last executing test programs: 17m27.075757754s ago: executing program 0 (id=1371): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f0000000a80)=[{{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000480)="4cf6faacc3", 0x5}], 0x1, &(0x7f00000003c0)=[@rights={{0x10, 0x1, 0x1, [r0]}}], 0x10}}], 0x1, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) 17m26.947004807s ago: executing program 0 (id=1374): socket$pppoe(0x18, 0x1, 0x0) r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000011c0)=[{&(0x7f0000000140)="5c00000011006bcc9e3be35c6e17aa31076b876c1d0000007ea60864160af36514001ac004000202080002000300010004000200eab556a705251e618294ff0051f60a84c9f4d4938037e786a6d0001000000e4509c5bbcd72c6c953", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x300) 17m26.755531659s ago: executing program 0 (id=1377): futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0) futex(&(0x7f000000cffc)=0x4, 0x80000000000b, 0x4, 0x0, &(0x7f0000048000), 0xfffffffc) futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, &(0x7f0000048000), 0x0) 17m25.749023353s ago: executing program 0 (id=1395): mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfef, 0x0) mount$fuseblk(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x2001400, 0x0) umount2(&(0x7f00000001c0)='./file0\x00', 0x1) 17m25.521789546s ago: executing program 0 (id=1400): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$zero(0xffffff9c, &(0x7f0000002cc0), 0x200, 0x0) recvfrom$inet(r0, 0x0, 0x0, 0x40000103, 0x0, 0x0) 17m25.149470522s ago: executing program 0 (id=1406): r0 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000002380)={0x200000c0, 0xfffffeff, 0xfffffff8}, 0x10) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB="240000001a0001000300000000000000022000000000000000000000080002"], 0x24}}, 0x0) 17m24.795097168s ago: executing program 32 (id=1406): r0 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000002380)={0x200000c0, 0xfffffeff, 0xfffffff8}, 0x10) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB="240000001a0001000300000000000000022000000000000000000000080002"], 0x24}}, 0x0) 13m22.922129872s ago: executing program 5 (id=4412): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x4, 0x5, 0x7, 0x4, 0xf, "03f37fe99f4da288"}) ioctl$TIOCMSET(r0, 0x5418, &(0x7f0000000000)=0x8001) openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x2000, 0x0) 13m22.762355376s ago: executing program 5 (id=4414): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000007c0)='children\x00') syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) preadv(r0, &(0x7f0000000000)=[{&(0x7f0000000100)=""/120, 0x78}], 0x1, 0x4, 0x0) 13m22.354630957s ago: executing program 5 (id=4419): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000140)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_NEIGHBORS(r0, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="310300000000000000000800000008000300", @ANYRES32=r2], 0x24}}, 0x0) 13m22.244190727s ago: executing program 5 (id=4421): r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) syz_mount_image$fuse(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000002280)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0) r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901) move_mount(r1, &(0x7f0000000080)='\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x204) 13m21.244890353s ago: executing program 5 (id=4435): r0 = syz_open_dev$vim2m(&(0x7f0000000680), 0x1b, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1, 0x1, 0x1}) r1 = syz_open_dev$vim2m(&(0x7f0000000380), 0x101, 0x2) ioctl$vim2m_VIDIOC_DQBUF(r1, 0xc0585611, &(0x7f0000000540)=@overlay={0x3, 0x1, 0x4, 0x4, 0x14000000, {0x0, 0x2710}, {0x3, 0xc, 0x0, 0x8, 0xd7, 0x2, 'G\nHu'}, 0x7, 0x3, {}, 0x759d}) 13m20.972513245s ago: executing program 5 (id=4438): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x102080, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x200) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000500)={0x1, 0x0, [{0x1a0, 0x0, 0xfffffffffffffffe}]}) 13m20.569986291s ago: executing program 33 (id=4438): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x102080, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x200) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000500)={0x1, 0x0, [{0x1a0, 0x0, 0xfffffffffffffffe}]}) 6m58.056203718s ago: executing program 3 (id=8217): r0 = openat$mixer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r1 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r1, 0xc0045516, &(0x7f0000000b00)=0x7) ioctl$SOUND_MIXER_WRITE_RECSRC(r0, 0xc0044dff, &(0x7f0000000080)=0x3ff) ioctl$SOUND_MIXER_WRITE_RECSRC(r0, 0xc0044dff, &(0x7f0000000100)=0x4) 6m57.84819526s ago: executing program 3 (id=8219): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f00000002c0)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r1, 0x0) getsockopt$netlink(r0, 0x10e, 0x8, 0x0, &(0x7f0000000300)) 6m57.599259606s ago: executing program 3 (id=8222): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000140)={0x1, [0x0]}, &(0x7f0000000240)=0x8) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000300)={r2, 0x3, 0x30}, 0xc) 6m56.645074844s ago: executing program 3 (id=8234): r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) syz_mount_image$fuse(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000002280)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0) mount$fuse(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x100000, 0x0) r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) 6m56.037235207s ago: executing program 3 (id=8237): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000400)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000380)={0xe, 0x18, 0xfa00, @id_resuseaddr={&(0x7f0000000000)=0x1, r1, 0x0, 0x1, 0x4}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0xa, 0x4e21, 0x0, @loopback}, {0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, r1}}, 0x48) write$RDMA_USER_CM_CMD_LISTEN(r0, &(0x7f0000000240)={0x7, 0x8, 0xfa00, {r1, 0x10000}}, 0x10) 6m55.448450691s ago: executing program 3 (id=8243): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x200, 0x4) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'veth0\x00', 0x0}) sendto$packet(r0, &(0x7f0000000180)="0b041000e0ff020002004788aa96a13bb1000000000088641183", 0x10000, 0x0, &(0x7f0000000140)={0x11, 0x0, r2}, 0x14) 6m54.866636024s ago: executing program 34 (id=8243): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x200, 0x4) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'veth0\x00', 0x0}) sendto$packet(r0, &(0x7f0000000180)="0b041000e0ff020002004788aa96a13bb1000000000088641183", 0x10000, 0x0, &(0x7f0000000140)={0x11, 0x0, r2}, 0x14) 1m47.106126399s ago: executing program 4 (id=11368): mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000000000)={0x50, 0x0, r1, {0x7, 0x29, 0x8, 0x100000, 0x7, 0x3, 0x5, 0x9, 0x0, 0x0, 0x8, 0xa4}}, 0x50) lgetxattr(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000440)=@known='system.posix_acl_default\x00', 0x0, 0x0) 1m46.191602827s ago: executing program 4 (id=11372): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4138ae84, &(0x7f0000000c40)=@arm64={0x7, 0x6, 0x4, '\x00', 0x3}) ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000080)={0x3, 0x9}) 1m45.924377785s ago: executing program 4 (id=11373): bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb7"], 0x0, 0x3, 0x0, 0x0, 0x40f00, 0xe, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x1, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4140aecd, &(0x7f00000000c0)) 1m45.663585515s ago: executing program 4 (id=11376): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x41) umount2(&(0x7f0000000200)='./file0/../file0/../file0/../file0\x00', 0x1) 1m45.492021697s ago: executing program 4 (id=11378): r0 = socket$tipc(0x1e, 0x5, 0x0) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000140)={0x10000042}, 0x10) r1 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000000)={0x2042, 0xfffffffd}, 0x10) r2 = socket$tipc(0x1e, 0x5, 0x0) sendmsg$tipc(r2, &(0x7f0000000380)={&(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x2, {0x10000042, 0x0, 0x4}}, 0x10, 0x0}, 0x0) 1m45.11317873s ago: executing program 4 (id=11381): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x8000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000c80)={"b96e356b75b8a55d1e3c7812411429faf377a75455c903cfeb9f56628de2ac01d7b78529d73bac09e3cbe8baa7aba4f58df47230fd966d966012827a646296d958e2058982981f211a87aa7712accaa52ed20dcd5799f81985b7456b5133a9f413a1482338c42080e834c69f6a8f2dd7dafe056792b3adce973ee3a8d067c4fe9bc4589f2c12bd1638b6aa11744c11fc0969a323e57f84309b3d3224c22109c6bc4c414885697797c5c7160dd19e0dbd58ef4f23b1d04ba8d0613c1a9a3aedd97431dc31471003f7692ccb8eda40eaeb781d5a9cc8e639a291dd8b2d817c1ede1cb9925b00a93c387cd5ff918abfd47b06d923abe90cb8d4794933368e7555ca0a560560de791bb7448a2f53dd7ce2afd0c004a73a4cf8eac8e04c23a0986e4905768c57abba91bbb61ca3eff091ae72444a9d456b46dff63a3ac04021de7c555be6e433b9f23125a3969e818f53496d8d2aa5aaae25f28180a87f8ece7126386eab6682366c49b55c3f19503bc1c1f3045606aec15585040d83a9f7fe260e36708b682803a6004d6be22db174cbf4c2eff6fd573814e8ee5da51be376f4470565e6350d512d3677db302f58a602640b49cc628e6f672ce7d7b1934d8ef9e1e586f8281a3ca2435d169406cee8b0f90872809d831af2f7129598ab7199fedcb711cfb250548810765f826673084bae2427d2f0a0fc1f412d2b67f07b77e568981ca731a608a6ac18576d47299fcda8a853afe5460cab90a104197a4afc6ffe831cebb34c49b83715ecc467e8c2eb761c49a9524741148bf87aecbf4c072058c528b2714086727c08b749f0038d1f98a8240c91d1e21bb0eeb42ad12723fea903dbc3961b62538310bdf8bbc1a2f76c19af16ffbb4b3a3c3455b2a1a633e7c298aa8a7fdde96e5f68cff63d51a3a21c9b2be2bb65bf703c6160ee5c91130ba44ca5f57f80f058350275081c2e90409975d873b38da74a47bc2e219b818b4ff778ac92ef9b538fe7141c9e50fddcbbd0bbe38b60bbcee970db9bf93dd736adaf94ccca20c996d8082fc940a91fbeabfbe620b4f398d0d8b9abb392a7299411116a71691a760a73b607f44274c11985a2c0886bcbe276534e7d799388e1648da71cd930e02d5710a2facdcfa7558ae65b76a076887c33835bc8f278f2e865e0ca92d5dc0453f07e4c07ce7a7e490cdc9b5f9f4c5d5a4d3e46f651eb7f7f78e3e9a3fe296d704afdd3f479e37dafa306ae7ac3df6ad1675a3e4cf10a1c5b59104172903c6dab76ddf5f351f9a29238e15a06e347cfea23c96499a390365f301ff877820f167457f195dff7fe6febe55d7932774aa02ea6e2dab5abf496eba0b67808203ef5eafaf100a3fc4771d7424d42fbceb240b1f1d893f598c5964f24eaf141474bb46361ce37dcbdc9aab1a32a6f9e8bca2159de7ec666d4e524201305b161"}) 1m44.687988629s ago: executing program 35 (id=11381): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x8000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000c80)={"b96e356b75b8a55d1e3c7812411429faf377a75455c903cfeb9f56628de2ac01d7b78529d73bac09e3cbe8baa7aba4f58df47230fd966d966012827a646296d958e2058982981f211a87aa7712accaa52ed20dcd5799f81985b7456b5133a9f413a1482338c42080e834c69f6a8f2dd7dafe056792b3adce973ee3a8d067c4fe9bc4589f2c12bd1638b6aa11744c11fc0969a323e57f84309b3d3224c22109c6bc4c414885697797c5c7160dd19e0dbd58ef4f23b1d04ba8d0613c1a9a3aedd97431dc31471003f7692ccb8eda40eaeb781d5a9cc8e639a291dd8b2d817c1ede1cb9925b00a93c387cd5ff918abfd47b06d923abe90cb8d4794933368e7555ca0a560560de791bb7448a2f53dd7ce2afd0c004a73a4cf8eac8e04c23a0986e4905768c57abba91bbb61ca3eff091ae72444a9d456b46dff63a3ac04021de7c555be6e433b9f23125a3969e818f53496d8d2aa5aaae25f28180a87f8ece7126386eab6682366c49b55c3f19503bc1c1f3045606aec15585040d83a9f7fe260e36708b682803a6004d6be22db174cbf4c2eff6fd573814e8ee5da51be376f4470565e6350d512d3677db302f58a602640b49cc628e6f672ce7d7b1934d8ef9e1e586f8281a3ca2435d169406cee8b0f90872809d831af2f7129598ab7199fedcb711cfb250548810765f826673084bae2427d2f0a0fc1f412d2b67f07b77e568981ca731a608a6ac18576d47299fcda8a853afe5460cab90a104197a4afc6ffe831cebb34c49b83715ecc467e8c2eb761c49a9524741148bf87aecbf4c072058c528b2714086727c08b749f0038d1f98a8240c91d1e21bb0eeb42ad12723fea903dbc3961b62538310bdf8bbc1a2f76c19af16ffbb4b3a3c3455b2a1a633e7c298aa8a7fdde96e5f68cff63d51a3a21c9b2be2bb65bf703c6160ee5c91130ba44ca5f57f80f058350275081c2e90409975d873b38da74a47bc2e219b818b4ff778ac92ef9b538fe7141c9e50fddcbbd0bbe38b60bbcee970db9bf93dd736adaf94ccca20c996d8082fc940a91fbeabfbe620b4f398d0d8b9abb392a7299411116a71691a760a73b607f44274c11985a2c0886bcbe276534e7d799388e1648da71cd930e02d5710a2facdcfa7558ae65b76a076887c33835bc8f278f2e865e0ca92d5dc0453f07e4c07ce7a7e490cdc9b5f9f4c5d5a4d3e46f651eb7f7f78e3e9a3fe296d704afdd3f479e37dafa306ae7ac3df6ad1675a3e4cf10a1c5b59104172903c6dab76ddf5f351f9a29238e15a06e347cfea23c96499a390365f301ff877820f167457f195dff7fe6febe55d7932774aa02ea6e2dab5abf496eba0b67808203ef5eafaf100a3fc4771d7424d42fbceb240b1f1d893f598c5964f24eaf141474bb46361ce37dcbdc9aab1a32a6f9e8bca2159de7ec666d4e524201305b161"}) 47.170459931s ago: executing program 8 (id=11896): r0 = socket$qrtr(0x2a, 0x2, 0x0) connect$qrtr(r0, &(0x7f0000000200)={0x2a, 0x1, 0x7fff}, 0xc) r1 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x10c4, 0x0, 0x0, 0x580000}, &(0x7f00000005c0)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}) io_uring_enter(r1, 0x3512, 0x9d5c, 0x4, 0x0, 0x0) 46.479035698s ago: executing program 8 (id=11900): r0 = creat(&(0x7f00000001c0)='./file0\x00', 0x0) close(r0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r0, &(0x7f000000c400)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f00000002c0)={0x50, 0x0, r2, {0x7, 0x1f, 0xbe5, 0xffffffffe66213f0, 0x0, 0x0, 0x0, 0x0, 0x16, 0x0, 0x14c, 0x94a4}}, 0x50) 46.113818051s ago: executing program 8 (id=11902): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r1 = accept4(r0, 0x0, 0x0, 0x800) sendmmsg$alg(r1, &(0x7f0000000940)=[{0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000000280)="922f51c2652f6ebeb647ba19a7f202a8e9581eee20d85e47931757ced80465193b100f4661504be508b7065d2f664576", 0x30}], 0x1, &(0x7f0000000900)=[@op={0x10, 0x117, 0x3, 0x1}], 0x10, 0x40000}], 0x1, 0xc050) recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}], 0x1}, 0x0) 45.90050731s ago: executing program 8 (id=11903): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='blkio.bfq.io_queued_recursive\x00', 0x275a, 0x0) socket$inet6_sctp(0xa, 0x0, 0x84) userfaultfd(0x80001) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0xa}, {0xffff, 0xffff}}}, 0x24}}, 0x4000100) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) utimensat(r0, 0x0, &(0x7f0000000080)={{}, {0x77359400}}, 0x0) 45.378420638s ago: executing program 8 (id=11910): r0 = socket$can_raw(0x1d, 0x3, 0x1) write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000080)={'syz0\x00', {}, 0x49, [0x0, 0x3, 0x403, 0x100000, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1, 0xffffffff, 0x0, 0x0, 0x0, 0x3, 0x3, 0x10000000, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000a, 0x0, 0x0, 0x80000007, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x4, 0x0, 0xffffffff], [0x0, 0xa82, 0x0, 0x0, 0x2, 0x733, 0x3, 0xedc0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x2000000, 0x0, 0x0, 0x80000, 0x0, 0xfffffff8, 0x0, 0x0, 0x79, 0xfffffffd, 0x0, 0x0, 0x0, 0x2, 0x47, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x7fff0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x28220be6, 0x401, 0x0, 0x2, 0xfffffffc, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x20], [0x0, 0xfffffffc, 0x0, 0x6, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x6, 0x0, 0x0, 0x7, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0xffffffff, 0x89, 0x0, 0x800, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x80008000, 0x0, 0xfffffffe, 0xfffffffc, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x351e, 0x0, 0xd, 0x0, 0x0, 0x6492, 0x8], [0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0xd2a, 0x200000, 0x0, 0x0, 0x10, 0x0, 0x0, 0x804, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x2, 0x0, 0x4, 0x0, 0xfd32, 0x6, 0x0, 0x0, 0x0, 0x400, 0x5, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0xfffffffc, 0x0, 0x8000006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x4, 0x1, 0x0, 0x0, 0x100000]}, 0x45c) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000300)={'vxcan1\x00', 0x0}) bind$can_raw(r0, &(0x7f0000000000)={0x1d, r1}, 0x10) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f00000000c0), 0xf00) bind$can_raw(r0, &(0x7f0000000080), 0x10) 45.070656662s ago: executing program 8 (id=11916): openat$rfkill(0xffffffffffffff9c, &(0x7f0000000280), 0x40900, 0x0) syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00') r0 = syz_io_uring_setup(0x6883, &(0x7f0000000740)={0x0, 0x101828, 0x10100, 0x3}, &(0x7f00000000c0)=0x0, &(0x7f0000000340)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1}) io_uring_enter(r0, 0x2deb, 0x5f8b, 0x6, 0x0, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x5400, 0x0) 29.863407288s ago: executing program 36 (id=11916): openat$rfkill(0xffffffffffffff9c, &(0x7f0000000280), 0x40900, 0x0) syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00') r0 = syz_io_uring_setup(0x6883, &(0x7f0000000740)={0x0, 0x101828, 0x10100, 0x3}, &(0x7f00000000c0)=0x0, &(0x7f0000000340)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1}) io_uring_enter(r0, 0x2deb, 0x5f8b, 0x6, 0x0, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x5400, 0x0) 20.525564357s ago: executing program 6 (id=12171): r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x749}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000200)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) madvise(&(0x7f00008d7000/0x1000)=nil, 0x1000, 0x4) mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x42032, 0xffffffffffffffff, 0x0) readv(r0, &(0x7f0000000280)=[{0x0}, {&(0x7f0000000340)=""/93, 0x5d}], 0x2) 20.316286453s ago: executing program 6 (id=12172): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = syz_io_uring_setup(0x499, &(0x7f0000000400)={0x0, 0xd146, 0x0, 0xc, 0x288}, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x40, 0x0, r0, 0x0, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='0'], 0x30}}) io_uring_enter(r1, 0x3516, 0x0, 0x4, 0x0, 0x0) shutdown(r0, 0x0) 19.96465773s ago: executing program 1 (id=12176): r0 = shmget$private(0x0, 0x4000, 0x800, &(0x7f0000000000/0x4000)=nil) shmat(r0, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffcfff) r1 = io_uring_setup(0x1612, &(0x7f0000000200)={0x0, 0x0, 0x3040}) io_uring_register$IORING_REGISTER_BUFFERS2(r1, 0xf, &(0x7f0000001580)={0x3, 0x0, 0x0, &(0x7f00000014c0)=[{&(0x7f0000000040)=""/168, 0xa8}, {0x0}, {&(0x7f0000000280)=""/4086, 0xff6}], &(0x7f0000001540)=[0x2, 0x0, 0x4]}, 0x20) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r1, 0x10, &(0x7f0000001b00)={0x0, 0x0, &(0x7f0000001a80)=[{0x0}, {0x0}, {0x0}], 0x0, 0x3}, 0x20) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) 19.920033456s ago: executing program 6 (id=12177): socket$nl_netfilter(0x10, 0x3, 0xc) socket$inet6_udp(0xa, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x2, 0x4, 0x8, 0xd, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000280)=ANY=[@ANYRES32, @ANYRES32, @ANYRES64=r1, @ANYRES64=0x0, @ANYRESOCT=r0], 0x20) 19.825795565s ago: executing program 1 (id=12178): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r0, 0x25, &(0x7f00000000c0)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r1, 0x26, &(0x7f0000000000)) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r2, 0x25, &(0x7f00000000c0)) 19.723603297s ago: executing program 6 (id=12179): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'michael_mic-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="4dc07f947163300c", 0x8) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg$inet(r1, &(0x7f0000000e40)=[{{0x0, 0x0, &(0x7f0000019280)=[{&(0x7f0000000080)="4b979fc5100000dd46b001fe944e827bf253fea4540545", 0x17}, {&(0x7f0000000180)="e3", 0x1}, {&(0x7f0000019300)="d8fa34bdc8", 0x5}, {&(0x7f0000019080)="d119ed488159f3bd268f74da4438da4b0260f17f3a56b4a047186d98f191c53979ddba66751ac655d6803bf26fcd79560cc69b5e6c44d2cb77b2c9", 0x3b}], 0x4}}], 0x1, 0x24008804) sendmmsg$alg(r1, &(0x7f0000003b80)=[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4010}], 0x1, 0x10) 19.671874646s ago: executing program 1 (id=12180): r0 = add_key$keyring(&(0x7f0000000200), &(0x7f0000000240)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffb) r1 = add_key$keyring(&(0x7f00000000c0), &(0x7f00000002c0)={'syz', 0x0}, 0x0, 0x0, r0) pipe2$watch_queue(&(0x7f0000000040)={0xffffffffffffffff}, 0x80) keyctl$KEYCTL_WATCH_KEY(0x20, r1, r2, 0xb1) r3 = add_key$fscrypt_v1(&(0x7f0000001380), &(0x7f0000000280)={'fscrypt:', @auto=[0x37, 0x0, 0x0, 0x33, 0x61, 0x0, 0x0, 0x34, 0x31, 0x35, 0x34, 0x35, 0x0, 0x39, 0x65]}, &(0x7f0000000180)={0x0, "de8d0d27ca969fa15f8b3b7bae39c1b3327d4332f8c149d2d65a347d67f6db7eb90dfdad3cdebaaf421412f812305c9da91699b5a02c1295596f0fd9ec78f2fd", 0x8018}, 0x48, r0) keyctl$KEYCTL_MOVE(0x1e, r3, r0, r1, 0x0) 19.572931585s ago: executing program 1 (id=12181): r0 = openat$kvm(0xffffff9c, &(0x7f0000000100), 0x41, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f0000000200)={0x8f, 0x0, 0x6}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 19.542442952s ago: executing program 6 (id=12182): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x1000}, 0x20) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000280)={'team0\x00', 0x0}) setsockopt$XDP_TX_RING(r1, 0x11b, 0x3, &(0x7f00000001c0)=0x2, 0x4) bind$xdp(r1, &(0x7f0000000100)={0x2c, 0x0, r2}, 0x10) 19.399266556s ago: executing program 6 (id=12183): r0 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000300), 0x4) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000009c0)={0x14, 0x2d, 0x9, 0x70bd26, 0x0, {0x4}}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x84) 19.358645974s ago: executing program 1 (id=12184): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2000001, 0xc3072, 0xffffffffffffffff, 0x3000000) write$UHID_INPUT(r0, &(0x7f0000000240)={0x8, {"7f9654d636ab18b7938a2804505c72e9994ca22404fc203334cc21ed3d6a776fd12d13f9602b2980f983c31a5d1e431db778099ce3af3fb20e1ee1f4fdb77cbb36154982a93c19825d6fd273ab1eb5bcd47adad50de8a6791486e482e29ecc94284921f33b941cfc1000c9781d9a828c5ec7a2c77b4e624a5aa0e9e39782bad733eda81ba47e1c6116e4170e6587dd6210a57abe91f1f80c4e31139d8b73fe35ac1f99ea82dd6aa9c9aa67de88ae3e141020e1a876bbc449d2d843aa7e6d90b948b7e28770e6ac71010c63f17e90fd20806a9f8d9f418ee3af74aac64b04a27c4f5e3626ca2da546c79d24acadd11e8d272a22fc54078fd5e64475993668980a9f95aff964ded28f79c862e674356af492b8377a759d8ccf1accb9a18ef7ad16f438dde69cd020d71552b0810688c882a26a22b23f4b35471b08b379193db1cd7934a4049ff1b00d9795cda6e73951641d5e2365c24facd5afd09ed1d096d758b4fef66fe1aa22395d67b7e1db623d4a60a7dc93893d6c4a91df79535a855868c5dc0033d5c428cd25b85c5deb6e81068553bc84cead4d1eba8aa57e2b354a6899e44acbd3834491219b3e231cd55d82f161774a689efe197cc193ac0124c67738a0a1d5f16a6768c2c2ba7386c8c95ca08c55117f344f5a2bca0d09e79ea3fc49491f2c7adc513c2779c1bf62b1a8643d23e9e8b2ae41d4a59f1b82b82e092b36eb851b8456da871b4057aec325a9d4cccafde61f2abc85e3cabeabb856f6ffbfe23d69219ec8fae6beb54abe7870dbae823d49806a967a1c7f252999804f106745f20490bb3347b59321dc69765567abcbd89de04d89622170005df5871ed0fb72345a11da074060d7d4ee2e437f71a45723fb6b02de56067e54f54c52d10f7874a13cbfb3bd65ce54f9d6719ea210e0cf79e4e2157736ec07ac5915682ab81bced665c1e72fab8d8cfe509de0f21fe374b957b379fd5918061e21c2e96985cc1354b2de859b0f1a463ab04683b1253eda671c2353b5c208aca652f5419ffc4949a7fa909b95653f42d97390c400b4a1c308b11e73e9a06d3b164d3361e75584d70e6bc61d570a7e0c7da330f643194c1893fcd6489fac605eead61b53dff18caf526ecccc9bbd9146bc3c3bb67677695e6fddaab081786e9084014e60f5c03ae5a9087726b05e17402cd2fbb80d773b8a41470b1f901a8c2b2d57450181f4fc5bc53c7cb3dc032b84567492607cb08832eca9f79da9210d197863e5db5a74a9823dc0cc8bd9f3a9b6ff5a7d15d4747a9b26e088f4fad96d81cd1214226b1c4585d418d593220fcbb9ad949266cc48163e3498b46ebcdf7b2b5ecfe67539a61ed9e39b02d5b35ac0d0e7fa830034ca2da8a7ddf04bcf2cee939994369feb77023e0e3de04b21db7a640a92c17748245005cd75a7deba4ff0e4c104a9db2d9a98ec8edb3562050a3bac5f322290e3d8b6fb21770ac436d4cb12b97fc8f76d7bb9eeed85663eb0626f1ad1719ee4b07f7de2c1d1a31c27c6879f4fa3dbdfb2bfc0898beabafbeca9f13050e6b2f6c432e423cd5cb6b8fa56fe32c3e50104e44462c0a5c69de6a7ac5ae3d9f07ceed64dbffa42e4663838bfcde92f0fcb895f3b93c59b0e48c09890dfc36436db56b708f6e7cbbd2a6305f573cee099dbcd263cb96d9fb69cbc3cb06d8f5e3789698a17e71d22b4665ff5447fcc17a31bb136c8bb4b984573bcaf1cb650198c1266e6ddfd42d44f9de02cb9d915c5334c550fac3fcee56790aeb09d81e7690a32d8b0cc477b23f15257820de227be1ffaec2f63f3266b8f5dd78947dcee355fe59bfb100e5244425532bb1d115acd211b8c16b0ec0aae00fca5d4511a05c3ff027a1cac56210a10d81c01b90e156cc7b33de0fac825dc516d398166096013e068db935483c93ba95da39b5ae4087d84479a4c4809f28f93790dc279637bd6f3dc441d315cf6bd7b0e3d92070a45baf4445ce063fd12690eb002f5ca068a256bc54100c99a02a346beca39072163c4b297d117f1ed9fef42e3dbc11d36a0a0db52e84461c6fbb4aad62cd6c8dc9ae6a3390a5e8773ac599e67436220c8d541a9039762bffaa7f490e31dddbc362fb4ff686cda905f3b02a1db76d4d570d970434921ca8a4765af6d5c8b881e1f4ffa7e2d9ef5f5511b94f88474674ec790bb5186c73446a227bf1ffd19b605733abd1bd41e421aeaf2ed4617088c7ceef85451225056435993e89e4bccd2c2e4b39af99feef11fea645eeb5cf9f77b1e19a72d3efb613100969b84302789714bca65bcbc96762b4012a5700c62aed706433b9f142b7302442b6a9958b0e28e8b1cfa9eeb4ac0d71f497b23babf9f0221dcb658d9f4db5d45bee30d2ad7c97d6a562e014a7701c15325ec5d42ab732b37714a77a95c03fb15bbfba6fade32bf50f985a1df362ca7216cc152907dd931acb58a63920f581e82b590c0d6a0033009f8e50c3263d3f58596b63d507cadbc809a6690561f74d0772bf92d04e06c47a350724b106f5e83f7e71c4b2a983bf5ad7d8684e7b8b5dc1273d0fa5879b8e61bde33d602bc8ff0913b6d32dcac366d568dc7cf82bbfc405cbe418a2644c26592b32ca1a632fc95123efb784cfb6953a94ebeccd24fba389a0e56b043df07d9a2dd38a1196e5e55576b25f85cb96f6560802a4a58b7a6857e8454faa2c880bf32d464562b2bdc5f0df22b663f2c01fc944f1cfd1908f617f8295a5440bb79ae178ea46a95baeea48322105146ac3ed2de7d3796ddddcc848a8ecf4a00dd055733b4f59211f5a40deea44e74b3bc57953b26ed61e6fd67889edfe8d0902385e37666aacec072735630ecc441c3cc6b09bb2f63aa4e332c6df728dc74078a83ce20454dfd616d116270666ddc09c5fea2e8442bc43455d0257fac92f3780061178f9420bf8e463f29896c12383dbb9a81bc5c87376e647c8a9786cb514fb9696d9c0a8d303c5c4b5b7c5f601c01fa19323e02f675c371bc44fbc1ac5704d41a89a2a4ccec6ac8440c532f07da25aa2dce6a5d2ebe694eb4017d178b221213bfe2a01d9cfe689bd190776bca6c032f446eb8862587a7826e35f3f691763212eee6af2e49bbeb0a27e07c5714b74e373798c7bebce265f7ebef3a1ea64078cf1e8a9d433af32c53090c972ffedbadafb50b9a6e540abd84f8e938583ea725954be3b236c5d8aca7d486d21902a2902f25a7c02dbe83c39bd0b81513f9ef198c49d560e930ae224ff47f92e4851e1f7ab5bb406abcf6596569261e6b0c67bb3b854e9c6de60bfb60fcf29241ff237151310ecd19f8b2cfe764c1df1a2de9d840eca47aa169ba9a415901204ec31ccdfd76e908029ae34fb12dc286758c64fd6d42bc82b14e07e421f4b42b180cd6ef40cac8062928b4a420a4577f24295f54de9048ac9d34307bf93e463cea4967cf4880166f68ed1eb965db2e4fb9f5f0b1c695d621e427ccb9a3188073ee6fde729c6698346efa1c0ba643c1efd20858965511da750060d551c44c435a5f1603fae7357e0bc78e92aad3d88790ec2aa1a42d6fe7e0ffc57f3599e406db63be7dd32692df32ce33dee0a2becdb02d6e435e09de3d356497543db23f53da25643f9c585e275297800d8beed47f0e622f86fc25d2e87036fdceebfe7257cb6de0c02412d1c0758acfcd0862e99ad17a118f46f635a87477e8b825423d94ada35bf0b5444aa7d3de4bb7eec7ae5129fcc2cba651cc972f5500fc5161149d29f452962afb102a01ae76825cb4477460be0b85d75058595c27e9b7fae3492ec3925c671bee5f4ca534d5a294f783d6cc073c992139b61d21fd98297b04c0578dafd5f7ebcaf8d4d9185aea3d76e813421f4573b38c25093c015a65e44fb297f0f6ac2d02c4237b37a3bfca2406c5c95ae5812816bacad59ba7c6f72d7c644ff25b592ed1e89b276e05866c01a4ced7fc6dd9f190c20d420d7c8a1fe908833a24c5e5bd7a95a2a6fbf147fc4b29a179718166dd0fbae2fc6b8c8aac6194fa6baf0d3edc36b2316c56c441ba53e3e7aaaf0a1405566ff584f73a637b74dde9bcb4d41da2be6c9df5d533fbac54f5fb52a8a793757cfe19aa90048c6d07e3474136ae1be2455b0d0d02eb4b5961ba883209355c0dd2af4aad98e7b971e358a7d9b55fe17cd6095f257355d9b99e5ea52848f17b35a80792d9ed0fef6fe3eef9a324902409969823be20bbe0e8dba9c747cd1a14d3642d877b86271f3f0c322a142c4ff635b37d542c3265b5fe8589a732bb1a55010b930dd0196cd43ac3634c01b4a44c517197d03a3d89c67f5c09aab409e84c0af466bfbd0c96d240101a2542c66b4b4b8ef65b41b0079995c52cc9720d2c1d7c128c6f17a65cc798c1986cfbd8888460c54438edc4f91f3580391c8b57d9aee209a59a116c1c44775437e9c30e6d87e82ce84e28532b19441e32ab9aea22177bac9daad25a6c88395e9348d6780de630cddb266c411011175bdb6255a36535180818447d43ffba3758d311539fe9f6811fa470bf3767b4c2d4cdf37854c7ee28730bb1d39d5c0dfffcdbf353cca3e13079f3ae66b839c7dd36914022a0e75bca5b622f521420b73249ef47f03c1fb03ecf7557882afcaa7cf454a68ad237d4ce860bd6b1531c1cafe2cfb76bc4188271ef6bdfb304ee0e6932463a1909f03d6e8a27b5f137d6b342841d613863dfdf37d5ec3a98d667810fb6f82d67620bdefed8b3ff98420a6c7ee577c3ba68b95a20403608a7ba6526ec9e8662c6e15ab09b1a9019d4958af04cb2e4890ee6b1077fcaa5cc0817f388461b230fe631e75f18ab392a5ca5de4a024ca16dd05fcfdf92114e43a5c4a169d462ff0dba57deeaf5eaafd892f8ccbd72ac56471162e1416bca39859b4184ba0d1b3f7ec05db4ef4cf0142867fa9be328a0be8aa74c716aad9411008607980861f4f72e9bfa60195e2f939d3f6a44a6cec07dd376d1bccaa126686f313d5f7918ecd1215026982c82ed1922ef70e36e8ed59b2d5ceab3b4aad7e53049062dd5ba0e87f7005c3f4d2b788245cdc2f35ef2572bea5ea92dfad406ade6d5ad18be8eeb4c652e5277b244645c68c0c0f5a68d42e00d59b75941917b2cdf31fdf809f2078ca97fd5beba65b34e0621138ea0e94feb87166b2dac2232ebca575e5c0a4d565d9992f733bbfbe68a63d99ee93398604065d5517c33ed0e067bdb643e73102f16137afd7d4bf21e8065ea028c392a6dcefbe642dc3fb03a239d9c8b17023eacc8e19fea11c34a10644af1b786fc0f4504038c2ee59c1b353f3d7b9313df025b4b5874ca63ec164a3fe35bf390d266f53dcda6a8e190e63a56ffdf4f7c5c02aa22d376db06d4d2b96be5b331f897d1ecfd25c13a1c194c265dd95a5724a6435bc8138224d9db28b689b9cea5132cd19601dbc4a43e70c71e27e8fd0689d09484974e8a4605f8553735fffaf5654a087e323ca14e02b681b9bbe592bd6b719ae2e86bdf918b27c79d52dd334d1aa7ebc1bff76e97572faad092010a1022f7d33089049107a89c364ae7dd022d119e8f6ab795fd71d76a90e8202339401ff9e9918ea8c8e12f7b0ba10d9ebde5d1bc5988f2d07b34579d8c282628204f2978d8b0cf95dc41f3775a4053f833267c64b42336d7c850f2918ef0dd6d62e43fcc173254eb34748efd4754609ce25ade162ba3c91bb844aaf6fd648ee5a8fc5c64346603f8258592d67b9613e8f7ac0def0958f13436581d729e0b3e062738eb06b2116abe837529690a614fc5d3f53b4d4602e57060", 0x1000}}, 0x1006) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x11, r0, 0x0) madvise(&(0x7f0000000000/0x2000)=nil, 0x8000000, 0x19) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) 19.252604644s ago: executing program 1 (id=12185): r0 = socket$pppl2tp(0x18, 0x1, 0x1) r1 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @dev}, 0x2}}, 0x2e) r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_SESSION_DELETE(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000007c0)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100cebd70020500000004fffe000800090002"], 0x48}}, 0x0) 4.356060141s ago: executing program 37 (id=12183): r0 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000300), 0x4) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000009c0)={0x14, 0x2d, 0x9, 0x70bd26, 0x0, {0x4}}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x84) 4.172833616s ago: executing program 38 (id=12185): r0 = socket$pppl2tp(0x18, 0x1, 0x1) r1 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @dev}, 0x2}}, 0x2e) r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_SESSION_DELETE(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000007c0)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100cebd70020500000004fffe000800090002"], 0x48}}, 0x0) 1.655352197s ago: executing program 7 (id=12288): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x2382, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f00000000c0)={0x79, 0x0, 0x119}) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000000400000004"]) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000180)={0x4, 0x2007}) 1.520646984s ago: executing program 7 (id=12289): ioctl$PTP_EXTTS_REQUEST2(0xffffffffffffffff, 0x40103d0b, &(0x7f0000000400)={0x3}) syz_emit_ethernet(0x100, &(0x7f00000007c0)={@empty, @local, @val={@void}, {@mpls_uc={0x8847, {[], @ipv6=@tcp={0x0, 0x6, "5c030a", 0xc6, 0x6, 0xff, @loopback, @remote, {[], {{0x4e22, 0x4e23, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4, 0x0, 0x0, 0xd}, {"da3aee2497e6406fee7c233d4a38714a4f24a37c2841a3f1da4d75d0000f5b8fe1cc3ff05dd52067e6945933e249dbde857545f96ff472265d65db5b7330f76b079c70988bad368dbbe29b918946d64173315605dfdcba187d2c59d3512c6d7d363d91b31fd5224cb7d69803277bad8ec5908dc988a0b63ce534971c61e549dbba9b645f5eeaaca27acc175734309de181ad1c6716c2b536c78af43bbfe3e202a191cb7d386a8e480ee883bbcf017dadcfc9"}}}}}}}}, 0x0) r0 = add_key$user(&(0x7f0000000380), &(0x7f0000000000)={'syz', 0x0}, &(0x7f0000000580)='x', 0x1, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f00000000c0), 0x390, 0xfffffffffffffffd) add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f0000000340), 0x584, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000080)={r0, r1, r1}, 0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)={'sha1-generic\x00'}}) 1.448915865s ago: executing program 7 (id=12290): sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000001680)={0x0, 0x0, &(0x7f0000001640)={&(0x7f0000000140)=@getpolicy={0x5c, 0x15, 0x1, 0x70bd2a, 0x25dfdbfd, {{@in=@local, @in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x4e24, 0x0, 0x4e21, 0x0, 0xa, 0x10, 0xa0, 0x11}, 0x6e6bb5, 0x2}, [@mark={0xc, 0x15, {0x35075a, 0x1101}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x2843ca8725c9de81}, 0x4000) pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="d4000000190019a9000000000000000002200000ff02ff000000000008000100ac14141218"], 0x1}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000140), 0x4240a2ca) splice(r0, 0x0, r2, 0x0, 0x84ffe0, 0x0) 1.401802253s ago: executing program 2 (id=12291): mknod(&(0x7f0000000080)='./bus\x00', 0x1000, 0x0) r0 = open(&(0x7f0000000100)='./bus\x00', 0x143142, 0xa2) r1 = syz_io_uring_setup(0x239, &(0x7f0000000300)={0x0, 0x3415, 0x10100}, &(0x7f0000000180)=0x0, &(0x7f0000000280)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r1, 0x2def, 0x0, 0x0, 0x0, 0x0) vmsplice(r0, &(0x7f0000002600)=[{&(0x7f0000000380)="88", 0x1}], 0x1, 0x0) 1.332100176s ago: executing program 2 (id=12292): mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xb, 0xc3072, 0xffffffffffffffff, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'md5-generic\x00'}, 0x5a) syz_clone(0x1002000, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = accept4(r0, 0x0, 0x0, 0x0) write(r1, &(0x7f0000000040)="cb", 0xfffffdef) 1.064717031s ago: executing program 2 (id=12293): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000)) timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) landlock_create_ruleset(&(0x7f0000000040)={0x600, 0x3, 0x1}, 0x18, 0x0) io_setup(0xd, &(0x7f0000000040)) 559.913625ms ago: executing program 7 (id=12294): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/pids.max\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000000), 0x12) syz_emit_ethernet(0x4e, &(0x7f0000000580)={@link_local, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00 \x00', 0x18, 0x3a, 0xff, @ipv4={'\x00', '\xff\xff', @local}, @mcast2, {[], @ndisc_na={0x88, 0x0, 0x0, 0xf6, '\x00', @private1={0xfc, 0x1, '\x00', 0x1}}}}}}}, 0x0) syz_clone3(&(0x7f00000000c0)={0x200000400, 0x0, 0x0, 0x0, {0x6}, 0x0, 0x0, 0x0, 0x0, 0x0, {r0}}, 0x58) 494.372264ms ago: executing program 2 (id=12295): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt(r0, 0x84, 0x81, &(0x7f0000000000)="0000000000000002", 0x8) sendmmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000001f00)=[{&(0x7f0000000000)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0}], 0x1, 0x0) r1 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000280)=0x8) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f0000000200)=ANY=[@ANYRES32=r2], 0xf) 422.32283ms ago: executing program 2 (id=12296): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000080)=0x1, 0x4) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000180)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x7fe, 0xf83, 0x8}, 0x1c) openat$vmci(0xffffffffffffff9c, 0x0, 0x2, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0x14, 0x3d, 0x107, 0x0, 0x0, {0x3, 0x7c}}, 0x14}}, 0xc000) 355.448947ms ago: executing program 7 (id=12297): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000000)={0x200042, 0x0, 0x3}, 0x10) bind$tipc(r1, 0x0, 0x0) r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x30, r2, 0x1, 0x8, 0x25dfdbfb, {{}, {}, {0x14, 0x19, {0xffff8000, 0x4}}}}, 0x30}}, 0x2c040090) 342.646679ms ago: executing program 2 (id=12298): r0 = userfaultfd(0x801) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x769}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) openat$sequencer(0xffffff9c, 0x0, 0x900, 0x0) ppoll(&(0x7f0000000080)=[{r0, 0x4047, 0x700}, {r0, 0x5191}], 0x2, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) 0s ago: executing program 7 (id=12299): execveat(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x1000) keyctl$clear(0x3, 0xfffffffffffffffc) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_emit_ethernet(0xae, &(0x7f0000000000)={@local, @local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "000210", 0x78, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0xff, 0x0, 0x2, 0x0, 0x0, [{0x18, 0xa, "a78ce54006598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af1802"}, {0x0, 0x53, "005ff9297d00001392000100"}, {0x18, 0x1, "00f5ffffff00"}]}}}}}}, 0x0) kernel console output (not intermixed with test programs): ses=4294967295 subj=unconfined pid=30839 comm="syz.6.10143" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 1019.862620][ T30] audit: type=1326 audit(1750365108.044:3481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30839 comm="syz.6.10143" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70be558 code=0x7ffc0000 [ 1019.893844][ T30] audit: type=1326 audit(1750365108.044:3482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30839 comm="syz.6.10143" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70be558 code=0x7ffc0000 [ 1019.928918][ T30] audit: type=1326 audit(1750365108.044:3483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30839 comm="syz.6.10143" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70be558 code=0x7ffc0000 [ 1021.094147][T30871] input: syz1 as /devices/virtual/input/input94 [ 1021.605172][T16127] usb 3-1: new high-speed USB device number 71 using dummy_hcd [ 1021.790301][T16127] usb 3-1: Using ep0 maxpacket: 32 [ 1021.798394][T16127] usb 3-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92 [ 1021.809700][T16127] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1021.825383][T16127] usb 3-1: config 0 descriptor?? [ 1021.841682][T16127] gspca_main: nw80x-2.14.0 probing 055f:d001 [ 1022.337901][ T5852] Bluetooth: hci1: hardware error 0x0e [ 1022.857282][T16127] gspca_nw80x: reg_w err -71 [ 1022.875953][T16127] nw80x 3-1:0.0: probe with driver nw80x failed with error -71 [ 1022.903308][T16127] usb 3-1: USB disconnect, device number 71 [ 1023.390087][T30934] netlink: 20 bytes leftover after parsing attributes in process `syz.7.10184'. [ 1023.545609][ T30] kauditd_printk_skb: 143 callbacks suppressed [ 1023.545630][ T30] audit: type=1326 audit(1750365111.834:3627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30937 comm="syz.2.10186" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f64539 code=0x7ffc0000 [ 1023.617613][ T30] audit: type=1326 audit(1750365111.834:3628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30937 comm="syz.2.10186" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f64539 code=0x7ffc0000 [ 1023.678719][ T30] audit: type=1326 audit(1750365111.894:3629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30937 comm="syz.2.10186" exe="/root/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7f64539 code=0x7ffc0000 [ 1023.701096][ C1] vkms_vblank_simulate: vblank timer overrun [ 1023.717598][ T30] audit: type=1326 audit(1750365111.944:3630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30937 comm="syz.2.10186" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f64539 code=0x7ffc0000 [ 1023.749873][T28306] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1023.762629][T28306] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1023.771028][T30941] loop8: detected capacity change from 1 to 0 [ 1023.783891][ T30] audit: type=1326 audit(1750365111.944:3631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30937 comm="syz.2.10186" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f64539 code=0x7ffc0000 [ 1023.896225][ T30] audit: type=1326 audit(1750365111.954:3632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30937 comm="syz.2.10186" exe="/root/syz-executor" sig=0 arch=40000003 syscall=260 compat=1 ip=0xf7f64539 code=0x7ffc0000 [ 1024.094484][ T30] audit: type=1326 audit(1750365111.954:3633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30937 comm="syz.2.10186" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f64558 code=0x7ffc0000 [ 1024.116883][ C1] vkms_vblank_simulate: vblank timer overrun [ 1024.168990][ T30] audit: type=1326 audit(1750365111.954:3634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30937 comm="syz.2.10186" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f64558 code=0x7ffc0000 [ 1024.184780][T30955] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10193'. [ 1024.356060][ T30] audit: type=1326 audit(1750365111.954:3635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30937 comm="syz.2.10186" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f64558 code=0x7ffc0000 [ 1024.381157][ C1] vkms_vblank_simulate: vblank timer overrun [ 1024.410446][ T30] audit: type=1326 audit(1750365111.954:3636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30937 comm="syz.2.10186" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f64558 code=0x7ffc0000 [ 1024.420464][ T5852] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 1024.432668][ C1] vkms_vblank_simulate: vblank timer overrun [ 1025.565912][T30992] Context (ID=0x0) not attached to queue pair (handle=0x1:0xfffffffa) [ 1026.577062][T31008] netlink: 8 bytes leftover after parsing attributes in process `syz.4.10215'. [ 1026.591986][T31008] netlink: 'syz.4.10215': attribute type 1 has an invalid length. [ 1026.600472][T31008] netlink: 'syz.4.10215': attribute type 2 has an invalid length. [ 1026.859212][T31014] input: syz0 as /devices/virtual/input/input95 [ 1027.355782][T31029] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10225'. [ 1027.565042][T31034] syzkaller1: entered promiscuous mode [ 1027.585779][T31034] syzkaller1: entered allmulticast mode [ 1027.886475][T31042] net_ratelimit: 675 callbacks suppressed [ 1027.886490][T31042] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 1028.688263][T31063] netlink: 16 bytes leftover after parsing attributes in process `syz.6.10238'. [ 1029.359265][T31084] syzkaller1: entered promiscuous mode [ 1029.368535][T31084] syzkaller1: entered allmulticast mode [ 1030.871250][T31121] batadv_slave_1: entered promiscuous mode [ 1030.885785][T31120] batadv_slave_1: left promiscuous mode [ 1031.233137][ T30] kauditd_printk_skb: 374 callbacks suppressed [ 1031.233158][ T30] audit: type=1326 audit(1750365119.524:4011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31108 comm="syz.4.10258" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e539 code=0x7ffc0000 [ 1031.271465][ T30] audit: type=1326 audit(1750365119.524:4012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31108 comm="syz.4.10258" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf706e558 code=0x7ffc0000 [ 1031.303230][ T30] audit: type=1326 audit(1750365119.524:4013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31108 comm="syz.4.10258" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e539 code=0x7ffc0000 [ 1031.328326][ T30] audit: type=1326 audit(1750365119.524:4014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31108 comm="syz.4.10258" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf706e558 code=0x7ffc0000 [ 1031.416062][ T30] audit: type=1326 audit(1750365119.524:4015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31108 comm="syz.4.10258" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf706e558 code=0x7ffc0000 [ 1031.518695][ T30] audit: type=1326 audit(1750365119.524:4016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31108 comm="syz.4.10258" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e539 code=0x7ffc0000 [ 1031.605655][ T30] audit: type=1326 audit(1750365119.524:4017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31108 comm="syz.4.10258" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e539 code=0x7ffc0000 [ 1031.686815][ T30] audit: type=1326 audit(1750365119.524:4018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31108 comm="syz.4.10258" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf706e558 code=0x7ffc0000 [ 1031.880561][ T30] audit: type=1326 audit(1750365119.524:4019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31108 comm="syz.4.10258" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e539 code=0x7ffc0000 [ 1031.959913][ T30] audit: type=1326 audit(1750365119.524:4020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31108 comm="syz.4.10258" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf706e558 code=0x7ffc0000 [ 1032.129798][T31133] netlink: 18 bytes leftover after parsing attributes in process `syz.2.10268'. [ 1032.151007][T31135] netlink: 'syz.1.10269': attribute type 5 has an invalid length. [ 1033.211556][T31175] syzkaller1: entered promiscuous mode [ 1033.237756][T31175] syzkaller1: entered allmulticast mode [ 1033.520414][ T24] usb 5-1: new high-speed USB device number 82 using dummy_hcd [ 1033.683926][ T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1033.699057][ T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1033.709182][ T24] usb 5-1: New USB device found, idVendor=054c, idProduct=024b, bcdDevice= 0.00 [ 1033.719285][ T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1033.731349][ T24] usb 5-1: config 0 descriptor?? [ 1034.186218][ T24] sony 0003:054C:024B.004F: unexpected long global item [ 1034.251000][ T24] sony 0003:054C:024B.004F: parse failed [ 1034.257045][ T24] sony 0003:054C:024B.004F: probe with driver sony failed with error -22 [ 1034.408688][ T5924] usb 5-1: USB disconnect, device number 82 [ 1034.706707][T31228] syzkaller1: entered promiscuous mode [ 1034.728965][T31228] syzkaller1: entered allmulticast mode [ 1035.046292][T31235] netlink: 44 bytes leftover after parsing attributes in process `syz.1.10314'. [ 1035.086093][T31235] netlink: 'syz.1.10314': attribute type 1 has an invalid length. [ 1036.300285][ T30] kauditd_printk_skb: 59 callbacks suppressed [ 1036.300305][ T30] audit: type=1326 audit(1750365124.584:4080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31274 comm="syz.4.10331" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e539 code=0x7ffc0000 [ 1036.444328][ T30] audit: type=1326 audit(1750365124.584:4081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31274 comm="syz.4.10331" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf706e558 code=0x7ffc0000 [ 1036.570459][ T30] audit: type=1326 audit(1750365124.584:4082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31274 comm="syz.4.10331" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e539 code=0x7ffc0000 [ 1036.700564][ T30] audit: type=1326 audit(1750365124.584:4083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31274 comm="syz.4.10331" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf706e558 code=0x7ffc0000 [ 1036.838612][ T30] audit: type=1326 audit(1750365124.584:4084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31274 comm="syz.4.10331" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e539 code=0x7ffc0000 [ 1037.010351][ T24] usb 3-1: new high-speed USB device number 72 using dummy_hcd [ 1037.068767][ T30] audit: type=1326 audit(1750365124.584:4085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31274 comm="syz.4.10331" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf706e558 code=0x7ffc0000 [ 1037.173686][ T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1037.193647][ T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1037.205100][ T30] audit: type=1326 audit(1750365124.584:4086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31274 comm="syz.4.10331" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e539 code=0x7ffc0000 [ 1037.229860][ T24] usb 3-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00 [ 1037.290231][ T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1037.377124][ T30] audit: type=1326 audit(1750365124.584:4087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31274 comm="syz.4.10331" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e539 code=0x7ffc0000 [ 1037.378421][ T24] usb 3-1: config 0 descriptor?? [ 1037.496023][ T30] audit: type=1326 audit(1750365124.584:4088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31274 comm="syz.4.10331" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf706e558 code=0x7ffc0000 [ 1037.591774][ T30] audit: type=1326 audit(1750365124.584:4089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31274 comm="syz.4.10331" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e539 code=0x7ffc0000 [ 1038.014441][ T24] cp2112 0003:10C4:EA90.0050: unknown main item tag 0x0 [ 1038.038113][ T24] cp2112 0003:10C4:EA90.0050: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.2-1/input0 [ 1038.212363][ T24] cp2112 0003:10C4:EA90.0050: Part Number: 0x82 Device Version: 0xFE [ 1038.229344][ T5924] usb 5-1: new high-speed USB device number 83 using dummy_hcd [ 1038.393942][ T5924] usb 5-1: Using ep0 maxpacket: 8 [ 1038.408740][ T5924] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 1038.433364][ T5924] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 1038.460337][ T5924] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 1038.510680][ T5924] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 1038.530546][ T5924] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1038.564383][ T5924] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 1038.586011][ T5924] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1038.622181][ T24] cp2112 0003:10C4:EA90.0050: error setting SMBus config [ 1038.653285][ T24] cp2112 0003:10C4:EA90.0050: probe with driver cp2112 failed with error -71 [ 1038.711430][ T24] usb 3-1: USB disconnect, device number 72 [ 1038.887767][ T5924] usb 5-1: usb_control_msg returned -32 [ 1038.904402][ T5924] usbtmc 5-1:16.0: can't read capabilities [ 1039.203747][T31326] netlink: 4 bytes leftover after parsing attributes in process `syz.7.10354'. [ 1039.494633][ T24] usb 5-1: USB disconnect, device number 83 [ 1040.109025][T31357] vcan0: tx drop: invalid sa for name 0x0000000040000000 [ 1040.616157][T31370] syzkaller1: entered promiscuous mode [ 1040.624131][T31370] syzkaller1: entered allmulticast mode [ 1041.221706][T28161] Bluetooth: hci3: command 0x0406 tx timeout [ 1042.264263][T31420] input: syz1 as /devices/virtual/input/input96 [ 1042.694896][T31436] netlink: 'syz.6.10404': attribute type 2 has an invalid length. [ 1045.510485][ T5924] usb 3-1: new high-speed USB device number 73 using dummy_hcd [ 1045.681866][ T5924] usb 3-1: Using ep0 maxpacket: 8 [ 1045.699483][ T5924] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1045.724446][ T5924] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 1045.734904][ T5924] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1045.765398][ T5924] usb 3-1: config 0 descriptor?? [ 1046.032886][ T5924] iowarrior 3-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 1046.052063][T31564] sctp: [Deprecated]: syz.1.10456 (pid 31564) Use of int in maxseg socket option. [ 1046.052063][T31564] Use struct sctp_assoc_value instead [ 1046.080307][T31565] sctp: [Deprecated]: syz.6.10455 (pid 31565) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1046.080307][T31565] Use struct sctp_sack_info instead [ 1046.114785][T31568] netlink: 4 bytes leftover after parsing attributes in process `syz.7.10457'. [ 1046.155056][T31568] netlink: 4 bytes leftover after parsing attributes in process `syz.7.10457'. [ 1046.326637][T16127] usb 3-1: USB disconnect, device number 73 [ 1046.985014][T31601] netlink: 4 bytes leftover after parsing attributes in process `syz.6.10467'. [ 1047.008214][T31601] netlink: 4 bytes leftover after parsing attributes in process `syz.6.10467'. [ 1047.039549][T31603] netlink: 'syz.2.10468': attribute type 1 has an invalid length. [ 1047.075049][T31603] netlink: 'syz.2.10468': attribute type 2 has an invalid length. [ 1047.102727][T31603] netlink: 12 bytes leftover after parsing attributes in process `syz.2.10468'. [ 1047.187059][T31607] netlink: 28 bytes leftover after parsing attributes in process `syz.4.10470'. [ 1047.201049][T31607] netlink: 'syz.4.10470': attribute type 7 has an invalid length. [ 1047.209428][T31607] netlink: 'syz.4.10470': attribute type 8 has an invalid length. [ 1047.219382][T31607] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10470'. [ 1047.347861][T31607] erspan0: entered promiscuous mode [ 1047.387891][T31607] erspan0: left promiscuous mode [ 1047.686512][T31624] syzkaller1: entered promiscuous mode [ 1047.700919][T31624] syzkaller1: entered allmulticast mode [ 1049.609983][T31695] gre0: entered allmulticast mode [ 1049.623516][T31694] gre0: left allmulticast mode [ 1049.706099][T31699] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10509'. [ 1049.718298][T31699] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10509'. [ 1049.728938][T31699] netlink: 104 bytes leftover after parsing attributes in process `syz.1.10509'. [ 1050.601941][ T24] usb 3-1: new high-speed USB device number 74 using dummy_hcd [ 1050.790016][ T24] usb 3-1: too many configurations: 9, using maximum allowed: 8 [ 1050.800007][ T24] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1050.815843][ T24] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1050.828648][ T24] usb 3-1: config 0 interface 0 has no altsetting 0 [ 1050.842535][ T24] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1050.854628][ T24] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1050.866812][ T24] usb 3-1: config 0 interface 0 has no altsetting 0 [ 1050.877796][ T24] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1050.888490][ T24] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1050.904926][ T24] usb 3-1: config 0 interface 0 has no altsetting 0 [ 1050.915015][ T24] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1050.927267][ T24] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1050.939776][ T24] usb 3-1: config 0 interface 0 has no altsetting 0 [ 1050.947842][ T24] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1050.957137][ T24] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1050.968172][ T24] usb 3-1: config 0 interface 0 has no altsetting 0 [ 1050.977385][ T24] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1050.987771][ T24] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1051.003759][ T24] usb 3-1: config 0 interface 0 has no altsetting 0 [ 1051.031701][ T24] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1051.051494][ T24] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1051.062960][ T24] usb 3-1: config 0 interface 0 has no altsetting 0 [ 1051.071129][ T24] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1051.080180][ T24] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1051.094681][ T24] usb 3-1: config 0 interface 0 has no altsetting 0 [ 1051.103741][ T24] usb 3-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 1051.113175][ T24] usb 3-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 1051.124147][ T24] usb 3-1: Product: syz [ 1051.128409][ T24] usb 3-1: Manufacturer: syz [ 1051.133265][ T24] usb 3-1: SerialNumber: syz [ 1051.149845][ T24] usb 3-1: config 0 descriptor?? [ 1051.169749][ T24] yurex 3-1:0.0: USB YUREX device now attached to Yurex #0 [ 1051.448916][ C1] usb 3-1: yurex_control_callback - control failed: -2 [ 1051.484461][T31746] IPVS: Scheduler module ip_vs_ not found [ 1051.517737][T24464] usb 3-1: USB disconnect, device number 74 [ 1051.545799][T24464] yurex 3-1:0.0: USB YUREX #0 now disconnected [ 1052.044683][T31774] __nla_validate_parse: 1 callbacks suppressed [ 1052.044706][T31774] netlink: 8 bytes leftover after parsing attributes in process `syz.4.10540'. [ 1052.065901][T31774] netlink: 12 bytes leftover after parsing attributes in process `syz.4.10540'. [ 1052.379688][T31785] netlink: 16 bytes leftover after parsing attributes in process `syz.7.10545'. [ 1053.186490][T31818] input: syz1 as /devices/virtual/input/input97 [ 1053.462983][T31826] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 1053.470332][T31826] IPv6: NLM_F_CREATE should be set when creating new route [ 1053.559351][T31827] netlink: 14528 bytes leftover after parsing attributes in process `syz.1.10564'. [ 1054.003632][T31845] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:2 [ 1054.513587][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1054.520052][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1056.893046][ T30] kauditd_printk_skb: 209 callbacks suppressed [ 1056.893067][ T30] audit: type=1326 audit(1750365145.194:4299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31932 comm="syz.1.10610" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf708e558 code=0x7ffc0000 [ 1056.953778][ T30] audit: type=1326 audit(1750365145.224:4300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31932 comm="syz.1.10610" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf708e558 code=0x7ffc0000 [ 1057.063907][ T30] audit: type=1326 audit(1750365145.224:4301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31932 comm="syz.1.10610" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf708e558 code=0x7ffc0000 [ 1057.112070][T31942] sch_tbf: burst 32855 is lower than device lo mtu (65550) ! [ 1057.119651][ T30] audit: type=1326 audit(1750365145.224:4302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31932 comm="syz.1.10610" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf708e558 code=0x7ffc0000 [ 1057.225955][ T30] audit: type=1326 audit(1750365145.224:4303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31932 comm="syz.1.10610" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf708e558 code=0x7ffc0000 [ 1057.416511][ T30] audit: type=1326 audit(1750365145.224:4304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31932 comm="syz.1.10610" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf708e558 code=0x7ffc0000 [ 1057.531407][ T30] audit: type=1326 audit(1750365145.224:4305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31932 comm="syz.1.10610" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf708e558 code=0x7ffc0000 [ 1057.700379][ T30] audit: type=1326 audit(1750365145.224:4306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31932 comm="syz.1.10610" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf708e558 code=0x7ffc0000 [ 1057.794853][ T30] audit: type=1326 audit(1750365145.224:4307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31932 comm="syz.1.10610" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf708e558 code=0x7ffc0000 [ 1057.925569][ T30] audit: type=1326 audit(1750365145.224:4308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31932 comm="syz.1.10610" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e539 code=0x7ffc0000 [ 1057.947864][ C1] vkms_vblank_simulate: vblank timer overrun [ 1058.416487][T31957] pim6reg1: entered promiscuous mode [ 1058.434771][T31957] pim6reg1: entered allmulticast mode [ 1058.797075][T31972] netlink: 'syz.1.10627': attribute type 11 has an invalid length. [ 1062.286842][T32074] netlink: 4 bytes leftover after parsing attributes in process `syz.2.10668'. [ 1062.298841][T32074] netlink: 452 bytes leftover after parsing attributes in process `syz.2.10668'. [ 1062.308835][T32074] netlink: 452 bytes leftover after parsing attributes in process `syz.2.10668'. [ 1062.487499][T32078] netlink: 4 bytes leftover after parsing attributes in process `syz.2.10670'. [ 1062.941491][T32095] fuse: Bad value for 'fd' [ 1064.900304][ T5852] Bluetooth: hci0: command 0x0c1a tx timeout [ 1064.905515][T32090] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 1065.127782][T32105] binder: 32104:32105 ioctl c0306201 80000540 returned -22 [ 1065.198891][T32107] netlink: 4 bytes leftover after parsing attributes in process `syz.6.10683'. [ 1065.544351][T32117] netlink: 'syz.6.10688': attribute type 3 has an invalid length. [ 1065.552839][T32117] netlink: 8 bytes leftover after parsing attributes in process `syz.6.10688'. [ 1065.798611][T32090] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1065.805820][T32090] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 1065.813513][T32090] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1065.819530][T32090] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 1066.130447][T32131] syzkaller1: entered promiscuous mode [ 1066.136107][T32131] syzkaller1: entered allmulticast mode [ 1066.935284][T32164] tun0: tun_chr_ioctl cmd 1074025675 [ 1066.943535][T32164] tun0: persist enabled [ 1066.948995][T32164] tun0: tun_chr_ioctl cmd 1074025675 [ 1066.957143][T32164] tun0: persist disabled [ 1066.980498][ T5852] Bluetooth: hci4: command 0x0406 tx timeout [ 1067.860309][ T5852] Bluetooth: hci3: command 0x0406 tx timeout [ 1068.074503][T32191] lo: entered promiscuous mode [ 1068.094205][T32191] lo: entered allmulticast mode [ 1068.102879][T32188] lo: left allmulticast mode [ 1068.108583][T32188] lo: left promiscuous mode [ 1068.308117][T32199] binder: 32198:32199 ioctl c0306201 800003c0 returned -14 [ 1068.600243][T16127] usb 3-1: new high-speed USB device number 75 using dummy_hcd [ 1068.751258][T16127] usb 3-1: too many configurations: 9, using maximum allowed: 8 [ 1068.773129][T16127] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1068.787077][T16127] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1068.799258][T16127] usb 3-1: config 0 interface 0 has no altsetting 0 [ 1068.807476][T16127] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1068.820438][T16127] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1068.831711][T16127] usb 3-1: config 0 interface 0 has no altsetting 0 [ 1068.840913][T16127] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1068.849879][T16127] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1068.880782][T16127] usb 3-1: config 0 interface 0 has no altsetting 0 [ 1068.888849][T16127] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1068.898426][T16127] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1068.910384][T16127] usb 3-1: config 0 interface 0 has no altsetting 0 [ 1068.918192][T16127] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1068.943679][T16127] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1068.970468][T16127] usb 3-1: config 0 interface 0 has no altsetting 0 [ 1068.983677][T16127] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1068.993200][T16127] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1069.004939][T16127] usb 3-1: config 0 interface 0 has no altsetting 0 [ 1069.015077][T16127] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1069.024564][T16127] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1069.036792][T16127] usb 3-1: config 0 interface 0 has no altsetting 0 [ 1069.045696][T16127] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1069.063357][ T5852] Bluetooth: hci4: command 0x0406 tx timeout [ 1069.065165][T16127] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1069.095108][T16127] usb 3-1: config 0 interface 0 has no altsetting 0 [ 1069.122992][T16127] usb 3-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 1069.142331][T16127] usb 3-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 1069.180193][T16127] usb 3-1: Product: syz [ 1069.189512][T16127] usb 3-1: Manufacturer: syz [ 1069.199218][T16127] usb 3-1: SerialNumber: syz [ 1069.216583][T16127] usb 3-1: config 0 descriptor?? [ 1069.230892][T16127] yurex 3-1:0.0: USB YUREX device now attached to Yurex #0 [ 1069.646902][ C0] usb 3-1: yurex_control_callback - control failed: -71 [ 1069.656421][T16127] usb 3-1: USB disconnect, device number 75 [ 1069.664920][T32230] yurex 3-1:0.0: yurex_write - failed to send bulk msg, error -19 [ 1069.678017][T16127] yurex 3-1:0.0: USB YUREX #0 now disconnected [ 1069.809750][T32237] netlink: 8 bytes leftover after parsing attributes in process `syz.4.10740'. [ 1069.943108][ T5852] Bluetooth: hci3: command 0x0406 tx timeout [ 1070.255015][T32249] netlink: 44 bytes leftover after parsing attributes in process `syz.4.10747'. [ 1070.281067][T32249] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10747'. [ 1070.846225][T32270] IPVS: sh: UDP 224.0.0.2:0 - no destination available [ 1070.910300][T16127] usb 5-1: new low-speed USB device number 84 using dummy_hcd [ 1071.076019][T16127] usb 5-1: config 179 has an invalid interface number: 65 but max is 0 [ 1071.103046][T16127] usb 5-1: config 179 has no interface number 0 [ 1071.120661][T16127] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 10 [ 1071.133091][T16127] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 8 [ 1071.150395][T16127] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 10 [ 1071.162841][T16127] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 45824, setting to 8 [ 1071.174303][T16127] usb 5-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 1071.187760][T16127] usb 5-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 1071.197027][T16127] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1071.223005][T32264] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 1071.230505][T32264] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 1071.507874][T16127] usb 5-1: USB disconnect, device number 84 [ 1071.507941][ C0] xpad 5-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 1071.507990][ C0] xpad 5-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 1072.200014][T32303] netlink: 44 bytes leftover after parsing attributes in process `syz.1.10771'. [ 1072.209294][T32303] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10771'. [ 1072.510560][T32314] netlink: 'syz.2.10777': attribute type 11 has an invalid length. [ 1073.276805][T32322] pimreg: entered allmulticast mode [ 1073.320689][T32322] pimreg: left allmulticast mode [ 1073.550523][T16127] usb 5-1: new high-speed USB device number 85 using dummy_hcd [ 1073.725304][T16127] usb 5-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36 [ 1073.750342][T16127] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1073.769435][T16127] usb 5-1: Product: syz [ 1073.779216][T16127] usb 5-1: Manufacturer: syz [ 1073.789577][T16127] usb 5-1: SerialNumber: syz [ 1073.802744][T16127] usb 5-1: config 0 descriptor?? [ 1073.825905][T16127] ch341 5-1:0.0: ch341-uart converter detected [ 1073.993767][T32353] openvswitch: netlink: IPv4 tun info is not correct [ 1074.066871][T32355] syzkaller1: entered promiscuous mode [ 1074.074568][T32355] syzkaller1: entered allmulticast mode [ 1074.270273][T32362] netlink: 212376 bytes leftover after parsing attributes in process `syz.7.10799'. [ 1074.834881][T16127] usb 5-1: failed to send control message: -71 [ 1074.846982][T16127] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71 [ 1074.870709][T16127] usb 5-1: USB disconnect, device number 85 [ 1074.888656][T16127] ch341 5-1:0.0: device disconnected [ 1075.680988][T16127] usb 3-1: new full-speed USB device number 76 using dummy_hcd [ 1075.844501][T16127] usb 3-1: config 0 has an invalid interface number: 56 but max is 0 [ 1075.864373][T16127] usb 3-1: config 0 has no interface number 0 [ 1075.885412][T16127] usb 3-1: New USB device found, idVendor=0b48, idProduct=3007, bcdDevice=4f.64 [ 1075.901682][T16127] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1075.920521][T16127] usb 3-1: Product: syz [ 1075.927223][T16127] usb 3-1: Manufacturer: syz [ 1075.939587][T16127] usb 3-1: SerialNumber: syz [ 1075.956008][T16127] usb 3-1: config 0 descriptor?? [ 1075.971716][T16127] dvb-usb: found a 'Technotrend TT Connect S2-3600' in warm state. [ 1075.989999][T16127] pctv452e: pctv452e_power_ctrl: 1 [ 1075.989999][T16127] [ 1076.000731][T16127] pctv452e: pctv452e_power_ctrl: Warning set interface returned: -22 [ 1076.000731][T16127] [ 1076.023102][T16127] dvb-usb: bulk message failed: -22 (5/0) [ 1076.051034][T16127] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 1076.068814][T16127] dvb-usb: Technotrend TT Connect S2-3600 error while loading driver (-19) [ 1076.188596][T16127] usb 3-1: USB disconnect, device number 76 [ 1076.618344][T32432] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 1076.881787][T32440] sctp: [Deprecated]: syz.2.10834 (pid 32440) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1076.881787][T32440] Use struct sctp_sack_info instead [ 1076.970457][ T5924] usb 5-1: new high-speed USB device number 86 using dummy_hcd [ 1077.150741][ T5924] usb 5-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 1077.166909][ T5924] usb 5-1: config 0 interface 0 has no altsetting 0 [ 1077.186419][ T5924] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 1077.197707][ T5924] usb 5-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 1077.209995][ T5924] usb 5-1: Product: syz [ 1077.214587][ T5924] usb 5-1: Manufacturer: syz [ 1077.219233][ T5924] usb 5-1: SerialNumber: syz [ 1077.235512][ T5924] usb 5-1: config 0 descriptor?? [ 1077.245456][ T5924] usb 5-1: selecting invalid altsetting 0 [ 1077.457268][T32453] netlink: 4 bytes leftover after parsing attributes in process `syz.6.10840'. [ 1077.498902][ T5924] usb 5-1: USB disconnect, device number 86 [ 1077.673411][T32460] netlink: 16402 bytes leftover after parsing attributes in process `syz.6.10842'. [ 1077.688093][T32457] netlink: 16402 bytes leftover after parsing attributes in process `syz.6.10842'. [ 1077.819701][T32462] netlink: 8 bytes leftover after parsing attributes in process `syz.7.10844'. [ 1078.511675][T16127] usb 3-1: new high-speed USB device number 77 using dummy_hcd [ 1078.697319][T16127] usb 3-1: Using ep0 maxpacket: 32 [ 1078.717767][T16127] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1078.740581][T16127] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1078.758715][T16127] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 1078.775218][T16127] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1078.804789][T16127] usb 3-1: config 0 descriptor?? [ 1079.256259][T16127] savu 0003:1E7D:2D5A.0051: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.2-1/input0 [ 1079.562771][ T5924] usb 3-1: USB disconnect, device number 77 [ 1080.435495][T32549] ALSA: mixer_oss: invalid OSS volume '' [ 1081.244022][T32567] netlink: 40 bytes leftover after parsing attributes in process `syz.7.10882'. [ 1081.332661][T32568] netlink: 40 bytes leftover after parsing attributes in process `syz.7.10882'. [ 1081.363799][T18309] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1081.598603][T18309] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1081.741856][T18309] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1081.915921][T18309] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1082.090667][T32579] netlink: 4 bytes leftover after parsing attributes in process `syz.6.10888'. [ 1082.421407][T32587] syzkaller1: entered promiscuous mode [ 1082.455405][T32587] syzkaller1: entered allmulticast mode [ 1082.625143][T18309] bridge_slave_1: left allmulticast mode [ 1082.644344][T18309] bridge_slave_1: left promiscuous mode [ 1082.663903][T18309] bridge0: port 2(bridge_slave_1) entered disabled state [ 1082.705342][T18309] bridge_slave_0: left allmulticast mode [ 1082.716454][T18309] bridge_slave_0: left promiscuous mode [ 1082.749190][T28161] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 1082.764963][T18309] bridge0: port 1(bridge_slave_0) entered disabled state [ 1082.775633][T28161] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 1082.787129][T28161] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 1082.798323][T28161] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 1082.807730][T28161] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 1083.096827][ T30] kauditd_printk_skb: 774 callbacks suppressed [ 1083.096848][ T30] audit: type=1326 audit(1750365171.394:5083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32604 comm="syz.6.10897" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 1083.214956][ T30] audit: type=1326 audit(1750365171.394:5084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32604 comm="syz.6.10897" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70be558 code=0x7ffc0000 [ 1083.247869][ T30] audit: type=1326 audit(1750365171.394:5085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32604 comm="syz.6.10897" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70be558 code=0x7ffc0000 [ 1083.287498][ T30] audit: type=1326 audit(1750365171.394:5086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32604 comm="syz.6.10897" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 1083.332763][ T30] audit: type=1326 audit(1750365171.394:5087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32604 comm="syz.6.10897" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70be558 code=0x7ffc0000 [ 1083.340484][ T5931] usb 5-1: new high-speed USB device number 87 using dummy_hcd [ 1083.441094][ T30] audit: type=1326 audit(1750365171.404:5088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32604 comm="syz.6.10897" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70be558 code=0x7ffc0000 [ 1083.486965][ T30] audit: type=1326 audit(1750365171.404:5089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32604 comm="syz.6.10897" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70be558 code=0x7ffc0000 [ 1083.563574][ T30] audit: type=1326 audit(1750365171.404:5090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32604 comm="syz.6.10897" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70be558 code=0x7ffc0000 [ 1083.590278][ T30] audit: type=1326 audit(1750365171.404:5091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32604 comm="syz.6.10897" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70be558 code=0x7ffc0000 [ 1083.647764][ T30] audit: type=1326 audit(1750365171.404:5092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32604 comm="syz.6.10897" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70be558 code=0x7ffc0000 [ 1083.681919][ T5931] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1083.699622][ T5931] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1083.713473][ T5931] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 1083.733815][ T5931] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1083.760433][ T5931] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1083.799007][ T5931] usb 5-1: config 0 descriptor?? [ 1084.002095][T18309] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1084.061196][T18309] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1084.090974][T18309] bond0 (unregistering): Released all slaves [ 1084.137548][T32621] input: syz1 as /devices/virtual/input/input99 [ 1084.256626][ T5931] plantronics 0003:047F:FFFF.0052: No inputs registered, leaving [ 1084.397286][ T5931] plantronics 0003:047F:FFFF.0052: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 1084.440433][T32627] tun0: tun_chr_ioctl cmd 1074025675 [ 1084.445894][T32627] tun0: persist enabled [ 1084.484858][T32629] tun0: tun_chr_ioctl cmd 1074025675 [ 1084.500620][T32629] tun0: persist enabled [ 1084.642896][ T5931] usb 5-1: USB disconnect, device number 87 [ 1084.900595][T28161] Bluetooth: hci3: command tx timeout [ 1085.811459][T32605] chnl_net:caif_netlink_parms(): no params data found [ 1086.029441][T18309] hsr_slave_0: left promiscuous mode [ 1086.047952][T18309] hsr_slave_1: left promiscuous mode [ 1086.058834][T18309] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1086.093538][T18309] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1086.118647][T18309] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1086.142513][T18309] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1086.277808][T18309] batadv_slave_1: left allmulticast mode [ 1086.301237][T18309] batadv_slave_1: left promiscuous mode [ 1086.307016][T18309] veth1_macvtap: left promiscuous mode [ 1086.340965][T18309] veth0_macvtap: left promiscuous mode [ 1086.346738][T18309] veth1_vlan: left promiscuous mode [ 1086.376780][T18309] veth0_vlan: left promiscuous mode [ 1086.659989][T32691] ALSA: mixer_oss: invalid OSS volume '' [ 1086.980232][T28161] Bluetooth: hci3: command tx timeout [ 1088.505796][T18309] team0 (unregistering): Port device team_slave_1 removed [ 1088.645374][T18309] team0 (unregistering): Port device team_slave_0 removed [ 1089.070439][T28161] Bluetooth: hci3: command tx timeout [ 1089.201519][ T30] kauditd_printk_skb: 109 callbacks suppressed [ 1089.201539][ T30] audit: type=1326 audit(1750365177.504:5202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32719 comm="syz.4.10939" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf706e539 code=0x0 [ 1089.798291][T32706] netlink: 40 bytes leftover after parsing attributes in process `syz.6.10932'. [ 1089.807824][T32706] netlink: 40 bytes leftover after parsing attributes in process `syz.6.10932'. [ 1090.259741][T32737] netlink: 4 bytes leftover after parsing attributes in process `syz.6.10942'. [ 1090.383505][T32737] (unnamed net_device) (uninitialized): Invalid ad_actor_system MAC address. [ 1090.392957][T32737] (unnamed net_device) (uninitialized): option ad_actor_system: invalid value (4294967295) [ 1090.483498][T32605] bridge0: port 1(bridge_slave_0) entered blocking state [ 1090.492404][T32605] bridge0: port 1(bridge_slave_0) entered disabled state [ 1090.549861][T32605] bridge_slave_0: entered allmulticast mode [ 1090.561624][T32605] bridge_slave_0: entered promiscuous mode [ 1090.579512][T32605] bridge0: port 2(bridge_slave_1) entered blocking state [ 1090.589297][T32605] bridge0: port 2(bridge_slave_1) entered disabled state [ 1090.608332][T32605] bridge_slave_1: entered allmulticast mode [ 1090.617510][T32605] bridge_slave_1: entered promiscuous mode [ 1090.912877][T32605] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1090.962664][T32605] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1091.142523][T28161] Bluetooth: hci3: command tx timeout [ 1091.218510][T32605] team0: Port device team_slave_0 added [ 1091.246149][T32605] team0: Port device team_slave_1 added [ 1091.487275][T32605] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1091.526879][T32605] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1091.621648][T32605] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1091.657658][T18309] IPVS: stop unused estimator thread 0... [ 1091.669266][T32605] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1091.694639][T32605] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1091.770320][T32605] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1092.069792][T32605] hsr_slave_0: entered promiscuous mode [ 1092.089206][T32605] hsr_slave_1: entered promiscuous mode [ 1092.105302][T32605] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1092.130590][T32605] Cannot create hsr debugfs directory [ 1092.819353][T32674] Set syz1 is full, maxelem 65536 reached [ 1093.708271][T32605] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1093.752852][T32605] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 1093.784251][T32605] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 1093.846265][T32605] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 1094.149445][T32605] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1094.193558][T32605] 8021q: adding VLAN 0 to HW filter on device team0 [ 1094.223780][ T77] bridge0: port 1(bridge_slave_0) entered blocking state [ 1094.231125][ T77] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1094.283224][ T59] bridge0: port 2(bridge_slave_1) entered blocking state [ 1094.290503][ T59] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1094.435087][T32605] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1094.563476][T32605] veth0_vlan: entered promiscuous mode [ 1094.598966][T32605] veth1_vlan: entered promiscuous mode [ 1094.665725][T32605] veth0_macvtap: entered promiscuous mode [ 1094.703716][T32605] veth1_macvtap: entered promiscuous mode [ 1094.768053][T32605] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1094.817230][T32605] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1094.848158][T32605] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1094.880219][T32605] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1094.910304][T32605] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1094.940676][T32605] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1095.174526][ T3458] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1095.205983][ T3458] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1095.297430][ T77] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1095.317923][ T77] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1095.727580][ T414] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10982'. [ 1099.521780][ T30] audit: type=1326 audit(1750365187.824:5203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=530 comm="syz.6.11014" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70be558 code=0x7ffc0000 [ 1099.640301][ T30] audit: type=1326 audit(1750365187.844:5204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=530 comm="syz.6.11014" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70be558 code=0x7ffc0000 [ 1099.751979][ T30] audit: type=1326 audit(1750365187.844:5205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=530 comm="syz.6.11014" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 1099.774026][ C0] vkms_vblank_simulate: vblank timer overrun [ 1099.904305][ T30] audit: type=1326 audit(1750365187.844:5206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=530 comm="syz.6.11014" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 1099.926345][ C0] vkms_vblank_simulate: vblank timer overrun [ 1100.070864][ T30] audit: type=1326 audit(1750365187.854:5207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=530 comm="syz.6.11014" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70be558 code=0x7ffc0000 [ 1100.093085][ C0] vkms_vblank_simulate: vblank timer overrun [ 1100.127687][ T543] syzkaller1: entered promiscuous mode [ 1100.140308][ T543] syzkaller1: entered allmulticast mode [ 1100.188777][ T30] audit: type=1326 audit(1750365187.854:5208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=530 comm="syz.6.11014" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70be558 code=0x7ffc0000 [ 1100.211140][ C0] vkms_vblank_simulate: vblank timer overrun [ 1100.280267][ T30] audit: type=1326 audit(1750365187.854:5209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=530 comm="syz.6.11014" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 1100.399560][ T30] audit: type=1326 audit(1750365187.864:5210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=530 comm="syz.6.11014" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70be558 code=0x7ffc0000 [ 1100.538988][ T30] audit: type=1326 audit(1750365187.864:5211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=530 comm="syz.6.11014" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 1100.561061][ C0] vkms_vblank_simulate: vblank timer overrun [ 1100.570479][ T30] audit: type=1326 audit(1750365187.864:5212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=530 comm="syz.6.11014" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70be558 code=0x7ffc0000 [ 1100.592487][ C0] vkms_vblank_simulate: vblank timer overrun [ 1101.170300][ T570] netlink: 212376 bytes leftover after parsing attributes in process `syz.2.11026'. [ 1101.744661][ T590] netlink: 4 bytes leftover after parsing attributes in process `syz.6.11032'. [ 1101.822493][ T5923] usb 5-1: new high-speed USB device number 88 using dummy_hcd [ 1101.898686][ T594] tipc: Started in network mode [ 1101.904231][ T594] tipc: Node identity aaaaaaaaaa41, cluster identity 4711 [ 1101.912355][ T594] tipc: Enabled bearer , priority 10 [ 1101.985867][ T5923] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1102.007325][ T5923] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1102.025733][ T596] syzkaller1: entered promiscuous mode [ 1102.032620][ T596] syzkaller1: entered allmulticast mode [ 1102.034084][ T5923] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 1102.055023][ T5923] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 1102.075849][ T598] input: syz0 as /devices/virtual/input/input100 [ 1102.077696][ T5923] usb 5-1: SerialNumber: syz [ 1102.092287][ T598] input: failed to attach handler leds to device input100, error: -6 [ 1102.351205][ T5923] usb 5-1: 0:2 : does not exist [ 1102.409106][ T5923] usb 5-1: USB disconnect, device number 88 [ 1102.504077][ T5841] udevd[5841]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1103.037912][T16127] tipc: Node number set to 15444650 [ 1103.520200][ T5931] usb 3-1: new high-speed USB device number 78 using dummy_hcd [ 1103.676082][ T5931] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 1103.700338][ T5931] usb 3-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 1103.710853][ T5931] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 1103.719885][ T5931] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 1103.731002][ T5931] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 1103.744032][ T5931] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 1103.753937][ T5931] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 1103.767436][ T5931] usb 3-1: Product: syz [ 1103.771721][ T5931] usb 3-1: Manufacturer: syz [ 1103.799980][ T5931] cdc_wdm 3-1:1.0: skipping garbage [ 1103.812405][ T5931] cdc_wdm 3-1:1.0: skipping garbage [ 1103.831460][ T5931] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device [ 1103.845617][ T5931] cdc_wdm 3-1:1.0: Unknown control protocol [ 1104.227482][ T652] syzkaller1: entered promiscuous mode [ 1104.244546][ T652] syzkaller1: entered allmulticast mode [ 1104.271711][ T655] netlink: 28 bytes leftover after parsing attributes in process `syz.4.11063'. [ 1104.300920][ T655] netlink: 'syz.4.11063': attribute type 7 has an invalid length. [ 1104.308857][ T655] netlink: 'syz.4.11063': attribute type 8 has an invalid length. [ 1104.323520][ T655] netlink: 8 bytes leftover after parsing attributes in process `syz.4.11063'. [ 1104.657924][T16127] usb 3-1: USB disconnect, device number 78 [ 1104.892990][ T672] netlink: 4 bytes leftover after parsing attributes in process `syz.7.11070'. [ 1105.156591][ T682] syzkaller1: entered promiscuous mode [ 1105.166977][ T682] syzkaller1: entered allmulticast mode [ 1107.550539][ T5924] usb 5-1: new high-speed USB device number 89 using dummy_hcd [ 1107.713124][ T5924] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1107.753037][ T5924] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1107.778065][ T5924] usb 5-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00 [ 1107.808104][ T5924] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1107.829791][ T5924] usb 5-1: config 0 descriptor?? [ 1108.292573][ T738] program syz.6.11099 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1108.912223][ T748] netlink: 'syz.6.11104': attribute type 30 has an invalid length. [ 1108.937114][ T5924] usb 5-1: USB disconnect, device number 89 [ 1108.943860][ T748] netlink: 20 bytes leftover after parsing attributes in process `syz.6.11104'. [ 1108.957939][ T748] bond0: option arp_missed_max: invalid value (0) [ 1108.968038][ T748] bond0: option arp_missed_max: allowed values 1 - 255 [ 1109.101747][ T750] input: syz0 as /devices/virtual/input/input101 [ 1109.514425][ T758] netlink: 8 bytes leftover after parsing attributes in process `syz.6.11108'. [ 1109.711161][ T762] tipc: Started in network mode [ 1109.716113][ T762] tipc: Node identity ac1414aa, cluster identity 4711 [ 1109.764294][ T762] tipc: Enabled bearer , priority 10 [ 1109.916696][ T767] input: syz0 as /devices/virtual/input/input102 [ 1109.937647][ T767] input: failed to attach handler leds to device input102, error: -6 [ 1110.618728][T24464] hid-generic 0000:0003:0000.0054: unknown main item tag 0x0 [ 1110.660260][T24464] hid-generic 0000:0003:0000.0054: unknown main item tag 0x0 [ 1110.689934][T24464] hid-generic 0000:0003:0000.0054: hidraw0: HID v4000.00 Device [syz0] on syz1 [ 1110.880506][ T5923] tipc: Node number set to 2886997162 [ 1110.912777][ T793] fido_id[793]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 1111.105436][ T797] kvm: kvm [796]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010000) = 0x79a38c48ff000000 [ 1113.954424][ T694] Set syz1 is full, maxelem 65536 reached [ 1114.174636][ T866] netlink: 112 bytes leftover after parsing attributes in process `syz.2.11153'. [ 1114.850538][ T5931] usb 3-1: new high-speed USB device number 79 using dummy_hcd [ 1115.022069][ T5931] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1115.051531][ T5931] usb 3-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1115.120657][ T5931] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1115.129957][ T5931] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1115.150761][ T5931] usb 3-1: Product: syz [ 1115.155007][ T5931] usb 3-1: Manufacturer: syz [ 1115.159643][ T5931] usb 3-1: SerialNumber: syz [ 1115.196450][ T893] netlink: 212376 bytes leftover after parsing attributes in process `syz.1.11165'. [ 1115.948673][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1115.953525][ T915] syzkaller1: entered promiscuous mode [ 1115.955188][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1115.997826][ T915] syzkaller1: entered allmulticast mode [ 1116.266096][ T5931] cdc_ncm 3-1:1.0: bind() failure [ 1116.301143][ T5931] cdc_ncm 3-1:1.1: probe with driver cdc_ncm failed with error -71 [ 1116.327377][ T5931] cdc_mbim 3-1:1.1: probe with driver cdc_mbim failed with error -71 [ 1116.349651][ T5931] usbtest 3-1:1.1: probe with driver usbtest failed with error -71 [ 1116.392061][ T5931] usb 3-1: USB disconnect, device number 79 [ 1117.007750][ T948] netlink: 20 bytes leftover after parsing attributes in process `syz.4.11181'. [ 1117.045353][ T948] netlink: 20 bytes leftover after parsing attributes in process `syz.4.11181'. [ 1118.080440][ T969] vlan2: entered allmulticast mode [ 1118.106398][ T969] bond0: entered allmulticast mode [ 1118.122792][ T969] bond_slave_0: entered allmulticast mode [ 1118.149547][ T969] bond_slave_1: entered allmulticast mode [ 1118.436006][ T976] syzkaller1: entered promiscuous mode [ 1118.451527][ T976] syzkaller1: entered allmulticast mode [ 1120.304762][ T30] kauditd_printk_skb: 163 callbacks suppressed [ 1120.304779][ T30] audit: type=1326 audit(1750365208.604:5376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1023 comm="syz.1.11215" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e539 code=0x7ffc0000 [ 1120.491733][ T30] audit: type=1326 audit(1750365208.604:5377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1023 comm="syz.1.11215" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf708e558 code=0x7ffc0000 [ 1120.567197][ T30] audit: type=1326 audit(1750365208.604:5378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1023 comm="syz.1.11215" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e539 code=0x7ffc0000 [ 1120.590495][ C0] vkms_vblank_simulate: vblank timer overrun [ 1120.666180][ T30] audit: type=1326 audit(1750365208.604:5379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1023 comm="syz.1.11215" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e539 code=0x7ffc0000 [ 1120.770684][ T30] audit: type=1326 audit(1750365208.614:5380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1023 comm="syz.1.11215" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf708e558 code=0x7ffc0000 [ 1120.792839][ C0] vkms_vblank_simulate: vblank timer overrun [ 1120.864390][ T30] audit: type=1326 audit(1750365208.614:5381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1023 comm="syz.1.11215" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf708e558 code=0x7ffc0000 [ 1120.933937][ T1047] ICMPv6: Received fragmented ndisc packet. Carefully consider disabling suppress_frag_ndisc. [ 1120.965718][ T30] audit: type=1326 audit(1750365208.614:5382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1023 comm="syz.1.11215" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf708e558 code=0x7ffc0000 [ 1121.045440][ T30] audit: type=1326 audit(1750365208.614:5383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1023 comm="syz.1.11215" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf708e558 code=0x7ffc0000 [ 1121.166373][ T30] audit: type=1326 audit(1750365208.614:5384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1023 comm="syz.1.11215" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf708e558 code=0x7ffc0000 [ 1121.260284][ T30] audit: type=1326 audit(1750365208.614:5385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1023 comm="syz.1.11215" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf708e558 code=0x7ffc0000 [ 1122.130770][T16127] usb 5-1: new high-speed USB device number 90 using dummy_hcd [ 1122.285559][T16127] usb 5-1: config index 0 descriptor too short (expected 23569, got 27) [ 1122.298495][T16127] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1122.323091][T16127] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 1122.332960][T16127] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 1122.348514][T16127] usb 5-1: Manufacturer: syz [ 1122.360788][T16127] usb 5-1: config 0 descriptor?? [ 1122.490663][T16127] rc_core: IR keymap rc-hauppauge not found [ 1122.501798][T16127] Registered IR keymap rc-empty [ 1122.533760][T16127] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0 [ 1122.564529][T16127] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input103 [ 1122.623287][ C0] igorplugusb 5-1:0.0: Error: urb status = -32 [ 1122.651669][ T5931] usb 5-1: USB disconnect, device number 90 [ 1123.455000][ T1122] netlink: 212376 bytes leftover after parsing attributes in process `syz.1.11250'. [ 1123.496047][ T1124] netlink: 'syz.2.11251': attribute type 2 has an invalid length. [ 1123.504474][ T1124] netlink: 16 bytes leftover after parsing attributes in process `syz.2.11251'. [ 1123.814944][ T1136] syzkaller1: entered promiscuous mode [ 1123.843014][ T1136] syzkaller1: entered allmulticast mode [ 1125.789152][ T1198] netlink: 4 bytes leftover after parsing attributes in process `syz.4.11282'. [ 1125.805456][ T5833] usb 3-1: new high-speed USB device number 80 using dummy_hcd [ 1126.023103][ T5833] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1126.041272][ T5833] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 1126.060213][ T5833] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1126.085459][ T5833] usb 3-1: config 0 descriptor?? [ 1126.108598][ T5833] pwc: Askey VC010 type 2 USB webcam detected. [ 1126.269195][ T1214] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 1126.690750][ T5833] pwc: recv_control_msg error -32 req 02 val 2b00 [ 1126.714253][ T5833] pwc: recv_control_msg error -32 req 02 val 2700 [ 1126.725367][ T5833] pwc: recv_control_msg error -32 req 02 val 2c00 [ 1126.933547][ T5833] pwc: recv_control_msg error -71 req 04 val 1300 [ 1126.943698][ T5833] pwc: recv_control_msg error -71 req 04 val 1400 [ 1126.960233][ T5833] pwc: recv_control_msg error -71 req 02 val 2000 [ 1126.967440][ T5833] pwc: recv_control_msg error -71 req 02 val 2100 [ 1126.975228][ T5833] pwc: recv_control_msg error -71 req 04 val 1500 [ 1126.983324][ T5833] pwc: recv_control_msg error -71 req 02 val 2500 [ 1126.994725][ T5833] pwc: recv_control_msg error -71 req 02 val 2400 [ 1127.005207][ T5833] pwc: recv_control_msg error -71 req 02 val 2600 [ 1127.011922][ T1230] input: syz1 as /devices/virtual/input/input104 [ 1127.013293][ T5833] pwc: recv_control_msg error -71 req 02 val 2900 [ 1127.033858][ T5833] pwc: recv_control_msg error -71 req 02 val 2800 [ 1127.047589][ T5833] pwc: recv_control_msg error -71 req 04 val 1100 [ 1127.061349][ T5833] pwc: recv_control_msg error -71 req 04 val 1200 [ 1127.083885][ T5833] pwc: Registered as video103. [ 1127.101729][ T5833] input: PWC snapshot button as /devices/platform/dummy_hcd.2/usb3/3-1/input/input105 [ 1127.264254][ T5833] usb 3-1: USB disconnect, device number 80 [ 1127.438991][ T30] kauditd_printk_skb: 113 callbacks suppressed [ 1127.439004][ T30] audit: type=1326 audit(1750365215.734:5499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1236 comm="syz.7.11296" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf705e539 code=0x0 [ 1127.618192][ T30] audit: type=1326 audit(1750365215.914:5500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1240 comm="syz.6.11297" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 1127.760330][ T30] audit: type=1326 audit(1750365215.914:5501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1240 comm="syz.6.11297" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70be558 code=0x7ffc0000 [ 1127.823034][ T30] audit: type=1326 audit(1750365215.914:5502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1240 comm="syz.6.11297" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 1127.885056][ T30] audit: type=1326 audit(1750365215.914:5503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1240 comm="syz.6.11297" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 1127.941442][ T30] audit: type=1326 audit(1750365215.914:5504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1240 comm="syz.6.11297" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70be558 code=0x7ffc0000 [ 1128.007604][ T30] audit: type=1326 audit(1750365215.914:5505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1240 comm="syz.6.11297" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 1128.037409][ T30] audit: type=1326 audit(1750365215.914:5506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1240 comm="syz.6.11297" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 1128.075974][ T30] audit: type=1326 audit(1750365215.914:5507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1240 comm="syz.6.11297" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70be558 code=0x7ffc0000 [ 1128.155435][ T30] audit: type=1326 audit(1750365215.914:5508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1240 comm="syz.6.11297" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 1128.612838][ T1267] netlink: 8 bytes leftover after parsing attributes in process `syz.6.11307'. [ 1128.819851][ T1276] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11310'. [ 1129.719611][ T1306] kernel read not supported for file /eth0 (pid: 1306 comm: syz.6.11323) [ 1131.286254][ T1337] netlink: 212376 bytes leftover after parsing attributes in process `syz.6.11335'. [ 1131.907597][ T1346] loop2: detected capacity change from 0 to 7 [ 1131.938968][ T1346] Dev loop2: unable to read RDB block 7 [ 1131.957074][ T1346] loop2: unable to read partition table [ 1131.973930][ T1346] loop2: partition table beyond EOD, truncated [ 1131.992673][ T1346] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 1132.370294][ T5923] usb 5-1: new high-speed USB device number 91 using dummy_hcd [ 1132.541795][ T5923] usb 5-1: Using ep0 maxpacket: 32 [ 1132.554851][ T5923] usb 5-1: New USB device found, idVendor=06a2, idProduct=0003, bcdDevice=b4.8c [ 1132.580205][ T5923] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1132.610329][ T5923] usb 5-1: Product: syz [ 1132.619756][ T5923] usb 5-1: Manufacturer: syz [ 1132.635083][ T5923] usb 5-1: SerialNumber: syz [ 1132.654334][ T5923] usb 5-1: config 0 descriptor?? [ 1132.682234][ T5923] gspca_main: gspca_topro-2.14.0 probing 06a2:0003 [ 1133.123321][ T1360] syz_tun: entered allmulticast mode [ 1133.173980][ T1359] syz_tun: left allmulticast mode [ 1133.295675][ T1362] input: syz0 as /devices/virtual/input/input106 [ 1133.937583][ T5923] gspca_topro: reg_w err -71 [ 1133.980516][ T5923] gspca_topro: Sensor soi763a [ 1134.008886][ T5923] usb 5-1: USB disconnect, device number 91 [ 1137.058316][ T30] kauditd_printk_skb: 169 callbacks suppressed [ 1137.058335][ T30] audit: type=1326 audit(1750365225.354:5678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1432 comm="syz.2.11375" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70be539 code=0x0 [ 1138.319183][T18309] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1138.635482][T18309] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1138.925726][T18309] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1139.015861][ T5852] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1139.027640][ T5852] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1139.037392][ T5852] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1139.050007][ T5852] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1139.058857][ T5852] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1139.195029][T18309] bond0: (slave netdevsim0): Releasing backup interface [ 1139.225531][T18309] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1139.711052][T18309] vlan4: left promiscuous mode [ 1139.722507][T18309] bridge0: port 3(vlan4) entered disabled state [ 1139.805628][T18309] bridge_slave_1: left allmulticast mode [ 1139.822911][T18309] bridge_slave_1: left promiscuous mode [ 1139.846644][T18309] bridge0: port 2(bridge_slave_1) entered disabled state [ 1139.868217][T18309] bridge_slave_0: left promiscuous mode [ 1139.881074][T18309] bridge0: port 1(bridge_slave_0) entered disabled state [ 1140.397905][ T1492] netlink: 4 bytes leftover after parsing attributes in process `syz.1.11397'. [ 1140.632423][T18309] bridge0 (unregistering): left promiscuous mode [ 1140.833018][T18309] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1140.871182][T18309] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1140.889186][T18309] bond0 (unregistering): Released all slaves [ 1140.930563][ T1489] veth0: entered promiscuous mode [ 1140.958324][ T1492] veth0 (unregistering): left promiscuous mode [ 1141.135206][T18309] tipc: Disabling bearer [ 1141.151690][T18309] tipc: Left network mode [ 1141.165450][T28161] Bluetooth: hci1: command tx timeout [ 1141.320255][ T1458] chnl_net:caif_netlink_parms(): no params data found [ 1141.884657][ T1458] bridge0: port 1(bridge_slave_0) entered blocking state [ 1141.901567][ T1458] bridge0: port 1(bridge_slave_0) entered disabled state [ 1141.909220][ T1458] bridge_slave_0: entered allmulticast mode [ 1141.920420][ T1458] bridge_slave_0: entered promiscuous mode [ 1142.122320][ T1458] bridge0: port 2(bridge_slave_1) entered blocking state [ 1142.149501][ T1458] bridge0: port 2(bridge_slave_1) entered disabled state [ 1142.163773][ T1458] bridge_slave_1: entered allmulticast mode [ 1142.174820][ T1458] bridge_slave_1: entered promiscuous mode [ 1142.286657][T18309] hsr_slave_1: left promiscuous mode [ 1142.292664][T18309] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1142.310241][T18309] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1142.318464][T18309] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1142.337259][T18309] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1142.378592][T18309] veth1_macvtap: left promiscuous mode [ 1142.397776][T18309] veth0_macvtap: left promiscuous mode [ 1142.406920][T18309] veth1_vlan: left promiscuous mode [ 1142.412435][T18309] veth0_vlan: left promiscuous mode [ 1142.659222][T18309] pim6reg9 (unregistering): left allmulticast mode [ 1143.160310][ T1551] netlink: 88 bytes leftover after parsing attributes in process `syz.2.11414'. [ 1143.194413][ T1551] netlink: 48 bytes leftover after parsing attributes in process `syz.2.11414'. [ 1143.230476][T28161] Bluetooth: hci1: command tx timeout [ 1143.865309][T18309] team_slave_1 (unregistering): left promiscuous mode [ 1143.883123][T18309] team0 (unregistering): Port device team_slave_1 removed [ 1143.935670][T18309] team_slave_0 (unregistering): left promiscuous mode [ 1143.948376][T18309] team0 (unregistering): Port device team_slave_0 removed [ 1144.427304][ T1458] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1144.476383][ T1458] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1144.685341][ T1458] team0: Port device team_slave_0 added [ 1144.727129][ T1458] team0: Port device team_slave_1 added [ 1144.744360][ T1573] bridge_slave_0: left allmulticast mode [ 1144.751073][ T1573] bridge_slave_0: left promiscuous mode [ 1144.768440][ T1573] bridge0: port 1(bridge_slave_0) entered disabled state [ 1144.783982][ T1573] bridge_slave_1: left allmulticast mode [ 1144.822015][ T1573] bridge_slave_1: left promiscuous mode [ 1144.827904][ T1573] bridge0: port 2(bridge_slave_1) entered disabled state [ 1144.915614][ T1573] bond0: (slave bond_slave_0): Releasing backup interface [ 1144.962541][ T1573] bond0: (slave bond_slave_1): Releasing backup interface [ 1144.994209][ T1573] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1145.032067][ T1573] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1145.171155][ T1458] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1145.178727][ T1458] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1145.204688][ C0] vkms_vblank_simulate: vblank timer overrun [ 1145.280363][ T1458] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1145.310198][T28161] Bluetooth: hci1: command tx timeout [ 1145.323294][ T1458] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1145.353917][ T1458] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1145.409472][ T1458] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1145.762004][T18309] IPVS: stop unused estimator thread 0... [ 1145.771666][ T1458] hsr_slave_0: entered promiscuous mode [ 1145.810543][ T1458] hsr_slave_1: entered promiscuous mode [ 1145.834561][ T1458] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1145.858581][ T1604] netlink: 4 bytes leftover after parsing attributes in process `syz.6.11430'. [ 1145.863089][ T1458] Cannot create hsr debugfs directory [ 1146.314059][ T1615] syzkaller1: entered promiscuous mode [ 1146.334348][ T1615] syzkaller1: entered allmulticast mode [ 1147.228298][ T1640] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 1147.256724][ T1458] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 1147.286504][ T1458] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 1147.329616][ T1458] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 1147.360863][ T5833] usb 3-1: new high-speed USB device number 81 using dummy_hcd [ 1147.381127][T28161] Bluetooth: hci1: command tx timeout [ 1147.417830][ T1458] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 1147.550555][ T5833] usb 3-1: Using ep0 maxpacket: 16 [ 1147.582913][ T5833] usb 3-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00 [ 1147.617781][ T5833] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1147.635770][ T5833] usb 3-1: Product: syz [ 1147.642172][ T5833] usb 3-1: Manufacturer: syz [ 1147.647062][ T5833] usb 3-1: SerialNumber: syz [ 1147.663991][ T5833] usb 3-1: config 0 descriptor?? [ 1147.692424][ T5833] ftdi_sio 3-1:0.0: FTDI USB Serial Device converter detected [ 1147.712513][ T5833] usb 3-1: Detected FT232H [ 1147.806648][ T1458] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1147.867873][ T1458] 8021q: adding VLAN 0 to HW filter on device team0 [ 1147.892954][ T5833] ftdi_sio ttyUSB0: Unable to read latency timer: -71 [ 1147.919008][ T5833] ftdi_sio ttyUSB0: Unable to write latency timer: -71 [ 1147.927203][ T5833] ftdi_sio 3-1:0.0: GPIO initialisation failed: -71 [ 1147.928907][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 1147.941103][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1147.943647][ T5833] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 1147.982398][ T5833] usb 3-1: USB disconnect, device number 81 [ 1148.024570][ T5833] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 1148.046653][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 1148.053911][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1148.071283][ T5833] ftdi_sio 3-1:0.0: device disconnected [ 1148.235650][ T1672] ALSA: mixer_oss: invalid OSS volume 'code' [ 1148.246368][ T1672] ALSA: mixer_oss: invalid OSS volume 'cpu' [ 1148.259935][ T1672] ALSA: mixer_oss: invalid OSS volume 'cache' [ 1148.268178][ T1672] ALSA: mixer_oss: invalid OSS volume 'physical' [ 1148.275285][ T1672] ALSA: mixer_oss: invalid OSS volume 'siblings' [ 1148.308433][ T1672] ALSA: mixer_oss: invalid OSS volume 'core' [ 1148.339131][ T1672] ALSA: mixer_oss: invalid OSS volume 'cpu' [ 1148.358698][ T1672] ALSA: mixer_oss: invalid OSS volume 'apicid' [ 1148.381820][ T1672] ALSA: mixer_oss: invalid OSS volume 'initial' [ 1148.396573][ T1458] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1148.407270][ T1672] ALSA: mixer_oss: invalid OSS volume 'fpu' [ 1148.416921][ T1672] ALSA: mixer_oss: invalid OSS volume 'fpu_exception' [ 1148.529581][ T1458] veth0_vlan: entered promiscuous mode [ 1148.583320][ T1458] veth1_vlan: entered promiscuous mode [ 1148.707338][ T1458] veth0_macvtap: entered promiscuous mode [ 1148.749087][ T1458] veth1_macvtap: entered promiscuous mode [ 1148.813981][ T1458] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1148.836433][ T1458] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1148.879626][ T1458] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1148.936582][ T1458] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1148.966243][ T1458] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1148.988424][ T1458] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1149.427606][T16516] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1149.467574][T16516] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1149.615260][T16516] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1149.685107][T16516] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1150.113199][ T1721] trusted_key: syz.7.11464 sent an empty control message without MSG_MORE. [ 1150.679946][ T1734] kvm: user requested TSC rate below hardware speed [ 1151.076656][ T1748] syzkaller1: tun_chr_ioctl cmd 1074025677 [ 1151.091381][T24464] syzkaller1: tun_net_xmit 90 [ 1151.101129][ T1748] syzkaller1: Linktype set failed because interface is up [ 1153.280333][T16127] usb 3-1: new high-speed USB device number 82 using dummy_hcd [ 1153.452277][T16127] usb 3-1: config 0 has no interfaces? [ 1153.483390][T16127] usb 3-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b [ 1153.500286][T16127] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1153.508375][T16127] usb 3-1: Product: syz [ 1153.520354][T16127] usb 3-1: Manufacturer: syz [ 1153.525160][T16127] usb 3-1: SerialNumber: syz [ 1153.564224][T16127] usb 3-1: config 0 descriptor?? [ 1154.110401][ T5923] usb 3-1: USB disconnect, device number 82 [ 1154.241980][ T1853] input: syz0 as /devices/virtual/input/input107 [ 1154.825280][ T1870] netlink: 4 bytes leftover after parsing attributes in process `syz.7.11507'. [ 1154.925597][ T1870] netlink: 4 bytes leftover after parsing attributes in process `syz.7.11507'. [ 1154.974503][ T1870] netlink: 4 bytes leftover after parsing attributes in process `syz.7.11507'. [ 1155.937490][ T1901] bridge_slave_0: left allmulticast mode [ 1155.973871][ T1901] bridge_slave_0: left promiscuous mode [ 1155.989978][ T1901] bridge0: port 1(bridge_slave_0) entered disabled state [ 1156.086264][ T1901] bridge_slave_1: left allmulticast mode [ 1156.121218][ T1901] bridge_slave_1: left promiscuous mode [ 1156.157753][ T1901] bridge0: port 2(bridge_slave_1) entered disabled state [ 1156.233608][ T1901] bond0: (slave bond_slave_0): Releasing backup interface [ 1156.251533][ T1911] netlink: 'syz.6.11519': attribute type 1 has an invalid length. [ 1156.297145][ T1901] bond0: (slave bond_slave_1): Releasing backup interface [ 1156.448453][ T1901] team0: Port device team_slave_0 removed [ 1156.499453][ T1901] team0: Port device team_slave_1 removed [ 1156.539941][ T1901] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1156.561653][ T1901] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1156.584104][ T1901] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1156.598037][ T1901] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1156.790343][ T5924] usb 9-1: new low-speed USB device number 2 using dummy_hcd [ 1156.808987][ T1914] bond2: (slave wireguard0): The slave device specified does not support setting the MAC address [ 1156.824641][ T1914] bond2: (slave wireguard0): Setting fail_over_mac to active for active-backup mode [ 1156.933906][ T1914] bond2: (slave wireguard0): making interface the new active one [ 1156.962020][ T5924] usb 9-1: config 0 has an invalid interface number: 1 but max is 0 [ 1156.982225][ T1914] bond2: (slave wireguard0): Enslaving as an active interface with an up link [ 1156.982864][ T5924] usb 9-1: config 0 has no interface number 0 [ 1157.022486][ T5924] usb 9-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 1157.053286][ T5924] usb 9-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8 [ 1157.099597][ T5924] usb 9-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 1157.120154][ T5924] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1157.173078][ T5924] usb 9-1: config 0 descriptor?? [ 1157.181214][ T1917] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22 [ 1157.220709][ T5924] iowarrior 9-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 1157.531574][ T5924] usb 9-1: USB disconnect, device number 2 [ 1157.531572][ C0] iowarrior 9-1:0.1: iowarrior_callback - usb_submit_urb failed with result -19 [ 1158.294577][ T1952] netlink: 4 bytes leftover after parsing attributes in process `syz.6.11529'. [ 1158.376237][ T1952] netlink: 8 bytes leftover after parsing attributes in process `syz.6.11529'. [ 1160.640789][ T2032] binder: 2031:2032 ioctl c0306201 80001a80 returned -14 [ 1161.220033][ T2068] input: syz0 as /devices/virtual/input/input108 [ 1162.151634][ T30] audit: type=1800 audit(1750365250.444:5679): pid=2091 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.11574" name="nullb0" dev="devtmpfs" ino=3773 res=0 errno=0 [ 1162.248449][ T2096] input: syz1 as /devices/virtual/input/input109 [ 1162.826598][ T2116] netlink: 'syz.2.11583': attribute type 4 has an invalid length. [ 1162.942936][ T2116] netlink: 'syz.2.11583': attribute type 4 has an invalid length. [ 1163.543656][T28161] Bluetooth: hci0: command 0x0c1a tx timeout [ 1163.550719][ T24] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 1163.629602][ T24] Bluetooth: hci0: Error when powering off device on rfkill (-110) [ 1163.867253][ T2147] bridge_slave_0: left allmulticast mode [ 1163.901672][ T2147] bridge_slave_0: left promiscuous mode [ 1163.935994][ T2147] bridge0: port 1(bridge_slave_0) entered disabled state [ 1164.026413][ T2147] bridge_slave_1: left allmulticast mode [ 1164.048675][ T2147] bridge_slave_1: left promiscuous mode [ 1164.067861][ T2147] bridge0: port 2(bridge_slave_1) entered disabled state [ 1164.122364][ T2147] bond0: (slave bond_slave_0): Releasing backup interface [ 1164.163270][ T2147] bond_slave_0: left allmulticast mode [ 1164.229461][ T2147] bond0: (slave bond_slave_1): Releasing backup interface [ 1164.291667][ T2147] bond_slave_1: left allmulticast mode [ 1164.363012][ T2147] team0: Port device team_slave_0 removed [ 1164.414127][ T2147] team0: Port device team_slave_1 removed [ 1164.427550][ T2147] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1164.435613][ T2147] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1164.452421][ T2147] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1164.465478][ T2147] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1164.702115][ T2184] netlink: 4 bytes leftover after parsing attributes in process `syz.6.11599'. [ 1166.662262][ T24] Bluetooth: hci4: Opcode 0x0c1a failed: -110 [ 1166.666800][T28161] Bluetooth: hci4: command 0x0406 tx timeout [ 1166.705761][ T24] Bluetooth: hci4: Error when powering off device on rfkill (-110) [ 1167.618055][ T2254] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11622'. [ 1167.740185][ T2258] netlink: 8 bytes leftover after parsing attributes in process `syz.2.11623'. [ 1167.864712][ T2260] netlink: 8 bytes leftover after parsing attributes in process `syz.2.11623'. [ 1169.460259][T28161] Bluetooth: hci3: command 0x0c1a tx timeout [ 1169.465816][ T24] Bluetooth: hci3: Opcode 0x0c1a failed: -110 [ 1169.506379][ T24] Bluetooth: hci3: Error when powering off device on rfkill (-110) [ 1169.873034][ T2329] team0: entered promiscuous mode [ 1169.893174][ T2329] batadv_slave_0: entered promiscuous mode [ 1169.914878][ T2327] batadv_slave_0: left promiscuous mode [ 1169.933053][ T2327] team0: left promiscuous mode [ 1170.570173][ T5924] usb 9-1: new low-speed USB device number 3 using dummy_hcd [ 1170.744525][ T5924] usb 9-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config [ 1170.793200][ T5924] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 1170.813519][ T5924] usb 9-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 1170.854782][ T5924] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x8F is Bulk; changing to Interrupt [ 1170.881908][ T5924] usb 9-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 1170.910366][ T5924] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1170.939796][ T2344] raw-gadget.2 gadget.8: fail, usb_ep_enable returned -22 [ 1170.968017][ T5924] hub 9-1:1.0: bad descriptor, ignoring hub [ 1170.988997][ T5924] hub 9-1:1.0: probe with driver hub failed with error -5 [ 1171.004918][ T5924] cdc_wdm 9-1:1.0: skipping garbage [ 1171.016216][ T5924] cdc_wdm 9-1:1.0: skipping garbage [ 1171.039589][ T5924] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device [ 1171.047153][ T5924] cdc_wdm 9-1:1.0: Unknown control protocol [ 1171.393512][ C1] cdc_wdm 9-1:1.0: nonzero urb status received: -71 [ 1171.400183][ C1] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes [ 1171.407509][ C1] cdc_wdm 9-1:1.0: nonzero urb status received: -71 [ 1171.414171][ C1] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes [ 1171.420735][ T5924] usb 3-1: new low-speed USB device number 83 using dummy_hcd [ 1171.617456][ T5924] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 1171.643111][ T5924] usb 3-1: config 0 has no interface number 0 [ 1171.665678][ T5924] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 1171.687278][ T5924] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8 [ 1171.698930][ T5924] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 1171.724976][ C1] cdc_wdm 9-1:1.0: nonzero urb status received: -71 [ 1171.731654][ C1] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes [ 1171.738135][ C1] cdc_wdm 9-1:1.0: nonzero urb status received: -71 [ 1171.744778][ C1] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes [ 1171.751154][ C1] cdc_wdm 9-1:1.0: nonzero urb status received: -71 [ 1171.757792][ C1] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes [ 1171.764238][ C1] cdc_wdm 9-1:1.0: nonzero urb status received: -71 [ 1171.770874][ C1] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes [ 1171.778486][ C1] cdc_wdm 9-1:1.0: nonzero urb status received: -71 [ 1171.785227][ C1] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes [ 1171.791941][ C1] cdc_wdm 9-1:1.0: nonzero urb status received: -71 [ 1171.798576][ C1] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes [ 1171.805704][ C1] cdc_wdm 9-1:1.0: nonzero urb status received: -71 [ 1171.812357][ C1] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes [ 1171.818702][ C1] cdc_wdm 9-1:1.0: nonzero urb status received: -71 [ 1171.825340][ C1] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes [ 1171.833326][ T5924] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1171.846813][ T5924] usb 3-1: config 0 descriptor?? [ 1171.861641][ T2373] raw-gadget.3 gadget.2: fail, usb_ep_enable returned -22 [ 1171.889457][ T5924] iowarrior 3-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior1 [ 1171.940456][T28161] Bluetooth: hci1: command 0x0c1a tx timeout [ 1171.944275][ T24] Bluetooth: hci1: Opcode 0x0c1a failed: -110 [ 1171.986625][ T24] Bluetooth: hci1: Error when powering off device on rfkill (-110) [ 1173.283916][ T5833] usb 9-1: USB disconnect, device number 3 [ 1173.283980][ C1] cdc_wdm 9-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19 [ 1173.284498][ T5923] usb 3-1: USB disconnect, device number 83 [ 1173.530316][ T2432] input: syz1 as /devices/virtual/input/input110 [ 1173.956246][ T2447] netlink: 80 bytes leftover after parsing attributes in process `syz.2.11670'. [ 1173.975039][ T2447] netlink: 80 bytes leftover after parsing attributes in process `syz.2.11670'. [ 1174.264445][ T2455] IPv4: Oversized IP packet from 172.20.20.24 [ 1174.273704][ C1] IPv4: Oversized IP packet from 172.20.20.24 [ 1174.280249][ C1] IPv4: Oversized IP packet from 172.20.20.24 [ 1175.502115][ T2509] input: syz0 as /devices/virtual/input/input111 [ 1176.345952][ T2549] bridge_slave_0: entered promiscuous mode [ 1176.756084][ T2562] input: syz1 as /devices/virtual/input/input112 [ 1177.159114][ T2577] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 1177.307965][ T2590] netlink: 'syz.7.11708': attribute type 11 has an invalid length. [ 1177.386782][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1177.393578][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1177.559719][ T2597] loop6: detected capacity change from 0 to 7 [ 1177.577486][ T2597] Dev loop6: unable to read RDB block 7 [ 1177.586538][ T2597] loop6: AHDI p3 p4 [ 1177.592164][ T2597] loop6: partition table partially beyond EOD, truncated [ 1177.600653][ T2597] loop6: p3 start 1869967406 is beyond EOD, truncated [ 1178.755666][ T2656] netlink: 12 bytes leftover after parsing attributes in process `syz.2.11718'. [ 1179.023095][ T2664] syzkaller0: tun_chr_ioctl cmd 2147767521 [ 1180.080175][T24754] usb 9-1: new high-speed USB device number 4 using dummy_hcd [ 1180.270530][T24754] usb 9-1: Using ep0 maxpacket: 8 [ 1180.299880][T24754] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1180.336346][T24754] usb 9-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a [ 1180.369202][T24754] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1180.401396][T24754] usb 9-1: config 0 descriptor?? [ 1180.432803][T24754] gspca_main: vc032x-2.14.0 probing 046d:0892 [ 1181.656305][T24754] gspca_vc032x: reg_w err -71 [ 1181.665981][T24754] vc032x 9-1:0.0: probe with driver vc032x failed with error -71 [ 1181.709662][T24754] usb 9-1: USB disconnect, device number 4 [ 1182.594607][ T2798] ALSA: seq fatal error: cannot create timer (-19) [ 1183.076141][ T2823] vivid-002: disconnect [ 1183.240713][T26621] vivid-002: reconnect [ 1183.526448][ T2839] netlink: 4 bytes leftover after parsing attributes in process `syz.8.11762'. [ 1183.545894][ T2839] netlink: 4 bytes leftover after parsing attributes in process `syz.8.11762'. [ 1185.066306][ T2903] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 1185.482700][ T2914] input: syz1 as /devices/virtual/input/input113 [ 1185.727105][ T2923] netlink: 8 bytes leftover after parsing attributes in process `syz.8.11792'. [ 1185.880319][T26621] usb 3-1: new high-speed USB device number 84 using dummy_hcd [ 1185.966749][ T2931] input: syz0 as /devices/virtual/input/input114 [ 1186.035704][T26621] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1186.074685][T26621] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1186.117250][T26621] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 1186.140095][T26621] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 1186.162896][T26621] usb 3-1: SerialNumber: syz [ 1186.394707][T26621] usb 3-1: 0:2 : does not exist [ 1186.429571][T26621] usb 3-1: USB disconnect, device number 84 [ 1186.565071][ T5841] udevd[5841]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1187.078085][ T2966] netlink: 1347 bytes leftover after parsing attributes in process `syz.6.11811'. [ 1187.236933][ T2972] netlink: 4 bytes leftover after parsing attributes in process `syz.8.11814'. [ 1188.010278][T26621] usb 3-1: new high-speed USB device number 85 using dummy_hcd [ 1188.202962][T26621] usb 3-1: Using ep0 maxpacket: 16 [ 1188.215390][T26621] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1188.229790][T26621] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1188.250166][T26621] usb 3-1: New USB device found, idVendor=6161, idProduct=4d15, bcdDevice= 0.00 [ 1188.259273][T26621] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1188.296984][T26621] usb 3-1: config 0 descriptor?? [ 1188.392065][ T2998] binder: 2997:2998 ioctl c0306201 800001c0 returned -22 [ 1189.260194][T16127] usb 9-1: new high-speed USB device number 5 using dummy_hcd [ 1189.365115][T26621] letsketch 0003:6161:4D15.0055: Device info: 꿨 [ 1189.434100][T16127] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1189.478057][T16127] usb 9-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 1189.519001][T16127] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1189.531386][T16127] usb 9-1: config 0 descriptor?? [ 1189.565237][ T3027] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 1189.614299][T26621] usb 3-1: Max retries (5) exceeded reading string descriptor 201 [ 1189.626474][T26621] letsketch 0003:6161:4D15.0055: probe with driver letsketch failed with error -71 [ 1189.651938][T26621] usb 3-1: USB disconnect, device number 85 [ 1189.745970][ T3033] netlink: 'syz.7.11837': attribute type 10 has an invalid length. [ 1189.768582][T16127] usbhid 9-1:0.0: can't add hid device: -71 [ 1189.784648][T16127] usbhid 9-1:0.0: probe with driver usbhid failed with error -71 [ 1189.805642][T16127] usb 9-1: USB disconnect, device number 5 [ 1189.829875][ T3033] bond0: (slave netdevsim0): Enslaving as an active interface with a down link [ 1189.834345][ T3036] input: syz0 as /devices/virtual/input/input115 [ 1190.302289][T16127] usb 9-1: new high-speed USB device number 6 using dummy_hcd [ 1190.470807][ T3053] IPVS: length: 95 != 24 [ 1190.483818][T16127] usb 9-1: Using ep0 maxpacket: 32 [ 1190.492083][T16127] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1190.518450][T16127] usb 9-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40 [ 1190.550495][T16127] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1190.581344][T16127] usb 9-1: config 0 descriptor?? [ 1190.605689][T16127] ldusb 9-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 1190.632975][T16127] ldusb 9-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 1190.820231][ T30] audit: type=1326 audit(1750365279.104:5680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3062 comm="syz.2.11849" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70be539 code=0x0 [ 1190.871784][T16127] usb 9-1: USB disconnect, device number 6 [ 1190.877730][ C0] ldusb 9-1:0.0: usb_submit_urb failed (-19) [ 1190.921783][T16127] ldusb 9-1:0.0: LD USB Device #0 now disconnected [ 1191.093749][ T3017] ldusb: No device or device unplugged -19 [ 1193.933891][ T30] audit: type=1326 audit(1750365282.224:5681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3131 comm="syz.2.11874" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70be539 code=0x0 [ 1193.955531][ C1] vkms_vblank_simulate: vblank timer overrun [ 1194.183956][ T3141] input: syz0 as /devices/virtual/input/input116 [ 1194.635780][ T3153] loop8: detected capacity change from 0 to 7 [ 1194.647036][ T5841] Dev loop8: unable to read RDB block 7 [ 1194.657608][ T5841] loop8: unable to read partition table [ 1194.664246][ T5841] loop8: partition table beyond EOD, truncated [ 1194.673004][ T3153] Dev loop8: unable to read RDB block 7 [ 1194.678699][ T3153] loop8: unable to read partition table [ 1194.686973][ T3153] loop8: partition table beyond EOD, truncated [ 1194.701559][ T3153] loop_reread_partitions: partition scan of loop8 (þ被xü—ŸÑà– ) failed (rc=-5) [ 1194.732998][ T3154] Dev loop8: unable to read RDB block 7 [ 1194.744524][ T3154] loop8: unable to read partition table [ 1194.757695][ T3154] loop8: partition table beyond EOD, truncated [ 1194.765175][ T3154] loop_reread_partitions: partition scan of loop8 (þ被xü—ŸÑà– ) failed (rc=-5) [ 1196.230259][ T30] audit: type=1326 audit(1750365284.464:5682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3180 comm="syz.6.11894" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70be558 code=0x7ffc0000 [ 1196.252472][ C1] vkms_vblank_simulate: vblank timer overrun [ 1196.305120][ T30] audit: type=1326 audit(1750365284.464:5683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3180 comm="syz.6.11894" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70be558 code=0x7ffc0000 [ 1196.410019][ T30] audit: type=1326 audit(1750365284.464:5684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3180 comm="syz.6.11894" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70be558 code=0x7ffc0000 [ 1196.484519][ T30] audit: type=1326 audit(1750365284.464:5685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3180 comm="syz.6.11894" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70be558 code=0x7ffc0000 [ 1196.506635][ C1] vkms_vblank_simulate: vblank timer overrun [ 1196.529281][ T30] audit: type=1326 audit(1750365284.464:5686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3180 comm="syz.6.11894" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 1196.561645][ T30] audit: type=1326 audit(1750365284.464:5687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3180 comm="syz.6.11894" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 1196.661131][ T30] audit: type=1326 audit(1750365284.464:5688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3180 comm="syz.6.11894" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70be558 code=0x7ffc0000 [ 1196.780135][ T30] audit: type=1326 audit(1750365284.464:5689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3180 comm="syz.6.11894" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70be558 code=0x7ffc0000 [ 1196.802254][ C1] vkms_vblank_simulate: vblank timer overrun [ 1196.913434][ T30] audit: type=1326 audit(1750365284.464:5690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3180 comm="syz.6.11894" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70be558 code=0x7ffc0000 [ 1196.935555][ C1] vkms_vblank_simulate: vblank timer overrun [ 1196.987784][ T30] audit: type=1326 audit(1750365284.464:5691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3180 comm="syz.6.11894" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70be558 code=0x7ffc0000 [ 1197.326620][ T3215] netlink: 4 bytes leftover after parsing attributes in process `syz.2.11908'. [ 1198.180833][T24464] usb 3-1: new high-speed USB device number 86 using dummy_hcd [ 1198.365842][ T3250] netlink: 'syz.7.11921': attribute type 11 has an invalid length. [ 1198.460145][T24464] usb 3-1: Using ep0 maxpacket: 32 [ 1198.481673][T24464] usb 3-1: config 0 has an invalid interface number: 67 but max is 0 [ 1198.495669][T24464] usb 3-1: config 0 has no interface number 0 [ 1198.524044][T24464] usb 3-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 1198.546297][T24464] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1198.561318][T24464] usb 3-1: Product: syz [ 1198.575746][T24464] usb 3-1: Manufacturer: syz [ 1198.585516][T24464] usb 3-1: SerialNumber: syz [ 1198.613821][T24464] usb 3-1: config 0 descriptor?? [ 1198.633223][T24464] smsc95xx v2.0.0 [ 1198.707524][ T3258] kernel read not supported for file /bus (pid: 3258 comm: syz.7.11924) [ 1199.661236][T24464] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -71 [ 1199.674346][T24464] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 1199.684224][T24464] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71 [ 1199.695480][T24464] smsc95xx 3-1:0.67: probe with driver smsc95xx failed with error -71 [ 1199.708087][T24464] usb 3-1: USB disconnect, device number 86 [ 1200.147179][ T3288] KVM: debugfs: duplicate directory 3288-5 [ 1200.429647][ T3296] vivid-002: ================= START STATUS ================= [ 1200.442182][ T3296] vivid-002: Radio HW Seek Mode: Bounded [ 1200.448511][ T3296] vivid-002: Radio Programmable HW Seek: false [ 1200.454853][ T3296] vivid-002: RDS Rx I/O Mode: Block I/O [ 1200.460588][ T3296] vivid-002: Generate RBDS Instead of RDS: false [ 1200.466981][ T3296] vivid-002: RDS Reception: true [ 1200.472156][ T3296] vivid-002: RDS Program Type: 0 inactive [ 1200.477930][ T3296] vivid-002: RDS PS Name: inactive [ 1200.483502][ T3296] vivid-002: RDS Radio Text: inactive [ 1200.489046][ T3296] vivid-002: RDS Traffic Announcement: false inactive [ 1200.496019][ T3296] vivid-002: RDS Traffic Program: false inactive [ 1200.502511][ T3296] vivid-002: RDS Music: false inactive [ 1200.508061][ T3296] vivid-002: ================== END STATUS ================== [ 1201.525517][ T3325] netlink: 'syz.7.11949': attribute type 1 has an invalid length. [ 1201.597983][ T3325] 8021q: adding VLAN 0 to HW filter on device bond1 [ 1201.675528][ T3328] bond1: (slave veth0_to_bond): Enslaving as an active interface with an up link [ 1201.815870][ T3334] netlink: 'syz.7.11952': attribute type 4 has an invalid length. [ 1201.939901][ T3338] netlink: 32 bytes leftover after parsing attributes in process `syz.2.11954'. [ 1202.016119][ T3341] netlink: 12 bytes leftover after parsing attributes in process `syz.7.11955'. [ 1202.083585][ T3345] ICMPv6: Received fragmented ndisc packet. Carefully consider disabling suppress_frag_ndisc. [ 1202.268244][ T3349] ALSA: mixer_oss: invalid OSS volume '2' [ 1202.275219][ T3349] ALSA: mixer_oss: invalid OSS volume 'Ip6InAddrErrors' [ 1202.284144][ T3349] ALSA: mixer_oss: invalid OSS volume 'Ip6InUnknownProtos' [ 1202.291647][ T3349] ALSA: mixer_oss: invalid OSS volume 'Ip6InTruncatedPkts' [ 1202.298899][ T3349] ALSA: mixer_oss: invalid OSS volume 'Ip6InDiscards' [ 1202.305795][ T3349] ALSA: mixer_oss: invalid OSS volume 'Ip6InDelivers' [ 1202.762971][ T3365] netlink: 7 bytes leftover after parsing attributes in process `syz.2.11965'. [ 1203.570409][ T24] usb 3-1: new high-speed USB device number 87 using dummy_hcd [ 1203.755107][ T24] usb 3-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config [ 1203.795255][ T24] usb 3-1: config 27 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 1203.831861][ T24] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 1203.865366][ T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1203.915490][ T24] usb 3-1: Quirk or no altset; falling back to MIDI 1.0 [ 1203.987121][ T24] snd-usb-audio 3-1:27.0: probe with driver snd-usb-audio failed with error -2 [ 1204.088181][ T5841] udevd[5841]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1204.172920][ T24] usb 3-1: USB disconnect, device number 87 [ 1205.730441][ T5923] usb 3-1: new high-speed USB device number 88 using dummy_hcd [ 1205.890302][ T5923] usb 3-1: Using ep0 maxpacket: 16 [ 1205.901469][ T5923] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1205.916504][ T5923] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1205.926626][ T5923] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 1205.944746][ T5923] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 1205.954095][ T5923] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1205.969142][ T5923] usb 3-1: config 0 descriptor?? [ 1206.399758][ T5923] microsoft 0003:045E:07DA.0056: ignoring exceeding usage max [ 1206.419612][ T5923] input: HID 045e:07da as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:045E:07DA.0056/input/input117 [ 1206.515700][T24464] microsoft 0003:045E:07DA.0056: implement() called with too large value 1 (n: 0)! (kworker/0:2) [ 1206.579772][ T5923] microsoft 0003:045E:07DA.0056: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0 [ 1206.688931][T26621] usb 3-1: USB disconnect, device number 88 [ 1207.930638][T24464] usb 3-1: new high-speed USB device number 89 using dummy_hcd [ 1208.090149][T24464] usb 3-1: Using ep0 maxpacket: 8 [ 1208.106006][T24464] usb 3-1: config index 0 descriptor too short (expected 301, got 45) [ 1208.120551][T24464] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 1208.150584][T24464] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 1208.161302][T24464] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 1208.179131][T24464] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1208.192929][T24464] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 1208.202343][T24464] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1208.268086][ T30] kauditd_printk_skb: 63 callbacks suppressed [ 1208.268130][ T30] audit: type=1326 audit(1750365296.564:5755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3503 comm="syz.7.12021" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e539 code=0x7ffc0000 [ 1208.319007][ T30] audit: type=1326 audit(1750365296.594:5756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3503 comm="syz.7.12021" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e539 code=0x7ffc0000 [ 1208.400199][ T30] audit: type=1326 audit(1750365296.594:5757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3503 comm="syz.7.12021" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e539 code=0x7ffc0000 [ 1208.400252][ T30] audit: type=1326 audit(1750365296.594:5758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3503 comm="syz.7.12021" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e539 code=0x7ffc0000 [ 1208.400294][ T30] audit: type=1326 audit(1750365296.594:5759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3503 comm="syz.7.12021" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf705e558 code=0x7ffc0000 [ 1208.454415][T24464] usb 3-1: usb_control_msg returned -32 [ 1208.576754][ T30] audit: type=1326 audit(1750365296.594:5760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3503 comm="syz.7.12021" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e539 code=0x7ffc0000 [ 1208.586887][T24464] usbtmc 3-1:16.0: can't read capabilities [ 1208.653790][ T30] audit: type=1326 audit(1750365296.594:5761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3503 comm="syz.7.12021" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e539 code=0x7ffc0000 [ 1208.768609][ T30] audit: type=1326 audit(1750365296.594:5762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3503 comm="syz.7.12021" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e539 code=0x7ffc0000 [ 1208.858637][ T3506] syz.6.12022 (3506): drop_caches: 2 [ 1209.037792][ T30] audit: type=1326 audit(1750365296.594:5763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3503 comm="syz.7.12021" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf705e558 code=0x7ffc0000 [ 1209.060506][ T30] audit: type=1326 audit(1750365296.594:5764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3503 comm="syz.7.12021" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf705e558 code=0x7ffc0000 [ 1209.195370][ T3510] usbtmc 3-1:16.0: CHECK_CLEAR_STATUS returned 5 [ 1209.397642][ T5923] usb 3-1: USB disconnect, device number 89 [ 1209.489178][ T3516] netlink: 40 bytes leftover after parsing attributes in process `syz.6.12026'. [ 1209.539968][ T3517] netlink: 40 bytes leftover after parsing attributes in process `syz.6.12026'. [ 1209.630610][ T3519] input: syz0 as /devices/virtual/input/input118 [ 1210.373595][ T3553] loop6: detected capacity change from 0 to 7 [ 1210.389979][ T3553] Dev loop6: unable to read RDB block 7 [ 1210.396346][ T3553] loop6: unable to read partition table [ 1210.402440][ T3553] loop6: partition table beyond EOD, truncated [ 1210.412281][ T3553] loop_reread_partitions: partition scan of loop6 (þ被xü—ŸÑà– ) failed (rc=-5) [ 1211.130122][ T24] usb 3-1: new high-speed USB device number 90 using dummy_hcd [ 1211.148058][ T3572] could not allocate digest TFM handle cryptd(blake2b-160) [ 1211.293095][ T24] usb 3-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad [ 1211.305161][ T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1211.318931][ T24] usb 3-1: config 0 descriptor?? [ 1211.334401][ T24] gspca_main: spca508-2.14.0 probing 8086:0110 [ 1211.536232][ T24] gspca_spca508: reg_read err -32 [ 1211.550793][ T24] gspca_spca508: reg_read err -32 [ 1211.556739][ T24] gspca_spca508: reg_read err -32 [ 1211.567939][ T24] gspca_spca508: reg_read err -32 [ 1211.775602][ T24] gspca_spca508: reg write: error -71 [ 1211.790608][ T24] spca508 3-1:0.0: probe with driver spca508 failed with error -71 [ 1211.801471][ T24] usb 3-1: USB disconnect, device number 90 [ 1214.757375][ T30] kauditd_printk_skb: 479 callbacks suppressed [ 1214.757394][ T30] audit: type=1326 audit(1750365303.054:6244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3653 comm="syz.2.12079" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70be539 code=0x0 [ 1214.789213][ T3656] syzkaller1: entered promiscuous mode [ 1214.795869][ T3656] syzkaller1: entered allmulticast mode [ 1215.058012][ T3664] vivid-002: disconnect [ 1215.063152][ T3663] vivid-002: reconnect [ 1215.122038][ T3667] binder: 3666:3667 ioctl c0306201 800003c0 returned -14 [ 1215.980339][ T5923] usb 3-1: new high-speed USB device number 91 using dummy_hcd [ 1215.994485][ T3683] netlink: 4 bytes leftover after parsing attributes in process `syz.1.12091'. [ 1216.130163][ T5923] usb 3-1: Using ep0 maxpacket: 8 [ 1216.137220][ T5923] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 1216.147459][ T5923] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 1216.158417][ T5923] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 61192, setting to 1024 [ 1216.171000][ T5923] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 1216.181402][ T5923] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1216.194754][ T5923] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 1216.208138][ T5923] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1216.366414][ T3695] batadv_slave_1: entered promiscuous mode [ 1216.377172][ T3694] batadv_slave_1: left promiscuous mode [ 1216.429947][ T5923] usb 3-1: GET_CAPABILITIES returned 0 [ 1216.435976][ T5923] usbtmc 3-1:16.0: can't read capabilities [ 1216.659278][ T5923] usb 3-1: USB disconnect, device number 91 [ 1216.839348][ T3702] netlink: 4 bytes leftover after parsing attributes in process `syz.1.12098'. [ 1218.046350][ T3736] netlink: 44 bytes leftover after parsing attributes in process `syz.6.12114'. [ 1218.668421][ T3756] netlink: 'syz.7.12123': attribute type 1 has an invalid length. [ 1218.690188][ T3756] netlink: 20 bytes leftover after parsing attributes in process `syz.7.12123'. [ 1219.391007][ T3772] netlink: 'syz.7.12128': attribute type 6 has an invalid length. [ 1221.408871][ T3836] syz.7.12155 (3836): drop_caches: 2 [ 1221.580313][ T24] usb 3-1: new high-speed USB device number 92 using dummy_hcd [ 1221.736378][ T24] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16 [ 1221.765057][ T24] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64 [ 1221.777981][ T24] usb 3-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32 [ 1221.792829][ T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1221.801404][ T24] usb 3-1: Product: syz [ 1221.805843][ T24] usb 3-1: Manufacturer: syz [ 1221.819205][ T24] usb 3-1: SerialNumber: syz [ 1221.829263][ T24] usb 3-1: config 0 descriptor?? [ 1221.839755][ T3842] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 1221.851375][ T3842] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 1222.095178][ T3842] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 1222.106647][ T3842] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 1222.199432][ T3868] netlink: 8 bytes leftover after parsing attributes in process `syz.6.12169'. [ 1222.525763][ T24] dm9601: No valid MAC address in EEPROM, using 00:00:00:00:00:00 [ 1222.874588][ T30] audit: type=1800 audit(1750365311.164:6245): pid=3888 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.12176" name="SYSV00000000" dev="hugetlbfs" ino=3 res=0 errno=0 [ 1223.124343][ T24] dm9601 3-1:0.0 (unnamed net_device) (uninitialized): Error reading MODE_CTRL [ 1223.151325][ T24] usb 3-1: USB disconnect, device number 92 [ 1225.590321][ T24] usb 3-1: new full-speed USB device number 93 using dummy_hcd [ 1225.774949][ T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 1225.789540][ T24] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4 [ 1225.816793][ T24] usb 3-1: New USB device found, idVendor=0925, idProduct=8866, bcdDevice= 0.00 [ 1225.827451][ T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1225.843678][ T24] usb 3-1: config 0 descriptor?? [ 1225.855739][ T3938] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 1226.541080][ T3956] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 1226.641350][ T24] usbhid 3-1:0.0: can't add hid device: -71 [ 1226.657161][ T24] usbhid 3-1:0.0: probe with driver usbhid failed with error -71 [ 1226.692376][ T24] usb 3-1: USB disconnect, device number 93 [ 1226.976886][ T30] audit: type=1326 audit(1750365315.274:6246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3960 comm="syz.7.12207" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e539 code=0x7fc00000 [ 1227.019484][ T3972] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 1227.026786][ T3972] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 1227.629329][ T30] audit: type=1326 audit(1750365315.924:6247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3960 comm="syz.7.12207" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf705e539 code=0x7fc00000 [ 1228.219835][ T3987] veth0_to_bond: entered allmulticast mode [ 1228.229956][ T3987] netlink: 4 bytes leftover after parsing attributes in process `syz.2.12217'. [ 1228.301322][ T3987] veth0_to_bond (unregistering): left allmulticast mode [ 1228.738114][ T4001] syz.2.12223 (4001): drop_caches: 2 [ 1230.993928][ T4027] syz.2.12232 (4027): drop_caches: 2 [ 1234.072712][ T30] audit: type=1326 audit(1750365322.374:6248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4039 comm="syz.2.12246" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 1234.099105][ T30] audit: type=1326 audit(1750365322.374:6249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4039 comm="syz.2.12246" exe="/root/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 1234.125148][ T30] audit: type=1326 audit(1750365322.374:6250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4039 comm="syz.2.12246" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 1234.149033][ T30] audit: type=1326 audit(1750365322.374:6251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4039 comm="syz.2.12246" exe="/root/syz-executor" sig=0 arch=40000003 syscall=436 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 1234.176853][ T30] audit: type=1326 audit(1750365322.374:6252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4039 comm="syz.2.12246" exe="/root/syz-executor" sig=0 arch=40000003 syscall=252 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 1234.900245][ T24] usb 3-1: new high-speed USB device number 94 using dummy_hcd [ 1235.056517][ T24] usb 3-1: New USB device found, idVendor=6189, idProduct=182d, bcdDevice= 1.73 [ 1235.065857][ T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1235.074363][ T24] usb 3-1: Product: syz [ 1235.078560][ T24] usb 3-1: Manufacturer: syz [ 1235.083274][ T24] usb 3-1: SerialNumber: syz [ 1235.091506][ T24] usb 3-1: config 0 descriptor?? [ 1236.312165][ T24] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 1236.324098][ T24] asix 3-1:0.0 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9 [ 1236.335630][ T24] asix 3-1:0.0: probe with driver asix failed with error -71 [ 1236.346992][ T24] usb 3-1: USB disconnect, device number 94 [ 1237.496611][ T4079] loop6: detected capacity change from 0 to 7 [ 1237.510453][ T4079] Dev loop6: unable to read RDB block 7 [ 1237.516109][ T4079] loop6: unable to read partition table [ 1237.526117][ T4079] loop6: partition table beyond EOD, truncated [ 1237.532676][ T4079] loop_reread_partitions: partition scan of loop6 (þ被xü—ŸÑà– ) failed (rc=-5) [ 1237.556216][ T4081] IPv4: Oversized IP packet from 172.20.20.24 [ 1237.562989][ C0] IPv4: Oversized IP packet from 172.20.20.24 [ 1237.569427][ C0] IPv4: Oversized IP packet from 172.20.20.24 [ 1237.880342][ T4091] input: syz0 as /devices/virtual/input/input119 [ 1238.016716][ T30] audit: type=1800 audit(1750365326.314:6253): pid=4093 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.12262" name="dmabuf" dev="dmabuf" ino=35 res=0 errno=0 [ 1238.154311][ T4098] netlink: 8 bytes leftover after parsing attributes in process `syz.7.12264'. [ 1238.730153][ T5923] usb 3-1: new high-speed USB device number 95 using dummy_hcd [ 1238.840692][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1238.847102][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1238.942027][ T5923] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 1238.970132][ T5923] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 1238.990270][ T5923] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 1239.010106][ T5923] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 1239.040501][ T5923] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1239.049616][ T5923] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1239.080777][ T5923] usb 3-1: config 0 descriptor?? [ 1239.500751][ T5923] plantronics 0003:047F:FFFF.0057: No inputs registered, leaving [ 1239.516422][ T5923] plantronics 0003:047F:FFFF.0057: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 1240.874426][ T4147] netlink: 28 bytes leftover after parsing attributes in process `syz.7.12284'. [ 1240.888320][ T4147] netlink: 'syz.7.12284': attribute type 7 has an invalid length. [ 1240.896225][ T4147] netlink: 'syz.7.12284': attribute type 8 has an invalid length. [ 1240.905035][ T4147] netlink: 4 bytes leftover after parsing attributes in process `syz.7.12284'. [ 1241.396264][ T4163] netlink: 'syz.7.12290': attribute type 21 has an invalid length. [ 1241.418243][ T4163] netlink: 120 bytes leftover after parsing attributes in process `syz.7.12290'. [ 1241.618967][ T2018] usb 3-1: USB disconnect, device number 95 [ 1241.736291][ T30] audit: type=1326 audit(1750365330.034:6254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4168 comm="syz.2.12293" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70be558 code=0x7ffc0000 [ 1241.780261][ T30] audit: type=1326 audit(1750365330.034:6255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4168 comm="syz.2.12293" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70be558 code=0x7ffc0000 [ 1241.832836][ T30] audit: type=1326 audit(1750365330.034:6256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4168 comm="syz.2.12293" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70be558 code=0x7ffc0000 [ 1241.871837][ T30] audit: type=1326 audit(1750365330.034:6257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4168 comm="syz.2.12293" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70be558 code=0x7ffc0000 [ 1241.916622][ T30] audit: type=1326 audit(1750365330.034:6258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4168 comm="syz.2.12293" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70be558 code=0x7ffc0000 [ 1241.938725][ C1] vkms_vblank_simulate: vblank timer overrun [ 1241.950224][ T30] audit: type=1326 audit(1750365330.034:6259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4168 comm="syz.2.12293" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70be558 code=0x7ffc0000 [ 1241.972345][ C1] vkms_vblank_simulate: vblank timer overrun [ 1241.980234][ T30] audit: type=1326 audit(1750365330.034:6260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4168 comm="syz.2.12293" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70be558 code=0x7ffc0000 [ 1242.002412][ C1] vkms_vblank_simulate: vblank timer overrun [ 1242.010289][ T30] audit: type=1326 audit(1750365330.034:6261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4168 comm="syz.2.12293" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70be558 code=0x7ffc0000 [ 1242.037366][ T30] audit: type=1326 audit(1750365330.034:6262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4168 comm="syz.2.12293" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70be558 code=0x7ffc0000 [ 1242.059871][ T30] audit: type=1326 audit(1750365330.034:6263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4168 comm="syz.2.12293" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70be558 code=0x7ffc0000 [ 1242.289464][ T4172] cgroup: fork rejected by pids controller in /syz7 [ 1242.749464][ T77] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1242.849528][ T77] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1242.957008][ T77] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1243.027662][ T77] bond0: (slave netdevsim0): Releasing backup interface [ 1243.038663][ T77] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1243.706592][ T77] bond0 (unregistering): Released all slaves [ 1243.863674][ T77] bond1 (unregistering): (slave veth0_to_bond): Releasing backup interface [ 1243.879438][ T77] bond1 (unregistering): Released all slaves [ 1243.965020][ T77] tipc: Disabling bearer [ 1243.970427][ T77] tipc: Left network mode [ 1269.541020][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1300.266927][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1300.273500][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1357.860440][ T31] INFO: task kworker/0:4:16127 blocked for more than 143 seconds. [ 1357.868337][ T31] Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 [ 1357.876222][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1357.885010][ T31] task:kworker/0:4 state:D stack:20600 pid:16127 tgid:16127 ppid:2 task_flags:0x4208060 flags:0x00004000 [ 1357.897133][ T31] Workqueue: events rfkill_global_led_trigger_worker [ 1357.903892][ T31] Call Trace: [ 1357.907207][ T31] [ 1357.910294][ T31] __schedule+0x16f5/0x4d00 [ 1357.915082][ T31] ? do_raw_spin_unlock+0x122/0x240 [ 1357.920470][ T31] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 1357.926850][ T31] ? schedule+0x165/0x360 [ 1357.931284][ T31] ? __pfx___schedule+0x10/0x10 [ 1357.936193][ T31] ? schedule+0x91/0x360 [ 1357.940719][ T31] schedule+0x165/0x360 [ 1357.944934][ T31] schedule_preempt_disabled+0x13/0x30 [ 1357.950709][ T31] __mutex_lock+0x724/0xe80 [ 1357.955255][ T31] ? look_up_lock_class+0x74/0x170 [ 1357.961095][ T31] ? __mutex_lock+0x51b/0xe80 [ 1357.965817][ T31] ? rfkill_global_led_trigger_worker+0x27/0xd0 [ 1357.972154][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 1357.977203][ T31] ? process_scheduled_works+0x9ef/0x17b0 [ 1357.983147][ T31] ? process_scheduled_works+0x9ef/0x17b0 [ 1357.988917][ T31] rfkill_global_led_trigger_worker+0x27/0xd0 [ 1357.995112][ T31] ? process_scheduled_works+0x9ef/0x17b0 [ 1358.000949][ T31] process_scheduled_works+0xae1/0x17b0 [ 1358.006638][ T31] ? __pfx_process_scheduled_works+0x10/0x10 [ 1358.012732][ T31] worker_thread+0x8a0/0xda0 [ 1358.017374][ T31] kthread+0x70e/0x8a0 [ 1358.021609][ T31] ? __pfx_worker_thread+0x10/0x10 [ 1358.026762][ T31] ? __pfx_kthread+0x10/0x10 [ 1358.031481][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 1358.036806][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 1358.042287][ T31] ? __pfx_kthread+0x10/0x10 [ 1358.046906][ T31] ret_from_fork+0x3f9/0x770 [ 1358.051578][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 1358.056724][ T31] ? __switch_to_asm+0x39/0x70 [ 1358.061578][ T31] ? __switch_to_asm+0x33/0x70 [ 1358.066382][ T31] ? __pfx_kthread+0x10/0x10 [ 1358.071368][ T31] ret_from_fork_asm+0x1a/0x30 [ 1358.076204][ T31] [ 1358.079275][ T31] INFO: task kworker/0:3:24754 blocked for more than 143 seconds. [ 1358.087166][ T31] Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 [ 1358.094870][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1358.103697][ T31] task:kworker/0:3 state:D stack:22584 pid:24754 tgid:24754 ppid:2 task_flags:0x4208060 flags:0x00004000 [ 1358.115872][ T31] Workqueue: events rfkill_sync_work [ 1358.121285][ T31] Call Trace: [ 1358.124675][ T31] [ 1358.127617][ T31] __schedule+0x16f5/0x4d00 [ 1358.132256][ T31] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1358.137666][ T31] ? schedule+0x165/0x360 [ 1358.142117][ T31] ? __pfx___schedule+0x10/0x10 [ 1358.147031][ T31] ? schedule+0x91/0x360 [ 1358.151368][ T31] schedule+0x165/0x360 [ 1358.155567][ T31] schedule_preempt_disabled+0x13/0x30 [ 1358.161152][ T31] __mutex_lock+0x724/0xe80 [ 1358.165686][ T31] ? __lock_acquire+0xab9/0xd20 [ 1358.170639][ T31] ? __mutex_lock+0x51b/0xe80 [ 1358.175350][ T31] ? nfc_rfkill_set_block+0x50/0x2e0 [ 1358.181049][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 1358.186115][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 1358.191432][ T31] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 1358.197371][ T31] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 1358.203811][ T31] ? __pfx_nfc_rfkill_set_block+0x10/0x10 [ 1358.209598][ T31] nfc_rfkill_set_block+0x50/0x2e0 [ 1358.214825][ T31] ? __pfx_nfc_rfkill_set_block+0x10/0x10 [ 1358.220650][ T31] rfkill_set_block+0x1cf/0x440 [ 1358.225524][ T31] rfkill_sync_work+0x114/0x200 [ 1358.230462][ T31] ? process_scheduled_works+0x9ef/0x17b0 [ 1358.236228][ T31] process_scheduled_works+0xae1/0x17b0 [ 1358.241917][ T31] ? __pfx_process_scheduled_works+0x10/0x10 [ 1358.247953][ T31] worker_thread+0x8a0/0xda0 [ 1358.252640][ T31] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 1358.259017][ T31] ? __kthread_parkme+0x7b/0x200 [ 1358.264482][ T31] kthread+0x70e/0x8a0 [ 1358.268614][ T31] ? __pfx_worker_thread+0x10/0x10 [ 1358.274305][ T31] ? __pfx_kthread+0x10/0x10 [ 1358.278948][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 1358.284274][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 1358.289529][ T31] ? __pfx_kthread+0x10/0x10 [ 1358.294436][ T31] ret_from_fork+0x3f9/0x770 [ 1358.299235][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 1358.304574][ T31] ? __switch_to_asm+0x39/0x70 [ 1358.309377][ T31] ? __switch_to_asm+0x33/0x70 [ 1358.314229][ T31] ? __pfx_kthread+0x10/0x10 [ 1358.318854][ T31] ret_from_fork_asm+0x1a/0x30 [ 1358.323736][ T31] [ 1358.326802][ T31] INFO: task syz.8.11916:3232 blocked for more than 143 seconds. [ 1358.334613][ T31] Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 [ 1358.342372][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1358.351142][ T31] task:syz.8.11916 state:D stack:26952 pid:3232 tgid:3232 ppid:1458 task_flags:0x400040 flags:0x20004004 [ 1358.363337][ T31] Call Trace: [ 1358.366651][ T31] [ 1358.369602][ T31] __schedule+0x16f5/0x4d00 [ 1358.374240][ T31] ? kasan_record_aux_stack+0xbd/0xd0 [ 1358.379653][ T31] ? task_work_add+0xb1/0x420 [ 1358.384432][ T31] ? __lock_acquire+0xab9/0xd20 [ 1358.389368][ T31] ? schedule+0x165/0x360 [ 1358.393793][ T31] ? __pfx___schedule+0x10/0x10 [ 1358.398695][ T31] ? schedule+0x91/0x360 [ 1358.403077][ T31] schedule+0x165/0x360 [ 1358.407288][ T31] schedule_preempt_disabled+0x13/0x30 [ 1358.413202][ T31] __mutex_lock+0x724/0xe80 [ 1358.417751][ T31] ? __mutex_lock+0x51b/0xe80 [ 1358.422615][ T31] ? rfkill_fop_release+0x4b/0x220 [ 1358.427766][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 1358.432899][ T31] ? __pfx_rfkill_fop_release+0x10/0x10 [ 1358.438567][ T31] rfkill_fop_release+0x4b/0x220 [ 1358.443600][ T31] ? __pfx_rfkill_fop_release+0x10/0x10 [ 1358.449262][ T31] __fput+0x44c/0xa70 [ 1358.453348][ T31] task_work_run+0x1d1/0x260 [ 1358.457976][ T31] ? __pfx_task_work_run+0x10/0x10 [ 1358.463223][ T31] ? exit_to_user_mode_loop+0x40/0x110 [ 1358.468729][ T31] exit_to_user_mode_loop+0xec/0x110 [ 1358.474106][ T31] __do_fast_syscall_32+0x1f4/0x2b0 [ 1358.479344][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 1358.484695][ T31] do_fast_syscall_32+0x34/0x80 [ 1358.489589][ T31] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1358.496073][ T31] RIP: 0023:0xf7fd1539 [ 1358.500398][ T31] RSP: 002b:00000000f75bfadc EFLAGS: 00000206 ORIG_RAX: 00000000000001b4 [ 1358.508849][ T31] RAX: 0000000000000000 RBX: 0000000000000003 RCX: 000000000000001e [ 1358.516900][ T31] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1358.525204][ T31] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1358.533274][ T31] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 1358.541360][ T31] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1358.549373][ T31] [ 1358.552494][ T31] INFO: task syz.8.11916:3233 blocked for more than 144 seconds. [ 1358.560314][ T31] Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 [ 1358.567969][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1358.576757][ T31] task:syz.8.11916 state:D stack:24216 pid:3233 tgid:3232 ppid:1458 task_flags:0x400040 flags:0x20004006 [ 1358.588838][ T31] Call Trace: [ 1358.592212][ T31] [ 1358.595170][ T31] __schedule+0x16f5/0x4d00 [ 1358.599698][ T31] ? schedule+0x165/0x360 [ 1358.604136][ T31] ? __lock_acquire+0xab9/0xd20 [ 1358.609025][ T31] ? __pfx___schedule+0x10/0x10 [ 1358.614006][ T31] ? schedule+0x91/0x360 [ 1358.618303][ T31] schedule+0x165/0x360 [ 1358.622583][ T31] schedule_timeout+0x9a/0x270 [ 1358.627390][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 1358.633192][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 1358.638581][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 1358.643967][ T31] ? wait_for_completion+0x267/0x5d0 [ 1358.649313][ T31] wait_for_completion+0x2bf/0x5d0 [ 1358.654541][ T31] ? __pfx_wait_for_completion+0x10/0x10 [ 1358.660317][ T31] ? __flush_work+0xd2/0xbc0 [ 1358.664937][ T31] ? __flush_work+0xd2/0xbc0 [ 1358.669535][ T31] __flush_work+0x9b9/0xbc0 [ 1358.674138][ T31] ? __flush_work+0xd2/0xbc0 [ 1358.678761][ T31] ? __pfx___flush_work+0x10/0x10 [ 1358.683971][ T31] ? __pfx_wq_barrier_func+0x10/0x10 [ 1358.689310][ T31] ? __pfx___cancel_work+0x10/0x10 [ 1358.694519][ T31] ? nfc_genl_device_removed+0x23c/0x330 [ 1358.700257][ T31] __cancel_work_sync+0xbe/0x110 [ 1358.705206][ T31] rfkill_unregister+0x92/0x220 [ 1358.710166][ T31] nfc_unregister_device+0x96/0x2a0 [ 1358.715396][ T31] ? __pfx_virtual_ncidev_close+0x10/0x10 [ 1358.721246][ T31] virtual_ncidev_close+0x56/0x90 [ 1358.726306][ T31] __fput+0x44c/0xa70 [ 1358.730410][ T31] task_work_run+0x1d1/0x260 [ 1358.735071][ T31] ? __pfx_task_work_run+0x10/0x10 [ 1358.741108][ T31] get_signal+0x11ed/0x1340 [ 1358.745697][ T31] ? kasan_quarantine_put+0xdd/0x220 [ 1358.751285][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 1358.756567][ T31] arch_do_signal_or_restart+0x9a/0x750 [ 1358.762619][ T31] ? do_sys_openat2+0x154/0x1c0 [ 1358.767877][ T31] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 1358.774834][ T31] ? exit_to_user_mode_loop+0x40/0x110 [ 1358.780584][ T31] exit_to_user_mode_loop+0x75/0x110 [ 1358.785930][ T31] __do_fast_syscall_32+0x1f4/0x2b0 [ 1358.791306][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 1358.796555][ T31] do_fast_syscall_32+0x34/0x80 [ 1358.801528][ T31] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1358.807899][ T31] RIP: 0023:0xf7fd1539 [ 1358.812191][ T31] RSP: 002b:00000000f50f655c EFLAGS: 00000206 ORIG_RAX: 0000000000000127 [ 1358.820940][ T31] RAX: ffffffffffffffea RBX: 00000000ffffff9c RCX: 0000000080000080 [ 1358.828952][ T31] RDX: 0000000000005400 RSI: 0000000000000000 RDI: 0000000000000000 [ 1358.837076][ T31] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1358.845146][ T31] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 1358.853373][ T31] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1358.861469][ T31] [ 1358.864976][ T31] INFO: task syz-executor:3607 blocked for more than 144 seconds. [ 1358.873074][ T31] Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 [ 1358.880772][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1358.889479][ T31] task:syz-executor state:D stack:24136 pid:3607 tgid:3607 ppid:5821 task_flags:0x400000 flags:0x20004000 [ 1358.901734][ T31] Call Trace: [ 1358.905082][ T31] [ 1358.908053][ T31] __schedule+0x16f5/0x4d00 [ 1358.912714][ T31] ? __lock_acquire+0xab9/0xd20 [ 1358.917619][ T31] ? schedule+0x165/0x360 [ 1358.922076][ T31] ? __pfx___schedule+0x10/0x10 [ 1358.926980][ T31] ? schedule+0x91/0x360 [ 1358.931361][ T31] schedule+0x165/0x360 [ 1358.935648][ T31] schedule_preempt_disabled+0x13/0x30 [ 1358.941221][ T31] __mutex_lock+0x724/0xe80 [ 1358.945940][ T31] ? __mutex_lock+0x51b/0xe80 [ 1358.950728][ T31] ? rfkill_register+0x37/0x8e0 [ 1358.955714][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 1358.960823][ T31] ? __raw_spin_lock_init+0x45/0x100 [ 1358.966182][ T31] ? __init_waitqueue_head+0xa9/0x150 [ 1358.971631][ T31] ? device_initialize+0x24b/0x440 [ 1358.977172][ T31] rfkill_register+0x37/0x8e0 [ 1358.981954][ T31] hci_register_dev+0x3f5/0x890 [ 1358.986838][ T31] vhci_create_device+0x39c/0x6e0 [ 1358.992034][ T31] vhci_write+0x3ce/0x4a0 [ 1358.996427][ T31] vfs_write+0x548/0xa90 [ 1359.000764][ T31] ? __pfx_vhci_write+0x10/0x10 [ 1359.005671][ T31] ? __pfx_vfs_write+0x10/0x10 [ 1359.010602][ T31] ? expand_files+0x6c8/0x7f0 [ 1359.015337][ T31] ? __lock_acquire+0xab9/0xd20 [ 1359.020299][ T31] ksys_write+0x145/0x250 [ 1359.024664][ T31] ? __pfx_ksys_write+0x10/0x10 [ 1359.029519][ T31] ? syscall_enter_from_user_mode_prepare+0x7f/0xe0 [ 1359.036229][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 1359.041525][ T31] __do_fast_syscall_32+0xb6/0x2b0 [ 1359.046668][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 1359.051979][ T31] do_fast_syscall_32+0x34/0x80 [ 1359.056866][ T31] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1359.063525][ T31] RIP: 0023:0xf7fd3539 [ 1359.067807][ T31] RSP: 002b:00000000ffd1cd60 EFLAGS: 00000206 ORIG_RAX: 0000000000000004 [ 1359.076363][ T31] RAX: ffffffffffffffda RBX: 00000000000000ca RCX: 00000000ffd1cdba [ 1359.084518][ T31] RDX: 0000000000000002 RSI: 00000000f7462ff4 RDI: 00000000f7495468 [ 1359.092677][ T31] RBP: 00000000ffd1cf48 R08: 0000000000000000 R09: 0000000000000000 [ 1359.100751][ T31] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 1359.108762][ T31] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1359.117006][ T31] [ 1359.120110][ T31] [ 1359.120110][ T31] Showing all locks held in the system: [ 1359.127864][ T31] 1 lock held by khungtaskd/31: [ 1359.132819][ T31] #0: ffffffff8e13eda0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180 [ 1359.142802][ T31] 4 locks held by kworker/u8:5/77: [ 1359.147943][ T31] #0: ffff88801b2fe148 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 1359.159058][ T31] #1: ffffc9000211fbc0 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 1359.169880][ T31] #2: ffffffff8f5036d0 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xf7/0x800 [ 1359.179292][ T31] #3: ffffffff8f7eb128 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_unregister+0xc8/0x220 [ 1359.189558][ T31] 2 locks held by dhcpcd/5498: [ 1359.194434][ T31] #0: ffffffff8f576470 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 1359.202733][ T31] #1: ffffffff8f576288 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790 [ 1359.211843][ T31] 2 locks held by getty/5596: [ 1359.216567][ T31] #0: ffff8880312c50a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 1359.226463][ T31] #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400 [ 1359.236694][ T31] 3 locks held by kworker/0:4/16127: [ 1359.242071][ T31] #0: ffff88801a480d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 1359.253159][ T31] #1: ffffc90005307bc0 ((work_completion)(&rfkill_global_led_trigger_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 1359.266752][ T31] #2: ffffffff8f7eb128 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_global_led_trigger_worker+0x27/0xd0 [ 1359.278207][ T31] 3 locks held by kworker/u8:3/16516: [ 1359.283893][ T31] 4 locks held by kworker/0:3/24754: [ 1359.289216][ T31] #0: ffff88801a480d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 1359.306273][ T31] #1: ffffc9000e917bc0 ((work_completion)(&rfkill->sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 1359.318842][ T31] #2: ffffffff8f7eb128 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_sync_work+0x2e/0x200 [ 1359.329118][ T31] #3: ffff888034169100 (&dev->mutex){....}-{4:4}, at: nfc_rfkill_set_block+0x50/0x2e0 [ 1359.338948][ T31] 1 lock held by syz-executor/25972: [ 1359.344402][ T31] #0: ffffffff8f7eb128 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_unregister+0xc8/0x220 [ 1359.354636][ T31] 1 lock held by syz.8.11916/3232: [ 1359.359752][ T31] #0: ffffffff8f7eb128 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_fop_release+0x4b/0x220 [ 1359.370207][ T31] 1 lock held by syz.8.11916/3233: [ 1359.375356][ T31] #0: ffff888034169100 (&dev->mutex){....}-{4:4}, at: nfc_unregister_device+0x63/0x2a0 [ 1359.385229][ T31] 2 locks held by syz-executor/3607: [ 1359.390647][ T31] #0: ffff888064c6a918 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x6e0 [ 1359.403471][ T31] #1: ffffffff8f7eb128 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0 [ 1359.413590][ T31] 3 locks held by syz.6.12183/3903: [ 1359.418823][ T31] #0: ffffffff8f576470 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 1359.427200][ T31] #1: ffffffff8f576288 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790 [ 1359.436308][ T31] #2: ffffffff8f7eb128 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0 [ 1359.446394][ T31] 2 locks held by syz.1.12185/3907: [ 1359.451720][ T31] #0: ffffffff8f576470 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 1359.460378][ T31] #1: ffffffff8f576288 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790 [ 1359.469410][ T31] 2 locks held by syz-executor/4110: [ 1359.474758][ T31] #0: ffff888025498918 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x6e0 [ 1359.484908][ T31] #1: ffffffff8f7eb128 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0 [ 1359.494961][ T31] 2 locks held by syz-executor/4116: [ 1359.500369][ T31] #0: ffff8880328db118 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x6e0 [ 1359.510906][ T31] #1: ffffffff8f7eb128 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0 [ 1359.521132][ T31] [ 1359.523481][ T31] ============================================= [ 1359.523481][ T31] [ 1359.531993][ T31] NMI backtrace for cpu 0 [ 1359.532007][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(full) [ 1359.532029][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1359.532041][ T31] Call Trace: [ 1359.532049][ T31] [ 1359.532058][ T31] dump_stack_lvl+0x189/0x250 [ 1359.532088][ T31] ? __wake_up_klogd+0xd9/0x110 [ 1359.532113][ T31] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1359.532141][ T31] ? __pfx__printk+0x10/0x10 [ 1359.532177][ T31] nmi_cpu_backtrace+0x39e/0x3d0 [ 1359.532200][ T31] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 1359.532218][ T31] ? _printk+0xcf/0x120 [ 1359.532237][ T31] ? __pfx__printk+0x10/0x10 [ 1359.532260][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 1359.532283][ T31] nmi_trigger_cpumask_backtrace+0x17a/0x300 [ 1359.532305][ T31] watchdog+0xfee/0x1030 [ 1359.532327][ T31] ? watchdog+0x1de/0x1030 [ 1359.532353][ T31] kthread+0x70e/0x8a0 [ 1359.532373][ T31] ? __pfx_watchdog+0x10/0x10 [ 1359.532392][ T31] ? __pfx_kthread+0x10/0x10 [ 1359.532410][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 1359.532431][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 1359.532452][ T31] ? __pfx_kthread+0x10/0x10 [ 1359.532469][ T31] ret_from_fork+0x3f9/0x770 [ 1359.532493][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 1359.532518][ T31] ? __switch_to_asm+0x39/0x70 [ 1359.532533][ T31] ? __switch_to_asm+0x33/0x70 [ 1359.532547][ T31] ? __pfx_kthread+0x10/0x10 [ 1359.532565][ T31] ret_from_fork_asm+0x1a/0x30 [ 1359.532591][ T31] [ 1359.532601][ T31] Sending NMI from CPU 0 to CPUs 1: [ 1359.691046][ C1] NMI backtrace for cpu 1 [ 1359.691063][ C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(full) [ 1359.691083][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1359.691094][ C1] RIP: 0010:pv_native_safe_halt+0x13/0x20 [ 1359.691124][ C1] Code: cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 23 d6 21 00 f3 0f 1e fa fb f4 cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 [ 1359.691139][ C1] RSP: 0018:ffffc90000197de0 EFLAGS: 000002c6 [ 1359.691155][ C1] RAX: 689fcd0bfd666800 RBX: ffffffff81975d58 RCX: 689fcd0bfd666800 [ 1359.691169][ C1] RDX: 0000000000000001 RSI: ffffffff8d9823c9 RDI: ffffffff8be28b80 [ 1359.691181][ C1] RBP: ffffc90000197f20 R08: ffff8880b8732f5b R09: 1ffff110170e65eb [ 1359.691194][ C1] R10: dffffc0000000000 R11: ffffed10170e65ec R12: ffffffff8fa10df0 [ 1359.691207][ C1] R13: 0000000000000001 R14: 0000000000000001 R15: 1ffff11003a5eb40 [ 1359.691219][ C1] FS: 0000000000000000(0000) GS:ffff888125d51000(0000) knlGS:0000000000000000 [ 1359.691233][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1359.691245][ C1] CR2: 0000555aeb8c9a08 CR3: 000000000df38000 CR4: 00000000003526f0 [ 1359.691260][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1359.691271][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1359.691281][ C1] Call Trace: [ 1359.691288][ C1] [ 1359.691295][ C1] default_idle+0x13/0x20 [ 1359.691312][ C1] default_idle_call+0x74/0xb0 [ 1359.691331][ C1] do_idle+0x1e8/0x510 [ 1359.691349][ C1] ? __pfx_do_idle+0x10/0x10 [ 1359.691372][ C1] cpu_startup_entry+0x44/0x60 [ 1359.691387][ C1] start_secondary+0x101/0x110 [ 1359.691408][ C1] common_startup_64+0x13e/0x147 [ 1359.691435][ C1] [ 1359.692097][ T31] Kernel panic - not syncing: hung_task: blocked tasks [ 1359.877237][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc2-syzkaller-00087-g24770983ccfe #0 PREEMPT(full) [ 1359.889068][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1359.899145][ T31] Call Trace: [ 1359.902447][ T31] [ 1359.905498][ T31] dump_stack_lvl+0x99/0x250 [ 1359.910138][ T31] ? __asan_memcpy+0x40/0x70 [ 1359.914757][ T31] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1359.919994][ T31] ? __pfx__printk+0x10/0x10 [ 1359.924651][ T31] panic+0x2db/0x790 [ 1359.928609][ T31] ? __pfx_panic+0x10/0x10 [ 1359.933048][ T31] ? nmi_backtrace_stall_check+0x433/0x440 [ 1359.938889][ T31] ? preempt_schedule_thunk+0x16/0x30 [ 1359.944285][ T31] ? nmi_trigger_cpumask_backtrace+0x2b6/0x300 [ 1359.950480][ T31] watchdog+0x102d/0x1030 [ 1359.954832][ T31] ? watchdog+0x1de/0x1030 [ 1359.959268][ T31] kthread+0x70e/0x8a0 [ 1359.963361][ T31] ? __pfx_watchdog+0x10/0x10 [ 1359.968071][ T31] ? __pfx_kthread+0x10/0x10 [ 1359.972678][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 1359.977901][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 1359.983123][ T31] ? __pfx_kthread+0x10/0x10 [ 1359.987721][ T31] ret_from_fork+0x3f9/0x770 [ 1359.992329][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 1359.997482][ T31] ? __switch_to_asm+0x39/0x70 [ 1360.002279][ T31] ? __switch_to_asm+0x33/0x70 [ 1360.007086][ T31] ? __pfx_kthread+0x10/0x10 [ 1360.011723][ T31] ret_from_fork_asm+0x1a/0x30 [ 1360.016519][ T31] [ 1360.019897][ T31] Kernel Offset: disabled [ 1360.024248][ T31] Rebooting in 86400 seconds..