last executing test programs: 6.685514978s ago: executing program 3 (id=715): r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e1f, 0x9, @local, 0x1d}, 0x1c) syz_emit_ethernet(0x3e, &(0x7f0000000180)={@link_local, @remote, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x8, 0x11, 0x0, @rand_addr=' \x01\x00', @mcast2, {[], {0x4e24, 0xe22, 0x8}}}}}}, 0x0) 6.492874944s ago: executing program 3 (id=720): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r2 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=@newtfilter={0x90, 0x2c, 0xd27, 0x70bd28, 0x6000000, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {}, {0x7, 0xe}}, [@filter_kind_options=@f_fw={{0x7}, {0x5c, 0x2, [@TCA_FW_ACT={0x58, 0x4, [@m_nat={0x54, 0x1, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0xfffffc00, 0x8, 0x10000000, 0x200000b, 0xff}, @broadcast, @local, 0xff, 0x1}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0x11, 0x8}}]}, 0x90}, 0x1, 0x0, 0x0, 0x4}, 0x4000800) 6.325792941s ago: executing program 3 (id=723): openat$binderfs(0xffffffffffffff9c, 0x0, 0x800, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r1) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000000)={'syzkaller0\x00', @broadcast}) write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x9, 0x4, 0x6, 0xfffa}, 0x1d, [0x1, 0xc95a, 0xfffffff3, 0x9, 0x80, 0x2, 0x3, 0x7f, 0x2, 0x4d, 0x39cc191a, 0x5c, 0x9, 0x5, 0xfffff807, 0x0, 0x5, 0x48, 0x0, 0x2ab, 0x4, 0x7, 0x101, 0x3c5b, 0x7fff, 0xa, 0x9, 0x1, 0x1f461e2c, 0x7, 0xe661, 0x7fff, 0xb, 0x3, 0x7fff, 0x4c74, 0x80000000, 0x800242, 0xffffffff, 0xe, 0x0, 0x71, 0x2, 0x7, 0x3, 0x2, 0x5, 0x3c, 0x8f, 0x6, 0x6, 0x3, 0x80092aa, 0x4, 0x1, 0x30000000, 0x80, 0xdee9, 0x7, 0x3, 0x8, 0x800004, 0x1, 0x40], [0x4, 0xffff, 0x12f, 0x6, 0x10, 0xfffffff3, 0x4f6, 0xcb, 0xf9, 0xd, 0x2bf, 0x5, 0x40, 0xfffffffc, 0x3, 0x0, 0x7, 0x5, 0x2f, 0xe, 0x40, 0x1, 0x0, 0xfffffffe, 0x0, 0x4, 0x680, 0x9, 0x3fe, 0x401, 0x6, 0x4, 0xfb, 0x5, 0x8cd, 0x5f31, 0x4, 0x900000, 0x2, 0x2, 0x9, 0x4, 0x9, 0x8, 0x5, 0x6, 0xb, 0xa, 0x1, 0x9, 0x9, 0x2, 0x7f, 0x9, 0x1, 0x3, 0x9, 0xffffffff, 0x7, 0x3, 0x9, 0x48c93690, 0x42, 0x400005], [0x6, 0x3, 0x80000400, 0x2, 0xff, 0x100, 0x8d2, 0x9, 0x5, 0x7fff, 0x400, 0x800001, 0xb, 0x2000005, 0x5, 0x1005, 0x0, 0x1f0, 0xfffffffd, 0x2, 0x86, 0x1, 0x9, 0x6, 0x9, 0x5, 0x2, 0x2, 0x800, 0x8, 0x5, 0x8001, 0x7, 0x38, 0x800003, 0x440, 0x80, 0x3, 0xcc52, 0x950bfaf, 0x1000, 0xa2, 0x7, 0x53cf697b, 0xfffffff9, 0x6, 0xac8, 0x3f, 0x10002, 0x40e, 0x7ff, 0x3, 0x0, 0x1, 0xffff, 0x1, 0x6, 0x1d, 0x7, 0x3, 0x6, 0xaaed, 0x4, 0xff], [0x81, 0xbb31, 0x203, 0x8, 0x5, 0x1, 0x6, 0x5, 0x0, 0x3, 0x80ce7, 0x1ff, 0x3, 0x7, 0x71, 0x1003, 0x101, 0x10000, 0x6, 0x7fff, 0xffff, 0xe620, 0x2, 0x2, 0x1, 0x2, 0x14c, 0x9, 0x6, 0x4, 0xffffffff, 0x80000000, 0x7, 0x8, 0xc6, 0xee1, 0x0, 0xffff, 0x3, 0x40000004, 0x100, 0x20009602, 0x4, 0x2, 0xffff, 0x6, 0x1, 0x10080, 0x6, 0x8, 0x30b1d693, 0x5a2b, 0xc, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1c, 0x1, 0x200, 0xffff3441, 0xfff]}, 0x45c) socket$tipc(0x1e, 0x2, 0x0) sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0) ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0) 5.627130817s ago: executing program 4 (id=729): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) clock_adjtime(0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000140)={0x4, 0x0, 0x0, 0x2000, &(0x7f000002f000/0x2000)=nil}) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000200)=ANY=[@ANYBLOB="0100000000000000034d564b0000000001"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 5.293379578s ago: executing program 4 (id=730): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, 0x0, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtfilter={0x50, 0x2c, 0xd3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0xb, 0xfff3}, {}, {0x7, 0x300}}, [@filter_kind_options=@f_basic={{0xa}, {0x20, 0x2, [@TCA_BASIC_EMATCHES={0x1c, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}, @TCA_EMATCH_TREE_LIST={0x10, 0x2, 0x0, 0x1, [@TCF_EM_META={0xc, 0x1, 0x0, 0x0, {{0x7, 0x4, 0x4}}}]}]}]}}]}, 0x50}, 0x1, 0x0, 0x0, 0x10}, 0x0) 4.000365167s ago: executing program 3 (id=735): mount(0x0, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080)='vfat\x00', 0x20c00a, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) io_setup(0x0, 0x0) eventfd2(0x6, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r2, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001d80)=[{&(0x7f0000000340)={0x24, 0x26, 0x503, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @pid=0xffffffffffffffff}, @typed={0x8, 0x32, 0x0, 0x0, @pid}, @nested={0x4, 0x12f}]}, 0x24}], 0x1}, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f00000000c0), r2) 3.907200974s ago: executing program 4 (id=737): openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x40082, 0x0) socket$packet(0x11, 0x2, 0x300) socket$nl_route(0x10, 0x3, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89101) syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000000200)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d2407000005000000000000000c240000e9fffff5ffffffff092403f3ff000005024524", @ANYRES8=r0, @ANYBLOB="05", @ANYRES16=r0, @ANYRES8], 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 3.464791155s ago: executing program 0 (id=742): bind$inet6(0xffffffffffffffff, &(0x7f0000000140)={0xa, 0xe22, 0x0, @loopback={0xff00000000000000}}, 0x1c) connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e1f, 0x9, @local, 0x1d}, 0x1c) syz_emit_ethernet(0x3e, &(0x7f0000000180)={@link_local, @remote, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x8, 0x11, 0x0, @rand_addr=' \x01\x00', @mcast2, {[], {0x4e24, 0xe22, 0x8}}}}}}, 0x0) 3.430718289s ago: executing program 0 (id=743): ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000340)={'pimreg1\x00', 0x1}) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000006c0)=ANY=[@ANYRESOCT=r0, @ANYRES32=0x0, @ANYRESOCT], 0x34}, 0x1, 0x0, 0x0, 0xc0}, 0x4010000) r1 = socket$nl_route(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x7, &(0x7f0000000500)=ANY=[@ANYBLOB="1879bf17e61817000085a54f6dc782ba557910deb900105298ce940018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x60, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffff9ce}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000540)='devfreq_monitor\x00', r4, 0x0, 0x4}, 0x18) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_TID_CONFIG(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="8b332abd70000000478d1500000008009900"], 0x30}}, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) readv(r7, &(0x7f0000001340)=[{&(0x7f00000001c0)=""/144, 0x90}], 0x1) readv(r7, &(0x7f0000001240)=[{&(0x7f0000000040)=""/73, 0x49}], 0x1) kexec_load(0xffff, 0x7, &(0x7f0000000c80)=[{&(0x7f0000000740)="c1d04c3caf1b1b000e0d93c7e09cd7f522bedb6f3d4094ed4f307414f7f764eb0ab44fbe68e3f75b68b98a87b81e11f2f56d24f12c8beaefa2be6653bb43f5407f76ba61d53df83b99c6faf5c78ff6dbd64cd77e7e0f2c8496be2df4ac9cab13c01f5f43cfd53f619e3f90", 0x6b, 0x8, 0xa}, {&(0x7f0000000540), 0x0, 0x3, 0x400}, {&(0x7f0000000940)="928b5e5bb7875721620d34c117517396c43e3e6509f60d1ac008c7c972a4ba4be4cdbc0951cceaf79179eb4ad19bc0b8308e732c5b1123e9842f48f5ad72c426c8f61a24a25d5e868c405c0ab976adf058b5caa167d4b788714c442e1c3ddcbe294716f5a3a34f9f7f91ef3628f6023428f8fbba687e5001b7112f6e628186779f39220af949a6e3282d534e404587c5a86098293f3991e30970ee27e6f1e58de6110e6fccf3e0c4a293309c957d16b0ef9f4bb11d075de69272f0ca303bbeb3fe9c6f85aed37ec9a660076b9c764971e2657dbb453386e7a2168352dadd22017e0c0c769aea71d7b10766cc3363a14b8ad3fdc94fcc", 0xf6, 0x8, 0x7}, {&(0x7f0000001380)="526adaf7b815dbe2606c439b0955acf1516bfeb2cbc564f41247d05c605fdd9bd16e56598a3b6d340985b3cbf8490ab8ab4f775ecadcc9b1927bab401c3521ee4c9889a5602c217bb64f6e69654fd3b41c6a10e7d833adb1d2ba0d63c89849ca648ac3af05642ccb2170c6014970938a8dfd43f4a3ccd0f1194b7aa981a650c5282af2f2731f112cdf9bf87fc188ff305ac37848f02688a3f472e49845d72b80ac8d1ee6f4d0cde90ddbce55b83b0ec6caae85d84fb09159dae95981e1699db1d838ca6990b6f82239ec7f73ae2d1eef429a3998f1ea73121122d7b8d925658ce3748a4f0c1322be9739422d4a1b62966b5c3deaaee2683c9c111a1bf1cb8542e53bb754d68447b50790e312b32b2de6a5f528414a7458d023dfe3fefdde93a52cea31f8a893555bd0e993a7dadf6f0920682d834d37d71847caa4130fc81f491a498f0887f43a160aa2e9271e94e0fc147a1c2ca915ef6cf7eae6b9a35ce25e127822973ffa95bae693d15fd75f5d8808ca94b9bc1f243593ebe26bbc95556047964f0fde9b5e4adc631d166939d7df39558504165ca34074d4486a43e750f64a7f66d5a677b2c800ff2b5a453530e14b4df5f29d7d41192e3cf80c31776455ddbf522927ee30224810115084169196ac93a049b9926d0951a74e01f925cd58114c93823fd412a16660631d3f9ecec5250cb3c4e0f01d93adbf1f3313d70274a4da2831cb7284fb6c39a69732a2bb248e9759bfb1bd17b9a5d1c11fd06629c9562aa4fcbf131ab9d78e7b59476ec1f922e72f647e8f356bde22c471c9dc5d7c15960217f425e9de7e14fd08b55a52f247e3995c302c08d58cf764e8c919493367ef72d44185f84fd93b86f00f504d33c9112aed5da3eea702b6f032bfb4fb2ef65f241ff529532eba46b7dab5c64e01b0bef519eca74df1c587a43a4b8a282377c2fae63038d85a90e33eaeba169c6d615b673f08532984830d63f4f38fff956c0efcfa56c9486389f53d417dc401f15320b4f5f5f8e0496ec3ba93f6d4dbbac19f851368cabe4da44a260f89f955271c899484a8c77807134af8a8f56b1f7b5243f2a895aeda2b6f7b14d76f229ecc2229b377e15ccb5fe5c6ba8800d053935c5900ea75a9df50a524446f4cef566b648fc395e633262cdcaf46547fadfaa46dad373c78a14ecda420500e8c2c72c8d85381b1fa5c6186ef992fefd43a9d382efe376fe178e10f66700a1713f600ee299030bc4999561b2fbd3a84cea3f57a1dfb09d280b2ffbf91955ecb122ebd1b9723e27256cc429bf95f59c6a3d40f684b40c77d0e27bd5794afafc2ce2c873d9e94eea3fc1fa5d045779ce10a9d75afe583f2a7399d0e1018556c3a545017085f00c8b9197bfedb4f6c61f9d6d2254988a23092915443bdac8bd923cdcdb4150f46a39c6f0c0b3321edb569f7d9efa0a7825e3afc5b9078073fa43edd254c6ac947358f25d6c808676788454ed3787b8c7453da66117e1470f7163e9e92670026fca2ba7de3b331f8f3263e95194768b8f812026af9d48c8d3fcd85f34d7220b12172182d9635fb8cc35464e68ea017a300844c247f58cebf953062918f5e2bcf88bee92df93187e1278fda7e3cc05618cd8defd063532ea9aa1682f2909c17624d5f8862b61edde2550627a76faad3b1993bd7973faac1b0f6670e20f5c7574be49cf8a916fd4a4ff89778dc175fee2c10683029f46f7e0bcc67ac3158d03ec01071504a284510c608882bef4f7f0d688420bee26daab822064716c024d4d6087dbc1d3ade45094551c525adf5f12bd7092dd3d448679c16609c7080934651fb0fc2678e25e014866a3497cdddbab979c6428c596e3a52fea4a8050a50c5cc9c406a49d3465aecd82a8a0d137a4c28a0ac100b843c30587b1e03af37ea4163f14d7cbbcae201e8d686e7c2f013c8c563a3c907c607c1a477a19bc387855bc341567865a8f0de3e947a1e3132e522bb85cf7333930c4ad6ac2697dccad4a824e6dc637422f7902fdef0ff952fed3409c5998ad82ab083c3fe336392541a388226324a3634f9c59a5adfe53b49bd2ef65583547e708a2663ba5910ab6fdd05897f5cccb1ca7f0f9e3b4650364f26d2ee39cae3f10249e7d6a624d49a59ac6a16314bf6778a2509a3177ccdeaebd08d1f16cffaca44f736dab8f414945135338fc0c6ad29f37918ac13b341a60df5422cd4eeb6fc049d36f969f2a488e8e5e61aba427f5c08584a89be5f9e7fd82f9a4e6fcdd3fc9d16030778b14d57dbc88f5b6e43488017907052463187fb88278be9e6508878165a5b08287bc4c5e73d7d920d9933efdd8e10280bffe7ea97ff01e8389431de7727044e35abb9bcc399e549b82889f017473e42cad2642cf6123c611cf8decd6df7831d6eab75f3e3a10de62a37b1b76e5fab108752984921f531dc83ab7f6eb58cc785308a4277caa7e9fd7e146d8177a112088b4a348ee72f331e570c4b9d151dadb94952c842c6eb3e353c995345a82027ca2bac4c7c0a04801cb06d228db734e6b99a7f8aede0b227d804b2c7a3e1424285d2506df0abb1245f9f28f6d61d62f824797b6073ffde33033c453e01244aaefc02f11e94d768f34e9eda0061cab2116c8f06765fa4ac05a2cb2bea0ddae31f49593dd7fb4dccf467649b161dc87f2c87b2e2a1078fcf7887f8a8b7179ef76ee1725c1292a3a2f6f7584f268d5d17e10ecdb405f13b5dcc9d28a3dd0424d213dc79c0b8cd360fc185f5c8330e2d479fb960ce819c1738762eae99b3a9b06fdf5aa3566d6606ac67708af43e77bf300323b122161fce7cb87232fb11275f94cb5b004ebb745ced636fcdf147008ec178be2e2226fe6390541afbba806e95a54c8ba949e8f730fbf503cec7727df62be325fd8f3fa0964386a74ffba356867dcf40997fbad3ab0ea87d5c5831372e08a5fcdfe2fbdccdb13aa3bc6cdac0552d01346ac9b2af99d2cc6dcd1f37414b0c205421d68c7840427f259a94518b87d35529e85cf0612f31cc1c72c6f62f0510bdd83d6dd22830815cb42d11c50a97e02b403af489aefcd1fb4d76afa4bcb4d4f0d8d417e5fb7789bdb03ad7ab2ee5a7a19f6e6c34dd21d5ab3b6bfc9f7a1b28d98b8ec7189495c66a30c93e494b9f9d9ae6ebe8c90ac3a2225c7f3712ca040c7707d5671b55a4843e740abee31c06cf580f23990cad1fd064f10663da884e63e30107b90a7f0e41361b9757e25f47cc034291934f1d119ff17112d988ee6518c2bb361f3ccb993de11f3a7f7ee0dca23c6a7895d96095c71f0a53ce6a59e34d02ffcbdbf7857b950b2791c9d9a8d9411031461371e20c01d091b0070aefde03e64a86320c789bd70709072065df6272d64c006e52977cc15f2f92bc2209c06d8defa8734ad113570ad0cf3a6ad87147969028ab5e7eda54e0fcdc24e8e26c9004a5bb9b67888c30d53893b5b0c90662d1f2caf2abbc636bd85b8b3a3975e0f61331a5e4cbd98a2778776655097a5e3a7133c965c26661892dceccdf5c11cacb244cc88cef58da3c2a1b05364eb1c172edea64e8fabef89b7c96c3304b4034e7de26c4288b470aeb6d8d95e368ff5a62405cc1c087418ecfc72ce4ca650fa6e7866310132f665687ce9f0ac683385d44726611a486437800ae6c1478f73d10e0c5ed8d8eb5a8dd4e39520664f6c9edaea9034d87505372df05d919d9ca686951003f546d12d472611bcb4c31769f952a8f90936f2a3c7490dad5d0799d5b0b4698d3db400fe8db0369ae2b3613a9868fad276f6247f6dfbcd46729007299e11743757323872c2f15f89c68b7e53e0f6ec46f6e6e4a005a599ea358caf6fbd527b7f3c8576becffe29072f0ddc6c049361ffb8e9645fb0a5743ea3d5d850e8a1c13afa09c8ef3e7bd3d5ae091e9f3f1f60c5f41523aec2ad68aa0caaaf30386b24bc20249e37248b54bb66e6f5e31e7d5874c93f906ac1db626d889345e832734eecf23d9541d07f800906b2d1605ac40cd714cda1ef30978e34dd71c918745d54c47ce2dfa2ac7b675b82af794fe0d69efe8879a3cd47842403fb6e0ed442dd0afb1bd57065e95a9fb9c30fb3811346d9391d2a38b237464d22ea5d41fdcb858e6c6afd03bc47a56b015544f597afd47b11169b4a1a5b0fa0dbc7d958ff7f7888e790366e8c28cebe3653003a84bdaf1488a89e506942d00a6a8a473a7c341f6b84ba17ae6e6d86162a5c3bdaa586eab73b8611beee7ae5e12222f13e6862dd726c86fd867595214281224a836f65521ac3b5afe1a6848c8ba1a7fc8745684f69bc8faa8dac71dff0e1d557b73f96657a415b5ae0647dd2111d7f1a7e43f28fb062d315ed291d4952d8d2e92aebcbe9967b834e640b5a734c7cc70c73fe0d0d18d96fd3c33f8303394e88425cd53fa33c0b02fc8ecf3c5434d38e87538c8e5eb90b41112e246c0e5cfd5231edf47a76d2c71714498942e5cd6e067960bdff8bad1a4a5020ae1aa4303dcf5280d7d212abef86a3514b3c429c2c48d4c8d6a5ac2353e9f1e5d7ef4e94c1320735f7ca6a18cdb0053ba5ba291c4fd3ffb6b129cda309df89bb979f549cbf3d91b123ceed0864cbaccb75b76b336321e6118b69e067f4ff87104c9ea170d3d5943bc6c15dbfe962bb6cf4715267b51139641170e9996205fe22b4a7d416423d2640783c44865093645a93420bba267e84c7649211d4b6d6c209b052a6d9402b4b7672d7647f794c3765adce8187f6bebb3a139d8d1490854c3da2773e48fa85e5abb31d6dc30cfe838285dcfbad45e937828530545f5c2fa133a35a911fabba747a71f9e6c3823ad17bffffde7be590a81a2077c953c504bc561a08d2fed410e7d9bb820c62b1d7fc3f5145a8d90daf986af52536d728c266560db6a39e2edbc224a9ad449abbcd9dcf3d5c0342902f30db78c4d5652493306b24f049d2ef5f8770c9f7f306c034183be2eddc77871c7f9f7ca95d496351df69032b227c88b8177dc16fe5017e8039916b4c4f7d38ad3e83ab4f5a35401fd13795b32f98cac55bbe11c09572320056677594a24e90996792848797d9407841d2b82968360662493a5e4f594d5ad885b0749643c90c3159a3d95049c10666d2bcfacf1102ba41322aaf75b850da3076e2b23ef2dff0e71d2b13f2771a42a77c2ff465dddd72ad907728faba95baa71005a1856bae8eb638c86cf1ba49a69827fa893952a75edecb83d61a1e44d71368b7b08d454fc5e094d5e6c89ad5c2859b2bc2548ee761500c6d9a985131ea2551258251fb872cb62f4eb308664febccfbb23b3bb900a4c21d3555ffa7ac7c48dcc9ae1acdb7d958b0356055a51d511054c656971e1a46d9ad47718f553cd016b31a9555b74eb56d80fe236d9338eb70660180a9e110af4fd3265e055817f5455b76e1bedf6f6cca7c0ce7ef739f41cbbbfdf6ca21617c325a9b6161900ca4fd43c78a235cdb67ec83d4944eb74e3ce1e8c25f161717ae906d207537103333b1c3c72e5d36d623e3a5539b890f1a56c8632b8a9645450d173785676888d7bdb7021f720020044c076505093acf617c7ca0c058585eabd9da3cab9fd1712395ee0dc5c91ac149561a18df21633eaeda23411b3efed64fd5ab8c47e3449b97c4561820f8be01c4d0a8d291adeef7bd618b5904801361a741a120a14899dbe88abd48ebb209b7ae914cdc4dad2f437ca138aef6c2710991d8b1327bb76cb856e54d4fb60bff702bc9df34927ca8667e0f367cb0d148f3d62a87822a9b68084f06893fa36d83fc714fe", 0x1000, 0x2, 0x8}, {&(0x7f0000000640)="73b91bebef43", 0x6, 0x1000, 0x3}, {&(0x7f0000000ac0)="bd1c744bebb035e845646e2ac9fd5938f6a4534794035de7683441e9e934fb4ed24186fcf6c505304e9598a5de601ab8fa1c724210b411abd2fd8b03cd4d5ee74b9bc0d0f31c9500f89ba38ea4626669531b35452782a3a023d25669c215aed237e060be9a2778a689b0894ea2d7b9a9834b844d9b408ef4116034a31ced736e2d6904a6a6eee4f40760c86c68b8472711ffb8c6884a25471810a89ebc1f05d7a699d92f2e37280a2b7c22504a1067d5cc0b257bb742a9019e05f8417c0cf726d87193452428aec7069120a9ae6e18bc64ccf3addda4093605bff12dcc0109", 0xdf, 0x239, 0x9}, {&(0x7f0000000c00)="491436d15814b92dfe6c587ef5e9b24e36b177f29ab9ba9e8475428205e35f9ed88822b33434699fb8b2a119efb9ca9fb5533147d9db2c7b23ba6448803fdffbf429f9813722dc7d761a5ae8bcb1869bd52cc278c89b697c04d0cd6ab26a2e19e511839001b2dad0", 0x68, 0x8, 0x58ce}], 0x2a0000) read(0xffffffffffffffff, &(0x7f0000000040)=""/170, 0xaa) sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000007c0)=ANY=[@ANYRESOCT, @ANYRES32=0x0, @ANYBLOB="158804000300000008001b000000000008000d0001"], 0x30}, 0x1, 0x0, 0x0, 0x40801}, 0x4000000) bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040), 0x4) r8 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IPT_SO_SET_REPLACE(r8, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0xc08, 0x3, 0x468, 0x0, 0x5002004a, 0xb, 0x310, 0xea02, 0x3d0, 0x3c8, 0x3c8, 0x3d0, 0x3c8, 0x3, 0x0, {[{{@ip={@rand_addr, @local, 0x0, 0x0, 'erspan0\x00', 'ip6tnl0\x00'}, 0x0, 0x2c8, 0x310, 0x0, {}, [@common=@unspec=@bpf1={{0x230}, @bytecode={0x0, 0x2, 0x0, [{0x61}, {0x16}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0xfd}, {}, {}, {}, {}, {}, {}, {0x0, 0x80}]}}, @common=@ttl={{0x28}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'pptp\x00'}}}, {{@uncond, 0x0, 0x98, 0xc0, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@NFQUEUE2={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x4c8) openat$vcsa(0xffffffffffffff9c, &(0x7f0000000080), 0x2401c0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r9 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r9}, &(0x7f0000bbdffc)) flock(0xffffffffffffffff, 0x5) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x503, 0x0) 3.274331288s ago: executing program 2 (id=744): ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000000000073fa004000000000b7"]) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000380)=ANY=[@ANYBLOB="0100000000000000b00000"]) 3.099862293s ago: executing program 2 (id=746): socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)) openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x800, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="3c0000004800010000000000000000000a00806edc3bb4d59a5693b2ef0b76080000000000000014ffffffff2e79075827af5aa534"], 0x3c}}, 0x0) socket$packet(0x11, 0x2, 0x300) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) mount$tmpfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='huge']) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x40000, 0x0) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000000f478ef8ed"]) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[], 0x1fc}, 0x1, 0x0, 0x0, 0x48090}, 0x0) r1 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) pipe2(&(0x7f0000000140), 0x80800) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x0, 0x2, 0x0, 0x4002004c4, 0x1004, 0x45c5, 0xc595, 0x7, 0x2, 0xffffffffffffffff, 0x2000000000000000, 0x80000004000000, 0xc], 0x8000000, 0x2010d3}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 2.797560934s ago: executing program 2 (id=748): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, 0x0, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtfilter={0x50, 0x2c, 0xd3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0xb, 0xfff3}, {}, {0x7, 0x300}}, [@filter_kind_options=@f_basic={{0xa}, {0x20, 0x2, [@TCA_BASIC_EMATCHES={0x1c, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}, @TCA_EMATCH_TREE_LIST={0x10, 0x2, 0x0, 0x1, [@TCF_EM_META={0xc, 0x1, 0x0, 0x0, {{0x7, 0x4, 0x4}}}]}]}]}}]}, 0x50}, 0x1, 0x0, 0x0, 0x10}, 0x0) 2.79380346s ago: executing program 1 (id=749): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x43}}, 0x0) r0 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4040095}, 0x8010) sendmmsg(r0, &(0x7f0000000000), 0x4000000000001f2, 0x0) 2.648217439s ago: executing program 1 (id=750): bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x10, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='vm_unmapped_area\x00', r0}, 0x10) io_setup(0x6, &(0x7f0000001380)) 2.50030743s ago: executing program 0 (id=751): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000200)={0x0, 0x0, 0xf000, 0x2000, &(0x7f0000f9a000/0x2000)=nil}) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000)=@arm64={0x8, 0x2, 0x2, '\x00', 0x2}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, 0x0}], 0x1, 0x8, &(0x7f0000000380)=[@flags={0x3, 0x18c244}], 0x1) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2.433475693s ago: executing program 4 (id=752): socket$packet(0x11, 0x2, 0x300) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, 0x0) r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$netlink(0x10, 0x3, 0x4) writev(r3, 0x0, 0x0) setsockopt$netlink_NETLINK_CAP_ACK(0xffffffffffffffff, 0x10e, 0xa, 0x0, 0x0) write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0) syz_usb_connect(0x2, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="120114005e8ddc20f905ffffebfd010203010902"], 0x0) pipe2(0x0, 0x80800) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x0, 0x2, 0x0, 0x4002004c4, 0x1004, 0x45c5, 0xc595, 0x7, 0x2, 0xffffffffffffffff, 0x2000000000000000, 0x80000004000000, 0xc], 0x8000000, 0x2010d3}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2.375936941s ago: executing program 1 (id=753): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000009008500000082000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kfree\x00', r1}, 0x10) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f00000001c0)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000580)='sched_switch\x00', r2}, 0x10) socket$pptp(0x18, 0x1, 0x2) r3 = syz_open_dev$usbmon(&(0x7f0000000900), 0x7, 0x0) io_uring_setup(0x1de0, &(0x7f00000000c0)={0x0, 0x45d6}) ioctl$MON_IOCX_MFETCH(r3, 0xc0109207, &(0x7f0000000c40)={0x0, 0xfe72}) ioctl$MON_IOCX_GETX(r3, 0x80089203, &(0x7f0000000a40)={0x0, 0x0}) 2.215436274s ago: executing program 0 (id=754): write$FUSE_CREATE_OPEN(0xffffffffffffffff, 0x0, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000000080), 0xffffffffffffffff) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = dup(r1) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x3, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2) syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 1.837496557s ago: executing program 0 (id=755): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000140)={0x73622a85, 0x7cab6ced6415608, 0x3}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000006c0)={0x4, 0x0, &(0x7f0000000540)=[@enter_looper], 0x51, 0x0, &(0x7f0000000600)="8dcdbd6d42ccdb4d556e7c2df713f0976fa3babb5f759be053e97109c9075d28dd5945ae6cb4e4d7866fe0493fb5c9157fdee7247f8cbf6c4e75526dc08c3ae8609b8760a00535639755c0fd5010ceba2e"}) mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000002c0)={0x44, 0x0, &(0x7f0000000380)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0}) 1.407165198s ago: executing program 1 (id=756): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'erspan0\x00', 0x0}) bind$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x1a, r1, 0x1, 0xf, 0x6, @multicast}, 0x14) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f0000000440)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', r1, 0x0, 0x0, 0xffff, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x4, 0x0, 0x0, @loopback, @empty}}}}) 1.325172187s ago: executing program 1 (id=757): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10) clock_getres(0x2, 0x0) 1.271265116s ago: executing program 3 (id=758): openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f0000000280)) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x7) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text64={0x40, 0x0}], 0x1, 0x41, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000200)={0x1fd, 0x3, 0x80a0000, 0x1000, &(0x7f0000002000/0x1000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) memfd_create(&(0x7f0000000000)='\x00', 0x0) 1.187429572s ago: executing program 2 (id=759): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0xa101, 0x0) ioctl$TCSETAF(r0, 0x5408, &(0x7f00000000c0)={0x4e00, 0x0, 0x730, 0xbdff, 0x90, "febbad541a00"}) write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xff2e) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0xffffffff, 0xdd69, 0x0, 0x0, "0062ba7d82000000000000000000f7fffeff00"}) r1 = syz_open_pts(r0, 0x8182) r2 = dup3(r1, r0, 0x0) ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000140)=0x16) 234.944498ms ago: executing program 0 (id=760): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000540)={0x73622a85, 0x100}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000240)={0x4, 0x0, &(0x7f0000000200)=[@enter_looper], 0x50, 0x0, &(0x7f0000000580)="de547e22bade76f1a03b79e954ee20bc43f7fe47218a02ff8ba942478a7b69462fc21aff55002ce55e854564e7d309f20d222f9220c8d9b1b0d196137252587ab17948adf2dcbba03d2f3e0e647c2e70"}) mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000002c0)={0x44, 0x0, &(0x7f0000000380)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0}) 234.439382ms ago: executing program 4 (id=761): bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[], 0x48) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, 0x0, &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000400)='io_uring_create\x00', r1}, 0x18) syz_io_uring_setup(0x893, &(0x7f0000000140)={0x0, 0xaee4, 0x0, 0x1, 0x220}, &(0x7f0000000000), &(0x7f0000000340)) 233.756261ms ago: executing program 1 (id=762): socket$nl_xfrm(0x10, 0x3, 0x6) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r1) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0) close(r3) r4 = socket$unix(0x1, 0x1, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x8000000, {0x0, 0x0, 0x0, r6, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2, 0x1}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x28, 0x2, {{0x100, 0x7, 0x6361, 0x5, 0xfffffffd, 0x6}, [@TCA_NETEM_LATENCY64={0xc, 0xa, 0x7}]}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000001}, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x70bd29, 0x80000, {0x0, 0x0, 0x0, r6, {0x0, 0x11}, {0xffe6, 0xb}, {0xb, 0xc}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x6, 0x1, 0xffff, 0x0, 0xffffffff, 0x75, 0x46b, 0x9, 0x9}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4000000) ioctl$SIOCSIFHWADDR(r3, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"}) 207.253339ms ago: executing program 3 (id=763): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mountinfo\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) creat(&(0x7f00000002c0)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15) r4 = dup(r3) write$FUSE_BMAP(r4, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r4, &(0x7f00000000c0)={0x14c}, 0x137) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[], [], 0x6b}}) truncate(&(0x7f0000000240)='./file0\x00', 0x206b12) openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x4b0f40, 0xa3) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0) r5 = open(&(0x7f0000000040)='./file1\x00', 0x18b142, 0x1c1) sendfile(r5, r0, 0x0, 0x80000000) 127.876752ms ago: executing program 2 (id=764): r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xc, 0xd, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000000000000000000000000000018150000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b5af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000260000"], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x1c1842, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0) write$cgroup_devices(r1, 0x0, 0xffdd) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000500)='./file0\x00', 0x101001, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0) 94.900944ms ago: executing program 4 (id=765): sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x14}}, 0x4) sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={0x0, 0xa4}, 0x1, 0x0, 0x0, 0x8004}, 0x0) r0 = socket(0x10, 0x803, 0x0) recvmsg(r0, &(0x7f0000000400)={&(0x7f0000000000)=@l2tp={0x2, 0x0, @initdev}, 0x80, 0x0, 0x0, &(0x7f0000000340)=""/54, 0x36}, 0x142) sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x321}, {&(0x7f0000000280)=""/85, 0x21}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000580)=""/106, 0x659}, {&(0x7f0000000980)=""/73, 0xd}, {&(0x7f0000000200)=""/77, 0x82}, {&(0x7f00000007c0)=""/141, 0xc4}, {&(0x7f00000001c0)=""/6, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}, 0x5}], 0x4000000000003b4, 0x2000, &(0x7f0000003700)={0x77359400}) 0s ago: executing program 2 (id=766): socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)) openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x800, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000000f478ef8ed"]) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x1fc}, 0x1, 0x0, 0x0, 0x48090}, 0x0) r1 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) pipe2(&(0x7f0000000140), 0x80800) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x0, 0x2, 0x0, 0x4002004c4, 0x1004, 0x45c5, 0xc595, 0x7, 0x2, 0xffffffffffffffff, 0x2000000000000000, 0x80000004000000, 0xc], 0x8000000, 0x2010d3}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.247' (ED25519) to the list of known hosts. [ 82.247698][ T5824] cgroup: Unknown subsys name 'net' [ 82.404271][ T5824] cgroup: Unknown subsys name 'cpuset' [ 82.413605][ T5824] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 84.036990][ T5824] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 86.860944][ T5840] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 86.913065][ T5842] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 86.925149][ T5842] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 86.931082][ T5851] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 86.933035][ T5842] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 86.940477][ T5851] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 86.947517][ T5842] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 86.954699][ T5853] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 86.962314][ T5842] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 86.968718][ T5853] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 86.975348][ T5842] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 86.983054][ T5853] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 86.991273][ T5842] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 86.995801][ T5853] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 87.004082][ T5842] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 87.010610][ T5853] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 87.019170][ T5842] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 87.032527][ T5842] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 87.040388][ T5842] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 87.047146][ T5853] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 87.055423][ T5853] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 87.062912][ T5853] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 87.071585][ T5853] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 87.081011][ T5853] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 87.089371][ T5157] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 87.849824][ T5843] chnl_net:caif_netlink_parms(): no params data found [ 87.871712][ T5838] chnl_net:caif_netlink_parms(): no params data found [ 87.980684][ T5844] chnl_net:caif_netlink_parms(): no params data found [ 88.139678][ T5835] chnl_net:caif_netlink_parms(): no params data found [ 88.181810][ T5834] chnl_net:caif_netlink_parms(): no params data found [ 88.302009][ T5838] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.309274][ T5838] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.317602][ T5838] bridge_slave_0: entered allmulticast mode [ 88.326432][ T5838] bridge_slave_0: entered promiscuous mode [ 88.361738][ T5843] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.368979][ T5843] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.376920][ T5843] bridge_slave_0: entered allmulticast mode [ 88.385219][ T5843] bridge_slave_0: entered promiscuous mode [ 88.435168][ T5838] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.442596][ T5838] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.450833][ T5838] bridge_slave_1: entered allmulticast mode [ 88.458079][ T5838] bridge_slave_1: entered promiscuous mode [ 88.465572][ T5844] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.472848][ T5844] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.480082][ T5844] bridge_slave_0: entered allmulticast mode [ 88.487302][ T5844] bridge_slave_0: entered promiscuous mode [ 88.494709][ T5843] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.502126][ T5843] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.509302][ T5843] bridge_slave_1: entered allmulticast mode [ 88.516897][ T5843] bridge_slave_1: entered promiscuous mode [ 88.579381][ T5844] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.586613][ T5844] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.594086][ T5844] bridge_slave_1: entered allmulticast mode [ 88.601832][ T5844] bridge_slave_1: entered promiscuous mode [ 88.682007][ T5843] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 88.695743][ T5843] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 88.720736][ T5835] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.727921][ T5835] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.735826][ T5835] bridge_slave_0: entered allmulticast mode [ 88.743232][ T5835] bridge_slave_0: entered promiscuous mode [ 88.752523][ T5835] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.759686][ T5835] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.767136][ T5835] bridge_slave_1: entered allmulticast mode [ 88.775092][ T5835] bridge_slave_1: entered promiscuous mode [ 88.784803][ T5838] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 88.798232][ T5838] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 88.838801][ T5834] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.846142][ T5834] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.853514][ T5834] bridge_slave_0: entered allmulticast mode [ 88.861297][ T5834] bridge_slave_0: entered promiscuous mode [ 88.912815][ T5844] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 88.936388][ T5834] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.943785][ T5834] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.951761][ T5834] bridge_slave_1: entered allmulticast mode [ 88.959065][ T5834] bridge_slave_1: entered promiscuous mode [ 88.983267][ T5838] team0: Port device team_slave_0 added [ 88.994095][ T5838] team0: Port device team_slave_1 added [ 89.002772][ T5844] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 89.014864][ T5843] team0: Port device team_slave_0 added [ 89.037228][ T5835] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 89.088592][ T5843] team0: Port device team_slave_1 added [ 89.111271][ T5840] Bluetooth: hci4: command tx timeout [ 89.111465][ T5157] Bluetooth: hci1: command tx timeout [ 89.116896][ T5840] Bluetooth: hci0: command tx timeout [ 89.122495][ T5157] Bluetooth: hci3: command tx timeout [ 89.154050][ T5834] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 89.166020][ T5835] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 89.200107][ T5157] Bluetooth: hci2: command tx timeout [ 89.209794][ T5844] team0: Port device team_slave_0 added [ 89.219869][ T5844] team0: Port device team_slave_1 added [ 89.244462][ T5843] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 89.251476][ T5843] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.277756][ T5843] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 89.292266][ T5834] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 89.329137][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 89.336314][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.362742][ T5838] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 89.375732][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 89.383120][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.409612][ T5838] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 89.434525][ T5843] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 89.441705][ T5843] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.467787][ T5843] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 89.495996][ T5835] team0: Port device team_slave_0 added [ 89.506328][ T5835] team0: Port device team_slave_1 added [ 89.542311][ T5834] team0: Port device team_slave_0 added [ 89.595304][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 89.602589][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.629542][ T5835] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 89.641979][ T5844] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 89.648961][ T5844] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.675182][ T5844] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 89.689090][ T5834] team0: Port device team_slave_1 added [ 89.732264][ T5843] hsr_slave_0: entered promiscuous mode [ 89.738830][ T5843] hsr_slave_1: entered promiscuous mode [ 89.746585][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 89.753861][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.780095][ T5835] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 89.792830][ T5844] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 89.799802][ T5844] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.825885][ T5844] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 89.879238][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 89.886688][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.913298][ T5834] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 89.993985][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 90.001366][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 90.027897][ T5834] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 90.045024][ T5838] hsr_slave_0: entered promiscuous mode [ 90.051871][ T5838] hsr_slave_1: entered promiscuous mode [ 90.058088][ T5838] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 90.065945][ T5838] Cannot create hsr debugfs directory [ 90.097324][ T5835] hsr_slave_0: entered promiscuous mode [ 90.103819][ T5835] hsr_slave_1: entered promiscuous mode [ 90.110136][ T5835] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 90.117722][ T5835] Cannot create hsr debugfs directory [ 90.287509][ T5844] hsr_slave_0: entered promiscuous mode [ 90.300112][ T5844] hsr_slave_1: entered promiscuous mode [ 90.307307][ T5844] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 90.316549][ T5844] Cannot create hsr debugfs directory [ 90.460785][ T5834] hsr_slave_0: entered promiscuous mode [ 90.467260][ T5834] hsr_slave_1: entered promiscuous mode [ 90.474268][ T5834] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 90.481999][ T5834] Cannot create hsr debugfs directory [ 90.807254][ T5843] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 90.846124][ T5843] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 90.884886][ T5843] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 90.919071][ T5843] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 90.975160][ T5838] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 90.998098][ T5838] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 91.024510][ T5838] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 91.036287][ T5838] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 91.115677][ T5835] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 91.153115][ T5835] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 91.168525][ T5835] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 91.191090][ T5157] Bluetooth: hci3: command tx timeout [ 91.191120][ T51] Bluetooth: hci0: command tx timeout [ 91.196545][ T5853] Bluetooth: hci4: command tx timeout [ 91.207671][ T5840] Bluetooth: hci1: command tx timeout [ 91.223313][ T5835] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 91.270173][ T5840] Bluetooth: hci2: command tx timeout [ 91.329108][ T5844] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 91.361843][ T5844] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 91.394663][ T5844] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 91.412439][ T5843] 8021q: adding VLAN 0 to HW filter on device bond0 [ 91.427321][ T5844] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 91.482608][ T5838] 8021q: adding VLAN 0 to HW filter on device bond0 [ 91.516228][ T5834] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 91.527728][ T5834] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 91.542692][ T5843] 8021q: adding VLAN 0 to HW filter on device team0 [ 91.562145][ T5834] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 91.577471][ T59] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.584754][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state [ 91.598961][ T5834] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 91.621388][ T1341] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.628592][ T1341] bridge0: port 2(bridge_slave_1) entered forwarding state [ 91.656445][ T5838] 8021q: adding VLAN 0 to HW filter on device team0 [ 91.714024][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.721376][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 91.774332][ T1341] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.781561][ T1341] bridge0: port 2(bridge_slave_1) entered forwarding state [ 91.839174][ T5835] 8021q: adding VLAN 0 to HW filter on device bond0 [ 91.967729][ T5835] 8021q: adding VLAN 0 to HW filter on device team0 [ 91.998797][ T1217] cfg80211: failed to load regulatory.db [ 92.037184][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.044383][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 92.092240][ T5834] 8021q: adding VLAN 0 to HW filter on device bond0 [ 92.114529][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.121753][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 92.155640][ T5834] 8021q: adding VLAN 0 to HW filter on device team0 [ 92.193871][ T5844] 8021q: adding VLAN 0 to HW filter on device bond0 [ 92.221489][ T5077] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.228767][ T5077] bridge0: port 1(bridge_slave_0) entered forwarding state [ 92.289094][ T5077] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.296355][ T5077] bridge0: port 2(bridge_slave_1) entered forwarding state [ 92.334264][ T5844] 8021q: adding VLAN 0 to HW filter on device team0 [ 92.349782][ T5843] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 92.466315][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.473571][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 92.525591][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.532879][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 92.707802][ T5843] veth0_vlan: entered promiscuous mode [ 92.737795][ T5843] veth1_vlan: entered promiscuous mode [ 92.776251][ T5838] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 92.914850][ T5835] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 93.049496][ T5843] veth0_macvtap: entered promiscuous mode [ 93.077172][ T5838] veth0_vlan: entered promiscuous mode [ 93.131869][ T5843] veth1_macvtap: entered promiscuous mode [ 93.151714][ T5838] veth1_vlan: entered promiscuous mode [ 93.217986][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 93.274590][ T5840] Bluetooth: hci1: command tx timeout [ 93.280255][ T5840] Bluetooth: hci3: command tx timeout [ 93.285699][ T5840] Bluetooth: hci0: command tx timeout [ 93.291814][ T5157] Bluetooth: hci4: command tx timeout [ 93.334973][ T5838] veth0_macvtap: entered promiscuous mode [ 93.350946][ T5840] Bluetooth: hci2: command tx timeout [ 93.357239][ T5838] veth1_macvtap: entered promiscuous mode [ 93.377842][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 93.415809][ T5834] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 93.439289][ T5843] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.449432][ T5843] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.459705][ T5843] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.469556][ T5843] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.519018][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 93.564812][ T5844] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 93.618607][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 93.641835][ T5838] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.650946][ T5838] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.659675][ T5838] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.671101][ T5838] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.732042][ T5834] veth0_vlan: entered promiscuous mode [ 93.775610][ T5077] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.793447][ T5077] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.815173][ T5835] veth0_vlan: entered promiscuous mode [ 93.861620][ T5834] veth1_vlan: entered promiscuous mode [ 93.874534][ T5835] veth1_vlan: entered promiscuous mode [ 93.897173][ T1153] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.905845][ T1153] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.989353][ T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.991105][ T5844] veth0_vlan: entered promiscuous mode [ 94.013134][ T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.036399][ T5843] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 94.102595][ T5834] veth0_macvtap: entered promiscuous mode [ 94.122498][ T5835] veth0_macvtap: entered promiscuous mode [ 94.138453][ T5844] veth1_vlan: entered promiscuous mode [ 94.188452][ T5834] veth1_macvtap: entered promiscuous mode [ 94.202248][ T5835] veth1_macvtap: entered promiscuous mode [ 94.216535][ T1341] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.240783][ T1341] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.259431][ T5953] netlink: 'syz.2.3': attribute type 153 has an invalid length. [ 94.265539][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 94.293685][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 94.304297][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 94.327522][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 94.339284][ T5835] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.354175][ T5835] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.363847][ T5835] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.373817][ T5835] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.399666][ T5844] veth0_macvtap: entered promiscuous mode [ 94.409675][ T5834] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.423166][ T5834] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.433239][ T5834] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.434470][ T5956] xt_bpf: check failed: parse error [ 94.442301][ T5834] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.487090][ T5844] veth1_macvtap: entered promiscuous mode [ 94.605343][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 94.647106][ T5959] netlink: 112 bytes leftover after parsing attributes in process `syz.1.2'. [ 94.665850][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 94.706491][ T5844] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.717047][ T5959] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2'. [ 94.731342][ T5844] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.740155][ T5844] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.748872][ T5844] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.768452][ T5959] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 94.776731][ T5959] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 94.788846][ T5959] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 94.797315][ T5959] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 94.847314][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.861971][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.895634][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.916271][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.012024][ T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.024716][ T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.207916][ T5963] ipvlan2: entered promiscuous mode [ 95.217877][ T5963] bridge0: port 3(ipvlan2) entered blocking state [ 95.224800][ T5963] bridge0: port 3(ipvlan2) entered disabled state [ 95.231727][ T5963] ipvlan2: entered allmulticast mode [ 95.237072][ T5963] bridge0: entered allmulticast mode [ 95.245982][ T5963] ipvlan2: left allmulticast mode [ 95.251227][ T5963] bridge0: left allmulticast mode [ 95.304116][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.327663][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.390588][ T5840] Bluetooth: hci0: command tx timeout [ 95.396601][ T5840] Bluetooth: hci4: command tx timeout [ 95.402185][ T5840] Bluetooth: hci3: command tx timeout [ 95.408186][ T5840] Bluetooth: hci1: command tx timeout [ 95.436807][ T5840] Bluetooth: hci2: command tx timeout [ 96.227465][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.250750][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.437957][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.478058][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.600432][ T30] audit: type=1326 audit(1755664167.965:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5979 comm="syz.4.5" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7e118ebe9 code=0x7ffc0000 [ 96.720494][ T30] audit: type=1326 audit(1755664167.975:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5979 comm="syz.4.5" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7e118ebe9 code=0x7ffc0000 [ 96.843696][ T30] audit: type=1326 audit(1755664168.015:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5979 comm="syz.4.5" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd7e118ebe9 code=0x7ffc0000 [ 96.925301][ T30] audit: type=1326 audit(1755664168.035:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5979 comm="syz.4.5" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7e118ebe9 code=0x7ffc0000 [ 96.994800][ T30] audit: type=1326 audit(1755664168.035:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5979 comm="syz.4.5" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd7e118ebe9 code=0x7ffc0000 [ 97.086160][ T30] audit: type=1326 audit(1755664168.035:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5979 comm="syz.4.5" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7e118ebe9 code=0x7ffc0000 [ 97.217209][ T30] audit: type=1326 audit(1755664168.035:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5979 comm="syz.4.5" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7e118ebe9 code=0x7ffc0000 [ 97.257923][ T30] audit: type=1326 audit(1755664168.035:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5979 comm="syz.4.5" exe="/root/syz-executor" sig=0 arch=c000003e syscall=269 compat=0 ip=0x7fd7e118ebe9 code=0x7ffc0000 [ 97.329546][ T30] audit: type=1326 audit(1755664168.035:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5979 comm="syz.4.5" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7e118ebe9 code=0x7ffc0000 [ 97.392103][ T30] audit: type=1326 audit(1755664168.035:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5979 comm="syz.4.5" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7e118ebe9 code=0x7ffc0000 [ 97.423379][ T6001] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(7) [ 97.430085][ T6001] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 97.548160][ T6001] vhci_hcd vhci_hcd.0: Device attached [ 98.151164][ T6002] vhci_hcd: connection closed [ 98.450932][ T59] vhci_hcd: stop threads [ 98.467969][ T5992] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 98.476222][ T5992] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 98.490406][ T5954] vhci_hcd: vhci_device speed not set [ 98.526329][ T59] vhci_hcd: release socket [ 98.537227][ T5984] infiniband syz!: set active [ 98.547896][ T59] vhci_hcd: disconnect device [ 98.558531][ T5954] usb 41-1: new full-speed USB device number 2 using vhci_hcd [ 98.573299][ T5984] infiniband syz!: added team_slave_0 [ 98.580550][ T5954] usb 41-1: enqueue for inactive port 0 [ 98.592742][ T5992] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 98.662295][ T5984] syz!: rxe_create_cq: returned err = -12 [ 98.668451][ T5984] infiniband syz!: Couldn't create ib_mad CQ [ 98.689743][ T5954] vhci_hcd: vhci_device speed not set [ 98.695725][ T6000] syz.4.15 (6000) used greatest stack depth: 17992 bytes left [ 98.708886][ T5992] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 98.727782][ T5984] infiniband syz!: Couldn't open port 1 [ 98.735884][ T5992] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 98.787830][ T5992] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 98.843283][ T5992] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 98.868100][ T5992] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 98.875510][ T5984] RDS/IB: syz!: added [ 98.881537][ T5984] smc: adding ib device syz! with port count 1 [ 98.900460][ T5984] smc: ib device syz! port 1 has pnetid [ 98.908355][ T5992] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 99.004474][ T5992] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 99.050262][ T5992] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 99.098276][ T5992] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 99.171987][ T5992] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 99.190675][ T5840] Bluetooth: hci0: command 0x0c1a tx timeout [ 99.197963][ T5992] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 99.507365][ T5992] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 100.711129][ T5840] Bluetooth: hci1: command 0x0c1a tx timeout [ 100.880767][ T5840] Bluetooth: hci2: command 0x0c1a tx timeout [ 101.051261][ T5840] Bluetooth: hci3: command 0x0c1a tx timeout [ 101.190238][ T5840] Bluetooth: hci4: command 0x0c1a tx timeout [ 101.270506][ T5840] Bluetooth: hci0: command 0x0c1a tx timeout [ 101.724586][ T978] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 101.890252][ T978] usb 2-1: device descriptor read/64, error -71 [ 102.140280][ T978] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 102.290027][ T978] usb 2-1: device descriptor read/64, error -71 [ 102.419301][ T978] usb usb2-port1: attempt power cycle [ 102.785590][ T978] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 102.793350][ T5840] Bluetooth: hci1: command 0x0c1a tx timeout [ 103.030296][ T5840] Bluetooth: hci2: command 0x0c1a tx timeout [ 103.090722][ T978] usb 2-1: device descriptor read/8, error -71 [ 103.110582][ T5840] Bluetooth: hci3: command 0x0c1a tx timeout [ 103.290123][ T5840] Bluetooth: hci4: command 0x0c1a tx timeout [ 103.350176][ T5840] Bluetooth: hci0: command 0x0c1a tx timeout [ 103.450223][ T978] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 103.847815][ T978] usb 2-1: device descriptor read/8, error -71 [ 103.985170][ T978] usb usb2-port1: unable to enumerate USB device [ 103.996576][ T6068] bridge: RTM_NEWNEIGH with invalid ether address [ 104.890089][ T5840] Bluetooth: hci1: command 0x0c1a tx timeout [ 105.150153][ T5840] Bluetooth: hci2: command 0x0c1a tx timeout [ 105.190129][ T5840] Bluetooth: hci3: command 0x0c1a tx timeout [ 105.350403][ T5840] Bluetooth: hci4: command 0x0c1a tx timeout [ 105.513317][ T6087] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 105.704552][ T30] kauditd_printk_skb: 1 callbacks suppressed [ 105.704573][ T30] audit: type=1326 audit(1755664177.085:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6088 comm="syz.4.45" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7e118ebe9 code=0x7ffc0000 [ 105.760038][ T30] audit: type=1326 audit(1755664177.085:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6088 comm="syz.4.45" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7e118ebe9 code=0x7ffc0000 [ 105.790485][ T30] audit: type=1326 audit(1755664177.085:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6088 comm="syz.4.45" exe="/root/syz-executor" sig=0 arch=c000003e syscall=265 compat=0 ip=0x7fd7e118ebe9 code=0x7ffc0000 [ 105.850009][ T30] audit: type=1326 audit(1755664177.085:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6088 comm="syz.4.45" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7e118ebe9 code=0x7ffc0000 [ 105.942095][ T30] audit: type=1326 audit(1755664177.085:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6088 comm="syz.4.45" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7e118ebe9 code=0x7ffc0000 [ 106.040240][ T6100] bridge: RTM_NEWNEIGH with invalid ether address [ 107.658074][ T6131] netlink: 24 bytes leftover after parsing attributes in process `syz.4.56'. [ 108.864057][ T6142] bridge: RTM_NEWNEIGH with invalid ether address [ 109.292468][ T6156] netlink: 'syz.0.66': attribute type 4 has an invalid length. [ 109.864402][ T6171] netlink: 4 bytes leftover after parsing attributes in process `syz.2.75'. [ 110.215141][ T6172] bridge0: port 2(bridge_slave_1) entered disabled state [ 110.224003][ T6172] bridge0: port 1(bridge_slave_0) entered disabled state [ 110.886340][ T6172] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 110.969559][ T6172] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 111.173785][ T6172] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 111.184500][ T6172] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 111.203445][ T6172] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 111.223575][ T6172] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 111.310802][ T6178] bridge: RTM_NEWNEIGH with invalid ether address [ 111.350612][ T6193] sd 0:0:1:0: device reset [ 111.819088][ T6206] netlink: 28 bytes leftover after parsing attributes in process `syz.4.90'. [ 113.327697][ T6229] can0: slcan on ttyS3. [ 113.439500][ T6237] netlink: 364 bytes leftover after parsing attributes in process `syz.4.96'. [ 114.310092][ T6232] can0 (unregistered): slcan off ttyS3. [ 115.049838][ T6251] netlink: 'syz.2.105': attribute type 1 has an invalid length. [ 116.605958][ T6291] netlink: 364 bytes leftover after parsing attributes in process `syz.3.119'. [ 119.178372][ T6303] netlink: 16 bytes leftover after parsing attributes in process `syz.3.124'. [ 120.354745][ T6321] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 120.362420][ T6321] IPv6: NLM_F_CREATE should be set when creating new route [ 120.369718][ T6321] IPv6: NLM_F_CREATE should be set when creating new route [ 120.401629][ T6321] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 120.428590][ T6321] Zero length message leads to an empty skb [ 121.654408][ T6335] netlink: 364 bytes leftover after parsing attributes in process `syz.3.134'. [ 122.750482][ T6342] netlink: 16 bytes leftover after parsing attributes in process `syz.4.136'. [ 123.018523][ T6355] netlink: 24 bytes leftover after parsing attributes in process `syz.4.139'. [ 123.302064][ T24] kernel write not supported for file 65/net/vlan/vlan1 (pid: 24 comm: kworker/1:0) [ 124.819731][ T6379] netlink: 16 bytes leftover after parsing attributes in process `syz.1.149'. [ 125.852178][ T6397] netlink: 'syz.3.155': attribute type 153 has an invalid length. [ 127.116668][ T6426] netlink: 8 bytes leftover after parsing attributes in process `syz.2.164'. [ 127.337536][ T6430] ipvlan2: entered promiscuous mode [ 127.381188][ T6430] bridge0: port 3(ipvlan2) entered blocking state [ 127.413827][ T6430] bridge0: port 3(ipvlan2) entered disabled state [ 127.445955][ T6430] ipvlan2: entered allmulticast mode [ 127.474915][ T6430] bridge0: entered allmulticast mode [ 127.830828][ T6430] ipvlan2: left allmulticast mode [ 127.946803][ T6430] bridge0: left allmulticast mode [ 128.602347][ T30] audit: type=1107 audit(1755664199.965:18): pid=6440 uid=0 auid=4294967295 ses=4294967295 subj=_ msg='' [ 128.777562][ T6446] netlink: 'syz.2.172': attribute type 153 has an invalid length. [ 130.405307][ T6465] xt_TPROXY: Can be used only with -p tcp or -p udp [ 131.410945][ T30] audit: type=1326 audit(1755664202.795:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6484 comm="syz.2.187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd52f98ebe9 code=0x7ffc0000 [ 131.451311][ T30] audit: type=1326 audit(1755664202.835:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6484 comm="syz.2.187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd52f98ebe9 code=0x7ffc0000 [ 131.539165][ T30] audit: type=1326 audit(1755664202.835:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6484 comm="syz.2.187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd52f98ebe9 code=0x7ffc0000 [ 131.626460][ T30] audit: type=1326 audit(1755664202.835:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6484 comm="syz.2.187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd52f98ebe9 code=0x7ffc0000 [ 131.648507][ T6491] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 131.729996][ T30] audit: type=1326 audit(1755664202.835:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6484 comm="syz.2.187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd52f98ebe9 code=0x7ffc0000 [ 131.819062][ T30] audit: type=1326 audit(1755664202.875:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6484 comm="syz.2.187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd52f98ebe9 code=0x7ffc0000 [ 131.932291][ T30] audit: type=1326 audit(1755664202.905:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6484 comm="syz.2.187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=434 compat=0 ip=0x7fd52f98ebe9 code=0x7ffc0000 [ 131.980756][ T30] audit: type=1326 audit(1755664202.905:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6484 comm="syz.2.187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd52f98ebe9 code=0x7ffc0000 [ 132.034849][ T30] audit: type=1326 audit(1755664202.905:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6484 comm="syz.2.187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=253 compat=0 ip=0x7fd52f98ebe9 code=0x7ffc0000 [ 132.517366][ T6516] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6) [ 132.523970][ T6516] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 132.600162][ T6516] vhci_hcd vhci_hcd.0: Device attached [ 132.637709][ T6519] vhci_hcd: connection closed [ 132.645581][ T59] vhci_hcd: stop threads [ 132.714618][ T59] vhci_hcd: release socket [ 132.719132][ T59] vhci_hcd: disconnect device [ 133.378390][ T6540] capability: warning: `syz.4.208' uses deprecated v2 capabilities in a way that may be insecure [ 133.657961][ T6547] netlink: 'syz.3.211': attribute type 1 has an invalid length. [ 134.254228][ T6566] bridge: RTM_NEWNEIGH with invalid ether address [ 134.302981][ T5964] usb 1-1: new full-speed USB device number 2 using dummy_hcd [ 134.483241][ T5964] usb 1-1: unable to get BOS descriptor or descriptor too short [ 134.530389][ T5964] usb 1-1: not running at top speed; connect to a high speed hub [ 134.573888][ T5964] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid maxpacket 1023, setting to 64 [ 134.608169][ T5964] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 134.692417][ T5964] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 134.715942][ T5964] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 134.746143][ T5964] usb 1-1: Product: 䮓䆬蛣딯㕩꒷ᒹ뼮厶紽琨퇑쥵酋꛷⧖홏᧡횀還솅㞏Ⅎ륧냖蓷㯧퇀ꇷ䘏歜퐀僖󖿥煿㕼箲㪩兎临쫛䘫콓ㅋ䝡뭃윻⩾걍潀밷 [ 134.820620][ T5964] usb 1-1: Manufacturer: Ⰺ [ 134.825478][ T5964] usb 1-1: SerialNumber: 曶䥟拃뫓䞗픶㖭뤰蝆Ṋ✢꡴㗹딮뉟Ͼ浇ີ릟ṥ앣䜭혫ﲍ설䴔翍峒쟴⿠ﯭꐻꁱ袃䆦뭯ㄈ廭絸イ㿪쐚⬗饿ꠕ묖턻䑹ꖎ濲嚐笘肔嘅튘❰䐽鴟뿚諬0£먬䟵 [ 134.887492][ T6560] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 134.913929][ T6560] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 135.061636][ T30] kauditd_printk_skb: 14 callbacks suppressed [ 135.061656][ T30] audit: type=1326 audit(1755664206.445:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6582 comm="syz.4.222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7e118ebe9 code=0x7ffc0000 [ 135.131312][ T30] audit: type=1326 audit(1755664206.475:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6582 comm="syz.4.222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7e118ebe9 code=0x7ffc0000 [ 135.223016][ T30] audit: type=1326 audit(1755664206.475:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6582 comm="syz.4.222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=150 compat=0 ip=0x7fd7e118ebe9 code=0x7ffc0000 [ 135.277123][ T5964] usb 1-1: USB disconnect, device number 2 [ 135.291204][ T30] audit: type=1326 audit(1755664206.475:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6582 comm="syz.4.222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7e118ebe9 code=0x7ffc0000 [ 135.382348][ T30] audit: type=1326 audit(1755664206.475:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6582 comm="syz.4.222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7e118ebe9 code=0x7ffc0000 [ 135.425484][ T1226] IPVS: starting estimator thread 0... [ 135.461814][ T30] audit: type=1326 audit(1755664206.745:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6586 comm="syz.1.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e6118ebe9 code=0x7ffc0000 [ 135.530034][ T30] audit: type=1326 audit(1755664206.745:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6586 comm="syz.1.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e6118ebe9 code=0x7ffc0000 [ 135.556354][ T6589] IPVS: using max 32 ests per chain, 76800 per kthread [ 135.595521][ T30] audit: type=1326 audit(1755664206.745:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6586 comm="syz.1.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=75 compat=0 ip=0x7f3e6118ebe9 code=0x7ffc0000 [ 135.687359][ T30] audit: type=1326 audit(1755664206.745:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6586 comm="syz.1.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e6118ebe9 code=0x7ffc0000 [ 135.722470][ T30] audit: type=1326 audit(1755664206.745:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6586 comm="syz.1.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3e6118ebe9 code=0x7ffc0000 [ 135.977971][ T6591] team0 (unregistering): Port device team_slave_0 removed [ 136.008783][ T6591] team0 (unregistering): Port device team_slave_1 removed [ 136.116592][ T6595] bridge: RTM_NEWNEIGH with invalid ether address [ 136.474609][ T6617] netlink: 'syz.2.235': attribute type 153 has an invalid length. [ 136.591801][ T6624] xt_bpf: check failed: parse error [ 136.707675][ T6627] netlink: 4 bytes leftover after parsing attributes in process `syz.0.237'. [ 137.454114][ T6628] bridge0: port 2(bridge_slave_1) entered disabled state [ 137.462042][ T6628] bridge0: port 1(bridge_slave_0) entered disabled state [ 138.078612][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.086128][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 138.276961][ T6628] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 138.294260][ T6628] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 138.456349][ T6628] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 138.465962][ T6628] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 138.479228][ T6628] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 138.488564][ T6628] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 138.553939][ T6636] bridge: RTM_NEWNEIGH with invalid ether address [ 139.263374][ T6674] netlink: 'syz.1.252': attribute type 153 has an invalid length. [ 139.336463][ T6679] bridge: RTM_NEWNEIGH with invalid ether address [ 139.405264][ T6682] xt_bpf: check failed: parse error [ 139.583359][ T6686] 9pnet: p9_errstr2errno: server reported unknown error [ 139.656394][ T6662] netlink: 4 bytes leftover after parsing attributes in process `syz.4.248'. [ 139.674685][ T6662] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 139.701623][ T6662] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 139.715546][ T6662] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 139.724113][ T6662] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 139.779367][ T6694] netlink: 'syz.0.259': attribute type 1 has an invalid length. [ 139.840423][ T6694] 8021q: adding VLAN 0 to HW filter on device bond1 [ 139.921628][ T6696] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 139.944787][ T6696] bond1: (slave batadv1): making interface the new active one [ 140.014353][ T6696] bond1: (slave batadv1): Enslaving as an active interface with an up link [ 140.252204][ T6711] bridge: RTM_NEWNEIGH with invalid ether address [ 140.688855][ T6726] netlink: 20 bytes leftover after parsing attributes in process `syz.4.272'. [ 140.937035][ T6739] bridge: RTM_NEWNEIGH with invalid ether address [ 140.964642][ T6741] netlink: 8 bytes leftover after parsing attributes in process `syz.3.278'. [ 142.312879][ T30] kauditd_printk_skb: 32 callbacks suppressed [ 142.312899][ T30] audit: type=1326 audit(1755664213.685:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6765 comm="syz.1.288" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e6118ebe9 code=0x7ffc0000 [ 142.510305][ T30] audit: type=1326 audit(1755664213.695:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6765 comm="syz.1.288" exe="/root/syz-executor" sig=0 arch=c000003e syscall=132 compat=0 ip=0x7f3e6118ebe9 code=0x7ffc0000 [ 142.608209][ T6774] netlink: 8 bytes leftover after parsing attributes in process `syz.4.292'. [ 142.620616][ T30] audit: type=1326 audit(1755664213.695:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6765 comm="syz.1.288" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e6118ebe9 code=0x7ffc0000 [ 142.986544][ T30] audit: type=1326 audit(1755664214.365:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6785 comm="syz.0.298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf44d8ebe9 code=0x7ffc0000 [ 143.010146][ T30] audit: type=1326 audit(1755664214.395:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6785 comm="syz.0.298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf44d8ebe9 code=0x7ffc0000 [ 143.036154][ T30] audit: type=1326 audit(1755664214.395:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6785 comm="syz.0.298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fcf44d8d550 code=0x7ffc0000 [ 143.060651][ T30] audit: type=1326 audit(1755664214.395:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6785 comm="syz.0.298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf44d8ebe9 code=0x7ffc0000 [ 143.082654][ T30] audit: type=1326 audit(1755664214.405:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6785 comm="syz.0.298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fcf44d8ebe9 code=0x7ffc0000 [ 143.153139][ T30] audit: type=1326 audit(1755664214.405:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6785 comm="syz.0.298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf44d8ebe9 code=0x7ffc0000 [ 143.371709][ T6795] syz.0.298 uses obsolete (PF_INET,SOCK_PACKET) [ 143.388863][ T30] audit: type=1326 audit(1755664214.405:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6785 comm="syz.0.298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=23 compat=0 ip=0x7fcf44d8ebe9 code=0x7ffc0000 [ 143.985120][ T6812] netlink: 28 bytes leftover after parsing attributes in process `syz.2.304'. [ 144.071751][ T6807] tipc: Started in network mode [ 144.076782][ T6807] tipc: Node identity 9a7878e0d07b, cluster identity 4711 [ 144.086072][ T6807] tipc: Enabled bearer , priority 0 [ 144.102314][ T6803] syzkaller0: entered promiscuous mode [ 144.107862][ T6803] syzkaller0: entered allmulticast mode [ 144.246469][ T6814] tipc: Resetting bearer [ 144.302310][ T6801] tipc: Resetting bearer [ 144.341336][ T6801] tipc: Disabling bearer [ 144.440978][ T6818] can0: slcan on ttyS3. [ 144.524263][ T6824] netlink: 64 bytes leftover after parsing attributes in process `syz.0.308'. [ 144.560296][ T6826] netlink: 12 bytes leftover after parsing attributes in process `syz.4.309'. [ 144.705370][ T6822] can0 (unregistered): slcan off ttyS3. [ 144.994880][ T6840] netlink: 'syz.4.316': attribute type 13 has an invalid length. [ 145.071771][ T6840] gretap0: refused to change device tx_queue_len [ 145.078876][ T6840] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 145.157157][ T6850] netlink: 'syz.1.317': attribute type 153 has an invalid length. [ 145.212222][ T6840] lo speed is unknown, defaulting to 1000 [ 145.230549][ T6840] lo speed is unknown, defaulting to 1000 [ 145.246656][ T6840] lo speed is unknown, defaulting to 1000 [ 145.279505][ T6840] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 145.345845][ T6840] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 145.354776][ T6857] xt_bpf: check failed: parse error [ 145.466438][ T6840] lo speed is unknown, defaulting to 1000 [ 145.502965][ T6840] lo speed is unknown, defaulting to 1000 [ 145.526550][ T6840] lo speed is unknown, defaulting to 1000 [ 145.552030][ T6840] lo speed is unknown, defaulting to 1000 [ 145.574364][ T6840] lo speed is unknown, defaulting to 1000 [ 145.793801][ T6871] netlink: 64 bytes leftover after parsing attributes in process `syz.3.321'. [ 146.224465][ T6882] xt_TPROXY: Can be used only with -p tcp or -p udp [ 147.439624][ T30] kauditd_printk_skb: 91 callbacks suppressed [ 147.439646][ T30] audit: type=1326 audit(1755664218.815:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6896 comm="syz.2.331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd52f98ebe9 code=0x7ffc0000 [ 147.576290][ T30] audit: type=1326 audit(1755664218.815:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6896 comm="syz.2.331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fd52f98ebe9 code=0x7ffc0000 [ 147.674512][ T30] audit: type=1326 audit(1755664218.815:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6896 comm="syz.2.331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd52f98ebe9 code=0x7ffc0000 [ 147.724083][ T6914] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 147.807954][ T30] audit: type=1326 audit(1755664218.855:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6896 comm="syz.2.331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd52f98ebe9 code=0x7ffc0000 [ 147.930008][ T30] audit: type=1326 audit(1755664219.095:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6913 comm="syz.0.335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf44d8ebe9 code=0x7ffc0000 [ 148.013483][ T30] audit: type=1326 audit(1755664219.125:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6913 comm="syz.0.335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcf44d8ebe9 code=0x7ffc0000 [ 148.094564][ T6931] netlink: 'syz.0.338': attribute type 13 has an invalid length. [ 148.127704][ T30] audit: type=1326 audit(1755664219.125:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6913 comm="syz.0.335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf44d8ebe9 code=0x7ffc0000 [ 148.210039][ T30] audit: type=1326 audit(1755664219.125:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6913 comm="syz.0.335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf44d8ebe9 code=0x7ffc0000 [ 148.296309][ T30] audit: type=1326 audit(1755664219.125:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6913 comm="syz.0.335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcf44d8ebe9 code=0x7ffc0000 [ 148.399709][ T30] audit: type=1326 audit(1755664219.125:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6913 comm="syz.0.335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf44d8ebe9 code=0x7ffc0000 [ 148.679474][ T6931] 8021q: adding VLAN 0 to HW filter on device bond0 [ 148.705689][ T6931] 8021q: adding VLAN 0 to HW filter on device team0 [ 148.776615][ T6931] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 150.326602][ T6983] netlink: 48 bytes leftover after parsing attributes in process `syz.2.357'. [ 150.988428][ T6999] netlink: 8 bytes leftover after parsing attributes in process `syz.1.365'. [ 151.040232][ T6999] netlink: 8 bytes leftover after parsing attributes in process `syz.1.365'. [ 151.407866][ T7006] netlink: 16 bytes leftover after parsing attributes in process `syz.1.368'. [ 151.791408][ T7014] xt_TPROXY: Can be used only with -p tcp or -p udp [ 152.473130][ T7015] tipc: Enabled bearer , priority 0 [ 152.552224][ T7015] syzkaller0: entered promiscuous mode [ 152.558378][ T7015] syzkaller0: entered allmulticast mode [ 152.573889][ T7015] tipc: Resetting bearer [ 152.617962][ T7013] tipc: Resetting bearer [ 152.660664][ T7023] netlink: 16 bytes leftover after parsing attributes in process `syz.0.374'. [ 152.682787][ T7013] tipc: Disabling bearer [ 153.272963][ T7048] 9pnet_fd: Insufficient options for proto=fd [ 153.306946][ T7050] netlink: 216 bytes leftover after parsing attributes in process `syz.1.389'. [ 153.335087][ T7050] netlink: 24 bytes leftover after parsing attributes in process `syz.1.389'. [ 153.364861][ T7050] netlink: 16 bytes leftover after parsing attributes in process `syz.1.389'. [ 153.565400][ T7058] netlink: 4 bytes leftover after parsing attributes in process `syz.4.393'. [ 153.844220][ T30] kauditd_printk_skb: 27 callbacks suppressed [ 153.844248][ T30] audit: type=1326 audit(1755664225.225:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7071 comm="syz.3.399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2e938ebe9 code=0x7ffc0000 [ 153.955081][ T30] audit: type=1326 audit(1755664225.275:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7071 comm="syz.3.399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2e938ebe9 code=0x7ffc0000 [ 154.035715][ T30] audit: type=1326 audit(1755664225.285:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7071 comm="syz.3.399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=25 compat=0 ip=0x7fd2e938ebe9 code=0x7ffc0000 [ 154.088012][ T30] audit: type=1326 audit(1755664225.285:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7071 comm="syz.3.399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2e938ebe9 code=0x7ffc0000 [ 154.158798][ T30] audit: type=1326 audit(1755664225.285:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7071 comm="syz.3.399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2e938ebe9 code=0x7ffc0000 [ 154.648567][ T7070] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 154.661197][ T7070] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 154.699079][ T7070] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 154.747316][ T7070] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 154.806216][ T7070] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 155.687803][ T7120] syzkaller0: entered promiscuous mode [ 155.694665][ T7120] syzkaller0: entered allmulticast mode [ 155.993371][ T5840] Bluetooth: hci0: command 0x0c1a tx timeout [ 156.711974][ T5157] Bluetooth: hci1: command 0x0c1a tx timeout [ 156.719394][ T5840] Bluetooth: hci2: command 0x0c1a tx timeout [ 156.792011][ T5840] Bluetooth: hci3: command 0x0c1a tx timeout [ 156.870048][ T5840] Bluetooth: hci4: command 0x0c1a tx timeout [ 160.347365][ T7126] bridge: RTM_NEWNEIGH with invalid ether address [ 160.683405][ T7151] lo speed is unknown, defaulting to 1000 [ 160.926419][ T30] audit: type=1326 audit(1755664232.305:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7177 comm="syz.1.439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e6118ebe9 code=0x7ffc0000 [ 160.975909][ T30] audit: type=1326 audit(1755664232.335:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7177 comm="syz.1.439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3e6118ebe9 code=0x7ffc0000 [ 161.046010][ T30] audit: type=1326 audit(1755664232.335:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7177 comm="syz.1.439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e6118ebe9 code=0x7ffc0000 [ 161.068164][ T30] audit: type=1326 audit(1755664232.335:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7177 comm="syz.1.439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3e6118ebe9 code=0x7ffc0000 [ 161.093900][ T30] audit: type=1326 audit(1755664232.335:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7177 comm="syz.1.439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e6118ebe9 code=0x7ffc0000 [ 161.119641][ T30] audit: type=1326 audit(1755664232.335:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7177 comm="syz.1.439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3e6118ebe9 code=0x7ffc0000 [ 161.206320][ T30] audit: type=1326 audit(1755664232.335:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7177 comm="syz.1.439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e6118ebe9 code=0x7ffc0000 [ 161.454629][ T30] audit: type=1326 audit(1755664232.335:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7177 comm="syz.1.439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f3e6118ebe9 code=0x7ffc0000 [ 161.476516][ T30] audit: type=1326 audit(1755664232.335:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7177 comm="syz.1.439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e6118ebe9 code=0x7ffc0000 [ 161.498041][ T30] audit: type=1326 audit(1755664232.335:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7177 comm="syz.1.439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=297 compat=0 ip=0x7f3e6118ebe9 code=0x7ffc0000 [ 161.906773][ T7196] bridge: RTM_NEWNEIGH with invalid ether address [ 161.918283][ T7198] netlink: 8 bytes leftover after parsing attributes in process `syz.4.448'. [ 162.675949][ T7217] netlink: 4 bytes leftover after parsing attributes in process `syz.1.457'. [ 162.763956][ T7220] netlink: 'syz.3.459': attribute type 3 has an invalid length. [ 162.782701][ T7221] 9pnet: Could not find request transport: fd0x0000000000000003 [ 162.921530][ T7224] netlink: 4 bytes leftover after parsing attributes in process `syz.1.460'. [ 162.944223][ T7224] netlink: 4 bytes leftover after parsing attributes in process `syz.1.460'. [ 163.145288][ T7230] bridge: RTM_NEWNEIGH with invalid ether address [ 163.374223][ T7243] netlink: 28 bytes leftover after parsing attributes in process `syz.3.469'. [ 163.640095][ T7247] 9pnet: Could not find request transport: fd0x0000000000000003 [ 164.537747][ T7279] xt_TPROXY: Can be used only with -p tcp or -p udp [ 165.404763][ T7282] netlink: 24 bytes leftover after parsing attributes in process `syz.0.484'. [ 165.443357][ T7285] netlink: 8 bytes leftover after parsing attributes in process `syz.4.486'. [ 165.563143][ T7253] lo speed is unknown, defaulting to 1000 [ 165.694055][ T7287] 9pnet: Could not find request transport: fd0x0000000000000003 [ 165.883406][ T7293] netlink: 256 bytes leftover after parsing attributes in process `syz.4.489'. [ 165.892616][ T7293] ksmbd: Unknown IPC event: 3, ignore. [ 167.622003][ T30] kauditd_printk_skb: 105 callbacks suppressed [ 167.622023][ T30] audit: type=1326 audit(1755664239.005:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7331 comm="syz.1.505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e6118ebe9 code=0x7ffc0000 [ 167.718891][ T30] audit: type=1326 audit(1755664239.005:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7331 comm="syz.1.505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e6118ebe9 code=0x7ffc0000 [ 167.771521][ T7334] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 167.794562][ T30] audit: type=1326 audit(1755664239.005:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7331 comm="syz.1.505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7f3e6118ebe9 code=0x7ffc0000 [ 167.906352][ T7338] netlink: 24 bytes leftover after parsing attributes in process `syz.0.496'. [ 168.083797][ T30] audit: type=1326 audit(1755664239.465:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7339 comm="syz.3.508" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd2e938ebe9 code=0x0 [ 168.291740][ T30] audit: type=1326 audit(1755664239.675:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7345 comm="syz.2.510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd52f98ebe9 code=0x7ffc0000 [ 168.345306][ T30] audit: type=1326 audit(1755664239.695:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7345 comm="syz.2.510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd52f98ebe9 code=0x7ffc0000 [ 168.412706][ T30] audit: type=1326 audit(1755664239.695:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7345 comm="syz.2.510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=52 compat=0 ip=0x7fd52f98ebe9 code=0x7ffc0000 [ 168.497031][ T30] audit: type=1326 audit(1755664239.695:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7345 comm="syz.2.510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd52f98ebe9 code=0x7ffc0000 [ 168.706824][ T7351] bridge: RTM_NEWNEIGH with invalid ether address [ 169.187346][ T7358] veth0: entered promiscuous mode [ 169.193165][ T7358] netlink: 4 bytes leftover after parsing attributes in process `syz.2.515'. [ 169.240331][ T7358] veth0 (unregistering): left promiscuous mode [ 169.342505][ T7319] lo speed is unknown, defaulting to 1000 [ 169.845861][ T1226] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 169.947726][ T1226] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz1] on syz0 [ 170.276082][ T7374] fido_id[7374]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 170.417542][ T7379] $H: renamed from bond0 (while UP) [ 170.481175][ T7379] $H: entered promiscuous mode [ 170.488903][ T7379] bond_slave_0: entered promiscuous mode [ 170.505513][ T7379] bond_slave_1: entered promiscuous mode [ 170.694137][ T30] audit: type=1326 audit(1755664242.075:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7381 comm="syz.4.522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7e118ebe9 code=0x7ffc0000 [ 170.764025][ T30] audit: type=1326 audit(1755664242.075:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7381 comm="syz.4.522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7e118ebe9 code=0x7ffc0000 [ 170.821091][ T7343] lo speed is unknown, defaulting to 1000 [ 170.989657][ T7386] bridge: RTM_NEWNEIGH with invalid ether address [ 171.221079][ T7394] netlink: 12 bytes leftover after parsing attributes in process `syz.0.528'. [ 172.636990][ T30] kauditd_printk_skb: 31 callbacks suppressed [ 172.637007][ T30] audit: type=1326 audit(1755664244.015:383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7440 comm="syz.2.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd52f98ebe9 code=0x7ffc0000 [ 172.733843][ T7445] netlink: 56 bytes leftover after parsing attributes in process `syz.0.550'. [ 172.801231][ T7441] sd 0:0:1:0: device reset [ 172.896173][ T30] audit: type=1326 audit(1755664244.045:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7440 comm="syz.2.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd52f98ebe9 code=0x7ffc0000 [ 172.918423][ T30] audit: type=1326 audit(1755664244.055:385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7440 comm="syz.2.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd52f98d550 code=0x7ffc0000 [ 172.957194][ T30] audit: type=1326 audit(1755664244.055:386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7440 comm="syz.2.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd52f98ebe9 code=0x7ffc0000 [ 173.257514][ T30] audit: type=1326 audit(1755664244.055:387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7440 comm="syz.2.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd52f98ebe9 code=0x7ffc0000 [ 173.637168][ T30] audit: type=1326 audit(1755664244.065:388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7440 comm="syz.2.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd52f98ebe9 code=0x7ffc0000 [ 173.772984][ T30] audit: type=1326 audit(1755664244.065:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7440 comm="syz.2.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd52f98ebe9 code=0x7ffc0000 [ 173.809987][ T30] audit: type=1326 audit(1755664244.065:390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7440 comm="syz.2.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd52f98ebe9 code=0x7ffc0000 [ 173.869493][ T30] audit: type=1326 audit(1755664244.065:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7440 comm="syz.2.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd52f98ebe9 code=0x7ffc0000 [ 173.949481][ T30] audit: type=1326 audit(1755664244.065:392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7440 comm="syz.2.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd52f98ebe9 code=0x7ffc0000 [ 174.175863][ T7466] tipc: Enabled bearer , priority 0 [ 174.183576][ T7466] syzkaller0: entered promiscuous mode [ 174.189196][ T7466] syzkaller0: entered allmulticast mode [ 174.220230][ T7466] tipc: Resetting bearer [ 174.240246][ T7465] tipc: Resetting bearer [ 174.290795][ T7465] tipc: Disabling bearer [ 175.424355][ T7497] tipc: Started in network mode [ 175.430606][ T7500] netlink: 44 bytes leftover after parsing attributes in process `syz.0.575'. [ 175.435409][ T7497] tipc: Node identity 2e44c9985b76, cluster identity 4711 [ 175.479346][ T7497] tipc: Enabled bearer , priority 0 [ 175.488378][ T7502] syzkaller0: entered promiscuous mode [ 175.510019][ T7502] syzkaller0: entered allmulticast mode [ 175.569064][ T7497] tipc: Resetting bearer [ 175.604703][ T7495] tipc: Resetting bearer [ 175.692348][ T7495] tipc: Disabling bearer [ 175.929979][ T1226] usb 2-1: new low-speed USB device number 6 using dummy_hcd [ 176.386493][ T7511] lo speed is unknown, defaulting to 1000 [ 176.485097][ T7513] netlink: 'syz.0.577': attribute type 4 has an invalid length. [ 177.826170][ T30] kauditd_printk_skb: 4 callbacks suppressed [ 177.826190][ T30] audit: type=1326 audit(1755664249.205:397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7523 comm="syz.2.582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd52f98ebe9 code=0x7ffc0000 [ 177.902991][ T30] audit: type=1326 audit(1755664249.245:398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7523 comm="syz.2.582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd52f98ebe9 code=0x7ffc0000 [ 177.965402][ T30] audit: type=1326 audit(1755664249.245:399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7522 comm="syz.3.581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2e938ebe9 code=0x7ffc0000 [ 178.078482][ T30] audit: type=1326 audit(1755664249.245:400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7523 comm="syz.2.582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd52f98ebe9 code=0x7ffc0000 [ 178.196998][ T30] audit: type=1326 audit(1755664249.245:401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7523 comm="syz.2.582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd52f98ebe9 code=0x7ffc0000 [ 178.306538][ T30] audit: type=1326 audit(1755664249.245:402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7523 comm="syz.2.582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd52f98ebe9 code=0x7ffc0000 [ 178.410719][ T30] audit: type=1326 audit(1755664249.245:403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7523 comm="syz.2.582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd52f98ebe9 code=0x7ffc0000 [ 178.520847][ T30] audit: type=1326 audit(1755664249.245:404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7523 comm="syz.2.582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd52f98ebe9 code=0x7ffc0000 [ 178.573798][ T30] audit: type=1326 audit(1755664249.245:405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7523 comm="syz.2.582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd52f98ebe9 code=0x7ffc0000 [ 178.620954][ T1226] usb 2-1: device descriptor read/all, error -71 [ 178.644192][ T30] audit: type=1326 audit(1755664249.245:406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7522 comm="syz.3.581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fd2e938ebe9 code=0x7ffc0000 [ 178.728493][ T7541] netlink: 'syz.0.589': attribute type 21 has an invalid length. [ 178.758892][ T7541] netlink: 132 bytes leftover after parsing attributes in process `syz.0.589'. [ 179.549730][ T7564] netlink: 'syz.0.598': attribute type 4 has an invalid length. [ 179.838595][ T7571] rdma_op ffff88806ba2b1f0 conn xmit_rdma 0000000000000000 [ 180.219010][ T7588] netlink: 4 bytes leftover after parsing attributes in process `syz.4.608'. [ 180.370430][ T7591] netlink: 3 bytes leftover after parsing attributes in process `syz.0.609'. [ 180.422932][ T7591] 0X: renamed from caif0 [ 180.466089][ T7591] 0X: entered allmulticast mode [ 180.471573][ T7591] A link change request failed with some changes committed already. Interface 60X may have been left with an inconsistent configuration, please check. [ 180.863550][ T7597] netlink: 40 bytes leftover after parsing attributes in process `syz.0.609'. [ 181.150281][ T7591] tipc: Started in network mode [ 181.155230][ T7591] tipc: Node identity ac14140f, cluster identity 4711 [ 181.196987][ T7591] tipc: New replicast peer: 255.255.255.255 [ 181.231280][ T7591] tipc: Enabled bearer , priority 10 [ 181.499782][ T7614] netlink: 8 bytes leftover after parsing attributes in process `syz.4.612'. [ 181.509810][ T7614] netlink: 8 bytes leftover after parsing attributes in process `syz.4.612'. [ 181.533750][ T7609] netlink: 4 bytes leftover after parsing attributes in process `syz.3.614'. [ 181.913809][ T7628] netlink: 'syz.3.622': attribute type 153 has an invalid length. [ 182.241731][ T24] tipc: Node number set to 2886997007 [ 183.477104][ T7635] netlink: 132 bytes leftover after parsing attributes in process `syz.1.625'. [ 183.842642][ T7670] ======================================================= [ 183.842642][ T7670] WARNING: The mand mount option has been deprecated and [ 183.842642][ T7670] and is ignored by this kernel. Remove the mand [ 183.842642][ T7670] option from the mount to silence this warning. [ 183.842642][ T7670] ======================================================= [ 183.922954][ T7671] netlink: 'syz.2.639': attribute type 153 has an invalid length. [ 184.580081][ T5964] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 184.744688][ T5964] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 196, using maximum allowed: 30 [ 184.772370][ T5964] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 184.797832][ T5964] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 196 [ 184.829257][ T5964] usb 2-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.00 [ 184.845384][ T5964] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 185.017732][ T5964] usb 2-1: config 0 descriptor?? [ 185.143539][ T7705] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (148514 ns). Using initial count to start timer. [ 185.472255][ T7710] netlink: 24 bytes leftover after parsing attributes in process `syz.2.652'. [ 185.559294][ T5964] holtek_kbd 0003:04D9:A055.0002: hidraw0: USB HID v10.00 Device [HID 04d9:a055] on usb-dummy_hcd.1-1/input0 [ 185.612188][ T7716] netlink: 5128 bytes leftover after parsing attributes in process `syz.4.656'. [ 185.621519][ T7716] netlink: 5128 bytes leftover after parsing attributes in process `syz.4.656'. [ 185.631058][ T7716] netlink: 584 bytes leftover after parsing attributes in process `syz.4.656'. [ 185.707983][ T7717] xt_TPROXY: Can be used only with -p tcp or -p udp [ 186.329529][ T5964] usb 2-1: USB disconnect, device number 8 [ 186.440098][ T1226] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 186.571592][ T7718] fido_id[7718]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 186.606960][ T1226] usb 1-1: Using ep0 maxpacket: 32 [ 186.622808][ T1226] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 186.640875][ T1226] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 186.669958][ T1226] usb 1-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 186.717356][ T1226] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 186.730909][ T978] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 186.739126][ T1226] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 186.763422][ T1226] usb 1-1: Product: syz [ 186.767669][ T1226] usb 1-1: Manufacturer: syz [ 186.783054][ T1226] usb 1-1: SerialNumber: syz [ 186.853648][ T7724] process 'syz.1.658' launched './file0' with NULL argv: empty string added [ 186.923096][ T978] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 186.939973][ T978] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 186.963442][ T978] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 186.972730][ T978] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 186.990247][ T978] usb 5-1: SerialNumber: syz [ 187.222505][ T978] usb 5-1: 0:2 : does not exist [ 187.233340][ T978] usb 5-1: unit 255 not found! [ 187.254803][ T978] usb 5-1: 5:0: cannot get min/max values for control 2 (id 5) [ 187.322685][ T978] usb 5-1: USB disconnect, device number 2 [ 187.375148][ T7736] tipc: Started in network mode [ 187.392254][ T7736] tipc: Node identity be0729b4da0a, cluster identity 4711 [ 187.399842][ T7736] tipc: Enabled bearer , priority 0 [ 187.409223][ T7736] syzkaller0: entered promiscuous mode [ 187.418144][ T7736] syzkaller0: entered allmulticast mode [ 187.595804][ T6017] udevd[6017]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 187.619542][ T7735] tipc: Resetting bearer [ 187.645321][ T7735] tipc: Disabling bearer [ 188.408883][ T1226] cdc_ncm 1-1:1.0: bind() failure [ 188.440952][ T1226] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found [ 188.467721][ T1226] cdc_ncm 1-1:1.1: bind() failure [ 188.621091][ T1226] usb 1-1: USB disconnect, device number 3 [ 189.640388][ T5901] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 189.799987][ T5901] usb 1-1: Using ep0 maxpacket: 8 [ 189.864635][ T7792] overlayfs: missing 'workdir' [ 189.866115][ T5901] usb 1-1: config 0 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 189.912692][ T5901] usb 1-1: config 0 interface 0 altsetting 5 endpoint 0x81 has invalid wMaxPacketSize 0 [ 189.930428][ T5901] usb 1-1: config 0 interface 0 has no altsetting 0 [ 189.949510][ T5901] usb 1-1: New USB device found, idVendor=1b96, idProduct=0004, bcdDevice= 0.00 [ 189.969731][ T5901] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 189.993648][ T5901] usb 1-1: config 0 descriptor?? [ 190.139996][ T5954] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 190.300312][ T5954] usb 4-1: Using ep0 maxpacket: 16 [ 190.342962][ T5901] usbhid 1-1:0.0: can't add hid device: -71 [ 190.349982][ T5901] usbhid 1-1:0.0: probe with driver usbhid failed with error -71 [ 190.362676][ T5901] usb 1-1: USB disconnect, device number 4 [ 190.364782][ T5954] usb 4-1: config 0 has an invalid interface number: 41 but max is 0 [ 190.476064][ T7803] xt_TPROXY: Can be used only with -p tcp or -p udp [ 191.060747][ T5954] usb 4-1: config 0 has no interface number 0 [ 191.066936][ T5954] usb 4-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16 [ 191.078524][ T5954] usb 4-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64 [ 191.088523][ T5954] usb 4-1: config 0 interface 41 has no altsetting 0 [ 191.098480][ T5954] usb 4-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a [ 191.238152][ T5954] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 191.246295][ T5954] usb 4-1: Product: syz [ 191.250573][ T5954] usb 4-1: Manufacturer: syz [ 191.255310][ T5954] usb 4-1: SerialNumber: syz [ 191.277479][ T5954] usb 4-1: config 0 descriptor?? [ 191.284652][ T7792] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 191.292519][ T7792] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 191.416832][ T7811] vlan2: entered promiscuous mode [ 191.422173][ T7811] batadv0: entered promiscuous mode [ 191.505995][ T7792] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 191.530716][ T7792] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 192.199950][ T5954] CoreChips 4-1:0.41 (unnamed net_device) (uninitialized): sr_get_phy_addr : Error reading PHYID register:ffffffe0 [ 193.623061][ T5954] CoreChips 4-1:0.41 (unnamed net_device) (uninitialized): Failed to send software reset:ffffffb9 [ 193.654354][ T5954] CoreChips 4-1:0.41 (unnamed net_device) (uninitialized): Failed to power up PHY: -71 [ 193.690249][ T5954] CoreChips 4-1:0.41: probe with driver CoreChips failed with error -71 [ 193.752176][ T5954] usb 4-1: USB disconnect, device number 2 [ 193.946968][ T7863] kvm: emulating exchange as write [ 193.980007][ T5901] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 194.167596][ T5901] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 171, changing to 11 [ 194.189031][ T5901] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 41318, setting to 1024 [ 194.233186][ T5901] usb 1-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=69.cf [ 194.256097][ T5901] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 194.294947][ T5901] usb 1-1: Product: syz [ 194.299216][ T5901] usb 1-1: Manufacturer: syz [ 194.320589][ T5901] usb 1-1: SerialNumber: syz [ 194.358448][ T5901] usb 1-1: config 0 descriptor?? [ 194.383104][ T5901] usb 1-1: Found UVC 0.00 device syz (18ec:3288) [ 194.400084][ T5901] usb 1-1: No valid video chain found. [ 194.588236][ T5901] usb 1-1: USB disconnect, device number 5 [ 194.690990][ T30] kauditd_printk_skb: 49 callbacks suppressed [ 194.691008][ T30] audit: type=1326 audit(1755664266.075:456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7879 comm="syz.1.709" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3e6118ebe9 code=0x0 [ 194.842913][ T30] audit: type=1800 audit(1755664266.225:457): pid=7881 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.1.709" name="bus" dev="overlay" ino=724 res=0 errno=0 [ 195.049272][ T7884] fuse: Bad value for 'fd' [ 195.082503][ T7870] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 195.090343][ T7870] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 195.096541][ T7870] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 195.103682][ T7870] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 195.109771][ T7870] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 195.275178][ T7888] binder: 7887:7888 ioctl c0306201 0 returned -14 [ 195.521664][ T7904] netlink: 'syz.4.719': attribute type 153 has an invalid length. [ 195.690983][ T5964] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 195.823597][ T7917] syzkaller0: entered promiscuous mode [ 195.843175][ T7917] syzkaller0: entered allmulticast mode [ 195.884490][ T5964] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 195.902190][ T5964] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 195.917991][ T5964] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 195.932732][ T5964] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 195.948601][ T5964] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 195.975426][ T5964] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 195.993925][ T5964] usb 3-1: config 0 descriptor?? [ 196.007296][ T7898] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 196.392014][ T5840] Bluetooth: hci0: command 0x0c1a tx timeout [ 196.445279][ T5964] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 196.463727][ T978] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 196.480610][ T5964] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 196.509016][ T5964] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 196.525140][ T5964] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 196.536606][ T5964] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 196.549487][ T5964] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 196.609178][ T5964] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 196.637727][ T978] usb 2-1: Using ep0 maxpacket: 8 [ 196.645126][ T978] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 196.670018][ T978] usb 2-1: New USB device found, idVendor=05ac, idProduct=0274, bcdDevice= 0.00 [ 196.685916][ T978] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 196.728819][ T978] usb 2-1: config 0 descriptor?? [ 196.765403][ T5964] usb 3-1: USB disconnect, device number 2 [ 196.807443][ T7940] fido_id[7940]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/3-1/report_descriptor': No such file or directory [ 197.112003][ T5840] Bluetooth: hci4: command 0x0c1a tx timeout [ 197.112316][ T5157] Bluetooth: hci3: command 0x0c1a tx timeout [ 197.118203][ T5840] Bluetooth: hci2: command 0x0c1a tx timeout [ 197.124293][ T5853] Bluetooth: hci1: command 0x0c1a tx timeout [ 197.165665][ T978] apple 0003:05AC:0274.0004: item fetching failed at offset 0/2 [ 197.180711][ T978] apple 0003:05AC:0274.0004: parse failed [ 197.186620][ T978] apple 0003:05AC:0274.0004: probe with driver apple failed with error -22 [ 197.387070][ T5964] usb 2-1: USB disconnect, device number 9 [ 198.444763][ T978] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 198.608236][ T978] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 198.630033][ T978] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 198.669792][ T7979] netlink: 'syz.0.743': attribute type 153 has an invalid length. [ 198.685482][ T978] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 198.695012][ T978] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 198.703219][ T978] usb 5-1: SerialNumber: syz [ 199.167461][ T978] usb 5-1: 0:2 : does not exist [ 199.255323][ T978] usb 5-1: USB disconnect, device number 3 [ 199.311451][ T6017] udevd[6017]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 199.519435][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 199.708659][ T8004] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 199.941138][ T978] usb 5-1: new full-speed USB device number 4 using dummy_hcd [ 200.112150][ T978] usb 5-1: config 0 has no interfaces? [ 200.132725][ T978] usb 5-1: New USB device found, idVendor=05f9, idProduct=ffff, bcdDevice=fd.eb [ 200.148887][ T978] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 200.158149][ T978] usb 5-1: Product: syz [ 200.168697][ T978] usb 5-1: Manufacturer: syz [ 200.176073][ T978] usb 5-1: SerialNumber: syz [ 200.187399][ T978] usb 5-1: config 0 descriptor?? [ 200.444874][ T978] usb 5-1: USB disconnect, device number 4 [ 201.948711][ T8038] syzkaller0: entered promiscuous mode [ 201.972318][ T8038] syzkaller0: entered allmulticast mode [ 201.989468][ T30] audit: type=1800 audit(1755664273.365:458): pid=8040 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.3.763" name="/" dev="9p" ino=2 res=0 errno=0 [ 202.002050][ T8040] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] SMP KASAN PTI [ 202.019430][ T8040] KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f] [ 202.027907][ T8040] CPU: 0 UID: 0 PID: 8040 Comm: syz.3.763 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) [ 202.037761][ T8040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 202.047882][ T8040] RIP: 0010:iter_file_splice_write+0xa9b/0x1000 [ 202.054199][ T8040] Code: 00 74 08 4c 89 f7 e8 14 5b e0 ff 49 8b 1e 49 c7 06 00 00 00 00 48 83 c3 08 48 89 d8 48 c1 e8 03 49 be 00 00 00 00 00 fc ff df <42> 80 3c 30 00 44 8b 64 24 04 74 08 48 89 df e8 e1 5a e0 ff 4c 8b [ 202.073864][ T8040] RSP: 0018:ffffc90019c5f820 EFLAGS: 00010202 [ 202.079972][ T8040] RAX: 0000000000000001 RBX: 0000000000000008 RCX: ffff88802b665a00 [ 202.087996][ T8040] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 7ffffffffffffa07 [ 202.095996][ T8040] RBP: ffffc90019c5fa30 R08: ffff8880b863fb83 R09: 1ffff110170c7f70 [ 202.103994][ T8040] R10: dffffc0000000000 R11: ffffed10170c7f71 R12: dffffc0000000000 [ 202.112004][ T8040] R13: 7ffffffffffffa07 R14: dffffc0000000000 R15: ffff8880327b8828 [ 202.119998][ T8040] FS: 00007fd2ea1df6c0(0000) GS:ffff888125c57000(0000) knlGS:0000000000000000 [ 202.128955][ T8040] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 202.135554][ T8040] CR2: 0000001b31a0aff8 CR3: 0000000031492000 CR4: 00000000003526f0 [ 202.143551][ T8040] Call Trace: [ 202.146847][ T8040] [ 202.149818][ T8040] ? __pfx_iter_file_splice_write+0x10/0x10 [ 202.155737][ T8040] ? rcu_read_lock_any_held+0xb3/0x120 [ 202.161228][ T8040] ? __pfx_iter_file_splice_write+0x10/0x10 [ 202.167135][ T8040] direct_splice_actor+0x101/0x160 [ 202.172260][ T8040] splice_direct_to_actor+0x5a5/0xcc0 [ 202.177669][ T8040] ? __pfx_direct_splice_actor+0x10/0x10 [ 202.183399][ T8040] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 202.189332][ T8040] do_splice_direct+0x181/0x270 [ 202.194217][ T8040] ? __pfx_do_splice_direct+0x10/0x10 [ 202.199673][ T8040] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 202.205596][ T8040] ? rw_verify_area+0x258/0x650 [ 202.210476][ T8040] do_sendfile+0x4da/0x7e0 [ 202.214916][ T8040] ? lockdep_hardirqs_on+0x9c/0x150 [ 202.220144][ T8040] ? __pfx_do_sendfile+0x10/0x10 [ 202.225108][ T8040] ? __se_sys_futex+0x36f/0x400 [ 202.229981][ T8040] __se_sys_sendfile64+0x13e/0x190 [ 202.235185][ T8040] ? __pfx___se_sys_sendfile64+0x10/0x10 [ 202.240838][ T8040] ? rcu_is_watching+0x15/0xb0 [ 202.245618][ T8040] ? do_syscall_64+0xbe/0x3b0 [ 202.250314][ T8040] do_syscall_64+0xfa/0x3b0 [ 202.254837][ T8040] ? lockdep_hardirqs_on+0x9c/0x150 [ 202.260066][ T8040] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 202.266146][ T8040] ? clear_bhb_loop+0x60/0xb0 [ 202.270839][ T8040] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 202.276745][ T8040] RIP: 0033:0x7fd2e938ebe9 [ 202.281800][ T8040] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 202.301517][ T8040] RSP: 002b:00007fd2ea1df038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 202.309949][ T8040] RAX: ffffffffffffffda RBX: 00007fd2e95b5fa0 RCX: 00007fd2e938ebe9 [ 202.317939][ T8040] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000009 [ 202.325940][ T8040] RBP: 00007fd2e9411e19 R08: 0000000000000000 R09: 0000000000000000 [ 202.333953][ T8040] R10: 0000000080000000 R11: 0000000000000246 R12: 0000000000000000 [ 202.341954][ T8040] R13: 00007fd2e95b6038 R14: 00007fd2e95b5fa0 R15: 00007ffd57205cc8 [ 202.349955][ T8040] [ 202.352989][ T8040] Modules linked in: [ 202.358140][ T8040] ---[ end trace 0000000000000000 ]--- [ 202.378535][ T8040] RIP: 0010:iter_file_splice_write+0xa9b/0x1000 [ 202.398084][ T8040] Code: 00 74 08 4c 89 f7 e8 14 5b e0 ff 49 8b 1e 49 c7 06 00 00 00 00 48 83 c3 08 48 89 d8 48 c1 e8 03 49 be 00 00 00 00 00 fc ff df <42> 80 3c 30 00 44 8b 64 24 04 74 08 48 89 df e8 e1 5a e0 ff 4c 8b [ 202.418186][ T8040] RSP: 0018:ffffc90019c5f820 EFLAGS: 00010202 [ 202.427198][ T8040] RAX: 0000000000000001 RBX: 0000000000000008 RCX: ffff88802b665a00 [ 202.437536][ T8040] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 7ffffffffffffa07 [ 202.445651][ T8040] RBP: ffffc90019c5fa30 R08: ffff8880b863fb83 R09: 1ffff110170c7f70 [ 202.453942][ T8040] R10: dffffc0000000000 R11: ffffed10170c7f71 R12: dffffc0000000000 [ 202.475107][ T8040] R13: 7ffffffffffffa07 R14: dffffc0000000000 R15: ffff8880327b8828 [ 202.483264][ T8040] FS: 00007fd2ea1df6c0(0000) GS:ffff888125d57000(0000) knlGS:0000000000000000 [ 202.492347][ T8040] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 202.498975][ T8040] CR2: 00007fd7e13812f8 CR3: 0000000031492000 CR4: 00000000003526f0 [ 202.507041][ T8040] Kernel panic - not syncing: Fatal exception [ 202.513287][ T8040] Kernel Offset: disabled [ 202.517634][ T8040] Rebooting in 86400 seconds..