last executing test programs: 9m18.090180485s ago: executing program 1 (id=14906): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/locks\x00', 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 9m18.088556998s ago: executing program 1 (id=14907): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)={{0x14}, [@NFT_MSG_NEWRULE={0x74, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x48, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @socket={{0xb}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_SOCKET_DREG={0x8, 0x2, 0x1, 0x0, 0xb}, @NFTA_SOCKET_KEY={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SOCKET_LEVEL={0x8, 0x3, 0x89}]}}}, {0x18, 0x1, 0x0, 0x1, @dup_ipv6={{0x8}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_DUP_SREG_ADDR={0x8, 0x1, 0x1, 0x0, 0xc}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x9c}}, 0x0) 9m18.030319009s ago: executing program 1 (id=14909): r0 = syz_io_uring_setup(0x4df, &(0x7f0000000300)={0x0, 0x235d, 0x10100, 0x0, 0x2d8}, &(0x7f0000000180)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_UNLINKAT={0x24, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}) io_uring_enter(r0, 0x3023, 0x4000, 0x40, 0x0, 0x28) 9m17.960973103s ago: executing program 1 (id=14913): r0 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) mount$9p_fd(0x0, 0x0, 0x0, 0x21c804, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rf']) ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r0, 0x50009405, &(0x7f0000000180)) 9m17.908397069s ago: executing program 1 (id=14916): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20) fcntl$setstatus(r0, 0x4, 0x400) 9m17.908192376s ago: executing program 1 (id=14917): r0 = socket$rxrpc(0x21, 0x2, 0xa) poll(&(0x7f0000000a40)=[{r0, 0x2}], 0x1, 0x7f) setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000000200), 0x4) 9m1.690293815s ago: executing program 32 (id=14917): r0 = socket$rxrpc(0x21, 0x2, 0xa) poll(&(0x7f0000000a40)=[{r0, 0x2}], 0x1, 0x7f) setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000000200), 0x4) 8m26.92356268s ago: executing program 3 (id=15959): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x3, 0x13, &(0x7f00000001c0)=@framed={{0x18, 0x2, 0x0, 0x0, 0x7786}, [@printk={@p, {0x3, 0x3, 0x3, 0xa, 0x1, 0xfe00}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4}}, @printk={@llx, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x7b}}]}, 0x0, 0x5, 0x0, 0x0, 0x41000, 0xc}, 0x94) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0x13, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002420702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000228500000094"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r0, 0x0, 0xfffffffffffffd5f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) 8m26.865365976s ago: executing program 3 (id=15961): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) 8m26.860322386s ago: executing program 3 (id=15966): r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) ptrace$setregset(0x4205, r0, 0x200, &(0x7f00000001c0)={&(0x7f0000000000)="c9453900000000000000000028685636", 0x10}) 8m26.795967435s ago: executing program 3 (id=15969): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$nfs4(&(0x7f0000000040)='/', &(0x7f0000000080)='./file0\x00', 0x0, 0x197841, 0x0) umount2(&(0x7f0000000100)='./file0\x00', 0x8) 8m26.771352729s ago: executing program 3 (id=15971): r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000440)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r0, 0xc05064a7, &(0x7f0000000640)={0x0, 0x0, &(0x7f00000001c0)=[0x0], 0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0, r1}) 8m26.315163292s ago: executing program 3 (id=15978): mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) r0 = eventfd2(0x8, 0x1) write$eventfd(r0, &(0x7f0000000040)=0x6, 0x8) 8m26.209898135s ago: executing program 33 (id=15978): mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) r0 = eventfd2(0x8, 0x1) write$eventfd(r0, &(0x7f0000000040)=0x6, 0x8) 6m21.759328615s ago: executing program 5 (id=19846): r0 = syz_clone(0x2020000, 0x0, 0x41, 0x0, 0x0, 0x0) ptrace(0x4206, r0) ptrace(0x4207, r0) 6m21.758578343s ago: executing program 5 (id=19847): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, 0x3a, 0x301, 0x70bd25, 0xfffffffc, {0x8}}, 0x14}, 0x1, 0x0, 0x0, 0x448d3}, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), r0) 6m21.641533587s ago: executing program 5 (id=19848): r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0) ioctl$VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x6e, 0xa, 0x1}) ioctl$VIDIOC_S_STD(r0, 0x40085618, &(0x7f0000000040)=0xb700) 6m21.641376943s ago: executing program 5 (id=19849): r0 = syz_open_procfs(0x0, &(0x7f00000003c0)='oom_adj\x00') writev(r0, &(0x7f0000000140)=[{&(0x7f0000000280)='0', 0x1}], 0x1) read$FUSE(r0, 0x0, 0x0) 6m21.540145359s ago: executing program 5 (id=19850): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000080)={0x8}) fstat(r0, &(0x7f0000000300)) 6m21.457291132s ago: executing program 5 (id=19853): r0 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r0, &(0x7f0000000080), 0x10) sendmsg$can_bcm(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x6, 0x0, 0x0, {}, {0x77359400}, {}, 0x1, @can={{}, 0x3, 0x2}}, 0x48}}, 0x0) 6m5.359643103s ago: executing program 34 (id=19853): r0 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r0, &(0x7f0000000080), 0x10) sendmsg$can_bcm(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x6, 0x0, 0x0, {}, {0x77359400}, {}, 0x1, @can={{}, 0x3, 0x2}}, 0x48}}, 0x0) 5m18.933570417s ago: executing program 4 (id=20738): r0 = socket(0x2b, 0x1, 0x0) listen(r0, 0x0) bind(r0, &(0x7f0000000080)=@l2tp6={0xa, 0x0, 0x2, @loopback, 0x194e, 0x1}, 0x80) 5m18.864768099s ago: executing program 4 (id=20739): mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) getsockopt$inet6_mreq(r0, 0x3a, 0x1, 0x0, &(0x7f0000000040)) 5m18.864569938s ago: executing program 4 (id=20740): r0 = syz_io_uring_setup(0x1714, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_RECVMSG={0xa, 0x20, 0x2, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe94}}) io_uring_enter(r0, 0x27e2, 0x0, 0x0, 0x0, 0x0) 5m18.768952767s ago: executing program 4 (id=20741): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x16, 0xe, &(0x7f0000001480)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe00000000850000001a000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d55906000000000f0000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd8000000000000080231c61ccd106cb937b450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e1179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9ccd5788029901e5a79d8b9990ace8f74087f25ad50c4608800"/686], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000340)}, 0x42) bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000080)="05804ab382844306d758e620b9dc", 0x0, 0x12c4, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 5m18.539618121s ago: executing program 4 (id=20744): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x51) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000080)={0x8}) symlinkat(&(0x7f0000000000)='.\x00', 0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00') 5m18.308904803s ago: executing program 4 (id=20746): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x1, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8ab8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r1, 0x0, 0xe, 0x0, &(0x7f0000000000)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 5m1.924617043s ago: executing program 35 (id=20746): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x1, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8ab8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r1, 0x0, 0xe, 0x0, &(0x7f0000000000)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 3m32.537740549s ago: executing program 0 (id=22712): mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0) execve(&(0x7f0000000740)='./file0\x00', 0x0, 0x0) link(&(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') rename(&(0x7f0000000180)='./file0\x00', &(0x7f0000000440)='./file0\x00') 3m32.508005495s ago: executing program 0 (id=22714): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$FS_IOC_FSGETXATTR(r0, 0x400455c8, 0x0) ioctl$TIOCVHANGUP(r0, 0x5437, 0x0) 3m30.258968232s ago: executing program 0 (id=22758): mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000003c0), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) write$FUSE_NOTIFY_STORE(r0, &(0x7f0000000140)={0x29, 0x4, 0x0, {0x1, 0x0, 0x1, 0x0, [0x0]}}, 0x29) 3m30.222740212s ago: executing program 0 (id=22759): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$nfs4(&(0x7f0000000040)='/', &(0x7f0000000280)='./file0\x00', 0x0, 0x97801, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x112) 3m30.050125473s ago: executing program 0 (id=22760): capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000001080)={0x200000, 0x200000}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) r0 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000400)={'sit0\x00'}) 3m29.31524692s ago: executing program 0 (id=22776): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_ro(r0, &(0x7f0000000240)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0) preadv2(r1, &(0x7f0000000040)=[{&(0x7f0000000100)=""/65, 0x77}], 0x1, 0x0, 0x0, 0x0) 3m29.23552366s ago: executing program 36 (id=22776): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_ro(r0, &(0x7f0000000240)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0) preadv2(r1, &(0x7f0000000040)=[{&(0x7f0000000100)=""/65, 0x77}], 0x1, 0x0, 0x0, 0x0) 1m57.701141775s ago: executing program 2 (id=24372): r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2) r1 = syz_open_dev$dri(&(0x7f0000000140), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_ADDFB2(r1, 0xc06864b8, &(0x7f0000000580)={0x0, 0x2000, 0x80, 0x3231564e, 0x2, [0x2], [0x2000], [0x7fffffff, 0x0, 0x0, 0x2], [0x400000000000001]}) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0xf0f002, 0x6}) 1m57.600712838s ago: executing program 2 (id=24375): r0 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'batadv0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=@newlink={0x4c, 0x10, 0xffffffffffffffff, 0x70bd27, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, 0x115}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6, 0x1, 0x4}]}}}, @IFLA_LINK={0x8, 0x5, r2}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x4c}, 0x1, 0x0, 0x0, 0x28001}, 0x0) 1m57.546556703s ago: executing program 2 (id=24376): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_ro(r0, &(0x7f0000000100)='cpuacct.usage_all\x00', 0x275a, 0x0) read$alg(r1, &(0x7f0000000040)=""/136, 0x88) 1m57.47890636s ago: executing program 2 (id=24378): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262) 1m57.474789711s ago: executing program 2 (id=24380): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000003c0)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10) r1 = openat$snapshot(0xffffff9c, &(0x7f0000000400), 0x8003, 0x0) ioctl$SNAPSHOT_PLATFORM_SUPPORT(r1, 0x330f, 0x8) 1m56.510252398s ago: executing program 2 (id=24394): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000780), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x38, r1, 0x5, 0x0, 0x1fffe, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BSS_BASIC_RATES={0x5, 0x24, [{0x1d, 0x1}]}]}, 0x38}}, 0x0) 1m56.510181554s ago: executing program 37 (id=24394): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000780), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x38, r1, 0x5, 0x0, 0x1fffe, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BSS_BASIC_RATES={0x5, 0x24, [{0x1d, 0x1}]}]}, 0x38}}, 0x0) 613.409781ms ago: executing program 6 (id=26499): openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x42, 0x8) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) mount$fuseblk(&(0x7f0000000240), &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f0000000440)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x1000}}) umount2(&(0x7f0000000340)='./file0\x00', 0x9) 457.617176ms ago: executing program 6 (id=26505): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01020000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}, 0x1, 0x0, 0x0, 0x24048011}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000d80)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000d00)=ANY=[@ANYBLOB="140000001000010000000000000000000220000a3c000000120a09080000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a"], 0x64}, 0x1, 0x0, 0x0, 0x5}, 0x0) 427.221454ms ago: executing program 8 (id=26507): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000300)='proc\x00', 0x0, 0x0) chroot(&(0x7f0000000000)='./file0/../file0\x00') mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0) pivot_root(&(0x7f00000004c0)='./file0/../file0\x00', &(0x7f0000000540)='./file0/../file0\x00') 394.564977ms ago: executing program 7 (id=26508): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'veth1_macvtap\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000280)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x75492b8c888d227a, 0x2}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0xc, 0x2, [@TCA_FQ_CODEL_QUANTUM={0x8, 0x6, 0x100005e3}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x240000d0}, 0x20004000) 387.786207ms ago: executing program 8 (id=26509): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000200)='notify_on_release\x00', 0x2, 0x0) write$cgroup_int(r1, &(0x7f0000000040)=0x2, 0x12) 321.538297ms ago: executing program 9 (id=26510): mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0) mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000008080)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x152) 320.895764ms ago: executing program 6 (id=26511): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x83000000}, {0x85, 0x0, 0x0, 0x71}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) r2 = dup(r0) write$UHID_INPUT(r2, &(0x7f0000001040)={0xe, {"a2e3ad099b0d09451b5e090987f70e06d038e7ff7fc6e5539b0d3d0e8b089b3f323063090810e0879b0f0ac6e70a9b334d959b669a240d5b0af3988f7ef31952010affe8d178708c523c921b1b5b07070d073e0936cd3b78130daa61d8e81a0006005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397273ce1766769f0c91c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b7638354a1236e80f6a8abadea7662496bddbc42be6bfb2f17959d1faf6e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc3609aa24b7d520fb29d095083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130bb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d858647a6526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710000000000000039f00bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f80800000000000000bdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f19d684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4a1b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3493e03f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a4f0492d48604675fde2b34cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827955e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb9754fb4b55668dda93aec92a5de203717a284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb189fb135c695a2de3a340047228032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d0676d95f160ec97b1ad94e7475cb74642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c022babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd72ea4998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5ff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c58b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035953faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1d97ba02fc42939dde3d4a3339a65d507dc59c51097b50517705da56e9ebf0afa53282bff6235734352c19966eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864af090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d885b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1a85ae7e69fd1a47a284f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b344340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcb7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c2e14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ec00000000000000b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a52830052fcc460db043afe525629b48d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72a0f4b5482b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec685f068ea88067d905ea917bb03eefdaebdeabf2d0dce81204c915c8949de992587c2cb5fe36d7d3e5db21b094b8b7794cb5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7fb6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f49010c0000002c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000", 0x1000}}, 0x1006) 316.277347ms ago: executing program 7 (id=26512): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000480)={@in={{0x2, 0x4e1f, @loopback}}, 0x0, 0x20000000005, 0x49, 0x0, "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000"}, 0xd8) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast2}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x240087f9, &(0x7f0000000100)={0x2, 0x4e23, @loopback}, 0x10) close(r0) 297.261202ms ago: executing program 9 (id=26513): bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0) close(r0) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a8000000180100002020692100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_BIND_MAP(0xa, 0x0, 0x0) 280.528923ms ago: executing program 8 (id=26514): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10) sysinfo(&(0x7f0000000600)=""/230) 278.805868ms ago: executing program 7 (id=26515): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff) r0 = syz_clone(0x1022000, 0x0, 0xfffffffffffffc76, 0x0, 0x0, 0x0) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r2 = openat$cgroup_procs(r1, &(0x7f0000000180)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r2, &(0x7f0000000080)=r0, 0x12) 252.524084ms ago: executing program 6 (id=26516): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000140)={'batadv0\x00', 0x0}) r2 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), r0) sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)={0x2c, r2, 0x1, 0x70bd29, 0x25dfdbfb, {}, [@BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0xffffffff}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r1}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}]}, 0x2c}, 0x1, 0x0, 0x0, 0x48000}, 0x0) 249.655215ms ago: executing program 8 (id=26517): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0xc0041, 0x0) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$FS_IOC_GETFLAGS(r1, 0x5437, 0x0) r2 = epoll_create(0x80f04) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000300)) 198.795121ms ago: executing program 9 (id=26518): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) fchown(r0, 0x0, 0xee01) fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xffffffc6) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) openat(r1, &(0x7f00000000c0)='.\x00', 0x515401, 0x408) 197.920418ms ago: executing program 8 (id=26519): r0 = syz_io_uring_setup(0x111, &(0x7f00000000c0)={0x0, 0x24ad, 0x10000, 0x1, 0x1de}, &(0x7f00000029c0)=0x0, &(0x7f0000000000)=0x0) r3 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r3, 0x402, 0x8000001f) syz_io_uring_submit(r1, r2, &(0x7f0000001040)=@IORING_OP_CLOSE={0x13, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x1}) io_uring_enter(r0, 0x1733, 0x6323, 0x20, 0x0, 0x0) 192.689523ms ago: executing program 9 (id=26520): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01020000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}, 0x1, 0x0, 0x0, 0x24048011}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000d80)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000d00)=ANY=[@ANYBLOB="140000001000010000000000000000000220000a3c000000120a09080000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a"], 0x64}, 0x1, 0x0, 0x0, 0x5}, 0x0) 182.221228ms ago: executing program 6 (id=26521): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount$tmpfs(0x0, &(0x7f0000000400)='./file0/../file0\x00', &(0x7f0000000380), 0x0, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00') ppoll(&(0x7f0000000180)=[{r0, 0x24}], 0x1, 0x0, 0x0, 0x0) umount2(&(0x7f0000000340)='./file0/../file0\x00', 0x0) 155.149735ms ago: executing program 7 (id=26522): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000200)='notify_on_release\x00', 0x2, 0x0) write$cgroup_int(r1, &(0x7f0000000040)=0x2, 0x12) 154.386449ms ago: executing program 8 (id=26523): r0 = socket$inet6_sctp(0xa, 0x801, 0x84) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000140)={0x1, [0x0]}, &(0x7f0000000240)=0x8) setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000080)={0x8efd, 0x0, 0x4, 0x800, 0xc0, 0x1, 0x67, 0x401, r2}, 0x20) 89.977258ms ago: executing program 7 (id=26524): r0 = epoll_create1(0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40088a01, &(0x7f0000000000)=0x100) r1 = socket(0x10, 0x803, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0xe0000002}) sendmsg$nl_generic(r1, &(0x7f0000000d40)={0x0, 0x0, &(0x7f0000000d00)={&(0x7f0000000ac0)={0x14, 0x17, 0x1, 0x70bd25, 0x25dfdbfc, {0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x20) 23.67149ms ago: executing program 9 (id=26525): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="05000000050000000200000004"], 0x48) close(0x3) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000000)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b703000000000000850000002d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000300)='tlb_flush\x00', r1}, 0x10) 18.029143ms ago: executing program 9 (id=26526): r0 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0) getsockname$packet(r0, &(0x7f0000000600)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c0000001000850600000000ff6122314a000800", @ANYRES32=r1, @ANYBLOB="f5ff0f00252155b21c0012000c000100626f6e64000000000c0002000800010001"], 0x3c}}, 0x40000) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x503, 0x70bd2d, 0x700, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @gre={{0x8}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}, @IFLA_MASTER={0x8, 0xa, r1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x2000000) 7.789777ms ago: executing program 6 (id=26527): r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)) r1 = syz_io_uring_setup(0x1e1e, &(0x7f0000000200)={0x0, 0xc4bc, 0x10100, 0x0, 0xbe}, &(0x7f0000002000)=0x0, &(0x7f0000000000)=0x0) syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x22}) io_uring_enter(r1, 0x48eb, 0x1158, 0x2, 0x0, 0x0) 0s ago: executing program 7 (id=26528): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="2c385aa3d49100dc6626c892b6bc436a", 0x10) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg$unix(r1, &(0x7f0000008040)=[{{0x0, 0x0, &(0x7f0000003d80)=[{&(0x7f0000001840)=']', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f00000003c0)=[{0x0, 0xf00}, {&(0x7f0000000300)="43da", 0x2}], 0x2, 0x0, 0x0, 0x841}}], 0x2, 0x20008090) kernel console output (not intermixed with test programs): 1652][ T40] audit: type=1326 audit(2000000401.789:30613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23807 comm="syz.8.23657" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa3579 code=0x7ffc0000 [ 730.058837][ T40] audit: type=1326 audit(2000000401.789:30614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23807 comm="syz.8.23657" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fa3598 code=0x7ffc0000 [ 730.066921][ T40] audit: type=1326 audit(2000000401.789:30615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23807 comm="syz.8.23657" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa3579 code=0x7ffc0000 [ 730.076706][ T40] audit: type=1326 audit(2000000401.789:30616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23807 comm="syz.8.23657" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fa3598 code=0x7ffc0000 [ 730.086181][ T40] audit: type=1326 audit(2000000401.789:30617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23807 comm="syz.8.23657" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa3579 code=0x7ffc0000 [ 730.094778][ T40] audit: type=1326 audit(2000000401.789:30618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23807 comm="syz.8.23657" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fa3598 code=0x7ffc0000 [ 730.103763][ T40] audit: type=1326 audit(2000000401.789:30619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23807 comm="syz.8.23657" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fa3598 code=0x7ffc0000 [ 730.111236][ T40] audit: type=1326 audit(2000000401.789:30620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23807 comm="syz.8.23657" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fa3598 code=0x7ffc0000 [ 730.126714][T23812] netlink: 4 bytes leftover after parsing attributes in process `syz.7.23659'. [ 730.193333][T23817] can0: slcan on ttyS3. [ 730.326830][T23817] can0 (unregistered): slcan off ttyS3. [ 730.525248][T23830] binder: 23829:23830 ioctl c00c620f 800000c0 returned -22 [ 730.823204][ T845] kernel read not supported for file /dsp (pid: 845 comm: kworker/0:2) [ 731.514895][ T6103] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 731.650217][T23916] netlink: 8 bytes leftover after parsing attributes in process `syz.8.23707'. [ 731.654237][T23916] netlink: 12 bytes leftover after parsing attributes in process `syz.8.23707'. [ 731.736828][T23924] Bluetooth: MGMT ver 1.23 [ 731.738957][T23924] Bluetooth: hci1: too big key_count value 11787 [ 731.833445][T23931] gfs2: path_lookup on returned error -2 [ 731.866677][ T6103] Bluetooth: hci1: command tx timeout [ 731.965672][T23945] netlink: 4 bytes leftover after parsing attributes in process `syz.7.23721'. [ 732.276060][T23964] (syz.7.23730,23964,0):dlmfs_mkdir:421 ERROR: invalid domain name for directory. [ 732.482980][T23980] sit0: entered promiscuous mode [ 732.491595][T23980] netlink: 'syz.6.23738': attribute type 1 has an invalid length. [ 732.494206][T23980] netlink: 1 bytes leftover after parsing attributes in process `syz.6.23738'. [ 733.533916][ T6040] usb 13-1: new high-speed USB device number 2 using dummy_hcd [ 733.567808][T24037] tipc: Resetting bearer [ 733.571660][T24037] tipc: Resetting bearer [ 733.596384][T24037] tipc: Resetting bearer [ 733.600195][T24037] tipc: Resetting bearer [ 733.645876][T24037] netlink: 'syz.2.23765': attribute type 16 has an invalid length. [ 733.649341][T24037] netlink: 'syz.2.23765': attribute type 17 has an invalid length. [ 733.653826][T24037] tunl0: left promiscuous mode [ 733.655929][T24037] tunl0: left allmulticast mode [ 733.659190][T24037] gre0: left promiscuous mode [ 733.661357][T24037] gre0: left allmulticast mode [ 733.664826][T24037] gretap0: left promiscuous mode [ 733.667000][T24037] gretap0: left allmulticast mode [ 733.670154][T24037] erspan0: left promiscuous mode [ 733.672347][T24037] erspan0: left allmulticast mode [ 733.675972][T24037] ip_vti0: left promiscuous mode [ 733.678084][T24037] ip_vti0: left allmulticast mode [ 733.681278][T24037] ip6_vti0: left promiscuous mode [ 733.683572][T24037] ip6_vti0: left allmulticast mode [ 733.687191][T24037] sit0: left promiscuous mode [ 733.689256][T24037] sit0: left allmulticast mode [ 733.692779][T24037] ip6tnl0: left promiscuous mode [ 733.695036][T24037] ip6tnl0: left allmulticast mode [ 733.698018][T24037] ip6gre0: left promiscuous mode [ 733.700199][T24037] ip6gre0: left allmulticast mode [ 733.702854][T24037] tipc: Resetting bearer [ 733.707564][T24037] ip6gretap0: left promiscuous mode [ 733.709833][T24037] ip6gretap0: left allmulticast mode [ 733.712792][T24037] vcan0: left promiscuous mode [ 733.714928][T24037] vcan0: left allmulticast mode [ 733.718248][T24037] .`: left promiscuous mode [ 733.718307][ T6040] usb 13-1: unable to get BOS descriptor or descriptor too short [ 733.720240][T24037] bond_slave_0: left promiscuous mode [ 733.720370][T24037] bond_slave_1: left promiscuous mode [ 733.724657][ T6040] usb 13-1: config 129 has an invalid interface number: 135 but max is 0 [ 733.725354][T24037] team0: left promiscuous mode [ 733.727693][ T6040] usb 13-1: config 129 has an invalid interface number: 5 but max is 0 [ 733.730532][T24037] team_slave_1: left promiscuous mode [ 733.732465][ T6040] usb 13-1: config 129 has 2 interfaces, different from the descriptor's value: 1 [ 733.736204][T24037] batadv_slave_0: left promiscuous mode [ 733.740692][ T6040] usb 13-1: config 129 has no interface number 0 [ 733.741931][T24037] .`: left allmulticast mode [ 733.744127][ T6040] usb 13-1: config 129 has no interface number 1 [ 733.746129][T24037] bond_slave_0: left allmulticast mode [ 733.746142][T24037] bond_slave_1: left allmulticast mode [ 733.748885][ T6040] usb 13-1: config 129 interface 135 altsetting 6 has 0 endpoint descriptors, different from the interface descriptor's value: 5 [ 733.750372][T24037] team0: left allmulticast mode [ 733.753143][ T6040] usb 13-1: too many endpoints for config 129 interface 5 altsetting 7: 37, using maximum allowed: 30 [ 733.754471][T24037] team_slave_1: left allmulticast mode [ 733.754485][T24037] batadv_slave_0: left allmulticast mode [ 733.759929][ T6040] usb 13-1: config 129 interface 5 altsetting 7 has 0 endpoint descriptors, different from the interface descriptor's value: 37 [ 733.762400][T24037] dummy0: left promiscuous mode [ 733.766085][ T6040] usb 13-1: config 129 interface 135 has no altsetting 0 [ 733.769431][T24037] nlmon0: left promiscuous mode [ 733.770220][ T6040] usb 13-1: config 129 interface 5 has no altsetting 0 [ 733.774243][T24037] nlmon0: left allmulticast mode [ 733.779608][ T6040] usb 13-1: string descriptor 0 read error: -22 [ 733.784675][ T6040] usb 13-1: New USB device found, idVendor=2040, idProduct=721f, bcdDevice=f2.00 [ 733.788998][ T6040] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 733.803048][ T6040] usb 13-1: Quirk or no altset; falling back to MIDI 1.0 [ 733.805716][ T6040] usb 13-1: MIDIStreaming interface descriptor not found [ 733.833514][T24037] caif0: left promiscuous mode [ 733.835628][T24037] caif0: left allmulticast mode [ 733.837741][T24037] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 734.070306][T17952] usb 13-1: USB disconnect, device number 2 [ 734.081011][T24064] debugfs: 'ttyS3' already exists in 'caif_serial' [ 734.557382][T24087] bridge_slave_0: entered promiscuous mode [ 734.668009][T24095] netlink: 8 bytes leftover after parsing attributes in process `syz.6.23792'. [ 734.671871][T24095] netlink: 4 bytes leftover after parsing attributes in process `syz.6.23792'. [ 734.675762][T24095] netlink: 'syz.6.23792': attribute type 13 has an invalid length. [ 734.679319][T24095] netlink: 'syz.6.23792': attribute type 12 has an invalid length. [ 734.997207][T24133] netlink: 88 bytes leftover after parsing attributes in process `syz.6.23810'. [ 735.060450][T24138] tipc: Started in network mode [ 735.062248][T24138] tipc: Node identity ac14140f, cluster identity 4711 [ 735.065791][T24138] tipc: New replicast peer: 255.255.255.255 [ 735.068513][T24138] tipc: Enabled bearer , priority 10 [ 735.182589][T24149] netlink: 4 bytes leftover after parsing attributes in process `syz.7.23817'. [ 735.916244][T24192] binder: Binderfs stats mode cannot be changed during a remount [ 736.009384][ T56] kernel read not supported for file /audio (pid: 56 comm: kworker/1:1) [ 736.260659][ T56] tipc: Node number set to 2886997007 [ 736.316537][ T56] kernel read not supported for file /vbi0 (pid: 56 comm: kworker/1:1) [ 737.101706][T24259] netlink: 4 bytes leftover after parsing attributes in process `syz.8.23869'. [ 737.144138][T24263] netlink: 212352 bytes leftover after parsing attributes in process `syz.6.23871'. [ 737.445209][T24280] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only [ 737.450533][T24280] overlayfs: fs on '.' does not support file handles, falling back to index=off,nfs_export=off. [ 737.455239][T24280] overlayfs: failed to set uuid (993/file0, err=-13); falling back to uuid=null. [ 738.252500][T24316] netlink: 60 bytes leftover after parsing attributes in process `syz.6.23897'. [ 738.811611][ T6110] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 738.819650][ T6110] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 738.823730][ T6110] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 738.827277][ T6110] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 738.830424][ T6110] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 738.937670][ T40] kauditd_printk_skb: 53 callbacks suppressed [ 738.937682][ T40] audit: type=1804 audit(2000000666.173:30674): pid=24344 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.23910" name="/newroot/5922/file1" dev="tmpfs" ino=29877 res=1 errno=0 [ 738.947862][ T40] audit: type=1800 audit(2000000666.173:30675): pid=24344 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.23910" name="file1" dev="tmpfs" ino=29877 res=0 errno=0 [ 739.130730][ T1258] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 739.480526][ T1258] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 739.495855][ T845] kernel read not supported for file /dsp (pid: 845 comm: kworker/0:2) [ 739.735568][ T1258] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 739.802471][T24337] chnl_net:caif_netlink_parms(): no params data found [ 739.822416][ T40] audit: type=1326 audit(2000000667.005:30676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24387 comm="syz.8.23927" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa3579 code=0x7ffc0000 [ 739.831834][ T40] audit: type=1326 audit(2000000667.005:30677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24387 comm="syz.8.23927" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa3579 code=0x7ffc0000 [ 739.841125][ T40] audit: type=1326 audit(2000000667.005:30678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24387 comm="syz.8.23927" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf7fa3579 code=0x7ffc0000 [ 739.852243][ T40] audit: type=1326 audit(2000000667.005:30679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24387 comm="syz.8.23927" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa3579 code=0x7ffc0000 [ 739.862788][ T40] audit: type=1326 audit(2000000667.005:30680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24387 comm="syz.8.23927" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa3579 code=0x7ffc0000 [ 739.872248][ T40] audit: type=1326 audit(2000000667.005:30681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24387 comm="syz.8.23927" exe="/syz-executor" sig=0 arch=40000003 syscall=260 compat=1 ip=0xf7fa3579 code=0x7ffc0000 [ 739.881585][ T40] audit: type=1326 audit(2000000667.005:30682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24387 comm="syz.8.23927" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fa3598 code=0x7ffc0000 [ 739.890765][ T40] audit: type=1326 audit(2000000667.005:30683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24387 comm="syz.8.23927" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fa3598 code=0x7ffc0000 [ 740.014386][ T1258] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 740.402046][T24337] bridge0: port 1(bridge_slave_0) entered blocking state [ 740.404692][T24337] bridge0: port 1(bridge_slave_0) entered disabled state [ 740.407365][T24337] bridge_slave_0: entered allmulticast mode [ 740.411409][T24337] bridge_slave_0: entered promiscuous mode [ 740.416261][T24337] bridge0: port 2(bridge_slave_1) entered blocking state [ 740.419595][T24337] bridge0: port 2(bridge_slave_1) entered disabled state [ 740.422773][T24337] bridge_slave_1: entered allmulticast mode [ 740.426597][T24337] bridge_slave_1: entered promiscuous mode [ 740.457021][T24399] IPVS: sh: UDP 0.0.0.0:0 - no destination available [ 740.733462][T24337] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 740.749644][T24411] tun0: tun_chr_ioctl cmd 1074025675 [ 740.751758][T24411] tun0: persist disabled [ 740.769852][T24415] netlink: 40 bytes leftover after parsing attributes in process `syz.6.23937'. [ 740.944041][T24337] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 741.017568][ T6103] Bluetooth: hci3: command tx timeout [ 741.130872][ T53] kernel read not supported for file /input/event1 (pid: 53 comm: kworker/2:1) [ 741.201192][T24337] team0: Port device team_slave_0 added [ 741.207216][T24337] team0: Port device team_slave_1 added [ 741.416489][T24337] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 741.418833][T24337] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 741.427477][T24337] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 741.431428][ T1258] bridge_slave_1: left allmulticast mode [ 741.434605][ T1258] bridge_slave_1: left promiscuous mode [ 741.437398][ T1258] bridge0: port 2(bridge_slave_1) entered disabled state [ 741.542484][ T1258] bridge_slave_0: left allmulticast mode [ 741.545121][ T1258] bridge_slave_0: left promiscuous mode [ 741.547770][ T1258] bridge0: port 1(bridge_slave_0) entered disabled state [ 743.230471][ T6103] Bluetooth: hci3: command tx timeout [ 743.434591][ T1258] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 743.530869][ T1258] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 743.587512][ T1258] bond0 (unregistering): Released all slaves [ 743.676102][T24337] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 743.678394][T24337] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 743.689700][T24337] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 744.117684][ T55] usb 11-1: new full-speed USB device number 9 using dummy_hcd [ 744.295561][ T55] usb 11-1: New USB device found, idVendor=13d8, idProduct=0011, bcdDevice=d0.62 [ 744.308959][ T55] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 744.312089][ T55] usb 11-1: Product: syz [ 744.314009][ T55] usb 11-1: Manufacturer: syz [ 744.315877][ T55] usb 11-1: SerialNumber: syz [ 744.319053][ T55] usb 11-1: config 0 descriptor?? [ 744.328578][ T55] comedi comedi4: This driver needs USB 2.0 to operate. Aborting... [ 744.332000][ T55] usbduxfast 11-1:0.0: driver 'usbduxfast' failed to auto-configure device. [ 744.348076][T24337] hsr_slave_0: entered promiscuous mode [ 744.350804][T24337] hsr_slave_1: entered promiscuous mode [ 744.354170][T24337] debugfs: 'hsr0' already exists in 'hsr' [ 744.356430][T24337] Cannot create hsr debugfs directory [ 744.512115][T17952] kernel read not supported for file /dsp (pid: 17952 comm: kworker/2:6) [ 744.547246][T17952] usb 11-1: USB disconnect, device number 9 [ 745.401381][ T1258] hsr_slave_0: left promiscuous mode [ 745.453958][ T6110] Bluetooth: hci3: command tx timeout [ 745.455070][ T1258] hsr_slave_1: left promiscuous mode [ 745.458783][ T1258] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 745.461860][ T1258] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 745.463746][T24508] Failed to get privilege flags for destination (handle=0x2:0xffffffff) [ 745.498029][ T1258] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 745.500471][ T1258] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 745.638093][ T1258] veth1_macvtap: left promiscuous mode [ 745.641898][ T1258] veth0_macvtap: left promiscuous mode [ 745.643989][ T1258] veth1_vlan: left promiscuous mode [ 745.646001][ T1258] veth0_vlan: left promiscuous mode [ 747.677637][ T6110] Bluetooth: hci3: command 0x0419 tx timeout [ 749.901808][ T6103] Bluetooth: hci3: command 0x0419 tx timeout [ 752.468683][ T1258] team0 (unregistering): Port device team_slave_1 removed [ 753.430746][ T1258] team0 (unregistering): Port device team_slave_0 removed [ 761.740926][T24584] binder: Binderfs stats mode cannot be changed during a remount [ 761.925387][T24586] syz_tun: entered promiscuous mode [ 762.467153][T24337] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 762.519872][T24337] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 762.562723][T24337] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 762.604116][T24337] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 762.693820][T24337] 8021q: adding VLAN 0 to HW filter on device bond0 [ 762.704234][T24337] 8021q: adding VLAN 0 to HW filter on device team0 [ 762.710868][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 762.714006][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 762.723352][ T75] bridge0: port 2(bridge_slave_1) entered blocking state [ 762.725729][ T75] bridge0: port 2(bridge_slave_1) entered forwarding state [ 762.899701][T24337] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 763.031868][T24629] netlink: 4 bytes leftover after parsing attributes in process `syz.2.24024'. [ 763.111227][T24337] veth0_vlan: entered promiscuous mode [ 763.119908][T24337] veth1_vlan: entered promiscuous mode [ 763.147247][T24337] veth0_macvtap: entered promiscuous mode [ 763.153971][T24337] veth1_macvtap: entered promiscuous mode [ 763.170517][T24337] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 763.180375][T24337] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 763.191435][ T1258] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 763.194734][ T1258] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 763.197959][ T1258] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 763.200921][ T14] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 763.252674][T24635] ALSA: mixer_oss: invalid OSS volume '' [ 763.378060][ T75] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 763.381504][ T75] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 763.410631][ T1258] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 763.416010][ T1258] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 763.716357][T24656] Bluetooth: received HCILL_WAKE_UP_IND in state 2 [ 764.416266][T24665] ntfs3(sr0): try to read out of volume at offset 0x0 [ 765.098339][T24676] netlink: 4 bytes leftover after parsing attributes in process `syz.6.24043'. [ 765.894849][ T6103] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 766.297317][T24710] mkiss: ax0: crc mode is auto. [ 766.316073][T24712] ptrace attach of ""[24713] was attempted by "/syz-executor exec"[24712] [ 766.582845][T24742] sctp: [Deprecated]: syz.6.24073 (pid 24742) Use of int in max_burst socket option. [ 766.582845][T24742] Use struct sctp_assoc_value instead [ 766.995419][T24771] mkiss: ax0: crc mode is auto. [ 767.016934][ T55] usb 12-1: new high-speed USB device number 5 using dummy_hcd [ 767.188085][ T55] usb 12-1: Using ep0 maxpacket: 8 [ 767.197802][ T55] usb 12-1: New USB device found, idVendor=12d1, idProduct=fae2, bcdDevice=70.8b [ 767.201726][ T55] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 767.205276][ T55] usb 12-1: Product: syz [ 767.207310][ T55] usb 12-1: Manufacturer: syz [ 767.209498][ T55] usb 12-1: SerialNumber: syz [ 767.214215][ T55] usb 12-1: config 0 descriptor?? [ 767.218655][ T55] option 12-1:0.0: GSM modem (1-port) converter detected [ 767.274069][T17952] e1000 0000:00:06.0 eth0: Reset adapter [ 767.437498][T17952] usb 12-1: USB disconnect, device number 5 [ 767.440043][T17952] option 12-1:0.0: device disconnected [ 769.573182][ T53] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX [ 778.094436][ T40] kauditd_printk_skb: 73 callbacks suppressed [ 778.094454][ T40] audit: type=1326 audit(2000000702.803:30757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24849 comm="syz.2.24110" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fb4579 code=0x0 [ 778.265044][T24855] binder: 24854:24855 ioctl c018620c 80000240 returned -1 [ 778.275381][T24857] netlink: 4 bytes leftover after parsing attributes in process `syz.6.24113'. [ 778.279441][T24857] netlink: 4 bytes leftover after parsing attributes in process `syz.6.24113'. [ 778.711062][T24871] loop6: detected capacity change from 0 to 524287999 [ 779.045333][T24893] netlink: 8 bytes leftover after parsing attributes in process `syz.2.24129'. [ 779.850594][T24973] : renamed from vlan0 (while UP) [ 780.009281][T24983] netlink: 36 bytes leftover after parsing attributes in process `syz.7.24170'. [ 780.053548][ T53] usb 11-1: new full-speed USB device number 10 using dummy_hcd [ 780.210907][ T53] usb 11-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 780.214347][ T53] usb 11-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 780.217635][ T53] usb 11-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 64 [ 780.221556][ T53] usb 11-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 780.224799][ T53] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 780.229286][T24967] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 780.233531][ T53] hub 11-1:1.0: bad descriptor, ignoring hub [ 780.235596][ T53] hub 11-1:1.0: probe with driver hub failed with error -5 [ 780.238433][ T53] cdc_wdm 11-1:1.0: skipping garbage [ 780.240151][ T53] cdc_wdm 11-1:1.0: skipping garbage [ 780.243453][ T53] cdc_wdm 11-1:1.0: cdc-wdm0: USB WDM device [ 780.245537][ T53] cdc_wdm 11-1:1.0: Unknown control protocol [ 780.584240][ T56] usb 11-1: USB disconnect, device number 10 [ 781.363202][T25061] bad cache= option: none : no [ 781.363202][T25061] blocksize : 1 [ 781.363202][T25061] min keysize : 20 [ 781.363202][T25061] max keysize : 36 [ 781.363202][T25061] ivsize : 8 [ 781.363202][T25061] chunksize : 16 [ 781.363202][T25061] walksize : 16 [ 781.363202][T25061] statesize : 0 [ 781.363202][T25061] [ 781.363202][T25061] name : authencesn(wp512 [ 781.363202][T25061] [ 781.376301][T25061] CIFS: VFS: bad cache= option: none : no [ 781.376301][T25061] blocksize : 1 [ 781.376301][T25061] min keysize : 20 [ 781.376301][T25061] max keysize : 36 [ 781.376301][T25061] ivsize : 8 [ 781.376301][T25061] chunksize : 16 [ 781.376301][T25061] walksize : 16 [ 781.376301][T25061] statesize : 0 [ 781.376301][T25061] [ 781.376301][T25061] name : authencesn(wp512 [ 782.366691][T25080] netlink: 12 bytes leftover after parsing attributes in process `syz.7.24217'. [ 782.369656][T25080] netlink: 12 bytes leftover after parsing attributes in process `syz.7.24217'. [ 782.961009][T25106] netlink: 12 bytes leftover after parsing attributes in process `syz.7.24229'. [ 782.964006][T25106] netlink: 12 bytes leftover after parsing attributes in process `syz.7.24229'. [ 783.237900][T25110] macvlan0: entered promiscuous mode [ 783.244973][T25110] netlink: 'syz.7.24231': attribute type 1 has an invalid length. [ 783.248625][T25110] netlink: 'syz.7.24231': attribute type 2 has an invalid length. [ 783.380501][ T846] hid-generic 0005:16C0:05E0.000A: item fetching failed at offset 0/1 [ 783.383597][ T846] hid-generic 0005:16C0:05E0.000A: probe with driver hid-generic failed with error -22 [ 784.017225][T25171] netlink: 696 bytes leftover after parsing attributes in process `syz.6.24259'. [ 784.085798][ T40] audit: type=1800 audit(2000000708.406:30758): pid=25178 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.24262" name="file0" dev="9p" ino=76808419 res=0 errno=0 [ 784.357657][ T846] usb 13-1: new high-speed USB device number 3 using dummy_hcd [ 784.518381][T25201] input: syz1 as /devices/virtual/input/input62 [ 784.540168][ T846] usb 13-1: config 0 interface 0 altsetting 251 has an endpoint descriptor with address 0xED, changing to 0x8D [ 784.543992][ T846] usb 13-1: config 0 interface 0 altsetting 251 endpoint 0x8D has invalid maxpacket 52921, setting to 64 [ 784.547638][ T846] usb 13-1: config 0 interface 0 has no altsetting 0 [ 784.551754][ T846] usb 13-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 784.554638][ T846] usb 13-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 784.557329][ T846] usb 13-1: Product: syz [ 784.558695][ T846] usb 13-1: Manufacturer: syz [ 784.560272][ T846] usb 13-1: SerialNumber: syz [ 784.562959][ T846] usb 13-1: config 0 descriptor?? [ 784.567056][ T846] usb 13-1: selecting invalid altsetting 0 [ 784.592373][T17994] usb 12-1: new high-speed USB device number 6 using dummy_hcd [ 784.754085][T17994] usb 12-1: New USB device found, idVendor=046d, idProduct=c087, bcdDevice= 0.00 [ 784.757112][T17994] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 784.761068][T17994] usb 12-1: config 0 descriptor?? [ 784.797880][T25183] usb 13-1: cannot submit urb 0, error -2: endpoint not enabled [ 784.800909][T25183] usb 13-1: cannot submit urb 0, error -2: endpoint not enabled [ 784.803529][T25183] usb 13-1: cannot submit urb 0, error -2: endpoint not enabled [ 784.808783][T25183] usb 13-1: cannot submit urb 0, error -2: endpoint not enabled [ 784.811427][T25183] usb 13-1: cannot submit urb 0, error -2: endpoint not enabled [ 784.814107][T25183] usb 13-1: cannot submit urb 0, error -2: endpoint not enabled [ 784.817026][T25183] usb 13-1: cannot submit urb 0, error -2: endpoint not enabled [ 784.819664][T25183] usb 13-1: cannot submit urb 0, error -2: endpoint not enabled [ 784.822326][T25183] usb 13-1: cannot submit urb 0, error -2: endpoint not enabled [ 784.825004][T25183] usb 13-1: cannot submit urb 0, error -2: endpoint not enabled [ 784.827972][T25183] usb 13-1: cannot submit urb 0, error -2: endpoint not enabled [ 784.830548][T25183] usb 13-1: cannot submit urb 0, error -2: endpoint not enabled [ 784.833192][T25183] usb 13-1: cannot submit urb 0, error -2: endpoint not enabled [ 784.836381][T25183] usb 13-1: cannot submit urb 0, error -2: endpoint not enabled [ 784.842395][T25183] usb 13-1: cannot submit urb 0, error -2: endpoint not enabled [ 784.845329][T25183] usb 13-1: cannot submit urb 0, error -2: endpoint not enabled [ 784.853726][T25183] usb 13-1: cannot submit urb 0, error -2: endpoint not enabled [ 784.856382][T25183] usb 13-1: cannot submit urb 0, error -2: endpoint not enabled [ 784.859186][T25183] usb 13-1: cannot submit urb 0, error -2: endpoint not enabled [ 784.863655][T25183] usb 13-1: cannot submit urb 0, error -2: endpoint not enabled [ 784.866370][T25183] usb 13-1: cannot submit urb 0, error -2: endpoint not enabled [ 784.869083][T25183] usb 13-1: cannot submit urb 0, error -2: endpoint not enabled [ 784.872203][T25183] usb 13-1: cannot submit urb 0, error -2: endpoint not enabled [ 784.874961][T25183] usb 13-1: cannot submit urb 0, error -2: endpoint not enabled [ 784.877726][T25183] usb 13-1: cannot submit urb 0, error -2: endpoint not enabled [ 784.880777][T25183] usb 13-1: cannot submit urb 0, error -2: endpoint not enabled [ 784.883432][T25183] usb 13-1: cannot submit urb 0, error -2: endpoint not enabled [ 784.886145][T25183] usb 13-1: cannot submit urb 0, error -2: endpoint not enabled [ 784.888789][T25183] usb 13-1: cannot submit urb 0, error -2: endpoint not enabled [ 784.891412][T25183] usb 13-1: cannot submit urb 0, error -2: endpoint not enabled [ 784.894436][T25183] usb 13-1: cannot submit urb 0, error -2: endpoint not enabled [ 784.897127][T25183] usb 13-1: cannot submit urb 0, error -2: endpoint not enabled [ 784.899777][T25183] usb 13-1: cannot submit urb 0, error -2: endpoint not enabled [ 784.902847][T25183] usb 13-1: cannot submit urb 0, error -2: endpoint not enabled [ 784.905789][T25183] usb 13-1: cannot submit urb 0, error -2: endpoint not enabled [ 784.908824][T25183] usb 13-1: cannot submit urb 0, error -2: endpoint not enabled [ 784.911587][T25183] usb 13-1: cannot submit urb 0, error -2: endpoint not enabled [ 784.914300][T25183] usb 13-1: cannot submit urb 0, error -2: endpoint not enabled [ 784.917015][T25183] usb 13-1: cannot submit urb 0, error -2: endpoint not enabled [ 784.919794][T25183] usb 13-1: cannot submit urb 0, error -2: endpoint not enabled [ 784.922731][T25183] usb 13-1: cannot submit urb 0, error -2: endpoint not enabled [ 784.935230][T25183] usb 13-1: cannot submit urb 0, error -2: endpoint not enabled [ 784.938764][T25183] usb 13-1: cannot submit urb 0, error -2: endpoint not enabled [ 784.942138][T25183] usb 13-1: cannot submit urb 0, error -2: endpoint not enabled [ 784.985349][T17994] usbhid 12-1:0.0: can't add hid device: -71 [ 784.985465][T25182] usb 13-1: cannot submit urb 0, error -2: endpoint not enabled [ 784.987659][T17994] usbhid 12-1:0.0: probe with driver usbhid failed with error -71 [ 784.991022][ T846] usb 13-1: USB disconnect, device number 3 [ 784.993932][T17994] usb 12-1: USB disconnect, device number 6 [ 785.449857][T25242] 9pnet_virtio: no channels available for device syz [ 785.628076][T25252] mkiss: ax0: crc mode is auto. [ 786.025253][T25288] gfs2: gfs2 mount does not exist [ 787.179065][T25360] netlink: 4 bytes leftover after parsing attributes in process `syz.7.24343'. [ 787.801761][T25411] erspan0: entered promiscuous mode [ 788.908126][ T6110] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 788.911960][ T6110] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 788.915582][ T6110] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 788.919418][ T6110] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 788.924576][ T6110] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 789.142212][T25487] random: crng reseeded on system resumption [ 789.451599][T25516] netlink: 212340 bytes leftover after parsing attributes in process `syz.7.24416'. [ 789.455413][T25516] openvswitch: netlink: Port 167772160 exceeds max allowable 65535 [ 789.600321][T25475] chnl_net:caif_netlink_parms(): no params data found [ 789.621445][T25525] 8021q: adding VLAN 0 to HW filter on device bond1 [ 789.626043][T25525] bond0: (slave bond1): Enslaving as an active interface with an up link [ 789.686982][ T12] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 789.849074][T25537] netlink: 8 bytes leftover after parsing attributes in process `syz.7.24425'. [ 789.855912][ T12] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 790.037322][ T12] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 790.107836][T25548] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 790.113252][T25548] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 790.379795][ T12] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 790.457309][T25475] bridge0: port 1(bridge_slave_0) entered blocking state [ 790.459888][T25475] bridge0: port 1(bridge_slave_0) entered disabled state [ 790.462818][T25475] bridge_slave_0: entered allmulticast mode [ 790.465574][T25475] bridge_slave_0: entered promiscuous mode [ 790.468830][T25475] bridge0: port 2(bridge_slave_1) entered blocking state [ 790.471116][T25475] bridge0: port 2(bridge_slave_1) entered disabled state [ 790.474438][T25475] bridge_slave_1: entered allmulticast mode [ 790.477222][T25475] bridge_slave_1: entered promiscuous mode [ 790.692629][T25475] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 790.699533][T25475] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 790.839901][T25572] netlink: 4 bytes leftover after parsing attributes in process `syz.6.24440'. [ 790.843772][T25572] netlink: 4 bytes leftover after parsing attributes in process `syz.6.24440'. [ 790.958509][T25475] team0: Port device team_slave_0 added [ 790.980119][T25475] team0: Port device team_slave_1 added [ 791.038500][T25584] loop7: detected capacity change from 0 to 7 [ 791.047383][ C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 791.051461][ C3] buffer_io_error: 6 callbacks suppressed [ 791.051475][ C3] Buffer I/O error on dev loop7, logical block 0, async page read [ 791.057283][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 791.061284][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 791.065239][ C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 791.068801][ C3] Buffer I/O error on dev loop7, logical block 0, async page read [ 791.072440][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 791.075189][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 791.078303][ C2] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 791.080265][ T12] tipc: Resetting bearer [ 791.081369][ C2] Buffer I/O error on dev loop7, logical block 0, async page read [ 791.081674][ C2] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 791.090090][ C2] Buffer I/O error on dev loop7, logical block 0, async page read [ 791.093322][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 791.096472][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 791.098978][T25584] ldm_validate_partition_table(): Disk read failed. [ 791.135093][ T6110] Bluetooth: hci2: command tx timeout [ 791.145782][T25585] loop7: detected capacity change from 7 to 0 [ 791.145957][ C2] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 791.150699][ C2] Buffer I/O error on dev loop7, logical block 0, async page read [ 791.154013][T25584] Dev loop7: unable to read RDB block 0 [ 791.155983][T25584] loop7: unable to read partition table [ 791.158316][T25584] loop7: partition table beyond EOD, truncated [ 791.160216][T25584] loop_reread_partitions: partition scan of loop7 (SJ_+]֋ S'(J^Z (633)eeDϫ?Ƣ4+) failed (rc=-5) [ 791.456828][ T12] tipc: Disabling bearer [ 793.348033][ T6110] Bluetooth: hci2: command 0x041b tx timeout [ 794.898718][ T12] .` (unregistering): (slave bond_slave_0): Releasing backup interface [ 794.984203][ T12] .` (unregistering): (slave bond_slave_1): Releasing backup interface [ 795.059342][ T12] .` (unregistering): (slave team0): Releasing backup interface [ 795.219502][ T12] .` (unregistering): (slave batadv_slave_0): Releasing backup interface [ 795.242101][ T12] .` (unregistering): Released all slaves [ 795.249456][ T12] bond1 (unregistering): Released all slaves [ 795.571731][ T6103] Bluetooth: hci2: command 0x041b tx timeout [ 795.990484][ T12] bond0 (unregistering): Released all slaves [ 796.005273][ T12] bond2 (unregistering): Released all slaves [ 796.018378][ T12] bond3 (unregistering): Released all slaves [ 796.930901][ T12] bond4 (unregistering): Released all slaves [ 797.795367][ T6103] Bluetooth: hci2: command 0x041b tx timeout [ 797.797308][ T12] bond5 (unregistering): Released all slaves [ 797.810127][ T12] bond6 (unregistering): Released all slaves [ 797.980288][T25475] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 797.983305][T25475] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 797.998693][T25475] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 798.003877][T25475] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 798.006526][T25475] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 798.016409][T25475] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 798.225031][T25597] netlink: 'syz.8.24452': attribute type 2 has an invalid length. [ 798.227603][T25597] netlink: 'syz.8.24452': attribute type 4 has an invalid length. [ 798.234414][T18997] syz0: Port: 1 Link DOWN [ 798.407477][ T12] : left promiscuous mode [ 798.476474][T25475] hsr_slave_0: entered promiscuous mode [ 798.478843][T25475] hsr_slave_1: entered promiscuous mode [ 798.481355][T25475] debugfs: 'hsr0' already exists in 'hsr' [ 798.483286][T25475] Cannot create hsr debugfs directory [ 798.515222][T25625] bond2: option lacp_active: mode dependency failed, not supported in mode balance-rr(0) [ 798.518409][T25633] rtc_cmos 00:05: Alarms can be up to one day in the future [ 798.555946][T25625] bond2 (unregistering): Released all slaves [ 798.601431][ T12] : left promiscuous mode [ 798.908733][ T12] tipc: Disabling bearer [ 799.003525][ T12] tipc: Left network mode [ 799.217137][T18997] usb 12-1: new high-speed USB device number 7 using dummy_hcd [ 799.258369][T25475] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 799.315870][T25475] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 799.377497][T18997] usb 12-1: Using ep0 maxpacket: 8 [ 799.381253][T18997] usb 12-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b [ 799.385117][T18997] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 799.391766][T18997] pvrusb2: Hardware description: Terratec Grabster AV400 [ 799.394106][T18997] pvrusb2: ********** [ 799.395442][T18997] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 799.398630][T18997] pvrusb2: Important functionality might not be entirely working. [ 799.401758][T18997] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 799.405465][T18997] pvrusb2: ********** [ 799.415098][T25683] Process accounting resumed [ 799.517435][T25475] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 799.613507][ T2486] pvrusb2: Invalid write control endpoint [ 799.616025][T25475] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 799.647828][ T2486] pvrusb2: Invalid write control endpoint [ 799.649962][ T2486] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 799.653608][ T2486] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 799.655554][ T55] kernel read not supported for file /dsp1 (pid: 55 comm: kworker/3:1) [ 799.659247][ T2486] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 799.666043][ T2486] pvrusb2: Device being rendered inoperable [ 799.674059][ T2486] cx25840 2-0044: Unable to detect h/w, assuming cx23887 [ 799.677442][ T2486] cx25840 2-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a) [ 799.681814][ T2486] pvrusb2: Attached sub-driver cx25840 [ 799.683888][ T2486] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 799.687634][ T2486] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 799.834719][T25671] pvrusb2: Killing an I2C write to 0 that is too large (desired=62 limit=61) [ 799.838753][ T29] usb 12-1: USB disconnect, device number 7 [ 799.878342][T25475] 8021q: adding VLAN 0 to HW filter on device bond0 [ 799.888707][T25475] 8021q: adding VLAN 0 to HW filter on device team0 [ 799.894443][ T100] bridge0: port 1(bridge_slave_0) entered blocking state [ 799.896820][ T100] bridge0: port 1(bridge_slave_0) entered forwarding state [ 799.903490][ T1184] bridge0: port 2(bridge_slave_1) entered blocking state [ 799.905863][ T1184] bridge0: port 2(bridge_slave_1) entered forwarding state [ 800.029675][ T6103] Bluetooth: hci2: command 0x041b tx timeout [ 800.461962][T17994] kernel write not supported for file /uinput (pid: 17994 comm: kworker/3:5) [ 800.715895][T25475] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 800.721506][ T40] audit: type=1326 audit(2000000723.971:30759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25742 comm="syz.8.24513" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa3579 code=0x7ffc0000 [ 800.729709][ T40] audit: type=1326 audit(2000000723.971:30760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25742 comm="syz.8.24513" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa3579 code=0x7ffc0000 [ 800.739022][ T40] audit: type=1326 audit(2000000723.981:30761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25742 comm="syz.8.24513" exe="/syz-executor" sig=0 arch=40000003 syscall=5 compat=1 ip=0xf7fa3579 code=0x7ffc0000 [ 800.746766][ T40] audit: type=1326 audit(2000000723.981:30762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25742 comm="syz.8.24513" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa3579 code=0x7ffc0000 [ 800.753965][ T40] audit: type=1326 audit(2000000723.981:30763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25742 comm="syz.8.24513" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa3579 code=0x7ffc0000 [ 800.764088][ T40] audit: type=1326 audit(2000000723.981:30764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25742 comm="syz.8.24513" exe="/syz-executor" sig=0 arch=40000003 syscall=296 compat=1 ip=0xf7fa3579 code=0x7ffc0000 [ 800.774160][ T40] audit: type=1326 audit(2000000723.981:30765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25742 comm="syz.8.24513" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa3579 code=0x7ffc0000 [ 800.783474][ T40] audit: type=1326 audit(2000000723.981:30766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25742 comm="syz.8.24513" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa3579 code=0x7ffc0000 [ 800.791954][ T40] audit: type=1326 audit(2000000723.981:30767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25742 comm="syz.8.24513" exe="/syz-executor" sig=0 arch=40000003 syscall=302 compat=1 ip=0xf7fa3579 code=0x7ffc0000 [ 800.799099][ T40] audit: type=1326 audit(2000000723.981:30768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25742 comm="syz.8.24513" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa3579 code=0x7ffc0000 [ 800.989615][T25777] openvswitch: netlink: nsh attr 255 is out of range max 3 [ 800.992850][T25777] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 801.077215][T25475] veth0_vlan: entered promiscuous mode [ 801.215600][T25475] veth1_vlan: entered promiscuous mode [ 801.225727][T25796] bridge1: entered allmulticast mode [ 801.229196][T25796] team0: Device bridge1 is up. Set it down before adding it as a team port [ 801.319534][T25802] input: syz0 as /devices/virtual/input/input63 [ 801.632870][T25812] Bluetooth: hci0: Opcode 0x0c1a failed: -22 [ 801.737486][T25475] veth0_macvtap: entered promiscuous mode [ 801.744018][T25475] veth1_macvtap: entered promiscuous mode [ 801.759388][T25475] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 801.769444][T25475] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 801.778342][ T75] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 801.781872][ T75] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 801.827070][ T75] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 801.830258][ T75] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 802.170300][T25833] netlink: 'syz.8.24553': attribute type 1 has an invalid length. [ 802.305910][ T75] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 802.311359][ T75] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 802.359149][ T14] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 802.364984][ T14] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 802.509041][T25854] netlink: 'syz.7.24563': attribute type 10 has an invalid length. [ 802.513647][T25854] netlink: 1 bytes leftover after parsing attributes in process `syz.7.24563'. [ 802.691888][ T12] hsr_slave_0: left promiscuous mode [ 802.734378][ T12] hsr_slave_1: left promiscuous mode [ 802.805877][ T12] batadv_slave_1: left promiscuous mode [ 802.808625][ T12] veth1_macvtap: left allmulticast mode [ 802.811607][ T12] veth1_macvtap: left promiscuous mode [ 802.814129][ T12] veth0_macvtap: left promiscuous mode [ 802.818821][ T12] veth0_vlan: left promiscuous mode [ 803.782079][ T6103] Bluetooth: hci0: command tx timeout [ 810.732337][ T12] team0 (unregistering): Port device team_slave_1 removed [ 812.369574][ T75] smc: removing ib device syz0 [ 817.197308][T25907] loop5: detected capacity change from 0 to 7 [ 817.250297][ T150] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 817.255302][ T150] Buffer I/O error on dev loop5, logical block 0, async page read [ 817.259822][T25907] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 817.263466][T25907] Buffer I/O error on dev loop5, logical block 0, async page read [ 817.266762][T25907] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 817.270759][T25907] Buffer I/O error on dev loop5, logical block 0, async page read [ 817.274953][T25907] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 817.278713][T25907] Buffer I/O error on dev loop5, logical block 0, async page read [ 817.281848][T25907] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 817.286692][T25907] Buffer I/O error on dev loop5, logical block 0, async page read [ 817.289562][T25907] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 817.292679][T25907] Buffer I/O error on dev loop5, logical block 0, async page read [ 817.296474][T25907] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 817.300484][T25907] Buffer I/O error on dev loop5, logical block 0, async page read [ 817.304417][T25907] ldm_validate_partition_table(): Disk read failed. [ 817.307493][T25907] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 817.311196][T25907] Buffer I/O error on dev loop5, logical block 0, async page read [ 817.314585][T25907] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 817.318440][T25907] Buffer I/O error on dev loop5, logical block 0, async page read [ 817.322118][T25907] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 817.325890][T25907] Buffer I/O error on dev loop5, logical block 0, async page read [ 817.339279][T25907] Dev loop5: unable to read RDB block 0 [ 817.341963][T25907] loop5: unable to read partition table [ 817.344696][T25907] loop5: partition table beyond EOD, truncated [ 817.347367][T25917] ip6_vti0 speed is unknown, defaulting to 1000 [ 817.348337][T25907] loop_reread_partitions: partition scan of loop5 (Cj̖P=ý?}X %`ր{֐ȵ4FLQk݊) failed (rc=-5) [ 817.356489][T25917] ip6_vti0 speed is unknown, defaulting to 1000 [ 817.359862][T25917] ip6_vti0 speed is unknown, defaulting to 1000 [ 817.430260][T25923] pim6reg1: tun_chr_ioctl cmd 1074025677 [ 817.432368][ T12] IPVS: stop unused estimator thread 0... [ 817.432449][T25923] pim6reg1: linktype set to 780 [ 817.481162][T25917] infiniband syz2: set down [ 817.483197][T25917] infiniband syz2: added ip6_vti0 [ 817.506952][T25917] RDS/IB: syz2: added [ 817.509520][T25917] smc: adding ib device syz2 with port count 1 [ 817.511867][T25917] smc: ib device syz2 port 1 has no pnetid [ 817.586998][ T6035] ip6_vti0 speed is unknown, defaulting to 1000 [ 817.590258][ T845] ip6_vti0 speed is unknown, defaulting to 1000 [ 817.592958][T25917] ip6_vti0 speed is unknown, defaulting to 1000 [ 817.736088][T25917] ip6_vti0 speed is unknown, defaulting to 1000 [ 817.751255][T25938] netlink: 64 bytes leftover after parsing attributes in process `syz.8.24599'. [ 817.839259][T25917] ip6_vti0 speed is unknown, defaulting to 1000 [ 817.949428][T25917] ip6_vti0 speed is unknown, defaulting to 1000 [ 818.046894][T25957] netlink: 'syz.6.24608': attribute type 2 has an invalid length. [ 818.091287][T25917] ip6_vti0 speed is unknown, defaulting to 1000 [ 818.206417][T25973] netlink: 92 bytes leftover after parsing attributes in process `syz.9.24616'. [ 818.230196][T25917] ip6_vti0 speed is unknown, defaulting to 1000 [ 818.324627][T25917] ip6_vti0 speed is unknown, defaulting to 1000 [ 819.626916][T26017] batadv_slave_1: entered promiscuous mode [ 819.635304][T26016] batadv_slave_1: left promiscuous mode [ 819.691878][T26025] dlm: non-version read from control device 34 [ 819.760612][T26031] bridge0: entered promiscuous mode [ 819.763031][T26031] macvlan2: entered promiscuous mode [ 820.379373][T26061] input: syz0 as /devices/virtual/input/input64 [ 820.522056][T26064] netlink: 340 bytes leftover after parsing attributes in process `syz.7.24656'. [ 820.689368][T26073] kernel read not supported for file /eth0 (pid: 26073 comm: syz.7.24660) [ 820.693849][ T40] kauditd_printk_skb: 1 callbacks suppressed [ 820.693866][ T40] audit: type=1800 audit(2000000742.651:30770): pid=26073 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.24660" name="eth0" dev="mqueue" ino=218527 res=0 errno=0 [ 821.827824][ T6103] Bluetooth: hci4: Entering manufacturer mode failed (-110) [ 821.828164][T26021] Bluetooth: hci4: command 0xfc11 tx timeout [ 822.528316][T26159] netlink: 'syz.6.24700': attribute type 14 has an invalid length. [ 823.320564][ T40] audit: type=1326 audit(2000000745.111:30771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26199 comm="syz.8.24719" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa3579 code=0x7ffc0000 [ 823.331806][ T40] audit: type=1326 audit(2000000745.111:30772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26199 comm="syz.8.24719" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa3579 code=0x7ffc0000 [ 823.339333][ T40] audit: type=1326 audit(2000000745.121:30773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26199 comm="syz.8.24719" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa3579 code=0x7ffc0000 [ 823.347200][ T40] audit: type=1326 audit(2000000745.121:30774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26199 comm="syz.8.24719" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa3579 code=0x7ffc0000 [ 823.354291][ T40] audit: type=1326 audit(2000000745.121:30775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26199 comm="syz.8.24719" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fa3598 code=0x7ffc0000 [ 823.361325][ T40] audit: type=1326 audit(2000000745.121:30776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26199 comm="syz.8.24719" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fa3598 code=0x7ffc0000 [ 823.368527][ T40] audit: type=1326 audit(2000000745.121:30777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26199 comm="syz.8.24719" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa3579 code=0x7ffc0000 [ 823.377629][ T40] audit: type=1326 audit(2000000745.121:30778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26199 comm="syz.8.24719" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa3579 code=0x7ffc0000 [ 823.387234][ T40] audit: type=1326 audit(2000000745.121:30779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26199 comm="syz.8.24719" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fa3598 code=0x7ffc0000 [ 823.649307][T17952] usb 12-1: new high-speed USB device number 8 using dummy_hcd [ 823.819206][T17952] usb 12-1: unable to get BOS descriptor or descriptor too short [ 823.822645][T17952] usb 12-1: unable to read config index 0 descriptor/start: -71 [ 823.825781][T17952] usb 12-1: can't read configurations, error -71 [ 824.307943][ T6103] Bluetooth: hci2: command 0x041b tx timeout [ 825.232399][T26294] loop9: detected capacity change from 0 to 7 [ 825.235449][T26294] Dev loop9: unable to read RDB block 7 [ 825.237658][T26294] loop9: unable to read partition table [ 825.239738][T26294] loop9: partition table beyond EOD, truncated [ 825.241845][T26294] loop_reread_partitions: partition scan of loop9 (被x ) failed (rc=-5) [ 825.505899][T26313] netlink: 4 bytes leftover after parsing attributes in process `syz.8.24763'. [ 825.510549][T26313] netlink: 4 bytes leftover after parsing attributes in process `syz.8.24763'. [ 825.684583][T26335] netlink: 'syz.8.24773': attribute type 1 has an invalid length. [ 825.688404][T26335] netlink: 'syz.8.24773': attribute type 7 has an invalid length. [ 825.691535][T26335] netlink: 'syz.8.24773': attribute type 8 has an invalid length. [ 825.695006][T26335] netlink: 208 bytes leftover after parsing attributes in process `syz.8.24773'. [ 825.698917][T26335] NCSI netlink: No device for ifindex 65584 [ 825.803586][T26349] bridge_slave_0: invalid flags given to default FDB implementation [ 825.971241][T26361] netlink: 'syz.9.24787': attribute type 9 has an invalid length. [ 825.974317][T26361] netlink: 8 bytes leftover after parsing attributes in process `syz.9.24787'. [ 826.229462][T26381] mac80211_hwsim hwsim37 wlan0: entered promiscuous mode [ 826.238153][T26381] macsec4: entered promiscuous mode [ 826.240273][T26381] macsec4: entered allmulticast mode [ 826.242396][T26381] mac80211_hwsim hwsim37 wlan0: entered allmulticast mode [ 826.317408][T26391] dummy0: entered promiscuous mode [ 826.319998][T26390] dummy0: left promiscuous mode [ 826.681617][T26408] netlink: 8 bytes leftover after parsing attributes in process `syz.7.24807'. [ 826.694356][ T6035] hid_parser_main: 19 callbacks suppressed [ 826.694382][ T6035] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 826.699655][ T6035] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 826.703080][ T6035] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 826.705938][ T6035] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 826.708767][ T6035] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 826.711625][ T6035] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 826.714722][ T6035] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 826.717649][ T6035] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 826.720736][ T6035] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 826.723466][ T6035] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 826.727670][ T6035] hid-generic 0000:0000:0000.000B: hidraw1: HID v0.03 Device [syz1] on syz1 [ 826.735704][T26411] netlink: 8 bytes leftover after parsing attributes in process `syz.7.24807'. [ 826.818378][T26428] vivid-004: disconnect [ 826.822830][T26427] vivid-004: reconnect [ 827.067232][T26445] netlink: 8 bytes leftover after parsing attributes in process `syz.9.24824'. [ 827.088818][T26441] netlink: 360 bytes leftover after parsing attributes in process `syz.8.24822'. [ 827.357973][T26463] netlink: 20 bytes leftover after parsing attributes in process `syz.9.24832'. [ 829.182529][T26560] netlink: 16 bytes leftover after parsing attributes in process `syz.9.24876'. [ 829.513057][T26596] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 829.515599][T26596] IPv6: NLM_F_CREATE should be set when creating new route [ 829.518003][T26596] IPv6: NLM_F_CREATE should be set when creating new route [ 829.520439][T26596] IPv6: NLM_F_CREATE should be set when creating new route [ 829.696114][T26021] Bluetooth: hci2: command 0x041b tx timeout [ 829.708775][T26612] pimreg: entered allmulticast mode [ 829.715120][T26612] pimreg: left allmulticast mode [ 829.952420][T26627] IPVS: persistence engine module ip_vs_pe_x not found [ 829.984258][T26632] netlink: 'syz.8.24911': attribute type 1 has an invalid length. [ 830.181784][ T40] kauditd_printk_skb: 380 callbacks suppressed [ 830.181801][ T40] audit: type=1326 audit(2000000751.528:31160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26642 comm="syz.6.24915" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf702d598 code=0x7ffc0000 [ 830.194429][ T40] audit: type=1326 audit(2000000751.537:31161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26642 comm="syz.6.24915" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702d579 code=0x7ffc0000 [ 830.203340][ T40] audit: type=1326 audit(2000000751.537:31162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26642 comm="syz.6.24915" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702d579 code=0x7ffc0000 [ 830.212946][ T40] audit: type=1326 audit(2000000751.537:31163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26642 comm="syz.6.24915" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf702d598 code=0x7ffc0000 [ 830.220918][ T40] audit: type=1326 audit(2000000751.537:31164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26642 comm="syz.6.24915" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702d579 code=0x7ffc0000 [ 830.229892][ T40] audit: type=1326 audit(2000000751.537:31165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26642 comm="syz.6.24915" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf702d598 code=0x7ffc0000 [ 830.238743][ T40] audit: type=1326 audit(2000000751.537:31166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26642 comm="syz.6.24915" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf702d598 code=0x7ffc0000 [ 830.247632][ T40] audit: type=1326 audit(2000000751.537:31167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26642 comm="syz.6.24915" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702d579 code=0x7ffc0000 [ 830.255990][ T40] audit: type=1326 audit(2000000751.537:31168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26642 comm="syz.6.24915" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf702d598 code=0x7ffc0000 [ 830.264687][ T40] audit: type=1326 audit(2000000751.537:31169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26642 comm="syz.6.24915" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702d579 code=0x7ffc0000 [ 830.895498][T26651] macvlan0: entered promiscuous mode [ 830.900640][T26651] netlink: 'syz.6.24919': attribute type 1 has an invalid length. [ 830.903223][T26651] netlink: 'syz.6.24919': attribute type 2 has an invalid length. [ 831.432777][T26701] netlink: 12 bytes leftover after parsing attributes in process `syz.8.24943'. [ 831.435827][T26701] netlink: 12 bytes leftover after parsing attributes in process `syz.8.24943'. [ 831.743918][T26729] netlink: 27 bytes leftover after parsing attributes in process `syz.7.24954'. [ 831.775982][T26731] bridge0: entered promiscuous mode [ 831.777816][T26731] macvlan2: entered promiscuous mode [ 831.792109][T26733] input: syz0 as /devices/virtual/input/input65 [ 832.262688][T26750] netlink: 4 bytes leftover after parsing attributes in process `syz.8.24965'. [ 833.036627][T26777] bridge1: entered promiscuous mode [ 833.038489][T26777] bridge1: entered allmulticast mode [ 833.124910][T17952] hid_parser_main: 73 callbacks suppressed [ 833.124931][T17952] hid-generic 0003:0003:0000.000C: unknown main item tag 0x0 [ 833.129431][T17952] hid-generic 0003:0003:0000.000C: unknown main item tag 0x0 [ 833.131802][T17952] hid-generic 0003:0003:0000.000C: unknown main item tag 0x0 [ 833.134622][T17952] hid-generic 0003:0003:0000.000C: unknown main item tag 0x0 [ 833.137154][T17952] hid-generic 0003:0003:0000.000C: unknown main item tag 0x0 [ 833.139856][T17952] hid-generic 0003:0003:0000.000C: unknown main item tag 0x0 [ 833.142256][T17952] hid-generic 0003:0003:0000.000C: unknown main item tag 0x0 [ 833.144751][T17952] hid-generic 0003:0003:0000.000C: unknown main item tag 0x0 [ 833.147104][T17952] hid-generic 0003:0003:0000.000C: unknown main item tag 0x0 [ 833.149743][T17952] hid-generic 0003:0003:0000.000C: unknown main item tag 0x0 [ 833.154582][T17952] hid-generic 0003:0003:0000.000C: hidraw1: USB HID v0.00 Device [syz1] on syz1 [ 833.197300][T26789] netlink: 'syz.6.24984': attribute type 8 has an invalid length. [ 833.300186][ T55] kernel write not supported for file /input/event2 (pid: 55 comm: kworker/3:1) [ 833.623973][ T6035] kernel read not supported for file /2767/net/udp6 (pid: 6035 comm: kworker/0:4) [ 834.007988][T26840] tipc: Started in network mode [ 834.009622][T26840] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711 [ 834.013046][T26840] tipc: Enabling of bearer rejected, failed to enable media [ 834.095904][T26852] binder: 26851:26852 ioctl c0306201 80000b80 returned -14 [ 834.144213][T26855] netlink: 8 bytes leftover after parsing attributes in process `syz.9.25013'. [ 834.151649][T26858] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 0, id = 0 [ 834.224526][T26862] netlink: 8 bytes leftover after parsing attributes in process `syz.6.25016'. [ 834.293305][T26862] netdevsim netdevsim6 netdevsim0: entered allmulticast mode [ 834.678154][T26881] netlink: 8 bytes leftover after parsing attributes in process `syz.7.25031'. [ 834.681188][T26881] netlink: 4 bytes leftover after parsing attributes in process `syz.7.25031'. [ 835.350824][T26930] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 836.086603][T26943] loop5: detected capacity change from 0 to 7 [ 836.092477][T26943] Dev loop5: unable to read RDB block 7 [ 836.094461][T26943] loop5: AHDI p1 p2 [ 836.096520][T26943] loop5: partition table partially beyond EOD, truncated [ 836.100000][T26943] loop5: p1 start 1702000233 is beyond EOD, truncated [ 836.144932][T26947] netlink: 'syz.6.25056': attribute type 2 has an invalid length. [ 836.410058][T26973] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 836.413928][T26973] bridge0: port 2(bridge_slave_1) entered disabled state [ 836.418013][T26973] bridge0: port 1(bridge_slave_0) entered disabled state [ 836.511599][T26986] netlink: 1 bytes leftover after parsing attributes in process `syz.6.25076'. [ 836.623598][ C3] af_packet: tpacket_rcv: packet too big, clamped from 60 to 4294967292. macoff=76 [ 836.768085][T27005] serio: Serial port ptm0 [ 837.439941][T27034] netlink: 4 bytes leftover after parsing attributes in process `syz.9.25098'. [ 837.532576][ T55] kernel read not supported for file /dsp1 (pid: 55 comm: kworker/3:1) [ 837.609452][T27045] netlink: 4 bytes leftover after parsing attributes in process `syz.6.25103'. [ 837.614469][T27045] netlink: 4 bytes leftover after parsing attributes in process `syz.6.25103'. [ 837.767435][ T11] usb 14-1: new high-speed USB device number 2 using dummy_hcd [ 837.928170][ T11] usb 14-1: Using ep0 maxpacket: 16 [ 837.931580][ T11] usb 14-1: config 0 has an invalid interface number: 132 but max is 0 [ 837.938606][ T11] usb 14-1: config 0 has no interface number 0 [ 837.942990][ T11] usb 14-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25 [ 837.945990][ T11] usb 14-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 837.949315][ T11] usb 14-1: Product: syz [ 837.951072][ T11] usb 14-1: Manufacturer: syz [ 837.953557][ T11] usb 14-1: SerialNumber: syz [ 837.956821][ T11] usb 14-1: config 0 descriptor?? [ 837.959887][ T11] hub 14-1:0.132: bad descriptor, ignoring hub [ 837.962639][ T11] hub 14-1:0.132: probe with driver hub failed with error -5 [ 837.968833][ T11] input: bcm5974 as /devices/platform/dummy_hcd.9/usb14/14-1/14-1:0.132/input/input66 [ 838.282826][ T846] usb 12-1: new high-speed USB device number 10 using dummy_hcd [ 838.462658][ T846] usb 12-1: Using ep0 maxpacket: 16 [ 838.464668][ T846] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 838.466532][ T846] usb 12-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 838.472021][ T846] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 838.472043][ T846] usb 12-1: Product: syz [ 838.476639][ T846] usb 12-1: Manufacturer: syz [ 838.476657][ T846] usb 12-1: SerialNumber: syz [ 838.478828][ T846] usb 12-1: config 0 descriptor?? [ 838.490324][ T846] hub 12-1:0.0: bad descriptor, ignoring hub [ 838.490347][ T846] hub 12-1:0.0: probe with driver hub failed with error -5 [ 838.493093][ T846] input: syz syz as /devices/platform/dummy_hcd.7/usb12/12-1/12-1:0.0/input/input67 [ 838.710243][ T29] usb 14-1: USB disconnect, device number 2 [ 839.325354][T27111] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only [ 839.329299][T27111] overlayfs: fs on '.' does not support file handles, falling back to index=off,nfs_export=off. [ 839.333789][T27111] overlayfs: failed to get uuid (437/file0, err=-13); falling back to uuid=null. [ 840.573510][ T40] kauditd_printk_skb: 182 callbacks suppressed [ 840.573523][ T40] audit: type=1326 audit(2000000761.247:31352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27159 comm="syz.6.25155" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702d579 code=0x7ffc0000 [ 840.582362][ T40] audit: type=1326 audit(2000000761.247:31353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27159 comm="syz.6.25155" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702d579 code=0x7ffc0000 [ 840.589375][ T40] audit: type=1326 audit(2000000761.247:31354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27159 comm="syz.6.25155" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf702d598 code=0x7ffc0000 [ 840.597644][ T40] audit: type=1326 audit(2000000761.247:31355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27159 comm="syz.6.25155" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf702d598 code=0x7ffc0000 [ 840.605423][ T40] audit: type=1326 audit(2000000761.247:31356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27159 comm="syz.6.25155" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702d579 code=0x7ffc0000 [ 840.614843][ T40] audit: type=1326 audit(2000000761.247:31357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27159 comm="syz.6.25155" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf702d598 code=0x7ffc0000 [ 840.623860][ T40] audit: type=1326 audit(2000000761.247:31358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27159 comm="syz.6.25155" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702d579 code=0x7ffc0000 [ 840.631819][ T40] audit: type=1326 audit(2000000761.247:31359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27159 comm="syz.6.25155" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702d579 code=0x7ffc0000 [ 840.640004][ T40] audit: type=1326 audit(2000000761.247:31360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27159 comm="syz.6.25155" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf702d598 code=0x7ffc0000 [ 840.648112][ T40] audit: type=1326 audit(2000000761.247:31361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27159 comm="syz.6.25155" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702d579 code=0x7ffc0000 [ 841.412498][T27188] binder: 27187:27188 ioctl c0306201 800001c0 returned -14 [ 841.562988][T17952] usb 12-1: USB disconnect, device number 10 [ 841.625591][ T6171] kernel read not supported for file /binder/stats (pid: 6171 comm: kworker/3:3) [ 841.698484][T27198] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 841.700820][T27198] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 841.905653][T27198] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 842.012705][T27198] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 842.014802][T27198] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 842.040481][T27221] netem: change failed [ 842.062088][T27223] [U] [ 842.063034][T27223] [U] [ 842.063964][T27223] [U] [ 842.064892][T27223] [U] [ 842.065951][T27223] [U] [ 842.066872][T27223] [U] [ 842.067767][T27223] [U] [ 842.068713][T27223] [U] [ 842.069650][T27223] [U] [ 842.070737][T27223] [U] [ 842.071689][T27223] [U] [ 842.072623][T27223] [U] [ 842.073633][T27223] [U] [ 842.074554][T27223] [U] [ 842.075452][T27223] [U] [ 842.076326][T27223] [U] [ 842.078138][T27223] [U] [ 842.079258][T27223] [U] [ 842.080593][T27223] [U] [ 842.082001][T27223] [U] [ 842.083306][T27223] [U] [ 842.084574][T27223] [U] [ 842.085774][T27223] [U] [ 842.086999][T27223] [U] [ 842.089318][T27223] [U] [ 842.090307][T27223] [U] [ 842.091475][T27223] [U] [ 842.092690][T27223] [U] [ 842.093946][T27223] [U] [ 842.094985][T27223] [U] [ 842.096294][T27223] [U] [ 842.097293][T27223] [U] [ 842.098421][T27223] [U] [ 842.099330][T27223] [U] [ 842.099334][T27198] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 842.100306][T27223] [U] [ 842.103352][T27223] [U] [ 842.105597][T27223] [U] [ 842.106587][T27223] [U] [ 842.107805][T27223] [U] [ 842.109145][T27223] [U] [ 842.111738][T27223] [U] [ 842.113062][T27223] [U] [ 842.114246][T27223] [U] [ 842.115450][T27223] [U] [ 842.116696][T27223] [U] [ 842.117765][T27223] [U] [ 842.118822][T27223] [U] [ 842.119855][T27223] [U] [ 842.121378][T27223] [U] [ 842.122388][T27223] [U] [ 842.123338][T27223] [U] [ 842.124286][T27223] [U] [ 842.125229][T27223] [U] [ 842.126153][T27223] [U] [ 842.127095][T27223] [U] [ 842.128010][T27223] [U] [ 842.129375][T27223] [U] [ 842.130319][T27223] [U] [ 842.131267][T27223] [U] [ 842.132291][T27223] [U] [ 842.133254][T27223] [U] [ 842.134215][T27223] [U] [ 842.135153][T27223] [U] [ 842.136333][T27223] [U] [ 842.137441][T27223] [U] [ 842.138368][T27223] [U] [ 842.139309][T27223] [U] [ 842.140283][T27223] [U] [ 842.141835][T27223] [U] [ 842.143083][T27223] [U] [ 842.144312][T27223] [U] [ 842.145550][T27223] [U] [ 842.146759][T27223] [U] [ 842.147901][T27223] [U] [ 842.149080][T27223] [U] [ 842.150276][T27223] [U] [ 842.152080][T27223] [U] [ 842.153343][T27223] [U] [ 842.154557][T27223] [U] [ 842.155777][T27223] [U] [ 842.156992][T27223] [U] [ 842.158519][T27223] [U] [ 842.159591][T27223] [U] [ 842.160594][T27223] [U] [ 842.162149][T27223] [U] [ 842.163555][T27223] [U] [ 842.164548][T27223] [U] [ 842.165970][T27223] [U] [ 842.167203][T27223] [U] [ 842.168297][T27223] [U] [ 842.169249][T27223] [U] [ 842.170143][T27223] [U] [ 842.171096][T27223] [U] [ 842.172196][T27223] [U] [ 842.173133][T27223] [U] [ 842.174076][T27223] [U] [ 842.175339][T27223] [U] [ 842.176525][T27223] [U] [ 842.177709][T27223] [U] [ 842.178873][T27223] [U] [ 842.180066][T27223] [U] [ 842.181029][T27223] [U] [ 842.182263][T27223] [U] [ 842.183551][T27223] [U] [ 842.185277][T27223] [U] [ 842.186534][T27223] [U] [ 842.187746][T27223] [U] [ 842.188905][T27198] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 842.189044][T27223] [U] [ 842.191069][T27198] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 842.192536][T27223] [U] [ 842.195747][T27223] [U] [ 842.196969][T27223] [U] [ 842.198180][T27223] [U] [ 842.199718][T27223] [U] [ 842.200905][T27223] [U] [ 842.202165][T27223] [U] [ 842.203395][T27223] [U] [ 842.204840][T27223] [U] [ 842.206069][T27223] [U] [ 842.207235][T27223] [U] [ 842.208456][T27223] [U] [ 842.210005][T27223] [U] [ 842.211235][T27223] [U] [ 842.212983][T27223] [U] [ 842.214196][T27223] [U] [ 842.215985][T27223] [U] [ 842.217601][T27223] [U] [ 842.218865][T27223] [U] [ 842.247440][T27198] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 842.249451][T27222] [U] [ 843.026155][T27272] Bluetooth: hci5: received HCILL_GO_TO_SLEEP_ACK in state 2 [ 843.818431][ T6110] Bluetooth: hci1: command 0x0c1a tx timeout [ 844.235268][ T6110] Bluetooth: hci3: command 0x0419 tx timeout [ 844.406551][ T6110] Bluetooth: hci2: command 0x041b tx timeout [ 844.663264][T26021] Bluetooth: hci4: command 0x1003 tx timeout [ 844.663690][ T6103] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 845.176576][ T6103] Bluetooth: hci5: command 0x1003 tx timeout [ 845.176961][T27268] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 845.203025][T27341] team0: No ports can be present during mode change [ 845.329395][T27357] netlink: 4 bytes leftover after parsing attributes in process `syz.6.25243'. [ 845.538251][T27374] netlink: 4 bytes leftover after parsing attributes in process `syz.6.25252'. [ 845.550255][T27378] netlink: 4 bytes leftover after parsing attributes in process `syz.8.25251'. [ 845.554689][T27378] netlink: 4 bytes leftover after parsing attributes in process `syz.8.25251'. [ 845.802889][T27402] rtc_cmos 00:05: Alarms can be up to one day in the future [ 845.813075][T27401] rtc_cmos 00:05: Alarms can be up to one day in the future [ 846.042020][T27268] Bluetooth: hci1: command 0x0c1a tx timeout [ 846.423477][T17952] rtc_cmos 00:05: Alarms can be up to one day in the future [ 846.426878][T17952] rtc_cmos 00:05: Alarms can be up to one day in the future [ 846.430078][T17952] rtc_cmos 00:05: Alarms can be up to one day in the future [ 846.433083][T17952] rtc_cmos 00:05: Alarms can be up to one day in the future [ 846.435549][T17952] rtc rtc0: __rtc_set_alarm: err=-22 [ 846.459679][T27268] Bluetooth: hci3: command 0x0419 tx timeout [ 846.630699][ T6103] Bluetooth: hci2: command 0x041b tx timeout [ 847.032653][T27448] vivid-004: disconnect [ 847.036673][T27447] vivid-004: reconnect [ 847.193398][T27455] vhci_hcd vhci_hcd.0: pdev(9) rhport(0) sockfd(5) [ 847.196305][T27455] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 847.200105][T27455] vhci_hcd vhci_hcd.0: Device attached [ 847.205569][T27456] vhci_hcd: connection closed [ 847.205907][ T12] vhci_hcd: stop threads [ 847.209767][ T12] vhci_hcd: release socket [ 847.211662][ T12] vhci_hcd: disconnect device [ 848.254943][ T6103] Bluetooth: hci1: command 0x0c1a tx timeout [ 848.502112][ T6171] IPVS: starting estimator thread 0... [ 848.597280][T27500] IPVS: using max 46 ests per chain, 110400 per kthread [ 848.693822][ T6103] Bluetooth: hci3: command 0x0419 tx timeout [ 848.778813][T27268] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 848.780886][ T6103] Bluetooth: hci4: command 0x1003 tx timeout [ 848.855349][T27527] overlayfs: missing 'lowerdir' [ 848.864426][T27268] Bluetooth: hci2: command 0x041b tx timeout [ 849.892062][T27597] netlink: 4 bytes leftover after parsing attributes in process `syz.8.25354'. [ 849.897079][T27597] netlink: 20 bytes leftover after parsing attributes in process `syz.8.25354'. [ 849.901998][T27597] netlink: 4 bytes leftover after parsing attributes in process `syz.8.25354'. [ 849.917098][ T40] kauditd_printk_skb: 20 callbacks suppressed [ 849.917116][ T40] audit: type=1326 audit(2000000769.984:31382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27602 comm="syz.9.25357" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 849.928059][ T40] audit: type=1326 audit(2000000769.984:31383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27602 comm="syz.9.25357" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 849.935675][ T40] audit: type=1326 audit(2000000769.984:31384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27602 comm="syz.9.25357" exe="/syz-executor" sig=0 arch=40000003 syscall=224 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 849.943697][ T40] audit: type=1326 audit(2000000769.984:31385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27602 comm="syz.9.25357" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 849.951542][ T40] audit: type=1326 audit(2000000769.984:31386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27602 comm="syz.9.25357" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 849.958648][ T40] audit: type=1326 audit(2000000769.984:31387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27602 comm="syz.9.25357" exe="/syz-executor" sig=0 arch=40000003 syscall=177 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 849.981148][ T40] audit: type=1326 audit(2000000770.049:31388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27602 comm="syz.9.25357" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 850.006374][T27606] overlayfs: upper fs does not support file handles, falling back to index=off. [ 850.010396][T27606] overlayfs: fs on '.' does not support file handles, falling back to xino=off. [ 850.127542][T27617] sp0: Synchronizing with TNC [ 850.339811][ T6157] usb 14-1: new high-speed USB device number 3 using dummy_hcd [ 850.501773][ T6157] usb 14-1: config index 0 descriptor too short (expected 23569, got 27) [ 850.505239][ T6157] usb 14-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 850.510579][ T6157] usb 14-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 850.514597][ T6157] usb 14-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 850.517868][ T6157] usb 14-1: Manufacturer: syz [ 850.522271][ T6157] usb 14-1: config 0 descriptor?? [ 850.575064][ T6157] rc_core: IR keymap rc-hauppauge not found [ 850.577586][ T6157] Registered IR keymap rc-empty [ 850.580094][ T6157] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.9/usb14/14-1/14-1:0.0/rc/rc0 [ 850.585168][ T6157] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.9/usb14/14-1/14-1:0.0/rc/rc0/input68 [ 850.595004][T27644] ipvlan2: entered promiscuous mode [ 850.598240][T27644] 8021q: adding VLAN 0 to HW filter on device ipvlan2 [ 850.648307][T27649] input: syz1 as /devices/virtual/input/input69 [ 850.747793][T27615] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 850.751870][T27615] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 850.884496][ T55] usb 14-1: USB disconnect, device number 3 [ 850.947479][T27670] netlink: 'syz.7.25388': attribute type 4 has an invalid length. [ 851.077734][T27268] Bluetooth: hci2: command 0x041b tx timeout [ 851.528135][T27681] block nbd9: NBD_DISCONNECT [ 852.444692][T27708] netlink: 56 bytes leftover after parsing attributes in process `syz.7.25404'. [ 852.486923][T27712] vxcan0: tx address claim with dlc 0 [ 852.659623][ T846] usb 14-1: new high-speed USB device number 4 using dummy_hcd [ 852.841636][ T846] usb 14-1: Using ep0 maxpacket: 16 [ 852.845651][ T846] usb 14-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 852.852613][ T846] usb 14-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 852.856023][ T846] usb 14-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 852.859554][ T846] usb 14-1: Product: syz [ 852.861279][ T846] usb 14-1: Manufacturer: syz [ 852.863275][ T846] usb 14-1: SerialNumber: syz [ 852.867163][ T846] usb 14-1: config 0 descriptor?? [ 852.870958][ T846] hub 14-1:0.0: bad descriptor, ignoring hub [ 852.875315][ T846] hub 14-1:0.0: probe with driver hub failed with error -5 [ 852.881056][ T846] input: syz syz as /devices/platform/dummy_hcd.9/usb14/14-1/14-1:0.0/input/input70 [ 853.084333][T27743] netlink: 'syz.7.25419': attribute type 3 has an invalid length. [ 853.461642][ T29] usb 14-1: USB disconnect, device number 4 [ 853.961837][ T40] audit: type=1326 audit(2000000773.763:31389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27808 comm="syz.6.25422" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf702d579 code=0x7ffc0000 [ 853.969015][ T40] audit: type=1326 audit(2000000773.781:31390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27808 comm="syz.6.25422" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf702d5a7 code=0x7ffc0000 [ 853.979220][ T40] audit: type=1326 audit(2000000773.781:31391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27808 comm="syz.6.25422" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf702d579 code=0x7ffc0000 [ 854.392925][T27847] netlink: 'syz.6.25440': attribute type 6 has an invalid length. [ 854.569031][T27858] netlink: 8 bytes leftover after parsing attributes in process `syz.6.25445'. [ 854.577798][T27858] netlink: 'syz.6.25445': attribute type 5 has an invalid length. [ 854.644847][T27860] netlink: 68 bytes leftover after parsing attributes in process `syz.6.25446'. [ 854.650858][T27860] netlink: 8 bytes leftover after parsing attributes in process `syz.6.25446'. [ 854.683664][T27860] veth1: entered promiscuous mode [ 855.889630][T27902] netlink: 8 bytes leftover after parsing attributes in process `syz.6.25466'. [ 855.895961][T27902] netlink: 'syz.6.25466': attribute type 21 has an invalid length. [ 856.150308][T27921] PKCS8: Unsupported PKCS#8 version [ 856.200913][T27927] netlink: 20 bytes leftover after parsing attributes in process `syz.9.25478'. [ 856.416250][ T11] kernel write not supported for file /snd/seq (pid: 11 comm: kworker/0:1) [ 856.628362][T27961] netlink: 36 bytes leftover after parsing attributes in process `syz.9.25494'. [ 856.631273][T27961] netlink: 8 bytes leftover after parsing attributes in process `syz.9.25494'. [ 856.869840][T27978] netlink: 8 bytes leftover after parsing attributes in process `syz.7.25502'. [ 857.000304][T27988] netlink: 'syz.9.25505': attribute type 4 has an invalid length. [ 857.348102][T28017] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 857.803578][T28053] [U] [ 857.804894][T28053] [U] [ 857.806098][T28053] [U] [ 857.807346][T28053] [U] [ 857.809055][T28053] [U] [ 857.810296][T28053] [U] [ 857.811542][T28053] [U] [ 857.812555][T28053] [U] [ 857.814598][T28053] [U] [ 857.815840][T28053] [U] [ 857.817034][T28053] [U] [ 857.818197][T28053] [U] [ 857.819504][T28053] [U] [ 857.820736][T28053] [U] [ 857.822065][T28053] [U] [ 857.823428][T28053] [U] [ 857.825116][T28053] [U] [ 857.826478][T28053] [U] [ 857.827733][T28053] [U] [ 857.829034][T28053] [U] [ 857.830353][T28053] [U] [ 857.831600][T28053] [U] [ 857.832880][T28053] [U] [ 857.833907][T28053] [U] [ 857.835922][T28053] [U] [ 857.836889][T28053] [U] [ 857.837805][T28053] [U] [ 857.838699][T28053] [U] [ 857.840409][T28053] [U] [ 857.841437][T28053] [U] [ 857.842595][T28053] [U] [ 857.844668][T28053] [U] [ 857.847735][T28053] [U] [ 857.849065][T28053] [U] [ 857.850283][T28053] [U] [ 857.851451][T28053] [U] [ 857.852855][T28053] [U] [ 857.854077][T28053] [U] [ 857.855249][T28053] [U] [ 857.856443][T28053] [U] [ 857.858216][T28053] [U] [ 857.859429][T28053] [U] [ 857.860638][T28053] [U] [ 857.862216][T28053] [U] [ 857.863664][T28053] [U] [ 857.865089][T28053] [U] [ 857.866344][T28053] [U] [ 857.867651][T28053] [U] [ 857.870972][T28053] [U] [ 857.872294][T28053] [U] [ 857.873533][T28053] [U] [ 857.874710][T28053] [U] [ 857.876090][T28053] [U] [ 857.877330][T28053] [U] [ 857.878519][T28053] [U] [ 857.879706][T28053] [U] [ 857.881243][T28053] [U] [ 857.882507][T28053] [U] [ 857.883600][T28053] [U] [ 857.884708][T28053] [U] [ 857.885815][T28053] [U] [ 857.887030][T28053] [U] [ 857.888247][T28053] [U] [ 857.889474][T28053] [U] [ 857.890861][T28053] [U] [ 857.892110][T28053] [U] [ 857.893301][T28053] [U] [ 857.894459][T28053] [U] [ 857.895892][T28053] [U] [ 857.897111][T28053] [U] [ 857.898322][T28053] [U] [ 857.899526][T28053] [U] [ 857.901122][T28053] [U] [ 857.902383][T28053] [U] [ 857.903578][T28053] [U] [ 857.904777][T28053] [U] [ 857.906184][T28053] [U] [ 857.907434][T28053] [U] [ 857.908358][T28053] [U] [ 857.909240][T28053] [U] [ 857.910692][T28053] [U] [ 857.912716][T28053] [U] [ 857.913907][T28053] [U] [ 857.915131][T28053] [U] [ 857.926942][T28053] [U] [ 857.928278][T28053] [U] [ 857.929842][T28053] [U] [ 857.931048][T28053] [U] [ 857.932774][T28053] [U] [ 857.934490][T28053] [U] [ 857.935756][T28053] [U] [ 857.937175][T28053] [U] [ 857.938805][T28053] [U] [ 857.940095][T28053] [U] [ 857.941332][T28053] [U] [ 857.942541][T28053] [U] [ 857.944194][T28053] [U] [ 857.945447][T28053] [U] [ 857.946706][T28053] [U] [ 857.947907][T28053] [U] [ 857.949342][T28053] [U] [ 857.950577][T28053] [U] [ 857.951852][T28053] [U] [ 857.953035][T28053] [U] [ 857.954582][T28053] [U] [ 857.955821][T28053] [U] [ 857.956973][T28053] [U] [ 857.958127][T28053] [U] [ 857.959576][T28053] [U] [ 857.960804][T28053] [U] [ 857.962039][T28053] [U] [ 857.963204][T28053] [U] [ 857.965133][T28053] [U] [ 857.966359][T28053] [U] [ 857.967544][T28053] [U] [ 857.968765][T28053] [U] [ 857.970134][T28053] [U] [ 857.971353][T28053] [U] [ 857.972571][T28053] [U] [ 857.973761][T28053] [U] [ 857.975229][T28053] [U] [ 857.976487][T28053] [U] [ 857.977687][T28053] [U] [ 857.978841][T28053] [U] [ 857.980556][T28053] [U] [ 857.981796][T28053] [U] [ 857.983345][T28053] [U] [ 858.006089][T28052] [U] [ 858.860798][T28097] Falling back ldisc for ttyS3. [ 859.271829][T28092] orangefs_mount: mount request failed with -4 [ 859.277859][T28125] syzkaller1: tun_chr_ioctl cmd 35108 [ 859.499193][T28137] netlink: 24 bytes leftover after parsing attributes in process `syz.8.25576'. [ 859.505623][T28139] netlink: 'syz.7.25577': attribute type 5 has an invalid length. [ 859.527524][ T29] kernel write not supported for file /input/mouse0 (pid: 29 comm: kworker/1:0) [ 859.598635][T28148] netlink: 16 bytes leftover after parsing attributes in process `syz.8.25581'. [ 859.735414][ T40] kauditd_printk_skb: 9 callbacks suppressed [ 859.735427][ T40] audit: type=1804 audit(2000000779.169:31401): pid=28158 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm=01 name="/newroot/382/file0" dev="tmpfs" ino=1951 res=1 errno=0 [ 859.803198][ T40] audit: type=1326 audit(2000000779.235:31402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28105 comm="syz.6.25561" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702d579 code=0x7fc00000 [ 860.089765][T28189] netlink: 'syz.7.25602': attribute type 9 has an invalid length. [ 860.212780][T28204] input: syz1 as /devices/virtual/input/input71 [ 860.254432][T28212] netlink: 20 bytes leftover after parsing attributes in process `syz.9.25612'. [ 860.282099][T28212] netlink: 20 bytes leftover after parsing attributes in process `syz.9.25612'. [ 860.708500][T28260] netlink: 'syz.9.25632': attribute type 9 has an invalid length. [ 860.712342][T28260] netlink: 'syz.9.25632': attribute type 6 has an invalid length. [ 860.715102][T28260] netlink: 'syz.9.25632': attribute type 7 has an invalid length. [ 860.717702][T28260] netlink: 'syz.9.25632': attribute type 8 has an invalid length. [ 861.474398][T28315] input: syz1 as /devices/virtual/input/input72 [ 861.500567][ T6171] usb 11-1: new high-speed USB device number 11 using dummy_hcd [ 861.671608][ T6171] usb 11-1: Using ep0 maxpacket: 16 [ 861.674779][ T6171] usb 11-1: config 0 has no interfaces? [ 861.676718][ T6171] usb 11-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 861.679683][ T6171] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 861.684536][ T6171] usb 11-1: config 0 descriptor?? [ 861.908333][ T846] usb 11-1: USB disconnect, device number 11 [ 865.255018][T27268] block nbd4: Receive control failed (result -32) [ 865.433637][T28496] nfs: Unknown parameter 'ntext' [ 865.782035][T28515] netlink: 4 bytes leftover after parsing attributes in process `syz.6.25748'. [ 865.931286][T28523] kAFS: unable to lookup cell '(,' [ 866.092328][T28530] netlink: 28 bytes leftover after parsing attributes in process `syz.6.25755'. [ 866.828482][T28574] Failed to get privilege flags for destination (handle=0x2:0xd) [ 867.571057][T28618] IPv6: addrconf: prefix option has invalid lifetime [ 867.776794][ T846] usb 14-1: new high-speed USB device number 5 using dummy_hcd [ 867.931517][ T40] audit: type=1326 audit(2000000786.839:31403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28630 comm="syz.6.25805" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702d579 code=0x7ffc0000 [ 867.939607][ T40] audit: type=1326 audit(2000000786.839:31404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28630 comm="syz.6.25805" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702d579 code=0x7ffc0000 [ 867.939628][ T846] usb 14-1: Using ep0 maxpacket: 8 [ 867.946521][ T40] audit: type=1326 audit(2000000786.839:31405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28630 comm="syz.6.25805" exe="/syz-executor" sig=0 arch=40000003 syscall=39 compat=1 ip=0xf702d579 code=0x7ffc0000 [ 867.952467][ T846] usb 14-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config [ 867.957033][ T40] audit: type=1326 audit(2000000786.839:31406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28630 comm="syz.6.25805" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702d579 code=0x7ffc0000 [ 867.961746][ T846] usb 14-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 867.967838][ T40] audit: type=1326 audit(2000000786.839:31407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28630 comm="syz.6.25805" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702d579 code=0x7ffc0000 [ 867.967867][ T40] audit: type=1326 audit(2000000786.839:31408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28630 comm="syz.6.25805" exe="/syz-executor" sig=0 arch=40000003 syscall=226 compat=1 ip=0xf702d579 code=0x7ffc0000 [ 867.967891][ T40] audit: type=1326 audit(2000000786.839:31409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28630 comm="syz.6.25805" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702d579 code=0x7ffc0000 [ 867.967912][ T40] audit: type=1326 audit(2000000786.839:31410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28630 comm="syz.6.25805" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702d579 code=0x7ffc0000 [ 867.967932][ T40] audit: type=1326 audit(2000000786.839:31411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28630 comm="syz.6.25805" exe="/syz-executor" sig=0 arch=40000003 syscall=230 compat=1 ip=0xf702d579 code=0x7ffc0000 [ 867.971637][ T846] usb 14-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 867.979796][ T40] audit: type=1326 audit(2000000786.839:31412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28630 comm="syz.6.25805" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702d579 code=0x7ffc0000 [ 868.043583][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 869.098438][T28667] overlayfs: workdir and upperdir must reside under the same mount [ 870.124556][T28717] loop9: detected capacity change from 0 to 7 [ 870.125238][T28717] Dev loop9: unable to read RDB block 7 [ 870.130559][T28717] loop9: unable to read partition table [ 870.130664][T28717] loop9: partition table beyond EOD, truncated [ 870.130675][T28717] loop_reread_partitions: partition scan of loop9 (被x ) failed (rc=-5) [ 870.728912][ T6157] usb 14-1: USB disconnect, device number 5 [ 870.768241][T28741] ipvlan2: entered promiscuous mode [ 870.784902][ T846] hid_parser_main: 8 callbacks suppressed [ 870.784920][ T846] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0 [ 870.812851][ T846] hid-generic 0000:0000:0000.000D: hidraw1: HID v0.00 Device [syz1] on syz0 [ 871.915241][T28796] bridge0: the hash_elasticity option has been deprecated and is always 16 [ 872.200946][T28826] netlink: 'syz.9.25896': attribute type 3 has an invalid length. [ 872.205133][T28826] netlink: 118428 bytes leftover after parsing attributes in process `syz.9.25896'. [ 872.298721][T28840] netlink: 24 bytes leftover after parsing attributes in process `syz.9.25903'. [ 872.308412][T28840] netlink: 24 bytes leftover after parsing attributes in process `syz.9.25903'. [ 873.562357][T28879] 9pnet_fd: Insufficient options for proto=fd [ 873.646372][T28868] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 873.649101][T28868] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 873.651630][T28868] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 873.689037][T28884] 9pnet_fd: Insufficient options for proto=fd [ 874.369289][T28913] netlink: 'syz.9.25933': attribute type 1 has an invalid length. [ 874.372866][T28913] netlink: 224 bytes leftover after parsing attributes in process `syz.9.25933'. [ 874.759766][T28929] syzkaller1: tun_chr_ioctl cmd 1074025678 [ 874.762980][T28929] syzkaller1: group set to 0 [ 875.233156][T28967] netlink: 56 bytes leftover after parsing attributes in process `syz.8.25956'. [ 875.385908][ T40] kauditd_printk_skb: 68 callbacks suppressed [ 875.385919][ T40] audit: type=1326 audit(2000000793.808:31481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28982 comm="syz.6.25964" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702d579 code=0x7ffc0000 [ 875.400226][ T40] audit: type=1326 audit(2000000793.808:31482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28982 comm="syz.6.25964" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702d579 code=0x7ffc0000 [ 875.408039][ T40] audit: type=1326 audit(2000000793.818:31483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28982 comm="syz.6.25964" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf702d579 code=0x7ffc0000 [ 875.415086][ T40] audit: type=1326 audit(2000000793.818:31484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28982 comm="syz.6.25964" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702d579 code=0x7ffc0000 [ 875.422478][ T40] audit: type=1326 audit(2000000793.818:31485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28982 comm="syz.6.25964" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702d579 code=0x7ffc0000 [ 875.429377][ T40] audit: type=1326 audit(2000000793.818:31486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28982 comm="syz.6.25964" exe="/syz-executor" sig=0 arch=40000003 syscall=260 compat=1 ip=0xf702d579 code=0x7ffc0000 [ 875.436619][ T40] audit: type=1326 audit(2000000793.818:31487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28982 comm="syz.6.25964" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf702d598 code=0x7ffc0000 [ 875.443849][ T40] audit: type=1326 audit(2000000793.818:31488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28982 comm="syz.6.25964" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf702d598 code=0x7ffc0000 [ 875.451020][ T40] audit: type=1326 audit(2000000793.818:31489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28982 comm="syz.6.25964" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf702d598 code=0x7ffc0000 [ 875.460230][ T40] audit: type=1326 audit(2000000793.818:31490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28982 comm="syz.6.25964" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf702d598 code=0x7ffc0000 [ 875.528860][T28987] netlink: 24 bytes leftover after parsing attributes in process `syz.6.25966'. [ 875.702260][T28997] could not open pipe file descriptor [ 875.793968][ T6103] Bluetooth: hci2: command 0x041b tx timeout [ 875.794005][T27268] Bluetooth: hci3: command 0x0419 tx timeout [ 875.794966][T26021] Bluetooth: hci1: command 0x0c1a tx timeout [ 876.261414][T29030] overlayfs: missing 'workdir' [ 878.817917][T29128] netlink: 4 bytes leftover after parsing attributes in process `syz.7.26033'. [ 878.825519][T29128] netlink: 4 bytes leftover after parsing attributes in process `syz.7.26033'. [ 878.942937][T29143] netlink: 32 bytes leftover after parsing attributes in process `syz.7.26039'. [ 878.953792][T29143] netlink: 16 bytes leftover after parsing attributes in process `syz.7.26039'. [ 879.129831][ T844] e1000 0000:00:06.0 eth0: Reset adapter [ 879.189339][T29071] Set syz1 is full, maxelem 65536 reached [ 881.450456][ T844] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX [ 889.264548][ T40] kauditd_printk_skb: 203 callbacks suppressed [ 889.264558][ T40] audit: type=1326 audit(2000000806.801:31694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29211 comm="syz.7.26056" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702d579 code=0x7ffc0000 [ 889.280134][ T40] audit: type=1326 audit(2000000806.801:31695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29211 comm="syz.7.26056" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702d579 code=0x7ffc0000 [ 889.292232][ T40] audit: type=1326 audit(2000000806.801:31696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29211 comm="syz.7.26056" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf702d579 code=0x7ffc0000 [ 889.304281][ T40] audit: type=1326 audit(2000000806.801:31697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29211 comm="syz.7.26056" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702d579 code=0x7ffc0000 [ 889.313128][ T40] audit: type=1326 audit(2000000806.801:31698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29211 comm="syz.7.26056" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702d579 code=0x7ffc0000 [ 889.321297][ T40] audit: type=1326 audit(2000000806.801:31699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29211 comm="syz.7.26056" exe="/syz-executor" sig=0 arch=40000003 syscall=260 compat=1 ip=0xf702d579 code=0x7ffc0000 [ 889.328232][ T40] audit: type=1326 audit(2000000806.801:31700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29211 comm="syz.7.26056" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf702d598 code=0x7ffc0000 [ 889.335308][ T40] audit: type=1326 audit(2000000806.801:31701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29211 comm="syz.7.26056" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf702d598 code=0x7ffc0000 [ 889.342672][ T40] audit: type=1326 audit(2000000806.801:31702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29211 comm="syz.7.26056" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf702d598 code=0x7ffc0000 [ 889.349892][ T40] audit: type=1326 audit(2000000806.801:31703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29211 comm="syz.7.26056" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf702d598 code=0x7ffc0000 [ 889.454821][T29222] bond3: ARP target 9.0.0.0 is already present [ 889.457653][T29222] bond3: option arp_ip_target: invalid value (9) [ 889.500868][T29222] bond3 (unregistering): Released all slaves [ 889.667978][T29236] netlink: 'syz.9.26066': attribute type 10 has an invalid length. [ 890.371374][T29265] netlink: 212368 bytes leftover after parsing attributes in process `syz.7.26081'. [ 890.572826][T29284] netlink: 8 bytes leftover after parsing attributes in process `syz.9.26090'. [ 890.823475][T29307] netlink: 20 bytes leftover after parsing attributes in process `syz.8.26100'. [ 891.273917][ T55] usb 14-1: new high-speed USB device number 6 using dummy_hcd [ 891.445128][ T55] usb 14-1: Using ep0 maxpacket: 8 [ 891.449291][ T55] usb 14-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b [ 891.453270][ T55] usb 14-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 891.462269][ T55] pvrusb2: Hardware description: Terratec Grabster AV400 [ 891.465329][ T55] pvrusb2: ********** [ 891.467233][ T55] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 891.471538][ T55] pvrusb2: Important functionality might not be entirely working. [ 891.474879][ T55] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 891.479879][ T55] pvrusb2: ********** [ 891.686904][ T2486] pvrusb2: Invalid write control endpoint [ 891.712884][ T2486] pvrusb2: Invalid write control endpoint [ 891.714724][ T2486] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 891.717648][ T2486] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 891.720075][ T2486] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 891.723662][ T2486] pvrusb2: Device being rendered inoperable [ 891.728314][ T2486] cx25840 2-0044: Unable to detect h/w, assuming cx23887 [ 891.730586][ T2486] cx25840 2-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a) [ 891.731936][T29348] vxcan0: tx address claim with dest, not broadcast [ 891.733397][ T2486] pvrusb2: Attached sub-driver cx25840 [ 891.737062][ T2486] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 891.740384][ T2486] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 891.903918][T29318] pvrusb2: Attempted to execute control transfer when device not ok [ 891.911699][ T56] usb 14-1: USB disconnect, device number 6 [ 892.452586][T29376] netlink: 8 bytes leftover after parsing attributes in process `syz.7.26133'. [ 892.494024][T29378] netlink: 4 bytes leftover after parsing attributes in process `syz.7.26134'. [ 892.504332][T29378] netlink: 104 bytes leftover after parsing attributes in process `syz.7.26134'. [ 892.507332][T29378] netlink: 104 bytes leftover after parsing attributes in process `syz.7.26134'. [ 892.518813][T29380] netlink: 'syz.9.26135': attribute type 25 has an invalid length. [ 892.927855][T29405] IPVS: rr: SCTP 172.20.20.187:0 - no destination available [ 893.368724][ T844] hid-generic 0000:0000:0000.000E: unknown main item tag 0x7 [ 893.373079][ T844] hid-generic 0000:0000:0000.000E: ignoring exceeding usage max [ 893.376157][ T844] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 893.378619][ T844] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 893.382850][ T844] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 893.385416][ T844] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 893.388917][ T844] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 893.391897][ T844] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 893.394249][ T844] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 893.396777][ T844] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 893.399364][ T844] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 893.402869][ T844] hid-generic 0000:0000:0000.000E: hidraw1: HID v0.00 Device [syz0] on syz0 [ 893.505723][T29436] kvm: kvm [29435]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x11e) = 0x1 [ 893.989305][T29478] hugetlbfs: syz.6.26180 (29478): Using mlock ulimits for SHM_HUGETLB is obsolete [ 894.406294][ T845] usb 13-1: new high-speed USB device number 4 using dummy_hcd [ 894.479265][T29517] netlink: 'syz.7.26197': attribute type 1 has an invalid length. [ 894.482290][T29517] netlink: 24 bytes leftover after parsing attributes in process `syz.7.26197'. [ 894.512363][T29523] netlink: 4 bytes leftover after parsing attributes in process `syz.7.26200'. [ 894.575855][ T845] usb 13-1: too many configurations: 9, using maximum allowed: 8 [ 894.579570][ T845] usb 13-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 894.582579][ T845] usb 13-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 894.586200][ T845] usb 13-1: config 0 interface 0 has no altsetting 0 [ 894.589449][ T845] usb 13-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 894.592349][ T845] usb 13-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 894.596324][ T845] usb 13-1: config 0 interface 0 has no altsetting 0 [ 894.604066][ T845] usb 13-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 894.607764][ T845] usb 13-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 894.613161][ T845] usb 13-1: config 0 interface 0 has no altsetting 0 [ 894.618991][ T845] usb 13-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 894.623321][ T845] usb 13-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 894.627897][ T845] usb 13-1: config 0 interface 0 has no altsetting 0 [ 894.639118][ T845] usb 13-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 894.642690][ T845] usb 13-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 894.647112][ T845] usb 13-1: config 0 interface 0 has no altsetting 0 [ 894.650182][ T845] usb 13-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 894.653925][ T845] usb 13-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 894.658503][ T845] usb 13-1: config 0 interface 0 has no altsetting 0 [ 894.662444][ T845] usb 13-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 894.668192][ T845] usb 13-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 894.672836][ T845] usb 13-1: config 0 interface 0 has no altsetting 0 [ 894.677532][ T845] usb 13-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 894.681164][ T845] usb 13-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 894.685664][ T845] usb 13-1: config 0 interface 0 has no altsetting 0 [ 894.689446][ T845] usb 13-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 894.692318][ T845] usb 13-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 894.692331][ T845] usb 13-1: Product: syz [ 894.692339][ T845] usb 13-1: Manufacturer: syz [ 894.692347][ T845] usb 13-1: SerialNumber: syz [ 894.693431][ T845] usb 13-1: config 0 descriptor?? [ 894.705940][ T845] yurex 13-1:0.0: USB YUREX device now attached to Yurex #0 [ 894.754876][T29546] netlink: 'syz.9.26206': attribute type 1 has an invalid length. [ 894.932646][ T55] usb 13-1: USB disconnect, device number 4 [ 894.938000][ T55] yurex 13-1:0.0: USB YUREX #0 now disconnected [ 895.214271][T29570] serio: Serial port ptm0 [ 895.434887][T29585] netlink: 143 bytes leftover after parsing attributes in process `syz.9.26224'. [ 895.443288][ T6196] usb 13-1: new high-speed USB device number 5 using dummy_hcd [ 895.556054][ T846] hid-generic 0000:0000:0000.000F: hidraw1: HID v0.00 Device [Zw[ba|\rn)A#6oү?aIs5hV3(; [ 895.556054][ T846] ѝP$zɷX$w[SRezxuSrl[5l'ZCz2] on tDKY縣Ϫ򞿹,UOp{"ixA[ewÒ}ZXA [ 895.616035][ T6196] usb 13-1: too many configurations: 9, using maximum allowed: 8 [ 895.620490][ T6196] usb 13-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 895.623600][ T40] kauditd_printk_skb: 1345 callbacks suppressed [ 895.623610][ T40] audit: type=1326 audit(2000000812.741:33049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29602 comm="syz.6.26232" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf702d598 code=0x7ffc0000 [ 895.624764][ T40] audit: type=1326 audit(2000000812.741:33050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29602 comm="syz.6.26232" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702d579 code=0x7ffc0000 [ 895.626002][ T6196] usb 13-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 895.626018][ T6196] usb 13-1: config 0 interface 0 has no altsetting 0 [ 895.626845][ T6196] usb 13-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 895.641689][ T40] audit: type=1326 audit(2000000812.741:33051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29602 comm="syz.6.26232" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702d579 code=0x7ffc0000 [ 895.641723][ T40] audit: type=1326 audit(2000000812.750:33052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29602 comm="syz.6.26232" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702d579 code=0x7ffc0000 [ 895.641744][ T40] audit: type=1326 audit(2000000812.750:33053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29602 comm="syz.6.26232" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf702d598 code=0x7ffc0000 [ 895.665242][ T40] audit: type=1326 audit(2000000812.750:33054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29602 comm="syz.6.26232" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf702d598 code=0x7ffc0000 [ 895.672235][ T6196] usb 13-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 895.672254][ T6196] usb 13-1: config 0 interface 0 has no altsetting 0 [ 895.679199][ T6196] usb 13-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 895.681163][ T40] audit: type=1326 audit(2000000812.778:33055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29602 comm="syz.6.26232" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702d579 code=0x7ffc0000 [ 895.684063][ T6196] usb 13-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 895.689392][ T40] audit: type=1326 audit(2000000812.778:33056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29602 comm="syz.6.26232" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702d579 code=0x7ffc0000 [ 895.691826][ T6196] usb 13-1: config 0 interface 0 has no altsetting 0 [ 895.709239][ T40] audit: type=1326 audit(2000000812.778:33057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29602 comm="syz.6.26232" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702d579 code=0x7ffc0000 [ 895.719229][ T40] audit: type=1326 audit(2000000812.778:33058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29602 comm="syz.6.26232" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702d579 code=0x7ffc0000 [ 895.722324][ T6196] usb 13-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 895.730571][ T6196] usb 13-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 895.735249][ T6196] usb 13-1: config 0 interface 0 has no altsetting 0 [ 895.741875][ T6196] usb 13-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 895.749385][ T6196] usb 13-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 895.753741][ T6196] usb 13-1: config 0 interface 0 has no altsetting 0 [ 895.764465][ T6196] usb 13-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 895.768123][ T6196] usb 13-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 895.771987][ T6196] usb 13-1: config 0 interface 0 has no altsetting 0 [ 895.777040][ T6196] usb 13-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 895.780972][ T6196] usb 13-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 895.796008][ T6196] usb 13-1: config 0 interface 0 has no altsetting 0 [ 895.799030][ T6196] usb 13-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 895.802023][ T6196] usb 13-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 895.805478][ T6196] usb 13-1: config 0 interface 0 has no altsetting 0 [ 895.813432][ T6196] usb 13-1: New USB device found, idVendor=16e3, idProduct=f9e9, bcdDevice=49.8e [ 895.816384][ T6196] usb 13-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 895.819738][ T6196] usb 13-1: Product: syz [ 895.821154][ T6196] usb 13-1: Manufacturer: syz [ 895.822814][ T6196] usb 13-1: SerialNumber: syz [ 895.828863][ T6196] usb 13-1: config 0 descriptor?? [ 895.839034][T29610] kvm: kvm [29609]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x4000006f) = 0x6 [ 895.840955][ T6196] input: syz syz as /devices/platform/dummy_hcd.8/usb13/13-1/13-1:0.0/input/input75 [ 896.013559][T29624] IPVS: rr: SCTP 172.20.20.187:0 - no destination available [ 896.151363][ T844] usb 13-1: USB disconnect, device number 5 [ 896.780031][T29669] netlink: 'syz.8.26261': attribute type 2 has an invalid length. [ 896.835257][T29672] netlink: 'syz.8.26261': attribute type 2 has an invalid length. [ 896.896975][T29674] input: syz1 as /devices/virtual/input/input76 [ 896.923141][T29665] A link change request failed with some changes committed already. Interface sit0 may have been left with an inconsistent configuration, please check. [ 896.933913][T29669] !: entered promiscuous mode [ 896.936101][T29672] !: left promiscuous mode [ 897.165509][T29694] netlink: 4 bytes leftover after parsing attributes in process `syz.9.26273'. [ 897.685238][T29744] ip6_vti0 speed is unknown, defaulting to 1000 [ 897.702442][T29746] vlan0: entered allmulticast mode [ 897.704675][T29746] veth0_to_bond: entered allmulticast mode [ 897.912633][T29765] netlink: 68 bytes leftover after parsing attributes in process `syz.7.26305'. [ 897.921586][T29769] netlink: 28 bytes leftover after parsing attributes in process `syz.8.26307'. [ 897.945829][T27792] wlan1: Trigger new scan to find an IBSS to join [ 898.194836][T29781] sp0: Synchronizing with TNC [ 898.398529][T29800] ip6gretap0: entered promiscuous mode [ 899.070622][T29867] netlink: 4 bytes leftover after parsing attributes in process `syz.7.26344'. [ 899.340538][T29885] netlink: 28 bytes leftover after parsing attributes in process `syz.9.26351'. [ 899.389850][T29891] tipc: Enabling of bearer rejected, already enabled [ 899.623368][ T11] usb 14-1: new full-speed USB device number 7 using dummy_hcd [ 899.785962][ T11] usb 14-1: config 0 interface 0 altsetting 251 has an endpoint descriptor with address 0xED, changing to 0x8D [ 899.790334][ T11] usb 14-1: config 0 interface 0 altsetting 251 endpoint 0x8D has invalid maxpacket 52921, setting to 64 [ 899.794904][ T11] usb 14-1: config 0 interface 0 has no altsetting 0 [ 899.802712][ T11] usb 14-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 899.808809][ T11] usb 14-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 899.812716][ T11] usb 14-1: Product: syz [ 899.814613][ T11] usb 14-1: Manufacturer: syz [ 899.816821][ T11] usb 14-1: SerialNumber: syz [ 899.820006][ T11] usb 14-1: config 0 descriptor?? [ 899.829506][ T11] usb 14-1: selecting invalid altsetting 0 [ 900.043914][T29889] usb 14-1: cannot submit urb 0, error -2: endpoint not enabled [ 900.047106][T29889] usb 14-1: cannot submit urb 0, error -2: endpoint not enabled [ 900.049865][T29889] usb 14-1: cannot submit urb 0, error -2: endpoint not enabled [ 900.053126][T29889] usb 14-1: cannot submit urb 0, error -2: endpoint not enabled [ 900.054819][T29914] netlink: 52 bytes leftover after parsing attributes in process `syz.7.26365'. [ 900.055844][T29889] usb 14-1: cannot submit urb 0, error -2: endpoint not enabled [ 900.063603][T29889] usb 14-1: cannot submit urb 0, error -2: endpoint not enabled [ 900.066401][T29889] usb 14-1: cannot submit urb 0, error -2: endpoint not enabled [ 900.069160][T29889] usb 14-1: cannot submit urb 0, error -2: endpoint not enabled [ 900.071877][T29889] usb 14-1: cannot submit urb 0, error -2: endpoint not enabled [ 900.074674][T29889] usb 14-1: cannot submit urb 0, error -2: endpoint not enabled [ 900.077361][T29889] usb 14-1: cannot submit urb 0, error -2: endpoint not enabled [ 900.079970][T29889] usb 14-1: cannot submit urb 0, error -2: endpoint not enabled [ 900.082677][T29889] usb 14-1: cannot submit urb 0, error -2: endpoint not enabled [ 900.085766][T29889] usb 14-1: cannot submit urb 0, error -2: endpoint not enabled [ 900.088480][T29889] usb 14-1: cannot submit urb 0, error -2: endpoint not enabled [ 900.091053][T29889] usb 14-1: cannot submit urb 0, error -2: endpoint not enabled [ 900.093849][T29889] usb 14-1: cannot submit urb 0, error -2: endpoint not enabled [ 900.096572][T29889] usb 14-1: cannot submit urb 0, error -2: endpoint not enabled [ 900.099281][T29889] usb 14-1: cannot submit urb 0, error -2: endpoint not enabled [ 900.102055][T29889] usb 14-1: cannot submit urb 0, error -2: endpoint not enabled [ 900.104796][T29889] usb 14-1: cannot submit urb 0, error -2: endpoint not enabled [ 900.107395][T29889] usb 14-1: cannot submit urb 0, error -2: endpoint not enabled [ 900.110313][T29889] usb 14-1: cannot submit urb 0, error -2: endpoint not enabled [ 900.113087][T29889] usb 14-1: cannot submit urb 0, error -2: endpoint not enabled [ 900.116332][T29889] usb 14-1: cannot submit urb 0, error -2: endpoint not enabled [ 900.119000][T29889] usb 14-1: cannot submit urb 0, error -2: endpoint not enabled [ 900.121628][T29889] usb 14-1: cannot submit urb 0, error -2: endpoint not enabled [ 900.125058][T29889] usb 14-1: cannot submit urb 0, error -2: endpoint not enabled [ 900.128101][T29889] usb 14-1: cannot submit urb 0, error -2: endpoint not enabled [ 900.130883][T29889] usb 14-1: cannot submit urb 0, error -2: endpoint not enabled [ 900.134488][T29889] usb 14-1: cannot submit urb 0, error -2: endpoint not enabled [ 900.137570][T29889] usb 14-1: cannot submit urb 0, error -2: endpoint not enabled [ 900.140628][T29889] usb 14-1: cannot submit urb 0, error -2: endpoint not enabled [ 900.143942][T29889] usb 14-1: cannot submit urb 0, error -2: endpoint not enabled [ 900.147882][T29889] usb 14-1: cannot submit urb 0, error -2: endpoint not enabled [ 900.151000][T29889] usb 14-1: cannot submit urb 0, error -2: endpoint not enabled [ 900.154209][T29889] usb 14-1: cannot submit urb 0, error -2: endpoint not enabled [ 900.158144][T29889] usb 14-1: cannot submit urb 0, error -2: endpoint not enabled [ 900.161984][T29889] usb 14-1: cannot submit urb 0, error -2: endpoint not enabled [ 900.166130][T29889] usb 14-1: cannot submit urb 0, error -2: endpoint not enabled [ 900.169929][T29889] usb 14-1: cannot submit urb 0, error -2: endpoint not enabled [ 900.173696][T29889] usb 14-1: cannot submit urb 0, error -2: endpoint not enabled [ 900.177914][T29889] usb 14-1: cannot submit urb 0, error -2: endpoint not enabled [ 900.181568][T29889] usb 14-1: cannot submit urb 0, error -2: endpoint not enabled [ 900.224410][T29888] usb 14-1: cannot submit urb 0, error -2: endpoint not enabled [ 900.228639][ T11] usb 14-1: USB disconnect, device number 7 [ 900.390095][T29936] netlink: 28 bytes leftover after parsing attributes in process `syz.8.26376'. [ 900.992623][T29972] Sensor A: ================= START STATUS ================= [ 900.996078][T29972] Sensor A: Test Pattern: Horizontal 100% Colorbar [ 900.998959][T29972] Sensor A: Show Information: All [ 901.001195][T29972] Sensor A: Vertical Flip: true [ 901.003377][T29972] Sensor A: Horizontal Flip: true [ 901.005542][T29972] Sensor A: Brightness: 3 [ 901.007518][T29972] Sensor A: Contrast: 255 [ 901.009381][T29972] Sensor A: Hue: 127 [ 901.011070][T29972] Sensor A: Saturation: 3 [ 901.014611][T29972] Sensor A: ================== END STATUS ================== [ 901.195040][T27756] wlan1: Trigger new scan to find an IBSS to join [ 901.266241][T29993] mkiss: ax0: crc mode is auto. [ 901.312415][ T55] usb 13-1: new high-speed USB device number 6 using dummy_hcd [ 901.474767][ T55] usb 13-1: config index 0 descriptor too short (expected 23569, got 27) [ 901.478796][ T55] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 901.486674][ T55] usb 13-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 901.490767][ T55] usb 13-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 901.494317][ T55] usb 13-1: Manufacturer: syz [ 901.501859][ T55] usb 13-1: config 0 descriptor?? [ 901.558299][ T55] rc_core: IR keymap rc-hauppauge not found [ 901.560653][ T55] Registered IR keymap rc-empty [ 901.563873][ T55] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.8/usb13/13-1/13-1:0.0/rc/rc0 [ 901.571828][ T55] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.8/usb13/13-1/13-1:0.0/rc/rc0/input77 [ 901.773082][ T55] usb 13-1: USB disconnect, device number 6 [ 902.484350][T30071] batman_adv: batadv0: Adding interface: dummy0 [ 902.487040][T30071] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 902.498841][T30071] batman_adv: batadv0: Interface activated: dummy0 [ 902.760329][T30091] netlink: 8 bytes leftover after parsing attributes in process `syz.8.26445'. [ 902.764017][T30091] netlink: 4 bytes leftover after parsing attributes in process `syz.8.26445'. [ 902.768085][T30091] netlink: 'syz.8.26445': attribute type 7 has an invalid length. [ 902.772030][T30091] netlink: 'syz.8.26445': attribute type 12 has an invalid length. [ 902.822659][ C0] IPv4: Oversized IP packet from 172.20.20.24 [ 903.660184][T30128] netlink: 16 bytes leftover after parsing attributes in process `syz.9.26464'. [ 903.663281][T30128] netlink: 16 bytes leftover after parsing attributes in process `syz.9.26464'. [ 903.666765][T30128] netlink: 16 bytes leftover after parsing attributes in process `syz.9.26464'. [ 903.743423][T30128] netlink: 16 bytes leftover after parsing attributes in process `syz.9.26464'. [ 903.747059][T30128] netlink: 16 bytes leftover after parsing attributes in process `syz.9.26464'. [ 903.750999][T30128] netlink: 16 bytes leftover after parsing attributes in process `syz.9.26464'. [ 903.840131][T30128] netlink: 16 bytes leftover after parsing attributes in process `syz.9.26464'. [ 903.843956][T30128] netlink: 16 bytes leftover after parsing attributes in process `syz.9.26464'. [ 904.358863][ T40] kauditd_printk_skb: 585 callbacks suppressed [ 904.358880][ T40] audit: type=1326 audit(2000000820.907:33644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30169 comm="syz.8.26483" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa3579 code=0x7ffc0000 [ 904.370457][ T40] audit: type=1326 audit(2000000820.907:33645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30169 comm="syz.8.26483" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa3579 code=0x7ffc0000 [ 904.378990][ T40] audit: type=1326 audit(2000000820.916:33646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30169 comm="syz.8.26483" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa3579 code=0x7ffc0000 [ 904.388062][ T40] audit: type=1326 audit(2000000820.916:33647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30169 comm="syz.8.26483" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa3579 code=0x7ffc0000 [ 904.397606][ T40] audit: type=1326 audit(2000000820.916:33648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30169 comm="syz.8.26483" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fa3598 code=0x7ffc0000 [ 904.406583][ T40] audit: type=1326 audit(2000000820.916:33649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30169 comm="syz.8.26483" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa3579 code=0x7ffc0000 [ 904.416006][ T40] audit: type=1326 audit(2000000820.916:33650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30169 comm="syz.8.26483" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fa3598 code=0x7ffc0000 [ 904.425167][ T40] audit: type=1326 audit(2000000820.916:33651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30169 comm="syz.8.26483" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fa3598 code=0x7ffc0000 [ 904.433870][ T40] audit: type=1326 audit(2000000820.916:33652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30169 comm="syz.8.26483" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa3579 code=0x7ffc0000 [ 904.442688][ T40] audit: type=1326 audit(2000000820.916:33653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30169 comm="syz.8.26483" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fa3598 code=0x7ffc0000 [ 904.456246][ T6020] wlan1: Trigger new scan to find an IBSS to join [ 905.541704][T27800] wlan1: Creating new IBSS network, BSSID 00:8d:ff:ff:00:00 [ 905.558689][T30266] netlink: 'syz.9.26526': attribute type 1 has an invalid length. [ 905.568030][ T846] ------------[ cut here ]------------ [ 905.570403][ T846] no supported rates for sta (null) (0xffffffff, band 0) in rate_mask 0x0 with flags 0x0 [ 905.571024][T30266] bond1: entered promiscuous mode [ 905.573862][ T846] WARNING: CPU: 1 PID: 846 at net/mac80211/rate.c:401 __rate_control_send_low+0x667/0x780 [ 905.575476][T30266] 8021q: adding VLAN 0 to HW filter on device bond1 [ 905.578752][ T846] Modules linked in: [ 905.578870][ T846] CPU: 1 UID: 0 PID: 846 Comm: kworker/1:2 Not tainted syzkaller #0 PREEMPT(full) [ 905.578889][ T846] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 905.578901][ T846] Workqueue: mld mld_ifc_work [ 905.578922][ T846] RIP: 0010:__rate_control_send_low+0x667/0x780 [ 905.578943][ T846] Code: a4 a0 d4 00 00 00 e8 c8 dd e8 f6 44 8b 44 24 24 45 89 e9 89 d9 48 8b 74 24 08 44 89 e2 48 c7 c7 60 19 e3 8c e8 ca 60 a7 f6 90 <0f> 0b 90 90 e9 20 fd ff ff 48 8b 3c 24 e8 67 8a 50 f7 e9 f5 fc ff [ 905.578954][ T846] RSP: 0018:ffffc900042c6a50 EFLAGS: 00010286 [ 905.578964][ T846] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817adc48 [ 905.578972][ T846] RDX: ffff888024a12480 RSI: ffffffff817adc55 RDI: 0000000000000001 [ 905.578979][ T846] RBP: ffff8880701a8528 R08: 0000000000000001 R09: 0000000000000000 [ 905.609465][ T846] R10: 0000000000000000 R11: 0000000000000001 R12: 00000000ffffffff [ 905.612103][ T846] R13: 0000000000000000 R14: 000000000000000c R15: ffff8880701a8530 [ 905.614574][ T846] FS: 0000000000000000(0000) GS:ffff88809790d000(0000) knlGS:0000000000000000 [ 905.617368][ T846] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 905.619485][ T846] CR2: 0000000030613ffc CR3: 000000000e182000 CR4: 0000000000352ef0 [ 905.622187][ T846] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 905.624943][ T846] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 905.627403][ T846] Call Trace: [ 905.628478][ T846] [ 905.629449][ T846] rate_control_send_low+0x52a/0x810 [ 905.631223][ T846] rate_control_get_rate+0x1be/0x5e0 [ 905.632840][ T846] ieee80211_tx_h_rate_ctrl+0xa35/0x1ae0 [ 905.634602][ T846] ? __pfx_ieee80211_tx_h_rate_ctrl+0x10/0x10 [ 905.636541][ T846] invoke_tx_handlers_late+0x1172/0x27d0 [ 905.638296][ T846] ? find_held_lock+0x2b/0x80 [ 905.639818][ T846] ? ieee80211_tx_h_select_key+0x2c9/0x1bc0 [ 905.641741][ T846] ieee80211_tx_dequeue+0x3086/0x43f0 [ 905.643507][ T846] ? __lock_acquire+0xb8a/0x1c90 [ 905.645070][ T846] ? __pfx_ieee80211_tx_dequeue+0x10/0x10 [ 905.646852][ T846] ? do_raw_spin_lock+0x12c/0x2b0 [ 905.648457][ T846] ? ieee80211_next_txq+0xda/0xa50 [ 905.650095][ T846] ieee80211_handle_wake_tx_queue+0x19c/0x260 [ 905.652092][ T846] ? __pfx_ieee80211_handle_wake_tx_queue+0x10/0x10 [ 905.654271][ T846] ? __pfx___ieee80211_schedule_txq+0x10/0x10 [ 905.656301][ T846] ? mark_held_locks+0x49/0x80 [ 905.658285][ T846] ? __local_bh_enable_ip+0xa4/0x120 [ 905.660492][ T846] ieee80211_queue_skb+0x12b2/0x1fe0 [ 905.662510][ T846] ieee80211_tx+0x2e4/0x460 [ 905.664003][ T846] ? __pfx_ieee80211_tx+0x10/0x10 [ 905.665640][ T846] ? ieee80211_skb_resize+0x22a/0x630 [ 905.667541][ T846] ? ieee80211_set_qos_hdr+0xba/0x3f0 [ 905.669215][ T846] ieee80211_xmit+0x30f/0x3e0 [ 905.670894][ T846] __ieee80211_subif_start_xmit+0x880/0x1390 [ 905.672930][ T846] ? neigh_resolve_output+0x53a/0x940 [ 905.674746][ T846] ? __pfx___ieee80211_subif_start_xmit+0x10/0x10 [ 905.676910][ T846] ? mld_sendpack+0xac1/0x1350 [ 905.678504][ T846] ? skb_network_protocol+0x126/0x6d0 [ 905.680275][ T846] ieee80211_subif_start_xmit+0x11b/0x1970 [ 905.682143][ T846] ? __pfx_ieee80211_subif_start_xmit+0x10/0x10 [ 905.684059][ T846] ? dev_hard_start_xmit+0x97/0x740 [ 905.685651][ T846] dev_hard_start_xmit+0x97/0x740 [ 905.687240][ T846] __dev_queue_xmit+0xa46/0x4490 [ 905.688829][ T846] ? __lock_acquire+0x622/0x1c90 [ 905.690399][ T846] ? __pfx___dev_queue_xmit+0x10/0x10 [ 905.692163][ T846] ? look_up_lock_class+0x59/0x150 [ 905.693798][ T846] ? __lock_acquire+0xb8a/0x1c90 [ 905.695428][ T846] ? __asan_memcpy+0x3c/0x60 [ 905.696945][ T846] ? eth_header+0x11c/0x1f0 [ 905.698386][ T846] neigh_resolve_output+0x53a/0x940 [ 905.700053][ T846] ip6_finish_output2+0xad1/0x1cf0 [ 905.701511][ T846] ? ip6_dst_mtu_maybe_forward.constprop.0+0x1be/0x530 [ 905.703412][ T846] __ip6_finish_output+0x3cd/0x1010 [ 905.705344][ T846] ip6_output+0x253/0x710 [ 905.706780][ T846] mld_sendpack+0xac1/0x1350 [ 905.708271][ T846] ? __pfx_mld_sendpack+0x10/0x10 [ 905.709904][ T846] mld_ifc_work+0x740/0xbf0 [ 905.711385][ T846] process_one_work+0x9cf/0x1b70 [ 905.712966][ T846] ? __pfx_process_one_work+0x10/0x10 [ 905.714666][ T846] ? assign_work+0x1a0/0x250 [ 905.716245][ T846] worker_thread+0x6c8/0xf10 [ 905.717778][ T846] ? __kthread_parkme+0x19e/0x250 [ 905.719397][ T846] ? __pfx_worker_thread+0x10/0x10 [ 905.721055][ T846] kthread+0x3c5/0x780 [ 905.722374][ T846] ? __pfx_kthread+0x10/0x10 [ 905.723941][ T846] ? rcu_is_watching+0x12/0xc0 [ 905.725493][ T846] ? __pfx_kthread+0x10/0x10 [ 905.727155][ T846] ret_from_fork+0x675/0x7d0 [ 905.728748][ T846] ? __pfx_kthread+0x10/0x10 [ 905.730311][ T846] ret_from_fork_asm+0x1a/0x30 [ 905.732005][ T846] [ 905.733103][ T846] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 905.735569][ T846] CPU: 1 UID: 0 PID: 846 Comm: kworker/1:2 Not tainted syzkaller #0 PREEMPT(full) [ 905.738881][ T846] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 905.742486][ T846] Workqueue: mld mld_ifc_work [ 905.744110][ T846] Call Trace: [ 905.745182][ T846] [ 905.746139][ T846] dump_stack_lvl+0x3d/0x1f0 [ 905.747638][ T846] vpanic+0x640/0x6f0 [ 905.748964][ T846] ? __rate_control_send_low+0x667/0x780 [ 905.750746][ T846] panic+0xca/0xd0 [ 905.752001][ T846] ? __pfx_panic+0x10/0x10 [ 905.753461][ T846] ? check_panic_on_warn+0x1f/0xb0 [ 905.755121][ T846] check_panic_on_warn+0xab/0xb0 [ 905.756722][ T846] __warn+0xf6/0x3c0 [ 905.757982][ T846] ? __pfx_vprintk_emit+0x10/0x10 [ 905.759578][ T846] ? __rate_control_send_low+0x667/0x780 [ 905.761367][ T846] report_bug+0x3c3/0x580 [ 905.762706][ T846] ? __rate_control_send_low+0x667/0x780 [ 905.764512][ T846] handle_bug+0x184/0x210 [ 905.765951][ T846] exc_invalid_op+0x17/0x50 [ 905.767494][ T846] asm_exc_invalid_op+0x1a/0x20 [ 905.769165][ T846] RIP: 0010:__rate_control_send_low+0x667/0x780 [ 905.771189][ T846] Code: a4 a0 d4 00 00 00 e8 c8 dd e8 f6 44 8b 44 24 24 45 89 e9 89 d9 48 8b 74 24 08 44 89 e2 48 c7 c7 60 19 e3 8c e8 ca 60 a7 f6 90 <0f> 0b 90 90 e9 20 fd ff ff 48 8b 3c 24 e8 67 8a 50 f7 e9 f5 fc ff [ 905.777232][ T846] RSP: 0018:ffffc900042c6a50 EFLAGS: 00010286 [ 905.779133][ T846] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817adc48 [ 905.781629][ T846] RDX: ffff888024a12480 RSI: ffffffff817adc55 RDI: 0000000000000001 [ 905.784147][ T846] RBP: ffff8880701a8528 R08: 0000000000000001 R09: 0000000000000000 [ 905.786809][ T846] R10: 0000000000000000 R11: 0000000000000001 R12: 00000000ffffffff [ 905.789328][ T846] R13: 0000000000000000 R14: 000000000000000c R15: ffff8880701a8530 [ 905.791840][ T846] ? __warn_printk+0x198/0x350 [ 905.793379][ T846] ? __warn_printk+0x1a5/0x350 [ 905.794916][ T846] rate_control_send_low+0x52a/0x810 [ 905.796608][ T846] rate_control_get_rate+0x1be/0x5e0 [ 905.798283][ T846] ieee80211_tx_h_rate_ctrl+0xa35/0x1ae0 [ 905.800093][ T846] ? __pfx_ieee80211_tx_h_rate_ctrl+0x10/0x10 [ 905.802057][ T846] invoke_tx_handlers_late+0x1172/0x27d0 [ 905.803852][ T846] ? find_held_lock+0x2b/0x80 [ 905.805350][ T846] ? ieee80211_tx_h_select_key+0x2c9/0x1bc0 [ 905.807211][ T846] ieee80211_tx_dequeue+0x3086/0x43f0 [ 905.808952][ T846] ? __lock_acquire+0xb8a/0x1c90 [ 905.810578][ T846] ? __pfx_ieee80211_tx_dequeue+0x10/0x10 [ 905.812460][ T846] ? do_raw_spin_lock+0x12c/0x2b0 [ 905.814070][ T846] ? ieee80211_next_txq+0xda/0xa50 [ 905.815718][ T846] ieee80211_handle_wake_tx_queue+0x19c/0x260 [ 905.817634][ T846] ? __pfx_ieee80211_handle_wake_tx_queue+0x10/0x10 [ 905.819717][ T846] ? __pfx___ieee80211_schedule_txq+0x10/0x10 [ 905.821663][ T846] ? mark_held_locks+0x49/0x80 [ 905.823152][ T846] ? __local_bh_enable_ip+0xa4/0x120 [ 905.824786][ T846] ieee80211_queue_skb+0x12b2/0x1fe0 [ 905.826447][ T846] ieee80211_tx+0x2e4/0x460 [ 905.827895][ T846] ? __pfx_ieee80211_tx+0x10/0x10 [ 905.829516][ T846] ? ieee80211_skb_resize+0x22a/0x630 [ 905.831246][ T846] ? ieee80211_set_qos_hdr+0xba/0x3f0 [ 905.832904][ T846] ieee80211_xmit+0x30f/0x3e0 [ 905.834563][ T846] __ieee80211_subif_start_xmit+0x880/0x1390 [ 905.836682][ T846] ? neigh_resolve_output+0x53a/0x940 [ 905.838347][ T846] ? __pfx___ieee80211_subif_start_xmit+0x10/0x10 [ 905.840424][ T846] ? mld_sendpack+0xac1/0x1350 [ 905.841978][ T846] ? skb_network_protocol+0x126/0x6d0 [ 905.843718][ T846] ieee80211_subif_start_xmit+0x11b/0x1970 [ 905.845583][ T846] ? __pfx_ieee80211_subif_start_xmit+0x10/0x10 [ 905.847593][ T846] ? dev_hard_start_xmit+0x97/0x740 [ 905.849271][ T846] dev_hard_start_xmit+0x97/0x740 [ 905.850885][ T846] __dev_queue_xmit+0xa46/0x4490 [ 905.852515][ T846] ? __lock_acquire+0x622/0x1c90 [ 905.854123][ T846] ? __pfx___dev_queue_xmit+0x10/0x10 [ 905.855841][ T846] ? look_up_lock_class+0x59/0x150 [ 905.857442][ T846] ? __lock_acquire+0xb8a/0x1c90 [ 905.859048][ T846] ? __asan_memcpy+0x3c/0x60 [ 905.860646][ T846] ? eth_header+0x11c/0x1f0 [ 905.862228][ T846] neigh_resolve_output+0x53a/0x940 [ 905.863905][ T846] ip6_finish_output2+0xad1/0x1cf0 [ 905.865543][ T846] ? ip6_dst_mtu_maybe_forward.constprop.0+0x1be/0x530 [ 905.867920][ T846] __ip6_finish_output+0x3cd/0x1010 [ 905.869594][ T846] ip6_output+0x253/0x710 [ 905.871001][ T846] mld_sendpack+0xac1/0x1350 [ 905.872611][ T846] ? __pfx_mld_sendpack+0x10/0x10 [ 905.874230][ T846] mld_ifc_work+0x740/0xbf0 [ 905.875732][ T846] process_one_work+0x9cf/0x1b70 [ 905.877316][ T846] ? __pfx_process_one_work+0x10/0x10 [ 905.879054][ T846] ? assign_work+0x1a0/0x250 [ 905.880551][ T846] worker_thread+0x6c8/0xf10 [ 905.882075][ T846] ? __kthread_parkme+0x19e/0x250 [ 905.883755][ T846] ? __pfx_worker_thread+0x10/0x10 [ 905.885390][ T846] kthread+0x3c5/0x780 [ 905.886707][ T846] ? __pfx_kthread+0x10/0x10 [ 905.888303][ T846] ? rcu_is_watching+0x12/0xc0 [ 905.890074][ T846] ? __pfx_kthread+0x10/0x10 [ 905.891822][ T846] ret_from_fork+0x675/0x7d0 [ 905.893333][ T846] ? __pfx_kthread+0x10/0x10 [ 905.894794][ T846] ret_from_fork_asm+0x1a/0x30 [ 905.896361][ T846] [ 905.898077][ T846] Kernel Offset: disabled [ 905.899733][ T846] Rebooting in 86400 seconds..