last executing test programs: 2m4.076751799s ago: executing program 3 (id=654): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000040)=@newlink={0x38, 0x10, 0x439, 0x200, 0x0, {0x0, 0x0, 0xe403, 0x0, 0x11801, 0x20090}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x38}}, 0x40000) 2m3.094023522s ago: executing program 3 (id=657): r0 = socket$kcm(0x11, 0x3, 0x0) setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000), 0x4) sendmsg$kcm(r0, &(0x7f00000000c0)={&(0x7f0000000100)=@hci={0x1f, 0x0, 0x5}, 0x80, &(0x7f0000000500)=[{&(0x7f0000000040)="27031c00590214000000002f1eafbcf706e1050000006558000f1102ee1680ca82973d2bd4b8bf4a8291a14b8a34f90186cee844000000080000000019b0fb0bba", 0x41}, {&(0x7f0000000440)="63f805d7649496db72959832930469edc7b7d050139bf7ada32bc9e37eed1153ecb716cdb8981cd819af0b33254465cc904b7b31789d65c0e0d3333ce2ef36205dd154e363bcadf8f2ea93f45503c6d9fd8dfe5a638cfeb9f79c930a4d18260e5a08ffd35ed8371cff78119319b2b62c7cd9378c73ae90c801681f55ef26cb0000000000000000", 0x87}, {&(0x7f0000000280)="fe112162c63e6da8bc8432294ef18af53cc330a62a2c7035246635093ba4d30fcf19a90804f04a10939db8f4e13069cda6d167bf1b68c94d8d694d6ad1a4d51a715975560ad48770706eb1b88d021e1119f2eb75275cfe77f862368649be0f7aff5e7826729816e3d3e7986d9434f891c71ca6e4210c6757083cfd8e732048c504f28b6d309fc129ed8eb5a82e224eb648f90134d1d315977c6ea360a7fece4baa3dd7dcc970759f29df0e86469e954e2b050e87b203ca27a2a519b7555c3b73f2681d49442d9647ff5ea64110cc5020fdeafe53a7d8be70f3260816bc376bcdc5352771fa55d9733e27730ec7103520e8359c78edd21ee6c68feb3685a55722f5da09ffe8ba9f05081a8d214156376f99906245f2f390ad717979d98f0574f8c5b52dcc2fa494f461be6c2560ddbaafb80c5b4583cbe56d24f14ab78fd718947077ea736251c7b8eee267267534c84daa6f095e94bfb85986a03ddea362cc7e6682884e710727c1163cd4f336c13b844605b7a815fe39e43bd0d2e414410a82958455b8a6bd9194c631d66295675fed64c04107a595c421111a3af6e9fadab5c9", 0x1a1}, {0x0}], 0x4}, 0x0) 2m2.996947908s ago: executing program 3 (id=660): sendmsg$inet(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000001c0)="03903b", 0x3}], 0x1}, 0x0) socket$inet6(0xa, 0x200000000003, 0x87) syz_emit_ethernet(0xf2, &(0x7f0000000180)=ANY=[], 0x0) 2m2.929174564s ago: executing program 0 (id=662): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080) 2m2.619247426s ago: executing program 0 (id=664): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000400)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000080)="f78d9ca38fff48f3", 0x8}], 0x1, &(0x7f0000000380)=[@op={0x18}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) sendmsg$nl_generic(r1, &(0x7f0000001800)={0x0, 0x0, &(0x7f00000017c0)={&(0x7f0000000280)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x202c090}, 0x4c015) recvmsg(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000600)=""/140, 0x8c}], 0x1}, 0x10041) 2m2.610351s ago: executing program 3 (id=667): syz_open_dev$usbfs(&(0x7f0000000000), 0x20000007d, 0x0) ioctl$MON_IOCG_STATS(0xffffffffffffffff, 0x80089203, &(0x7f0000000140)) 2m2.162674456s ago: executing program 3 (id=669): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r2 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYBLOB="20010000", @ANYRES16=r1, @ANYBLOB="050000000000000000000f00000008000300", @ANYRES32=r3, @ANYBLOB="47000e00800000000802110000000802110000015050505050500000000000000000000064000000000602020202020204060000000000000602000025030034003c040106b80400080026006c09000008000c006400000008000d0000000000a2000f00019c"], 0x120}, 0x1, 0x0, 0x0, 0x90}, 0x0) 2m2.151921389s ago: executing program 0 (id=670): r0 = socket$kcm(0x11, 0x3, 0x0) setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000), 0x4) sendmsg$kcm(r0, &(0x7f00000000c0)={&(0x7f0000000100)=@hci={0x1f, 0x0, 0x5}, 0x80, &(0x7f0000000500)=[{&(0x7f0000000040)="27031c00590214000000002f1eafbcf706e1050000006558000f1102ee1680ca82973d2bd4b8bf4a8291a14b8a34f90186cee844000000080000000019b0fb0bba", 0x41}, {&(0x7f0000000440)="63f805d7649496db72959832930469edc7b7d050139bf7ada32bc9e37eed1153ecb716cdb8981cd819af0b33254465cc904b7b31789d65c0e0d3333ce2ef36205dd154e363bcadf8f2ea93f45503c6d9fd8dfe5a638cfeb9f79c930a4d18260e5a08ffd35ed8371cff78119319b2b62c7cd9378c73ae90c801681f55ef26cb0000000000000000", 0x87}, {&(0x7f0000000280)="fe112162c63e6da8bc8432294ef18af53cc330a62a2c7035246635093ba4d30fcf19a90804f04a10939db8f4e13069cda6d167bf1b68c94d8d694d6ad1a4d51a715975560ad48770706eb1b88d021e1119f2eb75275cfe77f862368649be0f7aff5e7826729816e3d3e7986d9434f891c71ca6e4210c6757083cfd8e732048c504f28b6d309fc129ed8eb5a82e224eb648f90134d1d315977c6ea360a7fece4baa3dd7dcc970759f29df0e86469e954e2b050e87b203ca27a2a519b7555c3b73f2681d49442d9647ff5ea64110cc5020fdeafe53a7d8be70f3260816bc376bcdc5352771fa55d9733e27730ec7103520e8359c78edd21ee6c68feb3685a55722f5da09ffe8ba9f05081a8d214156376f99906245f2f390ad717979d98f0574f8c5b52dcc2fa494f461be6c2560ddbaafb80c5b4583cbe56d24f14ab78fd718947077ea736251c7b8eee267267534c84daa6f095e94bfb85986a03ddea362cc7e6682884e710727c1163cd4f336c13b844605b7a815fe39e43bd0d2e414410a82958455b8a6bd9194c631d66295675fed64c04107a595c421111a3af6e9fadab5c9", 0x1a1}, {0x0}], 0x4}, 0x0) 2m1.879459935s ago: executing program 3 (id=673): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10) r1 = epoll_create1(0x0) r2 = socket$unix(0x1, 0x1, 0x0) close(r2) socket$xdp(0x2c, 0x3, 0x0) setsockopt$sock_int(r2, 0x1, 0x2e, &(0x7f0000000040)=0x80, 0x4) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000100)={0xa0028000}) 2m1.839372135s ago: executing program 0 (id=674): openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x10400}}, 0x50) syz_fuse_handle_req(r0, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_fuse_handle_req(r0, &(0x7f0000004200)="a28096c80abf3543ecde7564abff5085d2227ebcb0f164ae92706ad0b083a3f469a3efd15b4921e9c3063b98b3082068e7c31950dde842eac55df0f991453cad62a6956b0b6f7b8cf49b506a3060fe1127eca99663ade8efa89ee189acb5f3b92f6bc4c46621c803eed0d0bb5f32384870ed08f89d4f74445762fb99715e083c4c92a8878be19ffacc30d0f2da64f971cd40563163adc15670ecf25cd3ad96138967c4b53ad9d04b5193ab5fb674aa0030a9d703d1baf810ce897f969121f142161919e583c275671b999e7f363891dfdfdf3556d01b86ee29eca8fccbfeaf1771395148706cc6e6be7ce29fc9ffef061b5420950c1a525bf75ad06edec51538d1c5bbc77da72dc90fd9998936fffdda2427e5a68966c7e2208f76304680182ec73007e482f034195712af922db2726195d997708734db9e7825a864be00b2a4f800881fc0363f5e618398454f35b148b4ccb88d418269fac868a8ba4a2d5b4f06a1ac01b5ad158b842e05adca22c7372585bf4ce95560b6c1e021a3ed2ff7bd3b6b3c7734c3b66d7e4c460096312082f89b16baa6e73814aa60925780cd92cd65087e260ec046fc363264366a9df2c849c0644911303946adad544521ceb469a3e193ecc9a7876403fac461a4a70d6193b2451189a5c5120b3535e9edf619108af7f517b58abd3fa7fb1ab832213430d2e6901076fba9c9e1acc6c6f48ff0e419bbc45589745a176f52a7407ad5e3dd49acb31b47862806f47077dda04905e45a80a12cbcd4d2dd9fe66c2d1f99394fed8ec60961cd2dc7115a96ece432fac86d51bebb08b95f447a83792fe80291fca7b298c9043ef2c26f0f7e42798d3f54c84b94c24c76c555d83ccc53b99bb22d71845e5cf21a5ba7fbeffeb6306e1730db14561b950a3f24bcfd78d4ab0d97de8054bb1a6077ae7cca6e45d846d3df82298d07212922742cb0facac3b77edfbab90e9ee2d4f7b0ee9b17bb11ec5e5721340d84cb6bd93428167e69b47759172557acda313c3decdfc6fe9336bfade459f43b39d0f2289f9142db280f4ee668e650e12858c577e12e2b9a57ee66c834be97979bcbe94747fa5d8d0b7d3a9f8f218df1bf960f828429a1efe838616b18faf6629236ddbded43a093efae163228e5c38fd7714743c2fcca47e3382bcfb1ab893fd7377527b4ec43f3fa60ebd338161d8de7cad65b15579e4af258f5fe3a63c2637a15703207029b0899b5427767647baef11e291358e6e54f6f13d3d2ca7a5e7969e04d2733b3b9ab822c69a3cfac097384de5071a9b74a656136d55eb190df08747b509fd610ff62b4950ef71c934fe21a48a4931d3d9458b415f112cee65c660f5490e982341da1c58634b3967ca6f3596d20cc90f508382156e36f16539093240ef5f2aa6a2c0dff2a67df30dcf50bf6e0b82a3d49f2d532a8dde1b3ceefcf0837190b74186090d1c18b59917d7efce1adfb238ef4a7b1d22c4cef09320221de883e97e6882466508de06fcdabad3b741bdca2cff879d57ddda52f42b3dcb8a78cfc05826af7e4ff155960ff8491194f4d321ef195990abaeeefdcb852d1e1e3703f317385a9458b6c2dd9db830f757ec29c9939fc7313e639fe485bc1e41ddaaef3fbf1f7cc527c8fad0d21b8082482caad7bee440e5097665f636c3dfec82f8c98afb6243bc3944939675a594277d278ba4361461f7da52e224e4ce5dee4a467bf6ae9f67b61ac6eb0a440406abac2016eec907e241c57f5f44be47290fd0fef785ff04df3810ccd637b4d97a84bae8486a36f75d872e645fe46625969fc2d1f032c56ed44bd98ea27bd9b6ddc8eb2dc2ec9f90f2f1ca1bd20e37ac58b03c84c872f4ba47310654986641460dfdd531ac62a76ad87b89c103ac5c9c2e7e70c66447b3412d4a1e5cbc30e16939505116c04de33ae054ed366de8d1f971c2de439957a194e22a488f58d7efd46439177f3f3c45a1475927eecd846d3d2e6a2ab5c7f8addd99062c2fc6b272d1f51bb8f22f1b6f8bb3faf8aa85e5eb9abf7df5cf8f26267323808b0833a987989cbe59205e7ad06556e2d1b8a4873ca1cbcbc8d43abc145fd4eb832e7a58ab2c793d003ce7b1850ce45eb7480417a1e9eb9d39a1028a2a04a2aa649c098c4f8eee514db5f6021173bb254b8e22b150b2ca01dc7ff235db46ed78d07f43d1adab13b8445d1b32069eb45f9d389fcf5a3f7d3ebe243c5b1fe17b1f5a3d571b65f21b9e471e818172554dc956749b99cb7a5f303ec480d7194a2ba86e204f06aa1becdddc8c49082c527e7064ac2ad77dc05639d3d2a7778f6943ed6105ebf6f0b9e94fddbe05c236ec000f4d1d4e496b10068211ab68ada4c7f7ac61f5f5ba5f1810d5bbe87ff4f8356af0d3f682baedb0ad8f8488b277421f0a03fc5e3095ee34bc4472d8f17e3f7013cf2f79f5ff3ea4b6bae56d1365a33b09bfa9a496323f7da923b7e29dce4beb81035f13130004c96e56d7ef6ca6c101d20c27a218e623227c33c9e488b17e7ae9ac20da8240501f7b614a1730f164553fe479ef149866e4ea47296814284a3d3eb7cbb294289ffb996e0eb053b9c16e54cf267832e3d360eb196ed51305630223309ea97215628f01ec9d3ea48096418d5e962cac5063460f0a18772ec7ce66d14a1cce14b52c40bbbfafccbf1e76f09e57ff0718048e5b993157a6cf4718826b1e09430413a3596a15c4a620fa8c8e1d1663e5739f9f790ddbb3be0e00187d43717d659242467d8681ac10303346157f894d9037641417010e9654c6a5b22263e73a5a37128f50078a980c30930321aa5c5e7851d5d392ddce3a14a96916fa8421ae6728f37f5de7c3e98feb4babd4e1bd2315d595e209d52748f70adc2284fcdaa6ad880470d2a071f3490aaf3491fb64b4547419e8eccdc491a8921156cb4811ad1e66514a32b0b31b641438881f28c1e6461b4f451938999af671e8c6a5cd0c072a9fe4cdbefe24ca616f3d0a15ac97cca835b1a440e04fa28340c6044176c8ecc8ee0d033d47db8a0aacfa0eabdfa1c9509fc2604008f01cbafeb5bd2b503b809ed672340b9a576593f1ef388391b54b605e7a15bef7b1345627a34fca57738b0f8f4f19eea93c903495274a4425a1a1cc6c4c6e335b631df5185c95b485e4257867b5347a40e4e14dcc560f061fd4fd265137dc68afd548adde778f1330f769acb1ccf5da14ff6992c24e210ea6e6179421881b803393bc6974e37106c5b5b3b5d0b3469f8969bffb7e4ceb2c98e928e74366492d27235ae4c74a2f48511aeeaa53a2beafa7a331b50e454c507af1b63350a5cef35668a5b9325014192277e509561008b3601088f79d42eaa8b1e4ae2000b31749e2b8094312ddb7f3c1cd625ef885c11fa22a66e374b52b3425e0b8016154e1fd8471339e32e7373d63ab646d893fbe09ae07b06074c01401ea76b3c382a9d32f24f93c789964e16bc4206ecd75c10917ab84ffd8d6cdf4cd28fd90375ff28518f8c1a3befc538e1b9e427fb671988d29f2fb2fcd039f4d341c84eb4d7cf600ddaba88bb094e4d87a1419180149f491368e648b69985b05ac39a4ecdd3c5135f3a5c8ad7792dacb6470144bb9e67805a211efb3ec9ccaf8e0901345fb19e4da579e1fbe86a1207f4f13c3436009c2c640b7cf3f8b77ca7bd994bf93308027359c6dd1b7db1e153fc0821968ef36c003b6c73fe890f4de24f5c6458dbaaf3819edeaa91783c3cfc7e773689236248195c7bbd60113f2476fa3687621d668d1728ee433d2f8f4db707345d30f1e52ab87a2a0afd547c6b3f0000f59f17facde48f693490e22494b75d11df1a143b85068d143ef6a9bb5937a9df380c8948f1a01e9675e18409edb0f6b9605b68e34632fcce472dc50b90b0f6dcd57931f78e1e8861a0fb62e72b0baad6f9d23c1cfb0f19b25013c8d9fcd786a2f6f79768b5fb398f7b2baa31ce8156d1fc4a46c1c463fdf30360d42aeed2ef11611d0b7f654bb51052fd4dc39328f8ec4c58bbda05e6f1b3c8f6d8adca0268f2410e9a4a7d63b6616006d0e02f6edacc10e5c54fd85f15a8bd7648a293f23d6a699bd9a675250475a73a96d7475e4fabb89fb5e7de5d7a3479aa485c0befc60d0ac4fd5ac6dbecceb06cad86e219fc0ce4720758917811a3215f8d13e413bfb64fc065fc421aede0b56691797dac428c7e463479fa591b9072c309b7533e427c5cc11a1f6cf9a5b995d328d796d874c5b55dfc12a5039b413ce319cf5ba1f355c4e0717d32650b43e18010f37f048731931c52c4f36eb969dda702afe96c2a5241350a67ba2d026946189c5e281293c9a8e2cff3784753f1de78b917101b54e5ab00c045ea15f28a0e3f509962cf8bd3385d85250737eae5c34ece86b86669c13b00308a3b13c0ac3c83ff26fb52a4aa83c1233a9490cb9ca917a056908931751bddb88a62379a713395f0764e4a393faf253a4026d0472270e6036287d56850df1751543484d65b3062155b6300e0024241c59a862ae769c1a9232a2d9fb24705177a09cceb3eefbf9f106f67e01be14cdeb4d2fc7d8661df3e75de5ccd09a7e559f028fb9837c621ea0045b4d1b679067f246339c974631aa7134d4e910efb28d3c48929cef1df7e6c73668762d55086b6c59c36ac90154135fd7ca4e4047dd0aa161fa982d8edf9c0cb9666477e096c55718f6e4742415fefd4f696d1f1ccd6322bc19496ddebd36282a7c707d5b44113e30678e6e33ab7d34be04a59ac614d6a54134490998be02636fa91633d6294781c2b9a54c611c0045cfcfe81f49aa21b29d835cd2047c854486fd8e65a2ebf629f7ced602b9dd107bfde483e5c9b5cbba4a08cdce09920bda9978b7fc2b4a89bf1573a26389e52090fdf5dccf22111dc8c42fd3c8c477092895398086cc22cca665269e193fc650742a361a44b857d258429f701f22e9b7615bc3dab78c1479a41cf8575cdb17169470b347adfc03e03daea3e269725cfc72df5664b9df36d2f2b55013b71133e0b80577a47182511ebb308b6248d457bd2af7b28e77182c305241178c4124ab102771fd5a8c3dacb8775de881301d71587c76bcf0a97a72ad244d0c42fd71aceec32dd48bb5c9a95b391166c832ac5bac8c7cae4d18b3f7d9f2e4782fdf97732e3d51f67bbb57f989ee0d7589dbd0c2a5c63840e914b9d7d720fa120acbffebf816b588b2ccc052e7fa78992e0ea39dd21a122add41195f8e2e1acd777c1a4e8ef4362fef441feb4d9252c6bfbd2742152300a32027776e3341620d3c8d9365e10e81adcca7d87a0e555c98a0353c692557d90ee9be3fbaab766abf93e2462149fd99c92a5fc58d899ee75535cd1fe1386c5ab0b157c2102039d6015258f59cef3f15b951893a30ae839f740402a30b34e7be73796286403c5beb0853d856d83f1b00b48328f56dcb32e1faab08a3435b1482bf18b21c95aefeaafa7fd761c7f28d416fcde06bf7aee5c6e9eb50e55874253ba3f1d0ce2505b4fc7c3fc996bfbb8446bafe84f5bea94bfd7ca5aeaf237fe793b66e5c521d4092e4e1f9bde1dfcfe53fa55005d21cfa833a338fd9792614129336060e10d1911862070761aa20c2902eb7c5a355eff4cf6253d7102a2ca1fead4c53b57d576d104c081310d92797e4e2e8c269d19910d0d4cedf30fa28ba680c00137f83de940624229b6a125ce5233c6cf4a3640b74f58f288dad8451fbe37641c5559a5f3caf1299c8bfb230723652278fe378efd8e459b9da26cffeb58468a6301dbc06d713ba2d8d43d9038f5f2dc8b831ba58a88eeb5b1786b21e398aeeeb7c1f3d6f01d82b3947862fb9e7cbd7da5d04c5fcd34da28d53e2246e3ac1e3a619ad174efa6435eaa0fc94d610799ce0158421dce046306eb5042143daa336d52206b12610ea6389cdda49bf5af1d4ee42ac090a94ae7b7612073f3a5c36a2205eda887f41478f7d20f18667f941f71eebcfa76c1ab28f2a49a3bd56bd3f4e6bd079ab3fe2d94782236e83585a03e52907abaef7456a95d5d3f3d37efdc035dbfd7c41b8ba0af2df8adf1cf24f7ff0beccd3d26bc91caf42314ef7e466f74e19ae0df2e2298fc2f694a7ec134632035585d530e7e19f65c256f001d75382d9825ef741bc213af186377d9ca10d3722354e1897ca5c23ac6a52c9ad0e6b686e1776f7ec65df033e8f4d5db80c1bc354093b319cb70df93d610667675816328c99322f14e636b95f04e6497f139d508b453f53ddb5c289d849fd5407c9bdcefd1642abd46e28cb4e94371bdc606eeb67c9fe17747c68f2d50e82711da4d3edb0eda06f41b7f93fa8fb4d83cf21c79da67000bac2275508217ade1659fa8d24e5f8efb9f4bd21073ebef3d06368eb03fa3cf0d638448bd055ed20d292033ffdba538559c8ff9a2a5c8f83b5c393643d6585d1df994c3be43e72b8f3f53114d2a5f6bcedb573842b23b6a3eb7fca8495bf03bd03fde7b19bd39a16cec49e01f38e671af33cae082d9788e3202799bc466babec2080528d0609c0b731964719093735b4c1e73bd0705637c47516922197c552baeaf3516b5e3bbc2cd1afa3ef8215196ed580d9561092f620b897e98e786a0c7cbb0eedda8063292ba6482497f5f6bb62fb5ab4c97cb7658dc6579718eb97b547fcf47ced1426561af93a15fb4dc6d3d93b868644943c2c94b23b0570bbb81df2666c24f5abccfcdd71e209f3bb43c01d17f9bc8b9af2c26762fc6a741a150b7d1186e4f35175f3c315243e1c11e92c43a1fc492eef5a13c77a81fcf514ebfd0f8e645dae15a07e86b2f01fda065db4505a5eea83cb616f744f6bee731be191c65449c02603556d5a51422cf9c2f19f8d6843e0c1091e0708aa271e91f71c8602b9fa72189e036b7cb6af1569f21269283de94a6d7fe5849fd433d5b719c80419873db0587fc29786cc598d896fb16360bddd2ce12e54d05418f4f5e5f2d7aafe9fcd6268cbe2e9e6329ffb6c67fab8f3ce673028cc06aaa6b857556bba3b44d3fab5b6e875e70a2f3ad4b2ff76f31ead3462d3801ba373b3c2f545e94f57021575e2947f81f53283fc0a5137fd44fa3d074c92de54a0a3465c858f5a7ef08313faddbc3663e4e0167f3cba39612057a7518fbfb031f5ad0f9f75831973ebd733b82e554bf3fdec84e51f65dab6028c6c51366d9d4700fdf255e4c7bd70766e7f2281b3f2a5363f85ce49f9135904d14bcb117ad754c2594dcdca2d30e40ff265b5accfb116f64ed99aad570c4c5a91efdbb984ac651d8721405a0342cf77f448c17a152eabf29e88950558a86d0074e1cefab1eb7c366682f686ee1338737e675ea58eb8b4c86b9f28a6f6e96459f29e3b4dc59ff044c61a0dcc5c31d803e6e98420e446229ccdec3d0f705e92ffe016bb3696373eadab7f35ccf65ab4d9be09a085ce21bbd7c0555376e4d7fe68b5e7a64f48b5127825fb2be598d991f9c1a54bf52713417dcc599e812d85513a537e6eafa738edc972b67e065595d11678449bce6cd3d69800a649b560d0e057c502ca3e72e97820829ecfea801192c3f4e2c8763c095a43ee6fe45fe8730130937668df1d4ee577ada28238be03286481f2d2a004cc4d48856e71fbd64f1a0043a4520ecbbf1b3abdc96b87a27be8495a20542967aa4cd3a44a11502419a083d84e97abfde0901b66dde48388649a0ed6d93b9f20c530e990c7c52370a114d800d6ab3f6687d6bbc105b63738fe05fa6cac98ad6663936bb18cb923264e44312c24c2ce8e642bb73c921012b68a26a70977446b8f15f9d62467d8b356560c183a6bd6cd76ec868c3bd94a595cd7bf996755a508a814980c5e588b275200c45afd900c8c2de329ec2484b0e3ecd7b0960e5e3425881d1ff7f8bd8b20f5cc98ffc3acb77f5e88775a4bd3ab9f9eb027e27d3af55ebdf4eebab48ea911128d668d00fc3f5b5480aa0d9a4af563ba577384448e5425157133d59e1cef3c722f33700bd372825046b1fa5824e405154a3af1440bc2b75acfbd07cf92e8c162587e74b5ab66b1c6aeab3ad5fa3ee91da4900ef30ad04baea326df912517dd96e1696b4a91faa66675978a375e81f25464a1073dc6737af08d7e25956bb31d438548a7da38662d49db812a8cf1d6cc65f5c63879fd9ee7fd2a66ca3fc1a748cb239aab88c87206470b4c60592afeb6d69ed97a8f990155862ba4e22b64804142c131a23792937aa8a8696e165c24d7692a04bb4471b0f0d2507fe7c8618421428fc7a0acc984ca5cc6bacb772e8a717bbaa646f9643275910a6037afaf5a80678d18edda138a4e13d06d04a5d06431eab48738225cf1567e960e765728dc12e91b91c6f2b33dfb6e033aa68c1c2334d24335abc4a7a1df5636dec29091da54d5f5a1fff41e4a35a0c2f04f968f7d78e2f51c73577e2192bb20f289aaba5a175c2ed533855bd9ed9a842ad482136dd5e0cf45eb5e2d31ff62a3be1cf8a94a58316e74f4ab9fc54f3a0bb83beef0f355993bdea2c83e61cdc796bf2564ae51fae616799e8711998cd88d35cd9824452fdd65226174b46792cb87f4dd282e4e6f67eb66da413ad877ed6ce775f7e19bc93f48bb9e5ec04009de3c042aeacf7f4b25ad6b30e017303f64fe07ac79e8744aab6926d117f13513d0469cef335fe1d0d787c2d0b2c031a9521786ac10e9f8b768271680337f2c3262abdccb5d3107c632bf1f74c83ee91f49988222fb080cc8faa9b1a02526d8b6087e0b2354173d29016b3309587c16f057dd812aa63c3169150de81f3af97d082a8f8da4ce4f909ff649821d7f96d97613552e8cc4902e046ecfa329b1d980ff5ece69b8f1615fdff5244f41cec0af924624ae1641ecae5fa26c5fb9006e57100ee71377ced7c255ae17a0845e2ee0287c62c1852f93877f9f86157ca9675d383fff5cd6f2b001ec0136c07cf37f5ace1853122c2baa1092d418e2a490c4a5c8f56b828ce1bafeef4e77f095d6b4ed99d56f66812cb19be540ebe5d52e7eff2d69cbb8477e11514f7e3604bf9999f78c2f1ca6f60a2216b87fa0f25269c425b7d50709b200912b3b7899c95e12d6e9c4dacc19e327721860e0477a53e6793fbb7fb9704a848f395f48c24a6e79b9e1358cc3497251de88b8d3a7b22c6d8af1a7fab81530d9f0cc98f62debb222b54780d89794238532717b447d71b46a60ed481c21db85b590b31720009695ecffd4ef029964e5d5149622233ac013e960a005c924f73ea82c318455546c53d74aa3f7e2ff26aa074c40a55aba8b08027fc19b596eec6c4f89bae39e74b9aad88344f7cc5ad3eefa5095f2ab47222e9a357ecd71c6700ac576025201490d9e446603dfd4bda7617dd500981b2d2ab8c43882a5208494cb3f8ebc720bca8a7cf6c80bd7aaaf89507bb3412ea490a78973f12cc30413e9df1458917ea3d68b438d424c1314bc8d01939c5a5a842438281e62d0c800dee704b2a6cd3e1e4b885a6b26b894a98765fa3308c9e4b87f93625faecdb17c29a27cd243bf6030a67874ec9f2443cf8154261ac2a834c01cbe1f314ee7aa3ca552e1648cf8b42a63f249e3538026e09e44d69dc259adb0d1a0cbccb5a5dd5d0dccc90d023da79d5634188ff060f7e35a5f9d7ad99546824d63975d4452de876093f4e997dc46eedcd80a9eebf5e4f077fbb10c7d9e19a3419e7b845972a3b62613c5404a209b16fa88e0ff49d7b4f21fecc1f773c5b4be61021e0cab8602c6e8257649303aaeafcbb178e7a460ff07f219c46eb6fe5bf8113723e454003bd707767c107daf4255751daaf8decf35262640058924eb6587868b2c08230b317e97396ebc928ba8d274ca0eed0bfcb637676003c64e8c1e1a0420b6c96a44226061ced41b8448382abd2f3d0c472afcde231fbc9ee90c2f1132f8e2391246f95ad93354c7460e20de996ad0f61b13b27646887a637cede90b94b7d8c3130f0fe060e8d955c711a2700b302a75bdeb32a0a6802ea795cb114f5f82a1a381a86bbff88b299e47728b746dff964c94c52b661b9429376b1320b46081426b7c340206dc0da151bf84be2a49e78b6b5938753d2b1be8d9e67c43c5d70e72519f5f90d9f95e84ee38f82b191ac4d968b0a37901fd923cb289d585693ac3c3f8a94fca6df45e694e199a9cd0b1bc1fa7394bcc96aae670dca6605a998793b7e067ac410ba631057b8b76fcbe9524df820c02efef1608b743cd2aa6d60d3d8e476fa12d3acc329f8272b087d89471177ed531fec1f9c24a975ca2fcd8c246a33e291a3f00b7f234052067a0059c86762475256bb5e7dac6f121a0925506b18933c6e314915d4b3b2130aafc2483ef22ff8bb7b887565b1bd22fabca22037d8fc9437f675c5313526266f60bb7c7c47f30c7d567ed142ea5ec367c4298328d20e5344f01c0c90cf8a6302f4d84b6ba7495fba314a05ba29b63bb6d458fdb05a4411136958309f418fb178e19aa09ff9e62b29732fb2986c96e738f7a688cb2122dbb8f2ad9a5f28bc49ec0c462413552afee8e403259b55ad6dc334dde7f2d306929dd01f2aa6036cafd41874522689301b81c9e50e86828894140356db0a3317b081ed9d8148c41e77e6bda6287762532b86eb91f5480915680deb8a91fb8656b7f0109064865d2b846af0861f67d3f720d6e306540cd7b68f095ef3690b88ea93fb6a402ff5697597cda83171f159e85307d1a8c01611189bd4eb4f0453ab88d43ae181a562a76902a67c687514079d6f4304d9a7c0fa24b6e86074ea0a9fd8187c120312078f5ebfa674adc0303734bf8f6b5585943706594192ad24c9f7d9794fb83758924f862855ddd50bff58b522c43d73c03289baec628cd693cab93101b1e473b76532510e10f03e86812fea6f2d6f5467dcf29e6d7cf8524f383a0ded3f0951c3ffb171a6b8a6d97b5fa8899a19f1a3d0e934a1d4741076e4394ba225158f697bf7d5651717c6950229a0be22e8120d76a414edbcd03d505264b7ede8272ccbd6dbdcebaf11daf6a652f6f9eb74ba7a3ecc942892891388005ae5d971e4e79d696564906dffd44845b704a9abc2fa5ba1bb69a548423a08044ad6d0e365db7e6bea0f3844a452759716cb98dcf326001ec90c1c343174098cdf47ea2e13341058ca014d2a30e9ba3c526de72a6e387181bf76a278c9cbc518d8c374a3f1d9802a39464a100903dbec16f8f095f5d82d9d09507281e4f7fe0ce4fbeced193902a5f658af2a4c1d0952dabdc6ae5830b6b5a2c3f5b8d33a73665990822e5f4a7ce5366755a1615543bdf78299c71e890e0bedb6ec277b10a389d6a3ba9c037221421279e51ab50fb115de2076cc99444202e88ebd9d0fbe4e60234b7b761495ac6c9e615ddac8176164a88fb6d6cc2b52672c8949afe3efc1e87a598896bc93e421423844fcaafe65af898a015b3bcaf623ebeef9a57155af5278ceb52b995f7ca466d9e18b05e86380679e0257cff6d0c6750078462f2ee4701d6d8289ed848b877cf5918625b7937060d667c11119881c30809056892352c6c53c01e395af6866ea350e6f21fa3db772c1177c759999973b51e11ffc5908", 0x2000, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}}}, 0x0, 0x0, 0x0, 0x0, 0x0}) r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0) writev(r2, &(0x7f0000000000)=[{&(0x7f0000000cc0)="e1", 0x56000}], 0x1) close(r0) 2m0.233326677s ago: executing program 0 (id=678): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18) syz_open_dev$loop(&(0x7f0000000240), 0x6, 0x80) sched_setaffinity(r0, 0x2c, &(0x7f00000005c0)=0x6) r3 = syz_usb_connect$hid(0x6, 0x0, 0x0, 0x0) r4 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000000c0)=0xf) r5 = fcntl$dupfd(r4, 0x0, r4) ioctl$TCFLSH(r5, 0x400455c8, 0x1) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r7 = openat$cgroup_ro(r6, &(0x7f0000000580)='blkio.bfq.io_merged_recursive\x00', 0x0, 0x0) preadv2(r7, &(0x7f0000000280)=[{&(0x7f00000008c0)=""/211, 0xd3}], 0x100000000000003d, 0x0, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x775800, 0x0) write$vhost_msg_v2(r5, &(0x7f00000003c0)={0x2, 0x0, {&(0x7f0000000300)=""/164, 0xa4, &(0x7f0000000040)=""/54, 0x3, 0x1}}, 0x48) ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="0e00000004000000080000000800000000000000", @ANYRES32=r5, @ANYRES64=r2, @ANYRESOCT=r3, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0xf, 0xd, 0x0, &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x50, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r9 = socket$inet6(0xa, 0x3, 0x7) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r9, 0x29, 0x20, &(0x7f00000000c0)={@dev, 0x800, 0x0, 0x2000000000903, 0x1}, 0x20) 1m55.938778972s ago: executing program 0 (id=680): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0x4048aecb, &(0x7f0000000480)=ANY=[@ANYBLOB="070000000000000007000000ffffffff"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 1m52.523505341s ago: executing program 2 (id=689): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000a40)=ANY=[@ANYBLOB="40010000100013070000000000000000fe8000000000000000000000000000aa7f00000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB], 0x140}}, 0x0) 1m52.417951275s ago: executing program 2 (id=690): sendmsg$inet(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000001c0)="03903b", 0x3}], 0x1}, 0x0) socket$inet6(0xa, 0x200000000003, 0x87) syz_emit_ethernet(0xf2, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000086dd6030bb0000bc2b00000000000000"], 0x0) 1m52.250092171s ago: executing program 2 (id=691): r0 = socket$tipc(0x1e, 0x2, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r1}, 0x10) r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000240)={r2}, 0x8) close(r3) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000880)=ANY=[@ANYBLOB="bf16000000000000b70700000100e0ff5070000028000000770000000000000095000200000000007ae9413df8ff0af5aa35339f4b382c4cad9db67dc983134d04ef2fd6fa7a9b857b72abaca100af1ba23d699b89e890c10500000000000000000000000000ac0e064c27bdfbd301150500000000000000bfdc995279d64072aacbb0595b95060000009ad3bf16a461e48e955a772d4062093f4cb1c3d9532abad2085401f098c07898a3f4103699b9e079229c1a72cb6d47cef1595e84d21951010f0274b1445a2ad6a7ad73827cccc21842599e0ae7b91f0b858b9267aa0b28d69a74ffdea61be892f0f9ff9468e4cb6dd65fd7bf3124702c6b1c2aea53ee0cb83ff180aa18b635d1667459c7cba77cedca0bff6d8370c33e2bd9cebd29c152ff9dc8c2772fe552fecfcd1778b0838100000031d521207e7423d86508416780983c2f380bc01cefe9773a9a5cd5b24aa24a561e72393c0ce2bf44825b05c1779fe74f884c2472ab45c2af60289cb199963312dd1929096c6f49d116f1612a7b97f77169fa5e8a66a372ef8e3ee7167f7d2a26fc6c3cfa4dc5860277223d6eb3460e3b10a0dc9495635a9fca19d7beb5e700498b43bdadc916c01264d22d7969530633f94b257fbc5da7a96820e31044c0b0f62619c9e351996185e4015510875b774666ba5c0ba9845ad25b578d7d714ff3a85586b9b452301f5470d0e0ae5d7f82f178f0c7c9c8f44c390c8a2c5be9e24a125420912ec9a3149f87b35ef1169f05e49164a4944e7b4da2096f57020dd4f1f4f15edd7a0b1e24c6f79e3ea72a29c7928f000000006c5c741f5aa85405273c7967d2c1a14efe0d5322cdcf2bc058ff9aab481926312fc7c88b1044e8c1c17d8c562edf69f4db96e059c49ec69a06000000d24f4c7810ab5f6a9f9eb5c881883e5671bbca4614df48103ca6e408910000000000f7e1ea56bd87915783a144d41669cd2c52db303e2b7384f100"/718], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) r4 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x7}, 0x4) close_range(r0, 0xffffffffffffffff, 0x0) 1m52.078631233s ago: executing program 2 (id=693): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x3, 0x8, &(0x7f0000000140)=ANY=[@ANYBLOB="18020000200000000000000004000000850000005300000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8000, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000400)={r1, 0x0, 0xe, 0x0, &(0x7f0000000000)="0000000000000000009dc9000000", 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 1m51.888356787s ago: executing program 2 (id=694): r0 = openat$ppp(0xffffffffffffff9c, 0x0, 0x101042, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001d40)={&(0x7f00000009c0)='sched_switch\x00'}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$inet6(0xa, 0x8000000000080001, 0x0) openat$ptp0(0xffffffffffffff9c, 0x0, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000140)=@framed={{}, [@printk={@lli, {0x3, 0x3, 0x3, 0xa, 0x1, 0xfe00}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0xca}}]}, &(0x7f0000000040)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)) ioctl$PPPIOCSACTIVE(r0, 0x40107446, &(0x7f0000000240)={0x2, &(0x7f0000000180)=[{0x48, 0x0, 0x0, 0xfffffff7}, {0x6, 0x3, 0xfb}]}) write$ppp(r0, &(0x7f00000004c0)="1632", 0x2) 1m49.758017895s ago: executing program 1 (id=707): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee6, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$USBDEVFS_CLEAR_HALT(0xffffffffffffffff, 0xc0185502, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0900000004000000e27f00000100", @ANYRES32=0x0, @ANYBLOB], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) 1m46.474471547s ago: executing program 32 (id=673): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10) r1 = epoll_create1(0x0) r2 = socket$unix(0x1, 0x1, 0x0) close(r2) socket$xdp(0x2c, 0x3, 0x0) setsockopt$sock_int(r2, 0x1, 0x2e, &(0x7f0000000040)=0x80, 0x4) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000100)={0xa0028000}) 1m46.442389575s ago: executing program 2 (id=709): r0 = epoll_create1(0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r0, &(0x7f0000000000)={0xa0000001}) ppoll(&(0x7f0000000200)=[{r3, 0x1}], 0x1, 0x0, 0x0, 0x3) epoll_wait(r0, &(0x7f0000000040)=[{}], 0x1, 0x400) 1m45.985124133s ago: executing program 1 (id=712): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0) syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0) write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0) preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd600a847500140600fe8000000000000000000000000000bb", @ANYRES32=0x41424344], 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000327000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000280)={0x0, {0x2, 0x0, @empty}, {0x2, 0x0, @broadcast}, {0x2, 0x0, @dev}, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)='gretap0\x00'}) recvmmsg(0xffffffffffffffff, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10) ioctl$KVM_RUN(r3, 0xae80, 0x0) 1m45.504233408s ago: executing program 1 (id=713): bpf$PROG_LOAD(0x5, &(0x7f0000caefb8)={0x8, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="850000006100000054000000000000009500000000000000b4a8b1541206000000e9c79077fa15ba36eca61299de54cf77c9062430bc068829afff36b3"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="480000001000010400"/20, @ANYRES32=0x0, @ANYBLOB], 0x48}}, 0x0) pipe(&(0x7f0000000140)) sendmmsg$inet(r0, &(0x7f0000005200)=[{{0x0, 0x4b, &(0x7f0000000000), 0x1}}], 0x1, 0x0) 1m45.063808426s ago: executing program 1 (id=715): r0 = socket$kcm(0x11, 0x3, 0x0) setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000), 0x4) sendmsg$kcm(r0, &(0x7f00000000c0)={&(0x7f0000000100)=@hci={0x1f, 0x0, 0x5}, 0x80, &(0x7f0000000500)=[{&(0x7f0000000040)="27031c00590214000000002f1eafbcf706e1050000006558000f1102ee1680ca82973d2bd4b8bf4a8291a14b8a34f90186cee844000000080000000019b0fb0bba", 0x41}, {&(0x7f0000000440)="63f805d7649496db72959832930469edc7b7d050139bf7ada32bc9e37eed1153ecb716cdb8981cd819af0b33254465cc904b7b31789d65c0e0d3333ce2ef36205dd154e363bcadf8f2ea93f45503c6d9fd8dfe5a638cfeb9f79c930a4d18260e5a08ffd35ed8371cff78119319b2b62c7cd9378c73ae90c801681f55ef26cb0000000000000000", 0x87}, {&(0x7f0000000280)="fe112162c63e6da8bc8432294ef18af53cc330a62a2c7035246635093ba4d30fcf19a90804f04a10939db8f4e13069cda6d167bf1b68c94d8d694d6ad1a4d51a715975560ad48770706eb1b88d021e1119f2eb75275cfe77f862368649be0f7aff5e7826729816e3d3e7986d9434f891c71ca6e4210c6757083cfd8e732048c504f28b6d309fc129ed8eb5a82e224eb648f90134d1d315977c6ea360a7fece4baa3dd7dcc970759f29df0e86469e954e2b050e87b203ca27a2a519b7555c3b73f2681d49442d9647ff5ea64110cc5020fdeafe53a7d8be70f3260816bc376bcdc5352771fa55d9733e27730ec7103520e8359c78edd21ee6c68feb3685a55722f5da09ffe8ba9f05081a8d214156376f99906245f2f390ad717979d98f0574f8c5b52dcc2fa494f461be6c2560ddbaafb80c5b4583cbe56d24f14ab78fd718947077ea736251c7b8eee267267534c84daa6f095e94bfb85986a03ddea362cc7e6682884e710727c1163cd4f336c13b844605b7a815fe39e43bd0d2e414410a82958455b8a6bd9194c631d66295675fed64c04107a595c421111a3af6e9fadab5c9", 0x1a1}, {&(0x7f00000006c0)="6fe4ff00eba3271d", 0x8}], 0x4}, 0x0) 1m44.866435497s ago: executing program 1 (id=716): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)={{0x14}, [@NFT_MSG_DELCHAIN={0x4c, 0x5, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0x2000}, [@NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x1}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_HOOK={0x20, 0x4, 0x0, 0x1, [@NFTA_HOOK_DEV={0x14, 0x3, 'netdevsim0\x00'}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x5}]}]}], {0x14}}, 0x74}}, 0x0) 1m44.45160353s ago: executing program 1 (id=718): r0 = openat$ppp(0xffffffffffffff9c, 0x0, 0x101042, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001d40)={&(0x7f00000009c0)='sched_switch\x00'}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$inet6(0xa, 0x8000000000080001, 0x0) openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)) ioctl$PPPIOCSACTIVE(r0, 0x40107446, &(0x7f0000000240)={0x2, &(0x7f0000000180)=[{0x48, 0x0, 0x0, 0xfffffff7}, {0x6, 0x3, 0xfb}]}) write$ppp(r0, &(0x7f00000004c0)="1632", 0x2) 1m39.11653963s ago: executing program 33 (id=680): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0x4048aecb, &(0x7f0000000480)=ANY=[@ANYBLOB="070000000000000007000000ffffffff"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 1m32.375179598s ago: executing program 5 (id=729): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), r1) sendmsg$nl_route(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="4800000010000507000000000000000000000002", @ANYRES32, @ANYBLOB="0000400000000002280012000c00010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="2800000014002101000000000000000002200000", @ANYRES32, @ANYBLOB="08000400ffffffff08000200e0"], 0x28}, 0x1, 0x0, 0x0, 0x4004008}, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="280000001400212100000000000000000200"], 0x28}}, 0x0) sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="2800000015000100000000000000000002000000", @ANYRES32=r4, @ANYBLOB="080001"], 0x28}}, 0x0) 1m32.200219186s ago: executing program 5 (id=730): bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x0, 0x0, @void, @value, @void, @value}, 0x50) socket$inet(0x2, 0x3, 0x6) socket$inet6_dccp(0xa, 0x6, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f00000000c0)={'syztnl2\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x4, 0x2, 0xb6, 0x7, 0x2, @private2, @dev={0xfe, 0x80, '\x00', 0x29}, 0x8, 0x0, 0x7, 0x6}}) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1900000004000000080000000300000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES16], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007300000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000500)="d8000000180081064e81f782db4cb904021d080006007c09e8fe55a10a0015000600142603600e1208000f0000000401a800160004000140060700000000000000d60008000000000000fb8000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4e1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f0f49e119c849ea6e5a0fc55e4cde205a214d6102d6dcbf33fb5ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccfb42b1073520ae", 0xd8}], 0x1}, 0x0) 1m31.813408371s ago: executing program 5 (id=733): syz_emit_ethernet(0x265, &(0x7f0000000200)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x22}, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "cabf00", 0x22f, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x0, 0x5, "a78ce54006598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad9657926974"}, {0x0, 0x1, "000000050000"}, {0x0, 0x17, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d0363a979acf93f88eea07d68423e90280409de1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731"}, {0x0, 0x15, "06aa85616177c41bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0dea07c9a1f643c822a18b79f7c5eba31fb68b2d734a6671e27182aee96f24a4a5cf390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba4239990"}, {0x26, 0x8, "17dcea46805d4809c20547406b18901b0aeff04c0300f3c75dc2d227a83b89483be298af1084743475671545e65eb2e9ac946a3f0e2bc4619f91394c02bcfbbb7d71"}, {0x21, 0x7, "b8a3e100908f61640000000200fe80ffff00000000000000ff0bc0fe00000000008879e66485201a0015ca83747357a027450004000000"}, {}]}}}}}}, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000004100)}, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)=ANY=[@ANYBLOB="98030000", @ANYRES16=r2, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r3, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff"], 0x398}}, 0x884) 1m31.573067667s ago: executing program 5 (id=734): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"]) chdir(&(0x7f0000000100)='./file0\x00') r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x4c00) io_setup(0x202, &(0x7f0000000200)=0x0) io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f00000000c0)={0x25, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000780)='U', 0x1, 0x0, 0x0, 0x0, r0}]) 1m31.032355423s ago: executing program 34 (id=709): r0 = epoll_create1(0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r0, &(0x7f0000000000)={0xa0000001}) ppoll(&(0x7f0000000200)=[{r3, 0x1}], 0x1, 0x0, 0x0, 0x3) epoll_wait(r0, &(0x7f0000000040)=[{}], 0x1, 0x400) 1m30.976658302s ago: executing program 5 (id=736): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000580)=@ipv4_newroute={0x28, 0x18, 0x35f32a6dfa748ddd, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, [@RTA_MULTIPATH={0xc, 0x9, {0x2, 0x0, 0xc}}]}, 0x28}}, 0x0) 1m30.469004135s ago: executing program 5 (id=737): mkdirat(0xffffffffffffff9c, 0x0, 0x0) mount$fuse(0x0, 0x0, 0x0, 0x1081000, &(0x7f0000000740)=ANY=[@ANYRESOCT=0x0]) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) r3 = accept4(r1, &(0x7f0000000300)=@qipcrtr, &(0x7f0000000240)=0x80, 0x100000) getsockopt$bt_BT_SECURITY(r3, 0x112, 0x4, 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) syz_open_dev$vbi(0x0, 0x1, 0x2) ioctl$TCFLSH(0xffffffffffffffff, 0x400455c8, 0x0) r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r5, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6) io_setup(0x8, &(0x7f00000002c0)=0x0) io_submit(r6, 0x8, &(0x7f0000000340)=[&(0x7f0000000100)={0x2000000000, 0x4, 0x0, 0x1, 0x0, r5, &(0x7f0000000040)="0300ffff0000", 0x6}]) syz_usb_connect$hid(0x3, 0x36, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010001090003206d0414c340000000000109022400010000a0000904000001030101000921000800012203000905", @ANYBLOB="66106362e241138486dfbb740061493cd8b0fcc64c3502e570f3d46bd0ce4de2855b88e1d51d53690750302696be377f6e4b03711dd5d15f2e878d50d80beaa42ebe0a3ce285a930c6eac6898deb13e305fdb8441b781792ad23791f4bb2135fb080c3158c55d8c4406588547a7a527a731186ff56febff11797de3fa86864c2646771cd7ea7eaf276ddb8f040724b63fdd3e3484c7a45edc2f520a667b17ff928f5111d77c749f294fb740bc6d085bb331045fce32e3dff1281e17c48259bab0f858034119e788753757e8602819b35329b1fa8bb8759a7e46084c3ff4239509e5e9e52612bd45856"], 0x0) 1m24.054299006s ago: executing program 35 (id=718): r0 = openat$ppp(0xffffffffffffff9c, 0x0, 0x101042, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001d40)={&(0x7f00000009c0)='sched_switch\x00'}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$inet6(0xa, 0x8000000000080001, 0x0) openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)) ioctl$PPPIOCSACTIVE(r0, 0x40107446, &(0x7f0000000240)={0x2, &(0x7f0000000180)=[{0x48, 0x0, 0x0, 0xfffffff7}, {0x6, 0x3, 0xfb}]}) write$ppp(r0, &(0x7f00000004c0)="1632", 0x2) 1m21.819555958s ago: executing program 6 (id=744): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000001ac0)=ANY=[@ANYBLOB="54050000", @ANYRES16=r1, @ANYBLOB="010000000009000000003b00000008000300", @ANYRES32=r2, @ANYBLOB="3805330080000000ffffffffffff0802110000005050505050500004fdffffffffffffff6400020000060101010101010102189b0406000000000500050300000025030000002d1a02001201feffffffffffff070000000b0000000008020000000771070101012001ff00dd2b"], 0x554}}, 0x0) 1m21.438506565s ago: executing program 6 (id=747): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0xa) sendmsg$nl_route(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="4800000010000507000000000000000000000002", @ANYRES32=r2, @ANYBLOB="0000400000000002280012000c00010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="2800000014002101000000000000000002200000", @ANYRES32=r2, @ANYBLOB="08000400ffffffff08000200e0"], 0x28}, 0x1, 0x0, 0x0, 0x4004008}, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="280000001400212100000000000000000200"], 0x28}}, 0x0) sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="2800000015000100000000000000000002000000", @ANYRES32=r5, @ANYBLOB="080001"], 0x28}}, 0x0) 1m20.830993483s ago: executing program 6 (id=748): r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007300000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000500)="d8000000180081064e81f782db4cb904021d080006007c09e8fe55a10a0015000600142603600e1208000f0000000401a800160004000140060700000000000000d60008000000000000fb8000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4e1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f0f49e119c849ea6e5a0fc55e4cde205a214d6102d6dcbf33fb5ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccfb42b1073520ae", 0xd8}], 0x1}, 0x0) 1m20.33770121s ago: executing program 6 (id=749): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0) syz_usb_connect(0x0, 0x5f, 0x0, 0x0) r2 = socket(0x10, 0x3, 0x0) write(r2, &(0x7f00000000c0)="240000001e005f0214fffffffffffff80700c00e1d00000000000000080009000d000000", 0x24) 1m14.246415391s ago: executing program 6 (id=750): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000100)=ANY=[@ANYBLOB="120100004f92b90857152077ebb70000000109021200"], 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000f80)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)={0x40, 0x13, 0x6, @random="0000000200"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000600)={0x44, &(0x7f0000000380)={0x20, 0xf, 0x2, "82ea"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io(r0, 0x0, &(0x7f0000000bc0)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)={0x40, 0x9, 0x1, 0x7}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) 1m14.050685297s ago: executing program 36 (id=737): mkdirat(0xffffffffffffff9c, 0x0, 0x0) mount$fuse(0x0, 0x0, 0x0, 0x1081000, &(0x7f0000000740)=ANY=[@ANYRESOCT=0x0]) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) r3 = accept4(r1, &(0x7f0000000300)=@qipcrtr, &(0x7f0000000240)=0x80, 0x100000) getsockopt$bt_BT_SECURITY(r3, 0x112, 0x4, 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) syz_open_dev$vbi(0x0, 0x1, 0x2) ioctl$TCFLSH(0xffffffffffffffff, 0x400455c8, 0x0) r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r5, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6) io_setup(0x8, &(0x7f00000002c0)=0x0) io_submit(r6, 0x8, &(0x7f0000000340)=[&(0x7f0000000100)={0x2000000000, 0x4, 0x0, 0x1, 0x0, r5, &(0x7f0000000040)="0300ffff0000", 0x6}]) syz_usb_connect$hid(0x3, 0x36, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010001090003206d0414c340000000000109022400010000a0000904000001030101000921000800012203000905", @ANYBLOB="66106362e241138486dfbb740061493cd8b0fcc64c3502e570f3d46bd0ce4de2855b88e1d51d53690750302696be377f6e4b03711dd5d15f2e878d50d80beaa42ebe0a3ce285a930c6eac6898deb13e305fdb8441b781792ad23791f4bb2135fb080c3158c55d8c4406588547a7a527a731186ff56febff11797de3fa86864c2646771cd7ea7eaf276ddb8f040724b63fdd3e3484c7a45edc2f520a667b17ff928f5111d77c749f294fb740bc6d085bb331045fce32e3dff1281e17c48259bab0f858034119e788753757e8602819b35329b1fa8bb8759a7e46084c3ff4239509e5e9e52612bd45856"], 0x0) 1m13.978011144s ago: executing program 4 (id=752): bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) write$sysctl(0xffffffffffffffff, &(0x7f0000000000)='2\x00', 0x2) write$binfmt_misc(r0, &(0x7f0000000000), 0xd) 1m13.573831449s ago: executing program 4 (id=753): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) r1 = openat$cgroup_devices(r0, &(0x7f0000000000)='devices.deny\x00', 0x2, 0x0) write$cgroup_devices(r1, &(0x7f00000000c0)={'a', ' *:* ', 'w\x00'}, 0x8) 1m13.083582458s ago: executing program 4 (id=754): socket$nl_generic(0x10, 0x3, 0x10) socket$nl_route(0x10, 0x3, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) socket$kcm(0x10, 0x2, 0x0) socket(0x2, 0x2, 0x1) socket$kcm(0x2, 0x5, 0x84) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_merged\x00', 0x26e1, 0x0) socket$kcm(0x2, 0x5, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x0, 0x0) r0 = syz_io_uring_setup(0x10d, &(0x7f0000000200), &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r4, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0) recvmsg$unix(r3, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), 0x100}, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r5, &(0x7f0000000180)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9, 0x12, r5, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080), 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_WRITE={0x17, 0x10, 0x4007, @fd_index=0x8000000, 0x2, 0x0}) io_uring_enter(r0, 0x3f70, 0x0, 0x0, 0x0, 0x0) 1m12.882658434s ago: executing program 4 (id=755): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4) setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f0000000080)=[{0x48}, {0x6}]}, 0x10) syz_emit_ethernet(0x4e, &(0x7f0000000800)={@local, @dev, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "2abe00", 0x18, 0x11, 0x0, @empty, @empty, {[], {0x0, 0x4e21, 0x18, 0x0, @wg=@data}}}}}}, 0x0) 1m12.536272741s ago: executing program 4 (id=756): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x400, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x1000, &(0x7f0000017000/0x1000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text16={0x10, 0x0}], 0x1, 0x2e, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x4000}) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000000240)={0xeeee8000, 0x1000, 0x1}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 1m11.082272856s ago: executing program 6 (id=757): mkdirat(0xffffffffffffff9c, 0x0, 0x0) mount$fuse(0x0, 0x0, 0x0, 0x1081000, &(0x7f0000000740)=ANY=[@ANYRESOCT=0x0]) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) r3 = accept4(r1, &(0x7f0000000300)=@qipcrtr, &(0x7f0000000240)=0x80, 0x100000) getsockopt$bt_BT_SECURITY(r3, 0x112, 0x4, 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) syz_open_dev$vbi(0x0, 0x1, 0x2) ioctl$TCFLSH(0xffffffffffffffff, 0x400455c8, 0x0) bind$bt_hci(0xffffffffffffffff, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6) io_setup(0x8, &(0x7f00000002c0)=0x0) io_submit(r5, 0x8, &(0x7f0000000340)=[&(0x7f0000000100)={0x2000000000, 0x4, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000040)="0300ffff0000", 0x6}]) syz_usb_connect$hid(0x3, 0x36, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010001090003206d0414c340000000000109022400010000a0000904000001030101000921000800012203000905", @ANYBLOB="66106362e241138486dfbb740061493cd8b0fcc64c3502e570f3d46bd0ce4de2855b88e1d51d53690750302696be377f6e4b03711dd5d15f2e878d50d80beaa42ebe0a3ce285a930c6eac6898deb13e305fdb8441b781792ad23791f4bb2135fb080c3158c55d8c4406588547a7a527a731186ff56febff11797de3fa86864c2646771cd7ea7eaf276ddb8f040724b63fdd3e3484c7a45edc2f520a667b17ff928f5111d77c749f294fb740bc6d085bb331045fce32e3dff1281e17c48259bab0f858034119e788753757e8602819b35329b1fa8bb8759a7e46084c3ff4239509e5e9e52612bd45856"], 0x0) 1m5.262814816s ago: executing program 4 (id=758): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) ioctl$SIOCSIFHWADDR(r0, 0x8910, &(0x7f0000002280)={'syzkaller0\x00', @random="2701000068c7"}) 55.594691443s ago: executing program 37 (id=757): mkdirat(0xffffffffffffff9c, 0x0, 0x0) mount$fuse(0x0, 0x0, 0x0, 0x1081000, &(0x7f0000000740)=ANY=[@ANYRESOCT=0x0]) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) r3 = accept4(r1, &(0x7f0000000300)=@qipcrtr, &(0x7f0000000240)=0x80, 0x100000) getsockopt$bt_BT_SECURITY(r3, 0x112, 0x4, 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf) syz_open_dev$vbi(0x0, 0x1, 0x2) ioctl$TCFLSH(0xffffffffffffffff, 0x400455c8, 0x0) bind$bt_hci(0xffffffffffffffff, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6) io_setup(0x8, &(0x7f00000002c0)=0x0) io_submit(r5, 0x8, &(0x7f0000000340)=[&(0x7f0000000100)={0x2000000000, 0x4, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000040)="0300ffff0000", 0x6}]) syz_usb_connect$hid(0x3, 0x36, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010001090003206d0414c340000000000109022400010000a0000904000001030101000921000800012203000905", @ANYBLOB="66106362e241138486dfbb740061493cd8b0fcc64c3502e570f3d46bd0ce4de2855b88e1d51d53690750302696be377f6e4b03711dd5d15f2e878d50d80beaa42ebe0a3ce285a930c6eac6898deb13e305fdb8441b781792ad23791f4bb2135fb080c3158c55d8c4406588547a7a527a731186ff56febff11797de3fa86864c2646771cd7ea7eaf276ddb8f040724b63fdd3e3484c7a45edc2f520a667b17ff928f5111d77c749f294fb740bc6d085bb331045fce32e3dff1281e17c48259bab0f858034119e788753757e8602819b35329b1fa8bb8759a7e46084c3ff4239509e5e9e52612bd45856"], 0x0) 49.57724076s ago: executing program 38 (id=758): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) ioctl$SIOCSIFHWADDR(r0, 0x8910, &(0x7f0000002280)={'syzkaller0\x00', @random="2701000068c7"}) 24.955284331s ago: executing program 7 (id=764): r0 = socket$inet_udplite(0x2, 0x2, 0x88) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r1, 0x1, &(0x7f00000003c0)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101b01) r2 = syz_open_dev$usbfs(0x0, 0x76, 0x0) ioctl$USBDEVFS_DISCONNECT_CLAIM(r2, 0x5522, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000700)='setgroups\x00') ioctl$BTRFS_IOC_DEFRAG_RANGE(r0, 0x40309410, &(0x7f0000000380)={0xfff, 0x1, 0x3, 0x3, 0x1, [0x295, 0xf, 0xd, 0xc]}) write$P9_RRENAMEAT(r3, 0x0, 0x0) 24.539591921s ago: executing program 7 (id=765): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000000)=ANY=[@ANYBLOB="300000004a00010000000000fddbdf255b"], 0x30}, 0x1, 0x0, 0x0, 0x20048800}, 0x0) 24.473901344s ago: executing program 7 (id=766): r0 = bpf$TOKEN_CREATE(0x24, &(0x7f00000001c0), 0x8) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0x0, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002ac0)={0x1a, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x18, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x20c9, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffd, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1900000004000000080000000800000000000000", @ANYRES32, @ANYRES8=r0, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/14], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x45, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000300000207b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r5}, 0x10) ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000280)={'wg2\x00'}) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r6}, 0x10) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000000040)={'wg2\x00', @multicast}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r2}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00'}, 0x10) socketpair(0x9, 0x800, 0x1, &(0x7f00000003c0)) 24.218723229s ago: executing program 7 (id=767): sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x166b1ab5eb710134) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r0 = syz_open_dev$MSR(&(0x7f0000000300), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) timerfd_create(0x2, 0x0) r1 = socket$phonet_pipe(0x23, 0x5, 0x2) ioctl$SIOCPNGETOBJECT(r1, 0x89e0, &(0x7f0000000640)=0x28b) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x20081, 0x0) r2 = socket$inet6(0xa, 0x80002, 0x88) bind$inet6(r2, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, 0x0, 0x0) setsockopt$inet6_udp_int(r2, 0x11, 0xb, &(0x7f0000000280)=0x4027e, 0x4) setsockopt$inet6_udp_encap(r2, 0x11, 0x64, 0x0, 0x0) r3 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000100)={0x0, 0x1}, 0x8) bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r2, &(0x7f0000000080), 0x0, 0x408cc, 0x0, 0x0) ioctl$SNDCTL_DSP_SPEED(r3, 0xc0045002, 0x0) 15.601731135s ago: executing program 7 (id=768): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x3, 0x8, &(0x7f0000000140)=ANY=[@ANYBLOB="180200002000000000000000040000008500000053000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8000, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000400)={r1, 0x0, 0xe, 0x0, &(0x7f0000000000)="0000000000000000009dc9000000", 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 15.429351895s ago: executing program 7 (id=769): r0 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={0x0}}, 0x44080) r2 = socket(0x10, 0x3, 0x0) r3 = socket$inet6_dccp(0xa, 0x6, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000180)=@newqdisc={0x34, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r4, {}, {0x0, 0xa}}, [@qdisc_kind_options=@q_codel={{0xa}, {0x4}}]}, 0x34}}, 0x4000) 0s ago: executing program 39 (id=769): r0 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={0x0}}, 0x44080) r2 = socket(0x10, 0x3, 0x0) r3 = socket$inet6_dccp(0xa, 0x6, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000180)=@newqdisc={0x34, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r4, {}, {0x0, 0xa}}, [@qdisc_kind_options=@q_codel={{0xa}, {0x4}}]}, 0x34}}, 0x4000) kernel console output (not intermixed with test programs): 967295 subj=_ pid=6066 comm="syz.3.66" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e6597e719 code=0x7ffc0000 [ 72.886982][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 72.895593][ T29] audit: type=1326 audit(1731467528.480:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6066 comm="syz.3.66" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f8e65980637 code=0x7ffc0000 [ 72.916813][ T29] audit: type=1326 audit(1731467528.560:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6066 comm="syz.3.66" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f8e659805ac code=0x7ffc0000 [ 72.939685][ T29] audit: type=1326 audit(1731467528.610:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6066 comm="syz.3.66" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f8e659804e4 code=0x7ffc0000 [ 73.086927][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 73.154611][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 73.298361][ T6092] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 73.405862][ T6092] loop4: detected capacity change from 0 to 524287999 [ 73.458109][ C1] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 73.467374][ C1] Buffer I/O error on dev loop4, logical block 0, async page read [ 73.479859][ C0] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 73.489114][ C0] Buffer I/O error on dev loop4, logical block 0, async page read [ 73.494756][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 73.515638][ C0] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 73.524842][ C0] Buffer I/O error on dev loop4, logical block 0, async page read [ 73.542913][ C0] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 73.552075][ C0] Buffer I/O error on dev loop4, logical block 0, async page read [ 73.560665][ C0] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 73.569819][ C0] Buffer I/O error on dev loop4, logical block 0, async page read [ 73.578389][ C0] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 73.587534][ C0] Buffer I/O error on dev loop4, logical block 0, async page read [ 73.602380][ C1] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 73.611615][ C1] Buffer I/O error on dev loop4, logical block 0, async page read [ 73.619758][ T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!! [ 73.631964][ T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!! [ 73.640212][ C1] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 73.649340][ C1] Buffer I/O error on dev loop4, logical block 0, async page read [ 73.657370][ T6092] ldm_validate_partition_table(): Disk read failed. [ 73.704737][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 73.716754][ C0] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 73.725958][ C0] Buffer I/O error on dev loop4, logical block 0, async page read [ 73.742400][ C0] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 73.751655][ C0] Buffer I/O error on dev loop4, logical block 0, async page read [ 73.770854][ T6092] Dev loop4: unable to read RDB block 0 [ 73.789184][ T6092] loop4: unable to read partition table [ 73.800862][ T6092] loop_reread_partitions: partition scan of loop4 (3Ÿ ¾x³˜CÖ) failed (rc=-5) [ 73.953252][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 73.961881][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 75.817497][ T5881] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 76.038429][ T5881] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 76.053496][ T5881] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 76.064264][ T5881] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 76.347438][ T5881] usb 2-1: config 0 descriptor?? [ 76.375905][ T5881] pwc: Askey VC010 type 2 USB webcam detected. [ 76.801209][ T969] cfg80211: failed to load regulatory.db [ 77.127346][ T5881] pwc: send_video_command error -71 [ 77.132603][ T5881] pwc: Failed to set video mode CIF@30 fps; return code = -71 [ 77.141988][ T5881] Philips webcam 2-1:0.0: probe with driver Philips webcam failed with error -71 [ 77.152840][ T5881] usb 2-1: USB disconnect, device number 4 [ 77.416450][ T25] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 77.585393][ T25] usb 1-1: Using ep0 maxpacket: 16 [ 77.646547][ T25] usb 1-1: config 0 has an invalid interface number: 8 but max is 0 [ 77.713109][ T5881] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 77.849127][ T25] usb 1-1: config 0 has no interface number 0 [ 77.988376][ T5881] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 78.042829][ T25] usb 1-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 78.103857][ T5881] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 78.123225][ T25] usb 1-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 78.137767][ T5881] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 78.148038][ T25] usb 1-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 78.157699][ T25] usb 1-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 78.168346][ T5881] usb 2-1: config 0 descriptor?? [ 78.178529][ T6162] netlink: 134744 bytes leftover after parsing attributes in process `syz.4.96'. [ 78.208761][ T5881] pwc: Askey VC010 type 2 USB webcam detected. [ 78.216669][ T25] usb 1-1: Product: syz [ 78.223022][ T25] usb 1-1: SerialNumber: syz [ 78.236254][ T25] usb 1-1: config 0 descriptor?? [ 78.263338][ T25] cm109 1-1:0.8: invalid payload size 0, expected 4 [ 78.270999][ T25] input: CM109 USB driver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.8/input/input5 [ 78.367337][ T5881] pwc: send_video_command error -71 [ 78.372623][ T5881] pwc: Failed to set video mode CIF@30 fps; return code = -71 [ 78.388323][ T5881] Philips webcam 2-1:0.0: probe with driver Philips webcam failed with error -71 [ 78.403271][ T5881] usb 2-1: USB disconnect, device number 5 [ 78.498352][ C1] cm109 1-1:0.8: cm109_urb_ctl_callback: usb_submit_urb (urb_irq) failed -90 [ 78.605621][ T29] kauditd_printk_skb: 88 callbacks suppressed [ 78.605637][ T29] audit: type=1326 audit(1731467534.830:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6175 comm="syz.4.101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9bdf7e719 code=0x7ffc0000 [ 78.649931][ T29] audit: type=1326 audit(1731467534.870:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6175 comm="syz.4.101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9bdf7e719 code=0x7ffc0000 [ 78.671314][ C1] vkms_vblank_simulate: vblank timer overrun [ 78.739263][ T9] usb 1-1: USB disconnect, device number 3 [ 78.778281][ T29] audit: type=1326 audit(1731467534.870:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6175 comm="syz.4.101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb9bdf7e719 code=0x7ffc0000 [ 78.832314][ T9] cm109 1-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 78.910082][ T29] audit: type=1326 audit(1731467534.870:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6175 comm="syz.4.101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9bdf7e719 code=0x7ffc0000 [ 78.933720][ T6184] netlink: 4 bytes leftover after parsing attributes in process `syz.1.104'. [ 79.016673][ T29] audit: type=1326 audit(1731467534.870:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6175 comm="syz.4.101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9bdf7e719 code=0x7ffc0000 [ 79.062685][ T29] audit: type=1326 audit(1731467534.870:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6175 comm="syz.4.101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb9bdf7d0b0 code=0x7ffc0000 [ 79.084143][ C1] vkms_vblank_simulate: vblank timer overrun [ 79.090682][ T29] audit: type=1326 audit(1731467534.870:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6175 comm="syz.4.101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fb9bdf7ff47 code=0x7ffc0000 [ 79.113391][ T29] audit: type=1326 audit(1731467534.870:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6175 comm="syz.4.101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb9bdf7e719 code=0x7ffc0000 [ 79.134678][ C1] vkms_vblank_simulate: vblank timer overrun [ 79.142638][ T29] audit: type=1326 audit(1731467534.870:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6175 comm="syz.4.101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fb9bdf7ff47 code=0x7ffc0000 [ 79.446765][ T29] audit: type=1326 audit(1731467534.870:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6175 comm="syz.4.101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fb9bdf7d3aa code=0x7ffc0000 [ 79.468014][ C1] vkms_vblank_simulate: vblank timer overrun [ 80.707607][ T6201] syz.1.110 (6201) used greatest stack depth: 18648 bytes left [ 80.807272][ T6195] netlink: 134744 bytes leftover after parsing attributes in process `syz.2.109'. [ 81.056033][ T5881] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 81.262681][ T969] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 81.359803][ T6230] netlink: 36 bytes leftover after parsing attributes in process `syz.0.118'. [ 81.369138][ T5881] usb 5-1: Using ep0 maxpacket: 8 [ 81.383044][ T5881] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 81.406889][ T5881] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 81.465435][ T5881] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 81.519958][ T5881] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 81.827942][ T5881] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 81.960480][ T5881] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 81.983193][ T969] usb 2-1: device descriptor read/64, error -71 [ 81.983325][ T5881] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 82.223114][ T969] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 82.254942][ T5881] usb 5-1: usb_control_msg returned -32 [ 82.260858][ T5881] usbtmc 5-1:16.0: can't read capabilities [ 83.067323][ T969] usb 2-1: device descriptor read/64, error -71 [ 83.183248][ T969] usb usb2-port1: attempt power cycle [ 83.423029][ T5879] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 83.533041][ T969] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 83.563957][ T969] usb 2-1: device descriptor read/8, error -71 [ 83.583069][ T5879] usb 4-1: Using ep0 maxpacket: 8 [ 83.599571][ T5879] usb 4-1: config 135 has an invalid interface number: 230 but max is 0 [ 83.618653][ T5879] usb 4-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config [ 83.630016][ T5879] usb 4-1: config 135 has no interface number 0 [ 83.637674][ T5879] usb 4-1: too many endpoints for config 135 interface 230 altsetting 126: 53, using maximum allowed: 30 [ 83.649217][ T5879] usb 4-1: config 135 interface 230 altsetting 126 has 0 endpoint descriptors, different from the interface descriptor's value: 53 [ 83.680225][ T5882] usb 5-1: USB disconnect, device number 4 [ 83.705360][ T5879] usb 4-1: config 135 interface 230 has no altsetting 0 [ 83.718399][ T5879] usb 4-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a [ 83.735653][ T5879] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 83.765686][ T5879] usb 4-1: Product: syz [ 83.779471][ T5879] usb 4-1: Manufacturer: syz [ 83.792184][ T5879] usb 4-1: SerialNumber: syz [ 83.823087][ T969] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 83.854045][ T969] usb 2-1: device descriptor read/8, error -71 [ 84.009344][ T29] kauditd_printk_skb: 69 callbacks suppressed [ 84.009365][ T29] audit: type=1326 audit(1731467540.150:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6242 comm="syz.0.121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0dd877e719 code=0x7ffc0000 [ 84.025838][ T5882] usb 4-1: USB disconnect, device number 4 [ 84.044612][ T969] usb usb2-port1: unable to enumerate USB device [ 84.132248][ T6262] netlink: 36 bytes leftover after parsing attributes in process `syz.0.129'. [ 84.152965][ T29] audit: type=1326 audit(1731467540.150:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6242 comm="syz.0.121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0dd877e719 code=0x7ffc0000 [ 85.933081][ T5881] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 86.098512][ T6289] netlink: 'syz.2.137': attribute type 10 has an invalid length. [ 86.118509][ T6288] Illegal XDP return value 4294967274 on prog (id 13) dev N/A, expect packet loss! [ 86.130831][ T6289] netlink: 2 bytes leftover after parsing attributes in process `syz.2.137'. [ 86.143956][ T6289] team0: entered promiscuous mode [ 86.149017][ T6289] team_slave_0: entered promiscuous mode [ 86.171724][ T6289] team_slave_1: entered promiscuous mode [ 86.191260][ T6289] bridge0: port 3(team0) entered blocking state [ 86.211629][ T6289] bridge0: port 3(team0) entered disabled state [ 86.233093][ T6289] team0: entered allmulticast mode [ 86.250318][ T6289] team_slave_0: entered allmulticast mode [ 86.275439][ T6289] team_slave_1: entered allmulticast mode [ 86.296813][ T6289] bridge0: port 3(team0) entered blocking state [ 86.303877][ T6289] bridge0: port 3(team0) entered forwarding state [ 86.390518][ T6293] capability: warning: `syz.3.136' uses deprecated v2 capabilities in a way that may be insecure [ 86.403000][ T5881] usb 2-1: Using ep0 maxpacket: 32 [ 86.457206][ T5881] usb 2-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 86.467993][ T5881] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 86.477102][ T5881] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 86.489523][ T5881] usb 2-1: config 0 descriptor?? [ 86.498078][ T5881] hub 2-1:0.0: bad descriptor, ignoring hub [ 86.576946][ T5881] hub 2-1:0.0: probe with driver hub failed with error -5 [ 86.621656][ T5881] usbhid 2-1:0.0: couldn't find an input interrupt endpoint [ 87.466609][ T6309] netlink: 16 bytes leftover after parsing attributes in process `syz.2.143'. [ 87.752168][ T6319] tipc: Started in network mode [ 87.771121][ T6319] tipc: Node identity ac1414aa, cluster identity 4711 [ 87.801098][ T6319] tipc: Enabled bearer , priority 10 [ 87.973481][ T969] usb 2-1: USB disconnect, device number 10 [ 88.128730][ T6333] netlink: 24 bytes leftover after parsing attributes in process `syz.1.153'. [ 88.836168][ T6344] netlink: 16 bytes leftover after parsing attributes in process `syz.1.155'. [ 88.919455][ T5910] tipc: Node number set to 2886997162 [ 89.547862][ T6364] netlink: 36 bytes leftover after parsing attributes in process `syz.0.166'. [ 89.556236][ T6365] netlink: 'syz.1.165': attribute type 10 has an invalid length. [ 89.572778][ T6365] netlink: 2 bytes leftover after parsing attributes in process `syz.1.165'. [ 89.790883][ T6372] netlink: 16 bytes leftover after parsing attributes in process `syz.1.168'. [ 90.798999][ T6383] netlink: 28 bytes leftover after parsing attributes in process `syz.4.173'. [ 91.156699][ T6392] netlink: 'syz.0.175': attribute type 9 has an invalid length. [ 91.164478][ T6392] netlink: 132304 bytes leftover after parsing attributes in process `syz.0.175'. [ 91.213138][ T6398] netlink: 'syz.3.178': attribute type 10 has an invalid length. [ 91.269707][ T6398] netlink: 2 bytes leftover after parsing attributes in process `syz.3.178'. [ 91.310826][ T6398] team0: entered promiscuous mode [ 91.324542][ T6398] team_slave_0: entered promiscuous mode [ 91.355739][ T6398] team_slave_1: entered promiscuous mode [ 91.385978][ T6398] bridge0: port 3(team0) entered blocking state [ 91.411088][ T6404] netlink: 16 bytes leftover after parsing attributes in process `syz.4.180'. [ 91.423177][ T6398] bridge0: port 3(team0) entered disabled state [ 91.463240][ T6398] team0: entered allmulticast mode [ 91.479163][ T6398] team_slave_0: entered allmulticast mode [ 91.499756][ T6398] team_slave_1: entered allmulticast mode [ 91.523620][ T6398] bridge0: port 3(team0) entered blocking state [ 91.530036][ T6398] bridge0: port 3(team0) entered forwarding state [ 91.702078][ T6414] bridge0: port 3(gretap0) entered blocking state [ 91.738610][ T6414] bridge0: port 3(gretap0) entered disabled state [ 91.764472][ T6414] gretap0: entered allmulticast mode [ 91.804994][ T6414] gretap0: entered promiscuous mode [ 91.844404][ T6414] bridge0: port 3(gretap0) entered blocking state [ 91.851591][ T6414] bridge0: port 3(gretap0) entered forwarding state [ 91.958088][ T6419] netlink: 4 bytes leftover after parsing attributes in process `syz.3.187'. [ 92.367641][ T6419] bridge0: entered promiscuous mode [ 92.374714][ T6419] macvtap1: entered promiscuous mode [ 92.380464][ T6419] macvtap1: entered allmulticast mode [ 92.388110][ T6419] bridge0: entered allmulticast mode [ 92.399267][ T6421] bridge0: left allmulticast mode [ 92.406014][ T6421] bridge0: left promiscuous mode [ 92.419174][ T6420] gretap0: left allmulticast mode [ 92.441506][ T6420] gretap0: left promiscuous mode [ 92.447933][ T6420] bridge0: port 3(gretap0) entered disabled state [ 92.825585][ T6437] netlink: 'syz.2.192': attribute type 9 has an invalid length. [ 92.833357][ T6437] netlink: 132304 bytes leftover after parsing attributes in process `syz.2.192'. [ 93.104693][ T25] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 93.161224][ T6451] netlink: 40 bytes leftover after parsing attributes in process `syz.0.196'. [ 93.327011][ T25] usb 2-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47 [ 93.336535][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 93.346489][ T6456] netlink: 'syz.0.198': attribute type 10 has an invalid length. [ 93.367597][ T25] usb 2-1: config 0 descriptor?? [ 93.380574][ T6456] team0: entered promiscuous mode [ 93.403048][ T6456] team_slave_0: entered promiscuous mode [ 93.405219][ T25] gspca_main: STV06xx-2.14.0 probing 046d:0870 [ 93.433199][ T6456] team_slave_1: entered promiscuous mode [ 93.443446][ T6456] bridge0: port 3(team0) entered blocking state [ 93.449833][ T6456] bridge0: port 3(team0) entered disabled state [ 93.473896][ T6456] team0: entered allmulticast mode [ 93.479081][ T6456] team_slave_0: entered allmulticast mode [ 93.503047][ T6456] team_slave_1: entered allmulticast mode [ 93.521704][ T6456] bridge0: port 3(team0) entered blocking state [ 93.528095][ T6456] bridge0: port 3(team0) entered forwarding state [ 93.913637][ T6467] netlink: 'syz.4.202': attribute type 39 has an invalid length. [ 94.818560][ T6479] netlink: 'syz.2.207': attribute type 9 has an invalid length. [ 94.826385][ T6479] __nla_validate_parse: 1 callbacks suppressed [ 94.826394][ T6479] netlink: 132304 bytes leftover after parsing attributes in process `syz.2.207'. [ 95.013182][ T25] usb 2-1: USB disconnect, device number 11 [ 95.553157][ T25] usb 1-1: new full-speed USB device number 4 using dummy_hcd [ 95.864780][ T25] usb 1-1: config index 0 descriptor too short (expected 156, got 27) [ 95.873436][ T25] usb 1-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 95.886751][ T25] usb 1-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 10 [ 95.928431][ T25] usb 1-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid maxpacket 255, setting to 64 [ 95.940878][ T25] usb 1-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 96.061989][ T25] usb 1-1: config 0 interface 0 has no altsetting 0 [ 96.440446][ T25] usb 1-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 96.541168][ T25] usb 1-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 96.572917][ T25] usb 1-1: Product: syz [ 96.577116][ T25] usb 1-1: Manufacturer: syz [ 96.618644][ T25] usb 1-1: SerialNumber: syz [ 96.671810][ T25] usb 1-1: config 0 descriptor?? [ 96.677700][ T6497] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 96.686557][ T25] ldusb 1-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 96.905100][ T5881] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 96.913445][ T25] ldusb 1-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 97.070862][ T5882] usb 1-1: USB disconnect, device number 4 [ 97.078716][ T5882] ldusb 1-1:0.0: LD USB Device #0 now disconnected [ 97.265606][ T5881] usb 5-1: Using ep0 maxpacket: 32 [ 97.272491][ T5881] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 97.290669][ T5881] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 97.299941][ T5881] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 97.310130][ T5881] usb 5-1: Product: syz [ 97.330044][ T5881] usb 5-1: Manufacturer: syz [ 97.352104][ T5881] usb 5-1: SerialNumber: syz [ 97.914415][ T5881] usb 5-1: config 0 descriptor?? [ 97.948714][ T6520] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 98.179618][ T5881] usb 5-1: USB disconnect, device number 5 [ 98.524772][ T6552] kvm: emulating exchange as write [ 99.249764][ T6580] trusted_key: syz.3.243 sent an empty control message without MSG_MORE. [ 99.301301][ T6583] netlink: 4 bytes leftover after parsing attributes in process `syz.0.244'. [ 99.320525][ T6583] syz_tun: entered promiscuous mode [ 99.326527][ T6583] macsec1: entered promiscuous mode [ 99.335019][ T6583] syz_tun: left promiscuous mode [ 99.456194][ C0] TCP: request_sock_subflow_v6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 99.710201][ T6594] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition [ 99.728607][ T6595] netlink: 16 bytes leftover after parsing attributes in process `syz.1.250'. [ 99.746893][ T6594] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0) [ 100.135290][ T6603] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 100.144481][ T6603] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 101.028271][ T6618] IPVS: length: 251 != 24 [ 101.147116][ T6626] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition [ 101.157779][ T6626] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0) [ 101.573471][ T6639] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 101.582543][ T6639] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 102.183990][ T5881] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 102.220772][ T6638] tipc: Started in network mode [ 102.234352][ T6638] tipc: Node identity 3a000000000000000000000000000001, cluster identity 4711 [ 102.245863][ T6638] tipc: Enabling of bearer rejected, failed to enable media [ 102.363206][ T5881] usb 4-1: Using ep0 maxpacket: 8 [ 102.370128][ T5881] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 102.381723][ T5881] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 102.441644][ T5881] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 102.471574][ T5881] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 102.503022][ T5881] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 102.518911][ T5881] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 103.884230][ T5881] usb 4-1: usb_control_msg returned -32 [ 103.889961][ T5881] usbtmc 4-1:16.0: can't read capabilities [ 104.537368][ T6664] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition [ 104.589767][ T6664] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0) [ 104.640515][ T6670] netlink: 4 bytes leftover after parsing attributes in process `syz.4.279'. [ 104.655857][ T6670] syz_tun: entered promiscuous mode [ 104.661252][ T6670] macsec1: entered promiscuous mode [ 104.679824][ T52] Bluetooth: Error in BCSP hdr checksum [ 104.933528][ T6535] Bluetooth: Error in BCSP hdr checksum [ 105.463506][ T6685] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 105.472432][ T6685] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 105.715597][ T6686] netlink: 24 bytes leftover after parsing attributes in process `syz.4.286'. [ 106.443116][ T54] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 106.715793][ T5882] usb 4-1: USB disconnect, device number 5 [ 108.864286][ T6697] netlink: 8 bytes leftover after parsing attributes in process `syz.4.286'. [ 109.109135][ T6709] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition [ 109.147247][ T6709] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0) [ 109.333994][ T969] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 109.749266][ T6726] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 109.758415][ T6726] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 110.325743][ T35] bridge0: port 2(bridge_slave_1) entered disabled state [ 110.814934][ T52] Bluetooth: Error in BCSP hdr checksum [ 111.084573][ T3017] Bluetooth: Error in BCSP hdr checksum [ 111.115722][ T969] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 111.125932][ T969] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 111.138949][ T969] usb 2-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9 [ 111.148108][ T969] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 111.158187][ T969] usb 2-1: config 0 descriptor?? [ 111.204648][ T969] gspca_main: spca561-2.14.0 probing abcd:cdee [ 111.420382][ T969] spca561 2-1:0.0: probe with driver spca561 failed with error -22 [ 111.448930][ T969] usb 2-1: Quirk or no altset; falling back to MIDI 1.0 [ 111.464203][ T3017] Bluetooth: Error in BCSP hdr checksum [ 111.493644][ T969] usb 2-1: MIDIStreaming interface descriptor not found [ 111.723555][ T11] Bluetooth: Error in BCSP hdr checksum [ 111.993486][ T52] Bluetooth: Error in BCSP hdr checksum [ 112.247200][ T11] Bluetooth: Error in BCSP hdr checksum [ 112.289963][ T969] usb 2-1: USB disconnect, device number 12 [ 112.505917][ T54] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 112.565515][ T5847] udevd[5847]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 112.708675][ T6765] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 112.718651][ T6765] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 113.411317][ T6757] bridge_slave_0: left allmulticast mode [ 113.425994][ T6757] bridge_slave_0: left promiscuous mode [ 113.499513][ T6757] bridge0: port 1(bridge_slave_0) entered disabled state [ 113.500606][ T6776] Cannot find set identified by id 0 to match [ 113.610161][ T6757] bridge_slave_1: left allmulticast mode [ 113.643546][ T6757] bridge_slave_1: left promiscuous mode [ 113.649309][ T6757] bridge0: port 2(bridge_slave_1) entered disabled state [ 113.760128][ T6757] bond0: (slave bond_slave_0): Releasing backup interface [ 113.775292][ T6757] bond0: (slave bond_slave_1): Releasing backup interface [ 113.798272][ T6757] team0: Port device team_slave_0 removed [ 113.808829][ T6757] team0: Port device team_slave_1 removed [ 113.815863][ T6757] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 113.824506][ T6757] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 113.833858][ T5881] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 114.124616][ T5881] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 114.165007][ T5881] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFD, changing to 0x8D [ 114.281105][ T5881] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 114.408690][ T5881] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8D has invalid maxpacket 59391, setting to 1024 [ 114.487746][ T6757] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 114.495321][ T6757] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 114.503554][ T5881] usb 1-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9 [ 114.524336][ T5881] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 114.545560][ T5881] usb 1-1: config 0 descriptor?? [ 114.552371][ T6780] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 114.578315][ T5881] gspca_main: spca561-2.14.0 probing abcd:cdee [ 116.111158][ T5881] spca561 1-1:0.0: probe with driver spca561 failed with error -22 [ 116.120113][ T5881] usb 1-1: Quirk or no altset; falling back to MIDI 1.0 [ 116.127443][ T5881] usb 1-1: MIDIStreaming interface descriptor not found [ 116.181214][ T5832] udevd[5832]: failed to send result of seq 11534 to main daemon: Connection refused [ 116.183328][ T5881] usb 1-1: USB disconnect, device number 5 [ 116.447708][ T6809] netlink: 8 bytes leftover after parsing attributes in process `syz.2.330'. [ 116.513771][ T6809] netlink: 'syz.2.330': attribute type 21 has an invalid length. [ 116.521601][ T6809] netlink: 160 bytes leftover after parsing attributes in process `syz.2.330'. [ 116.669321][ T6825] netlink: 4 bytes leftover after parsing attributes in process `syz.0.338'. [ 116.799320][ T6833] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 116.836163][ T6833] Cannot find set identified by id 0 to match [ 117.109678][ T6854] netlink: 8 bytes leftover after parsing attributes in process `syz.0.352'. [ 117.163909][ T6860] veth0_to_hsr: entered promiscuous mode [ 117.236190][ T6848] hsr_slave_0 (unregistering): left promiscuous mode [ 117.393076][ T969] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 118.235126][ T5833] Bluetooth: hci5: command 0x1003 tx timeout [ 118.242444][ T54] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 118.251460][ T969] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 118.270382][ T969] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 118.280763][ T969] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 118.297054][ T969] usb 3-1: config 0 descriptor?? [ 118.308590][ T969] pwc: Askey VC010 type 2 USB webcam detected. [ 119.211605][ T969] pwc: send_video_command error -71 [ 119.216994][ T969] pwc: Failed to set video mode CIF@30 fps; return code = -71 [ 119.224642][ T969] Philips webcam 3-1:0.0: probe with driver Philips webcam failed with error -71 [ 119.236444][ T969] usb 3-1: USB disconnect, device number 3 [ 119.540663][ T6906] netlink: 4 bytes leftover after parsing attributes in process `syz.0.368'. [ 119.693036][ T969] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 119.844711][ T969] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 119.855081][ T969] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 119.864252][ T969] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 119.875033][ T969] usb 3-1: config 0 descriptor?? [ 119.884490][ T969] pwc: Askey VC010 type 2 USB webcam detected. [ 120.287927][ T969] pwc: recv_control_msg error -32 req 02 val 2b00 [ 120.296882][ T969] pwc: recv_control_msg error -32 req 02 val 2700 [ 120.303951][ T969] pwc: recv_control_msg error -32 req 02 val 2c00 [ 120.311618][ T969] pwc: recv_control_msg error -32 req 04 val 1000 [ 120.321647][ T969] pwc: recv_control_msg error -32 req 04 val 1300 [ 120.330598][ T6917] netlink: 'syz.1.374': attribute type 8 has an invalid length. [ 120.331073][ T969] pwc: recv_control_msg error -32 req 04 val 1400 [ 120.355721][ T969] pwc: recv_control_msg error -32 req 02 val 2000 [ 120.365807][ T969] pwc: recv_control_msg error -32 req 02 val 2100 [ 120.385580][ T969] pwc: recv_control_msg error -32 req 04 val 1500 [ 120.597379][ T969] pwc: recv_control_msg error -71 req 02 val 2400 [ 120.600761][ T6930] netlink: 12 bytes leftover after parsing attributes in process `syz.1.380'. [ 120.613364][ T969] pwc: recv_control_msg error -71 req 02 val 2600 [ 120.639566][ T969] pwc: recv_control_msg error -71 req 02 val 2900 [ 120.652696][ T969] pwc: recv_control_msg error -71 req 02 val 2800 [ 120.663137][ T969] pwc: recv_control_msg error -71 req 04 val 1100 [ 120.670961][ T969] pwc: recv_control_msg error -71 req 04 val 1200 [ 120.680601][ T969] pwc: Registered as video103. [ 120.686610][ T969] input: PWC snapshot button as /devices/platform/dummy_hcd.2/usb3/3-1/input/input6 [ 120.699561][ T969] usb 3-1: USB disconnect, device number 4 [ 120.773841][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 120.895746][ T6944] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 120.905903][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 122.054022][ T5879] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 122.073463][ T969] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 122.233189][ T969] usb 5-1: Using ep0 maxpacket: 32 [ 122.276513][ T969] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x66, changing to 0x6 [ 122.332980][ T969] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 25187, setting to 64 [ 122.355312][ T969] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 122.381268][ T969] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 122.397182][ T969] usb 5-1: config 0 descriptor?? [ 122.409379][ T969] hub 5-1:0.0: bad descriptor, ignoring hub [ 122.425301][ T969] hub 5-1:0.0: probe with driver hub failed with error -5 [ 122.444023][ T969] usbhid 5-1:0.0: couldn't find an input interrupt endpoint [ 122.543012][ T5882] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 122.667911][ T6980] caif0: entered promiscuous mode [ 122.676878][ T6980] caif0: entered allmulticast mode [ 122.714139][ T5882] usb 1-1: Using ep0 maxpacket: 8 [ 122.723461][ T5882] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 122.739569][ T5882] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 122.751764][ T5882] usb 1-1: New USB device found, idVendor=0c45, idProduct=613e, bcdDevice=c4.6d [ 122.764776][ T5882] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 122.772804][ T5882] usb 1-1: Product: syz [ 122.778385][ T5882] usb 1-1: Manufacturer: syz [ 122.785016][ T5882] usb 1-1: SerialNumber: syz [ 122.790904][ T5882] usb 1-1: config 0 descriptor?? [ 122.943036][ T5920] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 123.002746][ T5881] usb 1-1: USB disconnect, device number 6 [ 123.131323][ T5920] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 123.141661][ T5920] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 123.150959][ T5920] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 123.162807][ T5920] usb 2-1: config 0 descriptor?? [ 123.171706][ T5920] pwc: Askey VC010 type 2 USB webcam detected. [ 123.223450][ T29] audit: type=1326 audit(1731467579.450:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6987 comm="syz.2.406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d1317e719 code=0x7ffc0000 [ 123.245738][ T29] audit: type=1326 audit(1731467579.450:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6987 comm="syz.2.406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d1317e719 code=0x7ffc0000 [ 123.270987][ T29] audit: type=1326 audit(1731467579.450:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6987 comm="syz.2.406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2d1317e719 code=0x7ffc0000 [ 123.300229][ T29] audit: type=1326 audit(1731467579.450:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6987 comm="syz.2.406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d1317e719 code=0x7ffc0000 [ 123.328551][ T29] audit: type=1326 audit(1731467579.450:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6987 comm="syz.2.406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d1317e719 code=0x7ffc0000 [ 123.378291][ T29] audit: type=1326 audit(1731467579.450:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6987 comm="syz.2.406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2d1317e719 code=0x7ffc0000 [ 123.406692][ T29] audit: type=1326 audit(1731467579.450:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6987 comm="syz.2.406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d1317e719 code=0x7ffc0000 [ 123.490306][ T29] audit: type=1326 audit(1731467579.450:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6987 comm="syz.2.406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2d1317d0b0 code=0x7ffc0000 [ 123.495202][ T5881] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 123.520066][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 123.521264][ T29] audit: type=1326 audit(1731467579.450:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6987 comm="syz.2.406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f2d1317ff47 code=0x7ffc0000 [ 123.529207][ T5920] pwc: send_video_command error -71 [ 123.556559][ T5920] pwc: Failed to set video mode CIF@30 fps; return code = -71 [ 123.564180][ T5920] Philips webcam 2-1:0.0: probe with driver Philips webcam failed with error -71 [ 123.564735][ T29] audit: type=1326 audit(1731467579.450:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6987 comm="syz.2.406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2d1317e719 code=0x7ffc0000 [ 123.577273][ T5920] usb 2-1: USB disconnect, device number 13 [ 123.617359][ T6992] netlink: 'syz.3.407': attribute type 4 has an invalid length. [ 124.212201][ T7001] netlink: 4 bytes leftover after parsing attributes in process `syz.2.410'. [ 124.221707][ T5920] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 124.231572][ T7001] netlink: 4 bytes leftover after parsing attributes in process `syz.2.410'. [ 124.267334][ T7001] netlink: 4 bytes leftover after parsing attributes in process `syz.2.410'. [ 124.276442][ T7001] netlink: 4 bytes leftover after parsing attributes in process `syz.2.410'. [ 124.336864][ T7001] netlink: 4 bytes leftover after parsing attributes in process `syz.2.410'. [ 124.345897][ T7001] netlink: 4 bytes leftover after parsing attributes in process `syz.2.410'. [ 124.414785][ T5920] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 124.434204][ T5920] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 124.448060][ T5920] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 124.471382][ T5920] usb 2-1: config 0 descriptor?? [ 124.496397][ T5920] pwc: Askey VC010 type 2 USB webcam detected. [ 124.658333][ T7014] netlink: 164 bytes leftover after parsing attributes in process `syz.4.414'. [ 124.667838][ T5882] usb 5-1: USB disconnect, device number 6 [ 125.040248][ T5881] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 125.048461][ T5920] pwc: recv_control_msg error -32 req 02 val 2b00 [ 125.062836][ T5920] pwc: recv_control_msg error -32 req 02 val 2700 [ 125.069849][ T5920] pwc: recv_control_msg error -32 req 02 val 2c00 [ 125.082146][ T5920] pwc: recv_control_msg error -32 req 04 val 1000 [ 125.089302][ T5920] pwc: recv_control_msg error -32 req 04 val 1300 [ 125.101920][ T5920] pwc: recv_control_msg error -32 req 04 val 1400 [ 125.120028][ T5920] pwc: recv_control_msg error -32 req 02 val 2000 [ 125.127762][ T5920] pwc: recv_control_msg error -32 req 02 val 2100 [ 125.135135][ T5920] pwc: recv_control_msg error -32 req 04 val 1500 [ 125.214212][ T5881] usb 4-1: Using ep0 maxpacket: 16 [ 125.221889][ T5881] usb 4-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 125.233802][ T5881] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD7, changing to 0x87 [ 125.233861][ T5879] IPVS: starting estimator thread 0... [ 125.245578][ T5881] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 125.265629][ T5882] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 125.273115][ T5881] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x87 has invalid wMaxPacketSize 0 [ 125.287822][ T5881] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 125.325426][ T5881] usb 4-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89 [ 125.334781][ T5881] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 125.363007][ T5920] pwc: recv_control_msg error -71 req 02 val 2400 [ 125.369600][ T5881] usb 4-1: Product: syz [ 125.374159][ T5881] usb 4-1: Manufacturer: syz [ 125.379025][ T5881] usb 4-1: SerialNumber: syz [ 125.386594][ T7035] IPVS: using max 21 ests per chain, 50400 per kthread [ 125.393632][ T5920] pwc: recv_control_msg error -71 req 02 val 2600 [ 125.401601][ T5881] usb 4-1: config 0 descriptor?? [ 125.406833][ T5920] pwc: recv_control_msg error -71 req 02 val 2900 [ 125.422989][ T5920] pwc: recv_control_msg error -71 req 02 val 2800 [ 125.431840][ T5881] appledisplay 4-1:0.0: Submitting URB failed [ 125.438174][ T5881] appledisplay 4-1:0.0: probe with driver appledisplay failed with error -5 [ 125.451228][ T5920] pwc: recv_control_msg error -71 req 04 val 1100 [ 125.461669][ T5920] pwc: recv_control_msg error -71 req 04 val 1200 [ 125.545453][ T5920] pwc: Registered as video103. [ 125.563828][ T5920] input: PWC snapshot button as /devices/platform/dummy_hcd.1/usb2/2-1/input/input7 [ 125.585916][ T5920] usb 2-1: USB disconnect, device number 14 [ 126.260560][ T7046] Cannot find set identified by id 0 to match [ 126.452092][ T5881] usb 4-1: USB disconnect, device number 6 [ 126.693005][ T46] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 126.854290][ T46] usb 3-1: Using ep0 maxpacket: 32 [ 126.871571][ T46] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x66, changing to 0x6 [ 126.903672][ T46] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 25187, setting to 64 [ 126.917742][ T46] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 127.080448][ T46] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 127.090653][ T46] usb 3-1: config 0 descriptor?? [ 127.099821][ T46] hub 3-1:0.0: bad descriptor, ignoring hub [ 127.123082][ T7079] netlink: 4 bytes leftover after parsing attributes in process `syz.1.438'. [ 127.128574][ T46] hub 3-1:0.0: probe with driver hub failed with error -5 [ 127.144578][ T46] usbhid 3-1:0.0: couldn't find an input interrupt endpoint [ 127.433024][ T46] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 128.444660][ T46] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 128.457754][ T46] usb 5-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 128.466876][ T46] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 128.476796][ T46] usb 5-1: config 0 descriptor?? [ 128.485980][ T46] pwc: Askey VC010 type 2 USB webcam detected. [ 128.723866][ T969] usb 3-1: USB disconnect, device number 5 [ 128.774533][ T46] pwc: send_video_command error -71 [ 128.780095][ T46] pwc: Failed to set video mode CIF@30 fps; return code = -71 [ 128.798749][ T46] Philips webcam 5-1:0.0: probe with driver Philips webcam failed with error -71 [ 128.851777][ T46] usb 5-1: USB disconnect, device number 7 [ 129.431237][ T5879] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 129.603043][ T5879] usb 1-1: Using ep0 maxpacket: 8 [ 129.610587][ T5879] usb 1-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 129.620210][ T5879] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 129.630911][ T5879] usb 1-1: config 0 descriptor?? [ 129.716079][ T7128] bridge0: port 4(gretap0) entered blocking state [ 129.722997][ T7128] bridge0: port 4(gretap0) entered disabled state [ 129.729721][ T7128] gretap0: entered allmulticast mode [ 129.737355][ T7128] gretap0: entered promiscuous mode [ 129.752574][ T7128] bridge0: port 4(gretap0) entered blocking state [ 129.759180][ T7128] bridge0: port 4(gretap0) entered forwarding state [ 129.768009][ T7129] gretap0: left allmulticast mode [ 129.773675][ T46] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 129.783074][ T7129] gretap0: left promiscuous mode [ 129.788610][ T7129] bridge0: port 4(gretap0) entered disabled state [ 129.944877][ T46] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 129.957423][ T46] usb 5-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 129.967751][ T46] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 129.979645][ T46] usb 5-1: config 0 descriptor?? [ 129.995251][ T46] pwc: Askey VC010 type 2 USB webcam detected. [ 130.061931][ T5879] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -32 [ 130.087027][ T5879] asix 1-1:0.0 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffe0 [ 130.101117][ T5879] asix 1-1:0.0: probe with driver asix failed with error -32 [ 130.461632][ T46] pwc: recv_control_msg error -32 req 02 val 2b00 [ 130.469617][ T46] pwc: recv_control_msg error -32 req 02 val 2700 [ 130.476662][ T46] pwc: recv_control_msg error -32 req 02 val 2c00 [ 130.486530][ T46] pwc: recv_control_msg error -32 req 04 val 1000 [ 130.493723][ T46] pwc: recv_control_msg error -32 req 04 val 1300 [ 130.500645][ T46] pwc: recv_control_msg error -32 req 04 val 1400 [ 130.508555][ T46] pwc: recv_control_msg error -32 req 02 val 2000 [ 130.515486][ T46] pwc: recv_control_msg error -32 req 02 val 2100 [ 130.596317][ T46] pwc: recv_control_msg error -32 req 04 val 1500 [ 130.832579][ T46] pwc: recv_control_msg error -71 req 02 val 2400 [ 130.874297][ T46] pwc: recv_control_msg error -71 req 02 val 2600 [ 130.997928][ T25] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 131.030053][ T46] pwc: recv_control_msg error -71 req 02 val 2900 [ 131.189442][ T5881] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 131.197788][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 131.223327][ T5920] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 131.231632][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 131.331426][ T46] pwc: recv_control_msg error -71 req 02 val 2800 [ 131.357859][ T46] pwc: recv_control_msg error -71 req 04 val 1100 [ 131.386941][ T46] pwc: recv_control_msg error -71 req 04 val 1200 [ 131.393547][ T25] usb 2-1: Using ep0 maxpacket: 32 [ 131.408480][ T25] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x66, changing to 0x6 [ 131.572895][ T46] pwc: Registered as video103. [ 131.578307][ T46] input: PWC snapshot button as /devices/platform/dummy_hcd.4/usb5/5-1/input/input8 [ 131.587763][ T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 25187, setting to 64 [ 131.600729][ T46] usb 5-1: USB disconnect, device number 8 [ 131.606588][ T25] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 131.617592][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 131.632735][ T25] usb 2-1: config 0 descriptor?? [ 131.651400][ T25] hub 2-1:0.0: bad descriptor, ignoring hub [ 131.680536][ T25] hub 2-1:0.0: probe with driver hub failed with error -5 [ 131.692273][ T25] usbhid 2-1:0.0: couldn't find an input interrupt endpoint [ 131.742060][ T5882] usb 1-1: USB disconnect, device number 7 [ 132.113097][ T5879] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 132.936792][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 134.003024][ T5879] usb 4-1: Using ep0 maxpacket: 16 [ 134.010478][ T5879] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 134.021508][ T5879] usb 4-1: config 0 has no interfaces? [ 134.027157][ T5879] usb 4-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4 [ 134.036491][ T5879] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 134.046750][ T5879] usb 4-1: config 0 descriptor?? [ 134.073161][ T5920] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 134.097527][ T5879] usb 2-1: USB disconnect, device number 15 [ 134.243040][ T5920] usb 1-1: Using ep0 maxpacket: 8 [ 134.266934][ T5920] usb 1-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 134.281358][ T5920] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 134.282227][ T7192] syzkaller0: entered promiscuous mode [ 134.297197][ T5920] usb 1-1: config 0 descriptor?? [ 134.313532][ T7192] syzkaller0: entered allmulticast mode [ 134.521602][ T5920] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -61 [ 134.550874][ T5920] asix 1-1:0.0: probe with driver asix failed with error -61 [ 134.588676][ T7202] netlink: 8 bytes leftover after parsing attributes in process `syz.4.480'. [ 134.647976][ T7200] netlink: 4 bytes leftover after parsing attributes in process `syz.1.479'. [ 135.716344][ T5882] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 135.733848][ T5879] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 135.767909][ T969] usb 4-1: USB disconnect, device number 7 [ 136.013431][ T5920] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 136.184931][ T5920] usb 5-1: Using ep0 maxpacket: 32 [ 136.201992][ T5920] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 136.287380][ T5920] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 136.304109][ T5920] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 136.312325][ T5920] usb 5-1: Product: syz [ 136.322404][ T5920] usb 5-1: Manufacturer: syz [ 136.327318][ T5920] usb 5-1: SerialNumber: syz [ 136.347967][ T5920] usb 5-1: config 0 descriptor?? [ 136.354038][ T7221] raw-gadget.3 gadget.4: fail, usb_ep_enable returned -22 [ 136.495690][ T5882] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 136.647085][ T969] usb 5-1: USB disconnect, device number 9 [ 136.653146][ T5882] usb 2-1: Using ep0 maxpacket: 32 [ 136.659546][ T5882] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x66, changing to 0x6 [ 136.673346][ T5882] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 25187, setting to 64 [ 136.769537][ T7237] fuse: Bad value for 'fd' [ 137.324856][ T46] usb 1-1: USB disconnect, device number 8 [ 137.413768][ T5882] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 137.423230][ T5882] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 137.434282][ T5882] usb 2-1: config 0 descriptor?? [ 137.441097][ T5882] hub 2-1:0.0: bad descriptor, ignoring hub [ 137.448203][ T5882] hub 2-1:0.0: probe with driver hub failed with error -5 [ 137.457123][ T5882] usbhid 2-1:0.0: couldn't find an input interrupt endpoint [ 137.506743][ T7243] netlink: 4 bytes leftover after parsing attributes in process `syz.2.493'. [ 139.168945][ T5920] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 139.177308][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 139.230164][ T11] Bluetooth: Error in BCSP hdr checksum [ 139.483548][ T11] Bluetooth: Error in BCSP hdr checksum [ 139.705269][ T46] usb 2-1: reset high-speed USB device number 16 using dummy_hcd [ 140.032180][ T46] usb 2-1: device firmware changed [ 140.069245][ T5879] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 140.077847][ T52] Bluetooth: Error in BCSP hdr checksum [ 140.101010][ T46] usb 2-1: USB disconnect, device number 16 [ 140.253101][ T5879] usb 4-1: Using ep0 maxpacket: 8 [ 140.261375][ T5879] usb 4-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 140.271048][ T5879] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 140.281923][ T5879] usb 4-1: config 0 descriptor?? [ 140.337185][ T6232] Bluetooth: Error in BCSP hdr checksum [ 140.508384][ T5879] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -61 [ 140.523601][ T5879] asix 4-1:0.0: probe with driver asix failed with error -61 [ 140.643267][ T5881] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 140.658817][ T46] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 141.211038][ T54] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 141.304651][ T46] usb 2-1: Using ep0 maxpacket: 32 [ 141.312459][ T5881] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 141.323084][ T5881] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 141.387763][ T5881] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 141.407082][ T5881] usb 3-1: config 0 descriptor?? [ 141.413025][ T46] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 141.443434][ T5881] pwc: Askey VC010 type 2 USB webcam detected. [ 141.451151][ T46] usb 2-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 141.470696][ T46] usb 2-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 141.483357][ T46] usb 2-1: Product: syz [ 141.487609][ T46] usb 2-1: Manufacturer: syz [ 141.543388][ T46] usb 2-1: SerialNumber: syz [ 141.569398][ T46] usb 2-1: config 0 descriptor?? [ 141.595524][ T7274] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 141.830320][ T7302] bridge0: port 4(gretap0) entered blocking state [ 141.869817][ T7302] bridge0: port 4(gretap0) entered disabled state [ 141.883999][ T5879] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 141.966009][ T7302] gretap0: entered allmulticast mode [ 142.041142][ T7302] gretap0: entered promiscuous mode [ 142.084929][ T5879] usb 5-1: Using ep0 maxpacket: 32 [ 142.099723][ T7302] bridge0: port 4(gretap0) entered blocking state [ 142.106344][ T7302] bridge0: port 4(gretap0) entered forwarding state [ 142.141094][ T5879] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x66, changing to 0x6 [ 142.210786][ T5879] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 25187, setting to 64 [ 142.215154][ T5881] pwc: send_video_command error -71 [ 142.227031][ T5881] pwc: Failed to set video mode CIF@30 fps; return code = -71 [ 142.234646][ T5881] Philips webcam 3-1:0.0: probe with driver Philips webcam failed with error -71 [ 142.244073][ T7303] gretap0: left allmulticast mode [ 142.247388][ T5881] usb 3-1: USB disconnect, device number 6 [ 142.253098][ T7303] gretap0: left promiscuous mode [ 142.254976][ T46] usb 2-1: USB disconnect, device number 17 [ 142.261015][ T7303] bridge0: port 4(gretap0) entered disabled state [ 142.274156][ T5879] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 142.287417][ T5879] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 142.314970][ T5879] usb 5-1: config 0 descriptor?? [ 142.322618][ T5879] hub 5-1:0.0: bad descriptor, ignoring hub [ 142.328835][ T5879] hub 5-1:0.0: probe with driver hub failed with error -5 [ 142.337769][ T5879] usbhid 5-1:0.0: couldn't find an input interrupt endpoint [ 142.686909][ T5881] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 142.742838][ T46] usb 4-1: USB disconnect, device number 8 [ 143.526896][ T5881] usb 3-1: device descriptor read/all, error -71 [ 145.488484][ T5879] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 145.508339][ T3852] Bluetooth: Error in BCSP hdr checksum [ 145.540976][ T3448] bridge0: port 2(bridge_slave_1) entered disabled state [ 145.624475][ T46] usb 5-1: USB disconnect, device number 10 [ 145.809847][ T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 145.818364][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 145.947529][ T7339] bridge0: port 1(gretap0) entered blocking state [ 145.954689][ T7339] bridge0: port 1(gretap0) entered disabled state [ 145.963448][ T7339] gretap0: entered allmulticast mode [ 145.978803][ T7339] gretap0: entered promiscuous mode [ 145.988856][ T7339] bridge0: port 1(gretap0) entered blocking state [ 145.995511][ T7339] bridge0: port 1(gretap0) entered forwarding state [ 146.050949][ T11] Bluetooth: Error in BCSP hdr checksum [ 146.247182][ T52] Bluetooth: Error in BCSP hdr checksum [ 146.287269][ T7339] gretap0: left allmulticast mode [ 146.292434][ T7339] gretap0: left promiscuous mode [ 146.298261][ T7339] bridge0: port 1(gretap0) entered disabled state [ 146.404872][ T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 146.413296][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 146.494360][ T3852] Bluetooth: Error in BCSP hdr checksum [ 146.763082][ T46] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 147.200690][ T54] Bluetooth: hci5: command 0x1003 tx timeout [ 147.209682][ T46] usb 5-1: Using ep0 maxpacket: 32 [ 147.209729][ T5833] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 148.221925][ T5881] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 148.229667][ T46] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 148.449411][ T46] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 148.460220][ T46] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 148.468451][ T46] usb 5-1: Product: syz [ 148.472634][ T46] usb 5-1: Manufacturer: syz [ 148.477432][ T46] usb 5-1: SerialNumber: syz [ 148.484285][ T46] usb 5-1: config 0 descriptor?? [ 148.489990][ T7348] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 148.603483][ T5881] usb 3-1: Using ep0 maxpacket: 32 [ 148.623636][ T5881] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x66, changing to 0x6 [ 149.157486][ T5881] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 25187, setting to 64 [ 149.169111][ T5881] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 149.178881][ T5881] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 149.194557][ T5881] usb 3-1: config 0 descriptor?? [ 149.203459][ T5881] hub 3-1:0.0: bad descriptor, ignoring hub [ 149.205764][ T5879] usb 5-1: USB disconnect, device number 11 [ 149.209384][ T5881] hub 3-1:0.0: probe with driver hub failed with error -5 [ 149.224188][ T5881] usbhid 3-1:0.0: couldn't find an input interrupt endpoint [ 150.565268][ T54] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 150.574877][ T54] Bluetooth: hci3: Injecting HCI hardware error event [ 150.593094][ T5831] Bluetooth: hci3: hardware error 0x00 [ 151.116809][ T3448] Bluetooth: Error in BCSP hdr checksum [ 151.283578][ T7403] nvme_fabrics: unknown parameter or missing value 'í6—' in ctrl creation request [ 151.554290][ T3448] Bluetooth: Error in BCSP hdr checksum [ 151.564574][ T5879] usb 3-1: USB disconnect, device number 9 [ 151.804256][ T1322] Bluetooth: Error in BCSP hdr checksum [ 152.496990][ T3448] Bluetooth: Error in BCSP hdr checksum [ 152.616272][ T54] Bluetooth: hci5: command 0x1003 tx timeout [ 152.693851][ T5833] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 152.863261][ T35] Bluetooth: Error in BCSP hdr checksum [ 153.373570][ T5831] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 153.424334][ T5881] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 153.432547][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 153.485169][ T7429] netlink: 12 bytes leftover after parsing attributes in process `syz.1.555'. [ 153.510481][ T7430] loop4: detected capacity change from 0 to 524287999 [ 153.542249][ C1] blk_print_req_error: 7 callbacks suppressed [ 153.542270][ C1] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 153.557616][ C1] buffer_io_error: 7 callbacks suppressed [ 153.557630][ C1] Buffer I/O error on dev loop4, logical block 0, async page read [ 153.559176][ T7429] 8021q: adding VLAN 0 to HW filter on device bond1 [ 153.583496][ C0] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 153.592699][ C0] Buffer I/O error on dev loop4, logical block 0, async page read [ 153.616062][ C0] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 153.618160][ T7434] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 153.625248][ C0] Buffer I/O error on dev loop4, logical block 0, async page read [ 153.625733][ C0] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 153.633797][ T7434] bond1: (slave batadv1): Enslaving as an active interface with an up link [ 153.640077][ C0] Buffer I/O error on dev loop4, logical block 0, async page read [ 153.669968][ T7429] bond0: entered promiscuous mode [ 153.675990][ T7429] bond_slave_0: entered promiscuous mode [ 153.682479][ T7429] bond_slave_1: entered promiscuous mode [ 153.689577][ T7429] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 153.698506][ T7429] bond1: (slave macvlan2): Enslaving as an active interface with an up link [ 153.732912][ C1] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 153.742123][ C1] Buffer I/O error on dev loop4, logical block 0, async page read [ 153.752611][ C0] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 153.761823][ C0] Buffer I/O error on dev loop4, logical block 0, async page read [ 153.772583][ C0] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 153.781781][ C0] Buffer I/O error on dev loop4, logical block 0, async page read [ 153.791235][ C0] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 153.800398][ C0] Buffer I/O error on dev loop4, logical block 0, async page read [ 153.808433][ T7430] ldm_validate_partition_table(): Disk read failed. [ 153.816277][ C0] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 153.825468][ C0] Buffer I/O error on dev loop4, logical block 0, async page read [ 153.835491][ C0] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 153.844671][ C0] Buffer I/O error on dev loop4, logical block 0, async page read [ 153.858521][ T7430] Dev loop4: unable to read RDB block 0 [ 153.865870][ T7430] loop4: unable to read partition table [ 153.884137][ T7430] loop_reread_partitions: partition scan of loop4 (3Ÿ ¾x³˜CÖ) failed (rc=-5) [ 154.115648][ T7454] netlink: 4436 bytes leftover after parsing attributes in process `syz.1.565'. [ 154.125102][ T7454] netlink: 4436 bytes leftover after parsing attributes in process `syz.1.565'. [ 154.196083][ T7456] netlink: 'syz.3.566': attribute type 10 has an invalid length. [ 154.241386][ T7456] bridge0: port 3(team0) entered disabled state [ 154.262227][ T7456] team0: left allmulticast mode [ 154.275081][ T7456] team_slave_0: left allmulticast mode [ 154.280591][ T7456] team_slave_1: left allmulticast mode [ 154.286240][ T7456] team0: left promiscuous mode [ 154.292040][ T7456] team_slave_0: left promiscuous mode [ 154.298722][ T7459] Cannot find set identified by id 0 to match [ 154.298936][ T7456] team_slave_1: left promiscuous mode [ 154.315360][ T7456] bridge0: port 3(team0) entered disabled state [ 154.338290][ T7456] batman_adv: batadv0: Adding interface: team0 [ 154.354751][ T7456] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 154.410426][ T7456] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 154.697322][ T5879] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 155.188518][ T7485] netlink: 'syz.0.579': attribute type 10 has an invalid length. [ 155.205381][ T7485] bridge0: port 3(team0) entered disabled state [ 155.259779][ T7485] team0: left allmulticast mode [ 155.291028][ T7485] team_slave_0: left allmulticast mode [ 155.296729][ T7485] team_slave_1: left allmulticast mode [ 155.308341][ T7485] team0: left promiscuous mode [ 155.318678][ T7485] team_slave_0: left promiscuous mode [ 155.329300][ T7485] team_slave_1: left promiscuous mode [ 155.337513][ T7485] bridge0: port 3(team0) entered disabled state [ 155.387566][ T7485] batman_adv: batadv0: Adding interface: team0 [ 155.398985][ T7485] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 155.443425][ T7485] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 156.669839][ T7524] netlink: 4 bytes leftover after parsing attributes in process `syz.4.592'. [ 156.739870][ T7530] netlink: 'syz.2.593': attribute type 10 has an invalid length. [ 156.762263][ T7530] bridge0: port 3(team0) entered disabled state [ 156.779491][ T7530] team0: left allmulticast mode [ 156.785654][ T7530] team_slave_0: left allmulticast mode [ 156.791149][ T7530] team_slave_1: left allmulticast mode [ 156.807667][ T7530] team0: left promiscuous mode [ 156.812601][ T7530] team_slave_0: left promiscuous mode [ 156.825352][ T7530] team_slave_1: left promiscuous mode [ 156.831964][ T7530] bridge0: port 3(team0) entered disabled state [ 156.849054][ T7530] batman_adv: batadv0: Adding interface: team0 [ 156.860188][ T7530] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 156.892280][ T7530] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 157.033228][ T5879] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 157.187127][ T5879] usb 5-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47 [ 157.199113][ T5879] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 157.217654][ T5879] usb 5-1: config 0 descriptor?? [ 157.238370][ T5879] gspca_main: STV06xx-2.14.0 probing 046d:0870 [ 157.613965][ T969] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 157.706838][ T7560] netlink: 'syz.1.607': attribute type 10 has an invalid length. [ 157.748076][ T7560] bridge0: port 3(team0) entered disabled state [ 157.763239][ T969] usb 3-1: device descriptor read/64, error -71 [ 157.779674][ T7560] team0: left allmulticast mode [ 157.792943][ T7560] team_slave_0: left allmulticast mode [ 157.798443][ T7560] team_slave_1: left allmulticast mode [ 157.804072][ T7560] team0: left promiscuous mode [ 157.808861][ T7560] team_slave_0: left promiscuous mode [ 157.814693][ T7560] team_slave_1: left promiscuous mode [ 157.820349][ T7560] bridge0: port 3(team0) entered disabled state [ 158.013266][ T7560] batman_adv: batadv0: Adding interface: team0 [ 158.030946][ T7560] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 158.302310][ T7560] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 158.683084][ T969] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 158.843375][ T969] usb 3-1: device descriptor read/64, error -71 [ 158.953449][ T969] usb usb3-port1: attempt power cycle [ 159.053701][ T7585] netlink: 4 bytes leftover after parsing attributes in process `syz.0.617'. [ 159.089199][ T7587] netlink: 'syz.3.618': attribute type 10 has an invalid length. [ 159.213793][ T5879] usb 5-1: USB disconnect, device number 12 [ 159.303222][ T969] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 159.334192][ T969] usb 3-1: device descriptor read/8, error -71 [ 159.573921][ T969] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 159.594829][ T969] usb 3-1: device descriptor read/8, error -71 [ 159.714435][ T969] usb usb3-port1: unable to enumerate USB device [ 159.809276][ T7613] netlink: 4 bytes leftover after parsing attributes in process `syz.4.629'. [ 159.823280][ T5881] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 159.831548][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 159.864359][ T7615] netlink: 'syz.0.630': attribute type 10 has an invalid length. [ 159.973826][ T7619] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 159.998360][ T7619] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 160.018973][ T7619] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 160.034185][ T7619] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 160.042659][ T7619] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 160.051848][ T7619] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 160.074913][ T7619] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 160.106188][ T7619] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 160.302828][ T7630] netlink: 80 bytes leftover after parsing attributes in process `syz.4.636'. [ 161.295469][ T5831] Bluetooth: hci2: command tx timeout [ 161.514967][ T7635] qnx4: no qnx4 filesystem (no root dir). [ 161.535702][ T7635] 9pnet_virtio: no channels available for device syz [ 161.542981][ T7644] netlink: 'syz.2.642': attribute type 10 has an invalid length. [ 161.772657][ T7655] netlink: 4 bytes leftover after parsing attributes in process `syz.1.646'. [ 161.835996][ T7657] warning: `syz.2.648' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 161.953985][ T7661] netlink: 80 bytes leftover after parsing attributes in process `syz.2.649'. [ 163.212583][ T7679] netlink: 'syz.2.656': attribute type 10 has an invalid length. [ 163.382052][ T7690] netlink: 80 bytes leftover after parsing attributes in process `syz.2.661'. [ 164.155505][ T6232] bridge0: port 2(bridge_slave_1) entered disabled state [ 164.373567][ T7713] netlink: 'syz.2.671': attribute type 10 has an invalid length. [ 165.686373][ T29] kauditd_printk_skb: 44 callbacks suppressed [ 165.686391][ T29] audit: type=1326 audit(1731467621.910:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7722 comm="syz.2.675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d1317e719 code=0x7ffc0000 [ 165.827785][ T29] audit: type=1326 audit(1731467621.910:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7722 comm="syz.2.675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d1317e719 code=0x7ffc0000 [ 165.908336][ T29] audit: type=1326 audit(1731467621.940:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7722 comm="syz.2.675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2d1317e719 code=0x7ffc0000 [ 166.029152][ T29] audit: type=1326 audit(1731467621.940:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7722 comm="syz.2.675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d1317e719 code=0x7ffc0000 [ 166.092897][ T29] audit: type=1326 audit(1731467621.940:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7722 comm="syz.2.675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d1317e719 code=0x7ffc0000 [ 166.426750][ T7734] netlink: 80 bytes leftover after parsing attributes in process `syz.4.677'. [ 166.490959][ T29] audit: type=1326 audit(1731467621.940:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7722 comm="syz.2.675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2d1317e719 code=0x7ffc0000 [ 168.653069][ T29] audit: type=1326 audit(1731467621.940:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7722 comm="syz.2.675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d1317e719 code=0x7ffc0000 [ 169.913163][ T29] audit: type=1326 audit(1731467621.940:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7722 comm="syz.2.675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d1317e719 code=0x7ffc0000 [ 169.934782][ T29] audit: type=1326 audit(1731467621.940:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7722 comm="syz.2.675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2d1317d0b0 code=0x7ffc0000 [ 169.963380][ T29] audit: type=1326 audit(1731467621.940:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7722 comm="syz.2.675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f2d1317ff47 code=0x7ffc0000 [ 172.216349][ T7753] netlink: 'syz.2.685': attribute type 10 has an invalid length. [ 173.752477][ T7763] netlink: 80 bytes leftover after parsing attributes in process `syz.2.689'. [ 173.771369][ T7762] bridge0: port 1(gretap0) entered blocking state [ 173.779998][ T7762] bridge0: port 1(gretap0) entered disabled state [ 173.801326][ T7762] gretap0: entered allmulticast mode [ 173.830322][ T7762] gretap0: entered promiscuous mode [ 173.862148][ T7762] bridge0: port 1(gretap0) entered blocking state [ 173.868753][ T7762] bridge0: port 1(gretap0) entered forwarding state [ 173.908342][ T7764] gretap0: left allmulticast mode [ 173.937746][ T7764] gretap0: left promiscuous mode [ 173.963639][ T7764] bridge0: port 1(gretap0) entered disabled state [ 174.772693][ T3017] bridge0: port 2(bridge_slave_1) entered disabled state [ 174.957940][ T7786] netlink: 'syz.1.697': attribute type 10 has an invalid length. [ 175.149260][ T7790] netlink: 80 bytes leftover after parsing attributes in process `syz.1.700'. [ 175.301708][ T7792] netlink: 40 bytes leftover after parsing attributes in process `syz.4.701'. [ 180.855815][ T7828] netlink: 40 bytes leftover after parsing attributes in process `syz.1.713'. [ 180.934112][ T5845] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 180.944077][ T5845] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 180.951837][ T5845] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 180.961234][ T5845] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 180.969016][ T5845] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 180.976494][ T5845] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 181.115521][ T7831] bridge0: port 1(gretap0) entered blocking state [ 181.124407][ T7831] bridge0: port 1(gretap0) entered disabled state [ 181.131250][ T7831] gretap0: entered allmulticast mode [ 181.139271][ T7831] gretap0: entered promiscuous mode [ 181.155848][ T7831] bridge0: port 1(gretap0) entered blocking state [ 181.162396][ T7831] bridge0: port 1(gretap0) entered forwarding state [ 181.222320][ T7832] gretap0: left allmulticast mode [ 181.253230][ T7832] gretap0: left promiscuous mode [ 181.258384][ T7832] bridge0: port 1(gretap0) entered disabled state [ 181.745107][ T5845] Bluetooth: hci2: command 0x0406 tx timeout [ 181.751194][ T5845] Bluetooth: hci1: command 0x0406 tx timeout [ 181.757315][ T5846] Bluetooth: hci0: command 0x0406 tx timeout [ 181.763594][ T5845] Bluetooth: hci4: command 0x0406 tx timeout [ 181.869256][ T5833] Bluetooth: hci4: ACL packet for unknown connection handle 200 [ 182.176279][ T7825] chnl_net:caif_netlink_parms(): no params data found [ 182.965416][ T7825] bridge0: port 1(bridge_slave_0) entered blocking state [ 183.953181][ T7825] bridge0: port 1(bridge_slave_0) entered disabled state [ 183.960456][ T7825] bridge_slave_0: entered allmulticast mode [ 183.986928][ T5836] Bluetooth: hci5: command tx timeout [ 187.103967][ T7825] bridge_slave_0: entered promiscuous mode [ 187.118491][ T7825] bridge0: port 2(bridge_slave_1) entered blocking state [ 187.159523][ T7825] bridge0: port 2(bridge_slave_1) entered disabled state [ 187.166864][ T5836] Bluetooth: hci5: command tx timeout [ 187.200459][ T7825] bridge_slave_1: entered allmulticast mode [ 187.250023][ T7825] bridge_slave_1: entered promiscuous mode [ 187.496535][ T7825] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 187.526004][ T7825] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 187.689016][ T7825] team0: Port device team_slave_0 added [ 187.718378][ T7825] team0: Port device team_slave_1 added [ 187.829743][ T7825] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 187.859831][ T7825] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 187.896889][ T5920] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 187.918564][ T54] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 187.936241][ T54] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 187.947854][ T54] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 187.956768][ T54] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 187.964934][ T54] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 187.972310][ T54] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 188.008876][ T7825] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 188.030744][ T7825] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 188.045490][ T7825] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 188.086602][ T7825] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 188.104465][ T5920] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 188.115035][ T5920] usb 5-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 188.132221][ T5920] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 188.193369][ T5920] usb 5-1: config 0 descriptor?? [ 188.201272][ T5920] pwc: Askey VC010 type 2 USB webcam detected. [ 188.298936][ T7825] hsr_slave_0: entered promiscuous mode [ 188.325203][ T7825] hsr_slave_1: entered promiscuous mode [ 188.340110][ T7825] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 188.355003][ T7825] Cannot create hsr debugfs directory [ 188.428248][ T5920] pwc: send_video_command error -71 [ 188.451645][ T5920] pwc: Failed to set video mode CIF@30 fps; return code = -71 [ 188.473658][ T5920] Philips webcam 5-1:0.0: probe with driver Philips webcam failed with error -71 [ 188.489137][ T5920] usb 5-1: USB disconnect, device number 13 [ 188.904217][ T7861] chnl_net:caif_netlink_parms(): no params data found [ 188.951409][ T7825] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 188.958661][ T5920] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 189.036660][ T7825] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 189.061281][ T7825] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 189.096885][ T7825] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 189.144850][ T5920] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 189.178838][ T5920] usb 5-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 189.207923][ T5920] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 189.247630][ T5920] usb 5-1: config 0 descriptor?? [ 189.260713][ T54] Bluetooth: hci5: command tx timeout [ 189.285515][ T5920] pwc: Askey VC010 type 2 USB webcam detected. [ 189.305236][ T7861] bridge0: port 1(bridge_slave_0) entered blocking state [ 189.328574][ T7861] bridge0: port 1(bridge_slave_0) entered disabled state [ 189.343096][ T7861] bridge_slave_0: entered allmulticast mode [ 189.361857][ T7861] bridge_slave_0: entered promiscuous mode [ 189.398114][ T7861] bridge0: port 2(bridge_slave_1) entered blocking state [ 189.414139][ T7861] bridge0: port 2(bridge_slave_1) entered disabled state [ 189.421535][ T7861] bridge_slave_1: entered allmulticast mode [ 189.445917][ T7861] bridge_slave_1: entered promiscuous mode [ 189.584542][ T7861] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 189.608260][ T7861] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 189.662679][ T5920] pwc: recv_control_msg error -32 req 02 val 2b00 [ 189.688151][ T5920] pwc: recv_control_msg error -32 req 02 val 2700 [ 189.699301][ T5920] pwc: recv_control_msg error -32 req 02 val 2c00 [ 189.717772][ T5920] pwc: recv_control_msg error -32 req 04 val 1000 [ 189.738218][ T5920] pwc: recv_control_msg error -32 req 04 val 1300 [ 189.751985][ T5920] pwc: recv_control_msg error -32 req 04 val 1400 [ 189.765597][ T7861] team0: Port device team_slave_0 added [ 189.786647][ T7861] team0: Port device team_slave_1 added [ 189.795496][ T5920] pwc: recv_control_msg error -32 req 02 val 2000 [ 189.802851][ C0] sched: DL replenish lagged too much [ 189.812011][ T5920] pwc: recv_control_msg error -32 req 02 val 2100 [ 189.840579][ T7825] 8021q: adding VLAN 0 to HW filter on device bond0 [ 189.858894][ T5920] pwc: recv_control_msg error -32 req 04 val 1500 [ 189.977220][ T7861] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 189.992932][ T7861] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 190.042195][ T7861] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 190.062941][ T54] Bluetooth: hci6: command tx timeout [ 190.077857][ T7861] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 190.093822][ T5920] pwc: recv_control_msg error -71 req 02 val 2400 [ 190.101502][ T5920] pwc: recv_control_msg error -71 req 02 val 2600 [ 190.116775][ T7861] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 190.145899][ T5920] pwc: recv_control_msg error -71 req 02 val 2900 [ 190.162730][ T5920] pwc: recv_control_msg error -71 req 02 val 2800 [ 190.171469][ T7861] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 190.190860][ T5920] pwc: recv_control_msg error -71 req 04 val 1100 [ 190.198941][ T5920] pwc: recv_control_msg error -71 req 04 val 1200 [ 190.216023][ T5920] pwc: Registered as video103. [ 190.229701][ T5920] input: PWC snapshot button as /devices/platform/dummy_hcd.4/usb5/5-1/input/input9 [ 190.257809][ T7825] 8021q: adding VLAN 0 to HW filter on device team0 [ 190.293841][ T5920] usb 5-1: USB disconnect, device number 14 [ 190.436530][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 190.443717][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 190.462792][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 190.469927][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 190.510788][ T7861] hsr_slave_0: entered promiscuous mode [ 190.543216][ T7861] hsr_slave_1: entered promiscuous mode [ 190.563747][ T7861] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 190.572983][ T7861] Cannot create hsr debugfs directory [ 190.821109][ T7871] netlink: 40 bytes leftover after parsing attributes in process `syz.4.724'. [ 191.156608][ T52] nci: nci_rsp_packet: unknown rsp opcode 0x1b [ 191.229526][ T7825] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 191.333626][ T54] Bluetooth: hci5: command tx timeout [ 191.674216][ T7825] veth0_vlan: entered promiscuous mode [ 191.696085][ T7825] veth1_vlan: entered promiscuous mode [ 191.761769][ T7825] veth0_macvtap: entered promiscuous mode [ 191.778677][ T7825] veth1_macvtap: entered promiscuous mode [ 191.813154][ T7825] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 191.842731][ T7825] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 191.882153][ T7825] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 191.911526][ T7825] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 191.946881][ T7825] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 191.983007][ T7825] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 192.011768][ T7825] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 192.042527][ T7825] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 192.097281][ T7825] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 192.122654][ T7861] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 192.135045][ T54] Bluetooth: hci6: command tx timeout [ 192.153831][ T7888] bridge0: port 1(gretap0) entered blocking state [ 192.160338][ T7888] bridge0: port 1(gretap0) entered disabled state [ 192.193244][ T7888] gretap0: entered allmulticast mode [ 192.200105][ T7888] gretap0: entered promiscuous mode [ 192.214051][ T7888] bridge0: port 1(gretap0) entered blocking state [ 192.220592][ T7888] bridge0: port 1(gretap0) entered forwarding state [ 192.247724][ T7889] gretap0: left allmulticast mode [ 192.255472][ T7889] gretap0: left promiscuous mode [ 192.260764][ T7889] bridge0: port 1(gretap0) entered disabled state [ 192.305962][ T7825] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 192.327392][ T7825] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 192.347844][ T7825] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 192.362611][ T7825] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 192.382438][ T7825] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 192.410359][ T7825] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 192.427347][ T7825] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 192.443217][ T7825] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 192.471496][ T7825] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 192.493863][ T7861] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 192.539794][ T7825] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 192.573105][ T7825] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 192.601149][ T7825] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 192.626783][ T7825] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 192.660266][ T7861] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 192.734529][ T7861] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 192.896009][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 192.916630][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 192.924492][ T46] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 193.015653][ T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 193.035320][ T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 193.123980][ T46] usb 5-1: Using ep0 maxpacket: 8 [ 193.135491][ T46] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 11 [ 193.150990][ T7861] 8021q: adding VLAN 0 to HW filter on device bond0 [ 193.170569][ T46] usb 5-1: New USB device found, idVendor=258a, idProduct=0033, bcdDevice= 0.00 [ 193.218287][ T7861] 8021q: adding VLAN 0 to HW filter on device team0 [ 193.231225][ T46] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 193.272045][ T46] usb 5-1: config 0 descriptor?? [ 193.290191][ T6232] bridge0: port 1(bridge_slave_0) entered blocking state [ 193.297392][ T6232] bridge0: port 1(bridge_slave_0) entered forwarding state [ 193.359129][ T6232] bridge0: port 2(bridge_slave_1) entered blocking state [ 193.366301][ T6232] bridge0: port 2(bridge_slave_1) entered forwarding state [ 193.536917][ T3017] bridge0: port 2(bridge_slave_1) entered disabled state [ 193.587785][ T46] usbhid 5-1:0.0: can't add hid device: -71 [ 193.614028][ T46] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 193.648238][ T46] usb 5-1: USB disconnect, device number 15 [ 193.944522][ T7901] netlink: 8 bytes leftover after parsing attributes in process `syz.5.729'. [ 194.120744][ T7861] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 194.214520][ T54] Bluetooth: hci6: command tx timeout [ 194.234259][ T7904] netlink: 'syz.5.730': attribute type 21 has an invalid length. [ 194.273400][ T7904] netlink: 160 bytes leftover after parsing attributes in process `syz.5.730'. [ 194.402703][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.572119][ T7912] netlink: 4 bytes leftover after parsing attributes in process `syz.5.733'. [ 194.763049][ T25] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 194.781918][ T7917] 9pnet_virtio: no channels available for device syz [ 194.926762][ T7861] veth0_vlan: entered promiscuous mode [ 194.951799][ T7861] veth1_vlan: entered promiscuous mode [ 194.979764][ T25] usb 5-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47 [ 195.011976][ T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 195.024427][ T7861] veth0_macvtap: entered promiscuous mode [ 195.054613][ T7861] veth1_macvtap: entered promiscuous mode [ 195.062500][ T25] usb 5-1: config 0 descriptor?? [ 195.096243][ T25] gspca_main: STV06xx-2.14.0 probing 046d:0870 [ 195.151242][ T7861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 195.220534][ T7861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 195.283176][ T7861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 195.330952][ T7861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 195.382485][ T7861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 195.419439][ T7861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 195.457332][ T7861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 195.500685][ T7861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 195.536851][ T7861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 195.576888][ T7861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 195.629972][ T7861] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 195.708771][ T7861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 195.772194][ T7861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 195.822868][ T7861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 195.877727][ T7861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 196.203083][ T7861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 196.925038][ T7861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 196.952963][ T7861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 197.943062][ T7861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 197.973439][ T7861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 200.002996][ T7861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 200.963262][ T54] Bluetooth: hci6: command tx timeout [ 201.985055][ T7861] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 202.033172][ T7861] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 202.041920][ T7861] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 202.073081][ T7861] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 202.092883][ T7861] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 202.129617][ T25] gspca_stv06xx: I2C: Read error writing address: -110 [ 202.456661][ T54] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 202.474332][ T5831] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 202.482287][ T5831] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 202.490721][ T5831] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 202.498231][ T5831] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 202.507441][ T5831] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 202.516177][ T5831] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 202.524418][ T5831] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 202.532054][ T5831] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 202.540301][ T5831] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3 [ 202.547422][ T5831] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 202.554968][ T5831] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 202.663336][ T5920] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 202.735528][ T5881] usb 5-1: USB disconnect, device number 16 [ 202.863188][ T5920] usb 6-1: Using ep0 maxpacket: 32 [ 202.922057][ T7933] netlink: 24 bytes leftover after parsing attributes in process `syz.4.739'. [ 203.050056][ T7933] netlink: 8 bytes leftover after parsing attributes in process `syz.4.739'. [ 203.059495][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 203.093345][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 203.336873][ T7939] netlink: 'syz.4.740': attribute type 8 has an invalid length. [ 203.394560][ T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 203.442533][ T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 203.891051][ T7928] chnl_net:caif_netlink_parms(): no params data found [ 204.018138][ T7930] chnl_net:caif_netlink_parms(): no params data found [ 204.557259][ T7930] bridge0: port 1(bridge_slave_0) entered blocking state [ 204.590738][ T7930] bridge0: port 1(bridge_slave_0) entered disabled state [ 204.618455][ T54] Bluetooth: hci8: command tx timeout [ 204.624443][ T5833] Bluetooth: hci7: command tx timeout [ 204.635705][ T7930] bridge_slave_0: entered allmulticast mode [ 204.663710][ T7930] bridge_slave_0: entered promiscuous mode [ 204.719040][ T7930] bridge0: port 2(bridge_slave_1) entered blocking state [ 204.753190][ T7930] bridge0: port 2(bridge_slave_1) entered disabled state [ 204.786506][ T7930] bridge_slave_1: entered allmulticast mode [ 204.812057][ T7930] bridge_slave_1: entered promiscuous mode [ 205.006498][ T7967] netlink: 24 bytes leftover after parsing attributes in process `syz.6.747'. [ 205.053105][ T5880] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 205.118399][ T7970] netlink: 8 bytes leftover after parsing attributes in process `syz.6.747'. [ 205.152167][ T7928] bridge0: port 1(bridge_slave_0) entered blocking state [ 205.172312][ T7928] bridge0: port 1(bridge_slave_0) entered disabled state [ 205.186231][ T7928] bridge_slave_0: entered allmulticast mode [ 205.207477][ T7928] bridge_slave_0: entered promiscuous mode [ 205.244010][ T5880] usb 5-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47 [ 205.272441][ T5880] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 205.301095][ T7928] bridge0: port 2(bridge_slave_1) entered blocking state [ 205.328835][ T7928] bridge0: port 2(bridge_slave_1) entered disabled state [ 205.338254][ T5880] usb 5-1: config 0 descriptor?? [ 205.374607][ T7928] bridge_slave_1: entered allmulticast mode [ 205.385044][ T5880] gspca_main: STV06xx-2.14.0 probing 046d:0870 [ 205.413213][ T7928] bridge_slave_1: entered promiscuous mode [ 205.438990][ T7930] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 205.504830][ T7930] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 205.698790][ T7972] netlink: 'syz.6.748': attribute type 21 has an invalid length. [ 205.720712][ T7972] netlink: 160 bytes leftover after parsing attributes in process `syz.6.748'. [ 205.764081][ T7928] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 205.832511][ T7928] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 206.693288][ T54] Bluetooth: hci8: command tx timeout [ 206.698786][ T54] Bluetooth: hci7: command tx timeout [ 209.232927][ T54] Bluetooth: hci7: command tx timeout [ 209.238438][ T54] Bluetooth: hci8: command tx timeout [ 209.307823][ T5920] usb 6-1: device descriptor read/all, error -71 [ 209.896046][ T7930] team0: Port device team_slave_0 added [ 211.994435][ T5833] Bluetooth: hci8: command tx timeout [ 211.999928][ T5833] Bluetooth: hci7: command tx timeout [ 212.108653][ T5880] usb 5-1: USB disconnect, device number 17 [ 212.184648][ T7928] team0: Port device team_slave_0 added [ 212.317757][ T7930] team0: Port device team_slave_1 added [ 212.343013][ T25] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 212.435500][ T7981] Bluetooth: MGMT ver 1.23 [ 212.524836][ T25] usb 7-1: Using ep0 maxpacket: 8 [ 212.593536][ T25] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 212.663004][ T25] usb 7-1: config 0 has no interfaces? [ 212.723393][ T25] usb 7-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 212.822939][ T25] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 212.913579][ T25] usb 7-1: config 0 descriptor?? [ 213.437802][ T5836] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 213.447041][ T5836] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 213.455470][ T5836] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 213.465367][ T5836] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 213.473213][ T5836] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 213.485232][ T5836] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 214.543489][ T54] Bluetooth: hci0: command 0x0406 tx timeout [ 214.549585][ T5833] Bluetooth: hci0: Opcode 0x1407 failed: -110 [ 215.148284][ T5881] usb 7-1: USB disconnect, device number 2 [ 215.667194][ T5833] Bluetooth: hci1: command tx timeout [ 215.943136][ T5881] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 216.134177][ T5881] usb 7-1: Using ep0 maxpacket: 32 [ 216.154008][ T5881] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x66, changing to 0x6 [ 216.173330][ T5881] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 25187, setting to 64 [ 216.194709][ T5881] usb 7-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 216.212383][ T5881] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 216.253216][ T5881] usb 7-1: config 0 descriptor?? [ 216.260216][ T5881] hub 7-1:0.0: bad descriptor, ignoring hub [ 216.273676][ T5881] hub 7-1:0.0: probe with driver hub failed with error -5 [ 216.294506][ T5881] usbhid 7-1:0.0: couldn't find an input interrupt endpoint [ 217.773207][ T5833] Bluetooth: hci1: command tx timeout [ 219.813144][ T5833] Bluetooth: hci1: command tx timeout [ 221.893642][ T5833] Bluetooth: hci1: command tx timeout [ 231.329939][ T54] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 231.339310][ T54] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 231.347360][ T54] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 231.355530][ T54] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 231.366108][ T54] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 231.373478][ T54] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 233.415721][ T54] Bluetooth: hci0: command tx timeout [ 235.493796][ T54] Bluetooth: hci0: command tx timeout [ 237.577467][ T54] Bluetooth: hci0: command tx timeout [ 237.613780][ T5833] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 237.622410][ T5833] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 237.631414][ T5833] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 237.639840][ T5833] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 237.650011][ T5833] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 237.657812][ T5833] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 239.653084][ T5833] Bluetooth: hci0: command tx timeout [ 239.733125][ T5833] Bluetooth: hci2: command tx timeout [ 241.813219][ T5833] Bluetooth: hci2: command tx timeout [ 243.893031][ T5833] Bluetooth: hci2: command tx timeout [ 245.973141][ T5833] Bluetooth: hci2: command tx timeout [ 254.938395][ T7928] team0: Port device team_slave_1 added [ 255.818003][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.199059][ T7930] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 256.232850][ T7930] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 256.312887][ T7930] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 256.666384][ T54] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 256.679736][ T54] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 256.691915][ T54] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 256.700703][ T54] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 256.708518][ T54] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 256.721871][ T54] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 257.030853][ T8023] chnl_net:caif_netlink_parms(): no params data found [ 257.244295][ T8023] bridge0: port 1(bridge_slave_0) entered blocking state [ 257.251479][ T8023] bridge0: port 1(bridge_slave_0) entered disabled state [ 257.273147][ T8023] bridge_slave_0: entered allmulticast mode [ 257.293024][ T8023] bridge_slave_0: entered promiscuous mode [ 257.305322][ T8023] bridge0: port 2(bridge_slave_1) entered blocking state [ 257.312425][ T8023] bridge0: port 2(bridge_slave_1) entered disabled state [ 257.334160][ T8023] bridge_slave_1: entered allmulticast mode [ 257.341969][ T8023] bridge_slave_1: entered promiscuous mode [ 257.454371][ T8023] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 257.480204][ T8023] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 257.595844][ T8023] team0: Port device team_slave_0 added [ 257.623520][ T8023] team0: Port device team_slave_1 added [ 257.716574][ T8023] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 257.734426][ T8023] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 257.774167][ T8023] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 257.803311][ T8023] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 257.810283][ T8023] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 257.858583][ T8023] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 258.003854][ T8023] hsr_slave_0: entered promiscuous mode [ 258.016190][ T8023] hsr_slave_1: entered promiscuous mode [ 258.044349][ T8023] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 258.051935][ T8023] Cannot create hsr debugfs directory [ 258.423357][ T8023] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 258.457339][ T8023] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 258.472281][ T8023] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 258.501890][ T8023] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 258.575410][ T8023] bridge0: port 2(bridge_slave_1) entered blocking state [ 258.582557][ T8023] bridge0: port 2(bridge_slave_1) entered forwarding state [ 258.589980][ T8023] bridge0: port 1(bridge_slave_0) entered blocking state [ 258.597126][ T8023] bridge0: port 1(bridge_slave_0) entered forwarding state [ 258.743826][ T8023] 8021q: adding VLAN 0 to HW filter on device bond0 [ 258.773373][ T5833] Bluetooth: hci3: command tx timeout [ 258.787689][ T8023] 8021q: adding VLAN 0 to HW filter on device team0 [ 259.183178][ T8023] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 259.608046][ T8023] veth0_vlan: entered promiscuous mode [ 259.632100][ T8023] veth1_vlan: entered promiscuous mode [ 259.704278][ T8023] veth0_macvtap: entered promiscuous mode [ 259.726061][ T8023] veth1_macvtap: entered promiscuous mode [ 259.776907][ T8023] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 259.799715][ T8023] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 259.816290][ T8023] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 259.832897][ T8023] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 259.842731][ T8023] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 259.871179][ T8023] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 259.893056][ T8023] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 259.918079][ T8023] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 259.933006][ T8023] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 259.952898][ T8023] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 259.962730][ T8023] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 259.992331][ T8023] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 260.012618][ T8023] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 260.038574][ T8023] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 260.052940][ T8023] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 260.062765][ T8023] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 260.090595][ T8023] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 260.116041][ T8023] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 260.139610][ T8023] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 260.152914][ T8023] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 260.179494][ T8023] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 260.192857][ T8023] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 260.218560][ T8023] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 260.242997][ T8023] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 260.253721][ T8023] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 260.285049][ T8023] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 260.307604][ T8023] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 260.336273][ T8023] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 260.352889][ T8023] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 260.361608][ T8023] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 260.513440][ T3448] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 260.521292][ T3448] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 260.594550][ T3448] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 260.609855][ T3448] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 260.853084][ T5833] Bluetooth: hci3: command tx timeout [ 261.924501][ T8058] wg2: entered promiscuous mode [ 261.930253][ T8058] wg2: entered allmulticast mode [ 262.933070][ T5833] Bluetooth: hci3: command tx timeout [ 265.013000][ T5833] Bluetooth: hci3: command tx timeout [ 271.166324][ T54] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 271.178683][ T54] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 271.187070][ T54] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 271.205237][ T54] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 271.214631][ T54] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 271.222034][ T54] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 273.253158][ T54] Bluetooth: hci5: command tx timeout [ 273.281673][ T5833] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 273.290471][ T5833] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 273.298662][ T5833] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 273.308686][ T5833] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 273.321856][ T5833] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 273.329244][ T5833] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 275.342846][ T54] Bluetooth: hci5: command tx timeout [ 275.413532][ T54] Bluetooth: hci6: command tx timeout [ 277.417345][ T54] Bluetooth: hci5: command tx timeout [ 277.493344][ T54] Bluetooth: hci6: command tx timeout [ 279.493095][ T54] Bluetooth: hci5: command tx timeout [ 279.573351][ T54] Bluetooth: hci6: command tx timeout [ 281.653268][ T54] Bluetooth: hci6: command tx timeout [ 287.700517][ T5833] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 287.710557][ T5833] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 287.721392][ T5833] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 287.731614][ T5833] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 287.739528][ T5833] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3 [ 287.747709][ T5833] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 289.813208][ T5833] Bluetooth: hci9: command tx timeout [ 291.846602][ T54] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 291.857724][ T54] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 291.867300][ T54] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 291.875309][ T54] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 291.883202][ T54] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3 [ 291.890541][ T54] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 291.898031][ T5836] Bluetooth: hci9: command tx timeout [ 293.973354][ T54] Bluetooth: hci10: command tx timeout [ 293.979744][ T54] Bluetooth: hci9: command tx timeout [ 296.059012][ T5833] Bluetooth: hci10: command tx timeout [ 296.066653][ T54] Bluetooth: hci9: command tx timeout [ 298.133733][ T54] Bluetooth: hci10: command tx timeout [ 298.211320][ T5833] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 298.226418][ T5833] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 298.235361][ T5833] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 298.244124][ T5833] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 298.251974][ T5833] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3 [ 298.266859][ T5833] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 300.213165][ T54] Bluetooth: hci10: command tx timeout [ 300.293156][ T54] Bluetooth: hci11: command tx timeout [ 302.372982][ T54] Bluetooth: hci11: command tx timeout [ 304.452985][ T54] Bluetooth: hci11: command tx timeout [ 306.533086][ T54] Bluetooth: hci11: command tx timeout [ 317.273220][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 326.330387][ T5880] usb 7-1: USB disconnect, device number 3 [ 327.935123][ T7930] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 327.952862][ T7930] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 328.012407][ T7930] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 329.584506][ T5836] Bluetooth: hci7: command 0x0406 tx timeout [ 329.592313][ T5836] Bluetooth: hci8: command 0x0406 tx timeout [ 331.313037][ T54] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 331.321947][ T54] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 331.330540][ T54] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 331.342467][ T54] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 331.350247][ T54] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 331.357932][ T54] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 333.423570][ T54] Bluetooth: hci0: command tx timeout [ 333.863405][ T5833] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 333.873122][ T5833] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 333.880868][ T5833] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 333.888818][ T5833] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 333.906641][ T5833] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 333.914233][ T5833] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 335.493497][ T5833] Bluetooth: hci0: command tx timeout [ 335.973331][ T5833] Bluetooth: hci1: command tx timeout [ 337.573179][ T5833] Bluetooth: hci0: command tx timeout [ 338.052939][ T5833] Bluetooth: hci1: command tx timeout [ 339.653475][ T5833] Bluetooth: hci0: command tx timeout [ 340.133092][ T5833] Bluetooth: hci1: command tx timeout [ 342.213408][ T5833] Bluetooth: hci1: command tx timeout [ 348.233227][ T54] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 348.253005][ T54] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 348.263300][ T54] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 348.271144][ T54] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 348.279180][ T54] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 348.292990][ T54] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 350.373027][ T54] Bluetooth: hci2: command tx timeout [ 352.461290][ T54] Bluetooth: hci2: command tx timeout [ 352.805272][ T5833] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 352.815582][ T5833] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 352.823410][ T5833] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 352.831247][ T5833] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 352.838908][ T5833] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 352.854137][ T5833] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 354.533022][ T54] Bluetooth: hci2: command tx timeout [ 354.934805][ T54] Bluetooth: hci3: command tx timeout [ 356.613027][ T54] Bluetooth: hci2: command tx timeout [ 357.013126][ T54] Bluetooth: hci3: command tx timeout [ 358.367901][ T5833] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 358.380790][ T5833] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 358.388587][ T5833] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 358.396581][ T5833] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 358.407287][ T5833] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 358.414719][ T5833] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 359.093126][ T54] Bluetooth: hci3: command tx timeout [ 360.453361][ T54] Bluetooth: hci4: command tx timeout [ 361.173274][ T54] Bluetooth: hci3: command tx timeout [ 362.533167][ T54] Bluetooth: hci4: command tx timeout [ 364.613113][ T54] Bluetooth: hci4: command tx timeout [ 366.693130][ T54] Bluetooth: hci4: command tx timeout [ 378.705095][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 394.757312][ T5836] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 394.767426][ T5836] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 394.775572][ T5836] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 394.793729][ T5836] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 394.801330][ T5836] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 394.811211][ T5836] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 395.244932][ T54] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 395.255006][ T54] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 395.262715][ T54] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 395.271423][ T54] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 395.281040][ T54] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3 [ 395.291305][ T54] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 396.154057][ T54] Bluetooth: hci5: command 0x0406 tx timeout [ 396.163418][ T5836] Bluetooth: hci6: command 0x0406 tx timeout [ 396.853329][ T5833] Bluetooth: hci7: command tx timeout [ 397.339540][ T5833] Bluetooth: hci8: command tx timeout [ 398.933132][ T5833] Bluetooth: hci7: command tx timeout [ 399.413051][ T5833] Bluetooth: hci8: command tx timeout [ 401.013122][ T5833] Bluetooth: hci7: command tx timeout [ 401.493105][ T5833] Bluetooth: hci8: command tx timeout [ 403.093089][ T5833] Bluetooth: hci7: command tx timeout [ 403.573006][ T5833] Bluetooth: hci8: command tx timeout [ 408.683272][ T5831] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 408.692668][ T5831] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 408.702586][ T5831] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 408.711317][ T5831] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 408.718987][ T5831] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3 [ 408.726431][ T5831] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2 [ 410.773238][ T5833] Bluetooth: hci12: command tx timeout [ 411.499858][ T5833] Bluetooth: hci9: command 0x0406 tx timeout [ 412.863118][ T5831] Bluetooth: hci12: command tx timeout [ 413.149138][ T5833] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1 [ 413.161599][ T5833] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9 [ 413.169467][ T5833] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9 [ 413.183837][ T5833] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4 [ 413.191866][ T5833] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3 [ 413.201468][ T5833] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2 [ 414.933186][ T5833] Bluetooth: hci12: command tx timeout [ 415.252965][ T5833] Bluetooth: hci13: command tx timeout [ 416.618728][ T5833] Bluetooth: hci10: command 0x0406 tx timeout [ 417.013277][ T5831] Bluetooth: hci12: command tx timeout [ 417.332950][ T5831] Bluetooth: hci13: command tx timeout [ 418.930501][ T5833] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1 [ 418.940705][ T5833] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9 [ 418.948871][ T5833] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9 [ 418.956951][ T5833] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4 [ 418.983068][ T5833] Bluetooth: hci14: unexpected cc 0x0c25 length: 249 > 3 [ 418.996549][ T5833] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2 [ 419.413153][ T5833] Bluetooth: hci13: command tx timeout [ 421.093033][ T5831] Bluetooth: hci14: command tx timeout [ 421.492965][ T5831] Bluetooth: hci13: command tx timeout [ 421.741356][ T5831] Bluetooth: hci11: command 0x0406 tx timeout [ 423.172989][ T5833] Bluetooth: hci14: command tx timeout [ 425.252983][ T5833] Bluetooth: hci14: command tx timeout [ 427.332985][ T5833] Bluetooth: hci14: command tx timeout [ 439.749532][ T6232] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 440.147182][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 453.938403][ T5831] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 453.948160][ T5831] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 453.956105][ T5831] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 453.964809][ T5831] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 453.972443][ T5831] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 453.983574][ T5831] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 455.527915][ T54] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 455.538536][ T54] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 455.546584][ T54] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 455.558010][ T54] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 455.569877][ T54] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3 [ 455.578659][ T54] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 456.052978][ T54] Bluetooth: hci5: command tx timeout [ 457.584366][ T54] Bluetooth: hci0: command 0x0406 tx timeout [ 457.590435][ T54] Bluetooth: hci1: command 0x0406 tx timeout [ 457.653715][ T5833] Bluetooth: hci9: command tx timeout [ 458.134029][ T5833] Bluetooth: hci5: command tx timeout [ 459.733147][ T5833] Bluetooth: hci9: command tx timeout [ 460.213014][ T5833] Bluetooth: hci5: command tx timeout [ 461.813091][ T5833] Bluetooth: hci9: command tx timeout [ 462.293021][ T5833] Bluetooth: hci5: command tx timeout [ 463.893101][ T5833] Bluetooth: hci9: command tx timeout [ 469.641867][ T5831] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 469.654166][ T5831] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 469.662152][ T5831] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 469.670202][ T5831] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 469.678283][ T5831] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3 [ 469.688818][ T5831] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 471.732990][ T5831] Bluetooth: hci10: command tx timeout [ 472.940038][ T5831] Bluetooth: hci2: command 0x0406 tx timeout [ 473.812862][ T5833] Bluetooth: hci10: command tx timeout [ 474.042372][ T5831] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1 [ 474.051640][ T5831] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9 [ 474.059807][ T5831] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9 [ 474.067837][ T5831] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4 [ 474.075539][ T5831] Bluetooth: hci15: unexpected cc 0x0c25 length: 249 > 3 [ 474.085651][ T5831] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2 [ 475.893022][ T5831] Bluetooth: hci10: command tx timeout [ 476.143103][ T5831] Bluetooth: hci15: command tx timeout [ 477.973712][ T5831] Bluetooth: hci10: command tx timeout [ 478.063997][ T5831] Bluetooth: hci3: command 0x0406 tx timeout [ 478.212901][ T5833] Bluetooth: hci15: command tx timeout [ 479.858396][ T5831] Bluetooth: hci16: unexpected cc 0x0c03 length: 249 > 1 [ 479.884170][ T5831] Bluetooth: hci16: unexpected cc 0x1003 length: 249 > 9 [ 479.894404][ T5831] Bluetooth: hci16: unexpected cc 0x1001 length: 249 > 9 [ 479.904465][ T5831] Bluetooth: hci16: unexpected cc 0x0c23 length: 249 > 4 [ 479.915252][ T5831] Bluetooth: hci16: unexpected cc 0x0c25 length: 249 > 3 [ 479.924726][ T5831] Bluetooth: hci16: unexpected cc 0x0c38 length: 249 > 2 [ 480.292938][ T5831] Bluetooth: hci15: command tx timeout [ 481.973082][ T5831] Bluetooth: hci16: command tx timeout [ 482.373399][ T30] INFO: task syz-executor:7928 blocked for more than 143 seconds. [ 482.383627][ T5831] Bluetooth: hci15: command tx timeout [ 482.389683][ T30] Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0 [ 482.413245][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 482.421967][ T30] task:syz-executor state:D stack:21360 pid:7928 tgid:7928 ppid:1 flags:0x00004006 [ 482.473521][ T30] Call Trace: [ 482.476863][ T30] [ 482.527464][ T30] __schedule+0x17fa/0x4bd0 [ 482.532087][ T30] ? __pfx___schedule+0x10/0x10 [ 482.606318][ T30] ? __pfx_lock_release+0x10/0x10 [ 482.611424][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 482.655831][ T30] ? schedule+0x90/0x320 [ 482.660142][ T30] schedule+0x14b/0x320 [ 482.673404][ T30] schedule_preempt_disabled+0x13/0x30 [ 482.678920][ T30] __mutex_lock+0x6a7/0xd70 [ 482.698788][ T30] ? __mutex_lock+0x52a/0xd70 [ 482.709222][ T30] ? tun_chr_close+0x3b/0x1b0 [ 482.714124][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 482.719190][ T30] ? __pfx_call_rcu+0x10/0x10 [ 482.737228][ T30] tun_chr_close+0x3b/0x1b0 [ 482.741798][ T30] ? __pfx_tun_chr_close+0x10/0x10 [ 482.762956][ T30] __fput+0x23f/0x880 [ 482.767008][ T30] task_work_run+0x24f/0x310 [ 482.771627][ T30] ? kasan_quarantine_put+0xdc/0x230 [ 482.783264][ T30] ? __pfx_task_work_run+0x10/0x10 [ 482.797535][ T30] ? do_exit+0xa2a/0x28e0 [ 482.801910][ T30] ? kmem_cache_free+0x1a2/0x420 [ 482.812743][ T30] ? do_exit+0xa2a/0x28e0 [ 482.817136][ T30] do_exit+0xa2f/0x28e0 [ 482.821325][ T30] ? __pfx_do_exit+0x10/0x10 [ 482.838619][ T30] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 482.850828][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 482.857316][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 482.872775][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 482.877955][ T30] do_group_exit+0x207/0x2c0 [ 482.882574][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 482.905823][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 482.911091][ T30] get_signal+0x16a3/0x1740 [ 482.922916][ T30] ? __pfx___sys_sendto+0x10/0x10 [ 482.928458][ T30] ? __pfx_get_signal+0x10/0x10 [ 482.943716][ T30] arch_do_signal_or_restart+0x96/0x860 [ 482.949319][ T30] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 482.962891][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 482.968957][ T30] ? syscall_exit_to_user_mode+0xa3/0x370 [ 482.991143][ T30] syscall_exit_to_user_mode+0xc9/0x370 [ 483.002982][ T30] do_syscall_64+0x100/0x230 [ 483.007625][ T30] ? clear_bhb_loop+0x35/0x90 [ 483.012337][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 483.030982][ T30] RIP: 0033:0x7fdf849805ac [ 483.038993][ T30] RSP: 002b:00007fffb3acca80 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 483.056537][ T30] RAX: 000000000000006c RBX: 00007fdf85664620 RCX: 00007fdf849805ac [ 483.072944][ T30] RDX: 000000000000006c RSI: 00007fdf85664670 RDI: 0000000000000003 [ 483.080970][ T30] RBP: 0000000000000000 R08: 00007fffb3accad4 R09: 000000000000000c [ 483.112297][ T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 483.122729][ T30] R13: 0000000000000000 R14: 00007fdf85664670 R15: 0000000000000000 [ 483.142942][ T30] [ 483.146092][ T30] INFO: task syz-executor:8084 blocked for more than 144 seconds. [ 483.162753][ T30] Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0 [ 483.170420][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 483.187416][ T54] Bluetooth: hci4: command 0x0406 tx timeout [ 483.222603][ T30] task:syz-executor state:D stack:25920 pid:8084 tgid:8084 ppid:1 flags:0x00000004 [ 483.245778][ T30] Call Trace: [ 483.249114][ T30] [ 483.252070][ T30] __schedule+0x17fa/0x4bd0 [ 483.262880][ T30] ? __pfx___schedule+0x10/0x10 [ 483.267796][ T30] ? __pfx_lock_release+0x10/0x10 [ 483.285259][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 483.290788][ T30] ? schedule+0x90/0x320 [ 483.302299][ T30] schedule+0x14b/0x320 [ 483.309734][ T30] schedule_preempt_disabled+0x13/0x30 [ 483.323459][ T30] __mutex_lock+0x6a7/0xd70 [ 483.328020][ T30] ? __mutex_lock+0x52a/0xd70 [ 483.342809][ T30] ? rtnetlink_rcv_msg+0x6e6/0xcf0 [ 483.347990][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 483.372174][ T30] rtnetlink_rcv_msg+0x6e6/0xcf0 [ 483.377449][ T30] ? rtnetlink_rcv_msg+0x1a7/0xcf0 [ 483.382599][ T30] ? __lock_acquire+0x1384/0x2050 [ 483.400020][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 483.432516][ T30] netlink_rcv_skb+0x1e3/0x430 [ 483.441778][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 483.459843][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 483.465568][ T30] ? netlink_deliver_tap+0x2e/0x1b0 [ 483.470810][ T30] netlink_unicast+0x7f6/0x990 [ 483.490083][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 483.502891][ T30] ? __virt_addr_valid+0x183/0x530 [ 483.511410][ T30] ? __check_object_size+0x48e/0x900 [ 483.522736][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 483.527555][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 483.550830][ T30] ? __might_fault+0xaa/0x120 [ 483.560161][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 483.572902][ T30] __sock_sendmsg+0x221/0x270 [ 483.577629][ T30] __sys_sendto+0x39b/0x4f0 [ 483.582168][ T30] ? __pfx___sys_sendto+0x10/0x10 [ 483.599154][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 483.621054][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 483.631080][ T30] ? exc_page_fault+0x590/0x8c0 [ 483.645380][ T30] __x64_sys_sendto+0xde/0x100 [ 483.650214][ T30] do_syscall_64+0xf3/0x230 [ 483.662871][ T30] ? clear_bhb_loop+0x35/0x90 [ 483.667608][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 483.682742][ T30] RIP: 0033:0x7f4e23f805ac [ 483.687210][ T30] RSP: 002b:00007ffd6d88b370 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 483.707974][ T30] RAX: ffffffffffffffda RBX: 00007f4e24c64620 RCX: 00007f4e23f805ac [ 483.722736][ T30] RDX: 0000000000000028 RSI: 00007f4e24c64670 RDI: 0000000000000003 [ 483.730768][ T30] RBP: 0000000000000000 R08: 00007ffd6d88b3c4 R09: 000000000000000c [ 483.750540][ T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 483.762205][ T30] R13: 0000000000000000 R14: 00007f4e24c64670 R15: 0000000000000000 [ 483.782990][ T30] [ 483.792664][ T30] INFO: task syz-executor:8087 blocked for more than 144 seconds. [ 483.803995][ T30] Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0 [ 483.822857][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 483.842808][ T30] task:syz-executor state:D stack:25920 pid:8087 tgid:8087 ppid:1 flags:0x00000004 [ 483.862762][ T30] Call Trace: [ 483.866093][ T30] [ 483.869051][ T30] __schedule+0x17fa/0x4bd0 [ 483.887269][ T30] ? __pfx___schedule+0x10/0x10 [ 483.892188][ T30] ? __pfx_lock_release+0x10/0x10 [ 483.909157][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 483.922862][ T30] ? schedule+0x90/0x320 [ 483.927163][ T30] schedule+0x14b/0x320 [ 483.931349][ T30] schedule_preempt_disabled+0x13/0x30 [ 483.949034][ T30] __mutex_lock+0x6a7/0xd70 [ 483.959683][ T30] ? __mutex_lock+0x52a/0xd70 [ 483.971291][ T30] ? rtnetlink_rcv_msg+0x6e6/0xcf0 [ 483.983719][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 483.988816][ T30] rtnetlink_rcv_msg+0x6e6/0xcf0 [ 484.010924][ T30] ? rtnetlink_rcv_msg+0x1a7/0xcf0 [ 484.018216][ T30] ? __lock_acquire+0x1384/0x2050 [ 484.032801][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 484.038317][ T30] netlink_rcv_skb+0x1e3/0x430 [ 484.052607][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 484.058256][ T54] Bluetooth: hci16: command tx timeout [ 484.072787][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 484.078137][ T30] ? netlink_deliver_tap+0x2e/0x1b0 [ 484.093403][ T30] netlink_unicast+0x7f6/0x990 [ 484.098213][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 484.121227][ T30] ? __virt_addr_valid+0x183/0x530 [ 484.133236][ T30] ? __check_object_size+0x48e/0x900 [ 484.138579][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 484.152819][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 484.158517][ T30] ? __might_fault+0xaa/0x120 [ 484.172838][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 484.178165][ T30] __sock_sendmsg+0x221/0x270 [ 484.192786][ T30] __sys_sendto+0x39b/0x4f0 [ 484.197336][ T30] ? __pfx___sys_sendto+0x10/0x10 [ 484.202409][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 484.232146][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 484.238685][ T30] ? exc_page_fault+0x590/0x8c0 [ 484.252809][ T30] __x64_sys_sendto+0xde/0x100 [ 484.257619][ T30] do_syscall_64+0xf3/0x230 [ 484.272796][ T30] ? clear_bhb_loop+0x35/0x90 [ 484.277517][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 484.293163][ T30] RIP: 0033:0x7f7c3bb805ac [ 484.297616][ T30] RSP: 002b:00007ffd4ea93be0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 484.313485][ T30] RAX: ffffffffffffffda RBX: 00007f7c3c864620 RCX: 00007f7c3bb805ac [ 484.321496][ T30] RDX: 0000000000000028 RSI: 00007f7c3c864670 RDI: 0000000000000003 [ 484.349758][ T30] RBP: 0000000000000000 R08: 00007ffd4ea93c34 R09: 000000000000000c [ 484.362426][ T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 484.373263][ T30] R13: 0000000000000000 R14: 00007f7c3c864670 R15: 0000000000000000 [ 484.392850][ T30] [ 484.395978][ T30] [ 484.395978][ T30] Showing all locks held in the system: [ 484.423460][ T30] 3 locks held by kworker/u8:0/11: [ 484.447985][ T30] #0: ffff88801ac89148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 484.472819][ T30] #1: ffffc90000107d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 484.498611][ T30] #2: ffffffff8fcc1408 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60 [ 484.512732][ T30] 1 lock held by khungtaskd/30: [ 484.517610][ T30] #0: ffffffff8e937da0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 484.552968][ T30] 3 locks held by kworker/u8:4/62: [ 484.558122][ T30] #0: ffff88802fc33148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 484.587456][ T30] #1: ffffc900015d7d00 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 484.602883][ T30] #2: ffffffff8fcc1408 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_dad_work+0xd0/0x16f0 [ 484.612364][ T30] 3 locks held by kworker/u8:5/1322: [ 484.662796][ T30] 1 lock held by dhcpcd/5496: [ 484.700775][ T30] #0: ffff8880b873ea58 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140 [ 484.734588][ T30] 1 lock held by dhcpcd/5497: [ 484.739309][ T30] 2 locks held by getty/5586: [ 484.752765][ T30] #0: ffff88814d5e60a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 484.762587][ T30] #1: ffffc90002f062f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a6/0x1e00 [ 484.812867][ T30] 1 lock held by kworker/0:4/5879: [ 484.818031][ T30] 3 locks held by kworker/1:3/5880: [ 484.834723][ T30] #0: ffff88801ac80948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 484.861225][ T30] #1: ffffc90004687d00 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 484.879045][ T30] #2: ffffffff8fcc1408 (rtnl_mutex){+.+.}-{3:3}, at: switchdev_deferred_process_work+0xe/0x20 [ 484.898576][ T30] 6 locks held by kworker/u8:9/6232: [ 484.912267][ T30] #0: ffff88801baeb148 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 484.933340][ T30] #1: ffffc9000bc2fd00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 484.952731][ T30] #2: ffffffff8fcb48d0 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0 [ 484.962202][ T30] #3: ffff88802132e0e8 (&dev->mutex){....}-{3:3}, at: devlink_pernet_pre_exit+0x13b/0x440 [ 484.984930][ T30] #4: ffff88802132f250 (&devlink->lock_key#4){+.+.}-{3:3}, at: devlink_pernet_pre_exit+0x14d/0x440 [ 485.015360][ T30] #5: ffffffff8fcc1408 (rtnl_mutex){+.+.}-{3:3}, at: nsim_destroy+0x71/0x5c0 [ 485.032731][ T30] 1 lock held by syz-executor/7928: [ 485.037960][ T30] #0: ffffffff8fcc1408 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3b/0x1b0 [ 485.066102][ T30] 2 locks held by syz-executor/7930: [ 485.071423][ T30] #0: ffffffff8fcc1408 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3b/0x1b0 [ 485.089940][ T30] #1: ffffffff8e93d338 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x381/0x830 [ 485.105657][ T30] 2 locks held by syz-executor/8071: [ 485.110974][ T30] #0: ffffffff8fcb48d0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 485.129615][ T30] #1: ffffffff8fcc1408 (rtnl_mutex){+.+.}-{3:3}, at: setup_net+0x602/0x9e0 [ 485.149342][ T30] 1 lock held by syz-executor/8074: [ 485.166106][ T30] #0: ffffffff8fcc1408 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3b/0x1b0 [ 485.189262][ T30] 2 locks held by syz-executor/8080: [ 485.194762][ T30] #0: ffffffff8fcb48d0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 485.216542][ T30] #1: ffffffff8fcc1408 (rtnl_mutex){+.+.}-{3:3}, at: ip_tunnel_init_net+0x20e/0x720 [ 485.234120][ T30] 1 lock held by syz-executor/8084: [ 485.239344][ T30] #0: ffffffff8fcc1408 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 485.266153][ T30] 1 lock held by syz-executor/8087: [ 485.271385][ T30] #0: ffffffff8fcc1408 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 485.292864][ T30] 1 lock held by syz-executor/8090: [ 485.298091][ T30] #0: ffffffff8fcc1408 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 485.318637][ T30] 1 lock held by syz-executor/8095: [ 485.329552][ T30] #0: ffffffff8fcc1408 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 485.342726][ T30] 1 lock held by syz-executor/8102: [ 485.362791][ T30] #0: ffffffff8fcc1408 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 485.380540][ T30] 1 lock held by syz-executor/8105: [ 485.392833][ T30] #0: ffffffff8fcc1408 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 485.402294][ T30] 1 lock held by syz-executor/8108: [ 485.419560][ T30] #0: ffffffff8fcc1408 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 485.432730][ T30] 1 lock held by syz-executor/8111: [ 485.437953][ T30] #0: ffffffff8fcc1408 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 485.464214][ T30] 1 lock held by syz-executor/8114: [ 485.469453][ T30] #0: ffffffff8fcc1408 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 485.502933][ T30] 1 lock held by syz-executor/8117: [ 485.508165][ T30] #0: ffffffff8fcc1408 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 485.529096][ T30] 1 lock held by syz-executor/8120: [ 485.540161][ T30] #0: ffffffff8fcc1408 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 485.559907][ T30] 1 lock held by syz-executor/8123: [ 485.571963][ T30] #0: ffffffff8fcc1408 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 485.612838][ T30] 1 lock held by syz-executor/8126: [ 485.618074][ T30] #0: ffffffff8fcc1408 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 485.642830][ T30] 1 lock held by syz-executor/8129: [ 485.648059][ T30] #0: ffffffff8fcc1408 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 485.672452][ T30] 1 lock held by syz-executor/8134: [ 485.680247][ T30] #0: ffffffff8fcc1408 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 485.692726][ T30] 2 locks held by dhcpcd/8139: [ 485.697871][ T30] #0: ffff88803902c258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcb0 [ 485.722866][ T30] #1: ffffffff8e93d338 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x451/0x830 [ 485.754231][ T30] [ 485.758644][ T30] ============================================= [ 485.758644][ T30] [ 485.814929][ T30] NMI backtrace for cpu 1 [ 485.819306][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0 [ 485.829829][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 485.839903][ T30] Call Trace: [ 485.843194][ T30] [ 485.846141][ T30] dump_stack_lvl+0x241/0x360 [ 485.850849][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 485.856072][ T30] ? __pfx__printk+0x10/0x10 [ 485.860697][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 485.865672][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 485.871154][ T30] ? _printk+0xd5/0x120 [ 485.875330][ T30] ? __pfx__printk+0x10/0x10 [ 485.879941][ T30] ? __wake_up_klogd+0xcc/0x110 [ 485.884813][ T30] ? __pfx__printk+0x10/0x10 [ 485.889457][ T30] ? __rcu_read_unlock+0xa1/0x110 [ 485.894507][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 485.900529][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 485.906553][ T30] watchdog+0xff4/0x1040 [ 485.910818][ T30] ? watchdog+0x1ea/0x1040 [ 485.915261][ T30] ? __pfx_watchdog+0x10/0x10 [ 485.919962][ T30] kthread+0x2f0/0x390 [ 485.924050][ T30] ? __pfx_watchdog+0x10/0x10 [ 485.928751][ T30] ? __pfx_kthread+0x10/0x10 [ 485.933355][ T30] ret_from_fork+0x4b/0x80 [ 485.937795][ T30] ? __pfx_kthread+0x10/0x10 [ 485.942402][ T30] ret_from_fork_asm+0x1a/0x30 [ 485.947199][ T30] [ 485.951765][ T30] Sending NMI from CPU 1 to CPUs 0: [ 485.958196][ C0] NMI backtrace for cpu 0 [ 485.958209][ C0] CPU: 0 UID: 0 PID: 5879 Comm: kworker/0:4 Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0 [ 485.958229][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 485.958239][ C0] Workqueue: wg-crypt-wg2 wg_packet_encrypt_worker [ 485.958265][ C0] RIP: 0010:kasan_check_range+0x86/0x290 [ 485.958289][ C0] Code: 00 fc ff df 4f 8d 3c 31 4c 89 fd 4c 29 dd 48 83 fd 10 7f 29 48 85 ed 0f 84 3e 01 00 00 4c 89 cd 48 f7 d5 48 01 dd 41 80 3b 00 <0f> 85 c9 01 00 00 49 ff c3 48 ff c5 75 ee e9 1e 01 00 00 45 89 dc [ 485.958308][ C0] RSP: 0018:ffffc90000007020 EFLAGS: 00000246 [ 485.958321][ C0] RAX: ffffc90000007801 RBX: 1ffff92000000e32 RCX: ffffffff8141632b [ 485.958334][ C0] RDX: 0000000000000001 RSI: 0000000000000010 RDI: ffffc90000007190 [ 485.958344][ C0] RBP: fffffffffffffffe R08: ffffc9000000719f R09: 1ffff92000000e33 [ 485.958356][ C0] R10: dffffc0000000000 R11: fffff52000000e32 R12: ffffc90000008000 [ 485.958367][ C0] R13: ffffc90000007140 R14: dffffc0000000001 R15: fffff52000000e34 [ 485.958379][ C0] FS: 0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 485.958393][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 485.958404][ C0] CR2: 000000110c47270d CR3: 000000000e734000 CR4: 00000000003526f0 [ 485.958417][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 485.958427][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 485.958437][ C0] Call Trace: [ 485.958442][ C0] [ 485.958449][ C0] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 485.958470][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 485.958491][ C0] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 485.958511][ C0] ? nmi_handle+0x2a/0x5a0 [ 485.958532][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 485.958551][ C0] ? nmi_handle+0x14f/0x5a0 [ 485.958566][ C0] ? nmi_handle+0x2a/0x5a0 [ 485.958581][ C0] ? kasan_check_range+0x86/0x290 [ 485.958600][ C0] ? default_do_nmi+0x63/0x160 [ 485.958621][ C0] ? exc_nmi+0x123/0x1f0 [ 485.958640][ C0] ? end_repeat_nmi+0xf/0x53 [ 485.958660][ C0] ? unwind_next_frame+0xcfb/0x22d0 [ 485.958682][ C0] ? kasan_check_range+0x86/0x290 [ 485.958702][ C0] ? kasan_check_range+0x86/0x290 [ 485.958723][ C0] ? kasan_check_range+0x86/0x290 [ 485.958743][ C0] [ 485.958748][ C0] [ 485.958755][ C0] __asan_memset+0x23/0x50 [ 485.958779][ C0] ? NF_HOOK+0x29e/0x450 [ 485.958797][ C0] unwind_next_frame+0xcfb/0x22d0 [ 485.958821][ C0] ? nf_hook_slow+0xc3/0x220 [ 485.958836][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 485.958854][ C0] arch_stack_walk+0x11c/0x150 [ 485.958871][ C0] ? __pfx_ipv4_conntrack_in+0x10/0x10 [ 485.958885][ C0] ? NF_HOOK+0x29e/0x450 [ 485.958905][ C0] stack_trace_save+0x118/0x1d0 [ 485.958922][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 485.958940][ C0] ? __lock_acquire+0x1384/0x2050 [ 485.958962][ C0] kasan_save_stack+0x3f/0x60 [ 485.958979][ C0] ? kasan_save_stack+0x3f/0x60 [ 485.958995][ C0] ? __kasan_record_aux_stack+0xac/0xc0 [ 485.959011][ C0] ? kmem_cache_free+0x2e9/0x420 [ 485.959025][ C0] ? nf_conntrack_free+0x2fd/0x390 [ 485.959040][ C0] ? nf_conntrack_in+0xb51/0x1890 [ 485.959055][ C0] ? nf_hook_slow+0xc3/0x220 [ 485.959086][ C0] ? __phys_addr+0xba/0x170 [ 485.959101][ C0] __kasan_record_aux_stack+0xac/0xc0 [ 485.959118][ C0] kmem_cache_free+0x2e9/0x420 [ 485.959133][ C0] ? __pfx___nf_conntrack_find_get+0x10/0x10 [ 485.959148][ C0] ? nf_conntrack_free+0x2fd/0x390 [ 485.959165][ C0] nf_conntrack_free+0x2fd/0x390 [ 485.959181][ C0] nf_conntrack_in+0xb51/0x1890 [ 485.959206][ C0] ? __pfx_nf_conntrack_in+0x10/0x10 [ 485.959227][ C0] ? ipt_do_table+0x312/0x1860 [ 485.959244][ C0] ? __pfx_ipt_do_table+0x10/0x10 [ 485.959262][ C0] ? ipv4_conntrack_defrag+0x2a2/0x5a0 [ 485.959281][ C0] ? ip_sabotage_in+0x55/0x290 [ 485.959301][ C0] ? __pfx_ipv4_conntrack_in+0x10/0x10 [ 485.959315][ C0] nf_hook_slow+0xc3/0x220 [ 485.959328][ C0] ? __pfx_ip_rcv_finish+0x10/0x10 [ 485.959347][ C0] ? __pfx_ip_rcv_finish+0x10/0x10 [ 485.959365][ C0] NF_HOOK+0x29e/0x450 [ 485.959384][ C0] ? NF_HOOK+0x9a/0x450 [ 485.959402][ C0] ? __pfx_NF_HOOK+0x10/0x10 [ 485.959418][ C0] ? ip_rcv_core+0x801/0xd10 [ 485.959437][ C0] ? __pfx_ip_rcv_finish+0x10/0x10 [ 485.959458][ C0] ? __pfx_ip_rcv+0x10/0x10 [ 485.959477][ C0] __netif_receive_skb+0x2bf/0x650 [ 485.959498][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 485.959518][ C0] ? __pfx___netif_receive_skb+0x10/0x10 [ 485.959537][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 485.959556][ C0] ? __pfx_lock_release+0x10/0x10 [ 485.959576][ C0] ? _raw_spin_lock_irq+0xdf/0x120 [ 485.959596][ C0] process_backlog+0x662/0x15b0 [ 485.959612][ C0] ? process_backlog+0x33b/0x15b0 [ 485.959629][ C0] ? __pfx_process_backlog+0x10/0x10 [ 485.959643][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 485.959664][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 485.959685][ C0] __napi_poll+0xcb/0x490 [ 485.959706][ C0] net_rx_action+0x89b/0x1240 [ 485.959728][ C0] ? __pfx_net_rx_action+0x10/0x10 [ 485.959743][ C0] ? __pfx_tmigr_handle_remote+0x10/0x10 [ 485.959780][ C0] handle_softirqs+0x2c5/0x980 [ 485.959801][ C0] ? do_softirq+0x11b/0x1e0 [ 485.959819][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 485.959840][ C0] do_softirq+0x11b/0x1e0 [ 485.959857][ C0] [ 485.959862][ C0] [ 485.959868][ C0] ? __pfx_do_softirq+0x10/0x10 [ 485.959885][ C0] ? __pfx_lockdep_softirqs_on+0x10/0x10 [ 485.959904][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 485.959924][ C0] ? rcu_is_watching+0x15/0xb0 [ 485.959941][ C0] __local_bh_enable_ip+0x1bb/0x200 [ 485.959959][ C0] ? wg_packet_encrypt_worker+0x1561/0x1610 [ 485.959980][ C0] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 485.959999][ C0] ? wg_packet_encrypt_worker+0x12a6/0x1610 [ 485.960022][ C0] wg_packet_encrypt_worker+0x1561/0x1610 [ 485.960052][ C0] ? __pfx_wg_packet_encrypt_worker+0x10/0x10 [ 485.960106][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 485.960127][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 485.960151][ C0] ? process_scheduled_works+0x976/0x1850 [ 485.960171][ C0] process_scheduled_works+0xa63/0x1850 [ 485.960200][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 485.960222][ C0] ? assign_work+0x364/0x3d0 [ 485.960242][ C0] worker_thread+0x870/0xd30 [ 485.960264][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 485.960281][ C0] ? __kthread_parkme+0x169/0x1d0 [ 485.960302][ C0] ? __pfx_worker_thread+0x10/0x10 [ 485.960320][ C0] kthread+0x2f0/0x390 [ 485.960334][ C0] ? __pfx_worker_thread+0x10/0x10 [ 485.960352][ C0] ? __pfx_kthread+0x10/0x10 [ 485.960366][ C0] ret_from_fork+0x4b/0x80 [ 485.960385][ C0] ? __pfx_kthread+0x10/0x10 [ 485.960398][ C0] ret_from_fork_asm+0x1a/0x30 [ 485.960423][ C0] [ 486.702598][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 486.709495][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0 [ 486.720016][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 486.730088][ T30] Call Trace: [ 486.733382][ T30] [ 486.736328][ T30] dump_stack_lvl+0x241/0x360 [ 486.741032][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 486.746255][ T30] ? __pfx__printk+0x10/0x10 [ 486.750945][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 486.756955][ T30] ? vscnprintf+0x5d/0x90 [ 486.761307][ T30] panic+0x349/0x880 [ 486.765224][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 486.771396][ T30] ? __pfx_panic+0x10/0x10 [ 486.775833][ T30] ? tick_nohz_tick_stopped+0x82/0xb0 [ 486.781230][ T30] ? __irq_work_queue_local+0x137/0x410 [ 486.786800][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 486.792188][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 486.798362][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 486.804547][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 486.810725][ T30] watchdog+0x1033/0x1040 [ 486.815077][ T30] ? watchdog+0x1ea/0x1040 [ 486.819519][ T30] ? __pfx_watchdog+0x10/0x10 [ 486.824219][ T30] kthread+0x2f0/0x390 [ 486.828307][ T30] ? __pfx_watchdog+0x10/0x10 [ 486.833001][ T30] ? __pfx_kthread+0x10/0x10 [ 486.837607][ T30] ret_from_fork+0x4b/0x80 [ 486.842048][ T30] ? __pfx_kthread+0x10/0x10 [ 486.846653][ T30] ret_from_fork_asm+0x1a/0x30 [ 486.851459][ T30] [ 486.854739][ T30] Kernel Offset: disabled [ 486.859061][ T30] Rebooting in 86400 seconds..