last executing test programs: 1m5.91328215s ago: executing program 0 (id=1902): r0 = socket$inet(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="48000000100001040000000000efff0000000000", @ANYRES32=0x0, @ANYBLOB="7ffb01b3f9004000200012800c0001006d6163766c616e00100002800a000900000000000000000008000500", @ANYRES32=r1], 0x48}}, 0x10) 46.732294586s ago: executing program 4 (id=1953): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) (async) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r1, 0x0) (async) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000002c0)=[@in6={0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}]}, &(0x7f0000000180)=0x10) copy_file_range(r1, 0x0, r0, &(0x7f0000000040)=0x2, 0x1, 0x0) (async) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000280)={r2}, &(0x7f0000000300)=0x8) (async) r3 = socket(0x10, 0x800000003, 0x4) ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000600)={'team0\x00', 0x0}) (async) r5 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r5, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000001380)=@newqdisc={0x1b8, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x188, 0x2, [@TCA_TAPRIO_ATTR_FLAGS={0x8, 0xa, 0x1}, @TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [], 0x0, [0x8, 0x4, 0x1000]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x124, 0x2, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_CMD={0x5}, @TCA_TAPRIO_SCHED_ENTRY_GATE_MASK={0x8, 0x3, 0x8}, @TCA_TAPRIO_SCHED_ENTRY_GATE_MASK={0x8, 0x3, 0x5}, @TCA_TAPRIO_SCHED_ENTRY_GATE_MASK={0x0, 0x3, 0x4}]}, {0x34, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_CMD={0x5, 0x2, 0x9}, @TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x4acd6b46}, @TCA_TAPRIO_SCHED_ENTRY_CMD={0x0, 0x2, 0x6}, @TCA_TAPRIO_SCHED_ENTRY_GATE_MASK={0x8, 0x3, 0x65}, @TCA_TAPRIO_SCHED_ENTRY_CMD={0x5, 0x2, 0x10}, @TCA_TAPRIO_SCHED_ENTRY_CMD={0x5, 0x2, 0x4}]}, {0x2c, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_GATE_MASK={0x8, 0x3, 0xff}, @TCA_TAPRIO_SCHED_ENTRY_GATE_MASK={0x8, 0x3, 0x2}, @TCA_TAPRIO_SCHED_ENTRY_CMD={0x5, 0x2, 0x6}, @TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x7f}, @TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x200}]}, {0x14, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x81}, @TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x7}]}, {0x14, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_CMD={0x5, 0x2, 0x2}, @TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x800}]}, {0x14, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x3}, @TCA_TAPRIO_SCHED_ENTRY_GATE_MASK={0x8, 0x3, 0x5}]}, {0x14, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_CMD={0x5, 0x2, 0x4}, @TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0xffff}]}, {0x4}, {0x24, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0xfffffffffffffdc5, 0x4, 0x4}, @TCA_TAPRIO_SCHED_ENTRY_GATE_MASK={0x8, 0x3, 0xffff}, @TCA_TAPRIO_SCHED_ENTRY_GATE_MASK={0x8, 0x3, 0x6}, @TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0xf}]}, {0x24, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_CMD={0xffffffffffffff24, 0x2, 0x2}, @TCA_TAPRIO_SCHED_ENTRY_CMD={0x5, 0x2, 0x55}, @TCA_TAPRIO_SCHED_ENTRY_CMD={0x5, 0x2, 0xf}, @TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0xff}]}]}]}}]}, 0x1b8}}, 0x0) 46.352190378s ago: executing program 3 (id=1956): syz_usb_connect(0x6, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201"], 0x0) r0 = syz_usb_connect(0x0, 0x3f, &(0x7f0000002000)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e", @ANYRESDEC=0x0], 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000001a80)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$FS_IOC_GETVERSION(r1, 0x5b14, &(0x7f0000000040)) 46.261963527s ago: executing program 4 (id=1957): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) bind$netlink(r1, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1001}, 0xc) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@remote, @in6=@private2, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, {0x0, 0x0, 0x0, 0x800000000000002}, 0x0, 0x0, 0x1}, {{@in=@local, 0x0, 0x3c}, 0x0, @in=@multicast2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}}, 0xe8) sendmmsg(r2, &(0x7f0000000480), 0x2e9, 0x0) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="380100001000130700000000000000007f000001000000000000000000000000e000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ffffffff000000004000000000000000000000003200000000000000000000000000000000000001000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000140000000000000000000000000000001e1556b4636a8a0000000000000000000000000000000000000000000000000000000001000000000000000a000000000000000000000048000200656362286369706865725f6e756c6c29"], 0x138}}, 0x0) 46.251874565s ago: executing program 0 (id=1903): r0 = creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dcdb) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000080)=0x100000001, 0x4) connect$inet6(r1, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f0000000540), 0x4) setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x1, &(0x7f00000000c0)=@gcm_128={{0x303, 0x37}, "475566172f45f011", "bd14060000000000000092f94413582b", "a4774ec6", "15b188e5e74e13ed"}, 0x28) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) writev(r1, &(0x7f0000000040), 0x0) close(r0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r2, 0x40505331, &(0x7f0000000180)={0xd2}) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x0, 0x0) r4 = epoll_create1(0x0) poll(&(0x7f0000000100)=[{r4, 0x103}], 0x1, 0x10000) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f00000000c0)) ioctl$BINDER_THREAD_EXIT(r3, 0x40046208, 0x0) execve(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.events\x00', 0x275a, 0x0) write$binfmt_script(r7, &(0x7f0000000000), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r7, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f00005d4000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="5b0f01c2c29c028ed0660f388236af0083ee2c0f20c06635000004200f22c0643e1f0fb7c2", 0x25}], 0x1, 0x0, 0x0, 0x0) preadv(r7, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) 45.941842704s ago: executing program 4 (id=1959): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x19, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000f2ff0000000000000000040000181100", @ANYRES8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x14, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000010001000900000001080000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/21], 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="0a00000001000000080000000100000000000000e8689079427225a7bd14d2315f4ce3d250066d2a0e038cfe0b18664121ea0df19ed727d3fe6fc6719757b40bb9024cf6d44ecd1bb9fe814726ab3dc0a8049080db8644185e78a93faf9a98035d5468a870196fdf2ed95fd028e8862cd847511a871dc224557cee3f55c01a9f41da67b05ad4a61017bf483f215a65f95828bf881352e92e91bae9adb3ac6570b36dd37917c334320d5eb7d855e79d7419c0185dbc3458cba88f25a11f7dc7", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES16, @ANYRES32, @ANYRES8], 0x48) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800100000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4) bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000140)={0x0, &(0x7f0000000280)}, 0x10) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={0xffffffffffffffff, 0x4, 0x80000000, 0x4}) syz_genetlink_get_family_id$gtp(&(0x7f0000000240), 0xffffffffffffffff) r2 = socket(0x10, 0x400000000080803, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) read$FUSE(r3, &(0x7f0000002ac0)={0x2020}, 0x2020) ioctl$sock_SIOCETHTOOL(r3, 0x89f0, &(0x7f0000000000)={'bridge0\x00', &(0x7f0000000480)=@ethtool_ringparam={0x4, 0x0, 0x5, 0x0, 0xbb5f, 0x1000000}}) 45.642948466s ago: executing program 4 (id=1960): r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000400)=ANY=[@ANYBLOB="bf16000000000000b707000000ff00004870000000000000400000000000000095000000000000002ba728041598fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f2641d8b02c3815e79c1414eb07eae6f0711e6bd917487960717142fa9ea4318123f602000000000080de89e661168c1886d0d4d94f204e345c65c26e278ef5b915395b19284a1a4bc72fbc1626e3a2a2ad358061d0ae0209e62f51ee988e6ea604ce974a22a550d6f97080980400003e05df3ceb9f1feae5737ecaa80a666963c474c2a100c788b277beee1cbf9b0a4d3881dcc7b1b85f3c3d44aeaccd3641110bec4e90a6341965c39e4b3431abe802f5ab3e89cf6c662ed4048d3b3e22278d00ce00000000d3a02762c2951257b85802189d74005d2a1bcf9436e192e23fd275985bf31b714f000bcab6fcd610f25f5888000000003f11afc9bd08c6ebfbb89432fb465bc52f49129b9b6150e320c9901de2ebb9000000018e3095c4c5c7a156cec33a667dccaff950ca1e5efdd4c968dacf81baa3a509b1041d06f6b0097c430481824a3f4fddd3c643f630ba175d876defd3541772f26e27c44cfdb2d85d6d29983e830a9cdd79837b3468e8c67a571d0a017c100344c52a6f387a1340bdc8889464f90cc4cd1f570dd39877dfb2ff1ae66e1ce917474b2e650ae630afd014a337ac5d58bcb5e51723257c872c5255f20100000000000000f041b665ab21372c8d8b7bac5b5c784d20a4a24d8dbd75062e1daef9dead619cc6e7baa72707157791c3d2a286ffb8d35452bb5d3682a8682bf7ecbd53f950ef4709ec01e230d2f53594ef4839c6130c4c13a0cca84b9935f771fd49e480cd9d48aeb12b1d6acabd38a817bcd222614d1f62734d679039a97d2b74f9e8e997ccd314000f7477137f4e8e7025123e783df8b8a17e3aa9fe1f662aef87a065b03cfb65b4dfe4f1b56e1f23128d743753a1de172d683d5892ce9414a1d98ea93e3d35dbb6c23b90cf36e83b8a434a97d09343d7f83079ccb02e69d384146056d125cfa788237874dd42dae334bda042819a2aa24dba1c25be2794448b4f63483026b5e34d44705b76ef29241adab0dd7d68bf975e02069f6f2425e1bc97a3d588085f16bef63a06578d4f5de7bfb6aaa75f16996d536256c02284cb1d3a6fb8cae87691fae365a70c3fc69e1565bba8dd56eee5798041358a8ca049f798abe646f738bebd69413afc9d8a5edd7aaa000000000000001e6c2f2a287c5278a218dbfaffffff00a14db5cca6819eb1d39c48cfdc80d215c9e16e0c4736c819363154cca4e2f89800d18c89d7f46f679df6c9e2952ae1ebfd0ca88368ee6ce139e8b5822c22cf2e9dde943d34c432e1001171792c65986146666a5490928441f47e0fe5eac41824ca1fd0eb71aa243c88d5480efd8329d9a733d8f9ffffff5f912ac4e34bf6ea8a86da707b03bddb491ba0cc98f6be92c50008a2b50025419d1476c73132ca7ca26ce8a7e3ffb700f09e157f9b844051f1a642aca9ff98c9036471ccff0522903e7bcf62e18f7696bbc280b95e8e0d6fd5644b0ebde3a95b06548862de809d3dae3cccf109f7c78e8479a345e800000000000000000000009455bf417627ce723a5d9103706aba69279500bb82f6b5a3ddc0bd9856712945b70c75ce5b722578820820d010d7a3cffc99fc647d0b82ef26ab708c0b19ed144be51c3b398f0e6bb7a30006000000cba12953d58cff0f0378740fe6662f377b97d8e7cdb047acd083d3cd3856476a60a49ad127ba6570bafc2bbcf9ee721fd9cb467ff071e5604fbf0491245c0000007d932d7a64de4c4aa433fc0840aff7c47da3a4c6966d0000000000000000f6bfbae29e8a6e2a889f6ef6869d82d6bd73eb76b65c7a35a54a4a6b8ad4600e3a972a0bb5971a5f16590b0a03dafa3fd1118765cc8ab9fccf3b51c41a339f200f2fa33006910a679a9ae0187b4d750c4bd244cb0cbfd23b265f4d4da448a7a0d19c5e43eae50a31609dfa2dde267551467eb6475293dd7012cc449009981f22820e57a0eff234ccfe21d7a2302e000669753d3c3432cc14ee1abe724adb6b5431befedd3e22971118f0e21aed1823cb7dde8212a8531bd9000000006a370e9eb56b3d790b98f2bd0db1e5de6a146597b2cbb7103040d2a39d7965d34df524b760ab92efcce7dd1574052c735935bf6a752c015c7f5ffee9ff66e5dd2866b15b6e0d17618cb1f5c1ee4b05ebf1445ea110f499f840a5c965443d725556351ee25fe09f69494b053678dcadcf02e063dff2fa4bef1ac3bbbebe6c74d71ec3b23e29895eff1d1017024fe3e8cc759b05785adc346b7ffd05963f92c1d0d7d90ba878ad89e490f3e29ac51d30632869a534418f916bf6fe8167827a8e6c8f8b391c822805cb0adf1b8bd6947ff208753eb0d208ce14f7b206b2e02c21e963abc5ceb735c1b3c46b0a843de52a903375dfb663a8d8ee9c2b2705c1a81d9d3b9656b219c8cd99c9cafcd0d0540884d97aecb19983fc6af29ab44a82aff9cba921192c665b877af6539bdb1b567f481ba07982e7ad758f4e1eac69e7e88a63960975f490e161e371ec8534791e3b61c685d900a9c0839208356b53750e76fcc3c2d1bddcbd83897921414d0c02e8188f3df79ea2a5c5444004830e6cb227ca1bdafb977c00000000003a417193b8c5d793687335a930867094fd6a78218218e04b705ec62f1608cb569b81914e68f175b392af6bc4fd2121d7fd276af2c97a441b56e7a0687d98b8e76d8d0d231e4fe00be1de76bd19cc12e2bd938eb681ed6bc951c1b4f7c51af59eea4d40c6000000000200778a677b72786311153271a3313da02645e11761699e4d04ac86dd14ff7b9a10d3fa74696fe3953a5b7706bf5d1faba4b18808d9cb0e9db696dec4e0820ee4028d7225a2c9c427cf64cbde6fba056b2006b7a37c1181d530fb865e235cd302f3b4071ee5237ada986b9e5e3144bf479f277f10656ad3744037ccc9c63685a6f1109d2ea73773d3635f61497f1fa1ea4a16f601800bf3e59141fbf05a96113320c445f9ba8596970d5254727e804fbd99ccefb7c09269dd2c5c25e56e169ac15980f3f85f7ca36dd5950ef5b64fd46f123311829534a82940994199b3cf7a8fabea9930952f5da9b909c1946e55289f668c423fcbb31ae91864c882313151741a67538c9689dc8ecc9903c7041e5c0704e2fa55a756487517a7445cbd9e3f5175e41c00000000000000000000000000bf98efd587fffe326f474b0b089c017b16c0062cbce96f5adebec52a79f9363909842f79c50a1520be46d87003137e4c5031f00123e812a5e37cd52c9eb7336281cb8c6ce993c51cd1eab8a26b232acf6bf0ab829c26dab637538b2eb1420d812d2b80c777710ba0f18e4661681aa218d9ba54023ab4305d77eb15611ae2545835e9d30e9f6d4fb43a291c69545a1eea0f8720431132d8549f99bf6c5cb060da70cbb59d0a000000000034d083fc37d2449f72de0cbea4bc1dc89c136cdbc504f849d5502d77a95c7bfff4cd9c03058d0d4d07ea64824f1acf2b39389f675f39d01719cdbab3f1ce10609c8d7b3e37cb99b41da5e485a441b6a103549f55ab09dc98767763d1f2fafd45bb7d2b40050d1f8292f4d9ec6d0000000000003932062290f4996fdd55b06023437e9e2072daf7f5d82f6f1b5b89a41134f4dc2e65bb11272fdf8c8141f41d6160b3d8b6ecd16d14267f61b4881adee7f07f3d6af5ae79e16fe2c3f55ac7a6392d2e1d9b4286b6c3e1f5a76b85ed6e1f0000c67e6c5fcdc8c39381be4799b8cb2d08b8262c807dd755e22b801162381aa9d1af2bbc9cfd497585337eac408b8475b47a392a10cae349160f128e5f873a58064eb400c36a90624f6aed398a215e9ce64522ab249f67c38a656d32ecff5cdb2b039c4abf349d2c0f88a42e9189bbfa7f5cf35b6e7ef8f9d33163b7ea87550fb1ba334c83e3aec4714c9c4ca3ecb04f2720237615a28bf310b58ffa2a103216fdcc8c2d8f5d55e5e7ebf147105272aaae56e86d856b3cf79a3f7306436362dd1a08ce873e07cebc7892ec6f9f696da38feed3dc0001500e34adae1ba89a32bad2af9030f840f1ba4664f35547cdadd5cbacc59352c290f55d971b65953533668c25f21d8d62d849e9058eaa97c63491568887548f668cdbca2abf01a361a0b64d8b523e669da350e3ec7445dfbf366b0b3bc5e76824a1e43eaaeca70db90f2fa39596443447671933079a24fe3681ad9ac361f71ac279a688f10a1cc4df1112105edebc5e3bbc394c8305ab129ca2dfb9b7c5e9d097bd01b495cccefddce569117f7f5d6a6270ff0f0f4c371029ca8489571b55841bf3dd003bc81460eee57ceb3c33f4e9300b0144fe040cf5fcfcbb616c2070237881afdb314cecd1623f3e55ab8b7627fa1be349145a8d6313cbc790eefe2020138e82fb9d351be4ddcbcc9bc048dd3db5828d16baec6e07a007f0030f34ea3cfd524d6fa1d45da5641d6c94e1d3ae7fba1c85035d2a60ef1696e0d96aa1c60019f73ae0aa6113cd66ef26b5777337c26e1461405d86fdf091edd526f25cada439bb3609ed5c35ab60a539ade786bd6004d0ea3edbd6c4da0d8e8be8c771c8c8a0b07d9859e04adb18964dcce9bce546074c26dffbc2df372a016e8c845d4257000000000000000000000000000000000000f29657697d9c2b132b2dc2f5ea5122836582a7e85fe2bc166f17aefd9d861de0191f5277d4a3b5afb6f23d9eea2459f7844606e1202768d83c24cc791bde44a448022bbfa571fe029a7b2d5152639ee283894ab6168992ff0acc01b39a078f285ce615351f262019586eb9447bb3eaffd7b53d8f37ca6c5f1027dd5b7592996c8a7789ba108979cc9ad07ed86682843e2eaa855dd01443ee6ffde1811f10039d5d14458177096e15cc4d8f2582a1bea5cc98d992f3de7d1cdfb24384b9f10f615c87c441dc970ec896a5af6bf69b50a244bc138a1cae9868c3079bafe69769000000000000000000e99b63029d219cd3545a8426b56554a9f265d3557eefb3602894507c256cb8ee9ebadfecb6afeb84ba757bfa8d00a5af0dd6aa1e8144ef8ef04410d52204c335408941b8eccc5c734cc6a05247142ed647f89bcb5c043acfb382b9cc918bc3cdc368983157851cdf678800aa7eb2a6cbc12c7ae23bc88b8f10223ab2a093429f3f6965bc1e6a55e6b4cbbbfcb781143c56d84360a476155f9d2865a60b541b90a27e61b31d459e576b7cb61e67e686b5199518078db3c36b8986bfb067d491d7a4affc3ae8cb63b6a5ec2803782db2ea14c9e5e00ddd9bca8409b807a86381f632122f36a6be0b2746e58290a5b77daadae5206b09559d32b8c3b74bafda94afb66f1055525bc3d3abccc3d8ad7b99527fae1e8fa91712914d9eacc9463588c6da1f69f7"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffe89, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000040)=r3, 0x4) sendmsg$inet(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000340)="25b096f681cd731c3f3a9badc4e3cf5edeae1f3b5082d7ab3a97c053df68744e7c7e24d0b59997bab4bccff8363b275de3510b0ebe4275d8d2f153395668e3d608e358fc2294263c03f8dc4f8bf194e4fde4600a2dec2f483a914e2fde0cbc344a2b9fc18dd198966045a6d4d4eb8571e8bb69e6724e37fcbaa6e4c64050b47256b9bb17f5c0aa5101e015ecdcb62fec46fc0205512535", 0x97}, {&(0x7f0000000280)="d3a88bea5916e313729a3989393caca70c74cd74e62e524bdd37be131ad827f911027e70ccf679d8e7c0cd3333095f83d6d473db345ded2ac8acaa87503de74c82431758e8e11e3ecb7bce02d6cd65f4eb88cc49ceb9e39f7117eb0f62323dc9b80dea447b0c96a383f14281bb87b09de0a6153ceeaae2b50a2b0f0f41810f379f9c3a1f3938461829d716a4bda86ab11b41f754bc15d71b", 0xfed0}], 0x2}, 0x0) write$P9_RSTATu(r0, &(0x7f0000000580)={0x239, 0x2, 0x0, {{0x500, 0xf8, 0x2, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x1b, '\x04nodev{evoo~\x059\xc6\x00\x05\x00\x007\xd9:\x8b\x92\x00\x00\x00', 0x38, 'pJ\x86\xce\xc6\x02\x00}\xfag>\xff\xeb\t\xb55\x1f[\xde\x05@\x00\x00\x00\x00\x18{\x82\x00\xb5\x00\x00+Y_\xcb\x14\x03CT\xb9\xfd\x9e\xf1\x96\xa5\x1c\xd5\x15z\xdc\x81\x03\xb4\x94\xe1', 0x1d, '\xd2\x99\x98\x80\x14\x98l\xe9\x82\xcf\xc2m\xd7\xc5\x00\xf0L\xd8_*p\xf5\xe9\x93\x0e\x97\xa5\x9ad', 0x55, '\xf8\xf6i\xfbqm\xcf1^\xca\xf3\x85@\x9a\xc6[\x94\bg\x8c,;\x9e\x1dR\xc3l\xde{\xa4\xa4\x00\xb4\xb0\xb4\xf1t\xa6f\xa8R\x9aE\x1b4\a\xdb\xda\xb2\x88K\xaf\x05\x00\x00\x00\x00\x00\x00\x00G\xec!\xca\xbf\xf2\x0f\x9c\x1c\xbe6\xf4\xfd\x1aL\xc2\x80\xe8\xe2\x89\xdad\x9a7\x00'}, 0x12c, 'odev/n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4u\xda\xf0;\x11r\xd9{\xad\xc7\tZ\xfdv\xfeO\x04A\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f0\x11\x84G\xaa\x9at\xf5\x16\x85\xf5\x06\xae\x89H\x06\x87\x82g\xd5\xa1)\x8dy,J7\xf2\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcfs.\xa5\xb0\xd7#\x85\x9d\xba?\x93\xae\xd3\xb4.\xe7\xca\xc0}\xe0\x9d\x1dh\xa6\x033\xa8\x82F}+1\xaa\xcd\xf9\x18\x85I\xb1\x12]lL\x9b\x18\xc2\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xdf$NL\x90W\np\x04\x9f9\x9f\x06\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xd5\x1aA\xdd=\xe3\x04\xbd|~\xd0\xa4V\xf0\xae\x12Qa\x05\xc9\xce\x88}\xf5\xa6\xe0\xb6\xa7}Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd8\x7f\xff\x00'/300}}, 0x239) 45.231491212s ago: executing program 4 (id=1961): openat$hwrng(0xffffffffffffff9c, 0x0, 0x200, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000d00)={0x0, 0x0, &(0x7f0000000880)=[{0x0, 0x68}], 0x1}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000b40)=[{{0x0, 0x0, &(0x7f0000000540)=[{0x0}], 0x1}}], 0x1, 0x0) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(des3_ede)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r3 = accept4(r2, 0x0, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000400)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe1a}], 0x1, &(0x7f0000000380)=[@op={0x18}], 0x18}], 0x4924924924924b9, 0x0) recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000000c0)=""/73, 0x49}, {&(0x7f0000000200)=""/83, 0x53}], 0x3a}, 0x0) sendmsg$alg(0xffffffffffffffff, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000b80)=[{&(0x7f00000003c0)="fe22d7b66376304d77de", 0xa}, {&(0x7f0000000440)="abbf909ce9cc7531089a2225a2d7c9d4c09fedb4470ec74cb137dfc9de8fdea108bbcfa62e7da70335451a6618cc7acb1a88f4ff18e40000d6eac3a4a4012205988c0100287258f613fb0adc6c0a74de3dba4c2387d300702914c866e9b4", 0x5e}, {&(0x7f0000000600)="4c26453ed3f991e942d84e53b0f17f7494c5d5674d8ac0d1e56253388fc4b112865c7038693fb313e752c5893670a52ffa53cb00163bfd4b54289ed75c13033fd732e8434bf6afa06efb2ac280850fdf761076976f7ef109445199336aa63e3b6b3b39ee0c02bbf1361bde6abc340389c1a603eeb08880a29eff9097165541275fd9ccb1fc93b348ddd89ede844e96aac7e2e377a8dcb56ca30618816263dd7be238eba5fe6157385b71ccd5e938044d5730e22b037d96bc2fe2a244c7f561e8f5a69fec8df321293f65c6996b56b0e4b187c009dfc3f0d8e102b065034ed9a058eeb085d8ad01c4", 0xe8}, {&(0x7f0000000d40)="48241cac329a0b8c268004c2557fd9cb18d215229da18891377c099d282f51d7e0e657f80653dbe8b7b7ede5579e61899079ac6a00816e97fd313878b014b30b7bf3babc1efb26ee0a61c81838a010293dc051a3eff70433c822b3740d2616faf79be7d15a65f3cf22ba3aca65db3630b8876fdd1de9cae0d1710459272758805533d6f95bdba36d36537cc14d6550153fcb36e7852a62fe628a22963b8d30b14a5490a2303de825bfb9311171698e3204b04d108c600112d815502069fafae3052a787cbab968e05c758a1f149ba0be27d3b2c239147d4009181afb706bf1ca049c066bdc5324afc4d8b256f30410b21f9a2436796efd08a5d46df92717ef7ea7f40cb906ab5610873c3c243112fa35e4af83c86cc336f5599bb20c5d78a57ca3e1a7d5c18b56cf9ffec9bad408f82f66be875fb3d5fa0a655fbb222b71057a560a44c6f3f581867bfe310f6274b8580c9ef852491ffb4e606257db14427d7d34b29e8e5d3c1a8c06c893dd88d68c00aedaa1d01e80aa31a31c4c240d3d298ae0aa07e372e2bf322d5c31d63e897a901019e5e97fb84cdbd676078fa8a02bd94bb07066e2d8f562149e886dea642b070e5e58d07963252c70b569d27f6d9350b28abf2c869cd7998156065a64ba932d4eac68b3e8f5f356ec5e317c56307a0b7b5cd73b83e0186bf19299bd996ffc88e159dd2ecbb61fd6ac578bfa33cba3ef366e31cefd5b5275b08289da9d2d2f71e10ad2889c3e96fb0fe993747fa3decf1e1cb3d1209ca561f8d7326e3b3f1ae94398438fcb682a435d9320f2f939cf929abd6f6c113b9603ea284f93032e216a7ea4e4e51ee2a5065f29fff691ba68017c294b2bec55ac21cf6425ad5bed0e954f49d43c30e6ce51091066bc0cd9ae6de605d2a823fa6862e99002a3c26fc6ba038d140865e07abd6366d5e1eaf294f684cad603e4a5a6563c9e8e402fb9c969999d53605de70cbe84c8129694015e23a3f630b2366c3348e6ab80ceadb59e4bd82267dc16517ca90b86af2e81bc3be86124a5c38e8b6229aa68207fe2a645bad6b1435c65e5df7bf61328d44aca2146dd72fb0e6bb3dcde90dd68fd64c1fea79f847ebd2fff6d2a8b01a2f2d49711359b59878d42041ff3719a09a8101f6206a3d1dfede69dddae7a12d3a3d92d0a1f86490420e2f017ef1b0fe914f70aebef2cbef4e8da0e433cd7582276aaf3acc95f8b5eea9175f22d429b4d31088cf04db000f2b7ee234a05bd827083250069b177f71f96c886b56e50d2ca3bc40509142c6d65867d1d05cdc1a4b32d15c7ea1cc4485308fde666f6bb94753856a34aa1947c1c2022e0f406b9947aa283ad36fd1b382cb19c7773128717a59b6c20010cfd45c64f33e09ed76432cf8e0bd7407ff6df06d9bfd683aa053c5deeb7fc4d4b02460d247bda66399fb1f7c81f0d7f916a471725355b48f3197e80133875d130a43542757291e04c94f9afe86bf712b1315eb005590798ef81915b07ad67c55fe1040d6f83355b0b52a31660d98a2bdd637a0c62cefe08ce4113cf6c13d5b5ec796477cfd702c6c346a70a1ddf9af9225d5e8df1442c84f4be6132bfa4da648dd43213fa2927710216d610cdd4e75c0e6a64d11254948442ddf0f0acc23feaad4abb86eafef2ca130171c5c4749397a3d29bd976c11420f0f61138b75c373268c1a82e72eaa2ecc51fbb8a07f2bea4c7cadfa80975ce02c46bde41d59091428647f0745c976bc97c22edd3b2741b8ee712d0ede9499b43876866d692fdd191430c0be76bb93a93e610db1e47e04cf2d115d949f2ca2231a3d82ef12781e976192ebea7750d4119ccbc2c14141497997526d5e878e2a6d9c7f815c75d9e0943ead3993bc756d6b0a37531c0ddc4e850278487c89cfbe55e05737222f9061e45028ea6d67148ad7affe169e81a37351c935e7473e383b3e057a1afa46edfdd4198a6dc1bbdf1b1570ff561530657b51000e75bbf55ff481be29c207e20ed36eeffdf4951b7b03243fe55b093cad9cc5f70f64edb69da16e2e622eb85bcce6082c462c684b4850551f8481988e3ab080092f31f93bfe7ddcf2f606dec9393e20c55c7bd97972cc0d4bf46dc6267d5fa43ba7d66863ce34dd91a4fed2898b77e30ba5578566b074f69042c1b94eb5ae7ee568c5f13e55220304f7b861374eb2bed874e32f96cd2bf29ea3752d075d4b8e792515a7044ec8054a1e461c8813515a396baed241b59807d3ef9c7a3d334de8839c9d972fb9ed980b6e0d21f77d91133536d91ac4477611ffeb76b3b420786b0af49a6cc0bcd90a1947d627c218f0965c1c8a0eae57464ff755050980f65f18f73f757e175c489a1d8a15168016e1d15f105f4cb438b5a546d85b38057ab18145179ecac20b6b9008412251ca6a08fb8d8d46e1eb26ca1d9298d2c096557c882e022f0b8c8e00afa10597bd82cbe1096d4c5071abce658dfe605703ac17bf0f176b999cfec2bb003b1b0378824a7bfa78d750451852fad60db8c15b19d2b4f2102562eef1780273f601665d3f0228d50afffbad1fd873ee5500a068d06338ff2b867f63b6e3ad48494c979276006173e2e82c5b708b0b6fd778fb8133d9cc4fdb666a8d66eb69d08e5a5cf5aa1a5c5229444b1452c3531c09191ff1a00c4cce3492cb7847666a804f82ca992bd2b7e9fde6ef11bd94ce75d5dc1927691b8297e8c96b119cc8b4d2bf78a18ae3619a9db620c331e384b742d1609612e2ce9bf449979ce90c629ea60c8e0a8ac8776f01aa2f84f5ef4cd31b8e1edfa3f54dcbc23174c4851a2654df87bd8329be842986129bc3eada97a3819ef71ad812fe2ce107e30855d1905023b7b07839127f869efd1bf0b51801e6eaf5861440162f106309edc506e2c9b119483c711d280feae1484c9dae2751dd12088799e497ef9221f44cf9279b9da576d46bef79921e93fe4ba75ff8d672e0f94cb702be0fd5b49d1bc9508029b5589d04d64b750cbbbcd7e522ebd14ddbd20a2350139bbb489931caef35896974c66813b17a574052bb153327b2523563690923c4afd1e66751310f039df36085aa18842bf8914aca65bc03979bbcc734d088c25bf2eebe215a1e3a53c7f2ebc12cc2a0ee929d9083e1d12b12b2512072848e817331beab40d26a06449c45b2b856fc536436a1bcf5d417eebb7372dc50665c249cb714100d9d10b59809eb471331b10ba41daaef04cf8c01672fbc8e874596fc12e88db3c400cbb69bd6b2b08391ff2c17d7eeba1f2aade050cfb03dacd753a21afd0772948818e377482a3c37f17e1790351cb078e90f6e54bea4f6012ba3e73b6f8b81512dbb59e5445ecb91831c04502f94f87bd02d746c0e78e3149b6655c6316557c1adccfd4801dd49405fc81b89bd42add41d9431b68c5551ed532b78b41a5aba8951e6abb28b7945e2bbb245bb6725d247db44293b6f1e7e6be571817fad2c6b170a31126e25029831056ee31f519cf90a83735275781ab64eed25ebc0d04299dd422663f69af9c79af2d4015c0c6d91632ac050e55659da812e3cd87c8bafbd3f8dcce159cd103b913315d4d6179a85aaab534188c9ed6ffe661321a1c6f0798af919139e402c2f1d2d4215069db0f522d5aafb3b81c60f939f101e0bcbdd2c75e15c12b4d5d9d6927c6f013534ab8b9c2aaaa4a75212c1efb980752268581add59f0e276aa80454624d3546f74820b07e01ac74a9a6c50b27c78a2189045b418deda0b3972f132943dd392c6e3696542a2f6199af6392f2652585fa56e4532400611d13ade17f307643787582dbc795e77ad9dfbab61ec26dc08795869670b96e4f70d89cb88c3d708fa57dcf4b9e817eeff540e4f62ee6a3b28cef6bb0ce5824c4e62980ee18f8cb6f0d76618209554e2854e2648c06d20a416a8b12df2c4e29439d3fed8c6df8499a258c10dd67a22fb81547d0694451c29f561d7b4d5cbdfc8d5b7197bb5be8cc116f1c44f57746b5c243bd5ef70aea3abbeb556c548f1d78cdbef8771347e668ff27454bd78c2f09dd0179627a23a4ceea0fbc84954b928bce032ae92a935f3a0c53482dd575cea696b68022329078aed20f64ced28460bd396a6ae0d4aefe2a1a8908a074a64deb6bf2adaf9a09e09e7dfee9fce560dfd6b966d51b53271109469f884c22ebe1b4f74669fdfd4191eab5b62f6e3bf0d9709d182e25a76f36f42d05898ed61e2dbb459531bf2ae9d5f3d5ec089425c8b85e4ec3765db98a33e3256a27c4958d103268df4eefd50dee2a83fb4f1b0d2a9f74b8e37d99f8eb328e2e9d20fe7004aa036bd65330d5722c4f62b2205fd78ed84641dff898faec55a7b0d14b374ade04f531b5b2f2432049ba2bcd7d206e924c681c01ac6dfa71ba187ad0ac1b456bc2c97edc145d15bb5ac93587f00047ab850bd7f29d4a653436d52c3770362cf0f647c0e68fc9bf2a79c06d276fb7346d255f37cf9a83e424634cd022783fde25b2bb6ced238740cde8f02cfb45c5723c0562ac963f0a4c0331a78f915234b49f228a8003dcf7477223aa1199c60dced0c181c21eb1110152a4de20fcae778feb6fdb1d12c1d4eab297fe7f4f8e8eea17ab1a5cf92d60d2532cb32d015b3e2b79f3e8bfe773daf0abf059681fc10c17b98d71507b8d306e068432a2f97e2be3a212194e989e34b8bb58f215c423b66e2972f97343730bbd12e2bbf4df816cfd580dc73c82c3eec6e0900733a03cfb05a303c9dc5b35a00b3cebb9c8a12fff2ac3e175bcff663974cd7bfb8206e28c4894940567bdc9a0cb0d05f5efc197cd67eadb3d211fc3078fb7f6d62c49b3be92eaec83a2317e4b24a8f68a30896b652f7a23e7a3f52d928ecf5e1e38258ecdcefb9d7f7a656437ce2636e81871461d52a245e26426f9ba2ef0d21bb64b16e880462bf18dabec068aa7ad2ffe59c69b839d7657374340e3a27a0076ed84ca80fcf0a9a94588f29683e9ddb28787f003343703170c09a9c86ab3f2aab116fe409e0a4fac4e9503c70201b536f8f06ce4f7f86e85b8b9798a72fff039e9d168b91cbd13af317cbd45a3eeb086f79f53fad49be5b88fa5039df59305b8a7fd73a735b6b75b8ab3df7c79fac3b5725b64d28915d66ba82a4a0baefa666fb518bd3c2ac93899583a985e24a65baa99a2055290f39700dcbaee9f13f75d67a710216e5c3f301d1d19b7bdf3e45ea7a87780fd9c97e01e395524c26b6e632257aeaad9f77ce33fe94f63280348e8d9efe541d43891c51b5b8ec37af328ef6b7009718dc9d7ae1cd502705eee64c6ff53278142d8768eecd81d75ac3003681a576e10fb09a8fdae27d2c7250806c6d19966c4a8a5aeab1596690f33636cda09adcd4d623f3a9ab0ae4c14f5cb9c5a813c044bb3e0c195d0b02b8c4a3925acc6cfbefe3ab4b97a31a369ca7bdc16de11369749f7a58b9830c2f351a8f73bec2fd6862d3d1280b641b2bd06d6f1224632ba023c9e20289e7643fe8ecf2869542cd534677b8c178726e7365bb811322d09683344a1df3ce38632f76e501a7d98716ebd59737b02ed0a444fc5acb1f6b25247297c1ec769066d9fe1087d9e84eb9248e47386a19f61bc7a6ef530fe57282cc387add49dd8f19f3f4f89d7f57f446ae0d1718968cd962cd9252f8e88f81edf2d07d7d977a515cf3b9909ff16e53bf24806e5142dc5fa311e57689955278d98a4c2d340752c90a0a3556455f56625fef7273493a4432d257afba0de599955f27af4ea9f05841cfed6a70642e69eb711cd52eccbfa0cb2227b9d31", 0x1000}, {&(0x7f0000000980)="55aa1f965a81d82a11b174e44d6df5dd8ccb96001845e84e35deb8b589d591d4ee74b6c68962751598c34b5b85708ae3cdf849b843daa970d4ed0c46c590d1dd9f4d1d41185f74fa9c3fdf60c0cdb8026c16dad0ec605ef2ec1503ef3d123fca049010c1b72d0f60bb7cb047ecbb3fb6ae5a50bbd0b2d47ec591217f5e817862395eeeacb7fd9c770b0ae7c47aa32b64c6dd4581c3d89ed57249dad7aeae7e5129dd0de524017cffce72e6c8c44286e560c5ef4e763318a8c333e9f256fde3748de36ac90482ac0de433864319d308b849e5464e9bcabc586c79f0077d689ede3f14e338fb6d", 0xe6}, {&(0x7f00000004c0)="89b43e7593064905c5fbec82b477b3a1f2004606f5a7ad9d0b384f95c54288f88b40f04962195a00ac183091642ad5d938833c095573bbae26325aa9bef39364cc47c8e8ed416bde9c410329c99c0fc5460f5f51510de56509fd946b239c3e", 0x5f}, {&(0x7f0000000580)="9891feb57da46f0c1b7ccd19ee2b40a9aadb9de49613a2ae", 0x18}, {&(0x7f0000000a80)="ecf622ae085598354d2cf9db163efec9aec6a26e3ab61ddedd86e9695d8c5af1da72f50890af4f86eacc8e0f9256284314239df240427d8bd6586e2f108922a314825ca4414828c82c16c2989b66599f04690a12c2ac7475383938a7ef6c6d3d9d1f166314f170f581cf07d5c8de4fa5210dc95ea27b73172b30e40d6cf42339a3adf8abc879de73e7e2481fe655c1643abb", 0x92}], 0x8, &(0x7f0000000c00)=[@assoc={0x18, 0x117, 0x4, 0x3}, @op={0x18, 0x117, 0x3, 0x1}, @iv={0xa8, 0x117, 0x2, 0x8d, "83dc8b0a461cdbe2a0e6111e63c38a3cb916e2a88a9e89a7f2a56eeb710690ba757d8ee792ffbc98baa64d66ee4d0221b9dfc7e8a64286975e58902ca32f4eb90e9cee16a138efc4f6335ce96065304f61bc224aae83e50a27c305669d54f82a9fa024f617d07a7162aaa3c769b0e122d4db63912a290a3ca0b0a19fa074df4689edc9bf27a8c2aa7f3321a067"}], 0xd8}, 0x20004041) ioctl$KVM_SET_IRQCHIP(r1, 0x4020aeb2, &(0x7f0000000740)={0x0, 0x12c, @ioapic={0x0, 0x4, 0x7, 0x6dc, 0x0, [{0xff, 0x4, 0x2, '\x00', 0x71}, {0x9, 0xfd, 0x8, '\x00', 0x2}, {0x96, 0x10, 0x4, '\x00', 0x7}, {0xb, 0x40, 0xff}, {0x8, 0xb, 0x0, '\x00', 0x3}, {0x10, 0x0, 0xf, '\x00', 0x4}, {0xa3, 0x9, 0x4, '\x00', 0xfd}, {0x84, 0x3, 0x3, '\x00', 0x9}, {0x7, 0x0, 0xef, '\x00', 0x6}, {0x7, 0x7, 0xf, '\x00', 0x5}, {0x2, 0x40, 0x7, '\x00', 0x15}, {0x9, 0x2, 0x3, '\x00', 0x3}, {0x2, 0xf7, 0xb, '\x00', 0xe}, {0x4, 0x0, 0x4, '\x00', 0x2}, {0x7, 0x7b, 0x9, '\x00', 0x83}, {0x83, 0x3, 0xaa, '\x00', 0x6}, {0xfc, 0x5, 0x0, '\x00', 0x7}, {0xf8, 0x8, 0xfc, '\x00', 0x80}, {0x4, 0x2, 0xac, '\x00', 0x4}, {0x8, 0x7, 0xde, '\x00', 0xa}, {0x5, 0x6, 0xfc, '\x00', 0x81}, {0x3, 0x8, 0x4}, {0x4, 0x8, 0x1c}, {0xf8, 0x7, 0x4, '\x00', 0x6}]}}) 44.853914087s ago: executing program 0 (id=1962): r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f6, &(0x7f00000001c0)={'gretap0\x00', 0x0}) set_mempolicy(0x6005, &(0x7f0000000080)=0xfffffffffffffffd, 0x4) r1 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) unshare(0x2040400) r3 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001340)=[{&(0x7f0000000040)="2e00000011008188040f46ecf14cb9cca7480ef435000000e3bd6efbbf4ae7220b0013200d000100ba8000001201", 0x2e}], 0x1, 0x0, 0x0, 0xc9e}, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000200)={0x0, 0x0}) syz_open_procfs$namespace(r4, &(0x7f0000000040)='ns/time_for_children\x00') setsockopt$inet6_udp_int(r2, 0x11, 0x66, &(0x7f0000000100)=0xc6, 0x4) r5 = openat$full(0xffffff9c, &(0x7f0000000000), 0x4000, 0x0) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0) ioctl$PPPOEIOCSFWD(r5, 0x4008b100, &(0x7f00000000c0)={0x18, 0x0, {0x0, @empty, 'dvmrp0\x00'}}) write$binfmt_misc(r6, &(0x7f0000000040), 0xe09) ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f00000002c0)={r6, 0x0, {0x2a00, 0x80010000, 0x0, 0xecc, 0x80000000, 0x0, 0x0, 0x1, 0x1d, "fee8aaab78fc962a07000096072017001ea89de2b7fb0009000080b8785d8d3a32fe4c055495210ee4e03cd100007f06cd8400", "2809e8dbe108598948223d458dd0992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00", [0x1]}}) 44.461964709s ago: executing program 3 (id=1964): r0 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r0, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0xfffffffd}}, 0x10) bind$tipc(r0, 0x0, 0x0) bind$tipc(r0, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42, 0x3}}}, 0x10) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000180)={0x42, 0x2}, 0x10) r1 = socket$tipc(0x1e, 0x5, 0x0) sendmsg$tipc(r1, &(0x7f0000001440)={&(0x7f00000001c0)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x2, 0x2}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x90}, 0x0) 44.10315509s ago: executing program 3 (id=1967): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="14000000100001000b000000000000000000000a20000000000a03000000000000000000010000000900010073797a3000ffef0044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f28000340000000045c0000000c0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000300003802c00008028000180230001"], 0xe8}}, 0x0) 43.542819399s ago: executing program 3 (id=1969): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x19, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000f2ff0000000000000000040000181100", @ANYRES8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x14, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000010001000900000001080000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/21], 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="0a00000001000000080000000100000000000000e8689079427225a7bd14d2315f4ce3d250066d2a0e038cfe0b18664121ea0df19ed727d3fe6fc6719757b40bb9024cf6d44ecd1bb9fe814726ab3dc0a8049080db8644185e78a93faf9a98035d5468a870196fdf2ed95fd028e8862cd847511a871dc224557cee3f55c01a9f41da67b05ad4a61017bf483f215a65f95828bf881352e92e91bae9adb3ac6570b36dd37917c334320d5eb7d855e79d7419c0185dbc3458cba88f25a11f7dc7", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES16, @ANYRES32, @ANYRES8], 0x48) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800100000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4) bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000140)={0x0, &(0x7f0000000280)}, 0x10) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={0xffffffffffffffff, 0x4, 0x80000000, 0x4}) syz_genetlink_get_family_id$gtp(&(0x7f0000000240), 0xffffffffffffffff) r2 = socket(0x10, 0x400000000080803, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) read$FUSE(r3, &(0x7f0000002ac0)={0x2020}, 0x2020) ioctl$sock_SIOCETHTOOL(r3, 0x89f0, &(0x7f0000000000)={'bridge0\x00', &(0x7f0000000480)=@ethtool_ringparam={0x4, 0x0, 0x5, 0x0, 0xbb5f, 0x2000000}}) 42.351954823s ago: executing program 4 (id=1971): syz_open_dev$midi(0x0, 0x2, 0x0) r0 = syz_open_dev$amidi(0x0, 0x800006, 0x40401) (async) shutdown(0xffffffffffffffff, 0x0) (async) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) syz_open_dev$admmidi(&(0x7f0000000140), 0x20, 0x0) (async) r4 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x80383, 0x0) ioctl$SNDCTL_SEQ_PANIC(r4, 0x5100) (async) ioctl$SNDCTL_SEQ_RESET(r4, 0x5100) (async, rerun: 32) ioctl$SNDCTL_SEQ_RESET(0xffffffffffffffff, 0x5100) (async, rerun: 32) r5 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000400)={'#! ', './file0', [{0x20, '/'}, {0x20, '/dev/sequencer2\x00'}, {0x20, '\t^\'-{&-\x0e}\xde\x98\x9bPO\xda\xaf\xca\a\xb4x\x88\xa7\xbcW\x93 \xbeL\x7f\fU\\\x04\x15_Z\xbc\xc7\t\xaedR\x9d&>\xb8H\x91\x93\x1bn\xca\x0e<#\xc0\xeb\x040\xfa+\x8f\fo\x99\t\x916\xee\xc2\x1d\x13~\xdf\xef$\xe1J\xc3\xad\\\xad\xae\xa3\xde\x04{]v\x96]\x18\xae\x16\x01\a\xd5\xed\xb2\xcd\xb3\xcf\xa6\f3\xa1\xc5\xfb\xf1\x873\xbel\xc0>\xb9}\xd3k\x96Q\xd3 \xe5\x9da|\x7f+Nm\xee\x1d\xef<\x9e\xff}\x83\xd4#O\x81R\xd0\xe8?\xa9\x03\x85\x81WR!\xb5K\x81\x84\x7f\n\xc0\x1b}>\xb8\x85\xa0\xa0H\xaf$r\xaf\xe1.q\x8d\x878Z\x10\x8f\xf2 \x1b\xcf'}, {0x20, 'y!B\x88R3\"\x85v\xfb9I\xff=(.#\x00'}, {}, {0x20, '/dev/ttyS3\x00'}, {0x20, '/dev/kvm\x00'}, {0x20, '/dev/kvm\x00'}]}, 0x10d) (async, rerun: 64) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x10, 0xffffffffffffffff, 0x0) (rerun: 64) r6 = dup(r3) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) (async) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async, rerun: 64) ioctl$PPPIOCGMRU(r5, 0x80047453, &(0x7f0000000000)) (rerun: 64) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0x1, 0x3c, 0x0, 0x0) syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text16={0x10, &(0x7f00000000c0)="66b9b60a00000f3266b99503000066b80000000066ba000000000f3066b8010000000f01d966b8003800000f23d00f21f86635100000000f23f80f01df0f00d8aed168050f236266b96a0a00000f32", 0x4f}], 0x1, 0x40, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) (async) personality(0x8000000) (async) r8 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0) (async, rerun: 32) r9 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/meminfo\x00', 0x0, 0x0) (rerun: 32) ioctl$TCXONC(r8, 0x540a, 0x0) (async) sendfile(r8, r9, 0x0, 0x20040023896) ioctl$TIOCSERGETLSR(r8, 0x5459, &(0x7f00000001c0)) 41.377676391s ago: executing program 3 (id=1972): ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x24, 0x4, 0x0, 0x0, 0x90, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x9, [0x401, 0x5, 0x3, 0x5, 0x4]}, @timestamp_prespec={0x44, 0x4, 0xc0, 0x3, 0x1}, @timestamp_prespec={0x44, 0x34, 0x0, 0x3, 0x0, [{@dev={0xac, 0x14, 0x14, 0x80}, 0x20000}, {@remote}, {@multicast2, 0x7}, {@private=0xa010101}, {@rand_addr=0x64010101}, {@broadcast, 0x52b1}]}, @noop, @noop, @noop, @lsrr={0x83, 0xf, 0xdc, [@private=0xa010102, @rand_addr=0x64010102, @multicast1]}, @rr={0x7, 0x17, 0x0, [@dev, @remote, @multicast1, @private=0xa010102, @remote]}]}}}}}) r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', 0x0}) bind$packet(r0, &(0x7f0000000040)={0x11, 0x4, r1, 0x1, 0x0, 0x6, @broadcast}, 0x14) (async) sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYBLOB="04010000", @ANYRES16=0x0, @ANYBLOB="000225bd70000700009e22bd2f5cbcdd3625a4d8b14c305be509ebf0714fbd447b052afa6c303fcaa2516dbb471355d766697b2e92acd18bbdb9eaa3e98f39a396b3d7fe3a140a0cc15f1d04202f8b477d3e806d4d8868e0684200a077d466c821753435ec225cdc58c770ffa96af0ffda5491ded40aa7dd957799432e9c2a8f81b639026462fd4a3f0e6916f61f9dd21ba63bb9d9431a35e4696a", @ANYRES32=0x0, @ANYBLOB="0c00990009000000510000000a0006000802110000010000040093001000b000000040000600000106000e000400d000b6002a006512894f8fdcd5fe080211000001080211000000831f00f908080211000001f7ffffff01010000050000000802110000000c00000026790e0102cdc621d602a24aa952cb019e36930563cafd93eb91a934af6eeca771653bc08ab59cb2d402b37960e606adb08eb4b5410d9d5ddc561033674f9d24dbf873e754c35739a2509534beee799e9310f50697525a10b6d79667ec7dbf986dff97e8b8213492c4dd60274472be51bb1fb0ae21480f09b93ca701000000"], 0x104}, 0x1, 0x0, 0x0, 0x4000000}, 0x48009) (async) r2 = socket(0x10, 0x3, 0x0) sendmsg$kcm(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480d0000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0) write(r2, &(0x7f0000000000)="2400000011005f0414f9f40700090400810000000d0000000000000008000f0001000000", 0x24) (async) r3 = socket$igmp(0x2, 0x3, 0x2) r4 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) get_mempolicy(&(0x7f00000010c0), &(0x7f0000001100), 0x0, &(0x7f00003a5000/0x2000)=nil, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) (async) rt_sigprocmask(0x0, &(0x7f0000000200)={[0xfffffbfd]}, 0x0, 0x8) (async) r6 = gettid() (async) r7 = getpid() rt_tgsigqueueinfo(r7, r6, 0x7, &(0x7f0000000040)) (async) rt_tgsigqueueinfo(r7, r6, 0xc, &(0x7f0000000140)={0x0, 0x0, 0x200}) rt_sigprocmask(0x1, &(0x7f0000000000)={[0x9e76]}, 0x0, 0x8) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003740)=[{{0x0, 0x0, &(0x7f0000001f00)=[{&(0x7f0000007000)="c367d19bd846408b18bf5015473de305a358ef7ab35606865f0d0489f7e8b6d29f736f6f2b7a8226350fe8b041337f2bdea559ca97f32175fe220c15f88c33505ed7555c994e055865b78546cc96f2a047ed2dea2b5877132a08e8f3c66a7424af405148506971c4b65a70f5c612b51497fe7565759e4acac1d0e64601743a1cd9723eb3b2785fb1e46cbfa22357520f1501845f55cbc129fe2b71efba3e3eeee48ca0df388fa4e6131361d62443bdc7f8fee56d5f070d49eb0b33755acd05210fe69c6f414f8eaed763ede68a09886faa4355f34b8a53be6691e25baf481b4c83d84d38c21f39aef89c6ee62aab57c7c67d27044db15fe29b70f16e17dad7ef2732488def2736dcaac0651301c7c81048f209c17b6b04a2461fdfb9e716246793709156a14f524150e2e804308e69b2dc9898abdedbcfddc1ff1afa7a40c942c6b74b319880b639f6a79ee6fd35d387e49bf4d0495dbd2bcc6fb5db88fcf3229088565b733cd37446f6adf53461d1287bdda8c5469f7b031e751ff256bb679b6eae4157d8f963a058b7c6cca2ff2bdb5ea6fdc09500ff888a4467575772e4da843558ac206971fefae4471642e49f387a1160b498ec4757803a57d261b8d593c35a720a925375c53ef3791adffdef904f5ffa6cecb3c259cf6540180a1981d19d0394ba61edc6a6fe8438a0df35a111ed609b68a620e00f88c0798946e4bfc93898f3ca9c998b3ad2d6b3e08b4d6ad719d4c17b20bd6f7eaf9a16a660b4a74dd330c48e5a229e36455cd9ba67a632ae56d4e1f54c66491981527d3467a903ca41fc891401e089e39ce5beed57de4879c7e055e29643e2df13d9c62ecfb82497eeb536cd1689e9d5ea1c84fd186c02967b80030ab179c232824b7fa5deea33709cea4cd43fc8c5b11306266026d5e64540c778d84afa6f62c364ccbf58d6508ab2b402970e9a5865400f8b33ed49122cc7b1208404977c9b06e2d80e81b6094e78cc59b11e0ab1fdb1f02f1ee516cd6d9238c0e7", 0x2d4}], 0x1}}], 0x1, 0x10c4) (async) r8 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r8, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0) (async) sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0) (async) ioctl$KVM_RUN(r8, 0xae80, 0x0) getsockopt$inet_opts(r3, 0x0, 0x6, &(0x7f00000000c0)=""/3, &(0x7f0000000100)=0x3) (async) open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0) (async) r9 = socket(0xa, 0x2400000001, 0x0) setsockopt$inet6_MCAST_JOIN_GROUP(r9, 0x29, 0x2a, &(0x7f0000034000)={0x1, {{0xa, 0x0, 0x0, @mcast2}}}, 0x88) (async) pwritev2(r8, &(0x7f00000001c0), 0x0, 0x1000008, 0x38, 0x16) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) 40.957269274s ago: executing program 0 (id=1973): r0 = socket$pppl2tp(0x18, 0x1, 0x1) r1 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @dev}, 0x2}}, 0x2e) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f00000000c0)=@gcm_128={{0x303}, "2555cc93b245a776", "06a7758cddd1e7854dea36feabc4b02d", "a5a7691b", "480d9af15cd0bbe7"}, 0x28) setsockopt$inet6_tcp_int(r2, 0x6, 0x2000000000000020, &(0x7f0000000040)=0xa, 0x1959cc36) r3 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_SESSION_DELETE(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x34, r3, 0x1, 0x70bd2c, 0x4, {0x5}, [@L2TP_ATTR_CONN_ID={0x8, 0x9, 0x3}, @L2TP_ATTR_PEER_SESSION_ID={0x8, 0xc, 0xaa8}, @L2TP_ATTR_PW_TYPE={0x6, 0x1, 0x5}, @L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x4}]}, 0x34}}, 0x0) 40.6380665s ago: executing program 0 (id=1975): syz_usb_connect(0x6, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201"], 0x0) r0 = syz_usb_connect(0x0, 0x3f, &(0x7f0000002000)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e", @ANYRESDEC=0x0], 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000001a80)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$FS_IOC_GETVERSION(r1, 0x5b16, &(0x7f0000000040)) 37.767952756s ago: executing program 3 (id=1981): openat$hwrng(0xffffffffffffff9c, 0x0, 0x200, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000d00)={0x0, 0x0, &(0x7f0000000880)=[{0x0, 0x68}], 0x1}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000b40)=[{{0x0, 0x0, &(0x7f0000000540)=[{0x0}], 0x1}}], 0x1, 0x0) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(des3_ede)\x00'}, 0x58) r3 = accept4(r2, 0x0, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000400)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe1a}], 0x1, &(0x7f0000000380)=[@op={0x18}], 0x18}], 0x4924924924924b9, 0x0) recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000000c0)=""/73, 0x49}, {&(0x7f0000000200)=""/83, 0x53}], 0x3a}, 0x0) sendmsg$alg(0xffffffffffffffff, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000b80)=[{&(0x7f00000003c0)="fe22d7b66376304d77de", 0xa}, {&(0x7f0000000440)="abbf909ce9cc7531089a2225a2d7c9d4c09fedb4470ec74cb137dfc9de8fdea108bbcfa62e7da70335451a6618cc7acb1a88f4ff18e40000d6eac3a4a4012205988c0100287258f613fb0adc6c0a74de3dba4c2387d300702914c866e9b4", 0x5e}, {&(0x7f0000000600)="4c26453ed3f991e942d84e53b0f17f7494c5d5674d8ac0d1e56253388fc4b112865c7038693fb313e752c5893670a52ffa53cb00163bfd4b54289ed75c13033fd732e8434bf6afa06efb2ac280850fdf761076976f7ef109445199336aa63e3b6b3b39ee0c02bbf1361bde6abc340389c1a603eeb08880a29eff9097165541275fd9ccb1fc93b348ddd89ede844e96aac7e2e377a8dcb56ca30618816263dd7be238eba5fe6157385b71ccd5e938044d5730e22b037d96bc2fe2a244c7f561e8f5a69fec8df321293f65c6996b56b0e4b187c009dfc3f0d8e102b065034ed9a058eeb085d8ad01c4", 0xe8}, {&(0x7f0000000d40)="48241cac329a0b8c268004c2557fd9cb18d215229da18891377c099d282f51d7e0e657f80653dbe8b7b7ede5579e61899079ac6a00816e97fd313878b014b30b7bf3babc1efb26ee0a61c81838a010293dc051a3eff70433c822b3740d2616faf79be7d15a65f3cf22ba3aca65db3630b8876fdd1de9cae0d1710459272758805533d6f95bdba36d36537cc14d6550153fcb36e7852a62fe628a22963b8d30b14a5490a2303de825bfb9311171698e3204b04d108c600112d815502069fafae3052a787cbab968e05c758a1f149ba0be27d3b2c239147d4009181afb706bf1ca049c066bdc5324afc4d8b256f30410b21f9a2436796efd08a5d46df92717ef7ea7f40cb906ab5610873c3c243112fa35e4af83c86cc336f5599bb20c5d78a57ca3e1a7d5c18b56cf9ffec9bad408f82f66be875fb3d5fa0a655fbb222b71057a560a44c6f3f581867bfe310f6274b8580c9ef852491ffb4e606257db14427d7d34b29e8e5d3c1a8c06c893dd88d68c00aedaa1d01e80aa31a31c4c240d3d298ae0aa07e372e2bf322d5c31d63e897a901019e5e97fb84cdbd676078fa8a02bd94bb07066e2d8f562149e886dea642b070e5e58d07963252c70b569d27f6d9350b28abf2c869cd7998156065a64ba932d4eac68b3e8f5f356ec5e317c56307a0b7b5cd73b83e0186bf19299bd996ffc88e159dd2ecbb61fd6ac578bfa33cba3ef366e31cefd5b5275b08289da9d2d2f71e10ad2889c3e96fb0fe993747fa3decf1e1cb3d1209ca561f8d7326e3b3f1ae94398438fcb682a435d9320f2f939cf929abd6f6c113b9603ea284f93032e216a7ea4e4e51ee2a5065f29fff691ba68017c294b2bec55ac21cf6425ad5bed0e954f49d43c30e6ce51091066bc0cd9ae6de605d2a823fa6862e99002a3c26fc6ba038d140865e07abd6366d5e1eaf294f684cad603e4a5a6563c9e8e402fb9c969999d53605de70cbe84c8129694015e23a3f630b2366c3348e6ab80ceadb59e4bd82267dc16517ca90b86af2e81bc3be86124a5c38e8b6229aa68207fe2a645bad6b1435c65e5df7bf61328d44aca2146dd72fb0e6bb3dcde90dd68fd64c1fea79f847ebd2fff6d2a8b01a2f2d49711359b59878d42041ff3719a09a8101f6206a3d1dfede69dddae7a12d3a3d92d0a1f86490420e2f017ef1b0fe914f70aebef2cbef4e8da0e433cd7582276aaf3acc95f8b5eea9175f22d429b4d31088cf04db000f2b7ee234a05bd827083250069b177f71f96c886b56e50d2ca3bc40509142c6d65867d1d05cdc1a4b32d15c7ea1cc4485308fde666f6bb94753856a34aa1947c1c2022e0f406b9947aa283ad36fd1b382cb19c7773128717a59b6c20010cfd45c64f33e09ed76432cf8e0bd7407ff6df06d9bfd683aa053c5deeb7fc4d4b02460d247bda66399fb1f7c81f0d7f916a471725355b48f3197e80133875d130a43542757291e04c94f9afe86bf712b1315eb005590798ef81915b07ad67c55fe1040d6f83355b0b52a31660d98a2bdd637a0c62cefe08ce4113cf6c13d5b5ec796477cfd702c6c346a70a1ddf9af9225d5e8df1442c84f4be6132bfa4da648dd43213fa2927710216d610cdd4e75c0e6a64d11254948442ddf0f0acc23feaad4abb86eafef2ca130171c5c4749397a3d29bd976c11420f0f61138b75c373268c1a82e72eaa2ecc51fbb8a07f2bea4c7cadfa80975ce02c46bde41d59091428647f0745c976bc97c22edd3b2741b8ee712d0ede9499b43876866d692fdd191430c0be76bb93a93e610db1e47e04cf2d115d949f2ca2231a3d82ef12781e976192ebea7750d4119ccbc2c14141497997526d5e878e2a6d9c7f815c75d9e0943ead3993bc756d6b0a37531c0ddc4e850278487c89cfbe55e05737222f9061e45028ea6d67148ad7affe169e81a37351c935e7473e383b3e057a1afa46edfdd4198a6dc1bbdf1b1570ff561530657b51000e75bbf55ff481be29c207e20ed36eeffdf4951b7b03243fe55b093cad9cc5f70f64edb69da16e2e622eb85bcce6082c462c684b4850551f8481988e3ab080092f31f93bfe7ddcf2f606dec9393e20c55c7bd97972cc0d4bf46dc6267d5fa43ba7d66863ce34dd91a4fed2898b77e30ba5578566b074f69042c1b94eb5ae7ee568c5f13e55220304f7b861374eb2bed874e32f96cd2bf29ea3752d075d4b8e792515a7044ec8054a1e461c8813515a396baed241b59807d3ef9c7a3d334de8839c9d972fb9ed980b6e0d21f77d91133536d91ac4477611ffeb76b3b420786b0af49a6cc0bcd90a1947d627c218f0965c1c8a0eae57464ff755050980f65f18f73f757e175c489a1d8a15168016e1d15f105f4cb438b5a546d85b38057ab18145179ecac20b6b9008412251ca6a08fb8d8d46e1eb26ca1d9298d2c096557c882e022f0b8c8e00afa10597bd82cbe1096d4c5071abce658dfe605703ac17bf0f176b999cfec2bb003b1b0378824a7bfa78d750451852fad60db8c15b19d2b4f2102562eef1780273f601665d3f0228d50afffbad1fd873ee5500a068d06338ff2b867f63b6e3ad48494c979276006173e2e82c5b708b0b6fd778fb8133d9cc4fdb666a8d66eb69d08e5a5cf5aa1a5c5229444b1452c3531c09191ff1a00c4cce3492cb7847666a804f82ca992bd2b7e9fde6ef11bd94ce75d5dc1927691b8297e8c96b119cc8b4d2bf78a18ae3619a9db620c331e384b742d1609612e2ce9bf449979ce90c629ea60c8e0a8ac8776f01aa2f84f5ef4cd31b8e1edfa3f54dcbc23174c4851a2654df87bd8329be842986129bc3eada97a3819ef71ad812fe2ce107e30855d1905023b7b07839127f869efd1bf0b51801e6eaf5861440162f106309edc506e2c9b119483c711d280feae1484c9dae2751dd12088799e497ef9221f44cf9279b9da576d46bef79921e93fe4ba75ff8d672e0f94cb702be0fd5b49d1bc9508029b5589d04d64b750cbbbcd7e522ebd14ddbd20a2350139bbb489931caef35896974c66813b17a574052bb153327b2523563690923c4afd1e66751310f039df36085aa18842bf8914aca65bc03979bbcc734d088c25bf2eebe215a1e3a53c7f2ebc12cc2a0ee929d9083e1d12b12b2512072848e817331beab40d26a06449c45b2b856fc536436a1bcf5d417eebb7372dc50665c249cb714100d9d10b59809eb471331b10ba41daaef04cf8c01672fbc8e874596fc12e88db3c400cbb69bd6b2b08391ff2c17d7eeba1f2aade050cfb03dacd753a21afd0772948818e377482a3c37f17e1790351cb078e90f6e54bea4f6012ba3e73b6f8b81512dbb59e5445ecb91831c04502f94f87bd02d746c0e78e3149b6655c6316557c1adccfd4801dd49405fc81b89bd42add41d9431b68c5551ed532b78b41a5aba8951e6abb28b7945e2bbb245bb6725d247db44293b6f1e7e6be571817fad2c6b170a31126e25029831056ee31f519cf90a83735275781ab64eed25ebc0d04299dd422663f69af9c79af2d4015c0c6d91632ac050e55659da812e3cd87c8bafbd3f8dcce159cd103b913315d4d6179a85aaab534188c9ed6ffe661321a1c6f0798af919139e402c2f1d2d4215069db0f522d5aafb3b81c60f939f101e0bcbdd2c75e15c12b4d5d9d6927c6f013534ab8b9c2aaaa4a75212c1efb980752268581add59f0e276aa80454624d3546f74820b07e01ac74a9a6c50b27c78a2189045b418deda0b3972f132943dd392c6e3696542a2f6199af6392f2652585fa56e4532400611d13ade17f307643787582dbc795e77ad9dfbab61ec26dc08795869670b96e4f70d89cb88c3d708fa57dcf4b9e817eeff540e4f62ee6a3b28cef6bb0ce5824c4e62980ee18f8cb6f0d76618209554e2854e2648c06d20a416a8b12df2c4e29439d3fed8c6df8499a258c10dd67a22fb81547d0694451c29f561d7b4d5cbdfc8d5b7197bb5be8cc116f1c44f57746b5c243bd5ef70aea3abbeb556c548f1d78cdbef8771347e668ff27454bd78c2f09dd0179627a23a4ceea0fbc84954b928bce032ae92a935f3a0c53482dd575cea696b68022329078aed20f64ced28460bd396a6ae0d4aefe2a1a8908a074a64deb6bf2adaf9a09e09e7dfee9fce560dfd6b966d51b53271109469f884c22ebe1b4f74669fdfd4191eab5b62f6e3bf0d9709d182e25a76f36f42d05898ed61e2dbb459531bf2ae9d5f3d5ec089425c8b85e4ec3765db98a33e3256a27c4958d103268df4eefd50dee2a83fb4f1b0d2a9f74b8e37d99f8eb328e2e9d20fe7004aa036bd65330d5722c4f62b2205fd78ed84641dff898faec55a7b0d14b374ade04f531b5b2f2432049ba2bcd7d206e924c681c01ac6dfa71ba187ad0ac1b456bc2c97edc145d15bb5ac93587f00047ab850bd7f29d4a653436d52c3770362cf0f647c0e68fc9bf2a79c06d276fb7346d255f37cf9a83e424634cd022783fde25b2bb6ced238740cde8f02cfb45c5723c0562ac963f0a4c0331a78f915234b49f228a8003dcf7477223aa1199c60dced0c181c21eb1110152a4de20fcae778feb6fdb1d12c1d4eab297fe7f4f8e8eea17ab1a5cf92d60d2532cb32d015b3e2b79f3e8bfe773daf0abf059681fc10c17b98d71507b8d306e068432a2f97e2be3a212194e989e34b8bb58f215c423b66e2972f97343730bbd12e2bbf4df816cfd580dc73c82c3eec6e0900733a03cfb05a303c9dc5b35a00b3cebb9c8a12fff2ac3e175bcff663974cd7bfb8206e28c4894940567bdc9a0cb0d05f5efc197cd67eadb3d211fc3078fb7f6d62c49b3be92eaec83a2317e4b24a8f68a30896b652f7a23e7a3f52d928ecf5e1e38258ecdcefb9d7f7a656437ce2636e81871461d52a245e26426f9ba2ef0d21bb64b16e880462bf18dabec068aa7ad2ffe59c69b839d7657374340e3a27a0076ed84ca80fcf0a9a94588f29683e9ddb28787f003343703170c09a9c86ab3f2aab116fe409e0a4fac4e9503c70201b536f8f06ce4f7f86e85b8b9798a72fff039e9d168b91cbd13af317cbd45a3eeb086f79f53fad49be5b88fa5039df59305b8a7fd73a735b6b75b8ab3df7c79fac3b5725b64d28915d66ba82a4a0baefa666fb518bd3c2ac93899583a985e24a65baa99a2055290f39700dcbaee9f13f75d67a710216e5c3f301d1d19b7bdf3e45ea7a87780fd9c97e01e395524c26b6e632257aeaad9f77ce33fe94f63280348e8d9efe541d43891c51b5b8ec37af328ef6b7009718dc9d7ae1cd502705eee64c6ff53278142d8768eecd81d75ac3003681a576e10fb09a8fdae27d2c7250806c6d19966c4a8a5aeab1596690f33636cda09adcd4d623f3a9ab0ae4c14f5cb9c5a813c044bb3e0c195d0b02b8c4a3925acc6cfbefe3ab4b97a31a369ca7bdc16de11369749f7a58b9830c2f351a8f73bec2fd6862d3d1280b641b2bd06d6f1224632ba023c9e20289e7643fe8ecf2869542cd534677b8c178726e7365bb811322d09683344a1df3ce38632f76e501a7d98716ebd59737b02ed0a444fc5acb1f6b25247297c1ec769066d9fe1087d9e84eb9248e47386a19f61bc7a6ef530fe57282cc387add49dd8f19f3f4f89d7f57f446ae0d1718968cd962cd9252f8e88f81edf2d07d7d977a515cf3b9909ff16e53bf24806e5142dc5fa311e57689955278d98a4c2d340752c90a0a3556455f56625fef7273493a4432d257afba0de599955f27af4ea9f05841cfed6a70642e69eb711cd52eccbfa0cb2227b9d31", 0x1000}, {&(0x7f0000000980)="55aa1f965a81d82a11b174e44d6df5dd8ccb96001845e84e35deb8b589d591d4ee74b6c68962751598c34b5b85708ae3cdf849b843daa970d4ed0c46c590d1dd9f4d1d41185f74fa9c3fdf60c0cdb8026c16dad0ec605ef2ec1503ef3d123fca049010c1b72d0f60bb7cb047ecbb3fb6ae5a50bbd0b2d47ec591217f5e817862395eeeacb7fd9c770b0ae7c47aa32b64c6dd4581c3d89ed57249dad7aeae7e5129dd0de524017cffce72e6c8c44286e560c5ef4e763318a8c333e9f256fde3748de36ac90482ac0de433864319d308b849e5464e9bcabc586c79f0077d689ede3f14e338fb6d", 0xe6}, {&(0x7f00000004c0)="89b43e7593064905c5fbec82b477b3a1f2004606f5a7ad9d0b384f95c54288f88b40f04962195a00ac183091642ad5d938833c095573bbae26325aa9bef39364cc47c8e8ed416bde9c410329c99c0fc5460f5f51510de56509fd946b239c3e", 0x5f}, {&(0x7f0000000580)="9891feb57da46f0c1b7ccd19ee2b40a9aadb9de49613a2ae", 0x18}, {&(0x7f0000000a80)="ecf622ae085598354d2cf9db163efec9aec6a26e3ab61ddedd86e9695d8c5af1da72f50890af4f86eacc8e0f9256284314239df240427d8bd6586e2f108922a314825ca4414828c82c16c2989b66599f04690a12c2ac7475383938a7ef6c6d3d9d1f166314f170f581cf07d5c8de4fa5210dc95ea27b73172b30e40d6cf42339a3adf8abc879de73e7e2481fe655c1643abb", 0x92}], 0x8, &(0x7f0000000c00)=[@assoc={0x18, 0x117, 0x4, 0x3}, @op={0x18, 0x117, 0x3, 0x1}, @iv={0xa8, 0x117, 0x2, 0x8d, "83dc8b0a461cdbe2a0e6111e63c38a3cb916e2a88a9e89a7f2a56eeb710690ba757d8ee792ffbc98baa64d66ee4d0221b9dfc7e8a64286975e58902ca32f4eb90e9cee16a138efc4f6335ce96065304f61bc224aae83e50a27c305669d54f82a9fa024f617d07a7162aaa3c769b0e122d4db63912a290a3ca0b0a19fa074df4689edc9bf27a8c2aa7f3321a067"}], 0xd8}, 0x20004041) ioctl$KVM_SET_IRQCHIP(r1, 0x4020aeb2, &(0x7f0000000740)={0x0, 0x12c, @ioapic={0x0, 0x4, 0x7, 0x6dc, 0x0, [{0xff, 0x4, 0x2, '\x00', 0x71}, {0x9, 0xfd, 0x8, '\x00', 0x2}, {0x96, 0x10, 0x4, '\x00', 0x7}, {0xb, 0x40, 0xff}, {0x8, 0xb, 0x0, '\x00', 0x3}, {0x10, 0x0, 0xf, '\x00', 0x4}, {0xa3, 0x9, 0x4, '\x00', 0xfd}, {0x84, 0x3, 0x3, '\x00', 0x9}, {0x7, 0x0, 0xef, '\x00', 0x6}, {0x7, 0x7, 0xf, '\x00', 0x5}, {0x2, 0x40, 0x7, '\x00', 0x15}, {0x9, 0x2, 0x3, '\x00', 0x3}, {0x2, 0xf7, 0xb, '\x00', 0xe}, {0x4, 0x0, 0x4, '\x00', 0x2}, {0x7, 0x7b, 0x9, '\x00', 0x83}, {0x83, 0x3, 0xaa, '\x00', 0x6}, {0xfc, 0x5, 0x0, '\x00', 0x7}, {0xf8, 0x8, 0xfc, '\x00', 0x80}, {0x4, 0x2, 0xac, '\x00', 0x4}, {0x8, 0x7, 0xde, '\x00', 0xa}, {0x5, 0x6, 0xfc, '\x00', 0x81}, {0x3, 0x8, 0x4}, {0x4, 0x8, 0x1c}, {0xf8, 0x7, 0x4, '\x00', 0x6}]}}) 37.443888335s ago: executing program 0 (id=1982): preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='net_prio.prioidx\x00', 0x275a, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0xfff0) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000100)=0x1, 0x4) connect$inet(r0, &(0x7f00000006c0)={0x2, 0x0, @dev}, 0x10) mmap(&(0x7f0000511000/0x3000)=nil, 0x3000, 0x7, 0x4c831, 0xffffffffffffffff, 0x0) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) write$binfmt_script(0xffffffffffffffff, &(0x7f0000000000), 0xfea7) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, 0xffffffffffffffff, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="020000000400000006000000aa0b000000000000", @ANYRES32, @ANYBLOB="00000000000000000000000000ce34eeba280000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0), &(0x7f0000000280), 0xa7c, r3}, 0x38) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000340)={'wlan1\x00'}) sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000280)=ANY=[], 0x398}}, 0x20000010) ioctl$KVM_HYPERV_EVENTFD(r2, 0x4018aebd, &(0x7f0000000040)) bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48) r6 = socket$kcm(0x11, 0x3, 0x0) setsockopt$sock_attach_bpf(r6, 0x107, 0xf, &(0x7f0000000000), 0x4) sendmsg$kcm(r6, &(0x7f0000000400)={&(0x7f0000000100)=@hci={0x1f, 0x0, 0x1}, 0x80, &(0x7f0000002100)=[{&(0x7f0000000580)="27050200590200000600002fb96dbcf706e10500000088641100112708590021b8bf4a31ee32", 0x26}], 0x1}, 0x0) sendmmsg$inet(r0, &(0x7f00000019c0)=[{{0x0, 0x0, &(0x7f0000001880)=[{&(0x7f0000000540)="de", 0x1}], 0x218}}], 0x1, 0x4008440) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2) r7 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0) ioctl$VIDIOC_ENUM_FMT(r7, 0xc0405602, &(0x7f0000000000)={0x5b, 0xa, 0x0, "05fcff410400001bf9585253b800c495f2000500"}) 35.37129781s ago: executing program 1 (id=1985): syz_usb_connect(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201"], 0x0) r0 = syz_usb_connect(0x0, 0x3f, &(0x7f0000002000)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e", @ANYRESDEC=0x0], 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha1-generic\x00'}, 0x58) r1 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) clock_gettime(0x0, 0x0) recvmmsg$unix(r1, &(0x7f0000000bc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x100, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000940)=ANY=[@ANYBLOB="340000003b0007010000000000000000047c00000c00e1000800070004000000140001800600060086ddffff080011"], 0x34}}, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000001a80)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r3 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000003c0)={0x1b, 0x0, 0x0, 0x2f3, 0x0, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x5, 0x0, 0x0, @void, @value, @void, @value}, 0x50) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f00000005c0)={'ip6gre0\x00', &(0x7f0000000540)={'ip6gre0\x00', 0x0, 0x2f, 0xf1, 0xe2, 0x2, 0x18, @local, @mcast1, 0x10, 0x20, 0x8}}) openat$incfs(0xffffffffffffff9c, &(0x7f0000000600)='.log\x00', 0x4400, 0x61) bpf$OBJ_GET_MAP(0x7, &(0x7f00000006c0)=@o_path={&(0x7f0000000680)='./file0\x00', 0x0, 0x0, r1}, 0x18) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000700)={{0x1, 0x1, 0x18, r3, {0x2}}, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00'}) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0) ioctl$PPPIOCNEWUNIT(r6, 0xc004743e, &(0x7f0000000140)) ioctl$PPPIOCSPASS(r6, 0x40107447, 0x0) setsockopt$inet6_tcp_int(r5, 0x6, 0x2, &(0x7f0000000200)=0xc5, 0x4) bind$inet6(r5, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c) r7 = syz_open_dev$vim2m(&(0x7f0000000000), 0x0, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r7, 0xc0d05605, &(0x7f0000000140)={0x2, @vbi={0x0, 0x0, 0x34324241, 0x0, [0x9], [0x0, 0xff]}}) sendto$inet6(r5, 0x0, 0x0, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) r8 = syz_open_dev$vim2m(&(0x7f0000000080), 0x3, 0x2) process_madvise(r4, 0x0, 0x0, 0x13, 0x0) ioctl$vim2m_VIDIOC_S_FMT(r8, 0xc0d05605, &(0x7f0000000200)={0x1, @pix_mp={0xbc94, 0x0, 0x47524247}}) fsopen(&(0x7f0000000000)='jffs2\x00', 0x0) 32.161690871s ago: executing program 1 (id=1986): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) bind$netlink(r1, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1001}, 0xc) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@remote, @in6=@private2, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, {0x0, 0x0, 0x0, 0x800000000000002}, 0x0, 0x0, 0x1}, {{@in=@local, 0x0, 0x3c}, 0x0, @in=@multicast2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}}, 0xe8) sendmmsg(r2, &(0x7f0000000480), 0x2e9, 0x0) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="380100001000130700000000000000007f000001000000000000000000000000e000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ffffffff000000004000000000000000000000003200000000000000000000000000000000000001000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000001e1556b4636a8a0000000000000000000000000000000000000000000000000000000001000000000000000a000000000000000000000048000200656362286369706865725f6e756c6c29"], 0x138}}, 0x0) 31.912153563s ago: executing program 1 (id=1988): r0 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r0, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0xfffffffd}}, 0x10) bind$tipc(r0, 0x0, 0x0) bind$tipc(r0, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42, 0x3}}}, 0x10) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000180)={0x42, 0x2}, 0x10) r1 = socket$tipc(0x1e, 0x5, 0x0) sendmsg$tipc(r1, &(0x7f0000001440)={&(0x7f00000001c0)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x2, 0x2}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x90}, 0x0) 31.757145198s ago: executing program 1 (id=1989): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000440)={0x0, 0x5}, 0x8) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=ANY=[], 0x6c}}, 0x0) mkdir(&(0x7f0000001280)='./file0\x00', 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000680), 0x42, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040000,use', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201000007010208898d398113ef0102030109021200010000334c66df000000b87f97f4"], 0x0) lremovexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000000)=ANY=[]) 27.149739133s ago: executing program 1 (id=1993): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001480), 0x256e42, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0) syz_usb_connect(0x0, 0x2d, &(0x7f0000000500)=ANY=[@ANYBLOB="12010000183b9220488b7f5b16580102030109021b0001000000000904ca00017a8bb500090502"], 0x0) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r2, 0x1) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f0000000380)=[@in6={0xa, 0x0, 0x0, @local, 0x5}]}, &(0x7f0000000180)=0x10) r4 = socket$inet(0x2, 0xa, 0x0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000001c0)={r3, @in6={{0xa, 0x4e22, 0x0, @rand_addr=' \x01\x00'}}, 0x0, 0x0, 0x1, 0xf9, 0x45, 0x0, 0x3}, 0x9c) getsockopt$inet_sctp_SCTP_MAX_BURST(r4, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) syz_usb_connect$cdc_ecm(0x4, 0x56, &(0x7f0000000440)=ANY=[@ANYBLOB="12015002020000102505a1a440000102030109024400010141b004090400300302060000052406000005240007000d240f010f0000000080030004090581030800c4050009058202000201ff05090503020002010680023ae5b096a74373115e19c9a605d5f747600e4ba28426"], &(0x7f00000006c0)={0xa, &(0x7f0000000280)={0xa, 0x6, 0x200, 0x6, 0x4, 0x9, 0xff, 0x1}, 0x75, &(0x7f0000000300)=ANY=[@ANYRESOCT=r5]}) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000000c0)={r5, @in={{0x2, 0x0, @empty}}, 0xffffffff, 0x0, 0x0, 0x0, 0xce024d}, 0x9c) unshare(0x2c020400) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r6 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r6, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) listen(0xffffffffffffffff, 0x0) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) munmap(&(0x7f00001a2000/0x1000)=nil, 0x1000) migrate_pages(0x0, 0x8000000000000003, &(0x7f00000002c0)=0x7f, &(0x7f00000003c0)=0x7) r7 = userfaultfd(0x1) ioctl$UFFDIO_API(r7, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x60}) ioctl$UFFDIO_REGISTER(r7, 0xc020aa00, &(0x7f0000000400)={{&(0x7f00000af000/0x2000)=nil, 0x2000}, 0x2}) ioctl$UFFDIO_COPY(r7, 0xc028aa05, &(0x7f0000000000)={&(0x7f0000218000/0x2000)=nil, &(0x7f000055e000/0x3000)=nil, 0x2000}) ioctl$FIDEDUPERANGE(r0, 0xc0189436, &(0x7f0000000080)=ANY=[@ANYBLOB="2a0000000000000006000000000000000200000000000000", @ANYRES32=r1, @ANYBLOB="faff5c7c630000ff7f0000aeeaed58001b00"/28, @ANYRES32=r2, @ANYBLOB='\x00\x00\x00\x00\a\x00'/28]) 18.768150258s ago: executing program 1 (id=1996): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x0, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x9, 0x0, 0x0, 0x41100, 0x40, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000cc0)={0x1, @pix={0x0, 0x0, 0x36314752}}) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, 0x0, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r3, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) fsetxattr$system_posix_acl(0xffffffffffffffff, 0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="02000000010000000000000004000100000007000000000000002000000000000000055e92f65e4c87d8188d5cc954d0b422b730ea5a936e668e6feaa857b3dac7e6dd937a420de3786afc1bbd0415d09995f459be473a2781982f30d53d5ee6292a4da15517984d4102b6336f0838851cd82fdd", @ANYRES16=r3, @ANYRES16=r1, @ANYRES8=r2], 0x24, 0x0) r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='map_files\x00') ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x74, 0x0, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, 0x0}], 0xaaaaaaaaaaaab66, 0x0, 0x0, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="0500000000000000f2ff0500000008000300", @ANYRES32=r8, @ANYBLOB="0800050002000000"], 0x24}}, 0x0) add_key(&(0x7f0000000000)='pkcs7_test\x00', 0x0, &(0x7f00000021c0)="305c0607e182087051667557c7d7982b8f57fb20a3adc9e3baa292ce8f0a861e6417acfc8648ad1b86400393d502b0cd490635d54cdf5bd0461690982b236949ab5e000000808ce41d86b9b949004fd8fe45b91e8fe7ec7c49750a1b0ade", 0x5e, 0xfffffffffffffffe) sendmsg$NL80211_CMD_CONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="050000000000000000", @ANYRES32=r8, @ANYBLOB="0a003400020202020284c402000004007a52ae439f6ef95ecf2eca8d97ceccd19d9b2fff5b77df8d867683bdcb557b574877f4849caef94ef864ee90ef108d94b9f624426b3c2af242599d4400771298e39a6d5d812b3c9e5e86ce639ca6a33cdd602ba1e7e2a013a89a7823ff4f5ccfd3161065892488e426c2033a7cedf3188ab6bfcb8b901f88ba3edbc287f25b6c98b087ae3f9063841d7a5f45863c549ccd900d9af9db19f9daf210d68ba3b21166d594463d5119b912e8391ce74d2fa8c20127aa3a0ca6af2b50db53f0e56311de0b511e43e4a0fdd6dc0e3c704db7411ac256a19c2224764c2c4a4bbb0211de410722b8838fc8e541ee1dcb9227"], 0x2c}}, 0x0) syz_open_procfs(0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(0xffffffffffffffff, 0xc4c85512, &(0x7f0000000040)={{0x2, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0xe0000000, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x702, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2855, 0x3, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x56858566, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ffffffff, 0x4, 0x2000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000, 0x0, 0x0, 0x0, 0x0, 0x80000ffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x94c, 0x0, 0x0, 0x0, 0x6]}) creat(&(0x7f0000000800)='./file0\x00', 0x29904dc13a69b7f6) sendmsg$NL80211_CMD_SET_WIPHY_NETNS(r6, &(0x7f00000007c0)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x200401}, 0xc, &(0x7f0000000780)={&(0x7f0000000740)=ANY=[@ANYBLOB="28010008", @ANYRES16=r7, @ANYBLOB="010025bd70000b000000310000000c00990083db9a3f4300000008005200", @ANYRES32, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4000}, 0x44801) execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) 10.230757098s ago: executing program 2 (id=1999): r0 = fsmount(0xffffffffffffffff, 0x1, 0x80) r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r2 = dup(r1) write$6lowpan_enable(r2, 0x0, 0x0) r3 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0) execve(&(0x7f0000000840)='./file0\x00', &(0x7f00000008c0)={[&(0x7f0000000880)='/dev/hwrng\x00']}, &(0x7f0000000980)={[&(0x7f0000000900)='\xbc.}.\']-@}\x00', &(0x7f0000000940)='/dev/hwrng\x00']}) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f00000003c0)={0x0, &(0x7f0000000000)=[0x0], &(0x7f0000000340)=[0x0], 0x0, 0x0, 0x1, 0x1}) setxattr$trusted_overlay_nlink(&(0x7f0000000a00)='./file0/../file0\x00', &(0x7f0000000a40), &(0x7f0000000a80)={'U+', 0xc}, 0x16, 0x1) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r3, 0xc01864c6, &(0x7f0000000040)={&(0x7f00000009c0)=[r5, r4, r4], 0x3, 0x0, 0x0, 0xffffffffffffffff}) setsockopt$IP_VS_SO_SET_DELDEST(r2, 0x0, 0x488, &(0x7f0000000400)={{0x84, @private=0xa010101, 0x4e23, 0x1, 'fo\x00', 0x0, 0x9, 0x39}, {@broadcast, 0x4e21, 0x0, 0xb, 0x1, 0x9}}, 0x44) ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r0, 0xc05064a7, &(0x7f0000000200)={&(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000040)=[{}], &(0x7f0000000ac0)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x1, 0x4, 0x4, 0x0, r5}) r7 = openat2(r6, &(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)={0x40500, 0x8, 0x2}, 0x18) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000480)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100)) r8 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(r8, 0x84, 0xc, &(0x7f0000000300), &(0x7f0000000380)=0x4) r9 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r9, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) newfstatat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r7, 0xc018937b, &(0x7f0000000640)={{0x1, 0x1, 0x18, r2, {0x0, 0xee01}}, './file0\x00'}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f00000006c0)={{0x1, 0x1, 0x18, r2, {0xffffffffffffffff}}, './file0/../file0\x00'}) mount$fuse(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000540), 0x800001, &(0x7f0000000700)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r9, @ANYBLOB=',rootmode=00000000000000000020000,user_id=', @ANYRESDEC=r10, @ANYBLOB='lgroup_id=', @ANYRESDEC=r11, @ANYBLOB="2c6d61785f726561643d3078666666666666666666666666626464322c616c6c6f775f6f746865722c64656661756c745f7065726d697373696f6e732c626c6b73697a653d3078303030303030303030303030303230302c7065726d69745f646972656374696f2c736d61636b6673726f6f743d29db4028272c736d61636b66736465663d2c66736d616769633d3078666666666666666666666666666666632c657569643e", @ANYRESDEC=r12, @ANYBLOB=',\x00']) timer_settime(0x0, 0x0, &(0x7f0000000500)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) timer_create(0x4, 0x0, 0x0) 6.961795244s ago: executing program 2 (id=2001): preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='net_prio.prioidx\x00', 0x275a, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0xfff0) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000100)=0x1, 0x4) connect$inet(r0, &(0x7f00000006c0)={0x2, 0x0, @dev}, 0x10) mmap(&(0x7f0000511000/0x3000)=nil, 0x3000, 0x7, 0x4c831, 0xffffffffffffffff, 0x0) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000600)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$binfmt_script(r3, &(0x7f0000000000), 0xfea7) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, 0xffffffffffffffff, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="020000000400000006000000aa0b000000000000", @ANYRES32, @ANYBLOB="00000000000000000000000000ce34eeba280000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0), &(0x7f0000000280), 0xa7c, r4}, 0x38) r5 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), r3) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000340)={'wlan1\x00'}) sendmsg$NL80211_CMD_FRAME(r5, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000280)=ANY=[], 0x398}}, 0x20000010) ioctl$KVM_HYPERV_EVENTFD(r2, 0x4018aebd, &(0x7f0000000040)) bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48) r7 = socket$kcm(0x11, 0x3, 0x0) setsockopt$sock_attach_bpf(r7, 0x107, 0xf, &(0x7f0000000000), 0x4) sendmsg$kcm(r7, &(0x7f0000000400)={&(0x7f0000000100)=@hci={0x1f, 0x0, 0x1}, 0x80, &(0x7f0000002100)=[{&(0x7f0000000580)="27050200590200000600002fb96dbcf706e10500000088641100112708590021b8bf4a31ee32", 0x26}], 0x1}, 0x0) sendmmsg$inet(r0, &(0x7f00000019c0)=[{{0x0, 0x0, &(0x7f0000001880)=[{&(0x7f0000000540)="de", 0x1}], 0x218}}], 0x1, 0x4008440) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2) r8 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0) ioctl$VIDIOC_ENUM_FMT(r8, 0xc0405602, &(0x7f0000000000)={0x5b, 0xa, 0x0, "05fcff410400001bf9585253b800c495f2000500"}) 453.447564ms ago: executing program 2 (id=2002): r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000100)={0x280, 0xa, 0x0, 0x0, 0x3e, 0x180, 0x8, 0x0, {}, {}, {0x0, 0x4000}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}) 297.259613ms ago: executing program 2 (id=2003): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) bind$netlink(r1, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1001}, 0xc) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@remote, @in6=@private2, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, {0x0, 0x0, 0x0, 0x800000000000002}, 0x0, 0x0, 0x1}, {{@in=@local, 0x0, 0x3c}, 0x0, @in=@multicast2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}}, 0xe8) sendmmsg(r2, &(0x7f0000000480), 0x2e9, 0x0) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="380100001000130700000000000000007f000001000000000000000000000000e000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ffffffff000000004000000000000000000000003200000000000000000000000000000000000001000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000300000000000000000000000000000000000000001e1556b4636a8a0000000000000000000000000000000000000000000000000000000001000000000000000a000000000000000000000048000200656362286369706865725f6e756c6c29"], 0x138}}, 0x0) 133.916599ms ago: executing program 2 (id=2004): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x4, [@func={0x2, 0x0, 0x0, 0xc, 0x2}, @func_proto]}, {0x0, [0x0, 0x30]}}, 0x0, 0x34, 0x0, 0x0, 0x2, 0x0, @void, @value}, 0x28) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4400000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="81ffffff000000001c0012800b00010067726574617000000c000280080001"], 0x44}}, 0x0) sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_GET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0000000000000000000017000000080001007063690011000200303030303a30303a31302e300000000008"], 0x50}}, 0x0) writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f00000000c0)="390000001000111867090707a640400f0021ff3f30000000170a00170000000004003700090003", 0x27}], 0x1) r0 = socket$kcm(0x10, 0x2, 0x10) r1 = accept4$unix(0xffffffffffffffff, &(0x7f0000000280), &(0x7f0000000200)=0x6e, 0x80000) accept$unix(r1, &(0x7f0000000300), &(0x7f0000000380)=0x6e) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000002f80)={0x0, 0x0, &(0x7f0000002f40)={&(0x7f0000000080)=@newtaction={0x60, 0x30, 0x0, 0x0, 0x0, {}, [{0x4c, 0x1, [@m_skbedit={0x48, 0x1, 0x0, 0x0, {{0xc}, {0x1c, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PARMS={0x18, 0x2, {0x0, 0x0, 0x0, 0x0, 0x9}}]}, {0x4}, {0xc}, {0xc, 0x9}}}]}]}, 0x60}}, 0x0) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e02003c000b05d25a806f8c6394f90324fc602f00001550000100053582c137153e370248018088a8170088a8", 0x33fe0}], 0x1}, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='net/dev_mcast\x00') 0s ago: executing program 2 (id=2005): r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x42, 0x0) mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYRESHEX=r0, @ANYBLOB=',roo']) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x0, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="05000000000000007111ad000000000085100000000000008500000005"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x34, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0) getdents64(r3, 0x0, 0x0) r4 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000100), 0xa201, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r4, 0xc004500a, &(0x7f0000000000)) ioctl$SNDCTL_DSP_SPEED(r4, 0xc0045002, &(0x7f00000000c0)) ioctl$SNDCTL_DSP_CHANNELS(r4, 0xc0045006, &(0x7f0000000040)=0xc) ioctl$SNDCTL_DSP_SETFMT(r4, 0xc0045005, &(0x7f0000000640)=0x10) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000100)={0x0, 0xffffbfe8}, &(0x7f0000000180)=0x8) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x18, &(0x7f00000001c0)={r5}, 0x8) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_serviced\x00', 0x275a, 0x0) fcntl$lock(0xffffffffffffffff, 0x0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x8000040000000001, 0xffffffffffffffff}) r7 = openat$vnet(0xffffffffffffff9c, &(0x7f00000038c0), 0x2, 0x0) ioctl$VHOST_SET_OWNER(r7, 0xaf01, 0x0) r8 = eventfd2(0x0, 0x0) ioctl$VHOST_SET_VRING_KICK(r7, 0x4008af20, &(0x7f0000000000)={0x0, r8}) writev(r8, &(0x7f0000000200)=[{&(0x7f0000000040)="eebd73c460f8a4a8", 0x8}, {0x0}], 0x2) write$binfmt_script(r6, &(0x7f0000000000), 0x208e24b) syz_usb_connect(0x0, 0x24, &(0x7f0000002040)=ANY=[@ANYBLOB="12010000fe76181004160780a6af011703010902"], 0x0) keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f0000002180)=""/4089, 0xfffffffffffffd79) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r6, 0x0) preadv(r6, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r9 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401) ioctl$USBDEVFS_DISCONNECT_CLAIM(r9, 0x8108551b, &(0x7f0000000000)={0x0, 0x0, "ec9fe44d4dbe56a60274fcffffffffffffff14e315eeb406bfdd73835e57efa94b1a0275781c647aa7e3470c6028643b17832b10b386a6f73791011c26a9aa141f406e312295ee620a9a46577b9249b738fe7750bec83bf6ed5b67213fa7d6c0823fd154ed29ede1ff379742c3f0b46caa357d70ee438f901d7645c3f87e4b21482b76f2ad8eaac090272081f98fd2e3e5a63e006204df635e731a5bfcf142f4529517454618de595cd179445b4bdbf698b9986356f0ebf7d25a57774ef474f86a3ad24ae9f0bf94b99e6b87de5f79d383d05bb32701daed400785a49788f08caecc9e0c48a3740bbe6e1c1fd400cfdfe756bc00d08e36655c00"}) ioctl$USBDEVFS_ALLOC_STREAMS(r9, 0x8008551c, &(0x7f0000000280)=ANY=[@ANYRES8=r9]) kernel console output (not intermixed with test programs): erface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 574.704428][T14017] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 575.001107][T11995] hsr_slave_0: left promiscuous mode [ 575.016011][ T937] usb 2-1: new high-speed USB device number 123 using dummy_hcd [ 575.041453][T11995] hsr_slave_1: left promiscuous mode [ 575.048558][T11995] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 575.083211][T11995] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 575.111238][T11995] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 575.120104][T11995] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 575.162606][T11995] veth1_macvtap: left promiscuous mode [ 575.168282][T11995] veth0_macvtap: left promiscuous mode [ 575.175006][T11995] veth1_vlan: left promiscuous mode [ 575.180515][T11995] veth0_vlan: left promiscuous mode [ 575.182400][ T937] usb 2-1: device descriptor read/64, error -71 [ 575.491434][ T937] usb 2-1: new high-speed USB device number 124 using dummy_hcd [ 575.554245][ T5232] Bluetooth: hci1: command tx timeout [ 575.651212][ T937] usb 2-1: device descriptor read/64, error -71 [ 575.779349][ T937] usb usb2-port1: attempt power cycle [ 576.046680][T11995] team0 (unregistering): Port device team_slave_1 removed [ 576.107921][T11995] team0 (unregistering): Port device team_slave_0 removed [ 576.136666][ T937] usb 2-1: new high-speed USB device number 125 using dummy_hcd [ 576.172953][ T937] usb 2-1: device descriptor read/8, error -71 [ 576.422406][ T937] usb 2-1: new high-speed USB device number 126 using dummy_hcd [ 576.445193][ T937] usb 2-1: device descriptor read/8, error -71 [ 576.575720][ T937] usb usb2-port1: unable to enumerate USB device [ 576.789484][T14017] hsr_slave_0: entered promiscuous mode [ 576.815130][T14146] fuse: Bad value for 'fd' [ 576.823111][T14017] hsr_slave_1: entered promiscuous mode [ 576.848773][T14017] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 576.859933][T14017] Cannot create hsr debugfs directory [ 576.868661][T13972] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 576.918989][T13972] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 576.960655][T13972] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 577.004631][T13972] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 577.061499][ T25] usb 5-1: new high-speed USB device number 87 using dummy_hcd [ 577.231217][ T25] usb 5-1: Using ep0 maxpacket: 8 [ 577.258492][ T25] usb 5-1: config 0 has an invalid descriptor of length 102, skipping remainder of the config [ 577.269949][ T25] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 577.320935][ T25] usb 5-1: New USB device found, idVendor=8d89, idProduct=8139, bcdDevice=ef.13 [ 577.342531][ T25] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 577.350598][ T25] usb 5-1: Product: syz [ 577.391166][ T25] usb 5-1: Manufacturer: syz [ 577.395923][ T25] usb 5-1: SerialNumber: syz [ 577.410668][ T25] usb 5-1: config 0 descriptor?? [ 577.506879][T13972] 8021q: adding VLAN 0 to HW filter on device bond0 [ 577.551608][T13972] 8021q: adding VLAN 0 to HW filter on device team0 [ 577.570004][ T9279] bridge0: port 1(bridge_slave_0) entered blocking state [ 577.577203][ T9279] bridge0: port 1(bridge_slave_0) entered forwarding state [ 577.598031][ T9279] bridge0: port 2(bridge_slave_1) entered blocking state [ 577.605215][ T9279] bridge0: port 2(bridge_slave_1) entered forwarding state [ 577.657381][ T46] usb 5-1: USB disconnect, device number 87 [ 577.734329][T14017] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 577.763623][T14017] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 577.799128][T14017] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 577.828713][T14017] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 577.907834][T13972] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 577.945068][T14168] sctp: [Deprecated]: syz.1.1800 (pid 14168) Use of struct sctp_assoc_value in delayed_ack socket option. [ 577.945068][T14168] Use struct sctp_sack_info instead [ 578.028079][T13972] veth0_vlan: entered promiscuous mode [ 578.045388][T14017] 8021q: adding VLAN 0 to HW filter on device bond0 [ 578.069579][T13972] veth1_vlan: entered promiscuous mode [ 578.080474][T14017] 8021q: adding VLAN 0 to HW filter on device team0 [ 578.111815][T11995] bridge0: port 1(bridge_slave_0) entered blocking state [ 578.119111][T11995] bridge0: port 1(bridge_slave_0) entered forwarding state [ 578.144192][T11995] bridge0: port 2(bridge_slave_1) entered blocking state [ 578.151438][T11995] bridge0: port 2(bridge_slave_1) entered forwarding state [ 578.288897][T13972] veth0_macvtap: entered promiscuous mode [ 578.322208][T13972] veth1_macvtap: entered promiscuous mode [ 578.363511][T13972] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 578.374653][T13972] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 578.386871][T13972] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 578.406606][T13972] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 578.418102][T13972] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 578.437352][T13972] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 578.449517][T13972] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 578.465122][T13972] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 578.477053][T13972] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 578.488205][T13972] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 578.499124][T13972] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 578.512698][T13972] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 578.532205][T13972] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 578.545433][T13972] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 578.568228][T14017] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 578.599375][T13972] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 578.618548][T13972] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 578.632584][T13972] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 578.642819][T13972] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 578.799815][T14017] veth0_vlan: entered promiscuous mode [ 578.829515][T14017] veth1_vlan: entered promiscuous mode [ 578.850514][ T9186] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 578.871763][ T9186] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 578.879268][T14189] netlink: 'syz.1.1802': attribute type 9 has an invalid length. [ 578.916613][T14189] 8021q: adding VLAN 0 to HW filter on device macvlan6 [ 578.997693][ T9282] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 579.018455][T14017] veth0_macvtap: entered promiscuous mode [ 579.026037][ T9282] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 579.048308][T14017] veth1_macvtap: entered promiscuous mode [ 579.113493][T14017] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 579.155760][T14017] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 579.182769][T14017] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 579.209856][T14017] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 579.242922][T14017] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 579.263910][T14017] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 579.288821][T14017] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 579.331085][T14017] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 579.354246][T14017] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 579.426202][T14017] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 579.501238][T14017] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 579.522057][T14017] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 579.536853][T14017] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 579.548431][T14017] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 579.564609][T14017] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 579.577871][T14017] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 579.594843][T14017] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 579.608506][T14017] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 579.691984][T14017] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 579.716291][ T29] audit: type=1326 audit(1727744395.870:16341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14215 comm="syz.4.1806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd36bb7dff9 code=0x7ffc0000 [ 579.739393][T14017] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 579.748725][T14017] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 579.758206][ T29] audit: type=1326 audit(1727744395.870:16342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14215 comm="syz.4.1806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd36bb7dff9 code=0x7ffc0000 [ 579.782121][T14017] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 579.881626][ T1166] usb 2-1: new high-speed USB device number 127 using dummy_hcd [ 579.936782][ T29] audit: type=1326 audit(1727744395.900:16343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14215 comm="syz.4.1806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7fd36bb7dff9 code=0x7ffc0000 [ 580.049943][ T1166] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 580.076764][ T29] audit: type=1326 audit(1727744395.950:16344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14215 comm="syz.4.1806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd36bb7dff9 code=0x7ffc0000 [ 580.099974][ T1166] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 580.128926][ T9279] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 580.168012][ T1166] usb 2-1: config 0 descriptor?? [ 580.173159][ T9279] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 580.207434][T14224] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1807'. [ 580.220867][ T29] audit: type=1326 audit(1727744395.950:16345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14215 comm="syz.4.1806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd36bb7dff9 code=0x7ffc0000 [ 580.257632][ T29] audit: type=1326 audit(1727744395.960:16346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14217 comm="syz.4.1806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fd36bbb00e5 code=0x7ffc0000 [ 580.302997][T11995] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 580.309317][ T1166] cp210x 2-1:0.0: cp210x converter detected [ 580.339325][T11995] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 580.391369][ T29] audit: type=1326 audit(1727744395.990:16347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14215 comm="syz.4.1806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd36bb7dff9 code=0x7ffc0000 [ 580.451865][T14230] fuse: Bad value for 'fd' [ 580.460728][ T1166] cp210x 2-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 580.477072][ T29] audit: type=1326 audit(1727744395.990:16348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14215 comm="syz.4.1806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd36bb7dff9 code=0x7ffc0000 [ 580.533814][ T1166] usb 2-1: cp210x converter now attached to ttyUSB0 [ 580.576036][ T29] audit: type=1326 audit(1727744396.000:16349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14215 comm="syz.4.1806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd36bb7dff9 code=0x7ffc0000 [ 580.614640][T14243] sctp: [Deprecated]: syz.0.1810 (pid 14243) Use of struct sctp_assoc_value in delayed_ack socket option. [ 580.614640][T14243] Use struct sctp_sack_info instead [ 580.644254][ T29] audit: type=1326 audit(1727744396.000:16350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14215 comm="syz.4.1806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd36bb7dff9 code=0x7ffc0000 [ 580.716685][T10324] usb 2-1: USB disconnect, device number 127 [ 580.736063][T10324] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 580.741702][ T25] usb 5-1: new high-speed USB device number 88 using dummy_hcd [ 580.776565][T10324] cp210x 2-1:0.0: device disconnected [ 580.823305][T14249] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1812'. [ 580.911191][ T25] usb 5-1: Using ep0 maxpacket: 8 [ 580.922954][ T25] usb 5-1: config 0 has an invalid descriptor of length 102, skipping remainder of the config [ 580.936015][ T25] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 580.951806][T14253] netlink: 'syz.3.1813': attribute type 9 has an invalid length. [ 580.962476][ T25] usb 5-1: New USB device found, idVendor=8d89, idProduct=8139, bcdDevice=ef.13 [ 580.976152][T14253] bond_slave_0: entered promiscuous mode [ 580.981967][T14253] bond_slave_1: entered promiscuous mode [ 580.988421][ T25] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 580.997328][ T25] usb 5-1: Product: syz [ 581.002356][ T25] usb 5-1: Manufacturer: syz [ 581.007308][ T25] usb 5-1: SerialNumber: syz [ 581.019689][T14253] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 581.029633][ T25] usb 5-1: config 0 descriptor?? [ 581.064742][ T937] usb 3-1: new high-speed USB device number 85 using dummy_hcd [ 581.221398][ T937] usb 3-1: Using ep0 maxpacket: 8 [ 581.243273][ T937] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 581.267129][ T25] usb 5-1: USB disconnect, device number 88 [ 581.293559][ T937] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 581.322104][T14267] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1814'. [ 581.354631][ T937] usb 3-1: New USB device found, idVendor=1b80, idProduct=d700, bcdDevice=d0.46 [ 581.371261][ T937] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 581.379331][ T937] usb 3-1: Product: syz [ 581.391480][T14267] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1814'. [ 581.411171][ T937] usb 3-1: Manufacturer: syz [ 581.416299][ T937] usb 3-1: SerialNumber: syz [ 581.423755][ T937] usb 3-1: config 0 descriptor?? [ 581.468312][ T937] radio-si470x 3-1:0.0: could not find interrupt in endpoint [ 581.516231][ T937] radio-si470x 3-1:0.0: probe with driver radio-si470x failed with error -5 [ 581.569732][T14275] ucma_write: process 318 (syz.0.1816) changed security contexts after opening file descriptor, this is not allowed. [ 581.569944][ T937] usbhid 3-1:0.0: couldn't find an input interrupt endpoint [ 581.735390][T10456] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 581.775518][ T8] usb 3-1: USB disconnect, device number 85 [ 581.928234][T10456] usb 2-1: Using ep0 maxpacket: 32 [ 581.933492][T14287] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1819'. [ 582.005944][T10456] usb 2-1: unable to get BOS descriptor or descriptor too short [ 582.014445][T14289] vhci_hcd: default hub control req: 6003 v0fff i0001 l0 [ 582.049889][T10456] usb 2-1: config 253 has an invalid interface number: 202 but max is 0 [ 582.064123][T14289] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1818'. [ 582.084065][T10456] usb 2-1: config 253 has no interface number 0 [ 582.101772][T10456] usb 2-1: config 253 interface 202 altsetting 0 has an endpoint descriptor with address 0x73, changing to 0x3 [ 582.161543][T10456] usb 2-1: config 253 interface 202 altsetting 0 endpoint 0x3 has invalid maxpacket 16804, setting to 1024 [ 582.211200][T10456] usb 2-1: config 253 interface 202 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 582.256747][T10456] usb 2-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=58.16 [ 582.295492][T10456] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 582.310633][T10456] usb 2-1: Product: syz [ 582.319704][T10456] usb 2-1: Manufacturer: syz [ 582.331183][T10456] usb 2-1: SerialNumber: syz [ 582.347606][T14305] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1823'. [ 582.597992][T14313] netlink: 'syz.2.1825': attribute type 9 has an invalid length. [ 582.635810][T14313] bond_slave_0: entered promiscuous mode [ 582.641737][T14313] bond_slave_1: entered promiscuous mode [ 582.667989][T14313] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 582.718516][ T5968] usb 2-1: Failed to submit usb control message: -71 [ 582.726807][T10456] usb 2-1: Warning: ath10k USB support is incomplete, don't expect anything to work! [ 582.759249][ T5968] usb 2-1: unable to send the bmi data to the device: -71 [ 582.761804][T10456] usb 2-1: USB disconnect, device number 2 [ 582.811278][ T25] usb 4-1: new high-speed USB device number 108 using dummy_hcd [ 582.819316][ T5968] usb 2-1: unable to get target info from device [ 582.839754][ T5968] usb 2-1: could not get target info (-71) [ 582.861385][ T5968] usb 2-1: could not probe fw (-71) [ 582.971252][ T25] usb 4-1: device descriptor read/64, error -71 [ 583.012848][T14328] sctp: [Deprecated]: syz.2.1826 (pid 14328) Use of struct sctp_assoc_value in delayed_ack socket option. [ 583.012848][T14328] Use struct sctp_sack_info instead [ 583.130521][T14332] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1827'. [ 583.221461][ T25] usb 4-1: new high-speed USB device number 109 using dummy_hcd [ 583.351938][ T25] usb 4-1: device descriptor read/64, error -71 [ 583.462517][ T25] usb usb4-port1: attempt power cycle [ 583.544142][T14348] fuse: Bad value for 'fd' [ 583.661218][ T46] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 583.791693][ T8] usb 5-1: new high-speed USB device number 89 using dummy_hcd [ 583.812337][ T25] usb 4-1: new high-speed USB device number 110 using dummy_hcd [ 583.833144][ T46] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 583.847593][ T46] usb 2-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 583.871688][ T25] usb 4-1: device descriptor read/8, error -71 [ 583.889232][ T46] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 583.907583][ T46] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 583.916614][ T46] usb 2-1: SerialNumber: syz [ 583.926824][ T46] cdc_ether 2-1:1.0: probe with driver cdc_ether failed with error -22 [ 583.962649][ T8] usb 5-1: Using ep0 maxpacket: 8 [ 583.998862][ T8] usb 5-1: config 0 has an invalid descriptor of length 102, skipping remainder of the config [ 584.023337][ T8] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 584.035143][ T8] usb 5-1: New USB device found, idVendor=8d89, idProduct=8139, bcdDevice=ef.13 [ 584.045087][ T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 584.053278][ T8] usb 5-1: Product: syz [ 584.058826][ T8] usb 5-1: Manufacturer: syz [ 584.063648][ T8] usb 5-1: SerialNumber: syz [ 584.078810][ T8] usb 5-1: config 0 descriptor?? [ 584.121548][ T25] usb 4-1: new high-speed USB device number 111 using dummy_hcd [ 584.158630][ T25] usb 4-1: device descriptor read/8, error -71 [ 584.274995][ T25] usb usb4-port1: unable to enumerate USB device [ 584.302033][ T8] usb 5-1: USB disconnect, device number 89 [ 584.397840][T14374] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1833'. [ 584.533558][T14377] openvswitch: netlink: Message has 1 unknown bytes. [ 584.540778][T14377] openvswitch: netlink: Actions may not be safe on all matching packets [ 584.753293][ T29] kauditd_printk_skb: 21 callbacks suppressed [ 584.753314][ T29] audit: type=1326 audit(1727744400.910:16372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14376 comm="syz.0.1834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fedf7dff9 code=0x7ffc0000 [ 584.806290][ T29] audit: type=1326 audit(1727744400.910:16373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14376 comm="syz.0.1834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fedf7dff9 code=0x7ffc0000 [ 584.850895][ T29] audit: type=1326 audit(1727744400.910:16374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14376 comm="syz.0.1834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f6fedf7dff9 code=0x7ffc0000 [ 584.879957][ T29] audit: type=1326 audit(1727744400.910:16375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14376 comm="syz.0.1834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fedf7dff9 code=0x7ffc0000 [ 584.918030][ T29] audit: type=1326 audit(1727744400.910:16376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14376 comm="syz.0.1834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fedf7dff9 code=0x7ffc0000 [ 585.094537][T14384] veth0_to_batadv: entered promiscuous mode [ 585.121231][T14384] veth0_to_batadv: entered allmulticast mode [ 585.179580][T14384] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1835'. [ 585.218314][T14384] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1835'. [ 585.291587][T14386] netlink: 'syz.2.1836': attribute type 9 has an invalid length. [ 585.320356][T14386] 8021q: adding VLAN 0 to HW filter on device macvlan3 [ 585.571482][T14394] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1839'. [ 585.580853][T14394] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1839'. [ 585.841249][ T46] usb 5-1: new high-speed USB device number 90 using dummy_hcd [ 585.991156][ T46] usb 5-1: device descriptor read/64, error -71 [ 586.247756][ T29] audit: type=1326 audit(1727744402.400:16377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14407 comm="syz.3.1844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d9e77dff9 code=0x7ffc0000 [ 586.278334][ T29] audit: type=1326 audit(1727744402.400:16378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14407 comm="syz.3.1844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d9e77dff9 code=0x7ffc0000 [ 586.302690][ T46] usb 5-1: new high-speed USB device number 91 using dummy_hcd [ 586.317338][ T29] audit: type=1326 audit(1727744402.430:16379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14407 comm="syz.3.1844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f9d9e77dff9 code=0x7ffc0000 [ 586.347137][ T29] audit: type=1326 audit(1727744402.430:16380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14407 comm="syz.3.1844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d9e77dff9 code=0x7ffc0000 [ 586.378656][ T29] audit: type=1326 audit(1727744402.430:16381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14407 comm="syz.3.1844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d9e77dff9 code=0x7ffc0000 [ 586.391073][T10456] usb 2-1: USB disconnect, device number 3 [ 586.461238][ T46] usb 5-1: device descriptor read/64, error -71 [ 586.553686][T14410] fuse: Bad value for 'fd' [ 586.571523][ T46] usb usb5-port1: attempt power cycle [ 586.636490][T14412] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1846'. [ 586.775691][T14416] netlink: 'syz.2.1848': attribute type 9 has an invalid length. [ 586.792172][T14416] 8021q: adding VLAN 0 to HW filter on device macvlan4 [ 586.807702][ T8] usb 4-1: new high-speed USB device number 112 using dummy_hcd [ 586.972588][ T46] usb 5-1: new high-speed USB device number 92 using dummy_hcd [ 586.982108][ T8] usb 4-1: Using ep0 maxpacket: 8 [ 586.996199][ T8] usb 4-1: config 0 has an invalid descriptor of length 102, skipping remainder of the config [ 587.011647][ T46] usb 5-1: device descriptor read/8, error -71 [ 587.028223][ T8] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 587.055266][ T8] usb 4-1: New USB device found, idVendor=8d89, idProduct=8139, bcdDevice=ef.13 [ 587.070881][ T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 587.089811][ T8] usb 4-1: Product: syz [ 587.100602][T14422] libceph: resolve '0.' (ret=-3): failed [ 587.105478][ T8] usb 4-1: Manufacturer: syz [ 587.121084][ T8] usb 4-1: SerialNumber: syz [ 587.135601][ T8] usb 4-1: config 0 descriptor?? [ 587.252770][ T46] usb 5-1: new high-speed USB device number 93 using dummy_hcd [ 587.291819][ T46] usb 5-1: device descriptor read/8, error -71 [ 587.351088][T14427] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1852'. [ 587.371279][ T1166] usb 4-1: USB disconnect, device number 112 [ 587.415035][ T46] usb usb5-port1: unable to enumerate USB device [ 587.543118][T14429] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1853'. [ 587.593912][T14429] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1853'. [ 587.941316][ T1166] usb 2-1: new low-speed USB device number 4 using dummy_hcd [ 588.081261][ T1166] usb 2-1: device descriptor read/64, error -71 [ 588.114765][T14440] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1855'. [ 588.171124][ T46] usb 3-1: new high-speed USB device number 86 using dummy_hcd [ 588.322004][ T1166] usb 2-1: new low-speed USB device number 5 using dummy_hcd [ 588.337551][ T46] usb 3-1: Using ep0 maxpacket: 32 [ 588.356624][ T46] usb 3-1: config index 0 descriptor too short (expected 156, got 27) [ 588.378650][ T46] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 588.397389][ T46] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x87 has invalid wMaxPacketSize 0 [ 588.409786][ T46] usb 3-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 588.444280][ T46] usb 3-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 588.458925][ T46] usb 3-1: Product: syz [ 588.463679][ T46] usb 3-1: Manufacturer: syz [ 588.468327][ T46] usb 3-1: SerialNumber: syz [ 588.473424][ T1166] usb 2-1: device descriptor read/64, error -71 [ 588.488017][ T46] usb 3-1: config 0 descriptor?? [ 588.492358][T14444] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 588.496318][ T46] ldusb 3-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 588.520234][ T46] ldusb 3-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 588.582638][T14447] kvm: pic: level sensitive irq not supported [ 588.582738][T14447] kvm: pic: non byte read [ 588.593415][ T1166] usb usb2-port1: attempt power cycle [ 588.704451][T14424] ldusb 3-1:0.0: Couldn't submit interrupt_in_urb -90 [ 588.723415][T10456] usb 3-1: USB disconnect, device number 86 [ 588.757733][T10456] ldusb 3-1:0.0: LD USB Device #0 now disconnected [ 588.973519][ T1166] usb 2-1: new low-speed USB device number 6 using dummy_hcd [ 589.001259][T14458] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1858'. [ 589.002058][ T1166] usb 2-1: device descriptor read/8, error -71 [ 589.311183][ T1166] usb 2-1: new low-speed USB device number 7 using dummy_hcd [ 589.342172][ T1166] usb 2-1: device descriptor read/8, error -71 [ 589.462908][ T1166] usb usb2-port1: unable to enumerate USB device [ 589.539772][T14473] netlink: 'syz.2.1861': attribute type 9 has an invalid length. [ 589.592848][T14473] 8021q: adding VLAN 0 to HW filter on device macvlan5 [ 589.875785][T14485] fuse: Bad value for 'fd' [ 590.031210][ T1166] usb 5-1: new high-speed USB device number 94 using dummy_hcd [ 590.125563][ T5302] usb 3-1: new high-speed USB device number 87 using dummy_hcd [ 590.221641][ T1166] usb 5-1: Using ep0 maxpacket: 32 [ 590.242692][ T1166] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 590.257536][ T1166] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 590.275298][ T1166] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 590.297355][ T1166] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 590.311252][ T5302] usb 3-1: Using ep0 maxpacket: 8 [ 590.328758][ T5302] usb 3-1: config 0 has an invalid descriptor of length 102, skipping remainder of the config [ 590.350839][ T1166] usb 5-1: config 0 descriptor?? [ 590.359763][ T5302] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 590.391640][ T1166] hub 5-1:0.0: USB hub found [ 590.409278][ T5302] usb 3-1: New USB device found, idVendor=8d89, idProduct=8139, bcdDevice=ef.13 [ 590.421348][ T5302] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 590.431399][ T5302] usb 3-1: Product: syz [ 590.440439][ T5302] usb 3-1: Manufacturer: syz [ 590.445693][ T5302] usb 3-1: SerialNumber: syz [ 590.456352][ T5302] usb 3-1: config 0 descriptor?? [ 590.607408][ T1166] hub 5-1:0.0: 12 ports detected [ 590.621496][ T1166] hub 5-1:0.0: insufficient power available to use all downstream ports [ 590.668719][ T46] usb 3-1: USB disconnect, device number 87 [ 591.002053][ T1166] hub 5-1:0.0: hub_hub_status failed (err = -71) [ 591.019182][ T1166] hub 5-1:0.0: config failed, can't get hub status (err -71) [ 591.063055][ T1166] usbhid 5-1:0.0: can't add hid device: -71 [ 591.069126][ T1166] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 591.141859][ T1166] usb 5-1: USB disconnect, device number 94 [ 591.411538][ T29] kauditd_printk_skb: 1282 callbacks suppressed [ 591.411554][ T29] audit: type=1326 audit(1727744407.560:17664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14502 comm="syz.1.1871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77aa17dff9 code=0x7ffc0000 [ 591.455934][ T29] audit: type=1326 audit(1727744407.600:17665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14502 comm="syz.1.1871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77aa17dff9 code=0x7ffc0000 [ 591.480126][ T29] audit: type=1326 audit(1727744407.600:17666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14502 comm="syz.1.1871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=281 compat=0 ip=0x7f77aa17dff9 code=0x7ffc0000 [ 591.503880][ T29] audit: type=1326 audit(1727744407.600:17667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14502 comm="syz.1.1871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77aa17dff9 code=0x7ffc0000 [ 591.557672][ T29] audit: type=1326 audit(1727744407.600:17668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14502 comm="syz.1.1871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77aa17dff9 code=0x7ffc0000 [ 591.641486][ T29] audit: type=1326 audit(1727744407.600:17669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14502 comm="syz.1.1871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f77aa17dff9 code=0x7ffc0000 [ 591.684451][ T25] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 591.713604][T14509] netlink: 'syz.2.1873': attribute type 9 has an invalid length. [ 591.731215][ T29] audit: type=1326 audit(1727744407.600:17670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14502 comm="syz.1.1871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77aa17dff9 code=0x7ffc0000 [ 591.738708][T14509] 8021q: adding VLAN 0 to HW filter on device macvlan6 [ 591.794034][ T29] audit: type=1326 audit(1727744407.600:17671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14502 comm="syz.1.1871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f77aa17c990 code=0x7ffc0000 [ 591.861716][ T29] audit: type=1326 audit(1727744407.600:17672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14502 comm="syz.1.1871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f77aa17dbfb code=0x7ffc0000 [ 591.905483][ T25] usb 2-1: Using ep0 maxpacket: 8 [ 591.913510][ T25] usb 2-1: config 0 has an invalid interface number: 52 but max is 0 [ 591.931161][ T25] usb 2-1: config 0 has an invalid descriptor of length 72, skipping remainder of the config [ 591.961855][ T29] audit: type=1326 audit(1727744407.600:17673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14502 comm="syz.1.1871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f77aa17dbfb code=0x7ffc0000 [ 591.988241][ T25] usb 2-1: config 0 has no interface number 0 [ 592.003941][ T25] usb 2-1: config 0 interface 52 altsetting 1 has an endpoint descriptor with address 0xA2, changing to 0x82 [ 592.021513][ T1166] usb 5-1: new high-speed USB device number 95 using dummy_hcd [ 592.055969][ T25] usb 2-1: config 0 interface 52 altsetting 1 endpoint 0x82 has an invalid bInterval 231, changing to 11 [ 592.081101][ T25] usb 2-1: config 0 interface 52 altsetting 1 endpoint 0x82 has invalid maxpacket 25303, setting to 1024 [ 592.092832][ T25] usb 2-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 592.111725][ T25] usb 2-1: config 0 interface 52 has no altsetting 0 [ 592.121525][ T25] usb 2-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 0.00 [ 592.141093][ T25] usb 2-1: New USB device strings: Mfr=0, Product=149, SerialNumber=35 [ 592.161521][ T25] usb 2-1: Product: syz [ 592.165768][ T25] usb 2-1: SerialNumber: syz [ 592.188353][ T1166] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 592.205199][ T25] usb 2-1: config 0 descriptor?? [ 592.220746][ T1166] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 592.243365][ T1166] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 592.253111][ T1166] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 592.266075][ T1166] usb 5-1: config 0 descriptor?? [ 592.316779][T14515] netdevsim netdevsim2 netdevsim2: entered promiscuous mode [ 592.333247][T14515] netdevsim netdevsim2 netdevsim3: entered promiscuous mode [ 592.466504][ T25] input: syz (Stick) as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.52/input/input46 [ 592.708863][ T937] usb 2-1: USB disconnect, device number 8 [ 592.715867][ T1166] plantronics 0003:047F:FFFF.0033: item fetching failed at offset 13/15 [ 592.784497][ T1166] plantronics 0003:047F:FFFF.0033: parse failed [ 592.803265][ T1166] plantronics 0003:047F:FFFF.0033: probe with driver plantronics failed with error -22 [ 592.913457][ T1166] usb 5-1: USB disconnect, device number 95 [ 593.080022][T14524] kvm: pic: single mode not supported [ 593.080053][T14524] kvm: pic: level sensitive irq not supported [ 593.099873][T14524] kvm: pic: single mode not supported [ 593.106247][T14524] kvm: pic: level sensitive irq not supported [ 593.336628][T14527] fuse: Invalid rootmode [ 593.581350][ T937] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 593.741209][ T937] usb 2-1: Using ep0 maxpacket: 16 [ 593.759572][ T937] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 593.784763][ T937] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 593.805035][ T937] usb 2-1: New USB device found, idVendor=054c, idProduct=05c4, bcdDevice= 0.00 [ 593.821244][ T937] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 593.841751][ T937] usb 2-1: config 0 descriptor?? [ 594.365562][ T937] playstation 0003:054C:05C4.0034: hidraw0: USB HID v0.00 Device [HID 054c:05c4] on usb-dummy_hcd.1-1/input0 [ 594.557891][ T937] playstation 0003:054C:05C4.0034: Invalid byte count transferred, expected 16 got 0 [ 594.582154][ T937] playstation 0003:054C:05C4.0034: Failed to retrieve DualShock4 pairing info: -22 [ 594.612136][ T937] playstation 0003:054C:05C4.0034: Failed to get MAC address from DualShock4 [ 594.620991][ T937] playstation 0003:054C:05C4.0034: Failed to create dualshock4. [ 594.634698][ T937] playstation 0003:054C:05C4.0034: probe with driver playstation failed with error -22 [ 594.661922][T14546] netlink: 'syz.2.1886': attribute type 9 has an invalid length. [ 594.677127][T14546] 8021q: adding VLAN 0 to HW filter on device macvlan7 [ 594.781998][ T8] usb 2-1: USB disconnect, device number 9 [ 595.011316][ T937] usb 3-1: new high-speed USB device number 88 using dummy_hcd [ 595.036050][T14555] binder: 14554:14555 ioctl c05c6104 20000600 returned -22 [ 595.169155][ T937] usb 3-1: Using ep0 maxpacket: 8 [ 595.172285][ T5968] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 595.195607][ T937] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 595.216776][ T937] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 595.241163][ T937] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12336, setting to 1024 [ 595.291213][ T937] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 595.328571][ T937] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 595.343955][ T5968] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 595.381293][ T937] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 595.407048][ T937] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 595.510234][ T5968] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 595.638303][ T937] usb 3-1: GET_CAPABILITIES returned 0 [ 595.649785][ T937] usbtmc 3-1:16.0: can't read capabilities [ 595.650845][ T5968] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 595.808492][ T5242] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 595.816100][ T8] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 595.828577][ T5242] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 595.839400][ T5242] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 595.844965][ T46] usb 3-1: USB disconnect, device number 88 [ 595.848388][ T5242] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 595.860465][ T5242] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 595.868841][ T5242] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 595.868917][ T5968] bridge_slave_1: left allmulticast mode [ 595.916302][ T5968] bridge_slave_1: left promiscuous mode [ 595.927179][ T5968] bridge0: port 2(bridge_slave_1) entered disabled state [ 595.951642][ T5968] bridge_slave_0: left allmulticast mode [ 595.958076][ T5968] bridge_slave_0: left promiscuous mode [ 595.971331][ T5968] bridge0: port 1(bridge_slave_0) entered disabled state [ 595.994332][ T5968] bond_slave_0: left promiscuous mode [ 596.000909][ T5968] bond_slave_1: left promiscuous mode [ 596.034772][ T8] usb 2-1: config 0 interface 0 altsetting 12 endpoint 0x87 has an invalid bInterval 255, changing to 11 [ 596.046802][ T8] usb 2-1: config 0 interface 0 altsetting 12 endpoint 0x87 has invalid maxpacket 59127, setting to 1024 [ 596.058950][ T8] usb 2-1: config 0 interface 0 has no altsetting 0 [ 596.068250][ T8] usb 2-1: New USB device found, idVendor=06cd, idProduct=0115, bcdDevice=d9.c3 [ 596.078149][ T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 596.086825][ T8] usb 2-1: Product: syz [ 596.093229][ T8] usb 2-1: Manufacturer: syz [ 596.097890][ T8] usb 2-1: SerialNumber: syz [ 596.106834][ T8] usb 2-1: config 0 descriptor?? [ 596.113116][T14561] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 596.128654][ T8] keyspan 2-1:0.0: Keyspan 2 port adapter converter detected [ 596.136687][ T8] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 7 [ 596.150869][ T8] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 81 [ 596.169752][ T8] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 1 [ 596.178473][ T8] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 2 [ 596.197503][ T8] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 85 [ 596.208634][ T8] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 5 [ 596.237776][ T8] usb 2-1: Keyspan 2 port adapter converter now attached to ttyUSB0 [ 596.247496][ T8] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 83 [ 596.255690][ T8] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 3 [ 596.263837][ T8] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 4 [ 596.272132][ T8] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 86 [ 596.279883][ T8] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 6 [ 596.290169][ T8] usb 2-1: Keyspan 2 port adapter converter now attached to ttyUSB1 [ 596.530705][T14571] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1897'. [ 596.574713][T14572] fuse: Invalid uid '00000000000000000006' [ 596.737004][ T29] kauditd_printk_skb: 86 callbacks suppressed [ 596.737025][ T29] audit: type=1326 audit(1727744412.890:17760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14575 comm="syz.4.1900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd36bb7dff9 code=0x7ffc0000 [ 596.775046][ T29] audit: type=1326 audit(1727744412.890:17761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14575 comm="syz.4.1900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd36bb7dff9 code=0x7ffc0000 [ 596.797882][ T29] audit: type=1326 audit(1727744412.920:17762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14575 comm="syz.4.1900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7fd36bb7dff9 code=0x7ffc0000 [ 596.821112][ T29] audit: type=1326 audit(1727744412.920:17763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14575 comm="syz.4.1900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd36bb7dff9 code=0x7ffc0000 [ 596.843634][ C1] vkms_vblank_simulate: vblank timer overrun [ 596.849957][ T29] audit: type=1326 audit(1727744412.920:17764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14575 comm="syz.4.1900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7fd36bb7dff9 code=0x7ffc0000 [ 596.873106][ T29] audit: type=1326 audit(1727744412.920:17765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14575 comm="syz.4.1900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd36bb74fa7 code=0x7ffc0000 [ 596.895609][ C1] vkms_vblank_simulate: vblank timer overrun [ 596.902345][ T29] audit: type=1326 audit(1727744412.920:17766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14575 comm="syz.4.1900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd36bb19959 code=0x7ffc0000 [ 596.924776][ C1] vkms_vblank_simulate: vblank timer overrun [ 596.931529][ T29] audit: type=1326 audit(1727744412.920:17767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14575 comm="syz.4.1900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd36bb74fa7 code=0x7ffc0000 [ 596.954363][ T29] audit: type=1326 audit(1727744412.920:17768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14575 comm="syz.4.1900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd36bb19959 code=0x7ffc0000 [ 596.976877][ C1] vkms_vblank_simulate: vblank timer overrun [ 596.983405][ T29] audit: type=1326 audit(1727744412.920:17769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14575 comm="syz.4.1900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd36bb74fa7 code=0x7ffc0000 [ 597.407633][ T5968] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 597.429312][ T5968] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 597.455583][ T5968] bond0 (unregistering): Released all slaves [ 597.510023][T14574] bridge0: port 3(erspan0) entered blocking state [ 597.524549][T14574] bridge0: port 3(erspan0) entered disabled state [ 597.550466][T14574] erspan0: entered allmulticast mode [ 597.563108][T14574] erspan0: entered promiscuous mode [ 597.572705][T14574] bridge0: port 3(erspan0) entered blocking state [ 597.579347][T14574] bridge0: port 3(erspan0) entered forwarding state [ 597.746993][T14579] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1901'. [ 597.941406][ T5242] Bluetooth: hci3: command tx timeout [ 598.109453][ T5968] hsr_slave_0: left promiscuous mode [ 598.181522][ T5968] hsr_slave_1: left promiscuous mode [ 598.191795][ T5968] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 598.199533][ T5968] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 598.281946][ T5968] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 598.289463][ T5968] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 598.409651][ T5968] veth1_macvtap: left promiscuous mode [ 598.466965][ T5968] veth0_macvtap: left promiscuous mode [ 598.473540][T14595] fuse: Invalid rootmode [ 598.481266][ T5968] veth1_vlan: left promiscuous mode [ 598.490508][ T5968] veth0_vlan: left promiscuous mode [ 598.565137][T10324] usb 2-1: USB disconnect, device number 10 [ 598.607546][T10324] keyspan_2 ttyUSB0: Keyspan 2 port adapter converter now disconnected from ttyUSB0 [ 598.656638][T10324] keyspan_2 ttyUSB1: Keyspan 2 port adapter converter now disconnected from ttyUSB1 [ 598.696878][T10324] keyspan 2-1:0.0: device disconnected [ 598.732635][ T937] usb 5-1: new high-speed USB device number 96 using dummy_hcd [ 598.877292][ T5232] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 598.891337][ T5232] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 598.900114][ T937] usb 5-1: Using ep0 maxpacket: 8 [ 598.908810][ T5232] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 598.918400][ T937] usb 5-1: config 0 has an invalid descriptor of length 102, skipping remainder of the config [ 598.929208][ T937] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 598.941469][ T937] usb 5-1: New USB device found, idVendor=8d89, idProduct=8139, bcdDevice=ef.13 [ 598.950678][ T5232] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 598.962794][ T937] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 598.974306][ T5232] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 598.983121][ T937] usb 5-1: Product: syz [ 598.987653][ T5232] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 598.995125][ T937] usb 5-1: Manufacturer: syz [ 598.999948][ T937] usb 5-1: SerialNumber: syz [ 599.011381][ T937] usb 5-1: config 0 descriptor?? [ 599.250646][ T937] usb 5-1: USB disconnect, device number 96 [ 599.683156][ T5968] team0 (unregistering): Port device team_slave_1 removed [ 599.750890][ T5968] team0 (unregistering): Port device team_slave_0 removed [ 599.876055][T14608] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1907'. [ 600.031806][ T5242] Bluetooth: hci3: command tx timeout [ 600.341224][ T46] usb 5-1: new full-speed USB device number 97 using dummy_hcd [ 600.533112][ T46] usb 5-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 600.545390][T14606] pim6reg: entered allmulticast mode [ 600.561628][ T46] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 4 [ 600.594989][ T46] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 4 [ 600.608853][ T46] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 600.629048][ T46] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 600.639281][ T46] usb 5-1: Product: syz [ 600.659418][ T46] usb 5-1: Manufacturer: syz [ 600.664942][ T46] usb 5-1: SerialNumber: syz [ 600.867414][T14563] chnl_net:caif_netlink_parms(): no params data found [ 600.903097][ T46] usb 5-1: 2:1 : no or invalid class specific endpoint descriptor [ 600.921077][ T46] usb 5-1: 2:1 : unknown format tag 0x0 is detected. processed as MPEG. [ 600.946775][ T46] usb 5-1: found format II with max.bitrate = 128, frame size=0 [ 600.966355][ T46] usb 5-1: 2:1: All rates were zero [ 600.994878][T14605] chnl_net:caif_netlink_parms(): no params data found [ 601.036363][ T46] usb 5-1: USB disconnect, device number 97 [ 601.061697][ T5242] Bluetooth: hci4: command tx timeout [ 601.098450][T11143] udevd[11143]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 601.145675][T14631] netlink: 'syz.1.1912': attribute type 9 has an invalid length. [ 601.178190][T14631] 8021q: adding VLAN 0 to HW filter on device macvlan7 [ 601.349642][T14563] bridge0: port 1(bridge_slave_0) entered blocking state [ 601.376754][T14563] bridge0: port 1(bridge_slave_0) entered disabled state [ 601.386253][T14563] bridge_slave_0: entered allmulticast mode [ 601.393856][T14563] bridge_slave_0: entered promiscuous mode [ 601.407601][T14563] bridge0: port 2(bridge_slave_1) entered blocking state [ 601.415126][T14563] bridge0: port 2(bridge_slave_1) entered disabled state [ 601.425878][T14563] bridge_slave_1: entered allmulticast mode [ 601.458909][T14563] bridge_slave_1: entered promiscuous mode [ 601.565063][T14651] fuse: Invalid rootmode [ 601.587379][ T5968] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 601.614519][ T46] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 601.737973][T14563] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 601.791568][ T46] usb 2-1: Using ep0 maxpacket: 16 [ 601.803582][ T29] kauditd_printk_skb: 1663 callbacks suppressed [ 601.803603][ T29] audit: type=1326 audit(1727744417.960:19433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14639 comm="syz.1.1914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f77aa17dbfb code=0x7ffc0000 [ 601.833234][ T5302] usb 5-1: new high-speed USB device number 98 using dummy_hcd [ 601.843491][ T46] usb 2-1: config 0 has an invalid descriptor of length 19, skipping remainder of the config [ 601.855408][ T46] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 601.863440][ T29] audit: type=1326 audit(1727744417.990:19434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14639 comm="syz.1.1914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f77aa17dbfb code=0x7ffc0000 [ 601.891573][ T46] usb 2-1: New USB device found, idVendor=1044, idProduct=7a4d, bcdDevice= 0.00 [ 601.903887][ T46] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 601.916084][ T29] audit: type=1326 audit(1727744418.000:19435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14639 comm="syz.1.1914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f77aa17dbfb code=0x7ffc0000 [ 601.917882][ T5968] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 601.948813][ T29] audit: type=1326 audit(1727744418.000:19436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14639 comm="syz.1.1914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f77aa17dbfb code=0x7ffc0000 [ 601.952847][ T46] usb 2-1: config 0 descriptor?? [ 601.973007][ T29] audit: type=1326 audit(1727744418.000:19437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14639 comm="syz.1.1914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f77aa17dbfb code=0x7ffc0000 [ 601.989185][ T46] usbhid 2-1:0.0: couldn't find an input interrupt endpoint [ 601.999445][ C0] vkms_vblank_simulate: vblank timer overrun [ 602.011424][ T29] audit: type=1326 audit(1727744418.000:19438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14639 comm="syz.1.1914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f77aa17dbfb code=0x7ffc0000 [ 602.040493][T14563] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 602.053201][ T29] audit: type=1326 audit(1727744418.130:19439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14639 comm="syz.1.1914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f77aa17dbfb code=0x7ffc0000 [ 602.076072][ T29] audit: type=1326 audit(1727744418.130:19440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14639 comm="syz.1.1914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f77aa17dbfb code=0x7ffc0000 [ 602.081377][ T5302] usb 5-1: Using ep0 maxpacket: 8 [ 602.098511][ C0] vkms_vblank_simulate: vblank timer overrun [ 602.102560][ T29] audit: type=1326 audit(1727744418.130:19441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14639 comm="syz.1.1914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f77aa17dbfb code=0x7ffc0000 [ 602.104013][ T5242] Bluetooth: hci3: command tx timeout [ 602.109937][ T29] audit: type=1326 audit(1727744418.130:19442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14639 comm="syz.1.1914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f77aa1b00e5 code=0x7ffc0000 [ 602.132280][ C0] vkms_vblank_simulate: vblank timer overrun [ 602.136489][ T5302] usb 5-1: config 0 has an invalid descriptor of length 102, skipping remainder of the config [ 602.151891][T14605] bridge0: port 1(bridge_slave_0) entered blocking state [ 602.161734][ T5302] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 602.198259][T14605] bridge0: port 1(bridge_slave_0) entered disabled state [ 602.203409][ T5302] usb 5-1: New USB device found, idVendor=8d89, idProduct=8139, bcdDevice=ef.13 [ 602.208835][T14605] bridge_slave_0: entered allmulticast mode [ 602.214669][ T5302] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 602.214707][ T5302] usb 5-1: Product: syz [ 602.233240][ T5302] usb 5-1: Manufacturer: syz [ 602.233284][T14605] bridge_slave_0: entered promiscuous mode [ 602.237853][ T5302] usb 5-1: SerialNumber: syz [ 602.250671][ T5302] usb 5-1: config 0 descriptor?? [ 602.326355][ T5968] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 602.346400][T14659] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1917'. [ 602.358874][T14605] bridge0: port 2(bridge_slave_1) entered blocking state [ 602.367979][T14605] bridge0: port 2(bridge_slave_1) entered disabled state [ 602.383537][T14605] bridge_slave_1: entered allmulticast mode [ 602.390721][T14605] bridge_slave_1: entered promiscuous mode [ 602.426384][T14563] team0: Port device team_slave_0 added [ 602.464356][ T5968] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 602.500042][T10456] usb 5-1: USB disconnect, device number 98 [ 602.502118][T14563] team0: Port device team_slave_1 added [ 602.546693][T14605] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 602.559999][T14605] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 602.582949][T14563] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 602.590371][T14563] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 602.619155][T14563] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 602.684073][T14563] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 602.704265][T14563] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 602.721343][T10324] usb 3-1: new full-speed USB device number 89 using dummy_hcd [ 602.735295][T14563] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 602.766624][T14605] team0: Port device team_slave_0 added [ 602.874017][T14605] team0: Port device team_slave_1 added [ 602.911837][T10324] usb 3-1: unable to get BOS descriptor or descriptor too short [ 602.936286][T10324] usb 3-1: not running at top speed; connect to a high speed hub [ 602.952580][T10324] usb 3-1: config 3 has an invalid interface number: 1 but max is 0 [ 602.954754][ T5968] erspan0: left allmulticast mode [ 602.965915][T10324] usb 3-1: config 3 has no interface number 0 [ 602.972514][T10324] usb 3-1: config 3 interface 1 altsetting 6 has an invalid descriptor for endpoint zero, skipping [ 602.978976][ T5968] erspan0: left promiscuous mode [ 602.983585][T10324] usb 3-1: config 3 interface 1 has no altsetting 0 [ 602.985799][T10324] usb 3-1: New USB device found, idVendor=d483, idProduct=d7be, bcdDevice=22.3d [ 603.004972][ T5968] bridge0: port 3(erspan0) entered disabled state [ 603.016300][T10324] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 603.025461][T10324] usb 3-1: Product: syz [ 603.030404][ T5968] bridge_slave_1: left allmulticast mode [ 603.036206][T10324] usb 3-1: Manufacturer: syz [ 603.040866][T10324] usb 3-1: SerialNumber: syz [ 603.052787][ T5968] bridge_slave_1: left promiscuous mode [ 603.058580][ T5968] bridge0: port 2(bridge_slave_1) entered disabled state [ 603.104223][ T5968] bridge_slave_0: left allmulticast mode [ 603.110012][ T5968] bridge_slave_0: left promiscuous mode [ 603.132547][ T5968] bridge0: port 1(bridge_slave_0) entered disabled state [ 603.141446][ T5242] Bluetooth: hci4: command tx timeout [ 603.210113][ T5968] bond_slave_0: left promiscuous mode [ 603.218484][ T5968] bond_slave_1: left promiscuous mode [ 603.276234][T14661] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 603.302796][T14661] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1918'. [ 603.431329][T10324] usb 3-1: bad CDC descriptors [ 603.439755][T10324] usb 3-1: USB disconnect, device number 89 [ 603.467207][T10456] usb 5-1: new high-speed USB device number 99 using dummy_hcd [ 603.641368][T10456] usb 5-1: Using ep0 maxpacket: 8 [ 603.649900][T10456] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 603.659981][T10456] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 603.686085][T10456] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12336, setting to 1024 [ 603.697648][T10456] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 603.721236][T10456] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 603.745568][T10456] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 603.754876][T10456] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 604.182318][ T5242] Bluetooth: hci3: command tx timeout [ 604.405694][ T8] usb 2-1: USB disconnect, device number 11 [ 604.452328][T14684] binder: 14676:14684 ioctl c05c6104 20000580 returned -22 [ 604.487445][T14687] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1922'. [ 604.493227][T14684] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 604.514638][ T5968] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 604.529643][T14684] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 604.553434][ T5968] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 604.576070][ T5968] bond0 (unregistering): Released all slaves [ 604.597283][T14563] hsr_slave_0: entered promiscuous mode [ 604.613251][T14563] hsr_slave_1: entered promiscuous mode [ 604.629321][T14563] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 604.638925][T14563] Cannot create hsr debugfs directory [ 604.675932][T10456] usb 5-1: GET_CAPABILITIES returned 0 [ 604.691294][T10456] usbtmc 5-1:16.0: can't read capabilities [ 604.723887][T14605] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 604.746677][T14605] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 604.782812][T14605] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 604.907099][T14605] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 604.919487][T14605] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 604.945781][ C0] vkms_vblank_simulate: vblank timer overrun [ 604.958363][T14605] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 604.981462][T14695] netlink: 'syz.1.1924': attribute type 9 has an invalid length. [ 604.993932][T14695] 8021q: adding VLAN 0 to HW filter on device macvlan8 [ 605.155468][T14605] hsr_slave_0: entered promiscuous mode [ 605.166336][T14605] hsr_slave_1: entered promiscuous mode [ 605.173137][T14605] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 605.180791][T14605] Cannot create hsr debugfs directory [ 605.231181][ T5242] Bluetooth: hci4: command tx timeout [ 605.314841][ T5968] hsr_slave_0: left promiscuous mode [ 605.322366][ T5968] hsr_slave_1: left promiscuous mode [ 605.332457][ T5968] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 605.339937][ T5968] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 605.359635][ T5968] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 605.371304][ T5968] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 605.398385][ T5968] veth1_macvtap: left promiscuous mode [ 605.411169][ T5968] veth0_macvtap: left promiscuous mode [ 605.418584][ T5968] veth1_vlan: left promiscuous mode [ 605.424413][ T5968] veth0_vlan: left promiscuous mode [ 606.019688][ T5968] team0 (unregistering): Port device team_slave_1 removed [ 606.089058][ T5968] team0 (unregistering): Port device team_slave_0 removed [ 606.306230][T10456] usb 5-1: USB disconnect, device number 99 [ 606.507803][T14711] fuse: Bad value for 'rootmode' [ 606.778869][ T1166] usb 5-1: new high-speed USB device number 100 using dummy_hcd [ 606.952405][ T1166] usb 5-1: Using ep0 maxpacket: 8 [ 606.989885][ T1166] usb 5-1: config 0 has an invalid descriptor of length 102, skipping remainder of the config [ 607.034956][ T1166] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 607.071964][ T1166] usb 5-1: New USB device found, idVendor=8d89, idProduct=8139, bcdDevice=ef.13 [ 607.085690][ T1166] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 607.095144][ T1166] usb 5-1: Product: syz [ 607.109527][ T1166] usb 5-1: Manufacturer: syz [ 607.142857][ T1166] usb 5-1: SerialNumber: syz [ 607.180787][ T1166] usb 5-1: config 0 descriptor?? [ 607.302879][ T5242] Bluetooth: hci4: command tx timeout [ 607.406348][ T8] usb 5-1: USB disconnect, device number 100 [ 607.931393][T10456] usb 3-1: new high-speed USB device number 90 using dummy_hcd [ 607.961910][ T5968] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 608.111512][T10456] usb 3-1: Using ep0 maxpacket: 8 [ 608.171153][T10456] usb 3-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config [ 608.204118][T10456] usb 3-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 608.252048][T10456] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 608.294692][T10456] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 608.345155][T10456] usbtmc 3-1:16.0: bulk endpoints not found [ 608.393251][ T5968] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 608.521520][ T1166] usb 5-1: new high-speed USB device number 101 using dummy_hcd [ 608.597266][ T5968] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 608.728214][ T1166] usb 5-1: Using ep0 maxpacket: 8 [ 608.743679][ T5968] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 608.762339][ T1166] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 608.776969][ T1166] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 608.778689][ T5232] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 608.814938][ T5232] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 608.834360][ T5232] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 608.851621][ T1166] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12336, setting to 1024 [ 608.874824][ T5232] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 608.888555][ T5232] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 608.896631][ T5232] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 608.918923][ T1166] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 608.945394][ T1166] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 608.958897][ T1166] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 608.968906][ T1166] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 609.018994][T14563] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 609.048067][ T8] usb 3-1: USB disconnect, device number 90 [ 609.072982][T14563] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 609.175396][T14563] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 609.213279][ T1166] usb 5-1: GET_CAPABILITIES returned 0 [ 609.218862][ T1166] usbtmc 5-1:16.0: can't read capabilities [ 609.245060][T14563] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 609.545562][T14761] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1937'. [ 609.687752][ T5968] erspan0: left allmulticast mode [ 609.702194][ T5968] erspan0: left promiscuous mode [ 609.708389][ T5968] bridge0: port 3(erspan0) entered disabled state [ 609.726265][ T5968] bridge_slave_1: left allmulticast mode [ 609.732336][ T5968] bridge_slave_1: left promiscuous mode [ 609.738304][ T5968] bridge0: port 2(bridge_slave_1) entered disabled state [ 609.749313][ T5968] bridge_slave_0: left allmulticast mode [ 609.762358][ T5968] bridge_slave_0: left promiscuous mode [ 609.776139][ T5968] bridge0: port 1(bridge_slave_0) entered disabled state [ 609.806486][ T5968] bond_slave_0: left promiscuous mode [ 609.814837][ T5968] bond_slave_1: left promiscuous mode [ 609.938882][T14775] input: syz1 as /devices/virtual/input/input47 [ 610.242384][T14779] fuse: Bad value for 'rootmode' [ 610.481176][ T8] usb 3-1: new high-speed USB device number 91 using dummy_hcd [ 610.637703][ T8] usb 3-1: Using ep0 maxpacket: 8 [ 610.678864][ T8] usb 3-1: config 0 has an invalid descriptor of length 102, skipping remainder of the config [ 610.689615][ T8] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 610.723872][ T8] usb 3-1: New USB device found, idVendor=8d89, idProduct=8139, bcdDevice=ef.13 [ 610.735709][ T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 610.751230][ T8] usb 3-1: Product: syz [ 610.755464][ T8] usb 3-1: Manufacturer: syz [ 610.760092][ T8] usb 3-1: SerialNumber: syz [ 610.788093][ T8] usb 3-1: config 0 descriptor?? [ 610.909875][ T5968] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 610.928928][ T5968] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 610.949061][ T5968] bond0 (unregistering): Released all slaves [ 610.981350][ T5232] Bluetooth: hci0: command tx timeout [ 611.012807][T10456] usb 3-1: USB disconnect, device number 91 [ 611.274898][T14605] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 611.330544][ T5968] hsr_slave_0: left promiscuous mode [ 611.337096][ T5968] hsr_slave_1: left promiscuous mode [ 611.343884][ T5968] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 611.352023][ T5968] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 611.362744][ T5968] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 611.370315][ T5968] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 611.398834][ T5968] veth1_macvtap: left promiscuous mode [ 611.404800][ T5968] veth0_macvtap: left promiscuous mode [ 611.412307][ T5968] veth1_vlan: left promiscuous mode [ 611.417756][ T5968] veth0_vlan: left promiscuous mode [ 611.538728][ T5968] pim6reg (unregistering): left allmulticast mode [ 612.123941][ T5968] team0 (unregistering): Port device team_slave_1 removed [ 612.195733][ T5968] team0 (unregistering): Port device team_slave_0 removed [ 612.883459][T14605] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 612.907141][T14605] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 612.922635][T14744] chnl_net:caif_netlink_parms(): no params data found [ 612.972653][T14605] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 613.098658][ T5232] Bluetooth: hci0: command tx timeout [ 613.200674][T14563] 8021q: adding VLAN 0 to HW filter on device bond0 [ 613.334008][T14744] bridge0: port 1(bridge_slave_0) entered blocking state [ 613.343266][T14744] bridge0: port 1(bridge_slave_0) entered disabled state [ 613.350623][T14744] bridge_slave_0: entered allmulticast mode [ 613.366137][T14744] bridge_slave_0: entered promiscuous mode [ 613.379861][T14744] bridge0: port 2(bridge_slave_1) entered blocking state [ 613.392050][T14744] bridge0: port 2(bridge_slave_1) entered disabled state [ 613.399493][T14744] bridge_slave_1: entered allmulticast mode [ 613.429870][T14744] bridge_slave_1: entered promiscuous mode [ 613.507212][T14744] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 613.537804][T14563] 8021q: adding VLAN 0 to HW filter on device team0 [ 613.559333][T14744] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 613.649512][ T4295] bridge0: port 1(bridge_slave_0) entered blocking state [ 613.656738][ T4295] bridge0: port 1(bridge_slave_0) entered forwarding state [ 613.685974][ T5968] IPVS: stop unused estimator thread 0... [ 613.689185][T14744] team0: Port device team_slave_0 added [ 613.716560][T14744] team0: Port device team_slave_1 added [ 613.754255][ T9186] bridge0: port 2(bridge_slave_1) entered blocking state [ 613.761502][ T9186] bridge0: port 2(bridge_slave_1) entered forwarding state [ 613.824722][T14744] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 613.838983][T14744] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 613.867614][T14744] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 613.914053][T14744] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 613.929278][T14744] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 613.960112][T14744] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 614.132946][T14744] hsr_slave_0: entered promiscuous mode [ 614.139695][T14744] hsr_slave_1: entered promiscuous mode [ 614.304191][T14563] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 614.357300][T14605] 8021q: adding VLAN 0 to HW filter on device bond0 [ 614.390430][T14605] 8021q: adding VLAN 0 to HW filter on device team0 [ 614.438403][T14741] usbtmc 5-1:16.0: usb_control_msg returned -110 [ 614.462417][ T5968] bridge0: port 1(bridge_slave_0) entered blocking state [ 614.469575][ T5968] bridge0: port 1(bridge_slave_0) entered forwarding state [ 614.480111][ T5968] bridge0: port 2(bridge_slave_1) entered blocking state [ 614.487328][ T5968] bridge0: port 2(bridge_slave_1) entered forwarding state [ 614.513978][ T5301] usb 5-1: USB disconnect, device number 101 [ 614.551499][T10456] usb 3-1: new high-speed USB device number 92 using dummy_hcd [ 614.587090][T14605] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 614.598149][T14605] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 614.677260][T14563] veth0_vlan: entered promiscuous mode [ 614.786242][T10456] usb 3-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d [ 614.796516][T10456] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 614.812055][T10456] usb 3-1: Product: syz [ 614.816287][T10456] usb 3-1: Manufacturer: syz [ 614.821635][T10456] usb 3-1: SerialNumber: syz [ 614.840665][T10456] r8152-cfgselector 3-1: Unknown version 0x0000 [ 614.851627][T14605] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 614.866224][T14563] veth1_vlan: entered promiscuous mode [ 614.867810][T14837] fuse: Bad value for 'rootmode' [ 614.882300][T10456] r8152-cfgselector 3-1: config 0 descriptor?? [ 615.016829][T14563] veth0_macvtap: entered promiscuous mode [ 615.063956][T14563] veth1_macvtap: entered promiscuous mode [ 615.090178][T14605] veth0_vlan: entered promiscuous mode [ 615.151600][ T5302] usb 5-1: new high-speed USB device number 102 using dummy_hcd [ 615.160016][ T5232] Bluetooth: hci0: command tx timeout [ 615.187539][T14563] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 615.214103][T14563] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 615.231510][T14563] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 615.249509][T14563] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 615.267837][T14563] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 615.312029][T14605] veth1_vlan: entered promiscuous mode [ 615.320258][T14563] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 615.332833][ T5302] usb 5-1: Using ep0 maxpacket: 8 [ 615.339862][ T5302] usb 5-1: config 0 has an invalid descriptor of length 102, skipping remainder of the config [ 615.344247][T14563] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 615.353401][ T5302] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 615.381215][T14563] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 615.389605][ T5302] usb 5-1: New USB device found, idVendor=8d89, idProduct=8139, bcdDevice=ef.13 [ 615.399712][T14563] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 615.407646][ T5302] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 615.423939][T14563] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 615.433527][ T5302] usb 5-1: Product: syz [ 615.437752][ T5302] usb 5-1: Manufacturer: syz [ 615.441589][T14744] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 615.443475][ T5302] usb 5-1: SerialNumber: syz [ 615.462662][ T5302] usb 5-1: config 0 descriptor?? [ 615.477234][T14744] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 615.505209][T14563] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 615.522960][T14563] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 615.538383][T14563] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 615.557510][T14563] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 615.568936][T14744] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 615.578427][T14744] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 615.689710][ T5301] usb 5-1: USB disconnect, device number 102 [ 615.729906][T14605] veth0_macvtap: entered promiscuous mode [ 615.774167][T14605] veth1_macvtap: entered promiscuous mode [ 615.812006][ T5230] r8152-cfgselector 3-1: USB disconnect, device number 92 [ 615.846800][T14605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 615.858497][T14605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 615.878121][T14605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 615.889472][T14605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 615.904992][T14605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 615.918124][T14605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 615.936896][T14605] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 615.982419][ T4295] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 615.990310][ T4295] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 616.008615][T14605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 616.030025][T14605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 616.047228][T14605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 616.058426][T14605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 616.076803][T14605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 616.088001][T14605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 616.101280][ T29] kauditd_printk_skb: 3 callbacks suppressed [ 616.101301][ T29] audit: type=1326 audit(1727744432.260:19446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14860 comm="syz.2.1950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b0bd7dff9 code=0x7ffc0000 [ 616.108190][T14605] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 616.132615][ T29] audit: type=1326 audit(1727744432.260:19447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14860 comm="syz.2.1950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5b0bd7dff9 code=0x7ffc0000 [ 616.173657][ T29] audit: type=1326 audit(1727744432.260:19448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14860 comm="syz.2.1950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b0bd7dff9 code=0x7ffc0000 [ 616.210552][T14744] 8021q: adding VLAN 0 to HW filter on device bond0 [ 616.241102][ T29] audit: type=1326 audit(1727744432.260:19449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14860 comm="syz.2.1950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f5b0bd7fe8c code=0x7ffc0000 [ 616.258034][T14605] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 616.318181][T14605] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 616.341377][ T29] audit: type=1326 audit(1727744432.410:19450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14860 comm="syz.2.1950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f5b0bd7fdc4 code=0x7ffc0000 [ 616.391080][T14605] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 616.399852][T14605] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 616.439318][ T29] audit: type=1326 audit(1727744432.410:19451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14860 comm="syz.2.1950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f5b0bd7fdc4 code=0x7ffc0000 [ 616.496164][T14744] 8021q: adding VLAN 0 to HW filter on device team0 [ 616.513936][ T29] audit: type=1326 audit(1727744432.410:19452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14860 comm="syz.2.1950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b0bd7dff9 code=0x7ffc0000 [ 616.543343][ T29] audit: type=1326 audit(1727744432.410:19453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14860 comm="syz.2.1950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b0bd7dff9 code=0x7ffc0000 [ 616.572463][ T29] audit: type=1326 audit(1727744432.460:19454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14860 comm="syz.2.1950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f5b0bd74fa7 code=0x7ffc0000 [ 616.646792][ T9279] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 616.655900][ T9279] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 616.680051][ T29] audit: type=1326 audit(1727744432.460:19455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14860 comm="syz.2.1950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5b0bd19959 code=0x7ffc0000 [ 616.762426][ T9186] bridge0: port 1(bridge_slave_0) entered blocking state [ 616.769656][ T9186] bridge0: port 1(bridge_slave_0) entered forwarding state [ 616.797965][ T9186] bridge0: port 2(bridge_slave_1) entered blocking state [ 616.805191][ T9186] bridge0: port 2(bridge_slave_1) entered forwarding state [ 617.041976][T11997] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 617.049845][T11997] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 617.163282][ T5968] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 617.186612][ T5968] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 617.206391][T14886] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1953'. [ 617.221815][ T5232] Bluetooth: hci0: command tx timeout [ 617.354251][T14744] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 617.399675][T14894] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1955'. [ 617.572625][T14744] veth0_vlan: entered promiscuous mode [ 617.639540][T14744] veth1_vlan: entered promiscuous mode [ 617.672458][T10456] usb 4-1: new high-speed USB device number 113 using dummy_hcd [ 617.790951][T14744] veth0_macvtap: entered promiscuous mode [ 617.800553][T14908] fuse: Unknown parameter 'use00000000000000000000' [ 617.837047][T10456] usb 4-1: Using ep0 maxpacket: 8 [ 617.846726][T10456] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 617.881265][T10456] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 617.909050][T14744] veth1_macvtap: entered promiscuous mode [ 617.924498][T10456] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12336, setting to 1024 [ 617.958090][T10456] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 618.019073][T14744] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 618.035180][T10456] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 618.049203][T14744] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 618.059403][T10456] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 618.068633][T10324] usb 3-1: new high-speed USB device number 93 using dummy_hcd [ 618.090016][T14744] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 618.102233][T10456] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 618.157723][T14744] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 618.191866][T14744] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 618.224893][T14744] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 618.239570][T14744] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 618.250318][T14744] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 618.263429][T14744] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 618.274179][T14744] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 618.285253][T14744] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 618.295532][T14744] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 618.306109][T14744] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 618.316022][T14744] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 618.327339][T14744] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 618.338054][T14744] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 618.348766][T14744] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 618.360798][T14744] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 618.378516][T10456] usb 4-1: GET_CAPABILITIES returned 0 [ 618.390113][T10456] usbtmc 4-1:16.0: can't read capabilities [ 618.396347][T10324] usb 3-1: Using ep0 maxpacket: 8 [ 618.403146][T10324] usb 3-1: config 0 has an invalid descriptor of length 102, skipping remainder of the config [ 618.421578][T14744] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 618.441106][T14744] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 618.449876][T14744] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 618.458805][T10324] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 618.488581][T10324] usb 3-1: New USB device found, idVendor=8d89, idProduct=8139, bcdDevice=ef.13 [ 618.501870][T14744] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 618.510982][T10324] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 618.519163][T10324] usb 3-1: Product: syz [ 618.543429][T10324] usb 3-1: Manufacturer: syz [ 618.548110][T10324] usb 3-1: SerialNumber: syz [ 618.572361][T10324] usb 3-1: config 0 descriptor?? [ 618.582532][ T5239] usb 4-1: USB disconnect, device number 113 [ 618.735011][T11995] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 618.759841][T11995] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 618.793818][T11995] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 618.805500][ T5239] usb 3-1: USB disconnect, device number 93 [ 618.841276][T11995] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 618.865763][T14939] netlink: 2 bytes leftover after parsing attributes in process `syz.0.1962'. [ 619.801462][T14962] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1967'. [ 620.853556][ T5302] usb 3-1: new high-speed USB device number 94 using dummy_hcd [ 621.041190][ T5302] usb 3-1: Using ep0 maxpacket: 8 [ 621.064121][ T5302] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 621.113849][ T29] kauditd_printk_skb: 1023 callbacks suppressed [ 621.113872][ T29] audit: type=1326 audit(1727744437.260:20479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14955 comm="syz.1.1965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f0ac2f74fa7 code=0x7ffc0000 [ 621.151830][ T5302] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 621.211122][ T5302] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12336, setting to 1024 [ 621.289628][ T5302] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 621.371351][ T29] audit: type=1326 audit(1727744437.350:20480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14955 comm="syz.1.1965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0ac2f19959 code=0x7ffc0000 [ 621.421169][ T5302] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 621.508665][ T5302] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 621.583391][ T29] audit: type=1326 audit(1727744437.350:20481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14955 comm="syz.1.1965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f0ac2f74fa7 code=0x7ffc0000 [ 621.609309][T14970] bridge0: port 3(erspan0) entered blocking state [ 621.631887][ T5302] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 621.660650][T14970] bridge0: port 3(erspan0) entered disabled state [ 621.690267][T14970] erspan0: entered allmulticast mode [ 621.912715][T14970] erspan0: entered promiscuous mode [ 621.919989][T14970] bridge0: port 3(erspan0) entered blocking state [ 621.926602][T14970] bridge0: port 3(erspan0) entered forwarding state [ 621.934759][ T29] audit: type=1326 audit(1727744437.350:20482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14955 comm="syz.1.1965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0ac2f19959 code=0x7ffc0000 [ 622.067365][ T5302] usb 3-1: GET_CAPABILITIES returned 0 [ 622.094591][ T29] audit: type=1326 audit(1727744437.350:20483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14955 comm="syz.1.1965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f0ac2f74fa7 code=0x7ffc0000 [ 622.128653][ T5302] usbtmc 3-1:16.0: can't read capabilities [ 622.279381][ T5302] usb 3-1: USB disconnect, device number 94 [ 622.344567][ T29] audit: type=1326 audit(1727744437.350:20484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14955 comm="syz.1.1965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0ac2f19959 code=0x7ffc0000 [ 622.530893][ T29] audit: type=1326 audit(1727744437.350:20485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14955 comm="syz.1.1965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f0ac2f74fa7 code=0x7ffc0000 [ 622.557741][T14995] netlink: 'syz.3.1972': attribute type 10 has an invalid length. [ 622.628170][T14995] bridge0: port 3(erspan0) entered disabled state [ 622.634925][T14995] bridge0: port 2(bridge_slave_1) entered disabled state [ 622.642441][T14995] bridge0: port 1(bridge_slave_0) entered disabled state [ 622.669687][ T29] audit: type=1326 audit(1727744437.350:20486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14955 comm="syz.1.1965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0ac2f19959 code=0x7ffc0000 [ 622.762920][T14995] bridge0: port 3(erspan0) entered blocking state [ 622.769550][T14995] bridge0: port 3(erspan0) entered forwarding state [ 622.776472][T14995] bridge0: port 2(bridge_slave_1) entered blocking state [ 622.783667][T14995] bridge0: port 2(bridge_slave_1) entered forwarding state [ 622.791239][T14995] bridge0: port 1(bridge_slave_0) entered blocking state [ 622.798417][T14995] bridge0: port 1(bridge_slave_0) entered forwarding state [ 622.818470][ T29] audit: type=1326 audit(1727744437.350:20487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14955 comm="syz.1.1965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f0ac2f74fa7 code=0x7ffc0000 [ 622.918059][ T29] audit: type=1326 audit(1727744437.350:20488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14955 comm="syz.1.1965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0ac2f19959 code=0x7ffc0000 [ 623.019005][T14995] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 623.113607][T14993] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1972'. [ 623.144034][T15001] Cannot find add_set index 0 as target [ 623.149858][T14993] erspan0: left allmulticast mode [ 623.177989][T14993] erspan0: left promiscuous mode [ 623.219737][T14993] bridge0: port 3(erspan0) entered disabled state [ 623.278479][T14993] bridge_slave_1: left allmulticast mode [ 623.293940][T14993] bridge_slave_1: left promiscuous mode [ 623.299765][T14993] bridge0: port 2(bridge_slave_1) entered disabled state [ 623.315746][T15005] fuse: Unknown parameter 'use00000000000000000000' [ 623.364662][T14993] bridge_slave_0: left allmulticast mode [ 623.374513][T14993] bridge_slave_0: left promiscuous mode [ 623.385913][T14993] bridge0: port 1(bridge_slave_0) entered disabled state [ 623.411261][ T5302] usb 3-1: new high-speed USB device number 95 using dummy_hcd [ 623.526318][T14993] bond0: (slave bridge0): Releasing backup interface [ 623.561539][ T1166] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 623.581095][ T5302] usb 3-1: Using ep0 maxpacket: 8 [ 623.588702][ T5302] usb 3-1: unable to get BOS descriptor or descriptor too short [ 623.602463][ T5302] usb 3-1: config 1 interface 0 altsetting 14 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 623.627035][ T5302] usb 3-1: config 1 interface 0 has no altsetting 0 [ 623.649433][ T5302] usb 3-1: New USB device found, idVendor=05ac, idProduct=024c, bcdDevice= 0.40 [ 623.660688][ T5302] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 623.674236][ T5302] usb 3-1: Product: syz [ 623.678464][ T5302] usb 3-1: Manufacturer: syz [ 623.687399][ T5302] usb 3-1: SerialNumber: syz [ 623.721214][ T1166] usb 2-1: Using ep0 maxpacket: 8 [ 623.732353][ T1166] usb 2-1: config 0 has an invalid descriptor of length 102, skipping remainder of the config [ 623.755197][ T1166] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 623.775353][ T1166] usb 2-1: New USB device found, idVendor=8d89, idProduct=8139, bcdDevice=ef.13 [ 623.809612][ T1166] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 623.824024][ T1166] usb 2-1: Product: syz [ 623.828673][ T1166] usb 2-1: Manufacturer: syz [ 623.839594][ T1166] usb 2-1: SerialNumber: syz [ 623.886205][ T1166] usb 2-1: config 0 descriptor?? [ 623.929994][ T5302] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/input/input48 [ 623.984957][ T4669] bcm5974 3-1:1.0: could not read from device [ 623.993952][ T5302] usb 3-1: USB disconnect, device number 95 [ 624.107547][ T46] usb 2-1: USB disconnect, device number 12 [ 624.586999][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.593847][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 624.888416][T15013] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1979'. [ 625.021051][ C0] sched: DL replenish lagged too much [ 625.021233][ T5301] usb 3-1: new high-speed USB device number 96 using dummy_hcd [ 625.112112][T15019] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 625.211231][ T5301] usb 3-1: Using ep0 maxpacket: 16 [ 625.252161][ T5301] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 625.277798][ T5301] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 625.307328][ T5301] usb 3-1: Product: 굗R뼁ࢠ曓䲌䊃첵ᝬ牉걾⴨ॣḴ睱㕧۔ꛓꗲ잙럂⵻㫭ྯ鮢ఙϘ兿餎 [ 625.357716][ T5301] usb 3-1: Manufacturer: 䎼컨枈䰊晆睧ﵼ⊬⏈뾭ࡄ诸珽뜒잽袪Ɤɍ馹♒䪚겁㯹ᮭ籠ꌇ錵遞ᶩ⯚੤㊽釾⥺ࢊ楝﷾硨쯧꣪ᢦ㮛⏄✔ꆎ㼏ׁᘡ晋༰㥥␃ꯓ숒㆙㳒》队渍ন㿳뗘Ӕ臭릍硔䗆鏈ᰣ튍둞ꓝ撯퓫鰚꘱錈竍쉤䨚⎙튃伩ㄴ⢹﫱嚊궰㜖쬓䐓줓ͱ磵萩㋼謁룒辂裢烐繺ɹ佇엤⺠ [ 625.446533][ T5301] usb 3-1: SerialNumber: 㰊 [ 625.736750][T15029] IPVS: sync thread started: state = BACKUP, mcast_ifn = netdevsim0, syncid = 0, id = 0 [ 625.775572][T15010] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1978'. [ 625.829358][ T5301] cdc_ncm 3-1:1.0: bind() failure [ 625.877776][ T5301] cdc_ncm 3-1:1.1: CDC Union missing and no IAD found [ 625.918973][ T5301] cdc_ncm 3-1:1.1: bind() failure [ 625.970021][ T5301] usb 3-1: USB disconnect, device number 96 [ 627.201166][ T46] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 627.366171][ T46] usb 2-1: Using ep0 maxpacket: 8 [ 627.376257][ T46] usb 2-1: config 0 has an invalid interface number: 112 but max is 1 [ 627.388880][ T46] usb 2-1: config 0 has an invalid interface number: 17 but max is 1 [ 627.400643][ T46] usb 2-1: config 0 has no interface number 0 [ 627.410963][ T46] usb 2-1: config 0 has no interface number 1 [ 627.427326][ T46] usb 2-1: New USB device found, idVendor=04c1, idProduct=009d, bcdDevice=1f.14 [ 627.439708][ T46] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 627.458782][ T46] usb 2-1: Product: syz [ 627.468926][ T46] usb 2-1: Manufacturer: syz [ 627.477823][ T46] usb 2-1: SerialNumber: syz [ 627.489623][ T46] usb 2-1: config 0 descriptor?? [ 627.726808][ T46] usb 2-1: USB disconnect, device number 13 [ 628.581595][ T5302] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 628.731291][ T5302] usb 2-1: device descriptor read/64, error -71 [ 628.996150][ T5302] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 629.141348][ T5302] usb 2-1: device descriptor read/64, error -71 [ 629.265012][ T5302] usb usb2-port1: attempt power cycle [ 629.613708][ T5302] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 629.645983][ T5302] usb 2-1: device descriptor read/8, error -71 [ 629.896069][ T5302] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 629.935192][ T5302] usb 2-1: device descriptor read/8, error -71 [ 630.061245][ T5302] usb usb2-port1: unable to enumerate USB device [ 632.011342][T15052] fuse: Unknown parameter 'use00000000000000000000' [ 632.294442][ T5242] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 632.302985][ T5302] usb 2-1: new high-speed USB device number 18 using dummy_hcd [ 632.315125][ T5242] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 632.331220][ T5242] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 632.345372][ T5242] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 632.355234][ T5242] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 632.363784][ T5242] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 632.567288][ T5302] usb 2-1: Using ep0 maxpacket: 8 [ 632.579097][ T5302] usb 2-1: config 0 has an invalid descriptor of length 102, skipping remainder of the config [ 633.084223][ T5302] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 633.871203][ T5302] usb 2-1: New USB device found, idVendor=8d89, idProduct=8139, bcdDevice=ef.13 [ 634.421185][ T5232] Bluetooth: hci5: command tx timeout [ 634.791181][ T5302] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 634.858111][ T5302] usb 2-1: Product: syz [ 635.431376][ T5302] usb 2-1: Manufacturer: syz [ 635.436055][ T5302] usb 2-1: SerialNumber: syz [ 635.996343][T15054] chnl_net:caif_netlink_parms(): no params data found [ 636.086910][ T5302] usb 2-1: config 0 descriptor?? [ 636.138298][T15059] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1990'. [ 636.165320][ T5302] usb 2-1: can't set config #0, error -71 [ 636.240743][ T5302] usb 2-1: USB disconnect, device number 18 [ 636.524833][ T5232] Bluetooth: hci5: command tx timeout [ 638.581183][ T5232] Bluetooth: hci5: command tx timeout [ 640.743985][ T5232] Bluetooth: hci5: command tx timeout [ 644.481165][ T46] usb 2-1: new high-speed USB device number 19 using dummy_hcd [ 647.692623][T15054] bridge0: port 1(bridge_slave_0) entered blocking state [ 647.730583][T15054] bridge0: port 1(bridge_slave_0) entered disabled state [ 648.031827][T15054] bridge_slave_0: entered allmulticast mode [ 649.521224][T15054] bridge_slave_0: entered promiscuous mode [ 649.602659][ T5242] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 649.622023][ T5242] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 649.632338][ T5242] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 650.220510][ T5242] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 650.328091][ T54] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 650.335792][ T54] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 650.403354][ T5234] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 650.415746][ T5234] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 650.425036][ T5234] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 650.433563][ T5234] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 650.441962][ T5234] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 650.449453][ T5234] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 650.567873][T15076] syz_tun: entered promiscuous mode [ 650.627500][T15076] batadv_slave_0: entered promiscuous mode [ 650.689077][T15076] hsr2: entered allmulticast mode [ 650.700443][T15076] syz_tun: entered allmulticast mode [ 650.708131][T15076] batadv_slave_0: entered allmulticast mode [ 651.697279][T15054] bridge0: port 2(bridge_slave_1) entered blocking state [ 651.716089][T15054] bridge0: port 2(bridge_slave_1) entered disabled state [ 651.725599][T15054] bridge_slave_1: entered allmulticast mode [ 651.742705][T15054] bridge_slave_1: entered promiscuous mode [ 652.425421][ T5234] Bluetooth: hci2: command tx timeout [ 652.501246][ T5234] Bluetooth: hci3: command tx timeout [ 652.517805][ T9279] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 652.705930][T15054] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 652.755294][T15054] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 653.062211][T15054] team0: Port device team_slave_0 added [ 653.129669][T15054] team0: Port device team_slave_1 added [ 653.137583][T15088] tipc: Enabling of bearer rejected, failed to enable media [ 653.525762][T15054] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 653.548238][T15054] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 653.584944][ T29] kauditd_printk_skb: 58 callbacks suppressed [ 653.584967][ T29] audit: type=1326 audit(1727744469.730:20547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15092 comm="syz.2.1999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b0bd7dff9 code=0x7ffc0000 [ 653.648554][T15054] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 653.678629][ T29] audit: type=1326 audit(1727744469.730:20548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15092 comm="syz.2.1999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b0bd7dff9 code=0x7ffc0000 [ 653.704422][T15054] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 653.741253][T15054] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 653.794046][ T29] audit: type=1326 audit(1727744469.730:20549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15092 comm="syz.2.1999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f5b0bd7dff9 code=0x7ffc0000 [ 653.848577][T15054] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 653.879483][ T29] audit: type=1326 audit(1727744469.730:20550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15092 comm="syz.2.1999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b0bd7dff9 code=0x7ffc0000 [ 653.995063][ T29] audit: type=1326 audit(1727744469.730:20551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15092 comm="syz.2.1999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b0bd7dff9 code=0x7ffc0000 [ 654.070053][ T29] audit: type=1326 audit(1727744469.730:20552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15092 comm="syz.2.1999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5b0bd7dff9 code=0x7ffc0000 [ 654.178751][ T29] audit: type=1326 audit(1727744469.730:20553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15092 comm="syz.2.1999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b0bd7dff9 code=0x7ffc0000 [ 654.297129][ T29] audit: type=1326 audit(1727744469.730:20554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15092 comm="syz.2.1999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f5b0bd7dff9 code=0x7ffc0000 [ 654.380131][ T29] audit: type=1326 audit(1727744469.730:20555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15092 comm="syz.2.1999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b0bd7dff9 code=0x7ffc0000 [ 654.426483][T15054] hsr_slave_0: entered promiscuous mode [ 654.468153][T15054] hsr_slave_1: entered promiscuous mode [ 654.481480][ T29] audit: type=1326 audit(1727744469.730:20556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15092 comm="syz.2.1999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5b0bd7dff9 code=0x7ffc0000 [ 654.504486][ T5234] Bluetooth: hci2: command tx timeout [ 654.528977][T15054] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 654.589075][T15054] Cannot create hsr debugfs directory [ 654.604543][ T5234] Bluetooth: hci3: command tx timeout [ 654.936162][T15085] chnl_net:caif_netlink_parms(): no params data found [ 655.068876][T15084] chnl_net:caif_netlink_parms(): no params data found [ 656.114043][ T9279] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 656.583686][ T5234] Bluetooth: hci2: command tx timeout [ 656.645016][ T5242] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 656.655384][ T5242] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 656.670515][ T5242] Bluetooth: hci3: command tx timeout [ 656.681390][ T5242] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 656.694312][ T5242] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 656.715273][ T5242] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 656.723401][ T5242] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 657.201169][T15085] bridge0: port 1(bridge_slave_0) entered blocking state [ 657.208336][T15085] bridge0: port 1(bridge_slave_0) entered disabled state [ 657.237047][T15085] bridge_slave_0: entered allmulticast mode [ 657.257212][T15085] bridge_slave_0: entered promiscuous mode [ 657.275521][T15085] bridge0: port 2(bridge_slave_1) entered blocking state [ 657.293181][T15085] bridge0: port 2(bridge_slave_1) entered disabled state [ 657.300563][T15085] bridge_slave_1: entered allmulticast mode [ 657.318145][T15085] bridge_slave_1: entered promiscuous mode [ 657.721810][T15084] bridge0: port 1(bridge_slave_0) entered blocking state [ 657.737236][T15084] bridge0: port 1(bridge_slave_0) entered disabled state [ 657.748051][T15084] bridge_slave_0: entered allmulticast mode [ 657.764519][T15084] bridge_slave_0: entered promiscuous mode [ 657.787631][T15085] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 657.812472][T15084] bridge0: port 2(bridge_slave_1) entered blocking state [ 657.820677][T15084] bridge0: port 2(bridge_slave_1) entered disabled state [ 657.839430][T15084] bridge_slave_1: entered allmulticast mode [ 657.850882][T15084] bridge_slave_1: entered promiscuous mode [ 657.874101][T15085] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 658.136336][T15084] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 658.164585][T15085] team0: Port device team_slave_0 added [ 658.187228][T15085] team0: Port device team_slave_1 added [ 658.213680][T15084] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 658.597940][T15085] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 658.615729][T15085] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 658.653590][T15085] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 658.675436][ T5242] Bluetooth: hci2: command tx timeout [ 658.746394][ T5234] Bluetooth: hci3: command tx timeout [ 658.752094][ T5242] Bluetooth: hci0: command tx timeout [ 658.852623][T15084] team0: Port device team_slave_0 added [ 658.874427][T15084] team0: Port device team_slave_1 added [ 659.005978][T15085] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 659.021511][T15085] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 659.047473][ C1] vkms_vblank_simulate: vblank timer overrun [ 659.063683][T15085] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 659.121662][T15084] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 659.128716][T15084] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 659.167113][T15084] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 659.210481][T15084] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 659.238193][T15084] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 659.264402][ C1] vkms_vblank_simulate: vblank timer overrun [ 659.311386][T15084] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 659.340630][T15105] chnl_net:caif_netlink_parms(): no params data found [ 659.623271][T15085] hsr_slave_0: entered promiscuous mode [ 659.644918][T15085] hsr_slave_1: entered promiscuous mode [ 659.663534][T15085] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 659.678071][T15085] Cannot create hsr debugfs directory [ 660.040398][T15084] hsr_slave_0: entered promiscuous mode [ 660.108408][T15084] hsr_slave_1: entered promiscuous mode [ 660.180800][T15084] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 660.191243][T15084] Cannot create hsr debugfs directory [ 660.474562][T15105] bridge0: port 1(bridge_slave_0) entered blocking state [ 660.491214][T15105] bridge0: port 1(bridge_slave_0) entered disabled state [ 660.498603][T15105] bridge_slave_0: entered allmulticast mode [ 660.529099][T15105] bridge_slave_0: entered promiscuous mode [ 660.571198][T15105] bridge0: port 2(bridge_slave_1) entered blocking state [ 660.578411][T15105] bridge0: port 2(bridge_slave_1) entered disabled state [ 660.599153][T15105] bridge_slave_1: entered allmulticast mode [ 660.612598][T15105] bridge_slave_1: entered promiscuous mode [ 660.821185][ T5242] Bluetooth: hci0: command tx timeout [ 661.060754][ T9279] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 661.123590][T15105] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 661.156914][T15105] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 661.453807][T15105] team0: Port device team_slave_0 added [ 661.530755][T15105] team0: Port device team_slave_1 added [ 661.663137][T15105] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 661.670147][T15105] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 661.696181][ C1] vkms_vblank_simulate: vblank timer overrun [ 661.717812][T15105] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 661.760934][T15105] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 661.779853][T15105] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 661.822043][T15105] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 661.969172][T15105] hsr_slave_0: entered promiscuous mode [ 661.995825][T15105] hsr_slave_1: entered promiscuous mode [ 662.011604][T15105] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 662.019266][T15105] Cannot create hsr debugfs directory [ 662.901217][ T5242] Bluetooth: hci0: command tx timeout [ 663.578051][T15124] netlink: 'syz.2.2004': attribute type 9 has an invalid length. [ 663.587637][T15124] netlink: 134660 bytes leftover after parsing attributes in process `syz.2.2004'. [ 664.131114][ T1166] usb 3-1: new high-speed USB device number 97 using dummy_hcd [ 664.311331][ T1166] usb 3-1: Using ep0 maxpacket: 16 [ 664.331668][ T1166] usb 3-1: config 0 has no interfaces? [ 664.367155][ T1166] usb 3-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6 [ 664.386815][ T1166] usb 3-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3 [ 664.407279][ T1166] usb 3-1: Product: syz [ 664.411988][ T1166] usb 3-1: Manufacturer: syz [ 664.416708][ T1166] usb 3-1: SerialNumber: syz [ 664.434216][ T1166] usb 3-1: config 0 descriptor?? [ 664.981287][ T5242] Bluetooth: hci0: command tx timeout [ 665.788801][ T9279] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 674.922194][ T5234] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 674.935359][ T5234] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 674.944070][ T5234] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 674.953045][ T5234] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 674.965998][ T5234] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 674.973592][ T5234] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 677.072012][ T5234] Bluetooth: hci4: command tx timeout [ 679.141275][ T5234] Bluetooth: hci4: command tx timeout [ 681.221261][ T5234] Bluetooth: hci4: command tx timeout [ 683.301207][ T5234] Bluetooth: hci4: command tx timeout [ 686.032274][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 686.038640][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 692.692368][ T5242] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 692.703207][ T5242] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 692.714191][ T5242] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 692.723744][ T5242] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 692.733976][ T5242] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 692.750414][ T5242] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 694.821527][ T5242] Bluetooth: hci1: command tx timeout [ 696.903096][ T5242] Bluetooth: hci1: command tx timeout [ 697.819385][ T5242] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 697.832108][ T5242] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 697.843249][ T5242] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 697.855248][ T5242] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 697.876307][ T5242] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 697.885675][ T5242] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 697.972229][ T5234] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 697.983509][ T5234] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 697.993186][ T5234] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 698.011169][ T5234] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 698.031353][ T5234] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 698.040399][ T5234] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 698.981442][ T5234] Bluetooth: hci1: command tx timeout [ 699.943863][ T5234] Bluetooth: hci6: command tx timeout [ 700.101564][ T5234] Bluetooth: hci7: command tx timeout [ 701.061459][ T5234] Bluetooth: hci1: command tx timeout [ 702.021216][ T5234] Bluetooth: hci6: command tx timeout [ 702.189858][ T5234] Bluetooth: hci7: command tx timeout [ 704.101327][ T5234] Bluetooth: hci6: command tx timeout [ 704.269574][ T5234] Bluetooth: hci7: command tx timeout [ 706.183595][ T5234] Bluetooth: hci6: command tx timeout [ 706.349627][ T5234] Bluetooth: hci7: command tx timeout [ 716.879455][ T5242] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 716.889918][ T5242] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 716.899728][ T5242] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 716.909271][ T5242] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 716.921217][ T5242] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3 [ 716.931903][ T5242] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 718.981238][ T5242] Bluetooth: hci8: command tx timeout [ 721.067708][ T5242] Bluetooth: hci8: command tx timeout [ 723.141304][ T5242] Bluetooth: hci8: command tx timeout [ 725.221115][ T5234] Bluetooth: hci8: command tx timeout [ 736.102182][ T5242] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 736.115639][ T5242] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 736.135265][ T5242] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 736.151860][ T5242] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 736.159604][ T5242] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3 [ 736.167738][ T5242] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 738.261442][ T5242] Bluetooth: hci9: command tx timeout [ 740.351438][ T5242] Bluetooth: hci9: command tx timeout [ 742.421724][ T5242] Bluetooth: hci9: command tx timeout [ 744.501490][ T5242] Bluetooth: hci9: command tx timeout [ 747.472140][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 747.478633][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 753.267948][ T54] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 753.278545][ T54] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 753.288281][ T54] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 753.299197][ T54] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 753.311288][ T54] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3 [ 753.319506][ T54] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 754.670494][ T5234] Bluetooth: hci5: command 0x0406 tx timeout [ 755.381286][ T5242] Bluetooth: hci10: command tx timeout [ 757.461257][ T5242] Bluetooth: hci10: command tx timeout [ 758.558731][ T5234] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 758.568820][ T5234] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 758.593935][ T5234] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 758.604351][ T5234] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 758.633196][ T5234] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3 [ 758.640717][ T5234] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 758.671264][ T5234] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 758.683694][T15178] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 758.694662][T15178] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 758.704591][T15178] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 758.713189][T15178] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3 [ 758.720653][T15178] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2 [ 759.541202][T15178] Bluetooth: hci10: command tx timeout [ 760.741287][T15178] Bluetooth: hci11: command tx timeout [ 760.821301][T15178] Bluetooth: hci12: command tx timeout [ 761.621213][T15178] Bluetooth: hci10: command tx timeout [ 762.822149][T15178] Bluetooth: hci11: command tx timeout [ 762.901224][T15178] Bluetooth: hci12: command tx timeout [ 764.901344][T15178] Bluetooth: hci11: command tx timeout [ 764.981296][T15178] Bluetooth: hci12: command tx timeout [ 766.981323][T15178] Bluetooth: hci11: command tx timeout [ 767.061405][T15178] Bluetooth: hci12: command tx timeout [ 775.161147][ T5234] Bluetooth: hci2: command 0x0406 tx timeout [ 775.167283][T15178] Bluetooth: hci3: command 0x0406 tx timeout [ 777.413769][ T5232] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1 [ 777.425760][ T5232] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9 [ 777.436912][ T5232] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9 [ 777.445188][ T5232] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4 [ 777.453614][ T5232] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3 [ 777.461427][ T5232] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2 [ 779.541288][ T5232] Bluetooth: hci13: command tx timeout [ 780.272445][ T5232] Bluetooth: hci0: command 0x0406 tx timeout [ 781.621173][ T54] Bluetooth: hci13: command tx timeout [ 783.701246][ T54] Bluetooth: hci13: command tx timeout [ 785.781242][ T54] Bluetooth: hci13: command tx timeout [ 797.159700][ T5232] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1 [ 797.170502][ T5232] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9 [ 797.179963][ T5232] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9 [ 797.189981][ T5232] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4 [ 797.201679][ T5232] Bluetooth: hci14: unexpected cc 0x0c25 length: 249 > 3 [ 797.209757][ T5232] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2 [ 799.301254][ T54] Bluetooth: hci14: command tx timeout [ 800.750726][ T54] Bluetooth: hci4: command 0x0406 tx timeout [ 801.381286][ T5232] Bluetooth: hci14: command tx timeout [ 803.461253][ T5232] Bluetooth: hci14: command tx timeout [ 805.541177][ T5232] Bluetooth: hci14: command tx timeout [ 808.913503][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 808.919869][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 813.779587][ T54] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1 [ 813.800198][ T54] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9 [ 813.810878][ T54] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9 [ 813.838919][ T54] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4 [ 813.847066][ T54] Bluetooth: hci15: unexpected cc 0x0c25 length: 249 > 3 [ 813.854747][ T54] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2 [ 815.941290][ T5232] Bluetooth: hci15: command tx timeout [ 816.111130][ T5232] Bluetooth: hci1: command 0x0406 tx timeout [ 818.021148][ T54] Bluetooth: hci15: command tx timeout [ 818.992610][ T5232] Bluetooth: hci16: unexpected cc 0x0c03 length: 249 > 1 [ 819.002990][ T5232] Bluetooth: hci16: unexpected cc 0x1003 length: 249 > 9 [ 819.021136][ T5232] Bluetooth: hci16: unexpected cc 0x1001 length: 249 > 9 [ 819.033567][ T5232] Bluetooth: hci16: unexpected cc 0x0c23 length: 249 > 4 [ 819.052008][ T5232] Bluetooth: hci16: unexpected cc 0x0c25 length: 249 > 3 [ 819.059531][ T5232] Bluetooth: hci16: unexpected cc 0x0c38 length: 249 > 2 [ 819.199308][T15178] Bluetooth: hci17: unexpected cc 0x0c03 length: 249 > 1 [ 819.210218][T15178] Bluetooth: hci17: unexpected cc 0x1003 length: 249 > 9 [ 819.219742][T15178] Bluetooth: hci17: unexpected cc 0x1001 length: 249 > 9 [ 819.230130][T15178] Bluetooth: hci17: unexpected cc 0x0c23 length: 249 > 4 [ 819.239453][T15178] Bluetooth: hci17: unexpected cc 0x0c25 length: 249 > 3 [ 819.249286][T15178] Bluetooth: hci17: unexpected cc 0x0c38 length: 249 > 2 [ 820.101358][T15178] Bluetooth: hci15: command tx timeout [ 821.141217][T15178] Bluetooth: hci16: command tx timeout [ 821.227594][ T5234] Bluetooth: hci7: command 0x0406 tx timeout [ 821.233987][T15178] Bluetooth: hci6: command 0x0406 tx timeout [ 821.301521][ T5232] Bluetooth: hci17: command tx timeout [ 822.181156][ T5232] Bluetooth: hci15: command tx timeout [ 822.981278][ T30] INFO: task dhcpcd:4897 blocked for more than 143 seconds. [ 822.988731][ T30] Not tainted 6.12.0-rc1-syzkaller #0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 823.041382][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 823.071272][ T30] task:dhcpcd state:D stack:22272 pid:4897 tgid:4897 ppid:1 flags:0x00000002 [ 823.161311][ T30] Call Trace: [ 823.164665][ T30] [ 823.167639][ T30] __schedule+0x1895/0x4b30 [ 823.221156][ T5232] Bluetooth: hci16: command tx timeout [ 823.228151][ T30] ? __pfx___schedule+0x10/0x10 [ 823.241039][ T30] ? __pfx_lock_release+0x10/0x10 [ 823.246160][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 823.263149][ T30] ? schedule+0x90/0x320 [ 823.267479][ T30] schedule+0x14b/0x320 [ 823.281087][ T30] schedule_preempt_disabled+0x13/0x30 [ 823.286672][ T30] __mutex_lock+0x6a7/0xd70 [ 823.301728][ T30] ? __mutex_lock+0x52a/0xd70 [ 823.306530][ T30] ? vlan_ioctl_handler+0x112/0x9d0 [ 823.323397][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 823.328967][ T30] ? __might_fault+0xc6/0x120 [ 823.343265][ T30] vlan_ioctl_handler+0x112/0x9d0 [ 823.348373][ T30] ? sock_ioctl+0x661/0x8e0 [ 823.364276][ T30] ? __pfx_vlan_ioctl_handler+0x10/0x10 [ 823.369920][ T30] ? __pfx_vlan_ioctl_handler+0x10/0x10 [ 823.381281][ T5232] Bluetooth: hci17: command tx timeout [ 823.386893][ T30] sock_ioctl+0x680/0x8e0 [ 823.400998][ T30] ? __pfx_sock_ioctl+0x10/0x10 [ 823.406048][ T30] ? __pfx_sock_ioctl+0x10/0x10 [ 823.423362][ T30] __se_sys_ioctl+0xf9/0x170 [ 823.428319][ T30] do_syscall_64+0xf3/0x230 [ 823.441388][ T30] ? clear_bhb_loop+0x35/0x90 [ 823.446224][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 823.480676][ T30] RIP: 0033:0x7fe1d5728d49 [ 823.488179][ T30] RSP: 002b:00007ffe3fb6cde8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 823.508313][ T30] RAX: ffffffffffffffda RBX: 000055a8c10c27f0 RCX: 00007fe1d5728d49 [ 823.520352][ T30] RDX: 00007ffe3fb6cdf0 RSI: 0000000000008982 RDI: 0000000000000011 [ 823.540997][ T30] RBP: 0000000000000002 R08: 0000000000000008 R09: 0000000000000000 [ 823.549043][ T30] R10: 00007ffe3fb7d470 R11: 0000000000000246 R12: 00007ffe3fb6cdf0 [ 823.571540][ T30] R13: 00007ffe3fb6ceb0 R14: 000055a8c10c27f0 R15: 000055a8c12dee40 [ 823.591114][ T30] [ 823.594353][ T30] INFO: task kworker/u8:11:9279 blocked for more than 143 seconds. [ 823.619104][ T30] Not tainted 6.12.0-rc1-syzkaller #0 [ 823.641375][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 823.650119][ T30] task:kworker/u8:11 state:D stack:22360 pid:9279 tgid:9279 ppid:2 flags:0x00004000 [ 823.674097][ T30] Workqueue: netns cleanup_net [ 823.678941][ T30] Call Trace: [ 823.694529][ T30] [ 823.697535][ T30] __schedule+0x1895/0x4b30 [ 823.711117][ T30] ? __pfx___schedule+0x10/0x10 [ 823.716076][ T30] ? __pfx_lock_release+0x10/0x10 [ 823.731379][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 823.739664][ T30] ? kthread_data+0x52/0xd0 [ 823.751059][ T30] ? schedule+0x90/0x320 [ 823.755393][ T30] ? wq_worker_sleeping+0x66/0x240 [ 823.760610][ T30] ? schedule+0x90/0x320 [ 823.776674][ T30] schedule+0x14b/0x320 [ 823.791404][ T30] schedule_preempt_disabled+0x13/0x30 [ 823.797006][ T30] __mutex_lock+0x6a7/0xd70 [ 823.814430][ T30] ? __mutex_lock+0x52a/0xd70 [ 823.819191][ T30] ? cleanup_net+0x6af/0xcc0 [ 823.831111][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 823.836227][ T30] ? bpf_prog_array_free+0x34/0x40 [ 823.851740][ T30] cleanup_net+0x6af/0xcc0 [ 823.856240][ T30] ? __pfx_cleanup_net+0x10/0x10 [ 823.871430][ T30] ? process_scheduled_works+0x976/0x1850 [ 823.877237][ T30] process_scheduled_works+0xa63/0x1850 [ 823.896924][ T30] ? __pfx_process_scheduled_works+0x10/0x10 [ 823.911111][ T30] ? assign_work+0x364/0x3d0 [ 823.916155][ T30] worker_thread+0x870/0xd30 [ 823.920825][ T30] ? __kthread_parkme+0x169/0x1d0 [ 823.937769][ T30] ? __pfx_worker_thread+0x10/0x10 [ 823.962388][ T30] kthread+0x2f0/0x390 [ 823.966545][ T30] ? __pfx_worker_thread+0x10/0x10 [ 823.981121][ T30] ? __pfx_kthread+0x10/0x10 [ 823.985800][ T30] ret_from_fork+0x4b/0x80 [ 823.990271][ T30] ? __pfx_kthread+0x10/0x10 [ 824.007239][ T30] ret_from_fork_asm+0x1a/0x30 [ 824.017544][ T30] [ 824.028263][ T30] INFO: task kworker/u8:19:11997 blocked for more than 144 seconds. [ 824.051036][ T30] Not tainted 6.12.0-rc1-syzkaller #0 [ 824.056993][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 824.078524][ T30] task:kworker/u8:19 state:D stack:23168 pid:11997 tgid:11997 ppid:2 flags:0x00004000 [ 824.104236][ T30] Workqueue: ipv6_addrconf addrconf_verify_work [ 824.110594][ T30] Call Trace: [ 824.125611][ T30] [ 824.128617][ T30] __schedule+0x1895/0x4b30 [ 824.139589][ T30] ? __pfx___schedule+0x10/0x10 [ 824.151065][ T30] ? __pfx_lock_release+0x10/0x10 [ 824.156175][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 824.173102][ T30] ? kthread_data+0x52/0xd0 [ 824.177688][ T30] ? schedule+0x90/0x320 [ 824.198945][ T30] ? wq_worker_sleeping+0x66/0x240 [ 824.210611][ T30] ? schedule+0x90/0x320 [ 824.220009][ T30] schedule+0x14b/0x320 [ 824.224892][ T30] schedule_preempt_disabled+0x13/0x30 [ 824.230516][ T30] __mutex_lock+0x6a7/0xd70 [ 824.249203][ T30] ? __mutex_lock+0x52a/0xd70 [ 824.258973][ T30] ? addrconf_verify_work+0x19/0x30 [ 824.274466][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 824.287628][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 824.318715][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 824.335803][ T30] ? process_scheduled_works+0x976/0x1850 [ 824.349202][ T30] addrconf_verify_work+0x19/0x30 [ 824.361101][ T30] process_scheduled_works+0xa63/0x1850 [ 824.367045][ T30] ? __pfx_process_scheduled_works+0x10/0x10 [ 824.381149][ T30] ? assign_work+0x364/0x3d0 [ 824.385828][ T30] worker_thread+0x870/0xd30 [ 824.390494][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 824.410395][ T30] ? __kthread_parkme+0x169/0x1d0 [ 824.419388][ T30] ? __pfx_worker_thread+0x10/0x10 [ 824.430959][ T30] kthread+0x2f0/0x390 [ 824.435096][ T30] ? __pfx_worker_thread+0x10/0x10 [ 824.440266][ T30] ? __pfx_kthread+0x10/0x10 [ 824.456721][ T30] ret_from_fork+0x4b/0x80 [ 824.466901][ T30] ? __pfx_kthread+0x10/0x10 [ 824.477882][ T30] ret_from_fork_asm+0x1a/0x30 [ 824.488075][ T30] [ 824.500470][ T30] INFO: task syz-executor:15054 blocked for more than 144 seconds. [ 824.516338][ T30] Not tainted 6.12.0-rc1-syzkaller #0 [ 824.531273][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 824.540090][ T30] task:syz-executor state:D stack:21728 pid:15054 tgid:15054 ppid:1 flags:0x00004006 [ 824.562272][ T30] Call Trace: [ 824.565697][ T30] [ 824.568688][ T30] __schedule+0x1895/0x4b30 [ 824.590424][ T30] ? __pfx___schedule+0x10/0x10 [ 824.601133][ T30] ? __pfx_lock_release+0x10/0x10 [ 824.606262][ T30] ? schedule+0x90/0x320 [ 824.610573][ T30] schedule+0x14b/0x320 [ 824.625918][ T30] schedule_timeout+0xb0/0x310 [ 824.630759][ T30] ? __pfx_schedule_timeout+0x10/0x10 [ 824.641473][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 824.647539][ T30] ? wait_for_completion+0x2fe/0x620 [ 824.669721][ T30] ? wait_for_completion+0x2fe/0x620 [ 824.680956][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 824.686237][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 824.702376][ T30] ? wait_for_completion+0x2fe/0x620 [ 824.707752][ T30] wait_for_completion+0x355/0x620 [ 824.723159][ T30] ? __pfx_wait_for_completion+0x10/0x10 [ 824.728887][ T30] ? __flush_work+0xe7/0xc50 [ 824.747886][ T30] __flush_work+0xa37/0xc50 [ 824.753062][ T30] ? __flush_work+0xe7/0xc50 [ 824.757735][ T30] ? __pfx___flush_work+0x10/0x10 [ 824.774663][ T30] ? __pfx_wq_barrier_func+0x10/0x10 [ 824.780055][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 824.791116][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 824.796317][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 824.816024][ T30] unregister_netdevice_many_notify+0x87b/0x1da0 [ 824.827942][ T30] ? __mutex_trylock_common+0x183/0x2e0 [ 824.840230][ T30] ? __pfx___might_resched+0x10/0x10 [ 824.851152][ T30] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 824.858007][ T30] ? __pfx___mutex_trylock_common+0x10/0x10 [ 824.874764][ T30] ? rcu_is_watching+0x15/0xb0 [ 824.879615][ T30] ? trace_contention_end+0x3c/0x120 [ 824.891115][ T30] ? __mutex_lock+0x2ef/0xd70 [ 824.895885][ T30] ? do_raw_spin_unlock+0x13c/0x8b0 [ 824.914555][ T30] unregister_netdevice_queue+0x303/0x370 [ 824.920380][ T30] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 824.930972][ T30] nsim_destroy+0x180/0x5c0 [ 824.935564][ T30] __nsim_dev_port_del+0x14b/0x1b0 [ 824.940727][ T30] nsim_dev_reload_destroy+0x28a/0x490 [ 824.957802][ T30] ? __pfx_nsim_bus_remove+0x10/0x10 [ 824.967599][ T30] nsim_drv_remove+0x58/0x160 [ 824.989862][ T30] device_release_driver_internal+0x4a9/0x7c0 [ 825.001079][ T30] bus_remove_device+0x34f/0x420 [ 825.007238][ T30] device_del+0x57a/0x9b0 [ 825.021952][ T30] ? __pfx_device_del+0x10/0x10 [ 825.026887][ T30] device_unregister+0x20/0xc0 [ 825.041477][ T30] del_device_store+0x363/0x480 [ 825.046431][ T30] ? __pfx_del_device_store+0x10/0x10 [ 825.063471][ T30] ? sysfs_kf_write+0x182/0x2a0 [ 825.080373][ T30] ? bus_attr_store+0x4f/0xb0 [ 825.085432][ T30] ? __pfx_sysfs_kf_write+0x10/0x10 [ 825.090693][ T30] kernfs_fop_write_iter+0x3a0/0x500 [ 825.109030][ T30] vfs_write+0xa6d/0xc90 [ 825.117288][ T30] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 825.131779][ T30] ? __pfx_vfs_write+0x10/0x10 [ 825.136621][ T30] ? do_sys_openat2+0x17a/0x1d0 [ 825.151020][ T30] ? __pfx_do_sys_openat2+0x10/0x10 [ 825.156312][ T30] ? blkcg_maybe_throttle_current+0x1ab/0xb80 [ 825.173280][ T30] ? fdget_pos+0x265/0x320 [ 825.177779][ T30] ksys_write+0x183/0x2b0 [ 825.191021][ T30] ? __pfx_ksys_write+0x10/0x10 [ 825.196029][ T30] ? do_syscall_64+0x100/0x230 [ 825.200842][ T30] ? do_syscall_64+0xb6/0x230 [ 825.216948][ T30] do_syscall_64+0xf3/0x230 [ 825.226966][ T30] ? clear_bhb_loop+0x35/0x90 [ 825.237960][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 825.251135][ T30] RIP: 0033:0x7f3b4cd7cadf [ 825.255627][ T30] RSP: 002b:00007f3b4d05f220 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 825.275571][ T30] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f3b4cd7cadf [ 825.289756][ T30] RDX: 0000000000000001 RSI: 00007f3b4d05f270 RDI: 0000000000000005 [ 825.303801][ T30] RBP: 00007f3b4cdf13ae R08: 0000000000000000 R09: 00007f3b4d05f077 [ 825.312377][ T5232] Bluetooth: hci16: command tx timeout [ 825.330878][ T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 825.339565][ T30] R13: 00007f3b4d05f270 R14: 00007f3b4da64620 R15: 0000000000000003 [ 825.363937][ T30] [ 825.367103][ T30] INFO: task syz-executor:15084 blocked for more than 145 seconds. [ 825.391039][ T30] Not tainted 6.12.0-rc1-syzkaller #0 [ 825.396999][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 825.415860][ T30] task:syz-executor state:D stack:21728 pid:15084 tgid:15084 ppid:1 flags:0x00000004 [ 825.433551][ T30] Call Trace: [ 825.436886][ T30] [ 825.439853][ T30] __schedule+0x1895/0x4b30 [ 825.457702][ T30] ? __pfx___schedule+0x10/0x10 [ 825.463304][ T5232] Bluetooth: hci17: command tx timeout [ 825.475440][ T30] ? __pfx_lock_release+0x10/0x10 [ 825.480546][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 825.497133][ T30] ? schedule+0x90/0x320 [ 825.502021][ T30] schedule+0x14b/0x320 [ 825.506251][ T30] schedule_preempt_disabled+0x13/0x30 [ 825.524094][ T30] __mutex_lock+0x6a7/0xd70 [ 825.528681][ T30] ? __mutex_lock+0x52a/0xd70 [ 825.541847][ T30] ? del_device_store+0xfc/0x480 [ 825.546954][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 825.564828][ T30] del_device_store+0xfc/0x480 [ 825.569682][ T30] ? __pfx_del_device_store+0x10/0x10 [ 825.588021][ T30] ? sysfs_kf_write+0x182/0x2a0 [ 825.596919][ T30] ? bus_attr_store+0x4f/0xb0 [ 825.609128][ T30] ? __pfx_sysfs_kf_write+0x10/0x10 [ 825.620001][ T30] kernfs_fop_write_iter+0x3a0/0x500 [ 825.641221][ T30] vfs_write+0xa6d/0xc90 [ 825.645547][ T30] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 825.661040][ T30] ? __pfx_vfs_write+0x10/0x10 [ 825.665871][ T30] ? do_sys_openat2+0x17a/0x1d0 [ 825.670772][ T30] ? __pfx_do_sys_openat2+0x10/0x10 [ 825.687894][ T30] ? blkcg_maybe_throttle_current+0x1ab/0xb80 [ 825.699769][ T30] ? fdget_pos+0x265/0x320 [ 825.711142][ T30] ksys_write+0x183/0x2b0 [ 825.715545][ T30] ? __pfx_ksys_write+0x10/0x10 [ 825.720617][ T30] ? do_syscall_64+0x100/0x230 [ 825.737431][ T30] ? do_syscall_64+0xb6/0x230 [ 825.746083][ T30] do_syscall_64+0xf3/0x230 [ 825.750651][ T30] ? clear_bhb_loop+0x35/0x90 [ 825.761062][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 825.767024][ T30] RIP: 0033:0x7f51d4b7cadf [ 825.783661][ T30] RSP: 002b:00007f51d4e5f220 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 825.807304][ T30] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f51d4b7cadf [ 825.819374][ T30] RDX: 0000000000000001 RSI: 00007f51d4e5f270 RDI: 0000000000000005 [ 825.839663][ T30] RBP: 00007f51d4bf13ae R08: 0000000000000000 R09: 00007f51d4e5f077 [ 825.849575][ T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 825.863195][ T30] R13: 00007f51d4e5f270 R14: 00007f51d5864620 R15: 0000000000000003 [ 825.880979][ T30] [ 825.885175][ T30] INFO: task syz-executor:15085 blocked for more than 146 seconds. [ 825.905780][ T30] Not tainted 6.12.0-rc1-syzkaller #0 [ 825.917964][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 825.939281][ T30] task:syz-executor state:D stack:21728 pid:15085 tgid:15085 ppid:1 flags:0x00000004 [ 825.956400][ T30] Call Trace: [ 825.959738][ T30] [ 825.971064][ T30] __schedule+0x1895/0x4b30 [ 825.975756][ T30] ? __pfx___schedule+0x10/0x10 [ 825.980663][ T30] ? __pfx_lock_release+0x10/0x10 [ 825.996987][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 826.007671][ T30] ? schedule+0x90/0x320 [ 826.018834][ T30] schedule+0x14b/0x320 [ 826.041214][ T30] schedule_preempt_disabled+0x13/0x30 [ 826.046839][ T30] __mutex_lock+0x6a7/0xd70 [ 826.061019][ T30] ? __mutex_lock+0x52a/0xd70 [ 826.065787][ T30] ? del_device_store+0xfc/0x480 [ 826.070781][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 826.087283][ T30] del_device_store+0xfc/0x480 [ 826.097221][ T30] ? __pfx_del_device_store+0x10/0x10 [ 826.111192][ T30] ? sysfs_kf_write+0x182/0x2a0 [ 826.116127][ T30] ? bus_attr_store+0x4f/0xb0 [ 826.120867][ T30] ? __pfx_sysfs_kf_write+0x10/0x10 [ 826.137616][ T30] kernfs_fop_write_iter+0x3a0/0x500 [ 826.151430][ T30] vfs_write+0xa6d/0xc90 [ 826.155753][ T30] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 826.171355][ T30] ? __pfx_vfs_write+0x10/0x10 [ 826.176287][ T30] ? do_sys_openat2+0x17a/0x1d0 [ 826.192391][ T30] ? __pfx_do_sys_openat2+0x10/0x10 [ 826.197682][ T30] ? fdget_pos+0x265/0x320 [ 826.214543][ T30] ksys_write+0x183/0x2b0 [ 826.218957][ T30] ? __pfx_ksys_write+0x10/0x10 [ 826.231541][ T30] ? do_syscall_64+0x100/0x230 [ 826.236378][ T30] ? do_syscall_64+0xb6/0x230 [ 826.251060][ T30] do_syscall_64+0xf3/0x230 [ 826.255651][ T30] ? clear_bhb_loop+0x35/0x90 [ 826.260381][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 826.277870][ T30] RIP: 0033:0x7f5e01b7cadf [ 826.287409][ T30] RSP: 002b:00007f5e01e5f220 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 826.301079][ T30] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f5e01b7cadf [ 826.309129][ T30] RDX: 0000000000000001 RSI: 00007f5e01e5f270 RDI: 0000000000000005 [ 826.328136][ T30] RBP: 00007f5e01bf13ae R08: 0000000000000000 R09: 00007f5e01e5f077 [ 826.348879][ T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 826.359825][ T30] R13: 00007f5e01e5f270 R14: 00007f5e02864620 R15: 0000000000000003 [ 826.381113][ T30] [ 826.384270][ T30] INFO: task syz-executor:15105 blocked for more than 146 seconds. [ 826.401055][ T30] Not tainted 6.12.0-rc1-syzkaller #0 [ 826.407004][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 826.429053][ T30] task:syz-executor state:D stack:21728 pid:15105 tgid:15105 ppid:1 flags:0x00000004 [ 826.451472][ T30] Call Trace: [ 826.454823][ T30] [ 826.457797][ T30] __schedule+0x1895/0x4b30 [ 826.473554][ T30] ? __pfx___schedule+0x10/0x10 [ 826.478493][ T30] ? __pfx_lock_release+0x10/0x10 [ 826.494317][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 826.500297][ T30] ? schedule+0x90/0x320 [ 826.511402][ T30] schedule+0x14b/0x320 [ 826.515637][ T30] schedule_preempt_disabled+0x13/0x30 [ 826.533957][ T30] __mutex_lock+0x6a7/0xd70 [ 826.539792][ T30] ? __mutex_lock+0x52a/0xd70 [ 826.551575][ T30] ? del_device_store+0xfc/0x480 [ 826.556597][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 826.571421][ T30] del_device_store+0xfc/0x480 [ 826.576271][ T30] ? __pfx_del_device_store+0x10/0x10 [ 826.598472][ T30] ? sysfs_kf_write+0x182/0x2a0 [ 826.604419][ T30] ? bus_attr_store+0x4f/0xb0 [ 826.609176][ T30] ? __pfx_sysfs_kf_write+0x10/0x10 [ 826.628014][ T30] kernfs_fop_write_iter+0x3a0/0x500 [ 826.638570][ T30] vfs_write+0xa6d/0xc90 [ 826.650446][ T30] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 826.660958][ T30] ? __pfx_vfs_write+0x10/0x10 [ 826.665788][ T30] ? do_sys_openat2+0x17a/0x1d0 [ 826.670723][ T30] ? __pfx_do_sys_openat2+0x10/0x10 [ 826.696293][ T30] ? fdget_pos+0x265/0x320 [ 826.700803][ T30] ksys_write+0x183/0x2b0 [ 826.711115][ T30] ? __pfx_ksys_write+0x10/0x10 [ 826.716042][ T30] ? do_syscall_64+0x100/0x230 [ 826.720861][ T30] ? do_syscall_64+0xb6/0x230 [ 826.736140][ T30] do_syscall_64+0xf3/0x230 [ 826.740758][ T30] ? clear_bhb_loop+0x35/0x90 [ 826.761053][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 826.767133][ T30] RIP: 0033:0x7f43ebd7cadf [ 826.781530][ T30] RSP: 002b:00007f43ec05f220 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 826.790034][ T30] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f43ebd7cadf [ 826.811124][ T30] RDX: 0000000000000001 RSI: 00007f43ec05f270 RDI: 0000000000000005 [ 826.819271][ T30] RBP: 00007f43ebdf13ae R08: 0000000000000000 R09: 00007f43ec05f077 [ 826.838771][ T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 826.859287][ T30] R13: 00007f43ec05f270 R14: 00007f43eca64620 R15: 0000000000000003 [ 826.880068][ T30] [ 826.885969][ T30] INFO: task syz.2.2005:15126 blocked for more than 147 seconds. [ 826.901307][ T30] Not tainted 6.12.0-rc1-syzkaller #0 [ 826.907322][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 826.927537][ T30] task:syz.2.2005 state:D stack:25184 pid:15126 tgid:15125 ppid:14017 flags:0x00004006 [ 826.941194][ T30] Call Trace: [ 826.944629][ T30] [ 826.947604][ T30] __schedule+0x1895/0x4b30 [ 826.967027][ T30] ? __pfx___schedule+0x10/0x10 [ 826.979851][ T30] ? __pfx_lock_release+0x10/0x10 [ 826.989188][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 827.001608][ T30] ? schedule+0x90/0x320 [ 827.005941][ T30] schedule+0x14b/0x320 [ 827.010195][ T30] schedule_preempt_disabled+0x13/0x30 [ 827.026760][ T30] __mutex_lock+0x6a7/0xd70 [ 827.037708][ T30] ? __mutex_lock+0x52a/0xd70 [ 827.047707][ T30] ? tun_chr_close+0x3b/0x1b0 [ 827.069814][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 827.080992][ T30] ? __pfx_call_rcu+0x10/0x10 [ 827.086023][ T30] tun_chr_close+0x3b/0x1b0 [ 827.090589][ T30] ? __pfx_tun_chr_close+0x10/0x10 [ 827.107009][ T30] __fput+0x23f/0x880 [ 827.117045][ T30] task_work_run+0x24f/0x310 [ 827.129567][ T30] ? kasan_quarantine_put+0xdc/0x230 [ 827.140019][ T30] ? __pfx_task_work_run+0x10/0x10 [ 827.151079][ T30] ? do_exit+0xa2a/0x28e0 [ 827.155524][ T30] ? kmem_cache_free+0x1a2/0x420 [ 827.171023][ T30] ? do_exit+0xa2a/0x28e0 [ 827.175609][ T30] do_exit+0xa2f/0x28e0 [ 827.179824][ T30] ? __pfx_do_exit+0x10/0x10 [ 827.195733][ T30] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 827.207997][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 827.219742][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 827.231111][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 827.236548][ T30] do_group_exit+0x207/0x2c0 [ 827.252504][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 827.257806][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 827.271114][ T30] get_signal+0x16a3/0x1740 [ 827.275723][ T30] ? __pfx_get_signal+0x10/0x10 [ 827.280638][ T30] arch_do_signal_or_restart+0x96/0x860 [ 827.298565][ T30] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 827.309282][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 827.321146][ T30] ? syscall_exit_to_user_mode+0xa3/0x370 [ 827.327198][ T30] syscall_exit_to_user_mode+0xc9/0x370 [ 827.344407][ T30] do_syscall_64+0x100/0x230 [ 827.349071][ T30] ? clear_bhb_loop+0x35/0x90 [ 827.359900][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 827.373447][ T30] RIP: 0033:0x7f5b0bd7dff9 [ 827.377928][ T30] RSP: 002b:00007f5b0caf4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 827.386844][ T5232] Bluetooth: hci16: command tx timeout [ 827.397930][ T30] RAX: 0000000000000000 RBX: 00007f5b0bf35f80 RCX: 00007f5b0bd7dff9 [ 827.412443][ T30] RDX: 0000000020000400 RSI: 000000004020ae46 RDI: 0000000000000005 [ 827.420488][ T30] RBP: 00007f5b0bdf0296 R08: 0000000000000000 R09: 0000000000000000 [ 827.438308][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 827.459366][ T30] R13: 0000000000000000 R14: 00007f5b0bf35f80 R15: 00007f5b0c05fa28 [ 827.481101][ T30] [ 827.484268][ T30] INFO: task syz-executor:15140 blocked for more than 147 seconds. [ 827.503544][ T30] Not tainted 6.12.0-rc1-syzkaller #0 [ 827.509804][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 827.523587][ T30] task:syz-executor state:D stack:26400 pid:15140 tgid:15140 ppid:1 flags:0x00004006 [ 827.541329][ T5232] Bluetooth: hci17: command tx timeout [ 827.559299][ T30] Call Trace: [ 827.563125][ T30] [ 827.566117][ T30] __schedule+0x1895/0x4b30 [ 827.570754][ T30] ? __pfx___schedule+0x10/0x10 [ 827.588019][ T30] ? __pfx_lock_release+0x10/0x10 [ 827.597115][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 827.610151][ T30] ? schedule+0x90/0x320 [ 827.615157][ T30] schedule+0x14b/0x320 [ 827.619387][ T30] schedule_preempt_disabled+0x13/0x30 [ 827.641295][ T30] __mutex_lock+0x6a7/0xd70 [ 827.646064][ T30] ? __mutex_lock+0x52a/0xd70 [ 827.650792][ T30] ? register_nexthop_notifier+0x84/0x290 [ 827.670404][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 827.680663][ T30] ? __asan_memset+0x23/0x50 [ 827.696351][ T30] register_nexthop_notifier+0x84/0x290 [ 827.711158][ T30] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 827.717346][ T30] ? __pfx_debug_check_no_locks_freed+0x10/0x10 [ 827.728250][ T30] ? __pfx_register_nexthop_notifier+0x10/0x10 [ 827.741478][ T30] ? __asan_memset+0x23/0x50 [ 827.746157][ T30] ops_init+0x31e/0x590 [ 827.750374][ T30] ? lockdep_init_map_type+0xa1/0x910 [ 827.767338][ T30] setup_net+0x287/0x9e0 [ 827.777216][ T30] ? __pfx_down_read_killable+0x10/0x10 [ 827.791242][ T30] ? __pfx_setup_net+0x10/0x10 [ 827.796109][ T30] copy_net_ns+0x33f/0x570 [ 827.800683][ T30] create_new_namespaces+0x425/0x7b0 [ 827.817661][ T30] unshare_nsproxy_namespaces+0x124/0x180 [ 827.828562][ T30] ksys_unshare+0x619/0xc10 [ 827.839789][ T30] ? __pfx_ksys_unshare+0x10/0x10 [ 827.850221][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 827.861164][ T30] ? do_syscall_64+0x100/0x230 [ 827.866011][ T30] __x64_sys_unshare+0x38/0x40 [ 827.870819][ T30] do_syscall_64+0xf3/0x230 [ 827.890299][ T30] ? clear_bhb_loop+0x35/0x90 [ 827.898990][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 827.911355][ T30] RIP: 0033:0x7f680597f7f7 [ 827.915921][ T30] RSP: 002b:00007f6805c5ffa8 EFLAGS: 00000206 ORIG_RAX: 0000000000000110 [ 827.934962][ T30] RAX: ffffffffffffffda RBX: 00007f68059f1a85 RCX: 00007f680597f7f7 [ 827.951091][ T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000 [ 827.959130][ T30] RBP: 0000000000000000 R08: 00007f6806667d60 R09: 0000000000000000 [ 827.979632][ T30] R10: 0000000000000000 R11: 0000000000000206 R12: 000000000000000c [ 828.000327][ T30] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000 [ 828.011213][ T30] [ 828.022962][ T30] [ 828.022962][ T30] Showing all locks held in the system: [ 828.030751][ T30] 1 lock held by khungtaskd/30: [ 828.047291][ T30] #0: ffffffff8e937de0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 828.070184][ T30] 2 locks held by dhcpcd/4897: [ 828.075648][ T30] #0: ffffffff8fcb6228 (vlan_ioctl_mutex){+.+.}-{3:3}, at: sock_ioctl+0x661/0x8e0 [ 828.097656][ T30] #1: ffffffff8fcd1708 (rtnl_mutex){+.+.}-{3:3}, at: vlan_ioctl_handler+0x112/0x9d0 [ 828.128293][ T30] 2 locks held by getty/4981: [ 828.138790][ T30] #0: ffff88814b95a0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 828.160075][ T30] #1: ffffc90002f062f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a6/0x1e00 [ 828.172621][ T30] 3 locks held by kworker/0:3/5239: [ 828.177884][ T30] #0: ffff88801ac81948 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 828.204170][ T30] #1: ffffc90003c2fd00 ((reg_check_chans).work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 828.230249][ T30] #2: ffffffff8fcd1708 (rtnl_mutex){+.+.}-{3:3}, at: reg_check_chans_work+0x99/0xfd0 [ 828.250972][ T30] 3 locks held by kworker/1:6/5302: [ 828.256258][ T30] #0: ffff88801ac80948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 828.279366][ T30] #1: ffffc90004087d00 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 828.301001][ T30] #2: ffffffff8fcd1708 (rtnl_mutex){+.+.}-{3:3}, at: switchdev_deferred_process_work+0xe/0x20 [ 828.322491][ T30] 4 locks held by kworker/u8:11/9279: [ 828.327938][ T30] #0: ffff88801baed948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 828.350492][ T30] #1: ffffc90002d7fd00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 828.371333][ T30] #2: ffffffff8fcc4c10 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0 [ 828.390957][ T30] #3: ffffffff8fcd1708 (rtnl_mutex){+.+.}-{3:3}, at: cleanup_net+0x6af/0xcc0 [ 828.399985][ T30] 5 locks held by kworker/0:7/10324: [ 828.415685][ T30] 3 locks held by kworker/u8:19/11997: [ 828.427663][ T30] #0: ffff88814b475148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 828.445202][ T30] #1: ffffc90002e8fd00 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 828.467018][ T30] #2: ffffffff8fcd1708 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0x19/0x30 [ 828.487974][ T30] 8 locks held by syz-executor/15054: [ 828.493953][ T30] #0: ffff88802e664420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x224/0xc90 [ 828.515681][ T30] #1: ffff88807b936c88 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1ea/0x500 [ 828.531163][ T30] #2: ffff888026083a58 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20e/0x500 [ 828.551510][ T30] #3: ffffffff8f56f788 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xfc/0x480 [ 828.572557][ T30] #4: ffff888068d400e8 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0xce/0x7c0 [ 828.595707][ T30] #5: ffff8880623c0250 (&devlink->lock_key#52){+.+.}-{3:3}, at: nsim_drv_remove+0x50/0x160 [ 828.611162][ T30] #6: ffffffff8fcd1708 (rtnl_mutex){+.+.}-{3:3}, at: nsim_destroy+0x71/0x5c0 [ 828.620167][ T30] #7: ffffffff8e7d1dd0 (cpu_hotplug_lock){++++}-{0:0}, at: unregister_netdevice_many_notify+0x5ea/0x1da0 [ 828.643592][ T30] 4 locks held by syz-executor/15084: [ 828.649021][ T30] #0: ffff88802e664420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x224/0xc90 [ 828.671491][ T30] #1: ffff8880120ee888 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1ea/0x500 [ 828.691232][ T30] #2: ffff888026083a58 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20e/0x500 [ 828.714067][ T30] #3: ffffffff8f56f788 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xfc/0x480 [ 828.735760][ T30] 4 locks held by syz-executor/15085: [ 828.758399][ T30] #0: ffff88802e664420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x224/0xc90 [ 828.771662][ T30] #1: ffff8880288ca088 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1ea/0x500 [ 828.792892][ T30] #2: ffff888026083a58 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20e/0x500 [ 828.811043][ T30] #3: ffffffff8f56f788 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xfc/0x480 [ 828.835937][ T30] 4 locks held by syz-executor/15105: [ 828.846873][ T30] #0: ffff88802e664420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x224/0xc90 [ 828.861474][ T30] #1: ffff88802feff888 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1ea/0x500 [ 828.882867][ T30] #2: ffff888026083a58 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20e/0x500 [ 828.901190][ T30] #3: ffffffff8f56f788 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xfc/0x480 [ 828.921407][ T30] 1 lock held by syz.2.2005/15126: [ 828.926573][ T30] #0: ffffffff8fcd1708 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3b/0x1b0 [ 828.946860][ T30] 2 locks held by syz-executor/15140: [ 828.958797][ T30] #0: ffffffff8fcc4c10 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 828.975019][ T30] #1: ffffffff8fcd1708 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 828.991084][ T30] 2 locks held by syz-executor/15145: [ 828.996518][ T30] #0: ffffffff8fcc4c10 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 829.018780][ T30] #1: ffffffff8fcd1708 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 829.032473][ T30] 2 locks held by syz-executor/15154: [ 829.037908][ T30] #0: ffffffff8fcc4c10 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 829.059602][ T30] #1: ffffffff8fcd1708 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 829.072410][ T30] 2 locks held by syz-executor/15155: [ 829.077834][ T30] #0: ffffffff8fcc4c10 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 829.100438][ T30] #1: ffffffff8fcd1708 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 829.112340][ T30] 2 locks held by syz-executor/15160: [ 829.117764][ T30] #0: ffffffff8fcc4c10 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 829.133042][ T30] #1: ffffffff8fcd1708 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 829.165962][ T30] 2 locks held by syz-executor/15166: [ 829.180088][ T30] #0: ffffffff8fcc4c10 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 829.192596][ T30] #1: ffffffff8fcd1708 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 829.217728][ T30] 2 locks held by syz-executor/15170: [ 829.230347][ T30] #0: ffffffff8fcc4c10 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 829.251066][ T30] #1: ffffffff8fcd1708 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 829.271083][ T30] 2 locks held by syz-executor/15180: [ 829.276700][ T30] #0: ffffffff8fcc4c10 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 829.298959][ T30] #1: ffffffff8fcd1708 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 829.316001][ T30] 2 locks held by syz-executor/15182: [ 829.327883][ T30] #0: ffffffff8fcc4c10 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 829.348849][ T30] #1: ffffffff8fcd1708 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 829.366798][ T30] 2 locks held by syz-executor/15187: [ 829.378409][ T30] #0: ffffffff8fcc4c10 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 829.401108][ T30] #1: ffffffff8fcd1708 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 829.428913][ T30] 2 locks held by syz-executor/15192: [ 829.434872][ T30] #0: ffffffff8fcc4c10 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 829.455528][ T30] #1: ffffffff8fcd1708 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 829.481563][ T30] 2 locks held by syz-executor/15199: [ 829.487006][ T30] #0: ffffffff8fcc4c10 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 829.506994][ T30] #1: ffffffff8fcd1708 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 829.529440][ T30] 2 locks held by syz-executor/15203: [ 829.537787][ T30] #0: ffffffff8fcc4c10 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 829.560526][ T30] #1: ffffffff8fcd1708 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 829.571603][ T30] 2 locks held by syz-executor/15205: [ 829.577163][ T30] #0: ffffffff8fcc4c10 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 829.598740][ T30] #1: ffffffff8fcd1708 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 829.619501][ T30] [ 829.623081][ T30] ============================================= [ 829.623081][ T30] [ 829.641082][ T30] NMI backtrace for cpu 1 [ 829.645475][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc1-syzkaller #0 [ 829.654289][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 829.664390][ T30] Call Trace: [ 829.667699][ T30] [ 829.670661][ T30] dump_stack_lvl+0x241/0x360 [ 829.675388][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 829.680633][ T30] ? __pfx__printk+0x10/0x10 [ 829.685296][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 829.690292][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 829.695803][ T30] ? _printk+0xd5/0x120 [ 829.700013][ T30] ? __pfx__printk+0x10/0x10 [ 829.704655][ T30] ? __wake_up_klogd+0xcc/0x110 [ 829.709555][ T30] ? __pfx__printk+0x10/0x10 [ 829.714212][ T30] ? __rcu_read_unlock+0xa1/0x110 [ 829.719300][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 829.725422][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 829.731465][ T30] watchdog+0xff4/0x1040 [ 829.735757][ T30] ? watchdog+0x1ea/0x1040 [ 829.740350][ T30] ? __pfx_watchdog+0x10/0x10 [ 829.745258][ T30] kthread+0x2f0/0x390 [ 829.749368][ T30] ? __pfx_watchdog+0x10/0x10 [ 829.754102][ T30] ? __pfx_kthread+0x10/0x10 [ 829.758738][ T30] ret_from_fork+0x4b/0x80 [ 829.763204][ T30] ? __pfx_kthread+0x10/0x10 [ 829.767842][ T30] ret_from_fork_asm+0x1a/0x30 [ 829.772674][ T30] [ 829.776533][ T30] Sending NMI from CPU 1 to CPUs 0: [ 829.782112][ C0] NMI backtrace for cpu 0 [ 829.782129][ C0] CPU: 0 UID: 0 PID: 10324 Comm: kworker/0:7 Not tainted 6.12.0-rc1-syzkaller #0 [ 829.782152][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 829.782165][ C0] Workqueue: events nsim_dev_trap_report_work [ 829.782192][ C0] RIP: 0010:memset_orig+0x3a/0xb0 [ 829.782215][ C0] Code: 01 01 01 01 01 48 0f af c1 41 89 f9 41 83 e1 07 75 70 48 89 d1 48 c1 e9 06 74 35 0f 1f 44 00 00 48 ff c9 48 89 07 48 89 47 08 <48> 89 47 10 48 89 47 18 48 89 47 20 48 89 47 28 48 89 47 30 48 89 [ 829.782232][ C0] RSP: 0018:ffffc90000006cc8 EFLAGS: 00000202 [ 829.782248][ C0] RAX: 0000000000000000 RBX: ffff88803a8234b0 RCX: 0000000000000002 [ 829.782262][ C0] RDX: 0000000000000200 RSI: 0000000000000000 RDI: ffffc90000006e10 [ 829.782275][ C0] RBP: ffffc90000006ef8 R08: ffffffff8989e4f7 R09: 0000000000000000 [ 829.782289][ C0] R10: ffffc90000006cd0 R11: fffffbfff2039cc6 R12: 00000000000000f0 [ 829.782304][ C0] R13: ffff88801d69e500 R14: 0000000000000820 R15: ffffc90000006cd0 [ 829.782318][ C0] FS: 0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 829.782335][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 829.782349][ C0] CR2: 0000000020033a80 CR3: 000000000e734000 CR4: 00000000003526f0 [ 829.782365][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 829.782377][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 829.782390][ C0] Call Trace: [ 829.782397][ C0] [ 829.782405][ C0] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 829.782429][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 829.782460][ C0] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 829.782483][ C0] ? nmi_handle+0x2a/0x5a0 [ 829.782510][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 829.782536][ C0] ? nmi_handle+0x14f/0x5a0 [ 829.782555][ C0] ? nmi_handle+0x2a/0x5a0 [ 829.782576][ C0] ? memset_orig+0x3a/0xb0 [ 829.782595][ C0] ? default_do_nmi+0x63/0x160 [ 829.782618][ C0] ? exc_nmi+0x123/0x1f0 [ 829.782640][ C0] ? end_repeat_nmi+0xf/0x53 [ 829.782662][ C0] ? __alloc_skb+0x167/0x440 [ 829.782681][ C0] ? memset_orig+0x3a/0xb0 [ 829.782701][ C0] ? memset_orig+0x3a/0xb0 [ 829.782721][ C0] ? memset_orig+0x3a/0xb0 [ 829.782741][ C0] [ 829.782748][ C0] [ 829.782754][ C0] kasan_save_track+0x30/0x80 [ 829.782795][ C0] ? mark_lock+0x9a/0x360 [ 829.782816][ C0] __kasan_slab_alloc+0x66/0x80 [ 829.782835][ C0] ? __alloc_skb+0x1c3/0x440 [ 829.782853][ C0] kmem_cache_alloc_node_noprof+0x16b/0x320 [ 829.782882][ C0] __alloc_skb+0x1c3/0x440 [ 829.782902][ C0] ? __pfx___alloc_skb+0x10/0x10 [ 829.782926][ C0] synproxy_send_client_synack+0x1ba/0xf30 [ 829.782956][ C0] ? stack_trace_save+0x118/0x1d0 [ 829.782979][ C0] ? __pfx_synproxy_send_client_synack+0x10/0x10 [ 829.783015][ C0] ? synproxy_pernet+0x45/0x270 [ 829.783044][ C0] nft_synproxy_eval_v4+0x3ca/0x610 [ 829.783074][ C0] ? __pfx_nft_synproxy_eval_v4+0x10/0x10 [ 829.783101][ C0] ? NF_HOOK+0x29e/0x450 [ 829.783123][ C0] ? nf_ip_checksum+0x13a/0x500 [ 829.783153][ C0] nft_synproxy_do_eval+0x362/0xa60 [ 829.783183][ C0] ? __pfx_nft_synproxy_do_eval+0x10/0x10 [ 829.783212][ C0] ? __lock_acquire+0x1384/0x2050 [ 829.783241][ C0] ? __pfx_validate_chain+0x10/0x10 [ 829.783268][ C0] nft_do_chain+0x4ad/0x1da0 [ 829.783292][ C0] ? __pfx_nft_do_chain+0x10/0x10 [ 829.783309][ C0] ? __local_bh_enable_ip+0x168/0x200 [ 829.783352][ C0] nft_do_chain_inet+0x418/0x6b0 [ 829.783382][ C0] ? __pfx_nft_do_chain_inet+0x10/0x10 [ 829.783408][ C0] ? ipt_do_table+0x312/0x1860 [ 829.783444][ C0] ? __pfx_nft_do_chain_inet+0x10/0x10 [ 829.783470][ C0] nf_hook_slow+0xc3/0x220 [ 829.783495][ C0] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 829.783517][ C0] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 829.783539][ C0] NF_HOOK+0x29e/0x450 [ 829.783560][ C0] ? NF_HOOK+0x9a/0x450 [ 829.783581][ C0] ? __pfx_NF_HOOK+0x10/0x10 [ 829.783602][ C0] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 829.783627][ C0] ? ip_rcv_finish+0x406/0x560 [ 829.783649][ C0] ? __pfx_ip_rcv_finish+0x10/0x10 [ 829.783671][ C0] NF_HOOK+0x3a4/0x450 [ 829.783690][ C0] ? __lock_acquire+0x1384/0x2050 [ 829.783719][ C0] ? NF_HOOK+0x9a/0x450 [ 829.783739][ C0] ? __pfx_NF_HOOK+0x10/0x10 [ 829.783759][ C0] ? ip_rcv_core+0x801/0xd10 [ 829.783780][ C0] ? __pfx_ip_rcv_finish+0x10/0x10 [ 829.783806][ C0] ? __pfx_ip_rcv+0x10/0x10 [ 829.783827][ C0] __netif_receive_skb+0x2bf/0x650 [ 829.783852][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 829.783879][ C0] ? __pfx___netif_receive_skb+0x10/0x10 [ 829.783902][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 829.783930][ C0] ? __pfx_lock_release+0x10/0x10 [ 829.783958][ C0] ? _raw_spin_lock_irq+0xdf/0x120 [ 829.783995][ C0] process_backlog+0x662/0x15b0 [ 829.784023][ C0] ? process_backlog+0x33b/0x15b0 [ 829.784052][ C0] ? __pfx_process_backlog+0x10/0x10 [ 829.784075][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 829.784105][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 829.784135][ C0] __napi_poll+0xcb/0x490 [ 829.784159][ C0] net_rx_action+0x89b/0x1240 [ 829.784194][ C0] ? __pfx_net_rx_action+0x10/0x10 [ 829.784220][ C0] ? __pfx_tmigr_handle_remote+0x10/0x10 [ 829.784265][ C0] handle_softirqs+0x2c5/0x980 [ 829.784292][ C0] ? do_softirq+0x11b/0x1e0 [ 829.784317][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 829.784346][ C0] do_softirq+0x11b/0x1e0 [ 829.784370][ C0] [ 829.784376][ C0] [ 829.784383][ C0] ? __pfx_do_softirq+0x10/0x10 [ 829.784408][ C0] ? __pfx_lockdep_softirqs_on+0x10/0x10 [ 829.784437][ C0] ? rcu_is_watching+0x15/0xb0 [ 829.784459][ C0] __local_bh_enable_ip+0x1bb/0x200 [ 829.784484][ C0] ? nsim_dev_trap_report_work+0x75d/0xaa0 [ 829.784506][ C0] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 829.784531][ C0] ? do_raw_spin_unlock+0x13c/0x8b0 [ 829.784556][ C0] ? nsim_dev_trap_report_work+0x6a7/0xaa0 [ 829.784580][ C0] nsim_dev_trap_report_work+0x75d/0xaa0 [ 829.784609][ C0] ? process_scheduled_works+0x976/0x1850 [ 829.784636][ C0] process_scheduled_works+0xa63/0x1850 [ 829.784675][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 829.784706][ C0] ? assign_work+0x364/0x3d0 [ 829.784733][ C0] worker_thread+0x870/0xd30 [ 829.784763][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 829.784792][ C0] ? __kthread_parkme+0x169/0x1d0 [ 829.784820][ C0] ? __pfx_worker_thread+0x10/0x10 [ 829.784847][ C0] kthread+0x2f0/0x390 [ 829.784864][ C0] ? __pfx_worker_thread+0x10/0x10 [ 829.784890][ C0] ? __pfx_kthread+0x10/0x10 [ 829.784908][ C0] ret_from_fork+0x4b/0x80 [ 829.784935][ C0] ? __pfx_kthread+0x10/0x10 [ 829.784953][ C0] ret_from_fork_asm+0x1a/0x30 [ 829.784986][ C0] [ 830.570119][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 830.577038][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc1-syzkaller #0 [ 830.585849][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 830.596067][ T30] Call Trace: [ 830.599469][ T30] [ 830.602432][ T30] dump_stack_lvl+0x241/0x360 [ 830.607244][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 830.612495][ T30] ? __pfx__printk+0x10/0x10 [ 830.617147][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 830.623206][ T30] ? vscnprintf+0x5d/0x90 [ 830.627600][ T30] panic+0x349/0x880 [ 830.631548][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 830.637846][ T30] ? __pfx_panic+0x10/0x10 [ 830.642326][ T30] ? tick_nohz_tick_stopped+0x82/0xb0 [ 830.647742][ T30] ? __irq_work_queue_local+0x137/0x410 [ 830.653368][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 830.658776][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 830.664974][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 830.671172][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 830.677368][ T30] watchdog+0x1033/0x1040 [ 830.681743][ T30] ? watchdog+0x1ea/0x1040 [ 830.686215][ T30] ? __pfx_watchdog+0x10/0x10 [ 830.690929][ T30] kthread+0x2f0/0x390 [ 830.695117][ T30] ? __pfx_watchdog+0x10/0x10 [ 830.699847][ T30] ? __pfx_kthread+0x10/0x10 [ 830.704480][ T30] ret_from_fork+0x4b/0x80 [ 830.708976][ T30] ? __pfx_kthread+0x10/0x10 [ 830.713699][ T30] ret_from_fork_asm+0x1a/0x30 [ 830.718524][ T30] [ 830.721892][ T30] Kernel Offset: disabled [ 830.726320][ T30] Rebooting in 86400 seconds..