/" dev="fuse" ino=1 res=0 errno=0 [ 287.806233][ T8007] netlink: 'syz.0.664': attribute type 1 has an invalid length. [ 287.977768][ T7997] sp0: Synchronizing with TNC [ 291.579926][ T9] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 291.740007][ T9] usb 2-1: Using ep0 maxpacket: 32 [ 291.769205][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 291.815080][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 291.863981][ T9] usb 2-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00 [ 291.906524][ T8036] input: syz0 as /devices/virtual/input/input6 [ 291.914786][ T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 291.960900][ T9] usb 2-1: config 0 descriptor?? [ 293.311353][ T29] audit: type=1804 audit(1731001930.462:201): pid=8048 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.4.675" name="/newroot/132/file1" dev="fuse" ino=1 res=1 errno=0 [ 293.331302][ T29] audit: type=1800 audit(1731001930.462:202): pid=8048 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.4.675" name="/" dev="fuse" ino=1 res=0 errno=0 [ 293.396423][ T29] audit: type=1804 audit(1731001930.542:203): pid=8046 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.4.675" name="/newroot/132/file1" dev="fuse" ino=1 res=1 errno=0 [ 294.007449][ T29] audit: type=1804 audit(1731001930.542:204): pid=8046 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.4.675" name="/newroot/132/file1" dev="fuse" ino=1 res=1 errno=0 [ 294.056427][ T29] audit: type=1800 audit(1731001930.542:205): pid=8046 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.4.675" name="/" dev="fuse" ino=1 res=0 errno=0 [ 294.398237][ C0] raw-gadget.0 gadget.1: ignoring, device is not running [ 294.406297][ T9] usbhid 2-1:0.0: can't add hid device: -71 [ 295.613024][ T9] usbhid 2-1:0.0: probe with driver usbhid failed with error -71 [ 295.632316][ T9] usb 2-1: USB disconnect, device number 6 [ 298.632450][ T8082] fuse: Bad value for 'user_id' [ 298.637396][ T8082] fuse: Bad value for 'user_id' [ 299.428533][ T29] audit: type=1804 audit(1731001936.532:206): pid=8095 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.0.688" name="/newroot/151/file1" dev="fuse" ino=1 res=1 errno=0 [ 299.749153][ T29] audit: type=1800 audit(1731001936.532:207): pid=8095 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.0.688" name="/" dev="fuse" ino=1 res=0 errno=0 [ 300.039736][ T29] audit: type=1804 audit(1731001936.532:208): pid=8095 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.0.688" name="/newroot/151/file1" dev="fuse" ino=1 res=1 errno=0 [ 300.059846][ C1] vkms_vblank_simulate: vblank timer overrun [ 300.122610][ T29] audit: type=1804 audit(1731001936.532:209): pid=8095 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.0.688" name="/newroot/151/file1" dev="fuse" ino=1 res=1 errno=0 [ 300.142791][ C1] vkms_vblank_simulate: vblank timer overrun [ 300.186411][ T29] audit: type=1800 audit(1731001936.532:210): pid=8095 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.0.688" name="/" dev="fuse" ino=1 res=0 errno=0 [ 301.531398][ T8110] netlink: 'syz.1.694': attribute type 12 has an invalid length. [ 302.052848][ T8112] dlm: Unknown command passed to DLM device : 0 [ 302.052848][ T8112] [ 303.514053][ T8136] fuse: Bad value for 'user_id' [ 303.525070][ T8136] fuse: Bad value for 'user_id' [ 306.141811][ T8159] dlm: Unknown command passed to DLM device : 0 [ 306.141811][ T8159] [ 310.708782][ T8191] fuse: Bad value for 'user_id' [ 310.728801][ T8191] fuse: Bad value for 'user_id' [ 313.652334][ T8215] netlink: 16 bytes leftover after parsing attributes in process `syz.1.721'. [ 313.771723][ T8219] atomic_op ffff88805d622198 conn xmit_atomic 0000000000000000 [ 317.504312][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 318.281068][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 321.218021][ T8252] fuse: Bad value for 'fd' [ 323.932541][ T8271] netlink: 16 bytes leftover after parsing attributes in process `syz.0.737'. [ 330.339997][ T8301] netlink: 28 bytes leftover after parsing attributes in process `syz.0.747'. [ 331.430928][ T8311] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in; [ 331.430928][ T8311] program syz.4.745 not setting count and/or reply_len properly [ 337.406811][ T8354] netlink: 28 bytes leftover after parsing attributes in process `syz.0.759'. [ 339.263151][ T5887] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 340.337140][ T8380] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in; [ 340.337140][ T8380] program syz.3.764 not setting count and/or reply_len properly [ 341.299619][ T5887] usb 3-1: Using ep0 maxpacket: 16 [ 341.325549][ T5887] usb 3-1: device descriptor read/all, error -71 [ 343.002619][ T5887] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 343.529777][ T5887] usb 3-1: Using ep0 maxpacket: 8 [ 343.554963][ T5887] usb 3-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a [ 343.565568][ T5887] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 343.573416][ T972] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 343.599344][ T5887] usb 3-1: Product: syz [ 343.606776][ T8394] bridge0: port 1(bridge_slave_0) entered disabled state [ 343.625888][ T8394] bridge0: port 2(bridge_slave_1) entered disabled state [ 343.628523][ T5887] usb 3-1: Manufacturer: syz [ 343.639593][ T5887] usb 3-1: SerialNumber: syz [ 343.712248][ T5887] usb 3-1: config 0 descriptor?? [ 343.724626][ T5887] gspca_main: sq930x-2.14.0 probing 2770:930c [ 343.795757][ T8403] netlink: 28 bytes leftover after parsing attributes in process `syz.3.773'. [ 344.025433][ T972] usb 5-1: Using ep0 maxpacket: 32 [ 344.044645][ T972] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 344.064913][ T972] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 344.282983][ T5887] gspca_sq930x: ucbus_write failed -71 [ 344.805649][ T5887] gspca_sq930x: Sensor ov9630 not yet treated [ 344.890756][ T5887] sq930x 3-1:0.0: probe with driver sq930x failed with error -22 [ 345.026437][ T5887] usb 3-1: USB disconnect, device number 6 [ 345.043708][ T972] usb 5-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00 [ 345.053184][ T972] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 345.077943][ T972] usb 5-1: config 0 descriptor?? [ 345.759733][ T8421] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in; [ 345.759733][ T8421] program syz.0.779 not setting count and/or reply_len properly [ 347.811216][ T972] usbhid 5-1:0.0: can't add hid device: -71 [ 347.818609][ T972] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 348.008772][ T972] usb 5-1: USB disconnect, device number 5 [ 348.058389][ T8429] netlink: 'syz.2.782': attribute type 39 has an invalid length. [ 349.826065][ T8451] nfs: Unknown parameter 'a[l' [ 352.303655][ T5835] Bluetooth: hci4: command 0x0406 tx timeout [ 352.933958][ T8472] dlm: Unknown command passed to DLM device : 0 [ 352.933958][ T8472] [ 353.446805][ T8482] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in; [ 353.446805][ T8482] program syz.3.797 not setting count and/or reply_len properly [ 354.502356][ T8505] random: crng reseeded on system resumption [ 355.357519][ T8502] Bluetooth: (null): Invalid header checksum [ 355.472038][ T11] Bluetooth: (null): Invalid header checksum [ 355.488614][ T11] Bluetooth: (null): Invalid header checksum [ 355.632661][ T11] Bluetooth: (null): Invalid header checksum [ 356.421414][ T3509] Bluetooth: (null): Invalid header checksum [ 356.470889][ T3509] Bluetooth: (null): Invalid header checksum [ 356.482523][ T3509] Bluetooth: (null): Invalid header checksum [ 356.506215][ T3509] Bluetooth: (null): Invalid header checksum [ 356.529731][ T3509] Bluetooth: (null): Invalid header checksum [ 356.557767][ T3509] Bluetooth: (null): Invalid header checksum [ 356.575147][ T3509] Bluetooth: (null): Invalid header checksum [ 356.641967][ T8521] netlink: 16 bytes leftover after parsing attributes in process `syz.1.811'. [ 358.409723][ T29] audit: type=1326 audit(1731001995.542:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8534 comm="syz.0.813" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe71197e719 code=0x0 [ 358.454996][ T5852] Bluetooth: hci1: unexpected event for opcode 0x041b [ 358.545281][ T8541] dlm: Unknown command passed to DLM device : 0 [ 358.545281][ T8541] [ 360.462058][ T8561] sp0: Synchronizing with TNC [ 362.297973][ T8585] fuse: Bad value for 'rootmode' [ 362.695915][ T8570] Bluetooth: (null): Invalid header checksum [ 362.730962][ T25] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 362.790356][ T3560] Bluetooth: (null): Invalid header checksum [ 362.814299][ T3560] Bluetooth: (null): Invalid header checksum [ 362.889593][ T25] usb 1-1: Using ep0 maxpacket: 16 [ 362.901681][ T3509] Bluetooth: (null): Invalid header checksum [ 362.916294][ T25] usb 1-1: New USB device found, idVendor=0582, idProduct=00e6, bcdDevice=4e.06 [ 362.946543][ T25] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 362.969625][ T25] usb 1-1: Product: syz [ 362.973916][ T25] usb 1-1: Manufacturer: syz [ 362.998155][ T25] usb 1-1: SerialNumber: syz [ 363.011577][ T3509] Bluetooth: (null): Invalid header checksum [ 363.025488][ T25] usb 1-1: config 0 descriptor?? [ 363.119909][ T8154] Bluetooth: (null): Invalid header checksum [ 363.278837][ T6024] udevd[6024]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 363.674231][ T8594] dummy0: entered promiscuous mode [ 363.931006][ T8594] dummy0: left promiscuous mode [ 364.231746][ T9] usb 1-1: USB disconnect, device number 6 [ 364.248130][ T8609] dlm: Unknown command passed to DLM device : 0 [ 364.248130][ T8609] [ 367.591217][ T8635] netlink: 25 bytes leftover after parsing attributes in process `syz.2.844'. [ 371.666360][ T8687] netlink: 16 bytes leftover after parsing attributes in process `syz.0.860'. [ 375.122219][ T8733] netlink: 16 bytes leftover after parsing attributes in process `syz.3.875'. [ 375.934070][ T8736] dlm: Unknown command passed to DLM device : 0 [ 375.934070][ T8736] [ 376.196253][ T8743] netlink: 16 bytes leftover after parsing attributes in process `syz.2.880'. [ 376.749896][ T8751] netlink: 25 bytes leftover after parsing attributes in process `syz.3.881'. [ 378.740044][ T969] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 378.930014][ T969] usb 5-1: Using ep0 maxpacket: 32 [ 378.939043][ T969] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 378.990306][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 379.000118][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.012068][ T969] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 379.079745][ T969] usb 5-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00 [ 379.088905][ T969] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 379.162696][ T969] usb 5-1: config 0 descriptor?? [ 379.182389][ T8768] netlink: 40 bytes leftover after parsing attributes in process `syz.2.887'. [ 379.704050][ T969] usbhid 5-1:0.0: can't add hid device: -71 [ 379.710857][ T969] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 379.735954][ T969] usb 5-1: USB disconnect, device number 6 [ 380.081092][ T8780] netlink: 16 bytes leftover after parsing attributes in process `syz.0.890'. [ 381.171783][ T8791] fuse: Unknown parameter 'use00000000000000000000' [ 381.326442][ T8796] kvm: pic: non byte write [ 381.526683][ T8801] nfs: Unknown parameter 'a[l' [ 381.582054][ T5847] Bluetooth: hci4: command 0x0406 tx timeout [ 381.651595][ T9] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 381.659487][ C0] hrtimer: interrupt took 296494 ns [ 381.906921][ T9] usb 2-1: Using ep0 maxpacket: 32 [ 382.117691][ T9] usb 2-1: New USB device found, idVendor=0cf2, idProduct=6250, bcdDevice=10.ae [ 382.131394][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 382.173252][ T9] usb 2-1: Product: syz [ 382.197480][ T9] usb 2-1: Manufacturer: syz [ 382.209544][ T9] usb 2-1: SerialNumber: syz [ 382.228631][ T9] usb 2-1: config 0 descriptor?? [ 382.247205][ T9] ums_eneub6250 2-1:0.0: USB Mass Storage device detected [ 382.936034][ T8814] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 384.342538][ T8819] Bluetooth: MGMT ver 1.23 [ 384.648474][ T8822] netlink: 16 bytes leftover after parsing attributes in process `syz.2.903'. [ 384.805691][ T8828] dlm: Unknown command passed to DLM device : 0 [ 384.805691][ T8828] [ 385.192771][ T9] usb 2-1: USB disconnect, device number 7 [ 386.114155][ T8841] nfs: Unknown parameter 'a[l' [ 390.997279][ T8888] dlm: Unknown command passed to DLM device : 0 [ 390.997279][ T8888] [ 393.667210][ T8912] netlink: 25 bytes leftover after parsing attributes in process `syz.0.935'. [ 394.315047][ T8921] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in; [ 394.315047][ T8921] program syz.3.936 not setting count and/or reply_len properly [ 396.199823][ T8923] netlink: 60 bytes leftover after parsing attributes in process `syz.2.937'. [ 396.990558][ T8952] Bluetooth: (null): Invalid header checksum [ 398.759977][ T8964] netlink: 16 bytes leftover after parsing attributes in process `syz.0.950'. [ 403.004207][ T9004] sp0: Synchronizing with TNC [ 403.449981][ T9014] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in; [ 403.449981][ T9014] program syz.0.966 not setting count and/or reply_len properly [ 405.497725][ T9027] netlink: 20 bytes leftover after parsing attributes in process `syz.3.974'. [ 406.707555][ T9040] Invalid ELF header magic: != ELF [ 406.715949][ T969] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 406.930672][ T969] usb 5-1: Using ep0 maxpacket: 32 [ 407.256595][ T9043] netlink: 60 bytes leftover after parsing attributes in process `syz.1.969'. [ 407.305679][ T969] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 407.337526][ T969] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 407.367358][ T969] usb 5-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00 [ 407.425576][ T969] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 407.463118][ T969] usb 5-1: config 0 descriptor?? [ 407.869785][ T9054] sp0: Synchronizing with TNC [ 410.445733][ T969] usbhid 5-1:0.0: can't add hid device: -71 [ 410.452672][ T969] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 410.478915][ T969] usb 5-1: USB disconnect, device number 7 [ 411.153648][ T9068] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in; [ 411.153648][ T9068] program syz.0.981 not setting count and/or reply_len properly [ 412.922589][ T1325] batman_adv: batadv2: adding TT local entry 33:33:00:00:00:01 to non-existent VLAN -1 [ 414.039632][ T969] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 414.219974][ T969] usb 4-1: Using ep0 maxpacket: 32 [ 414.232262][ T969] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 415.200708][ T969] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 415.210855][ T969] usb 4-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00 [ 415.220780][ T969] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 415.234545][ T969] usb 4-1: config 0 descriptor?? [ 415.930432][ T9112] netlink: 25 bytes leftover after parsing attributes in process `syz.0.999'. [ 416.668991][ C0] raw-gadget.0 gadget.3: ignoring, device is not running [ 416.676411][ T969] usbhid 4-1:0.0: can't add hid device: -32 [ 416.684499][ T969] usbhid 4-1:0.0: probe with driver usbhid failed with error -32 [ 416.759866][ T5915] usb 4-1: USB disconnect, device number 8 [ 416.970313][ T9129] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in; [ 416.970313][ T9129] program syz.2.1003 not setting count and/or reply_len properly [ 418.299959][ T9147] random: crng reseeded on system resumption [ 420.923410][ T5887] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 421.089643][ T5887] usb 4-1: Using ep0 maxpacket: 8 [ 421.133338][ T5887] usb 4-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 421.162010][ T5887] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 421.219004][ T5887] usb 4-1: Product: syz [ 421.234821][ T5887] usb 4-1: Manufacturer: syz [ 421.259935][ T5887] usb 4-1: SerialNumber: syz [ 421.310951][ T5887] usb 4-1: config 0 descriptor?? [ 421.611899][ T5887] usb 4-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 421.747846][ T9166] netlink: 'syz.4.1017': attribute type 12 has an invalid length. [ 422.045980][ T9173] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1019'. [ 422.665143][ T9182] netlink: 25 bytes leftover after parsing attributes in process `syz.4.1020'. [ 423.740300][ T9188] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 424.341071][ T5887] dvb_usb_rtl28xxu 4-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71 [ 424.352833][ T5887] usb 4-1: USB disconnect, device number 9 [ 425.170207][ T9198] random: crng reseeded on system resumption [ 428.112986][ T9212] fuse: Bad value for 'fd' [ 428.606287][ T9222] netlink: 'syz.0.1031': attribute type 12 has an invalid length. [ 432.462580][ T9252] Bluetooth: (null): Invalid header checksum [ 435.966280][ T9274] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1047'. [ 436.870608][ T9287] warning: `syz.1.1053' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 437.129724][ T972] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 437.220415][ T9291] Bluetooth: (null): Invalid header checksum [ 437.692653][ T1325] Bluetooth: (null): Invalid header checksum [ 437.736259][ T1325] Bluetooth: (null): Invalid header checksum [ 437.742974][ T972] usb 4-1: Using ep0 maxpacket: 16 [ 437.808361][ T972] usb 4-1: New USB device found, idVendor=0582, idProduct=00e6, bcdDevice=4e.06 [ 437.823108][ T1325] Bluetooth: (null): Invalid header checksum [ 437.871567][ T972] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 437.887056][ T1325] Bluetooth: (null): Invalid header checksum [ 437.918992][ T1325] Bluetooth: (null): Invalid header checksum [ 437.960549][ T972] usb 4-1: Product: syz [ 437.991706][ T972] usb 4-1: Manufacturer: syz [ 438.050425][ T972] usb 4-1: SerialNumber: syz [ 438.066324][ T9294] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1055'. [ 438.102368][ T972] usb 4-1: config 0 descriptor?? [ 438.338700][ T972] usb 4-1: USB disconnect, device number 10 [ 438.377349][ T6024] udevd[6024]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 438.936656][ T9303] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 440.783728][ T29] audit: type=1800 audit(1731002077.852:212): pid=9315 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.3.1059" name="bus" dev="overlay" ino=1122 res=0 errno=0 [ 440.833860][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 441.161214][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 441.181331][ T9307] tipc: Started in network mode [ 441.186457][ T9307] tipc: Node identity 626e67c25553, cluster identity 4711 [ 441.590684][ T9307] tipc: Enabled bearer , priority 0 [ 441.802175][ T9304] tipc: Disabling bearer [ 441.895018][ T9319] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1062'. [ 444.154967][ T9340] Bluetooth: (null): Invalid header checksum [ 444.300670][ T8154] Bluetooth: (null): Invalid header checksum [ 444.314365][ T8154] Bluetooth: (null): Invalid header checksum [ 444.359803][ T972] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 444.830024][ T972] usb 3-1: Using ep0 maxpacket: 16 [ 444.846794][ T972] usb 3-1: New USB device found, idVendor=0582, idProduct=00e6, bcdDevice=4e.06 [ 444.857593][ T972] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 444.895161][ T972] usb 3-1: Product: syz [ 444.914836][ T972] usb 3-1: Manufacturer: syz [ 444.938764][ T972] usb 3-1: SerialNumber: syz [ 445.195758][ T972] usb 3-1: config 0 descriptor?? [ 445.258929][ T6024] udevd[6024]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 445.324056][ T972] usb 3-1: USB disconnect, device number 7 [ 445.339794][ T969] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 445.418345][ T9356] random: crng reseeded on system resumption [ 445.509617][ T969] usb 1-1: Using ep0 maxpacket: 32 [ 445.519044][ T969] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 445.552873][ T969] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 445.564317][ T969] usb 1-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00 [ 445.574753][ T969] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 445.586671][ T969] usb 1-1: config 0 descriptor?? [ 446.526136][ T969] ft260 0003:0403:6030.0003: unknown main item tag 0x0 [ 446.599811][ T969] ft260 0003:0403:6030.0003: failed to retrieve chip version [ 446.627090][ T969] ft260 0003:0403:6030.0003: probe with driver ft260 failed with error -32 [ 446.729227][ T9370] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1078'. [ 448.018120][ T5837] usb 1-1: USB disconnect, device number 7 [ 448.482019][ T9385] Bluetooth: (null): Invalid header checksum [ 448.966939][ T3509] Bluetooth: (null): Invalid header checksum [ 449.269678][ T3509] Bluetooth: (null): Invalid header checksum [ 449.276224][ T3509] Bluetooth: (null): Invalid header checksum [ 449.283942][ T3509] Bluetooth: (null): Invalid header checksum [ 449.316571][ T3509] Bluetooth: (null): Invalid header checksum [ 449.429873][ T5837] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 449.659942][ T5837] usb 5-1: Using ep0 maxpacket: 16 [ 449.692253][ T5837] usb 5-1: New USB device found, idVendor=0582, idProduct=00e6, bcdDevice=4e.06 [ 449.945642][ T5837] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 449.985062][ T5837] usb 5-1: Product: syz [ 449.989628][ T5837] usb 5-1: Manufacturer: syz [ 450.678920][ T5837] usb 5-1: SerialNumber: syz [ 450.686281][ T5837] usb 5-1: config 0 descriptor?? [ 450.730208][ T29] audit: type=1326 audit(1731002087.142:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9394 comm="syz.1.1089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f066117e719 code=0x7ffc0000 [ 451.002151][ T29] audit: type=1326 audit(1731002087.142:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9394 comm="syz.1.1089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f066117e719 code=0x7ffc0000 [ 451.499998][ T5887] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 451.710679][ T29] audit: type=1326 audit(1731002087.142:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9394 comm="syz.1.1089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=294 compat=0 ip=0x7f066117e719 code=0x7ffc0000 [ 451.722792][ T5837] usb 5-1: USB disconnect, device number 8 [ 451.823955][ T5887] usb 2-1: Using ep0 maxpacket: 16 [ 451.937657][ T5887] usb 2-1: config 0 has no interfaces? [ 451.952622][ T29] audit: type=1326 audit(1731002087.152:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9394 comm="syz.1.1089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f066117e719 code=0x7ffc0000 [ 451.975207][ T29] audit: type=1326 audit(1731002087.152:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9394 comm="syz.1.1089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f066117e719 code=0x7ffc0000 [ 451.977767][ T5887] usb 2-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40 [ 451.996864][ T29] audit: type=1326 audit(1731002087.152:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9394 comm="syz.1.1089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=254 compat=0 ip=0x7f066117e719 code=0x7ffc0000 [ 451.996911][ T29] audit: type=1326 audit(1731002087.152:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9394 comm="syz.1.1089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f066117e719 code=0x7ffc0000 [ 451.996950][ T29] audit: type=1326 audit(1731002087.152:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9394 comm="syz.1.1089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f066117e719 code=0x7ffc0000 [ 451.997149][ T29] audit: type=1326 audit(1731002088.272:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9394 comm="syz.1.1089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f066117e719 code=0x7ffc0000 [ 451.997188][ T29] audit: type=1326 audit(1731002088.272:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9394 comm="syz.1.1089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f066117e719 code=0x7ffc0000 [ 452.118847][ T5887] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 452.151699][ T5887] usb 2-1: config 0 descriptor?? [ 452.207233][ T6024] udevd[6024]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 452.541313][ T9412] random: crng reseeded on system resumption [ 453.414154][ T5915] usb 2-1: USB disconnect, device number 8 [ 453.471152][ T972] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 453.639901][ T972] usb 4-1: Using ep0 maxpacket: 8 [ 453.651558][ T972] usb 4-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a [ 453.680441][ T972] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 453.688617][ T972] usb 4-1: Product: syz [ 453.734689][ T972] usb 4-1: Manufacturer: syz [ 453.811575][ T972] usb 4-1: SerialNumber: syz [ 453.837353][ T9436] fuse: Unknown parameter '0x0000000000000007' [ 453.847149][ T972] usb 4-1: config 0 descriptor?? [ 453.859773][ T972] gspca_main: sq930x-2.14.0 probing 2770:930c [ 454.238738][ T9441] vxcan1: tx address claim with dest, not broadcast [ 454.423588][ T972] gspca_sq930x: ucbus_write failed -71 [ 454.603520][ T9446] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1106'. [ 454.809683][ T5837] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 454.980223][ T5837] usb 5-1: Using ep0 maxpacket: 16 [ 455.235862][ T5837] usb 5-1: New USB device found, idVendor=0582, idProduct=00e6, bcdDevice=4e.06 [ 455.245214][ T5837] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 455.253383][ T5837] usb 5-1: Product: syz [ 455.257603][ T5837] usb 5-1: Manufacturer: syz [ 455.263963][ T5837] usb 5-1: SerialNumber: syz [ 455.271014][ T5837] usb 5-1: config 0 descriptor?? [ 455.447063][ T972] gspca_sq930x: Unknown sensor [ 455.452266][ T972] sq930x 4-1:0.0: probe with driver sq930x failed with error -22 [ 455.521180][ T972] usb 4-1: USB disconnect, device number 11 [ 455.565395][ T9443] team0: entered promiscuous mode [ 455.628960][ T9443] team_slave_0: entered promiscuous mode [ 455.688143][ T5841] udevd[5841]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 455.688824][ T9443] team_slave_1: entered promiscuous mode [ 455.753531][ T9443] dummy0: entered promiscuous mode [ 455.769240][ T9443] hsr1: Slave A (team0) is not up; please bring it up to get a fully working HSR network [ 455.882208][ T5837] usb 5-1: USB disconnect, device number 9 [ 455.896123][ T9464] netlink: 'syz.1.1113': attribute type 12 has an invalid length. [ 456.050291][ T972] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 456.221058][ T972] usb 3-1: New USB device found, idVendor=1d50, idProduct=606f, bcdDevice=9f.d4 [ 456.251744][ T972] usb 3-1: New USB device strings: Mfr=188, Product=0, SerialNumber=0 [ 456.280174][ T972] usb 3-1: Manufacturer: syz [ 456.293070][ T972] usb 3-1: config 0 descriptor?? [ 456.914707][ T9474] random: crng reseeded on system resumption [ 457.058934][ T972] gs_usb 3-1:0.0: Configuring for 1 interfaces [ 457.448025][ T9480] fuse: Unknown parameter '0xffffffffffffffff' [ 457.766193][ T972] gs_usb 3-1:0.0: Disabling termination support for channel 0 (-EPIPE) [ 457.790267][ T972] gs_usb 3-1:0.0: Couldn't register candev for channel 0 (-EINVAL) [ 457.824798][ T972] gs_usb 3-1:0.0: probe with driver gs_usb failed with error -22 [ 458.004485][ T5915] usb 3-1: USB disconnect, device number 8 [ 458.703566][ T5887] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 459.281919][ T9494] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1124'. [ 459.309528][ T5887] usb 1-1: Using ep0 maxpacket: 8 [ 459.446696][ T9500] vlan2: entered promiscuous mode [ 459.675789][ T9502] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1124'. [ 459.954476][ T5887] usb 1-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a [ 459.967326][ T5887] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 459.978330][ T5887] usb 1-1: Product: syz [ 460.035494][ T5887] usb 1-1: Manufacturer: syz [ 460.079694][ T9512] vxcan1: tx address claim with dest, not broadcast [ 460.097041][ T5887] usb 1-1: SerialNumber: syz [ 460.391847][ T5887] usb 1-1: config 0 descriptor?? [ 460.906377][ T5889] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 460.953874][ T5887] gspca_main: sq930x-2.14.0 probing 2770:930c [ 461.234721][ T9520] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1131'. [ 461.382897][ T5887] gspca_sq930x: ucbus_write failed -71 [ 461.409593][ T5889] usb 3-1: Using ep0 maxpacket: 16 [ 461.435186][ T5889] usb 3-1: New USB device found, idVendor=0582, idProduct=00e6, bcdDevice=4e.06 [ 461.449810][ T5889] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 461.468613][ T5889] usb 3-1: Product: syz [ 461.473106][ T5889] usb 3-1: Manufacturer: syz [ 461.477926][ T5889] usb 3-1: SerialNumber: syz [ 461.490380][ T5889] usb 3-1: config 0 descriptor?? [ 461.634935][ T9529] netlink: 208 bytes leftover after parsing attributes in process `syz.3.1133'. [ 462.259716][ T5887] gspca_sq930x: Unknown sensor [ 462.271829][ T5887] sq930x 1-1:0.0: probe with driver sq930x failed with error -22 [ 462.405490][ T5887] usb 1-1: USB disconnect, device number 8 [ 462.452915][ T5889] usb 3-1: USB disconnect, device number 9 [ 462.522526][ T9531] random: crng reseeded on system resumption [ 462.671601][ T6024] udevd[6024]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 463.995292][ T9545] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1138'. [ 465.409280][ T9561] fuse: Unknown parameter 'grou00000000000000000000' [ 467.490836][ T5887] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 467.530042][ T9557] dlm: Unknown command passed to DLM device : 0 [ 467.530042][ T9557] [ 467.601708][ T9578] netlink: 'syz.0.1151': attribute type 12 has an invalid length. [ 467.669613][ T5887] usb 2-1: Using ep0 maxpacket: 8 [ 467.689763][ T5887] usb 2-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a [ 467.709676][ T5887] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 467.717763][ T5887] usb 2-1: Product: syz [ 467.735113][ T5887] usb 2-1: Manufacturer: syz [ 467.744413][ T5887] usb 2-1: SerialNumber: syz [ 468.429940][ T5887] usb 2-1: config 0 descriptor?? [ 468.442985][ T5887] gspca_main: sq930x-2.14.0 probing 2770:930c [ 468.853205][ T5887] gspca_sq930x: ucbus_write failed -71 [ 469.069643][ T5887] gspca_sq930x: Sensor ov9630 not yet treated [ 469.076380][ T5887] sq930x 2-1:0.0: probe with driver sq930x failed with error -22 [ 469.152850][ T5887] usb 2-1: USB disconnect, device number 9 [ 469.716430][ T9598] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in; [ 469.716430][ T9598] program syz.2.1157 not setting count and/or reply_len properly [ 469.882360][ T9604] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1160'. [ 469.928000][ T9604] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1160'. [ 470.019573][ T8] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 470.189893][ T8] usb 4-1: Using ep0 maxpacket: 32 [ 470.199380][ T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 470.222910][ T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 470.265860][ T8] usb 4-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00 [ 470.287422][ T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 470.386797][ T8] usb 4-1: config 0 descriptor?? [ 470.486383][ T9615] tmpfs: Cannot enable swap on remount if it was disabled on first mount [ 470.824553][ T8] ft260 0003:0403:6030.0004: unknown main item tag 0x0 [ 471.102925][ T8] ft260 0003:0403:6030.0004: failed to retrieve chip version [ 471.114093][ T9622] vxcan1: tx address claim with dest, not broadcast [ 471.229088][ T8] ft260 0003:0403:6030.0004: probe with driver ft260 failed with error -5 [ 472.261897][ T5887] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 472.429968][ T5887] usb 1-1: Using ep0 maxpacket: 8 [ 472.439232][ T5887] usb 1-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a [ 472.451080][ T5887] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 472.569863][ T9644] netlink: 208 bytes leftover after parsing attributes in process `syz.4.1174'. [ 473.312675][ T5887] usb 1-1: Product: syz [ 473.317422][ T5887] usb 1-1: Manufacturer: syz [ 473.322311][ T5887] usb 1-1: SerialNumber: syz [ 473.329538][ T5887] usb 1-1: config 0 descriptor?? [ 473.338177][ T972] usb 4-1: USB disconnect, device number 12 [ 473.340242][ T5887] gspca_main: sq930x-2.14.0 probing 2770:930c [ 473.968205][ T5887] gspca_sq930x: ucbus_write failed -71 [ 473.976785][ T9656] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in; [ 473.976785][ T9656] program syz.2.1176 not setting count and/or reply_len properly [ 474.209623][ T5887] gspca_sq930x: Sensor ov9630 not yet treated [ 474.217213][ T5887] sq930x 1-1:0.0: probe with driver sq930x failed with error -22 [ 474.231638][ T5887] usb 1-1: USB disconnect, device number 9 [ 476.162503][ T9683] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1184'. [ 476.657641][ T9688] netlink: 208 bytes leftover after parsing attributes in process `syz.3.1187'. [ 477.168882][ T9693] random: crng reseeded on system resumption [ 478.324772][ T9709] fuse: Bad value for 'fd' [ 478.639181][ T9699] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in; [ 478.639181][ T9699] program syz.3.1192 not setting count and/or reply_len properly [ 481.650078][ T9751] vxcan1: tx address claim with dest, not broadcast [ 482.649847][ T9758] random: crng reseeded on system resumption [ 483.860647][ T9774] kvm: emulating exchange as write [ 484.023225][ T29] kauditd_printk_skb: 33 callbacks suppressed [ 484.071883][ T29] audit: type=1326 audit(1731002121.122:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9772 comm="syz.1.1216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f066117e719 code=0x7ffc0000 [ 484.128527][ T29] audit: type=1326 audit(1731002121.122:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9772 comm="syz.1.1216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f066117e719 code=0x7ffc0000 [ 484.150108][ C1] vkms_vblank_simulate: vblank timer overrun [ 484.156674][ T29] audit: type=1326 audit(1731002121.122:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9772 comm="syz.1.1216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=294 compat=0 ip=0x7f066117e719 code=0x7ffc0000 [ 484.178800][ T29] audit: type=1326 audit(1731002121.122:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9772 comm="syz.1.1216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f066117e719 code=0x7ffc0000 [ 484.200361][ C1] vkms_vblank_simulate: vblank timer overrun [ 484.207217][ T29] audit: type=1326 audit(1731002121.132:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9772 comm="syz.1.1216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f066117e719 code=0x7ffc0000 [ 484.248901][ T29] audit: type=1326 audit(1731002121.132:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9772 comm="syz.1.1216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=254 compat=0 ip=0x7f066117e719 code=0x7ffc0000 [ 484.276378][ T29] audit: type=1326 audit(1731002121.132:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9772 comm="syz.1.1216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f066117e719 code=0x7ffc0000 [ 484.299209][ C1] vkms_vblank_simulate: vblank timer overrun [ 484.338661][ T29] audit: type=1326 audit(1731002121.132:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9772 comm="syz.1.1216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f066117e719 code=0x7ffc0000 [ 484.727115][ T29] audit: type=1326 audit(1731002121.142:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9772 comm="syz.1.1216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f066117e719 code=0x7ffc0000 [ 484.748899][ C1] vkms_vblank_simulate: vblank timer overrun [ 484.885682][ T29] audit: type=1326 audit(1731002121.152:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9772 comm="syz.1.1216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f066117e719 code=0x7ffc0000 [ 485.778909][ T972] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 486.038400][ T972] usb 2-1: Using ep0 maxpacket: 16 [ 486.052953][ T972] usb 2-1: config 0 has no interfaces? [ 486.058631][ T972] usb 2-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40 [ 486.070907][ T972] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 486.254352][ T972] usb 2-1: config 0 descriptor?? [ 486.334922][ T9798] vxcan1: tx address claim with dest, not broadcast [ 487.326055][ T5889] usb 2-1: USB disconnect, device number 10 [ 487.783652][ T9813] random: crng reseeded on system resumption [ 488.554687][ T9825] evm: overlay not supported [ 490.077783][ T29] kauditd_printk_skb: 6 callbacks suppressed [ 490.077809][ T29] audit: type=1326 audit(1731002126.402:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9830 comm="syz.4.1233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe33a97e719 code=0x7ffc0000 [ 490.149540][ T29] audit: type=1326 audit(1731002126.402:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9830 comm="syz.4.1233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe33a97e719 code=0x7ffc0000 [ 490.199583][ T29] audit: type=1326 audit(1731002126.402:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9830 comm="syz.4.1233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=294 compat=0 ip=0x7fe33a97e719 code=0x7ffc0000 [ 490.225256][ T29] audit: type=1326 audit(1731002126.402:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9830 comm="syz.4.1233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe33a97e719 code=0x7ffc0000 [ 490.313848][ T29] audit: type=1326 audit(1731002126.402:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9830 comm="syz.4.1233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe33a97e719 code=0x7ffc0000 [ 490.429716][ T29] audit: type=1326 audit(1731002126.402:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9830 comm="syz.4.1233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=254 compat=0 ip=0x7fe33a97e719 code=0x7ffc0000 [ 490.497248][ T29] audit: type=1326 audit(1731002126.412:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9830 comm="syz.4.1233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe33a97e719 code=0x7ffc0000 [ 490.649376][ T29] audit: type=1326 audit(1731002126.412:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9830 comm="syz.4.1233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe33a97e719 code=0x7ffc0000 [ 490.786951][ T9840] vxcan1: tx address claim with dest, not broadcast [ 490.849265][ T29] audit: type=1326 audit(1731002126.412:280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9830 comm="syz.4.1233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe33a97e719 code=0x7ffc0000 [ 490.947364][ T29] audit: type=1326 audit(1731002126.412:281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9830 comm="syz.4.1233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe33a97e719 code=0x7ffc0000 [ 491.333006][ T25] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 493.096991][ T25] usb 5-1: device not accepting address 10, error -71 [ 493.469674][ T25] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 493.639747][ T25] usb 5-1: Using ep0 maxpacket: 16 [ 493.665862][ T25] usb 5-1: New USB device found, idVendor=0582, idProduct=00e6, bcdDevice=4e.06 [ 493.699496][ T25] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 493.718041][ T9872] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1240'. [ 493.761808][ T25] usb 5-1: Product: syz [ 494.008150][ T25] usb 5-1: Manufacturer: syz [ 494.013399][ T25] usb 5-1: SerialNumber: syz [ 494.483655][ T9874] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in; [ 494.483655][ T9874] program syz.1.1245 not setting count and/or reply_len properly [ 494.507445][ T25] usb 5-1: config 0 descriptor?? [ 494.706623][ T6024] udevd[6024]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 495.018047][ T9885] vxcan1: tx address claim with dest, not broadcast [ 495.278492][ T5837] usb 5-1: USB disconnect, device number 11 [ 497.429781][ T9914] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in; [ 497.429781][ T9914] program syz.1.1258 not setting count and/or reply_len properly [ 497.948086][ T9926] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1260'. [ 498.663188][ T9932] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1263'. [ 498.765673][ T9936] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 499.570465][ T9936] netlink: 'syz.3.1262': attribute type 2 has an invalid length. [ 499.578275][ T9936] netlink: 'syz.3.1262': attribute type 8 has an invalid length. [ 499.586437][ T9936] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1262'. [ 499.660390][ T9937] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1263'. [ 499.811746][ T9942] vxcan1: tx address claim with dest, not broadcast [ 500.910558][ T969] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 501.363321][ T969] usb 4-1: Using ep0 maxpacket: 16 [ 501.384929][ T969] usb 4-1: New USB device found, idVendor=0582, idProduct=00e6, bcdDevice=4e.06 [ 501.395339][ T969] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 501.428028][ T969] usb 4-1: Product: syz [ 501.439495][ T969] usb 4-1: Manufacturer: syz [ 501.454627][ T969] usb 4-1: SerialNumber: syz [ 502.060261][ T969] usb 4-1: config 0 descriptor?? [ 502.074850][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 502.301813][ T6024] udevd[6024]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 502.334467][ T9941] team0: entered promiscuous mode [ 502.346092][ T9941] team_slave_0: entered promiscuous mode [ 502.352843][ T9941] team_slave_1: entered promiscuous mode [ 502.407448][ T9941] dummy0: entered promiscuous mode [ 502.417215][ T9941] debugfs: Directory 'hsr1' with parent 'hsr' already present! [ 502.445508][ T9941] Cannot create hsr debugfs directory [ 502.472020][ T969] usb 4-1: USB disconnect, device number 13 [ 502.561651][ T9968] netlink: 'syz.1.1273': attribute type 12 has an invalid length. [ 504.896806][ T9997] netlink: 208 bytes leftover after parsing attributes in process `syz.3.1281'. [ 506.618157][T10009] netlink: 'syz.3.1286': attribute type 12 has an invalid length. [ 507.037001][T10018] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 508.262210][T10028] netlink: 208 bytes leftover after parsing attributes in process `syz.3.1292'. [ 508.628490][T10035] vlan2: entered promiscuous mode [ 509.528670][T10048] fuse: Bad value for 'user_id' [ 509.533753][T10048] fuse: Bad value for 'user_id' [ 512.157783][T10068] netlink: 208 bytes leftover after parsing attributes in process `syz.3.1306'. [ 512.344733][T10074] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1308'. [ 514.197489][T10107] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1318'. [ 514.689773][T10111] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1321'. [ 516.572222][T10131] dlm: Unknown command passed to DLM device : 0 [ 516.572222][T10131] [ 516.921840][T10138] vxcan1: tx address claim with dest, not broadcast [ 519.383910][T10161] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 520.435121][T10179] netlink: 'syz.0.1344': attribute type 12 has an invalid length. [ 521.129699][T10185] netlink: 25 bytes leftover after parsing attributes in process `syz.2.1345'. [ 521.622723][T10187] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in; [ 521.622723][T10187] program syz.0.1346 not setting count and/or reply_len properly [ 523.052422][T10196] dlm: Unknown command passed to DLM device : 0 [ 523.052422][T10196] [ 524.949605][T10217] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1355'. [ 528.458299][T10237] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in; [ 528.458299][T10237] program syz.2.1359 not setting count and/or reply_len properly [ 529.733102][T10246] vxcan1: tx address claim with dest, not broadcast [ 530.647394][T10252] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1368'. [ 532.054838][T10261] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1367'. [ 532.231526][T10263] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1371'. [ 532.269571][T10263] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1371'. [ 532.469139][T10269] process 'syz.1.1374' launched './file1' with NULL argv: empty string added [ 532.626031][T10272] vlan2: entered promiscuous mode [ 532.911330][ T29] kauditd_printk_skb: 5 callbacks suppressed [ 532.911352][ T29] audit: type=1326 audit(1731002170.052:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10275 comm="syz.2.1376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f012537e719 code=0x7ffc0000 [ 532.987397][ T29] audit: type=1326 audit(1731002170.102:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10275 comm="syz.2.1376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f012537e719 code=0x7ffc0000 [ 533.082058][ T29] audit: type=1326 audit(1731002170.102:289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10275 comm="syz.2.1376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=86 compat=0 ip=0x7f012537e719 code=0x7ffc0000 [ 533.163849][ T29] audit: type=1326 audit(1731002170.102:290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10275 comm="syz.2.1376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f012537e719 code=0x7ffc0000 [ 533.237640][ T29] audit: type=1326 audit(1731002170.102:291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10275 comm="syz.2.1376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f012537e719 code=0x7ffc0000 [ 534.098902][T10278] dlm: Unknown command passed to DLM device : 0 [ 534.098902][T10278] [ 535.786606][T10316] netlink: 25 bytes leftover after parsing attributes in process `syz.2.1386'. [ 536.369120][T10315] vlan2: entered promiscuous mode [ 537.034449][T10325] netlink: 'syz.2.1389': attribute type 29 has an invalid length. [ 541.449696][ T5837] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 541.542881][T10368] netlink: 'syz.0.1403': attribute type 29 has an invalid length. [ 541.928633][ T5837] usb 2-1: Using ep0 maxpacket: 16 [ 542.249659][ T5837] usb 2-1: New USB device found, idVendor=0582, idProduct=00e6, bcdDevice=4e.06 [ 542.271978][ T5837] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 542.309743][ T5837] usb 2-1: Product: syz [ 542.313985][ T5837] usb 2-1: Manufacturer: syz [ 542.318619][ T5837] usb 2-1: SerialNumber: syz [ 542.582432][ T5837] usb 2-1: config 0 descriptor?? [ 544.258852][T10363] team0: entered promiscuous mode [ 544.339915][T10363] team_slave_0: entered promiscuous mode [ 544.409920][T10363] team_slave_1: entered promiscuous mode [ 545.457408][ T6024] udevd[6024]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 545.578570][T10363] dummy0: entered promiscuous mode [ 545.615561][T10363] debugfs: Directory 'hsr1' with parent 'hsr' already present! [ 545.633549][T10363] Cannot create hsr debugfs directory [ 546.641622][ T5837] usb 2-1: USB disconnect, device number 11 [ 549.055118][T10430] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1421'. [ 549.153620][T10430] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1421'. [ 549.189527][ T5837] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 550.029495][ T5837] usb 2-1: Using ep0 maxpacket: 32 [ 550.123224][ T5837] usb 2-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 550.134492][ T5837] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xE3, changing to 0x83 [ 550.147362][ T5837] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid maxpacket 33307, setting to 1024 [ 550.159976][ T5837] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 1024 [ 550.188535][ T5837] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 550.198949][ T5837] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0 [ 550.247222][ T5837] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 550.275325][ T5837] usb 2-1: config 0 interface 0 altsetting 0 has 5 endpoint descriptors, different from the interface descriptor's value: 4 [ 550.348839][ T5837] usb 2-1: New USB device found, idVendor=0572, idProduct=cafe, bcdDevice=55.01 [ 550.365487][ T5837] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 550.418710][ T5837] usb 2-1: Product: syz [ 550.449826][ T5837] usb 2-1: Manufacturer: syz [ 550.454622][ T5837] usb 2-1: SerialNumber: syz [ 550.506308][ T5837] usb 2-1: config 0 descriptor?? [ 550.553467][T10423] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 550.599677][ T969] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 550.749745][ T969] usb 4-1: Using ep0 maxpacket: 16 [ 550.775023][ T969] usb 4-1: New USB device found, idVendor=0582, idProduct=00e6, bcdDevice=4e.06 [ 550.800199][ T969] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 550.838759][ T969] usb 4-1: Product: syz [ 550.848813][ T969] usb 4-1: Manufacturer: syz [ 550.867439][ T969] usb 4-1: SerialNumber: syz [ 550.885316][ T5837] cxacru 2-1:0.0: submit of read urb for cm 0x90 failed (-8) [ 550.930941][ T969] usb 4-1: config 0 descriptor?? [ 551.096236][T10460] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in; [ 551.096236][T10460] program syz.4.1431 not setting count and/or reply_len properly [ 551.218894][T10459] cxacru 2-1:0.0: Direct firmware load for cxacru-fw.bin failed with error -2 [ 551.238222][T10463] netlink: 'syz.2.1432': attribute type 1 has an invalid length. [ 551.239628][T10459] cxacru 2-1:0.0: Falling back to sysfs fallback for: cxacru-fw.bin [ 551.271475][ T5837] usb 2-1: USB disconnect, device number 12 [ 551.349870][T10463] IPv6: Can't replace route, no match found [ 551.559925][ T6024] udevd[6024]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 551.794586][ T5882] usb 4-1: USB disconnect, device number 14 [ 552.754879][T10482] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1437'. [ 556.299965][ T5882] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 556.970430][ T5882] usb 4-1: Using ep0 maxpacket: 16 [ 557.052041][ T5882] usb 4-1: New USB device found, idVendor=0582, idProduct=00e6, bcdDevice=4e.06 [ 557.052183][ T5882] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 557.052280][ T5882] usb 4-1: Product: syz [ 557.052368][ T5882] usb 4-1: Manufacturer: syz [ 557.052455][ T5882] usb 4-1: SerialNumber: syz [ 557.101493][ T5882] usb 4-1: config 0 descriptor?? [ 557.267507][T10516] tty tty23: ldisc open failed (-12), clearing slot 22 [ 557.426676][T10524] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1452'. [ 557.847293][ T5882] usb 4-1: USB disconnect, device number 15 [ 558.100818][ T6024] udevd[6024]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 559.515181][T10559] netlink: 624 bytes leftover after parsing attributes in process `syz.0.1461'. [ 561.363076][T10591] netlink: 208 bytes leftover after parsing attributes in process `syz.1.1469'. [ 563.273841][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 565.415362][ T5882] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 565.617042][ T5882] usb 5-1: unable to get BOS descriptor or descriptor too short [ 565.708649][ T5882] usb 5-1: config 3 has an invalid interface number: 19 but max is 0 [ 565.858238][ T5882] usb 5-1: config 3 has an invalid interface number: 4 but max is 0 [ 566.019695][ T5882] usb 5-1: config 3 has 2 interfaces, different from the descriptor's value: 1 [ 566.062765][ T5882] usb 5-1: config 3 has no interface number 0 [ 566.069015][ T5882] usb 5-1: config 3 has no interface number 1 [ 566.075594][ T5882] usb 5-1: config 3 interface 19 altsetting 9 endpoint 0x6 has invalid maxpacket 1040, setting to 64 [ 566.087261][ T5882] usb 5-1: config 3 interface 19 altsetting 9 has 2 endpoint descriptors, different from the interface descriptor's value: 4 [ 566.100725][ T5882] usb 5-1: too many endpoints for config 3 interface 4 altsetting 131: 175, using maximum allowed: 30 [ 566.114002][ T5882] usb 5-1: config 3 interface 4 altsetting 131 bulk endpoint 0x8E has invalid maxpacket 32 [ 566.124381][ T5882] usb 5-1: config 3 interface 4 altsetting 131 endpoint 0xC has invalid wMaxPacketSize 0 [ 566.134314][ T5882] usb 5-1: config 3 interface 4 altsetting 131 bulk endpoint 0xC has invalid maxpacket 0 [ 566.144717][ T5882] usb 5-1: config 3 interface 4 altsetting 131 has 2 endpoint descriptors, different from the interface descriptor's value: 175 [ 566.150995][T10616] syz.2.1476 (10616): drop_caches: 2 [ 566.160946][ T5882] usb 5-1: config 3 interface 19 has no altsetting 0 [ 566.160988][ T5882] usb 5-1: config 3 interface 4 has no altsetting 0 [ 567.758254][ T5882] usb 5-1: string descriptor 0 read error: -71 [ 567.765578][ T5882] usb 5-1: New USB device found, idVendor=067b, idProduct=2303, bcdDevice=13.f5 [ 567.778487][ T5882] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 567.951299][ T5882] usb 5-1: can't set config #3, error -71 [ 567.958824][ T5882] usb 5-1: USB disconnect, device number 12 [ 569.025805][ T969] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 569.246798][ T969] usb 3-1: Using ep0 maxpacket: 16 [ 569.347186][ T969] usb 3-1: New USB device found, idVendor=0582, idProduct=00e6, bcdDevice=4e.06 [ 569.358395][ T969] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 569.369444][ T969] usb 3-1: Product: syz [ 569.379261][ T969] usb 3-1: Manufacturer: syz [ 569.386222][ T969] usb 3-1: SerialNumber: syz [ 569.471321][ T969] usb 3-1: config 0 descriptor?? [ 569.685315][ T6024] udevd[6024]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 569.760481][ T972] usb 3-1: USB disconnect, device number 10 [ 572.042790][T10672] trusted_key: syz.2.1492 sent an empty control message without MSG_MORE. [ 580.133081][T10730] ipvlan2: entered promiscuous mode [ 580.139180][T10730] 8021q: adding VLAN 0 to HW filter on device ipvlan2 [ 583.367624][T10762] fuse: Unknown parameter 'use00000000000000000000' [ 584.619883][T10774] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1520'. [ 584.676694][T10776] overlayfs: failed to resolve './file1': -2 [ 585.710628][T10785] Bluetooth: (null): Invalid header checksum [ 588.729683][T10802] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1526'. [ 590.921620][T10822] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in; [ 590.921620][T10822] program syz.3.1530 not setting count and/or reply_len properly [ 591.293860][ T5847] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 591.306673][ T5847] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 591.316938][ T5847] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 591.329251][ T5847] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 591.457060][ T5847] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 591.478168][ T5847] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 591.963519][T10831] Bluetooth: (null): Invalid header checksum [ 592.209455][ T6416] Bluetooth: (null): Invalid header checksum [ 592.223277][ T6416] Bluetooth: (null): Invalid header checksum [ 592.251211][ T6416] Bluetooth: (null): Invalid header checksum [ 592.307954][ T6416] Bluetooth: (null): Invalid header checksum [ 592.423247][ T53] Bluetooth: (null): Invalid header checksum [ 593.210406][ T8153] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 593.646176][ T5847] Bluetooth: hci5: command tx timeout [ 593.990472][ T29] audit: type=1326 audit(1731002231.112:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10846 comm="syz.1.1542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f066117e719 code=0x7ffc0000 [ 594.098479][ T8153] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 594.308434][T10825] chnl_net:caif_netlink_parms(): no params data found [ 594.393158][ T29] audit: type=1326 audit(1731002231.112:293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10846 comm="syz.1.1542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f066117e719 code=0x7ffc0000 [ 594.755277][ T29] audit: type=1326 audit(1731002231.112:294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10846 comm="syz.1.1542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=294 compat=0 ip=0x7f066117e719 code=0x7ffc0000 [ 594.780935][ T29] audit: type=1326 audit(1731002231.112:295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10846 comm="syz.1.1542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f066117e719 code=0x7ffc0000 [ 594.805397][ T29] audit: type=1326 audit(1731002231.112:296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10846 comm="syz.1.1542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f066117e719 code=0x7ffc0000 [ 594.906512][ T29] audit: type=1326 audit(1731002231.112:297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10846 comm="syz.1.1542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=254 compat=0 ip=0x7f066117e719 code=0x7ffc0000 [ 594.940149][ T29] audit: type=1326 audit(1731002231.112:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10846 comm="syz.1.1542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f066117e719 code=0x7ffc0000 [ 594.962915][ T29] audit: type=1326 audit(1731002231.112:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10846 comm="syz.1.1542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f066117e719 code=0x7ffc0000 [ 594.986607][ T29] audit: type=1326 audit(1731002231.112:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10846 comm="syz.1.1542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f066117e719 code=0x7ffc0000 [ 595.012068][ T29] audit: type=1326 audit(1731002231.112:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10846 comm="syz.1.1542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f066117e719 code=0x7ffc0000 [ 595.014483][ T8153] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 595.354153][ T8153] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 595.551018][T10825] bridge0: port 1(bridge_slave_0) entered blocking state [ 595.615306][T10825] bridge0: port 1(bridge_slave_0) entered disabled state [ 595.622928][T10825] bridge_slave_0: entered allmulticast mode [ 595.633099][T10825] bridge_slave_0: entered promiscuous mode [ 595.642046][T10825] bridge0: port 2(bridge_slave_1) entered blocking state [ 595.650373][T10825] bridge0: port 2(bridge_slave_1) entered disabled state [ 595.658227][T10825] bridge_slave_1: entered allmulticast mode [ 595.666939][T10825] bridge_slave_1: entered promiscuous mode [ 595.767306][ T5847] Bluetooth: hci5: command tx timeout [ 595.844830][T10825] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 595.911686][T10825] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 596.005744][T10867] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1544'. [ 596.928375][T10875] netlink: 208 bytes leftover after parsing attributes in process `syz.4.1549'. [ 597.819938][ T5847] Bluetooth: hci5: command tx timeout [ 598.415271][T10825] team0: Port device team_slave_0 added [ 598.444390][ T8153] bridge_slave_1: left allmulticast mode [ 598.476126][ T8153] bridge_slave_1: left promiscuous mode [ 598.513835][ T8153] bridge0: port 2(bridge_slave_1) entered disabled state [ 598.598197][ T8153] bridge_slave_0: left allmulticast mode [ 598.619039][ T8153] bridge_slave_0: left promiscuous mode [ 598.658786][ T8153] bridge0: port 1(bridge_slave_0) entered disabled state [ 599.916973][ T5847] Bluetooth: hci5: command tx timeout [ 602.285406][T10913] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1558'. [ 603.550234][ T8153] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 603.653698][ T8153] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 603.723906][ T8153] bond0 (unregistering): Released all slaves [ 603.830148][T10825] team0: Port device team_slave_1 added [ 605.055040][T10825] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 605.064528][T10825] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 605.169520][T10825] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 605.394082][T10825] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 605.420301][T10825] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 605.519591][T10825] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 605.839671][T10825] hsr_slave_0: entered promiscuous mode [ 605.880621][T10825] hsr_slave_1: entered promiscuous mode [ 605.920305][T10825] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 605.948860][T10825] Cannot create hsr debugfs directory [ 606.123217][ T8153] hsr_slave_0: left promiscuous mode [ 606.151182][ T8153] hsr_slave_1: left promiscuous mode [ 606.183821][ T8153] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 606.209755][ T8153] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 606.269618][ T8153] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 606.278099][ T8153] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 606.365100][ T8153] veth1_macvtap: left promiscuous mode [ 606.380201][ T8153] veth0_macvtap: left promiscuous mode [ 606.393283][ T8153] veth1_vlan: left promiscuous mode [ 606.406341][ T8153] veth0_vlan: left promiscuous mode [ 607.436631][T10971] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1571'. [ 608.050690][T10973] fuse: Bad value for 'fd' [ 609.108860][T10985] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1574'. [ 611.411004][T10996] overlayfs: failed to resolve './file0': -2 [ 611.560306][ T5205] udevd[5205]: worker [5841] /devices/platform/dummy_hcd.1/usb2/2-1 is taking a long time [ 612.240203][ T8] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 612.426198][ T8] usb 5-1: Using ep0 maxpacket: 16 [ 612.440916][ T8] usb 5-1: New USB device found, idVendor=0582, idProduct=00e6, bcdDevice=4e.06 [ 612.459622][ T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 612.500606][ T8] usb 5-1: Product: syz [ 612.505385][ T8] usb 5-1: Manufacturer: syz [ 612.515928][ T8] usb 5-1: SerialNumber: syz [ 612.558507][ T8] usb 5-1: config 0 descriptor?? [ 612.645099][ T6024] udevd[6024]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 613.197604][ T8] usb 5-1: USB disconnect, device number 13 [ 614.262400][T10825] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 614.301544][T11019] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1584'. [ 614.479842][T10459] cxacru 2-1:0.0: firmware (cxacru-fw.bin) unavailable (system misconfigured?) [ 614.561001][T10825] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 614.961329][T10825] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 615.038863][T10825] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 615.246586][T11038] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1589'. [ 615.262384][ T8153] IPVS: stop unused estimator thread 0... [ 615.354773][T11041] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1589'. [ 615.592640][T10825] 8021q: adding VLAN 0 to HW filter on device bond0 [ 615.778163][T10825] 8021q: adding VLAN 0 to HW filter on device team0 [ 615.865500][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 615.872830][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 616.523239][ T1325] bridge0: port 2(bridge_slave_1) entered blocking state [ 616.530517][ T1325] bridge0: port 2(bridge_slave_1) entered forwarding state [ 617.029973][T10579] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 617.219810][T10579] usb 4-1: Using ep0 maxpacket: 32 [ 617.244375][T10825] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 617.247663][T10579] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 617.293276][T10579] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 617.324144][T10579] usb 4-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00 [ 617.360690][T10579] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 617.398029][T10579] usb 4-1: config 0 descriptor?? [ 617.862238][T10579] ft260 0003:0403:6030.0005: unknown main item tag 0x0 [ 618.059513][T10579] ft260 0003:0403:6030.0005: chip code: 6424 8183 [ 618.261462][T10579] ft260 0003:0403:6030.0005: failed to retrieve system status [ 618.327800][T10579] ft260 0003:0403:6030.0005: probe with driver ft260 failed with error -5 [ 618.592673][T10825] veth0_vlan: entered promiscuous mode [ 618.980759][T10825] veth1_vlan: entered promiscuous mode [ 619.161389][ T9721] usb 4-1: USB disconnect, device number 16 [ 619.246586][T10825] veth0_macvtap: entered promiscuous mode [ 619.280410][T10825] veth1_macvtap: entered promiscuous mode [ 619.368237][T10825] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 619.426368][T10825] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 619.513588][T10825] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 619.719550][T10825] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 619.742802][T10825] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 620.194644][T10825] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 620.244240][T10825] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 620.319544][T10825] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 620.363161][T10825] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 620.392229][ T9721] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 620.449253][T10825] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 620.479743][T10825] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 620.500109][T10825] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 620.516904][T10825] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 620.579647][T10825] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 620.611427][T10825] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 620.655067][T10825] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 620.689865][T10825] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 620.723856][T10825] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 620.808239][T10825] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 620.847437][T10825] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 620.884882][T10825] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 620.916622][T10825] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 620.951211][ T9721] usb 4-1: Using ep0 maxpacket: 8 [ 621.223367][ T9721] usb 4-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 621.232594][ T9721] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 621.240758][ T9721] usb 4-1: Product: syz [ 621.244967][ T9721] usb 4-1: Manufacturer: syz [ 621.249850][ T9721] usb 4-1: SerialNumber: syz [ 621.262084][ T9721] usb 4-1: config 0 descriptor?? [ 621.731548][ T9721] usb 4-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 621.981489][ T1325] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 622.029607][ T1325] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 622.231980][ T8154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 622.269781][ T8154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 622.443929][T11133] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1602'. [ 624.331026][T11158] sctp: [Deprecated]: syz.4.1608 (pid 11158) Use of struct sctp_assoc_value in delayed_ack socket option. [ 624.331026][T11158] Use struct sctp_sack_info instead [ 624.474075][ T9721] dvb_usb_rtl28xxu 4-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71 [ 624.742445][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.750476][ T9721] usb 4-1: USB disconnect, device number 17 [ 625.672697][T11178] netlink: 'syz.5.1614': attribute type 2 has an invalid length. [ 625.820058][T11181] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1613'. [ 627.009573][T11184] infiniband syz1: set down [ 627.022533][T11184] infiniband syz1: added ipvlan1 [ 627.125498][T11184] RDS/IB: syz1: added [ 627.130785][T11184] smc: adding ib device syz1 with port count 1 [ 627.137551][T11184] smc: ib device syz1 port 1 has pnetid [ 627.386485][T11209] netlink: 'syz.4.1622': attribute type 12 has an invalid length. [ 627.480614][T11215] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1625'. [ 628.389467][T11229] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1627'. [ 630.149987][T11247] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1629'. [ 631.110435][T11258] netlink: 'syz.3.1635': attribute type 12 has an invalid length. [ 631.337004][T11264] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1637'. [ 632.686182][T11284] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1640'. [ 633.622402][T11286] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1641'. [ 636.394363][ T5889] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 636.749522][ T5889] usb 5-1: Using ep0 maxpacket: 16 [ 636.759213][ T5889] usb 5-1: New USB device found, idVendor=0582, idProduct=00e6, bcdDevice=4e.06 [ 636.768769][ T5889] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 636.842223][T11327] vxcan1: tx address claim with dest, not broadcast [ 637.358824][ T5889] usb 5-1: Product: syz [ 637.363286][ T5889] usb 5-1: Manufacturer: syz [ 637.367922][ T5889] usb 5-1: SerialNumber: syz [ 637.375189][ T5889] usb 5-1: config 0 descriptor?? [ 637.929628][T11334] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1653'. [ 637.989264][ T5889] usb 5-1: USB disconnect, device number 14 [ 638.580778][ T6024] udevd[6024]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 639.464979][T11346] openvswitch: netlink: Actions may not be safe on all matching packets [ 640.283002][T11360] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in; [ 640.283002][T11360] program syz.4.1656 not setting count and/or reply_len properly [ 643.043153][T11371] vxcan1: tx address claim with dest, not broadcast [ 643.293996][T11373] fuse: Unknown parameter '0x0000000000000007' [ 646.865624][ T29] kauditd_printk_skb: 18 callbacks suppressed [ 646.865654][ T29] audit: type=1326 audit(1731002284.012:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11440 comm="syz.0.1684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe71197e719 code=0x7ffc0000 [ 646.901520][ T29] audit: type=1326 audit(1731002284.052:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11440 comm="syz.0.1684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe71197e719 code=0x7ffc0000 [ 647.510048][ T29] audit: type=1326 audit(1731002284.332:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11440 comm="syz.0.1684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe71197e719 code=0x7ffc0000 [ 647.652082][ T29] audit: type=1326 audit(1731002284.332:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11440 comm="syz.0.1684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe71197e719 code=0x7ffc0000 [ 647.676916][ T29] audit: type=1326 audit(1731002284.332:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11440 comm="syz.0.1684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe71197e719 code=0x7ffc0000 [ 647.742577][ T29] audit: type=1326 audit(1731002284.332:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11440 comm="syz.0.1684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe71197e719 code=0x7ffc0000 [ 647.780362][ T29] audit: type=1326 audit(1731002284.332:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11440 comm="syz.0.1684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe71197e719 code=0x7ffc0000 [ 647.802782][ C1] vkms_vblank_simulate: vblank timer overrun [ 648.266760][ T29] audit: type=1326 audit(1731002284.332:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11440 comm="syz.0.1684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7fe71197e719 code=0x7ffc0000 [ 648.544276][ T29] audit: type=1326 audit(1731002284.332:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11440 comm="syz.0.1684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe71197e719 code=0x7ffc0000 [ 648.569187][ T29] audit: type=1326 audit(1731002284.332:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11440 comm="syz.0.1684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fe71197e719 code=0x7ffc0000 [ 648.990593][ T9721] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 649.332992][ T9721] usb 1-1: Using ep0 maxpacket: 8 [ 649.423944][ T9721] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 649.437987][ T9721] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 649.448049][ T9721] usb 1-1: New USB device found, idVendor=06a3, idProduct=0ccd, bcdDevice= 0.00 [ 649.457590][ T9721] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 649.481508][ T9721] usb 1-1: config 0 descriptor?? [ 649.886642][ T9721] usbhid 1-1:0.0: can't add hid device: -71 [ 649.913367][ T9721] usbhid 1-1:0.0: probe with driver usbhid failed with error -71 [ 651.540653][ T9721] usb 1-1: USB disconnect, device number 10 [ 653.123583][T11520] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in; [ 653.123583][T11520] program syz.1.1695 not setting count and/or reply_len properly [ 653.766019][T11505] siw: device registration error -23 [ 653.994197][T11505] smc: removing ib device syz1 [ 654.091176][T11527] netlink: 'syz.0.1697': attribute type 29 has an invalid length. [ 654.834291][T11505] ------------[ cut here ]------------ [ 654.839897][T11505] WARNING: CPU: 0 PID: 11505 at drivers/infiniband/sw/rxe/rxe_pool.c:116 rxe_pool_cleanup+0x47/0x50 [ 654.850764][T11505] Modules linked in: [ 654.854728][T11505] CPU: 0 UID: 0 PID: 11505 Comm: syz.4.1694 Not tainted 6.12.0-rc6-syzkaller-00110-gff7afaeca1a1 #0 [ 654.866693][T11505] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 654.876860][T11505] RIP: 0010:rxe_pool_cleanup+0x47/0x50 [ 654.882440][T11505] Code: 00 00 fc ff df 80 3c 08 00 74 08 48 89 df e8 50 96 2b f9 48 83 3b 00 75 0b e8 d5 f3 c4 f8 5b c3 cc cc cc cc e8 ca f3 c4 f8 90 <0f> 0b 90 5b c3 cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 654.902144][T11505] RSP: 0018:ffffc90003fbf108 EFLAGS: 00010246 [ 654.908231][T11505] RAX: ffffffff88cfe636 RBX: ffff88806bf69378 RCX: 0000000000040000 [ 654.916490][T11505] RDX: ffffc9000afbe000 RSI: 000000000003ffff RDI: 0000000000040000 [ 654.924805][T11505] RBP: 0000000000000002 R08: ffffffff88a85333 R09: 1ffff1100d7ed0ec [ 654.933020][T11505] R10: dffffc0000000000 R11: ffffffff88cdfaf0 R12: dffffc0000000000 [ 654.941135][T11505] R13: dffffc0000000000 R14: ffff88806bf68648 R15: dffffc0000000000 [ 654.949249][T11505] FS: 00007fe33b8216c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 654.959253][T11505] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 654.967333][T11505] CR2: 0000001b3031dff8 CR3: 00000000291bc000 CR4: 00000000003526f0 [ 654.975570][T11505] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 654.983622][T11505] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 654.991712][T11505] Call Trace: [ 654.995121][T11505] [ 654.998084][T11505] ? __warn+0x168/0x4e0 [ 655.002507][T11505] ? rxe_pool_cleanup+0x47/0x50 [ 655.007398][T11505] ? report_bug+0x2b3/0x500 [ 655.012347][T11505] ? rxe_pool_cleanup+0x47/0x50 [ 655.017236][T11505] ? handle_bug+0x60/0x90 [ 655.021896][T11505] ? exc_invalid_op+0x1a/0x50 [ 655.026693][T11505] ? asm_exc_invalid_op+0x1a/0x20 [ 655.032072][T11505] ? __pfx_rxe_dealloc+0x10/0x10 [ 655.037065][T11505] ? __ib_unregister_device+0x353/0x3d0 [ 655.042705][T11505] ? rxe_pool_cleanup+0x46/0x50 [ 655.047627][T11505] ? rxe_pool_cleanup+0x47/0x50 [ 655.052579][T11505] ? rxe_pool_cleanup+0x46/0x50 [ 655.057459][T11505] rxe_dealloc+0x33/0x100 [ 655.061877][T11505] ? __pfx_rxe_dealloc+0x10/0x10 [ 655.066866][T11505] ib_dealloc_device+0x50/0x200 [ 655.072397][T11505] __ib_unregister_device+0x366/0x3d0 [ 655.077839][T11505] ? __pfx_ib_device_get_by_index+0x10/0x10 [ 655.084412][T11505] ib_unregister_device_and_put+0xb9/0xf0 [ 655.090215][T11505] nldev_dellink+0x2c6/0x310 [ 655.094827][T11505] ? __pfx_nldev_dellink+0x10/0x10 [ 655.100302][T11505] ? cap_capable+0x1b4/0x250 [ 655.104930][T11505] ? cap_capable+0x1b4/0x250 [ 655.109584][T11505] ? safesetid_security_capable+0xb2/0x1d0 [ 655.115410][T11505] ? bpf_lsm_capable+0x9/0x10 [ 655.120171][T11505] ? security_capable+0x7e/0x2d0 [ 655.125119][T11505] ? __pfx_nldev_dellink+0x10/0x10 [ 655.130282][T11505] rdma_nl_rcv+0x6dd/0x9e0 [ 655.134725][T11505] ? __pfx_rdma_nl_rcv+0x10/0x10 [ 655.139888][T11505] ? netlink_deliver_tap+0x2e/0x1b0 [ 655.145119][T11505] netlink_unicast+0x7f6/0x990 [ 655.149942][T11505] ? __pfx_netlink_unicast+0x10/0x10 [ 655.155947][T11505] ? __virt_addr_valid+0x183/0x530 [ 655.161130][T11505] ? __check_object_size+0x48e/0x900 [ 655.166559][T11505] netlink_sendmsg+0x8e4/0xcb0 [ 655.172157][T11505] ? __pfx_netlink_sendmsg+0x10/0x10 [ 655.177500][T11505] ? __pfx_netlink_sendmsg+0x10/0x10 [ 655.183638][T11505] __sock_sendmsg+0x221/0x270 [ 655.188448][T11505] ____sys_sendmsg+0x52a/0x7e0 [ 655.193483][T11505] ? __pfx_____sys_sendmsg+0x10/0x10 [ 655.198828][T11505] __sys_sendmsg+0x292/0x380 [ 655.203526][T11505] ? __pfx___sys_sendmsg+0x10/0x10 [ 655.208697][T11505] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 655.215110][T11505] ? do_syscall_64+0x100/0x230 [ 655.220052][T11505] ? do_syscall_64+0xb6/0x230 [ 655.224756][T11505] do_syscall_64+0xf3/0x230 [ 655.229319][T11505] ? clear_bhb_loop+0x35/0x90 [ 655.234470][T11505] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 655.240489][T11505] RIP: 0033:0x7fe33a97e719 [ 655.245033][T11505] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 655.264848][T11505] RSP: 002b:00007fe33b821038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 655.274146][T11505] RAX: ffffffffffffffda RBX: 00007fe33ab35f80 RCX: 00007fe33a97e719 [ 655.282710][T11505] RDX: 0000000020000000 RSI: 00000000200002c0 RDI: 0000000000000005 [ 655.290768][T11505] RBP: 00007fe33a9f139e R08: 0000000000000000 R09: 0000000000000000 [ 655.298761][T11505] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 655.306816][T11505] R13: 0000000000000000 R14: 00007fe33ab35f80 R15: 00007ffd1b048d58 [ 655.315007][T11505] [ 655.318047][T11505] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 655.325337][T11505] CPU: 0 UID: 0 PID: 11505 Comm: syz.4.1694 Not tainted 6.12.0-rc6-syzkaller-00110-gff7afaeca1a1 #0 [ 655.336120][T11505] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 655.346196][T11505] Call Trace: [ 655.349524][T11505] [ 655.352709][T11505] dump_stack_lvl+0x241/0x360 [ 655.357521][T11505] ? __pfx_dump_stack_lvl+0x10/0x10 [ 655.362759][T11505] ? __pfx__printk+0x10/0x10 [ 655.367382][T11505] ? vscnprintf+0x5d/0x90 [ 655.371739][T11505] panic+0x349/0x880 [ 655.375652][T11505] ? __warn+0x177/0x4e0 [ 655.379829][T11505] ? __pfx_panic+0x10/0x10 [ 655.384269][T11505] __warn+0x34b/0x4e0 [ 655.388258][T11505] ? rxe_pool_cleanup+0x47/0x50 [ 655.393125][T11505] report_bug+0x2b3/0x500 [ 655.397470][T11505] ? rxe_pool_cleanup+0x47/0x50 [ 655.402351][T11505] handle_bug+0x60/0x90 [ 655.406556][T11505] exc_invalid_op+0x1a/0x50 [ 655.411121][T11505] asm_exc_invalid_op+0x1a/0x20 [ 655.415993][T11505] RIP: 0010:rxe_pool_cleanup+0x47/0x50 [ 655.421543][T11505] Code: 00 00 fc ff df 80 3c 08 00 74 08 48 89 df e8 50 96 2b f9 48 83 3b 00 75 0b e8 d5 f3 c4 f8 5b c3 cc cc cc cc e8 ca f3 c4 f8 90 <0f> 0b 90 5b c3 cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 655.441197][T11505] RSP: 0018:ffffc90003fbf108 EFLAGS: 00010246 [ 655.447295][T11505] RAX: ffffffff88cfe636 RBX: ffff88806bf69378 RCX: 0000000000040000 [ 655.455379][T11505] RDX: ffffc9000afbe000 RSI: 000000000003ffff RDI: 0000000000040000 [ 655.463367][T11505] RBP: 0000000000000002 R08: ffffffff88a85333 R09: 1ffff1100d7ed0ec [ 655.471357][T11505] R10: dffffc0000000000 R11: ffffffff88cdfaf0 R12: dffffc0000000000 [ 655.479365][T11505] R13: dffffc0000000000 R14: ffff88806bf68648 R15: dffffc0000000000 [ 655.487511][T11505] ? __pfx_rxe_dealloc+0x10/0x10 [ 655.492760][T11505] ? __ib_unregister_device+0x353/0x3d0 [ 655.498348][T11505] ? rxe_pool_cleanup+0x46/0x50 [ 655.503250][T11505] ? rxe_pool_cleanup+0x46/0x50 [ 655.508134][T11505] rxe_dealloc+0x33/0x100 [ 655.512491][T11505] ? __pfx_rxe_dealloc+0x10/0x10 [ 655.517553][T11505] ib_dealloc_device+0x50/0x200 [ 655.522591][T11505] __ib_unregister_device+0x366/0x3d0 [ 655.528284][T11505] ? __pfx_ib_device_get_by_index+0x10/0x10 [ 655.534441][T11505] ib_unregister_device_and_put+0xb9/0xf0 [ 655.540270][T11505] nldev_dellink+0x2c6/0x310 [ 655.544897][T11505] ? __pfx_nldev_dellink+0x10/0x10 [ 655.550179][T11505] ? cap_capable+0x1b4/0x250 [ 655.554885][T11505] ? cap_capable+0x1b4/0x250 [ 655.559759][T11505] ? safesetid_security_capable+0xb2/0x1d0 [ 655.565596][T11505] ? bpf_lsm_capable+0x9/0x10 [ 655.570296][T11505] ? security_capable+0x7e/0x2d0 [ 655.575258][T11505] ? __pfx_nldev_dellink+0x10/0x10 [ 655.580391][T11505] rdma_nl_rcv+0x6dd/0x9e0 [ 655.584839][T11505] ? __pfx_rdma_nl_rcv+0x10/0x10 [ 655.589828][T11505] ? netlink_deliver_tap+0x2e/0x1b0 [ 655.595053][T11505] netlink_unicast+0x7f6/0x990 [ 655.599939][T11505] ? __pfx_netlink_unicast+0x10/0x10 [ 655.605326][T11505] ? __virt_addr_valid+0x183/0x530 [ 655.610568][T11505] ? __check_object_size+0x48e/0x900 [ 655.615997][T11505] netlink_sendmsg+0x8e4/0xcb0 [ 655.620976][T11505] ? __pfx_netlink_sendmsg+0x10/0x10 [ 655.626310][T11505] ? __pfx_netlink_sendmsg+0x10/0x10 [ 655.631640][T11505] __sock_sendmsg+0x221/0x270 [ 655.636351][T11505] ____sys_sendmsg+0x52a/0x7e0 [ 655.641150][T11505] ? __pfx_____sys_sendmsg+0x10/0x10 [ 655.646475][T11505] __sys_sendmsg+0x292/0x380 [ 655.651867][T11505] ? __pfx___sys_sendmsg+0x10/0x10 [ 655.658413][T11505] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 655.665260][T11505] ? do_syscall_64+0x100/0x230 [ 655.670074][T11505] ? do_syscall_64+0xb6/0x230 [ 655.674892][T11505] do_syscall_64+0xf3/0x230 [ 655.679428][T11505] ? clear_bhb_loop+0x35/0x90 [ 655.684154][T11505] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 655.690810][T11505] RIP: 0033:0x7fe33a97e719 [ 655.695453][T11505] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 655.715106][T11505] RSP: 002b:00007fe33b821038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 655.723748][T11505] RAX: ffffffffffffffda RBX: 00007fe33ab35f80 RCX: 00007fe33a97e719 [ 655.732114][T11505] RDX: 0000000020000000 RSI: 00000000200002c0 RDI: 0000000000000005 [ 655.740251][T11505] RBP: 00007fe33a9f139e R08: 0000000000000000 R09: 0000000000000000 [ 655.748256][T11505] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 655.756278][T11505] R13: 0000000000000000 R14: 00007fe33ab35f80 R15: 00007ffd1b048d58 [ 655.764323][T11505] [ 655.767627][T11505] Kernel Offset: disabled [ 655.772135][T11505] Rebooting in 86400 seconds..