last executing test programs: 8.427759434s ago: executing program 4 (id=621): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = dup(r0) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000000)={0x4, 0x0, 0x8000, 0x5, 0x2, "8eef10098502988d352a70e1133459910d6a00"}) write$UHID_INPUT(r1, &(0x7f0000001040)={0xd, {"a2e3ad21ed6b0af99cfbf4c007f70eb4d04fe7ff7fc6e5539b0872fc8b546a1b4d09940f08900c878f0e1ac6e7049b4cb4956c409b3c2a0867f3988f7ef319520100ffe8d178708c523c921b1b0f5a0a169b50d336cd3b78130daa61d8f809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f309f4cff7738596ecae8707ce065cd5b91cd0ae193973735b36d5b1b63e91c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca5b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b4124351601611c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5120000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664ba7921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202fd28f28381aab144a5d429a04a689b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1388dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44060bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daa009bf5c8f48fe4eae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efedfd71af9444e197f47e866101496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca4051c2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4e15a7b6eb65ca8104e1b4da1fbb77ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c1023bf70cc77737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba471eba281f259152f85a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e05130935e00785ec27e923911fab964c271556527697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e7027132f2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5336651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463181f4b87c10772d2b13f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f84fad6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b3110b932a4d02da711b757fe43c06d21e35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc238a081ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cb0b3e35cb80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed714887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee658e4cb5e930ed624806c43a006dc9336d07c2b8081c128ad2706f48261f7897084c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264d2700c838fa2c7b34252600c9654e502dcea39cb6bc3eb69992e234b4ca7db2f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ff1aa70826ad01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006) read$FUSE(r1, &(0x7f0000002080)={0x2020}, 0x2) 7.874077586s ago: executing program 4 (id=624): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) pread64(0xffffffffffffffff, 0x0, 0x0, 0xc2a) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000880)=ANY=[@ANYBLOB="5c00000002060108000000000000000000000000050005000a000000050001000700000005000400000000000900020073797a310000000016000300686173683a6e65742c706f72742c6e65740000000c00078008000640"], 0x5c}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r1, &(0x7f0000019080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="74000000090601020000000000000000030000000900020073797a310000000005000100070000004c0007801800018014000240fe8000000000000000000000000000aa1800148014000240fc000000000000000000000000000000060004404e1f0000050007008400000006000540"], 0x74}, 0x1, 0x0, 0x0, 0x10040003}, 0x0) 3.804192036s ago: executing program 1 (id=670): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0xc3490000) r0 = open(&(0x7f0000001200)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x400103842, 0x80) mmap(&(0x7f0000474000/0x4000)=nil, 0x4000, 0x680000a, 0x12, r0, 0x205fc000) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='smaps\x00') preadv(r1, &(0x7f0000000000)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x1, 0x300, 0x0) 2.51914142s ago: executing program 4 (id=682): r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x2, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_wait_time\x00', 0x275a, 0x0) write$uinput_user_dev(r1, &(0x7f0000000f80)={'syz0\x00', {0x5, 0xfff7, 0x3, 0x7}, 0x50, [0x800006, 0x9, 0x0, 0x1, 0x8, 0xea45, 0xe, 0x1, 0x63, 0x0, 0x7f, 0xc, 0x4, 0x809, 0x1, 0x4, 0x8001000, 0x80000002, 0x1, 0x200008, 0x40, 0xa4d, 0x3ff, 0x5, 0x6, 0x10001, 0xffff, 0x0, 0x4, 0x6, 0x401, 0xc, 0x9, 0x4, 0x2, 0x1, 0x2, 0x4, 0x1, 0x4, 0xa, 0x6, 0x3, 0x9, 0x804d7f, 0x2, 0x8c00, 0x6, 0x939, 0x5, 0x9, 0x2, 0x2, 0x8, 0xfffffff7, 0x7fff, 0x6, 0x5, 0x80000001, 0xd77, 0x5, 0x2a, 0x1, 0x23], [0x8, 0x401, 0x9, 0x9, 0x8, 0x12, 0x7fc, 0xc, 0x0, 0x2729, 0xfd8, 0x3, 0x7, 0x5, 0x0, 0x24a, 0x2, 0xfffffff7, 0x2, 0x3, 0x5, 0x4009, 0x401, 0xb, 0x8001, 0x40, 0xa1, 0x10000, 0xffffffff, 0x5, 0x10004, 0x9e, 0x8, 0x7ff, 0x6, 0x7, 0x0, 0x6, 0xffff3f16, 0xa, 0x2, 0x9, 0xa, 0x3, 0xfffffeff, 0x9, 0x800, 0x5, 0xc5, 0x3, 0x1, 0x9, 0x8, 0x3, 0xffff7ff7, 0x3, 0x24c, 0x1ff, 0x2a0, 0x5, 0x6, 0x6, 0x200007, 0x8], [0x2, 0x9, 0x1a9e1bfa, 0xfffffffc, 0x8, 0x9, 0x2, 0x5, 0x7aae, 0x80000000, 0x2, 0x7ffffff7, 0x8000, 0x1, 0x1, 0x6, 0x400, 0x80000002, 0x2b0, 0xfffffff4, 0x97f82544, 0x8, 0xfffffffd, 0x0, 0x9, 0x5, 0x4, 0x1a7, 0xc90, 0xffffff3c, 0xd, 0x13, 0x4, 0xff, 0x140, 0x4, 0x2, 0x1000000c, 0x0, 0x2, 0x3, 0x8007c12, 0x5, 0x1, 0x17, 0x8000, 0xe, 0xf3, 0x4, 0x8, 0x1, 0xffffff00, 0x100, 0x1fff80, 0x3, 0x0, 0x8, 0xdd, 0x1, 0x8, 0xc3, 0x20ffff, 0x79c], [0xfffffeff, 0x3a8e, 0xffff9a7f, 0x200, 0x6, 0x2001, 0x6, 0xfffffff3, 0xd077, 0x2, 0xffffffff, 0x21, 0x200, 0xa, 0x6, 0x2, 0x1ff, 0xfe, 0x2, 0x66608000, 0x5e82, 0x7fb, 0x6, 0x0, 0x3, 0x5, 0x80000001, 0xffff, 0xd, 0x40, 0xfffffffd, 0x3, 0x10001, 0x61, 0x10, 0x1000, 0xc, 0x100, 0x8, 0x1010, 0x8, 0x15, 0xb32a, 0xec000000, 0x8001, 0x1900, 0x4, 0xc, 0x8, 0x7ff, 0x280, 0x5, 0xffffffff, 0x7, 0x6e7a, 0x0, 0xc, 0x9371, 0x4f89, 0x7, 0x580, 0x2d1, 0x83, 0x8]}, 0x45c) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r1, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000340)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x1, 0x0, 0x4, 0xffffffffffffffff, 0x0, 0x0, 'syz0\x00', 0x0}) 2.150475281s ago: executing program 4 (id=686): prlimit64(0x0, 0xe, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)=@ipv6_newnexthop={0x28, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x25dfdbff, {}, [@NHA_OIF={0x8, 0x5, r2}, @NHA_ID={0x8, 0x1, 0x1}]}, 0x28}}, 0x200440c0) 2.035667877s ago: executing program 1 (id=688): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) close(0x3) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="22000000040000001000000012"], 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000000c0)={r1}, 0x4) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f00000001c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f00000000c0)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0xc}, 0x94) 1.984480927s ago: executing program 0 (id=689): sendmsg$NL80211_CMD_JOIN_IBSS(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={0x0, 0x248}, 0x1, 0x0, 0x0, 0x4010}, 0x800) sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000440)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000a00)="21ae1baf930b4569b9ddef9797ffd935c7d80e6466b3e4e62dc9603583f5d4b61fbc65b6ac744d7319535e75bf552062e4cfde1ba7ce29263322e18ea9740aa82ca692f123993e57cda00d2b1f4e799bd41e3f76258180fa91a42aaa8b1ebc4e0ea8fb12f2c71e6e5bc57a8e91f254005514721d93c13c5606ae1fea7f31f558d562bd5a8dfb0b9fed873efa221fccffa847cd374c92e6cbb03e6a9de890ce323f000000abcc6c01326d588495b7c1a7db31ec4129e6336f26bb9e0b7552af3cd2d5dda1632799bbc98425c433384d8a8e4071ff39a36dfdfdf05af35a4ddd340cfecd7ec935f4ce7d3e851583ba1cf53a90a7f7bce5703de57ce93ddef7849b30a01de0637e6d5e507b801d32e582e0c2d564539ebfc84c09c03305df32bf337cdd0e550dff4a1ea8854a216b12f4a11b85a1b6ecb9ad8a50588e56", 0x13c}, {&(0x7f00000005c0)="05437c98b91b1455046f57b5fc91", 0xe}], 0x2, 0x0, 0x0, 0x900}}], 0x1, 0x0) r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000000)=""/102, 0x365}, {&(0x7f0000000280)=""/76, 0x14c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/92, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x188}, {&(0x7f00000007c0)=""/154, 0x2c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) 1.854930595s ago: executing program 4 (id=691): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x101091, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000240)='mountinfo\x00') ppoll(&(0x7f0000000040)=[{r0, 0x208}], 0x1, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000300)='./file0\x00', 0x0, 0x10030, 0x0) 1.821143206s ago: executing program 2 (id=692): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r0, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8) setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, &(0x7f0000000040)={0x80}, 0x1) setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, &(0x7f0000000000)={0x7}, 0x1) setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, &(0x7f00000000c0)={0xd2}, 0x1) 1.710465027s ago: executing program 1 (id=693): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000300)='attr/current\x00') writev(r0, &(0x7f00000015c0)=[{&(0x7f00000000c0)='w', 0x1}], 0x1) capset(&(0x7f0000000080)={0x20080522}, &(0x7f0000001080)={0x1, 0x7, 0x0, 0x0, 0x10000}) r1 = memfd_secret(0x80000) ftruncate(r1, 0x100000000) 1.662029064s ago: executing program 0 (id=695): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$tipc(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000b40)="a2", 0xfffffd2a}], 0x1, 0x0, 0x0, 0x20000000}, 0x4000041) close(r0) 1.55098723s ago: executing program 2 (id=696): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_ASSOCIATE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)={0x28, r1, 0x1, 0x70bd2c, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000815}, 0x850) 1.438237855s ago: executing program 4 (id=697): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffc000) mremap(&(0x7f0000a01000/0x4000)=nil, 0x4000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) mremap(&(0x7f00009a1000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000fef000/0x4000)=nil) mremap(&(0x7f0000678000/0x3000)=nil, 0x3000, 0x3000, 0x3, &(0x7f0000ffb000/0x3000)=nil) mremap(&(0x7f000040b000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f00004b3000/0x4000)=nil) 1.310108318s ago: executing program 2 (id=699): r0 = socket$inet6(0xa, 0x802, 0x0) setsockopt$inet6_buf(r0, 0x29, 0x39, &(0x7f0000000040)="ff02040000ffffffffffffffff1f2be82db1af0000000000", 0x18) setsockopt$inet6_opts(r0, 0x29, 0x37, &(0x7f0000000000)=ANY=[@ANYBLOB="000204"], 0x18) connect$inet6(r0, &(0x7f0000000240)={0xa, 0x6e23, 0x2, @mcast1, 0x9}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000001840), 0x3b, 0x0) 1.184878195s ago: executing program 1 (id=700): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000a80)={'syz1\x00', {0x5, 0x1, 0x0, 0x1000}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x6, 0xd127, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x8, 0x0, 0xfffffffc, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [0x5, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x4, 0x0, 0x0, 0x0, 0x42ac, 0x10, 0xffff, 0x0, 0x2, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0xe43, 0x0, 0xfffffffd, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4], [0xfffffffe, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x400000, 0x0, 0x4, 0x0, 0x7c45, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x1, 0x3, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffff], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x526d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x1, 0xfffffffd, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xfffff7ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x956, 0x0, 0x1]}, 0x45c) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1) ioctl$UI_DEV_CREATE(r0, 0x5501) write$uinput_user_dev(r0, &(0x7f0000000ec0)={'syz0\x00', {0x0, 0x3, 0x400, 0x3ff}, 0x2b, [0x2, 0x1, 0x29d623c4, 0x6, 0x9, 0x5, 0x3, 0x8, 0x80, 0xa, 0x10, 0x8, 0x6, 0x5, 0x0, 0x8de3, 0x6, 0x5, 0x10001, 0x80, 0xfffff801, 0xffffffff, 0x80, 0x304adb33, 0x3, 0x8, 0x4, 0x4, 0x101, 0x2, 0xe, 0x3, 0xc, 0x5, 0x8, 0x28, 0x3, 0x2, 0x6, 0x1, 0x1, 0xfffffff7, 0x5, 0x4, 0xff, 0x10000, 0x3, 0x6, 0x800, 0x4, 0x2, 0x4, 0x7fff, 0x9, 0x4, 0x5, 0xe, 0x8, 0x2, 0x4, 0x3, 0x10000, 0x3, 0x8], [0x2, 0x0, 0xd, 0x400, 0x3, 0x8, 0x60, 0x80000001, 0x4, 0x7ff, 0x0, 0xa, 0xff, 0x1, 0x6, 0x1, 0x6, 0x8, 0x80, 0xdf69, 0x3, 0xffffffff, 0x4, 0x9d73, 0x2739c2d9, 0x1, 0x7fff, 0xa, 0x6, 0x2, 0x6, 0xc, 0x0, 0x2, 0x5, 0x5, 0x1, 0x8, 0xffff, 0xaf5c, 0xfffffffb, 0x9, 0xefcf, 0x1, 0x2, 0x6, 0x800, 0xfffffff9, 0x4, 0x4cb6a3a9, 0x101, 0x0, 0x7fffffff, 0x0, 0x17, 0x7, 0x80000000, 0x1, 0x4, 0x79, 0x1ff, 0x9, 0x2, 0xb605], [0x3ff, 0x5, 0x7f, 0x3, 0x3, 0x3, 0x3, 0x6, 0x3, 0x3, 0x1, 0x72, 0x3, 0x2, 0x0, 0x63c, 0x7fffffff, 0x5, 0x452da5c7, 0x452, 0x7, 0x6, 0x3, 0x2, 0x1, 0x3, 0x4, 0x2, 0x7, 0x2, 0x10, 0x0, 0x8001, 0x7, 0x27, 0x9, 0x8001, 0x2, 0xb, 0x7, 0x8bce, 0x7, 0xf138, 0xfffffffd, 0xffffff46, 0x7, 0x778d, 0x8aae, 0x8, 0x3, 0x9b, 0x3, 0x5, 0x4, 0xea, 0x5, 0x3, 0x4, 0xd0, 0x401, 0x1, 0x9, 0x100, 0xf1], [0xfff, 0x1, 0x5c59, 0x200, 0x8, 0x7, 0x4, 0x0, 0x3, 0x3, 0x1, 0x9, 0x2, 0x9, 0xffffffff, 0xbea, 0x10, 0x200, 0x9, 0xd, 0x3, 0x5, 0xda, 0x5, 0x2, 0x9, 0x2, 0x1000, 0x5, 0x6, 0x1, 0x1, 0x401, 0xda, 0x4c, 0x3ff, 0xde, 0xc, 0x401, 0x3, 0x6, 0xac, 0x6, 0x3, 0x8, 0x63, 0xde, 0xe, 0x1, 0x488, 0x945, 0xa, 0x0, 0x0, 0x50c, 0x54, 0x2, 0x3, 0x6, 0xd0, 0x4, 0x47c, 0x8, 0xfff]}, 0x45c) 1.112172276s ago: executing program 3 (id=701): r0 = socket(0x2, 0x80805, 0x0) sendmmsg$inet_sctp(r0, &(0x7f00000032c0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000040)=[{&(0x7f0000000100)='a', 0x1}], 0x1, 0x0, 0x0, 0x44}], 0x1, 0x0) setsockopt$inet_sctp_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000180)={0x0, 0x20, 0x8f, 0x2, 0x0, 0x0, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0xb}, 0xe) sendmmsg$inet_sctp(r0, &(0x7f00000032c0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="300000000000000084000000010000000000000004"], 0x30}], 0x1, 0x0) recvfrom$packet(r0, 0x0, 0x2d, 0x40, &(0x7f0000000900)={0x11, 0x18, 0x0, 0x1, 0x1, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x17}}, 0x14) 1.11192357s ago: executing program 0 (id=702): r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, 0x0}) ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r0, 0x3ba0, &(0x7f0000000240)={0x48, 0x2, r1, 0x0, 0x0, 0x0, 0x0, 0x1}) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, r0, 0x0) ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f00000007c0)={0x28, 0x3, r1, 0x0, &(0x7f0000000000/0x800000)=nil, 0x800000, 0x1020800}) 1.108015532s ago: executing program 2 (id=703): r0 = socket$netlink(0x10, 0x3, 0xc) bind$netlink(r0, &(0x7f0000000000)={0x10, 0x0, 0x25dfdbfb, 0x2ffffffff}, 0xc) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x7}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x5}]}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_DELCHAIN={0x30, 0x5, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0x2000}, [@NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x1}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_HOOK={0x4}]}], {0x14}}, 0xb8}}, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) 931.888727ms ago: executing program 3 (id=704): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x2, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000240)={r1}, 0xc) 695.430168ms ago: executing program 3 (id=705): r0 = socket(0x40000000015, 0x5, 0x0) recvmmsg(r0, &(0x7f0000007d80)=[{{0x0, 0x0, 0x0}, 0xfffe}], 0x1, 0x0, 0x0) connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10) bind$inet(r0, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57) sendmsg$NFT_BATCH(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[], 0xc4}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) 663.538553ms ago: executing program 0 (id=706): bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50) sendto$packet(0xffffffffffffffff, &(0x7f0000000000)='1', 0x1, 0x0, 0x0, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r0, &(0x7f0000000000), 0xd) 538.344224ms ago: executing program 3 (id=707): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000010c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), &(0x7f0000000040)=r1}, 0x20) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000300)={r2, 0x2000000, 0xe, 0x0, &(0x7f0000000600)="c9f7b98600"/14, 0x0, 0x7ffd, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 469.871486ms ago: executing program 2 (id=708): ioctl$TUNSETTXFILTER(0xffffffffffffffff, 0x400454ca, &(0x7f0000000100)=ANY=[@ANYBLOB='..']) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000100)=ANY=[], 0x32600) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r0, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) 390.516162ms ago: executing program 0 (id=709): openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002040), 0x2, 0x0) mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f0000000040), 0x10000, &(0x7f0000000200)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x8000}}) truncate(&(0x7f00000001c0)='./file0\x00', 0x2000000000001) close(r0) 256.292464ms ago: executing program 1 (id=710): bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x19, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x100000}, 0x94) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="5c00000000010104000000000000000002000000240002801400018008000100e000000108000200e00000010c000280050001000000000008000840000000081400058008"], 0x5c}, 0x1, 0x0, 0x0, 0x20008880}, 0x0) 246.943121ms ago: executing program 3 (id=711): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2c}, 0x94) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r0, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001440)={r0, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000340)=@newqdisc={0x44, 0x24, 0xf0b, 0x70bd25, 0x2, {0x0, 0x0, 0x12, r1, {0x0, 0xfff3}, {0xffff, 0xffff}, {0x9, 0xc}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_WASH={0x8, 0xd, 0x1}, @TCA_CAKE_FLOW_MODE={0x8, 0x5, 0x2}]}}]}, 0x44}}, 0x0) 216.208105ms ago: executing program 0 (id=712): openat$cuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2842, 0x0) io_setup(0x2, &(0x7f0000000000)=0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040)=0x3, 0x1) syz_clone3(&(0x7f0000000300)={0x23800000, &(0x7f0000000040)=0xffffffffffffffff, 0x0, 0x0, {0x27}, 0x0, 0x0, 0x0, 0x0}, 0x58) io_submit(r0, 0x1, &(0x7f0000001300)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x6, r1, 0x0}]) 164.687222ms ago: executing program 2 (id=713): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x5, @any, 0x0, 0x1}, 0xe) bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe) listen(r0, 0x3) syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e130100c90001"], 0x16) 43.590905ms ago: executing program 3 (id=714): r0 = socket$nl_route(0x10, 0x3, 0x0) socket$inet_sctp(0x2, 0x1, 0x84) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c0000005e0001002cbd7000fddbdf2500", @ANYRES32], 0x1c}, 0x1, 0x0, 0x0, 0x2004e994}, 0x800) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x20040040) 0s ago: executing program 1 (id=715): sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x55) sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="020a040007000000b6f1ffff0000854105001a"], 0x38}}, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="020306091000"], 0x80}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400008a, 0x0) kernel console output (not intermixed with test programs): no interfaces have a carrier [ 60.113404][ T5261] 8021q: adding VLAN 0 to HW filter on device bond0 [ 60.143111][ T5261] eql: remember to turn off Van-Jacobson compression on your slave devices Starting crond: OK Starting sshd: OK syzkaller Warning: Permanently added '10.128.1.111' (ED25519) to the list of known hosts. syzkaller login: [ 86.876410][ T10] cfg80211: failed to load regulatory.db [ 87.157879][ T5586] cgroup: Unknown subsys name 'net' [ 87.416979][ T5586] cgroup: Unknown subsys name 'cpuset' [ 87.491132][ T5586] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 89.408021][ T5586] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 91.877664][ T5610] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 91.893319][ T5611] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 91.909460][ T5611] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 91.939690][ T5610] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 91.953335][ T5615] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 91.955496][ T5615] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 91.957686][ T5615] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 91.958501][ T5615] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 91.959896][ T5615] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 91.964578][ T5610] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 91.964736][ T5610] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 91.969956][ T5606] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 91.980914][ T5615] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 91.985939][ T5610] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 91.994932][ T5615] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 92.012328][ T4916] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 92.044578][ T5615] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 92.054234][ T5615] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 92.111226][ T5615] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 92.112333][ T5615] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 92.114010][ T5615] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 92.114770][ T5615] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 92.117450][ T5606] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 92.119595][ T5606] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 92.120322][ T5606] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 94.122844][ T5613] Bluetooth: hci2: command tx timeout [ 94.200974][ T5613] Bluetooth: hci1: command tx timeout [ 94.201092][ T5613] Bluetooth: hci3: command tx timeout [ 94.280601][ T4916] Bluetooth: hci4: command tx timeout [ 94.280609][ T5613] Bluetooth: hci0: command tx timeout [ 94.830291][ T5605] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.830677][ T5605] bridge0: port 1(bridge_slave_0) entered disabled state [ 94.830923][ T5605] bridge_slave_0: entered allmulticast mode [ 94.837002][ T5605] bridge_slave_0: entered promiscuous mode [ 94.875260][ T5603] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.875379][ T5603] bridge0: port 1(bridge_slave_0) entered disabled state [ 94.875475][ T5603] bridge_slave_0: entered allmulticast mode [ 94.877070][ T5603] bridge_slave_0: entered promiscuous mode [ 94.904476][ T5605] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.904610][ T5605] bridge0: port 2(bridge_slave_1) entered disabled state [ 94.904758][ T5605] bridge_slave_1: entered allmulticast mode [ 94.908629][ T5605] bridge_slave_1: entered promiscuous mode [ 94.955123][ T5603] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.955304][ T5603] bridge0: port 2(bridge_slave_1) entered disabled state [ 94.955468][ T5603] bridge_slave_1: entered allmulticast mode [ 94.957410][ T5603] bridge_slave_1: entered promiscuous mode [ 94.958785][ T5604] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.958936][ T5604] bridge0: port 1(bridge_slave_0) entered disabled state [ 94.959385][ T5604] bridge_slave_0: entered allmulticast mode [ 94.961599][ T5604] bridge_slave_0: entered promiscuous mode [ 94.988708][ T5601] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.988853][ T5601] bridge0: port 1(bridge_slave_0) entered disabled state [ 94.989016][ T5601] bridge_slave_0: entered allmulticast mode [ 94.991749][ T5601] bridge_slave_0: entered promiscuous mode [ 94.994340][ T5602] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.994476][ T5602] bridge0: port 1(bridge_slave_0) entered disabled state [ 94.994621][ T5602] bridge_slave_0: entered allmulticast mode [ 94.998499][ T5602] bridge_slave_0: entered promiscuous mode [ 95.024752][ T5604] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.024907][ T5604] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.025079][ T5604] bridge_slave_1: entered allmulticast mode [ 95.027709][ T5604] bridge_slave_1: entered promiscuous mode [ 95.049698][ T5601] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.050622][ T5601] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.050791][ T5601] bridge_slave_1: entered allmulticast mode [ 95.055576][ T5601] bridge_slave_1: entered promiscuous mode [ 95.057621][ T5602] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.057740][ T5602] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.057889][ T5602] bridge_slave_1: entered allmulticast mode [ 95.061047][ T5602] bridge_slave_1: entered promiscuous mode [ 95.119339][ T5605] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 95.185039][ T5603] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 95.205546][ T5605] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 95.239496][ T5603] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 95.242954][ T5604] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 95.265428][ T5601] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 95.268740][ T5602] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 95.301388][ T5604] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 95.319991][ T5601] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 95.323747][ T5602] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 95.359667][ T5605] team0: Port device team_slave_0 added [ 95.391092][ T5603] team0: Port device team_slave_0 added [ 95.407858][ T5605] team0: Port device team_slave_1 added [ 95.439594][ T5603] team0: Port device team_slave_1 added [ 95.442513][ T5604] team0: Port device team_slave_0 added [ 95.463558][ T5601] team0: Port device team_slave_0 added [ 95.465840][ T5602] team0: Port device team_slave_0 added [ 95.485421][ T5604] team0: Port device team_slave_1 added [ 95.505092][ T5601] team0: Port device team_slave_1 added [ 95.507118][ T5602] team0: Port device team_slave_1 added [ 95.536620][ T5605] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 95.536632][ T5605] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 95.536646][ T5605] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 95.583630][ T5603] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 95.583647][ T5603] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 95.583670][ T5603] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 95.609196][ T5605] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 95.609212][ T5605] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 95.609235][ T5605] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 95.678419][ T5603] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 95.678435][ T5603] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 95.678453][ T5603] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 95.679528][ T5604] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 95.679541][ T5604] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 95.679561][ T5604] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 95.717135][ T5601] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 95.717152][ T5601] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 95.717175][ T5601] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 95.719522][ T5602] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 95.719534][ T5602] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 95.719556][ T5602] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 95.735367][ T5604] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 95.735382][ T5604] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 95.735405][ T5604] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 95.738982][ T5601] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 95.738994][ T5601] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 95.739016][ T5601] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 95.741483][ T5602] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 95.741495][ T5602] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 95.741517][ T5602] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 95.959584][ T5605] hsr_slave_0: entered promiscuous mode [ 95.961578][ T5605] hsr_slave_1: entered promiscuous mode [ 95.976963][ T5603] hsr_slave_0: entered promiscuous mode [ 95.978261][ T5603] hsr_slave_1: entered promiscuous mode [ 95.979417][ T5603] debugfs: 'hsr0' already exists in 'hsr' [ 95.979509][ T5603] Cannot create hsr debugfs directory [ 96.055937][ T5604] hsr_slave_0: entered promiscuous mode [ 96.056744][ T5604] hsr_slave_1: entered promiscuous mode [ 96.057293][ T5604] debugfs: 'hsr0' already exists in 'hsr' [ 96.057310][ T5604] Cannot create hsr debugfs directory [ 96.068848][ T5601] hsr_slave_0: entered promiscuous mode [ 96.070840][ T5601] hsr_slave_1: entered promiscuous mode [ 96.071731][ T5601] debugfs: 'hsr0' already exists in 'hsr' [ 96.071753][ T5601] Cannot create hsr debugfs directory [ 96.088361][ T5602] hsr_slave_0: entered promiscuous mode [ 96.089691][ T5602] hsr_slave_1: entered promiscuous mode [ 96.091441][ T5602] debugfs: 'hsr0' already exists in 'hsr' [ 96.091465][ T5602] Cannot create hsr debugfs directory [ 96.200590][ T4916] Bluetooth: hci2: command tx timeout [ 96.280673][ T4916] Bluetooth: hci3: command tx timeout [ 96.280713][ T4916] Bluetooth: hci1: command tx timeout [ 96.360827][ T5613] Bluetooth: hci0: command tx timeout [ 96.360862][ T5613] Bluetooth: hci4: command tx timeout [ 97.414101][ T5605] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 97.442790][ T5605] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 97.448005][ T5605] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 97.474781][ T5605] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 97.478825][ T5605] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 97.528213][ T5605] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 97.550382][ T5605] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 97.587709][ T5605] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 97.716203][ T5604] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 97.758755][ T5604] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 97.777596][ T5604] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 97.819908][ T5604] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 97.835278][ T5604] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 97.856416][ T5604] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 97.894654][ T5604] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 97.927214][ T5604] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 98.046356][ T5601] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 98.076033][ T5601] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 98.087382][ T5601] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 98.124237][ T5601] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 98.127474][ T5601] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 98.165398][ T5601] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 98.197600][ T5601] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 98.227405][ T5601] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 98.280611][ T4916] Bluetooth: hci2: command tx timeout [ 98.361261][ T4916] Bluetooth: hci1: command tx timeout [ 98.361298][ T4916] Bluetooth: hci3: command tx timeout [ 98.378629][ T5603] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 98.415382][ T5603] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 98.433640][ T5603] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 98.440712][ T5613] Bluetooth: hci4: command tx timeout [ 98.450617][ T5613] Bluetooth: hci0: command tx timeout [ 98.473770][ T5603] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 98.478384][ T5603] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 98.515903][ T5603] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 98.543959][ T5603] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 98.577299][ T5603] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 98.663478][ T5605] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.737220][ T5602] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 98.766000][ T5602] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 98.779479][ T5602] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 98.806770][ T5602] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 98.818080][ T5602] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 98.847951][ T5602] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 98.864150][ T5602] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 98.905542][ T5602] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 98.916348][ T5605] 8021q: adding VLAN 0 to HW filter on device team0 [ 98.988270][ T1061] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.989013][ T1061] bridge0: port 1(bridge_slave_0) entered forwarding state [ 99.039789][ T1061] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.039934][ T1061] bridge0: port 2(bridge_slave_1) entered forwarding state [ 99.073084][ T5604] 8021q: adding VLAN 0 to HW filter on device bond0 [ 99.183074][ T5604] 8021q: adding VLAN 0 to HW filter on device team0 [ 99.214699][ T5601] 8021q: adding VLAN 0 to HW filter on device bond0 [ 99.239731][ T1061] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.239877][ T1061] bridge0: port 1(bridge_slave_0) entered forwarding state [ 99.278006][ T1061] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.278136][ T1061] bridge0: port 2(bridge_slave_1) entered forwarding state [ 99.365736][ T5601] 8021q: adding VLAN 0 to HW filter on device team0 [ 99.410294][ T5603] 8021q: adding VLAN 0 to HW filter on device bond0 [ 99.473767][ T67] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.474006][ T67] bridge0: port 1(bridge_slave_0) entered forwarding state [ 99.563227][ T3384] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.567710][ T3384] bridge0: port 2(bridge_slave_1) entered forwarding state [ 99.655004][ T5603] 8021q: adding VLAN 0 to HW filter on device team0 [ 99.718023][ T5602] 8021q: adding VLAN 0 to HW filter on device bond0 [ 99.753520][ T56] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.753603][ T56] bridge0: port 1(bridge_slave_0) entered forwarding state [ 99.827149][ T56] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.827333][ T56] bridge0: port 2(bridge_slave_1) entered forwarding state [ 99.904660][ T5602] 8021q: adding VLAN 0 to HW filter on device team0 [ 99.983788][ T3396] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.984019][ T3396] bridge0: port 1(bridge_slave_0) entered forwarding state [ 100.091158][ T3396] bridge0: port 2(bridge_slave_1) entered blocking state [ 100.091394][ T3396] bridge0: port 2(bridge_slave_1) entered forwarding state [ 100.360598][ T5613] Bluetooth: hci2: command tx timeout [ 100.442286][ T5613] Bluetooth: hci3: command tx timeout [ 100.442322][ T5613] Bluetooth: hci1: command tx timeout [ 100.522872][ T4916] Bluetooth: hci0: command tx timeout [ 100.522907][ T4916] Bluetooth: hci4: command tx timeout [ 100.823127][ T5605] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 101.317440][ T5604] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 101.386296][ T5605] veth0_vlan: entered promiscuous mode [ 101.499048][ T5605] veth1_vlan: entered promiscuous mode [ 101.659044][ T5601] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 101.845412][ T5604] veth0_vlan: entered promiscuous mode [ 101.902844][ T5605] veth0_macvtap: entered promiscuous mode [ 101.979263][ T5605] veth1_macvtap: entered promiscuous mode [ 101.997680][ T5603] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 102.008110][ T5604] veth1_vlan: entered promiscuous mode [ 102.065647][ T5602] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 102.138175][ T5605] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 102.193310][ T5605] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 102.263889][ T3396] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.291086][ T3396] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.299322][ T3396] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.326089][ T3396] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.328212][ T5604] veth0_macvtap: entered promiscuous mode [ 102.430385][ T5604] veth1_macvtap: entered promiscuous mode [ 102.506650][ T5603] veth0_vlan: entered promiscuous mode [ 102.644983][ T5602] veth0_vlan: entered promiscuous mode [ 102.701709][ T5603] veth1_vlan: entered promiscuous mode [ 102.740306][ T5604] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 102.811603][ T5604] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 102.812514][ T5602] veth1_vlan: entered promiscuous mode [ 102.862618][ T56] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.862640][ T56] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.921274][ T5601] veth0_vlan: entered promiscuous mode [ 102.924200][ T3390] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.944940][ T3390] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.956310][ T3390] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.973508][ T3390] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.066825][ T5601] veth1_vlan: entered promiscuous mode [ 103.089101][ T5603] veth0_macvtap: entered promiscuous mode [ 103.143944][ T3384] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 103.143965][ T3384] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 103.200163][ T5603] veth1_macvtap: entered promiscuous mode [ 103.411661][ T5602] veth0_macvtap: entered promiscuous mode [ 103.511588][ T5602] veth1_macvtap: entered promiscuous mode [ 103.517420][ T5603] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 103.595324][ T5603] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 103.597313][ T1179] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 103.597334][ T1179] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 103.620965][ T5601] veth0_macvtap: entered promiscuous mode [ 103.658824][ T1179] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.673414][ T1179] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.677295][ T1179] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.693671][ T5601] veth1_macvtap: entered promiscuous mode [ 103.700205][ T1179] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.715452][ T5602] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 103.927607][ T5602] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 103.945864][ T3396] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 103.945885][ T3396] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 104.058488][ T3396] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.105296][ T5601] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 104.105851][ T3396] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.224531][ T3396] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.251881][ T1020] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.289511][ T5601] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 104.657379][ T1179] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.663799][ T1179] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.665972][ T1179] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.677742][ T1179] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.895557][ T3390] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 104.895578][ T3390] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 105.556079][ T3396] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 105.556103][ T3396] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 105.799349][ T1061] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 105.799371][ T1061] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 105.996093][ T56] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 105.996116][ T56] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 106.021669][ T5807] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 106.240278][ T3384] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 106.240299][ T3384] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 106.621197][ T1061] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 106.621219][ T1061] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.943576][ T5826] loop5: detected capacity change from 0 to 7 [ 108.153629][ T5826] Dev loop5: unable to read RDB block 7 [ 108.153682][ T5826] loop5: unable to read partition table [ 108.162765][ T5826] loop5: partition table beyond EOD, truncated [ 108.164861][ T5826] loop_reread_partitions: partition scan of loop5 (þ被xü—ŸÑà– ) failed (rc=-5) [ 109.076900][ T5846] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 112.082089][ T5878] netlink: 96 bytes leftover after parsing attributes in process `syz.1.34'. [ 113.769124][ T5898] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 113.914128][ T5901] vivid-002: disconnect [ 113.951291][ T5900] vivid-002: reconnect [ 114.379846][ T31] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 114.740668][ T31] usb 5-1: Using ep0 maxpacket: 32 [ 114.798539][ T31] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 114.798577][ T31] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 114.798620][ T31] usb 5-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00 [ 114.798643][ T31] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 115.120363][ T31] usb 5-1: config 0 descriptor?? [ 115.152441][ T5915] process 'syz.1.47' launched './file2' with NULL argv: empty string added [ 116.064985][ T31] ft260 0003:0403:6030.0001: unknown main item tag 0x0 [ 116.079791][ T31] ft260 0003:0403:6030.0001: unknown main item tag 0x0 [ 116.265598][ T31] ft260 0003:0403:6030.0001: chip code: 0000 0000 [ 116.319902][ T31] ft260 0003:0403:6030.0001: USB HID v0.00 Device [HID 0403:6030] on usb-dummy_hcd.4-1/input0 [ 116.635078][ T31] ft260 0003:0403:6030.0001: failed to retrieve status: -71, no wakeup [ 116.647516][ T31] ft260 0003:0403:6030.0001: failed to retrieve status: -71 [ 116.648075][ T31] ft260 0003:0403:6030.0001: failed to reset I2C controller: -71 [ 117.240578][ T5589] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 117.470843][ T5948] Invalid argument reading file caps for ./file0 [ 117.616236][ T5589] usb 2-1: config 0 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 117.616275][ T5589] usb 2-1: config 0 interface 0 has no altsetting 0 [ 117.616315][ T5589] usb 2-1: New USB device found, idVendor=0e8f, idProduct=0012, bcdDevice= 0.00 [ 117.616338][ T5589] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 117.702135][ T5589] usb 2-1: config 0 descriptor?? [ 118.365278][ T5589] greenasia 0003:0E8F:0012.0002: unknown main item tag 0x0 [ 118.365318][ T5589] greenasia 0003:0E8F:0012.0002: unknown main item tag 0x0 [ 118.366934][ T5589] greenasia 0003:0E8F:0012.0002: unknown main item tag 0x0 [ 118.366965][ T5589] greenasia 0003:0E8F:0012.0002: unknown main item tag 0x0 [ 118.366990][ T5589] greenasia 0003:0E8F:0012.0002: unknown main item tag 0x0 [ 118.367017][ T5589] greenasia 0003:0E8F:0012.0002: unknown main item tag 0x0 [ 118.367040][ T5589] greenasia 0003:0E8F:0012.0002: unknown main item tag 0x0 [ 118.367063][ T5589] greenasia 0003:0E8F:0012.0002: collection stack underflow [ 118.367082][ T5589] greenasia 0003:0E8F:0012.0002: item 0 0 0 12 parsing failed [ 118.367872][ T5589] greenasia 0003:0E8F:0012.0002: parse failed [ 118.367950][ T5589] greenasia 0003:0E8F:0012.0002: probe with driver greenasia failed with error -22 [ 118.417565][ T31] usb 5-1: USB disconnect, device number 2 [ 118.588834][ T5589] usb 2-1: USB disconnect, device number 2 [ 118.807598][ T5962] warning: `syz.4.63' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 119.922285][ T31] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 120.048782][ T5987] syz.2.73 uses obsolete (PF_INET,SOCK_PACKET) [ 120.088059][ T31] usb 5-1: config 0 has too many interfaces: 253, using maximum allowed: 32 [ 120.088093][ T31] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 253 [ 120.125683][ T31] usb 5-1: New USB device found, idVendor=055f, idProduct=c630, bcdDevice=b6.ac [ 120.125717][ T31] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 120.125738][ T31] usb 5-1: Product: syz [ 120.125752][ T31] usb 5-1: Manufacturer: syz [ 120.125767][ T31] usb 5-1: SerialNumber: syz [ 120.238190][ T31] usb 5-1: config 0 descriptor?? [ 120.325563][ T31] gspca_main: sunplus-2.14.0 probing 055f:c630 [ 120.504840][ T5976] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 120.507517][ T5976] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 120.648904][ T5996] sctp: [Deprecated]: syz.0.75 (pid 5996) Use of struct sctp_assoc_value in delayed_ack socket option. [ 120.648904][ T5996] Use struct sctp_sack_info instead [ 121.035231][ T31] usb 5-1: USB disconnect, device number 3 [ 121.222858][ T6000] syz.3.77 (6000) used greatest stack depth: 18520 bytes left [ 122.013735][ T6021] capability: warning: `syz.1.84' uses deprecated v2 capabilities in a way that may be insecure [ 123.028062][ T6016] syz.2.83 (6016) used greatest stack depth: 17648 bytes left [ 123.175265][ T5732] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 123.397087][ T5732] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 123.397123][ T5732] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 123.397147][ T5732] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 123.397170][ T5732] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 123.397214][ T5732] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 123.397237][ T5732] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 123.509954][ T5732] usb 2-1: config 0 descriptor?? [ 124.108407][ T5732] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 124.108445][ T5732] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 124.108471][ T5732] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 124.108495][ T5732] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 124.108520][ T5732] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 124.108544][ T5732] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 124.108569][ T5732] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 124.108594][ T5732] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 124.108619][ T5732] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 124.108644][ T5732] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 124.266422][ T5732] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 124.289330][ T5732] usb 2-1: USB disconnect, device number 3 [ 124.900821][ T6055] fido_id[6055]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/2-1/report_descriptor': No such file or directory [ 125.520618][ T5725] usb 2-1: new full-speed USB device number 4 using dummy_hcd [ 125.694308][ T5725] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 125.694345][ T5725] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 125.694389][ T5725] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 125.694412][ T5725] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 126.080924][ T5725] usb 2-1: usb_control_msg returned -32 [ 126.081002][ T5725] usbtmc 2-1:16.0: can't read capabilities [ 126.523375][ T6099] usbtmc 2-1:16.0: usb_control_msg returned -32 [ 126.709979][ T5725] usb 2-1: USB disconnect, device number 4 [ 127.585313][ T6120] netlink: 'syz.2.125': attribute type 3 has an invalid length. [ 127.585339][ T6120] netlink: 92 bytes leftover after parsing attributes in process `syz.2.125'. [ 128.123670][ T6130] Bluetooth: MGMT ver 1.23 [ 129.602135][ T6160] netlink: 48 bytes leftover after parsing attributes in process `syz.0.137'. [ 130.757827][ T6178] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3) [ 130.757857][ T6178] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 130.815663][ T6182] Illegal XDP return value 4294967294 on prog (id 13) dev N/A, expect packet loss! [ 130.878719][ T5613] block nbd2: Receive control failed (result -32) [ 130.907805][ T6178] vhci_hcd vhci_hcd.0: Device attached [ 130.928121][ T6185] netlink: 8 bytes leftover after parsing attributes in process `syz.0.148'. [ 131.026041][ T6174] block nbd2: shutting down sockets [ 131.090579][ T5607] usb 5-1: new low-speed USB device number 4 using dummy_hcd [ 131.220607][ T5725] usb 41-1: new low-speed USB device number 2 using vhci_hcd [ 131.253869][ T5607] usb 5-1: config 0 has no interfaces? [ 131.253910][ T5607] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 131.253932][ T5607] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 131.308680][ T5607] usb 5-1: config 0 descriptor?? [ 131.556089][ T6183] usb 41-1: recv xbuf, 0 [ 131.611594][ T36] usb 5-1: USB disconnect, device number 4 [ 131.615307][ T67] vhci_hcd vhci_hcd.4: stop threads [ 131.638578][ T67] vhci_hcd vhci_hcd.4: release socket [ 131.638908][ T67] vhci_hcd vhci_hcd.4: disconnect device [ 131.661860][ T5725] vhci_hcd vhci_hcd.4: vhci_device speed not set [ 132.535153][ T5732] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 132.681363][ T5732] usb 2-1: Using ep0 maxpacket: 32 [ 132.689576][ T5732] usb 2-1: config 0 has an invalid interface number: 85 but max is 0 [ 132.689608][ T5732] usb 2-1: config 0 has no interface number 0 [ 132.689657][ T5732] usb 2-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 132.689685][ T5732] usb 2-1: config 0 interface 85 has no altsetting 0 [ 132.699737][ T5732] usb 2-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72 [ 132.699766][ T5732] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 132.699784][ T5732] usb 2-1: Product: syz [ 132.699796][ T5732] usb 2-1: Manufacturer: syz [ 132.699809][ T5732] usb 2-1: SerialNumber: syz [ 132.791483][ T5732] usb 2-1: config 0 descriptor?? [ 132.936250][ T1336] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.936347][ T1336] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.618008][ T6233] fuse: Bad value for 'fd' [ 133.687975][ T5732] appletouch 2-1:0.85: Geyser mode initialized. [ 133.830116][ T5732] input: appletouch as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.85/input/input5 [ 133.985593][ C1] appletouch 2-1:0.85: appletouch: OVERFLOW with data length 64, actual length is 64 [ 134.214689][ T5732] usb 2-1: USB disconnect, device number 5 [ 134.617281][ T5732] appletouch 2-1:0.85: input: appletouch disconnected [ 135.140062][ C0] vxcan1: j1939_tp_rxtimer: 0xffff88803b8c7400: rx timeout, send abort [ 135.142388][ C0] vxcan1: j1939_xtp_rx_abort_one: 0xffff88803b8c7400: 0x40000: (3) A timeout occurred and this is the connection abort to close the session. [ 135.289137][ T37] audit: type=1326 audit(1778439312.765:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6261 comm="syz.0.181" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57e479cdd9 code=0x7ffc0000 [ 135.289200][ T37] audit: type=1326 audit(1778439312.815:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6261 comm="syz.0.181" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57e479cdd9 code=0x7ffc0000 [ 135.289247][ T37] audit: type=1326 audit(1778439312.845:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6261 comm="syz.0.181" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57e479cdd9 code=0x7ffc0000 [ 135.318630][ T37] audit: type=1326 audit(1778439312.885:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6261 comm="syz.0.181" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57e479cdd9 code=0x7ffc0000 [ 135.318707][ T37] audit: type=1326 audit(1778439312.885:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6261 comm="syz.0.181" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57e479cdd9 code=0x7ffc0000 [ 135.326746][ T37] audit: type=1326 audit(1778439312.885:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6261 comm="syz.0.181" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7f57e479cdd9 code=0x7ffc0000 [ 135.326808][ T37] audit: type=1326 audit(1778439312.885:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6261 comm="syz.0.181" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57e479cdd9 code=0x7ffc0000 [ 135.326848][ T37] audit: type=1326 audit(1778439312.885:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6261 comm="syz.0.181" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57e479cdd9 code=0x7ffc0000 [ 135.326895][ T37] audit: type=1326 audit(1778439312.885:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6261 comm="syz.0.181" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57e479cdd9 code=0x7ffc0000 [ 135.326942][ T37] audit: type=1326 audit(1778439312.895:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6261 comm="syz.0.181" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=286 compat=0 ip=0x7f57e479cdd9 code=0x7ffc0000 [ 135.682969][ T5589] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 135.865328][ T5589] usb 2-1: Using ep0 maxpacket: 32 [ 135.870251][ T5589] usb 2-1: config 0 has an invalid interface number: 51 but max is 0 [ 135.870280][ T5589] usb 2-1: config 0 has no interface number 0 [ 135.893107][ T5589] usb 2-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 135.893138][ T5589] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 135.893159][ T5589] usb 2-1: Product: syz [ 135.893174][ T5589] usb 2-1: Manufacturer: syz [ 135.893188][ T5589] usb 2-1: SerialNumber: syz [ 135.976951][ T5589] usb 2-1: config 0 descriptor?? [ 136.040084][ T5589] quatech2 2-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 136.189470][ T6273] mmap: syz.0.186 (6273) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 136.541830][ T5589] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 136.652694][ C0] usb 2-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 136.744102][ T5589] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 136.933720][ T5589] usb 2-1: USB disconnect, device number 6 [ 137.251545][ T5589] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 137.450953][ T5589] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 137.453557][ T5589] quatech2 2-1:0.51: device disconnected [ 138.044132][ T5589] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 138.212422][ T5589] usb 2-1: Using ep0 maxpacket: 32 [ 138.215062][ T5589] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0 [ 138.215091][ T5589] usb 2-1: config 0 interface 0 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 0 [ 138.215115][ T5589] usb 2-1: config 0 interface 0 has no altsetting 0 [ 138.218119][ T5589] usb 2-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e [ 138.218147][ T5589] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 138.218168][ T5589] usb 2-1: Product: syz [ 138.218182][ T5589] usb 2-1: Manufacturer: syz [ 138.218196][ T5589] usb 2-1: SerialNumber: syz [ 138.272958][ T5589] usb 2-1: config 0 descriptor?? [ 138.727023][ T5589] gs_usb 2-1:0.0: Configuring for 1 interfaces [ 139.657693][ T5725] usb 2-1: USB disconnect, device number 7 [ 140.255856][ T10] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 140.430537][ T10] usb 5-1: Using ep0 maxpacket: 32 [ 140.467181][ T10] usb 5-1: config 0 has an invalid interface number: 196 but max is 0 [ 140.467213][ T10] usb 5-1: config 0 has no interface number 0 [ 140.467263][ T10] usb 5-1: config 0 interface 196 altsetting 1 bulk endpoint 0x2 has invalid maxpacket 528 [ 140.467288][ T10] usb 5-1: config 0 interface 196 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 140.467311][ T10] usb 5-1: config 0 interface 196 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0 [ 140.467334][ T10] usb 5-1: config 0 interface 196 has no altsetting 0 [ 140.472710][ T10] usb 5-1: New USB device found, idVendor=05ac, idProduct=7700, bcdDevice=eb.3a [ 140.472739][ T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 140.472756][ T10] usb 5-1: Product: syz [ 140.472769][ T10] usb 5-1: Manufacturer: syz [ 140.472782][ T10] usb 5-1: SerialNumber: syz [ 140.700893][ T10] usb 5-1: config 0 descriptor?? [ 140.702127][ T6315] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 141.099058][ T6334] loop8: detected capacity change from 0 to 8 [ 141.272221][ T6334] Dev loop8: unable to read RDB block 8 [ 141.272681][ T6334] loop8: unable to read partition table [ 141.273253][ T6334] loop8: partition table beyond EOD, truncated [ 141.275787][ T6334] loop_reread_partitions: partition scan of loop8 (þ被xü^>Ñà– ) failed (rc=-5) [ 141.327720][ T10] ipheth 5-1:0.196: ipheth_enable_ncm: usb_control_msg: 0 [ 141.836703][ T10] ipheth 5-1:0.196: Apple iPhone USB Ethernet device attached [ 141.938826][ T10] usb 5-1: USB disconnect, device number 5 [ 142.403543][ T10] ipheth 5-1:0.196: Apple iPhone USB Ethernet now disconnected [ 142.824192][ T10] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 142.970553][ T10] usb 5-1: Using ep0 maxpacket: 16 [ 142.973065][ T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 142.973098][ T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 142.973120][ T10] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 142.973173][ T10] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 142.973196][ T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 143.069618][ T10] usb 5-1: config 0 descriptor?? [ 143.341029][ T6350] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 143.341713][ T6350] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 143.683993][ T10] hid_parser_main: 5 callbacks suppressed [ 143.684018][ T10] microsoft 0003:045E:07DA.0004: unknown main item tag 0x2 [ 143.684387][ T10] microsoft 0003:045E:07DA.0004: unknown main item tag 0x2 [ 143.684414][ T10] microsoft 0003:045E:07DA.0004: unknown main item tag 0x0 [ 143.684439][ T10] microsoft 0003:045E:07DA.0004: unknown main item tag 0x0 [ 143.684463][ T10] microsoft 0003:045E:07DA.0004: unknown main item tag 0x0 [ 143.888495][ T10] microsoft 0003:045E:07DA.0004: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0 [ 143.888529][ T10] microsoft 0003:045E:07DA.0004: no inputs found [ 143.888541][ T10] microsoft 0003:045E:07DA.0004: could not initialize ff, continuing anyway [ 143.969766][ T10] usb 5-1: USB disconnect, device number 6 [ 144.342504][ T6397] netlink: 16 bytes leftover after parsing attributes in process `syz.0.226'. [ 144.399867][ T6396] fido_id[6396]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory [ 144.924163][ T37] kauditd_printk_skb: 40 callbacks suppressed [ 144.924183][ T37] audit: type=1326 audit(1778439322.495:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6389 comm="syz.1.225" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f731e6ecdd9 code=0x7fc00000 [ 144.924316][ T37] audit: type=1326 audit(1778439322.495:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6389 comm="syz.1.225" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f731e6ecdd9 code=0x7fc00000 [ 144.925073][ T37] audit: type=1326 audit(1778439322.495:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6389 comm="syz.1.225" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f731e6ecdd9 code=0x7fc00000 [ 144.926508][ T37] audit: type=1326 audit(1778439322.495:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6389 comm="syz.1.225" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f731e6ecdd9 code=0x7fc00000 [ 144.926558][ T37] audit: type=1326 audit(1778439322.495:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6389 comm="syz.1.225" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f731e6ecdd9 code=0x7fc00000 [ 144.962185][ T37] audit: type=1326 audit(1778439322.535:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6389 comm="syz.1.225" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f731e6ecdd9 code=0x7fc00000 [ 145.349219][ T6416] syzkaller1: entered promiscuous mode [ 145.349247][ T6416] syzkaller1: entered allmulticast mode [ 145.818797][ T6426] netlink: 'syz.2.240': attribute type 5 has an invalid length. [ 145.818895][ T6431] netlink: 152 bytes leftover after parsing attributes in process `syz.1.244'. [ 147.390586][ T5589] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 147.555411][ T5589] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 147.555444][ T5589] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 147.594255][ T5589] usb 2-1: config 0 descriptor?? [ 147.618353][ T5589] cp210x 2-1:0.0: cp210x converter detected [ 147.901749][ T6496] netlink: 212348 bytes leftover after parsing attributes in process `syz.0.271'. [ 147.902331][ T6496] netlink: ct family unspecified [ 148.023577][ T5589] cp210x 2-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 148.167554][ T6502] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 148.167554][ T6502] The task syz.0.275 (6502) triggered the difference, watch for misbehavior. [ 148.398733][ T5589] usb 2-1: cp210x converter now attached to ttyUSB0 [ 148.466901][ T5589] usb 2-1: USB disconnect, device number 8 [ 148.537552][ T5589] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 148.752878][ T5589] cp210x 2-1:0.0: device disconnected [ 149.274600][ T6518] netlink: 252 bytes leftover after parsing attributes in process `syz.1.283'. [ 151.763847][ T5725] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 151.910549][ T5725] usb 2-1: Using ep0 maxpacket: 8 [ 151.913084][ T5725] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 151.913147][ T5725] usb 2-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a [ 151.913172][ T5725] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 151.959023][ T5725] usb 2-1: config 0 descriptor?? [ 151.975711][ T5725] gspca_main: vc032x-2.14.0 probing 046d:0892 [ 152.052092][ T6588] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 152.515474][ T6596] loop6: detected capacity change from 0 to 7 [ 152.528019][ T6596] Dev loop6: unable to read RDB block 7 [ 152.528078][ T6596] loop6: unable to read partition table [ 152.528319][ T6596] loop6: partition table beyond EOD, truncated [ 152.528340][ T6596] loop_reread_partitions: partition scan of loop6 (þ被xü—ŸÑà– ) failed (rc=-5) [ 152.829762][ T5725] gspca_vc032x: reg_w err -71 [ 152.829877][ T5725] vc032x 2-1:0.0: probe with driver vc032x failed with error -71 [ 152.872341][ T5725] usb 2-1: USB disconnect, device number 9 [ 153.562767][ T5589] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 153.712421][ T5589] usb 5-1: too many configurations: 36, using maximum allowed: 8 [ 153.765965][ T5589] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 153.766000][ T5589] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 153.766022][ T5589] usb 5-1: Product: syz [ 153.766037][ T5589] usb 5-1: Manufacturer: syz [ 153.766051][ T5589] usb 5-1: SerialNumber: syz [ 153.930564][ T31] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 153.938400][ T5589] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 154.090474][ T31] usb 2-1: Using ep0 maxpacket: 32 [ 154.110602][ T31] usb 2-1: New USB device found, idVendor=1964, idProduct=0001, bcdDevice=d4.15 [ 154.110635][ T31] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 154.110655][ T31] usb 2-1: Product: syz [ 154.110669][ T31] usb 2-1: Manufacturer: syz [ 154.110683][ T31] usb 2-1: SerialNumber: syz [ 154.210884][ T31] usb 2-1: config 0 descriptor?? [ 154.684467][ T10] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 154.752511][ T31] RobotFuzz Open Source InterFace, OSIF 2-1:0.0: version d4.15 found at bus 002 address 010 [ 155.330500][ T31] usb 5-1: USB disconnect, device number 7 [ 155.433140][ T5589] usb 2-1: USB disconnect, device number 10 [ 155.744272][ T6656] capability: warning: `syz.2.345' uses 32-bit capabilities (legacy support in use) [ 156.205406][ T10] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive [ 156.206105][ T10] ath9k_htc: Failed to initialize the device [ 156.257170][ T31] usb 5-1: ath9k_htc: USB layer deinitialized [ 156.385705][ T6672] netlink: 4 bytes leftover after parsing attributes in process `syz.2.352'. [ 156.426251][ T6672] hsr_slave_0: left promiscuous mode [ 156.478617][ T6672] hsr_slave_1: left promiscuous mode [ 157.730598][ T10] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 157.824486][ T5589] usb 2-1: new full-speed USB device number 11 using dummy_hcd [ 157.942223][ T10] usb 5-1: Using ep0 maxpacket: 16 [ 157.957310][ T10] usb 5-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3 [ 157.957343][ T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 157.957364][ T10] usb 5-1: Product: syz [ 157.957378][ T10] usb 5-1: Manufacturer: syz [ 157.957392][ T10] usb 5-1: SerialNumber: syz [ 157.985147][ T5589] usb 2-1: config 150 has an invalid interface number: 204 but max is 2 [ 157.985177][ T5589] usb 2-1: config 150 has 2 interfaces, different from the descriptor's value: 3 [ 157.985198][ T5589] usb 2-1: config 150 has no interface number 0 [ 157.985240][ T5589] usb 2-1: config 150 interface 204 has no altsetting 0 [ 157.997152][ T5589] usb 2-1: New USB device found, idVendor=04e2, idProduct=1424, bcdDevice=c7.eb [ 157.997180][ T5589] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 157.997198][ T5589] usb 2-1: Product: syz [ 157.997211][ T5589] usb 2-1: Manufacturer: syz [ 157.997224][ T5589] usb 2-1: SerialNumber: syz [ 158.028944][ T10] usb 5-1: config 0 descriptor?? [ 158.166855][ T37] audit: type=1326 audit(1778439335.735:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6709 comm="syz.2.372" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32699acdd9 code=0x7ffc0000 [ 158.166996][ T37] audit: type=1326 audit(1778439335.735:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6709 comm="syz.2.372" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32699acdd9 code=0x7ffc0000 [ 158.170364][ T37] audit: type=1326 audit(1778439335.735:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6709 comm="syz.2.372" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32699acdd9 code=0x7ffc0000 [ 158.191284][ T37] audit: type=1326 audit(1778439335.735:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6709 comm="syz.2.372" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=87 compat=0 ip=0x7f32699acdd9 code=0x7ffc0000 [ 158.191402][ T37] audit: type=1326 audit(1778439335.765:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6709 comm="syz.2.372" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32699acdd9 code=0x7ffc0000 [ 158.191442][ T37] audit: type=1326 audit(1778439335.765:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6709 comm="syz.2.372" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32699acdd9 code=0x7ffc0000 [ 158.219614][ T37] audit: type=1326 audit(1778439335.785:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6709 comm="syz.2.372" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32699acdd9 code=0x7ffc0000 [ 158.220980][ T37] audit: type=1326 audit(1778439335.785:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6709 comm="syz.2.372" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32699acdd9 code=0x7ffc0000 [ 158.224603][ T37] audit: type=1326 audit(1778439335.795:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6709 comm="syz.2.372" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32699acdd9 code=0x7ffc0000 [ 158.224648][ T37] audit: type=1326 audit(1778439335.795:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6709 comm="syz.2.372" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f32699acdd9 code=0x7ffc0000 [ 158.538072][ T5589] xr_serial 2-1:150.204: skipping garbage [ 158.538154][ T5589] xr_serial 2-1:150.204: xr_serial converter detected [ 158.538693][ T10] dvb-usb: found a 'AME DTV-5100 USB2.0 DVB-T' in warm state. [ 158.745726][ T6701] dtv5100: wlen = 0, aborting. [ 158.851191][ T10] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 158.868493][ T10] dvbdev: DVB: registering new adapter (AME DTV-5100 USB2.0 DVB-T) [ 158.873000][ T10] usb 5-1: media controller created [ 159.240117][ T5589] xr_serial ttyUSB0: Failed to set reg 0x0e: -71 [ 159.240188][ T5589] xr_serial ttyUSB0: probe with driver xr_serial failed with error -71 [ 159.260601][ T5589] usb 2-1: USB disconnect, device number 11 [ 159.317463][ T5589] xr_serial 2-1:150.204: device disconnected [ 159.427207][ T10] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 159.763211][ T10] zl10353_read_register: readreg error (reg=127, ret==0) [ 159.763275][ T10] dvb-usb: no frontend was attached by 'AME DTV-5100 USB2.0 DVB-T' [ 159.763288][ T10] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully initialized and connected. [ 159.784895][ T10] usb 5-1: USB disconnect, device number 8 [ 160.115816][ T6744] loop8: detected capacity change from 0 to 7 [ 160.212588][ T6744] Dev loop8: unable to read RDB block 7 [ 160.212642][ T6744] loop8: unable to read partition table [ 160.212886][ T6744] loop8: partition table beyond EOD, truncated [ 160.212908][ T6744] loop_reread_partitions: partition scan of loop8 (þ被xü^>Ñà– ) failed (rc=-5) [ 160.503599][ T10] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully deinitialized and disconnected. [ 160.624041][ T6763] netlink: 4 bytes leftover after parsing attributes in process `syz.4.394'. [ 161.112366][ T6776] netlink: 208240 bytes leftover after parsing attributes in process `syz.0.399'. [ 161.384571][ T6784] vcan0: tx drop: invalid sa for name 0x0000000000000001 [ 161.770661][ T5725] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 161.950796][ T5725] usb 5-1: Using ep0 maxpacket: 32 [ 162.033004][ T5725] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 162.033041][ T5725] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 162.033081][ T5725] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 162.033105][ T5725] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 162.104176][ T5725] usb 5-1: config 0 descriptor?? [ 162.127241][ T5725] hub 5-1:0.0: USB hub found [ 162.321823][ T5725] hub 5-1:0.0: 1 port detected [ 162.478798][ T6806] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input7 [ 162.877206][ T5725] usb 5-1: USB disconnect, device number 9 [ 162.892722][ T5607] hub 5-1:0.0: hub_ext_port_status failed (err = -71) [ 165.128277][ T6852] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 165.196652][ T6872] netlink: 8 bytes leftover after parsing attributes in process `syz.0.442'. [ 165.890643][ T36] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 165.917165][ T6852] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 166.060492][ T36] usb 5-1: Using ep0 maxpacket: 16 [ 166.065727][ T36] usb 5-1: New USB device found, idVendor=0d8c, idProduct=0102, bcdDevice= 0.40 [ 166.065759][ T36] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 166.065779][ T36] usb 5-1: Product: syz [ 166.065793][ T36] usb 5-1: Manufacturer: syz [ 166.065808][ T36] usb 5-1: SerialNumber: syz [ 166.918051][ T6852] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 167.152329][ T36] snd-usb-audio 5-1:1.0: probe with driver snd-usb-audio failed with error -71 [ 167.203808][ T36] usb 5-1: USB disconnect, device number 10 [ 167.524280][ T6852] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 168.101842][ T5589] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 168.251975][ T5589] usb 3-1: Using ep0 maxpacket: 32 [ 168.254913][ T5589] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 168.254944][ T5589] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 168.254983][ T5589] usb 3-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00 [ 168.255007][ T5589] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 168.289316][ T5589] usb 3-1: config 0 descriptor?? [ 168.827817][ T5589] ft260 0003:0403:6030.0005: unknown main item tag 0x0 [ 168.827852][ T5589] ft260 0003:0403:6030.0005: unknown main item tag 0x0 [ 168.834077][ T3396] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 168.999277][ T5589] ft260 0003:0403:6030.0005: failed to retrieve chip version [ 168.999740][ T5589] ft260 0003:0403:6030.0005: probe with driver ft260 failed with error -32 [ 169.021687][ T3396] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 169.071316][ T5589] usb 3-1: USB disconnect, device number 2 [ 169.244962][ T3396] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 169.395735][ T3390] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 170.190508][ T36] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 170.361479][ T36] usb 2-1: Using ep0 maxpacket: 16 [ 170.364198][ T36] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 170.364233][ T36] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 170.364274][ T36] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2db4, bcdDevice= 0.00 [ 170.364296][ T36] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 170.436140][ T36] usb 2-1: config 0 descriptor?? [ 170.883116][ T36] konepure 0003:1E7D:2DB4.0006: item fetching failed at offset 0/4 [ 170.884023][ T36] konepure 0003:1E7D:2DB4.0006: parse failed [ 170.884099][ T36] konepure 0003:1E7D:2DB4.0006: probe with driver konepure failed with error -22 [ 171.736791][ T7032] faux_driver vgem: [drm] Unknown color mode 9; guessing buffer size. [ 171.794781][ T7030] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 172.178094][ T7050] batadv_slave_1: entered promiscuous mode [ 172.188868][ T7048] batadv_slave_1: left promiscuous mode [ 172.996399][ T5607] usb 2-1: USB disconnect, device number 12 [ 173.006856][ T10] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 173.150530][ T10] usb 5-1: Using ep0 maxpacket: 16 [ 173.170776][ T10] usb 5-1: config 0 has an invalid interface number: 4 but max is 0 [ 173.170807][ T10] usb 5-1: config 0 has no interface number 0 [ 173.170866][ T10] usb 5-1: config 0 interface 4 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 173.170894][ T10] usb 5-1: config 0 interface 4 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 173.170933][ T10] usb 5-1: New USB device found, idVendor=6161, idProduct=4d15, bcdDevice= 0.00 [ 173.170956][ T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 173.193197][ T10] usb 5-1: config 0 descriptor?? [ 173.490574][ T822] usb 3-1: new full-speed USB device number 3 using dummy_hcd [ 173.645443][ T10] hid (null): bogus close delimiter [ 173.664563][ T822] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 173.664625][ T822] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 173.664679][ T822] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 173.664720][ T822] usb 3-1: New USB device found, idVendor=05ac, idProduct=0324, bcdDevice= 0.00 [ 173.664743][ T822] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 173.698597][ T822] usb 3-1: config 0 descriptor?? [ 173.865783][ T5607] usb 5-1: USB disconnect, device number 11 [ 174.193087][ T822] magicmouse 0003:05AC:0324.0008: unknown main item tag 0x0 [ 174.193125][ T822] magicmouse 0003:05AC:0324.0008: unknown main item tag 0x0 [ 174.193151][ T822] magicmouse 0003:05AC:0324.0008: unknown main item tag 0x0 [ 174.193175][ T822] magicmouse 0003:05AC:0324.0008: unknown main item tag 0x0 [ 174.193198][ T822] magicmouse 0003:05AC:0324.0008: unknown main item tag 0x0 [ 174.193222][ T822] magicmouse 0003:05AC:0324.0008: unknown main item tag 0x0 [ 174.193246][ T822] magicmouse 0003:05AC:0324.0008: unknown main item tag 0x0 [ 174.193269][ T822] magicmouse 0003:05AC:0324.0008: unknown main item tag 0x0 [ 174.193293][ T822] magicmouse 0003:05AC:0324.0008: unknown main item tag 0x0 [ 174.193317][ T822] magicmouse 0003:05AC:0324.0008: unknown main item tag 0x0 [ 174.271697][ T822] magicmouse 0003:05AC:0324.0008: hidraw0: USB HID v7f.fd Device [HID 05ac:0324] on usb-dummy_hcd.2-1/input0 [ 174.368624][ T822] usb 3-1: USB disconnect, device number 3 [ 174.597997][ T7088] fido_id[7088]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory [ 175.036312][ T7103] netlink: 4 bytes leftover after parsing attributes in process `syz.0.548'. [ 175.291458][ T7112] vivid-003: ================= START STATUS ================= [ 175.291478][ T7112] vivid-003: Radio HW Seek Mode: Bounded [ 175.291501][ T7112] vivid-003: Radio Programmable HW Seek: false [ 175.291521][ T7112] vivid-003: RDS Rx I/O Mode: Block I/O [ 175.291539][ T7112] vivid-003: Generate RBDS Instead of RDS: false [ 175.291558][ T7112] vivid-003: RDS Reception: true [ 175.291576][ T7112] vivid-003: RDS Program Type: 0 inactive [ 175.291600][ T7112] vivid-003: RDS PS Name: inactive [ 175.291621][ T7112] vivid-003: RDS Radio Text: inactive [ 175.291641][ T7112] vivid-003: RDS Traffic Announcement: false inactive [ 175.291664][ T7112] vivid-003: RDS Traffic Program: false inactive [ 175.291685][ T7112] vivid-003: RDS Music: false inactive [ 175.291708][ T7112] vivid-003: ================== END STATUS ================== [ 177.470249][ T7178] Bluetooth: MGMT ver 1.23 [ 177.768905][ T5613] Bluetooth: hci4: link tx timeout [ 177.769199][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 177.782681][ T5613] Bluetooth: hci4: link tx timeout [ 177.782700][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 177.838108][ T5613] Bluetooth: hci4: link tx timeout [ 177.838138][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 177.838169][ T5613] Bluetooth: hci4: link tx timeout [ 177.838180][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 177.838249][ T5613] Bluetooth: hci4: link tx timeout [ 177.838261][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 177.838332][ T5613] Bluetooth: hci4: link tx timeout [ 177.838344][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 177.838418][ T5613] Bluetooth: hci4: link tx timeout [ 177.838430][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 177.844084][ T5613] Bluetooth: hci4: link tx timeout [ 177.844100][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 177.925933][ T5613] Bluetooth: hci4: link tx timeout [ 177.925954][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 177.925983][ T5613] Bluetooth: hci4: link tx timeout [ 177.925994][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 177.926214][ T5613] Bluetooth: hci4: link tx timeout [ 177.926225][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 177.985229][ T5613] Bluetooth: hci4: link tx timeout [ 177.985251][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 177.985282][ T5613] Bluetooth: hci4: link tx timeout [ 177.985293][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 177.985354][ T5613] Bluetooth: hci4: link tx timeout [ 177.985366][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 177.985437][ T5613] Bluetooth: hci4: link tx timeout [ 177.985449][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 177.985522][ T5613] Bluetooth: hci4: link tx timeout [ 177.985534][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 177.985604][ T5613] Bluetooth: hci4: link tx timeout [ 177.985616][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 177.985689][ T5613] Bluetooth: hci4: link tx timeout [ 177.985701][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 177.985771][ T5613] Bluetooth: hci4: link tx timeout [ 177.985783][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 177.985865][ T5613] Bluetooth: hci4: link tx timeout [ 177.985877][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 177.985949][ T5613] Bluetooth: hci4: link tx timeout [ 177.985961][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 177.986307][ T5613] Bluetooth: hci4: link tx timeout [ 177.986320][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 177.986381][ T5613] Bluetooth: hci4: link tx timeout [ 177.986392][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 177.986457][ T5613] Bluetooth: hci4: link tx timeout [ 177.986468][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 177.986570][ T5613] Bluetooth: hci4: link tx timeout [ 177.986582][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 177.986606][ T5613] Bluetooth: hci4: link tx timeout [ 177.986617][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 177.986691][ T5613] Bluetooth: hci4: link tx timeout [ 177.986703][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 177.986777][ T5613] Bluetooth: hci4: link tx timeout [ 177.986789][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 177.986874][ T5613] Bluetooth: hci4: link tx timeout [ 177.986886][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 177.986946][ T5613] Bluetooth: hci4: link tx timeout [ 177.986958][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 177.987063][ T5613] Bluetooth: hci4: link tx timeout [ 177.987074][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 177.987153][ T5613] Bluetooth: hci4: link tx timeout [ 177.987164][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 177.987228][ T5613] Bluetooth: hci4: link tx timeout [ 177.987240][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 177.987312][ T5613] Bluetooth: hci4: link tx timeout [ 177.987324][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 177.987515][ T5613] Bluetooth: hci4: link tx timeout [ 177.987527][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 177.987588][ T5613] Bluetooth: hci4: link tx timeout [ 177.987600][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 177.987670][ T5613] Bluetooth: hci4: link tx timeout [ 177.987682][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 177.987769][ T5613] Bluetooth: hci4: link tx timeout [ 177.987781][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 177.987846][ T5613] Bluetooth: hci4: link tx timeout [ 177.987858][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 177.987923][ T5613] Bluetooth: hci4: link tx timeout [ 177.987935][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 177.988003][ T5613] Bluetooth: hci4: link tx timeout [ 177.988014][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 177.988115][ T5613] Bluetooth: hci4: link tx timeout [ 177.992446][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 177.992485][ T5613] Bluetooth: hci4: link tx timeout [ 177.992494][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 178.419133][ T5613] Bluetooth: hci4: link tx timeout [ 178.419156][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 178.419237][ T5613] Bluetooth: hci4: link tx timeout [ 178.419249][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 178.419325][ T5613] Bluetooth: hci4: link tx timeout [ 178.419337][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 178.419443][ T5613] Bluetooth: hci4: link tx timeout [ 178.419455][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 178.419534][ T5613] Bluetooth: hci4: link tx timeout [ 178.419546][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 178.419616][ T5613] Bluetooth: hci4: link tx timeout [ 178.419628][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 178.419702][ T5613] Bluetooth: hci4: link tx timeout [ 178.419714][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 178.419786][ T5613] Bluetooth: hci4: link tx timeout [ 178.419798][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 178.419864][ T5613] Bluetooth: hci4: link tx timeout [ 178.419875][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 178.419932][ T5613] Bluetooth: hci4: link tx timeout [ 178.419944][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 178.420015][ T5613] Bluetooth: hci4: link tx timeout [ 178.420027][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 178.420109][ T5613] Bluetooth: hci4: link tx timeout [ 178.420121][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 178.420198][ T5613] Bluetooth: hci4: link tx timeout [ 178.420210][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 178.420331][ T5613] Bluetooth: hci4: link tx timeout [ 178.420343][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 178.425985][ T5613] Bluetooth: hci4: link tx timeout [ 178.426005][ T5613] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 179.782389][ T5718] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 179.804592][ T5613] Bluetooth: hci4: command 0x0406 tx timeout [ 179.931900][ T5718] usb 3-1: Using ep0 maxpacket: 32 [ 179.934579][ T5718] usb 3-1: config 0 has an invalid interface number: 67 but max is 0 [ 179.934607][ T5718] usb 3-1: config 0 has no interface number 0 [ 179.972356][ T5718] usb 3-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 179.972389][ T5718] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 179.972409][ T5718] usb 3-1: Product: syz [ 179.972423][ T5718] usb 3-1: Manufacturer: syz [ 179.972437][ T5718] usb 3-1: SerialNumber: syz [ 180.036124][ T5718] usb 3-1: config 0 descriptor?? [ 180.771376][ T10] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 180.938183][ T10] usb 2-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 180.938216][ T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 180.963614][ T10] usb 2-1: config 0 descriptor?? [ 180.986093][ T10] gspca_main: cpia1-2.14.0 probing 0813:0001 [ 181.243352][ T5718] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -71 [ 181.243385][ T5718] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 181.247483][ T5718] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71 [ 181.287349][ T5718] smsc95xx 3-1:0.67: probe with driver smsc95xx failed with error -71 [ 181.314339][ T5718] usb 3-1: USB disconnect, device number 4 [ 181.405299][ T10] cpia1 2-1:0.0: unexpected state after lo power cmd: 00 [ 182.019146][ T10] gspca_cpia1: usb_control_msg 05, error -71 [ 182.019169][ T10] cpia1 2-1:0.0: unexpected systemstate: 00 [ 182.040087][ T10] usb 2-1: USB disconnect, device number 13 [ 182.737127][ T7297] netlink: 736 bytes leftover after parsing attributes in process `syz.1.634'. [ 182.765552][ T7297] netlink: 104 bytes leftover after parsing attributes in process `syz.1.634'. [ 183.933046][ T7329] batadv_slave_0: entered promiscuous mode [ 183.936723][ T7328] batadv_slave_0: left promiscuous mode [ 184.381692][ T37] kauditd_printk_skb: 14 callbacks suppressed [ 184.381714][ T37] audit: type=1800 audit(1778439361.875:82): pid=7338 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.2.651" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0 [ 188.772397][ T7453] input: syz1 as /devices/virtual/input/input8 [ 189.312768][ T7474] fuse: Bad value for 'fd' [ 189.504652][ T7480] netlink: 8 bytes leftover after parsing attributes in process `syz.1.710'. [ 189.631304][ T4916] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201' [ 189.631331][ T4916] CPU: 0 UID: 0 PID: 4916 Comm: kworker/u9:1 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 189.631356][ T4916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 189.631369][ T4916] Workqueue: hci2 hci_rx_work [ 189.631398][ T4916] Call Trace: [ 189.631405][ T4916] [ 189.631415][ T4916] dump_sta[ 189.631415][ T4916] dump_stack_lvl+0xe8/0x150 [ 189.631444][ T4916] sysfs_create_dir_ns+0x271/0x2a0 [ 189.631476][ T4916] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 189.631499][ T4916] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 189.631532][ T4916] ? rt_spin_unlock+0x160/0x200 [ 189.631557][ T4916] kobject_add_internal+0x631/0xd10 [ 189.631597][ T4916] kobject_add+0x163/0x240 [ 189.631632][ T4916] ? __pfx_kobject_add+0x10/0x10 [ 189.631667][ T4916] ? get_device_parent+0x370/0x3a0 [ 189.631694][ T4916] device_add+0x408/0xbb0 [ 189.631721][ T4916] hci_conn_add_sysfs+0xd5/0x210 [ 189.631749][ T4916] le_conn_complete_evt+0x10e6/0x16b0 [ 189.631790][ T4916] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 189.631820][ T4916] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 189.631846][ T4916] ? lockdep_hardirqs_on+0x7a/0x110 [ 189.631870][ T4916] ? skb_pull_data+0xfb/0x200 [ 189.631902][ T4916] hci_le_conn_complete_evt+0x187/0x470 [ 189.631942][ T4916] hci_event_packet+0x659/0xef0 [ 189.631974][ T4916] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 189.631992][ T4916] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 189.632019][ T4916] ? __pfx_hci_event_packet+0x10/0x10 [ 189.632043][ T4916] ? rt_spin_unlock+0x14f/0x200 [ 189.632084][ T4916] ? hci_send_to_monitor+0xe2/0x590 [ 189.632121][ T4916] hci_rx_work+0x3ee/0x1040 [ 189.632157][ T4916] ? process_scheduled_works+0xa70/0x1860 [ 189.632184][ T4916] process_scheduled_works+0xb5d/0x1860 [ 189.632245][ T4916] ? __pfx_process_scheduled_works+0x10/0x10 [ 189.632275][ T4916] ? assign_work+0x3d5/0x5e0 [ 189.632305][ T4916] worker_thread+0xa53/0xfc0 [ 189.632360][ T4916] kthread+0x388/0x470 [ 189.632385][ T4916] ? __pfx_worker_thread+0x10/0x10 [ 189.632406][ T4916] ? __pfx_kthread+0x10/0x10 [ 189.632436][ T4916] ret_from_fork+0x514/0xb70 [ 189.632468][ T4916] ? __pfx_ret_from_fork+0x10/0x10 [ 189.632493][ T4916] ? __switch_to+0xc79/0x1410 [ 189.632525][ T4916] ? __pfx_kthread+0x10/0x10 [ 189.632552][ T4916] ret_from_fork_asm+0x1a/0x30 [ 189.632599][ T4916] [ 189.632661][ T4916] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 189.632705][ T4916] Bluetooth: hci2: failed to register connection device [ 189.685345][ T4916] ================================================================== [ 189.685361][ T4916] BUG: KASAN: null-ptr-deref in l2cap_sock_suspend_cb+0x4a/0x80 [ 189.685393][ T4916] Write of size 8 at addr 0000000000000798 by task kworker/u9:1/4916 [ 189.685409][ T4916] [ 189.685420][ T4916] CPU: 0 UID: 0 PID: 4916 Comm: kworker/u9:1 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 189.685441][ T4916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 189.685453][ T4916] Workqueue: hci2 hci_rx_work [ 189.685477][ T4916] Call Trace: [ 189.685485][ T4916] [ 189.685492][ T4916] dump_stack_lvl+0xe8/0x150 [ 189.685515][ T4916] ? l2cap_sock_suspend_cb+0x4a/0x80 [ 189.685534][ T4916] kasan_report+0x117/0x150 [ 189.685557][ T4916] ? l2cap_sock_suspend_cb+0x4a/0x80 [ 189.685580][ T4916] kasan_check_range+0x264/0x2c0 [ 189.685602][ T4916] l2cap_sock_suspend_cb+0x4a/0x80 [ 189.685623][ T4916] l2cap_chan_ready+0x15b/0x230 [ 189.685657][ T4916] l2cap_le_start+0x25b/0x1960 [ 189.685687][ T4916] ? __pfx_l2cap_le_start+0x10/0x10 [ 189.685715][ T4916] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 189.685737][ T4916] ? lockdep_hardirqs_on+0x7a/0x110 [ 189.685758][ T4916] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 189.685779][ T4916] ? mutex_lock_nested+0x152/0x1d0 [ 189.685805][ T4916] ? l2cap_connect_cfm+0x894/0x1560 [ 189.685823][ T4916] l2cap_connect_cfm+0x8d5/0x1560 [ 189.685844][ T4916] ? __pfx_l2cap_connect_cfm+0x10/0x10 [ 189.685861][ T4916] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 189.685882][ T4916] ? lockdep_hardirqs_on+0x7a/0x110 [ 189.685902][ T4916] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 189.685923][ T4916] ? mutex_lock_nested+0x152/0x1d0 [ 189.685948][ T4916] ? hci_connect_cfm+0x2c/0x140 [ 189.685972][ T4916] ? __pfx_l2cap_connect_cfm+0x10/0x10 [ 189.685989][ T4916] hci_connect_cfm+0x95/0x140 [ 189.686014][ T4916] le_conn_complete_evt+0x1134/0x16b0 [ 189.686044][ T4916] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 189.686077][ T4916] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 189.686098][ T4916] ? lockdep_hardirqs_on+0x7a/0x110 [ 189.686119][ T4916] ? skb_pull_data+0xfb/0x200 [ 189.686145][ T4916] hci_le_conn_complete_evt+0x187/0x470 [ 189.686172][ T4916] hci_event_packet+0x659/0xef0 [ 189.686195][ T4916] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 189.686212][ T4916] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 189.686237][ T4916] ? __pfx_hci_event_packet+0x10/0x10 [ 189.686257][ T4916] ? rt_spin_unlock+0x14f/0x200 [ 189.686277][ T4916] ? hci_send_to_monitor+0xe2/0x590 [ 189.686307][ T4916] hci_rx_work+0x3ee/0x1040 [ 189.686332][ T4916] ? process_scheduled_works+0xa70/0x1860 [ 189.686353][ T4916] process_scheduled_works+0xb5d/0x1860 [ 189.686383][ T4916] ? __pfx_process_scheduled_works+0x10/0x10 [ 189.686404][ T4916] ? assign_work+0x3d5/0x5e0 [ 189.686423][ T4916] worker_thread+0xa53/0xfc0 [ 189.686453][ T4916] kthread+0x388/0x470 [ 189.686475][ T4916] ? __pfx_worker_thread+0x10/0x10 [ 189.686494][ T4916] ? __pfx_kthread+0x10/0x10 [ 189.686517][ T4916] ret_from_fork+0x514/0xb70 [ 189.686537][ T4916] ? __pfx_ret_from_fork+0x10/0x10 [ 189.686556][ T4916] ? __switch_to+0xc79/0x1410 [ 189.686582][ T4916] ? __pfx_kthread+0x10/0x10 [ 189.686605][ T4916] ret_from_fork_asm+0x1a/0x30 [ 189.686633][ T4916] [ 189.686640][ T4916] ================================================================== [ 189.687155][ T4916] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 189.687170][ T4916] CPU: 0 UID: 0 PID: 4916 Comm: kworker/u9:1 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 189.687192][ T4916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 189.687204][ T4916] Workqueue: hci2 hci_rx_work [ 189.687226][ T4916] Call Trace: [ 189.687232][ T4916] [ 189.687239][ T4916] vpanic+0x56c/0xa60 [ 189.687264][ T4916] ? __pfx_vpanic+0x10/0x10 [ 189.687289][ T4916] panic+0xc5/0xd0 [ 189.687309][ T4916] ? __pfx_panic+0x10/0x10 [ 189.687330][ T4916] ? preempt_schedule_thunk+0x16/0x30 [ 189.687358][ T4916] ? preempt_schedule_thunk+0x16/0x30 [ 189.687384][ T4916] ? l2cap_sock_suspend_cb+0x4a/0x80 [ 189.687404][ T4916] check_panic_on_warn+0x89/0xb0 [ 189.687429][ T4916] ? l2cap_sock_suspend_cb+0x4a/0x80 [ 189.687447][ T4916] end_report+0x73/0x170 [ 189.687467][ T4916] ? l2cap_sock_suspend_cb+0x4a/0x80 [ 189.687485][ T4916] kasan_report+0x128/0x150 [ 189.687505][ T4916] ? l2cap_sock_suspend_cb+0x4a/0x80 [ 189.687528][ T4916] kasan_check_range+0x264/0x2c0 [ 189.687549][ T4916] l2cap_sock_suspend_cb+0x4a/0x80 [ 189.687569][ T4916] l2cap_chan_ready+0x15b/0x230 [ 189.687595][ T4916] l2cap_le_start+0x25b/0x1960 [ 189.687623][ T4916] ? __pfx_l2cap_le_start+0x10/0x10 [ 189.687650][ T4916] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 189.687671][ T4916] ? lockdep_hardirqs_on+0x7a/0x110 [ 189.687693][ T4916] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 189.687716][ T4916] ? mutex_lock_nested+0x152/0x1d0 [ 189.687742][ T4916] ? l2cap_connect_cfm+0x894/0x1560 [ 189.687760][ T4916] l2cap_connect_cfm+0x8d5/0x1560 [ 189.687780][ T4916] ? __pfx_l2cap_connect_cfm+0x10/0x10 [ 189.687797][ T4916] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 189.687817][ T4916] ? lockdep_hardirqs_on+0x7a/0x110 [ 189.687838][ T4916] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 189.687858][ T4916] ? mutex_lock_nested+0x152/0x1d0 [ 189.687883][ T4916] ? hci_connect_cfm+0x2c/0x140 [ 189.687905][ T4916] ? __pfx_l2cap_connect_cfm+0x10/0x10 [ 189.687922][ T4916] hci_connect_cfm+0x95/0x140 [ 189.687946][ T4916] le_conn_complete_evt+0x1134/0x16b0 [ 189.687975][ T4916] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 189.688001][ T4916] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 189.688022][ T4916] ? lockdep_hardirqs_on+0x7a/0x110 [ 189.688043][ T4916] ? skb_pull_data+0xfb/0x200 [ 189.688078][ T4916] hci_le_conn_complete_evt+0x187/0x470 [ 189.688105][ T4916] hci_event_packet+0x659/0xef0 [ 189.688134][ T4916] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 189.688151][ T4916] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 189.688173][ T4916] ? __pfx_hci_event_packet+0x10/0x10 [ 189.688193][ T4916] ? rt_spin_unlock+0x14f/0x200 [ 189.688213][ T4916] ? hci_send_to_monitor+0xe2/0x590 [ 189.688240][ T4916] hci_rx_work+0x3ee/0x1040 [ 189.688263][ T4916] ? process_scheduled_works+0xa70/0x1860 [ 189.688284][ T4916] process_scheduled_works+0xb5d/0x1860 [ 189.688314][ T4916] ? __pfx_process_scheduled_works+0x10/0x10 [ 189.688336][ T4916] ? assign_work+0x3d5/0x5e0 [ 189.688357][ T4916] worker_thread+0xa53/0xfc0 [ 189.688386][ T4916] kthread+0x388/0x470 [ 189.688409][ T4916] ? __pfx_worker_thread+0x10/0x10 [ 189.688427][ T4916] ? __pfx_kthread+0x10/0x10 [ 189.688450][ T4916] ret_from_fork+0x514/0xb70 [ 189.688470][ T4916] ? __pfx_ret_from_fork+0x10/0x10 [ 189.688489][ T4916] ? __switch_to+0xc79/0x1410 [ 189.688515][ T4916] ? __pfx_kthread+0x10/0x10 [ 189.688538][ T4916] ret_from_fork_asm+0x1a/0x30 [ 189.688565][ T4916] [ 189.688962][ T4916] Kernel Offset: disabled