last executing test programs: 2.594646942s ago: executing program 1 (id=2545): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x20000, 0x0) readv(r0, &(0x7f0000000000)=[{&(0x7f0000001300)=""/244, 0xfdef}], 0x1) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000001200)={0x0, 0xffffff1e, 0xffffffff, 0x4, 0x16, "001bf100eeff0000a2c2000100000000002000"}) syz_open_pts(r0, 0x101) r1 = syz_io_uring_setup(0x88c, &(0x7f0000000140)={0x0, 0xaee2, 0x80, 0x2, 0xbffffffc}, &(0x7f0000000000)=0x0, &(0x7f00000000c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd, 0x0, 0x0, 0x0, {0x2}}) io_uring_enter(r1, 0x47f6, 0x0, 0x2, 0x0, 0x0) write$UHID_INPUT(0xffffffffffffffff, &(0x7f00000001c0)={0xa, {"08c39ee52f329f1698b1c4865f8b540a5eee9f496a0809c3d20325867b6edda88489ab4c09fe0a7f1e8640aa8e344f412df0d69475a5d6570e21f31fac7dfb4aa7ade0e851582d5c1abdd809580cb34c9e48576b1c73ed76023256fca058ada3db47d86cc75b33cf762b67fe61f152618c49a40858f68794a4fc484ab73ccd254ba3d147f5feddaf91dacc238c0a8096f79597ca1e6da781fcf37a0141a335c6a7577d2d53c6e552a7be208381bb31d1d3e0e92ea651655217535734b286d3f19780a4c720075a36a734151f8c00e651cb3a6bbe30e3f6aee48750436da6471e965e81f38134674fcb697108fb7345010bb8fa15fba9b33355d7858327171ab9c68f6c21b2ffbff4eb061dab80bc77a4a7769e7ff73bcd98790e09415bfc5978cf5af45c3ec9ef9c1a39f766c59d59590281038dbcb765580ba2b3f141d5bbfc40910a0894cd1f22d2a8b6d4e4778debef99438b54d44b4b7568de2777431a5b2f3e8d1a45a60a468f5e33e8ef534f803dfb6798c270f52edf031ecd996bb78c4e92961c63c079676d77412ebc6074e5f235417785e7a14b14ce7626b015071c154cc2bf8f4499b93293e9997c23df4c7a1498cf12414fb31eb873728e4f613b540d22e7ca718f18da5b82ed24995e4309c3af4a2e1097465bf09728082d09e71ea365522035eb9772b8e072f8454777ee304dacd59d3eb9f933f151fa14f8c38eadbeba04810a2dea7a66824f09235c13a45f07870210d0d310ce3ae6284577bd4e65f32700f6723727926cb52e4f27776a1dab0f6668327ab5cf1893879a635261f2e0d9923ccecbf5b80f10a8275c1515f47930d614e787f14c105d3a4f8faf8e7f738cf4eae4fc39ef3db3cb87794ace87f7239b69dc4ab4e5ae57cdfbd309e847d99600ef14b51faead01e8ade57d24270bc13a1787896096eeacb8ab1c93d31d93cfb244bb09ecfecf336362a5656db7df327cbb9aeb898f8af229c7bb9452805f2b4510c5df86b6d564e01f000000167ade5205331523a6392af2bea9e6db0ba5480cbf1b202714233289c4017cb66e83c0c8b6e88bedb922162d0ceecf6c5da173bbefe6781ab7720d2be6cca378db650c69d4228141ae190922fbbaddb86c7f0fe138b704e8305b3bcc7910b2280d96d71dafdbfa876b0013fc4de586f85d9ee077b6349becbdca8bd989a51c4c76ed8a8cc691a65078e0272a62edec8236a779f0cbffeda49dcdccd4def7064e0d77ae5a8c64f3057b4a3a0d4457d33f2bc6c112378315411baa4bb126fe540d750491fc58fbb66911ef82bce5ed76872dbcd8e05dea2f3f347a653aa39ab5d75e71671bfeb924e71476134dbf91e3f287fd853cc34bf81e717edd41aa04b6fbeb43cf2074f0c8fe5350401b6cff801c147a3b58b972aa5652629a9fd8b1df2852708ce958d4e9974ec4383aa5da4e3f75fdc85981e97b75863546f67a8703673b6fe2c26f0e9eeb8c45c26f673adac55fa5d69b82ae7d032fd3b26866047e8c029b90a62794a89c11398944b398b4177b2dcc5a743c16d4a5333b1e30af678d3db8df849c1753db067a6f94bab00c0dd3c7e94a8675924c89bda98ac09e10bcdf83f5114b9b466c413477a5cdc48c857230798934bcc1f0eb3a2d2944b139e459af32e515785f46ed4e97cdcb23c7e4dc7c4f91b5b5ca5228344aeb6652fffaf31325c7429bc70a5f6beaaa98ef190dffdeccc94bd814b3edfdd48243bf34291076ab5438ee00e924a827d5b453df42d24144fe1a45bb6c84fcbb2143d0a561c1e867c1279bdf0a47061ea77a84f36c720aff785f0db10eda84c767b5f3874f9455c0f026735ded32f0403ef7dbcf97d2233d59c670114ddf89314ba74fc248bcbdbf43c24e46304e229b3cf583aa410f4dfd119152495da8737518ee2a05a8ca1f004be3c551408f2e4013e444b63bf2bb26ddeae505642dffcc989ee241c48741181b506e22fdc4530319522780c74bf786852dc66ebbb51f8ecbb1e35de09ef7afe589bb8a31c5d63477db5d5e7174694ea04cfa98057d39127a4e5eedb4897a491c6693acd0a036abf846f3b6f3006e5e5fd586f29a4a8a31abbccf732e4f1b88187a72d669c16302657e9cbbeb9322662e111edc7771526400b6123d0f8207bcaa38bee07043e36e223d418ac948d65e7acfe72cc3fdcf03a3e43ecfec8ae489ddba09126709c5c7968829e3504de8a5010c9372de09476a7b96b04d7aed2486d8f89f21f075321abe350024abe00a81f87df3dc372fc3206496776c26b6958243070bda4cace3e358da5d39a3945765c2ba4b002b06efd416af66f3343f218ed84550ea83f02f9a5c3fc677ea60987aa25f0406d6154081cfdc074814a2465accdfa102858f5a52c9eae293c56ddcaf8f6926d3dd0ccb51a30c960d6b7e473038ebd3702b5106f6bc040efdfd7169fd3f2dc42ff23de26a239e13b74278729fd7e843b38a35c55fd50181ac13a9cbbbfd8feb36afaeb1993349c0ac5a0c44ffd92919dfe272b0f8ed7df7198cd299715f021109a58dced4753d3c7ddd6e9ea01596f18b2fe7000000004ccfca57aed5b5cebdff65de480a56bd53f4c7f83ddef00d7c9686311d1fce76f320bb3222a11db30ba6ed31535d8fda61e694478ca9935d72719b8d6b9be88ae3df30b60ee251b919b4d1734b994c62accdf855488b351738331b462eccf27efdc5577d7a5548579dc90d227a42ac010f33a720dc3cf0a63454f8b07c775287495761a058ec1e28e6aaf8057241f4ef8b5de56e279355bb66630c4ddf35e7c2cfff26a4241b1df0379d2a1e9f959e46d3843f89844ead50aff44640fcbc4a1edb033afff7cc9e57c4f8d31900764233e11fa4c28e547788c1b00de4268df692ba3415a9ad90fa712f9618f5ecff57da32809380eeff040cd3b23f508614c72b303cec3bcd732708303b166193366a062b9cea536f28478c387e626744c6a611a8e7162d274efccc84eee8eb31d3310c86752777dd5b5ffe234e895c54909f19a4aabcf3c15b90c02170409e314fd90e766ec4ba93c8ec6321237a980ad3c32fb2fab69e57541ea7f5427a85c2c57d40f9ebe9de5572f46a4713fb28e0af42d0adef3e29195aa41a3ba318181512eebfadffede4e35ff7f975928edc5d4d9f2d931fb44b30e1df55e66c52e1648e9cdaf71221b57c6a6b087428ccc57ade5b1531341cba2be452b426c434c70fd8c493337d4995cbd76ea1dd545226e3eb59d5f94ffb5352f87a4a66cd7c5e88322404fd397c46e198646a9c819d0eb1f10e54d8a3ea912f1cb134ff1095aa7325287f6ea9af8c13b67d6abcbb70dbc06838ecb33e45b60f6cb832c3e72d1401770f66bd02f35a2d007815ab676099e31f5102000000c0e83d5e7107c8dc5830c9cddb9781185b94d7f2814c5058ba3ac54c268741c5728f4997a9628602c2a36090162379f3f37c47619b3e7c7397a5913b7060b51e0c7f7226ff1135444f866f89a4b74136cbd3acb7178bd63183b3fd9cd19fdeb6fcc6341910ad4605da76a9af4bfb8b75fcd666f8188902b380ae560d9aa04f8f9b0ac5c109d1824a470726e06a49d955f8f71c8a86081e75b13f62600deb941da181eaff544cd559c467d8dae432debd22e7a7b3e1ad731a5b9470f5f60423dda061ff899c07c79f3da34f38e1d8182d6ee0c36c602945509167be440382a8a8a759b20e41638fd57152029b190b5701d30a86f579e2d0cc53a2f809ca9bd3aba1eb2772a7acc35c4d983afa83a9baea35c0ed4931234719636cf8f5fe1884bde6cebbdf23bd62b1ebf0a5cb78c27295349bd7d5cf28c4ee4689497238fd3aa71a417914e6892667a56bd69dc2e5882cfb67df71494e9a9199e025892e4e7435f727636cd988cc7563d28db5133f649849c5b3973a3428de10ad39d96146b22acc50f50eee5a038876452b960686892de40efe30081ccdaa2bf64af78d5988026e529b36c62a21378ac42d220d0dd878010178e374e6dbb2b61206066d04e729ed03c6fd9a4e00547fe9304aec0925d85a0acd07fdc5d48c1a1cff656916f5d25952327792255e0d606a32517781cc3d737ec753eb95b5b5b95dabd8946907ab54cc85d05b475e2e5486c6fc070417198d3a50910e2949d20d3fa68fd327934cff5171224942b8f18d88947763a7c710d09c4b269bdf2d3e715329917fb70728a4a0530999b755ba8fc04deabf4bc4bcffc4d62d491538c65078122bf2c263ae0020af67cfc9cf19e5b929e086af281fb43d5504d728935c5cfac136eb81703d50fddb39a5a713b2914c6acd9b2d07819cf7bba495ac5734fe423e611d309b80eeafcf9053d51b0ab3c29d5ca5eb8861ffc1ebc4d53f361b8991baecb52860c15202f979e34054fcde869d018103ccd6d914a70f1840fc6aaf426beec975ddb980b19b0f4cc2ca393c0b9e6ebe5e7d1c9fc1ef7a1c91378f0b73262993fb80667ecf62bac3c47cbd002ae1b87b8dc3ec99d5c987765d778868eb55022cc3bed14b8f934a584bcc98fa0b4f6e6982ab8d8a2bb49f9074ef429dd7b8db332a96ccec6983a97be7c8634c02e7937ffc8d613b83aa375886bf40a87ec062090382f874bf2c8e5fbb58ac18a46c4d9e85af3ca21bdacb7755f49776b0eb3972ff682c84beb07d74cbe2764e378253e72128991b73d2730704a5448280e8a0fd8cc87d4cddcffbfe5525ae3d2304877a3988e33c8e12bf77793e753f25840e9af2ce56bdb999fc62623a2298b4244534f662eb398a2577c72f6cfd5174697dcee151d4f3a7293b11de3889c43744da4165aca4e4a1e926d37ae4d7471584a06f3641f2037a74a58c2397a594f29d142d59f91bb57e24e1a3f30f68c626033cc34895c1b16d62e3a375c3e09f5dbd9338cd3a500643143cd404b57019c648c3ec31d696233fe16efc3c4c84aca0830ca8b9fbf1144b98d82f41e4cf67631c74cdcf8d9c8b8556b876ff1592683ccac0b47a26cb3a2cb1b917f433bb54e0b53deae9ac4b1cd0594c1fa0e6744e7ed88fdac60901e3da989f3b0d7c12b140cc576fa1b0e8e705321d37c303691aafc9fed9c3dc419078d0925ead56455ea5f3cd57941e410c1c14c2e8972d7cca44fcaca1f64fc817f4a41b6d9fb237fed159cb09e788ae560726537f49cb64b9f60915d402e0931355c55ad792cde758548b1af54b196e414046d4af3579a6c30ceac3d68bbfd2adef309c064e759a9f0dd69d682a3880b8ff27b69abffaa45ee7e65d8f1f6e40c188f6249fdf72220b4c87243217ba0292b9e9b67ebeda4fb83406216a4d765812bafeff34cc57f7d2cd1608282079c076055b9cabffe5fa491b970291bc2672540ccc15ed877d7dbe3ef683724c715ace770905e48c2dc6a44e1fc095773676d070eac00ee3834b07590cba7093f56b678313870471c81599d34c53fc03ec6c913d8ba3f604ace8da12d2025cbb5000bc062f4db65a6feacaf3915206d1c15ce7e78c17dc2ea32cb57d6fab0a22d487c77118e75016006f812541ec8180a321287a2d57248d4ee4a19706a19d802c70e250c3b0fc400a0b5cdc06537d2f55fd5300be4eeeaab8cc481a84b6a5e17d8c47ec92fe40710d4ec3530a94ca16710ade2ec7562398106e0ddbb6c8af6412166afd99d45d29a3a967e58decd0d6fc5bebb98d639b5606efd358a43d635d50f0ccb8472197da604994e7fb700243d5f7e45700", 0x1000}}, 0xffffff5c) 1.859125168s ago: executing program 4 (id=2556): r0 = socket(0x1e, 0x4, 0x0) r1 = socket(0x1e, 0x2, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10) sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x3514}], 0x1}}], 0x400000000000181, 0x9200000000000000) r2 = dup3(r1, r0, 0x0) recvmmsg(r2, &(0x7f0000004a40)=[{{0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000500)=""/144, 0x90}, {0x0, 0x18}], 0x2}, 0x2}], 0x1, 0x40000001, 0x0) 1.630567929s ago: executing program 1 (id=2558): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x7, 0x4, 0x8, 0xd9}, 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000020000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000010bc0)='kfree\x00', r2}, 0x18) r3 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000140)=ANY=[@ANYBLOB="440000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r4, @ANYBLOB="080003"], 0x44}}, 0x0) 1.571020228s ago: executing program 0 (id=2559): syz_emit_ethernet(0xbe, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @rand_addr=0x64010101, @dev={0xac, 0x14, 0x14, 0x21}}, {0x4e22, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698dfa871c51852e4451b57d037ad3c045942824251d7d17b5191584cdd4fbe40a27424d", "bcfd56f1373669caaa2f19935e6996c7096ffe4f3a4745a8f762b964", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c00)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3}, 0x94) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 1.494543555s ago: executing program 1 (id=2560): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1b) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_int(r1, 0x0, 0xb, &(0x7f00000000c0)=0x3, 0x4) syz_emit_ethernet(0x46, &(0x7f0000000000)={@link_local={0x3}, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x4, 0x0, 0x12, 0x0, 0x3f18, {0x5, 0x2, 0x0, 0x0, 0x0, 0x68, 0x0, 0x0, 0x1, 0x0, @loopback, @loopback}, "00186371ae9b1c03"}}}}}, 0x0) 1.385566902s ago: executing program 1 (id=2561): openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x200, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50) socket$kcm(0x10, 0x2, 0x10) socket$nl_route(0x10, 0x3, 0x0) socket$inet_sctp(0x2, 0x5, 0x84) socket$nl_route(0x10, 0x3, 0x0) socket(0x10, 0x803, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) fsopen(&(0x7f00000000c0)='hugetlbfs\x00', 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="540000001000010400000000000000ffff000000", @ANYRES32=0x0, @ANYBLOB="0380000000000000240012800c0001006d6163766c616e00140002800800010008000000060002000100000008000500", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x54}}, 0x0) sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0) 1.315083306s ago: executing program 0 (id=2562): r0 = socket$kcm(0x2, 0x3, 0x84) sendmsg$inet(r0, &(0x7f0000000d40)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, 0x0, 0x0, &(0x7f0000000cc0)=ANY=[@ANYBLOB="1800"], 0x68}, 0x0) 1.183450448s ago: executing program 2 (id=2564): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020a07b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x6f, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000700)='kfree\x00', r0}, 0x18) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCMIWAIT(r1, 0x5453, 0x0) 1.123022171s ago: executing program 0 (id=2565): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0xb, 0xe, 0x200cc, 0x6, 0x5}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000200), &(0x7f0000000740), 0x4af, r2}, 0x38) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180), &(0x7f0000000240), 0x2, r2}, 0x38) 1.007522211s ago: executing program 0 (id=2567): r0 = openat$uhid(0xffffffffffffff9c, 0x0, 0x2, 0x0) write$UHID_CREATE2(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="0b00000073790101000000000000000000000000000af7f4f0c55de8ca0000000000000000000000000000000000000000f3c800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff00000000000000000000000000000020000000000000030000000000000000000000004119202532aeecfcdbb73887feb3f14db126c935954a335f6469a793"], 0x138) write$UHID_DESTROY(r0, &(0x7f0000000340), 0x4) 939.023636ms ago: executing program 1 (id=2568): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x20000, 0x0) readv(r0, &(0x7f0000000000)=[{&(0x7f0000001300)=""/244, 0xfdef}], 0x1) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000001200)={0x0, 0xffffff1e, 0xffffffff, 0x4, 0x16, "001bf100eeff0000a2c2000100000000002000"}) r1 = dup3(0xffffffffffffffff, r0, 0x0) r2 = syz_io_uring_setup(0x88c, &(0x7f0000000140)={0x0, 0xaee2, 0x80, 0x2, 0xbffffffc}, &(0x7f0000000000)=0x0, &(0x7f00000000c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r1, 0x0, 0x0, 0x0, {0x2}}) io_uring_enter(r2, 0x47f6, 0x0, 0x2, 0x0, 0x0) write$UHID_INPUT(r1, &(0x7f00000001c0)={0xa, {"08c39ee52f329f1698b1c4865f8b540a5eee9f496a0809c3d20325867b6edda88489ab4c09fe0a7f1e8640aa8e344f412df0d69475a5d6570e21f31fac7dfb4aa7ade0e851582d5c1abdd809580cb34c9e48576b1c73ed76023256fca058ada3db47d86cc75b33cf762b67fe61f152618c49a40858f68794a4fc484ab73ccd254ba3d147f5feddaf91dacc238c0a8096f79597ca1e6da781fcf37a0141a335c6a7577d2d53c6e552a7be208381bb31d1d3e0e92ea651655217535734b286d3f19780a4c720075a36a734151f8c00e651cb3a6bbe30e3f6aee48750436da6471e965e81f38134674fcb697108fb7345010bb8fa15fba9b33355d7858327171ab9c68f6c21b2ffbff4eb061dab80bc77a4a7769e7ff73bcd98790e09415bfc5978cf5af45c3ec9ef9c1a39f766c59d59590281038dbcb765580ba2b3f141d5bbfc40910a0894cd1f22d2a8b6d4e4778debef99438b54d44b4b7568de2777431a5b2f3e8d1a45a60a468f5e33e8ef534f803dfb6798c270f52edf031ecd996bb78c4e92961c63c079676d77412ebc6074e5f235417785e7a14b14ce7626b015071c154cc2bf8f4499b93293e9997c23df4c7a1498cf12414fb31eb873728e4f613b540d22e7ca718f18da5b82ed24995e4309c3af4a2e1097465bf09728082d09e71ea365522035eb9772b8e072f8454777ee304dacd59d3eb9f933f151fa14f8c38eadbeba04810a2dea7a66824f09235c13a45f07870210d0d310ce3ae6284577bd4e65f32700f6723727926cb52e4f27776a1dab0f6668327ab5cf1893879a635261f2e0d9923ccecbf5b80f10a8275c1515f47930d614e787f14c105d3a4f8faf8e7f738cf4eae4fc39ef3db3cb87794ace87f7239b69dc4ab4e5ae57cdfbd309e847d99600ef14b51faead01e8ade57d24270bc13a1787896096eeacb8ab1c93d31d93cfb244bb09ecfecf336362a5656db7df327cbb9aeb898f8af229c7bb9452805f2b4510c5df86b6d564e01f000000167ade5205331523a6392af2bea9e6db0ba5480cbf1b202714233289c4017cb66e83c0c8b6e88bedb922162d0ceecf6c5da173bbefe6781ab7720d2be6cca378db650c69d4228141ae190922fbbaddb86c7f0fe138b704e8305b3bcc7910b2280d96d71dafdbfa876b0013fc4de586f85d9ee077b6349becbdca8bd989a51c4c76ed8a8cc691a65078e0272a62edec8236a779f0cbffeda49dcdccd4def7064e0d77ae5a8c64f3057b4a3a0d4457d33f2bc6c112378315411baa4bb126fe540d750491fc58fbb66911ef82bce5ed76872dbcd8e05dea2f3f347a653aa39ab5d75e71671bfeb924e71476134dbf91e3f287fd853cc34bf81e717edd41aa04b6fbeb43cf2074f0c8fe5350401b6cff801c147a3b58b972aa5652629a9fd8b1df2852708ce958d4e9974ec4383aa5da4e3f75fdc85981e97b75863546f67a8703673b6fe2c26f0e9eeb8c45c26f673adac55fa5d69b82ae7d032fd3b26866047e8c029b90a62794a89c11398944b398b4177b2dcc5a743c16d4a5333b1e30af678d3db8df849c1753db067a6f94bab00c0dd3c7e94a8675924c89bda98ac09e10bcdf83f5114b9b466c413477a5cdc48c857230798934bcc1f0eb3a2d2944b139e459af32e515785f46ed4e97cdcb23c7e4dc7c4f91b5b5ca5228344aeb6652fffaf31325c7429bc70a5f6beaaa98ef190dffdeccc94bd814b3edfdd48243bf34291076ab5438ee00e924a827d5b453df42d24144fe1a45bb6c84fcbb2143d0a561c1e867c1279bdf0a47061ea77a84f36c720aff785f0db10eda84c767b5f3874f9455c0f026735ded32f0403ef7dbcf97d2233d59c670114ddf89314ba74fc248bcbdbf43c24e46304e229b3cf583aa410f4dfd119152495da8737518ee2a05a8ca1f004be3c551408f2e4013e444b63bf2bb26ddeae505642dffcc989ee241c48741181b506e22fdc4530319522780c74bf786852dc66ebbb51f8ecbb1e35de09ef7afe589bb8a31c5d63477db5d5e7174694ea04cfa98057d39127a4e5eedb4897a491c6693acd0a036abf846f3b6f3006e5e5fd586f29a4a8a31abbccf732e4f1b88187a72d669c16302657e9cbbeb9322662e111edc7771526400b6123d0f8207bcaa38bee07043e36e223d418ac948d65e7acfe72cc3fdcf03a3e43ecfec8ae489ddba09126709c5c7968829e3504de8a5010c9372de09476a7b96b04d7aed2486d8f89f21f075321abe350024abe00a81f87df3dc372fc3206496776c26b6958243070bda4cace3e358da5d39a3945765c2ba4b002b06efd416af66f3343f218ed84550ea83f02f9a5c3fc677ea60987aa25f0406d6154081cfdc074814a2465accdfa102858f5a52c9eae293c56ddcaf8f6926d3dd0ccb51a30c960d6b7e473038ebd3702b5106f6bc040efdfd7169fd3f2dc42ff23de26a239e13b74278729fd7e843b38a35c55fd50181ac13a9cbbbfd8feb36afaeb1993349c0ac5a0c44ffd92919dfe272b0f8ed7df7198cd299715f021109a58dced4753d3c7ddd6e9ea01596f18b2fe7000000004ccfca57aed5b5cebdff65de480a56bd53f4c7f83ddef00d7c9686311d1fce76f320bb3222a11db30ba6ed31535d8fda61e694478ca9935d72719b8d6b9be88ae3df30b60ee251b919b4d1734b994c62accdf855488b351738331b462eccf27efdc5577d7a5548579dc90d227a42ac010f33a720dc3cf0a63454f8b07c775287495761a058ec1e28e6aaf8057241f4ef8b5de56e279355bb66630c4ddf35e7c2cfff26a4241b1df0379d2a1e9f959e46d3843f89844ead50aff44640fcbc4a1edb033afff7cc9e57c4f8d31900764233e11fa4c28e547788c1b00de4268df692ba3415a9ad90fa712f9618f5ecff57da32809380eeff040cd3b23f508614c72b303cec3bcd732708303b166193366a062b9cea536f28478c387e626744c6a611a8e7162d274efccc84eee8eb31d3310c86752777dd5b5ffe234e895c54909f19a4aabcf3c15b90c02170409e314fd90e766ec4ba93c8ec6321237a980ad3c32fb2fab69e57541ea7f5427a85c2c57d40f9ebe9de5572f46a4713fb28e0af42d0adef3e29195aa41a3ba318181512eebfadffede4e35ff7f975928edc5d4d9f2d931fb44b30e1df55e66c52e1648e9cdaf71221b57c6a6b087428ccc57ade5b1531341cba2be452b426c434c70fd8c493337d4995cbd76ea1dd545226e3eb59d5f94ffb5352f87a4a66cd7c5e88322404fd397c46e198646a9c819d0eb1f10e54d8a3ea912f1cb134ff1095aa7325287f6ea9af8c13b67d6abcbb70dbc06838ecb33e45b60f6cb832c3e72d1401770f66bd02f35a2d007815ab676099e31f5102000000c0e83d5e7107c8dc5830c9cddb9781185b94d7f2814c5058ba3ac54c268741c5728f4997a9628602c2a36090162379f3f37c47619b3e7c7397a5913b7060b51e0c7f7226ff1135444f866f89a4b74136cbd3acb7178bd63183b3fd9cd19fdeb6fcc6341910ad4605da76a9af4bfb8b75fcd666f8188902b380ae560d9aa04f8f9b0ac5c109d1824a470726e06a49d955f8f71c8a86081e75b13f62600deb941da181eaff544cd559c467d8dae432debd22e7a7b3e1ad731a5b9470f5f60423dda061ff899c07c79f3da34f38e1d8182d6ee0c36c602945509167be440382a8a8a759b20e41638fd57152029b190b5701d30a86f579e2d0cc53a2f809ca9bd3aba1eb2772a7acc35c4d983afa83a9baea35c0ed4931234719636cf8f5fe1884bde6cebbdf23bd62b1ebf0a5cb78c27295349bd7d5cf28c4ee4689497238fd3aa71a417914e6892667a56bd69dc2e5882cfb67df71494e9a9199e025892e4e7435f727636cd988cc7563d28db5133f649849c5b3973a3428de10ad39d96146b22acc50f50eee5a038876452b960686892de40efe30081ccdaa2bf64af78d5988026e529b36c62a21378ac42d220d0dd878010178e374e6dbb2b61206066d04e729ed03c6fd9a4e00547fe9304aec0925d85a0acd07fdc5d48c1a1cff656916f5d25952327792255e0d606a32517781cc3d737ec753eb95b5b5b95dabd8946907ab54cc85d05b475e2e5486c6fc070417198d3a50910e2949d20d3fa68fd327934cff5171224942b8f18d88947763a7c710d09c4b269bdf2d3e715329917fb70728a4a0530999b755ba8fc04deabf4bc4bcffc4d62d491538c65078122bf2c263ae0020af67cfc9cf19e5b929e086af281fb43d5504d728935c5cfac136eb81703d50fddb39a5a713b2914c6acd9b2d07819cf7bba495ac5734fe423e611d309b80eeafcf9053d51b0ab3c29d5ca5eb8861ffc1ebc4d53f361b8991baecb52860c15202f979e34054fcde869d018103ccd6d914a70f1840fc6aaf426beec975ddb980b19b0f4cc2ca393c0b9e6ebe5e7d1c9fc1ef7a1c91378f0b73262993fb80667ecf62bac3c47cbd002ae1b87b8dc3ec99d5c987765d778868eb55022cc3bed14b8f934a584bcc98fa0b4f6e6982ab8d8a2bb49f9074ef429dd7b8db332a96ccec6983a97be7c8634c02e7937ffc8d613b83aa375886bf40a87ec062090382f874bf2c8e5fbb58ac18a46c4d9e85af3ca21bdacb7755f49776b0eb3972ff682c84beb07d74cbe2764e378253e72128991b73d2730704a5448280e8a0fd8cc87d4cddcffbfe5525ae3d2304877a3988e33c8e12bf77793e753f25840e9af2ce56bdb999fc62623a2298b4244534f662eb398a2577c72f6cfd5174697dcee151d4f3a7293b11de3889c43744da4165aca4e4a1e926d37ae4d7471584a06f3641f2037a74a58c2397a594f29d142d59f91bb57e24e1a3f30f68c626033cc34895c1b16d62e3a375c3e09f5dbd9338cd3a500643143cd404b57019c648c3ec31d696233fe16efc3c4c84aca0830ca8b9fbf1144b98d82f41e4cf67631c74cdcf8d9c8b8556b876ff1592683ccac0b47a26cb3a2cb1b917f433bb54e0b53deae9ac4b1cd0594c1fa0e6744e7ed88fdac60901e3da989f3b0d7c12b140cc576fa1b0e8e705321d37c303691aafc9fed9c3dc419078d0925ead56455ea5f3cd57941e410c1c14c2e8972d7cca44fcaca1f64fc817f4a41b6d9fb237fed159cb09e788ae560726537f49cb64b9f60915d402e0931355c55ad792cde758548b1af54b196e414046d4af3579a6c30ceac3d68bbfd2adef309c064e759a9f0dd69d682a3880b8ff27b69abffaa45ee7e65d8f1f6e40c188f6249fdf72220b4c87243217ba0292b9e9b67ebeda4fb83406216a4d765812bafeff34cc57f7d2cd1608282079c076055b9cabffe5fa491b970291bc2672540ccc15ed877d7dbe3ef683724c715ace770905e48c2dc6a44e1fc095773676d070eac00ee3834b07590cba7093f56b678313870471c81599d34c53fc03ec6c913d8ba3f604ace8da12d2025cbb5000bc062f4db65a6feacaf3915206d1c15ce7e78c17dc2ea32cb57d6fab0a22d487c77118e75016006f812541ec8180a321287a2d57248d4ee4a19706a19d802c70e250c3b0fc400a0b5cdc06537d2f55fd5300be4eeeaab8cc481a84b6a5e17d8c47ec92fe40710d4ec3530a94ca16710ade2ec7562398106e0ddbb6c8af6412166afd99d45d29a3a967e58decd0d6fc5bebb98d639b5606efd358a43d635d50f0ccb8472197da604994e7fb700243d5f7e45700", 0x1000}}, 0xffffff5c) 938.764213ms ago: executing program 2 (id=2569): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000400)='kfree\x00', r0}, 0x18) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x1980, 0x0) ioctl$TUNSETOFFLOAD(r1, 0xc004743e, 0x110c230007) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x181, 0x0) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r3) ioctl$TUNSETOFFLOAD(r3, 0xc004743e, 0x110e22fff6) ioctl$TUNSETOFFLOAD(r2, 0xc004743e, 0x110c230000) close(r3) 937.507491ms ago: executing program 4 (id=2570): socket$packet(0x11, 0xa, 0x300) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000160a03020000000000000000020000000900020073797a30000000000900010073797a30000000002c00038008000140000000000800024000000000180003801400010073797a5f74756e00000000000000000014000000110001"], 0x80}, 0x1, 0x0, 0x0, 0x40050}, 0x0) syz_emit_ethernet(0xe, &(0x7f0000000180)=ANY=[], 0x0) 909.563988ms ago: executing program 3 (id=2571): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1b) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_int(r1, 0x0, 0xb, &(0x7f00000000c0)=0x3, 0x4) syz_emit_ethernet(0x46, &(0x7f0000000000)={@link_local={0x3}, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x4, 0x0, 0x12, 0x0, 0x3f18, {0x5, 0x2, 0x0, 0x0, 0x0, 0x68, 0x0, 0x0, 0x1, 0x0, @loopback, @loopback}, "00186371ae9b1c03"}}}}}, 0x0) 842.788425ms ago: executing program 0 (id=2572): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x6, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180200000004000000000000000000008500000036000000850000000700000095"], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000100)={r3, r2, 0x25, 0x0, @val=@tracing}, 0x40) syz_emit_ethernet(0xfe1, &(0x7f0000000240)=ANY=[], 0x0) 773.872529ms ago: executing program 3 (id=2573): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000280)="d8000000180081064e81f782db4cb904021d0800fd027c05e8fe55a10a000b000140020203600e41b0000900ac0006031100000016000509000000000004015c3b61c1d67f6f94007134cf6efb8000a007a290457f01a7cee4090000001fb791643a5ee4ce1b14d6d930dfe1d9d3baaafa3e4e5d3e75b69ed2e25e5722fe7c9f8775730d16a4683f5ae24e25ccca9e00360db79826835d3a71d95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9000000008af2", 0xd8}], 0x1}, 0x0) 773.065307ms ago: executing program 4 (id=2574): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001cc0)={0x18, 0x4, 0x0, &(0x7f0000001c00)='GPL\x00', 0x6, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94) r0 = gettid() r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x88000) read(r1, &(0x7f0000000200)=""/209, 0xd1) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x335, @time={0xa2eb, 0x8}, 0x0, {}, 0x20}) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r1, 0x40045304, &(0x7f0000000940)) tkill(r0, 0x7) 614.967737ms ago: executing program 2 (id=2575): r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0) r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xfffffffe, 0x0, 0x1, 0x9}, 0x50) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000040), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) write$tun(r0, &(0x7f0000000600)=ANY=[@ANYBLOB="0004010409000062"], 0x32) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r3, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000340)=[0x7], 0x0, 0x0, 0x1}}, 0x40) 614.608916ms ago: executing program 3 (id=2576): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000060000000000000000008500000007000000850000000e00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000012c0)={&(0x7f0000000040)='kfree\x00', r0}, 0x10) r1 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$VT_DISALLOCATE(r1, 0x5608) 614.366727ms ago: executing program 0 (id=2577): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="0202000311000000000000000000000005000500000000000a00000000000000fe8000000000000000000000000000bb000000000000000002000100000007000000000b000000000200090000000000000000000000000005000600000000000a00000000000000fe8800000000000000000000000000010000000000000000010018"], 0x88}}, 0x0) 468.686048ms ago: executing program 4 (id=2578): r0 = socket$l2tp6(0xa, 0x2, 0x73) sendmmsg$inet6(r0, &(0x7f00000002c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4040005) 431.015134ms ago: executing program 2 (id=2579): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x2}}, [@NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2, 0x0, 0x2000}, [@NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @xfrm={{0x9}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_XFRM_DIR={0x5}, @NFTA_XFRM_KEY={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x7c}, 0x1, 0x0, 0x0, 0x20000805}, 0x20040000) 420.839592ms ago: executing program 3 (id=2580): bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2, 0x0, 0x3}, 0x18) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000080050005000200000011000300686173683a69702c706f7274"], 0x4c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="50000000090601020000ffff00000000020000840900020073797a31000000000500010007000000280007800c00018008000140fffffff70500070084000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x90) openat$dir(0xffffffffffffff9c, 0x0, 0x246a40, 0x0) 255.100257ms ago: executing program 4 (id=2581): r0 = socket(0x1d, 0x2, 0x6) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vxcan1\x00', 0x0}) bind$can_j1939(r0, &(0x7f0000000040)={0x1d, r1, 0x8000000000000003}, 0x18) sendmmsg$unix(r0, 0x0, 0x0, 0x40) 247.134418ms ago: executing program 2 (id=2582): r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) write$UHID_CREATE2(r0, 0x0, 0x138) write$UHID_DESTROY(r0, &(0x7f0000000340), 0x4) 224.955063ms ago: executing program 3 (id=2583): r0 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x0, @rand_addr=0x64010102}]}, &(0x7f0000000100)=0x10) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x7d, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8) 43.093784ms ago: executing program 4 (id=2584): r0 = syz_open_dev$loop(&(0x7f0000000240), 0x7, 0x180862) r1 = syz_open_dev$loop(&(0x7f0000000100), 0xd5d1, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f00000002c0)={r2, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x1, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108590000224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900", [0x0, 0x2000000000001]}}) r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000880)='/sys/kernel/address_bits', 0x40000, 0x2d) ioctl$LOOP_CHANGE_FD(r0, 0x4c06, r3) 42.397193ms ago: executing program 1 (id=2585): semtimedop(0x0, 0x0, 0x0, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x101a00, 0x0) fgetxattr(r1, &(0x7f00000002c0)=@known='security.selinux\x00', 0x0, 0x0) r2 = bpf$MAP_CREATE(0x0, 0x0, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB, @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bf"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10) r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0) write$binfmt_aout(r4, &(0x7f00000001c0)=ANY=[], 0xff2e) ioctl$TCSETS(r4, 0x40045431, &(0x7f0000000dc0)={0x0, 0x4, 0x0, 0x0, 0xfe, "0062ba7d82000000160000000000f738096304"}) r5 = syz_open_pts(r4, 0x80) r6 = dup3(r5, r4, 0x80000) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xffffffffffffff27}, 0x41) prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00') read(r6, &(0x7f00000000c0)=""/226, 0xe2) ioctl$TCSETSW2(r6, 0x402c542c, &(0x7f00000001c0)={0x3, 0x20800006, 0xa, 0xfbffffcf, 0x7, "65bd218c5fe001cafd41f5c2a95eec23bd62f8", 0x5, 0xe}) fsconfig$FSCONFIG_SET_FD(r6, 0x5, &(0x7f00000007c0)='acl', 0x0, r3) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) ioperm(0x0, 0x1, 0x1) 30.049141ms ago: executing program 2 (id=2586): r0 = syz_open_procfs(0x0, &(0x7f00000004c0)='net/rt_acct\x00') r1 = socket(0x18, 0x800, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[@ANYBLOB="0500000004000000080000000b"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000480)='kfree\x00', r3, 0x0, 0x7fffffffffffffff}, 0x18) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) connect$pppoe(r1, &(0x7f0000000100)={0x18, 0x0, {0x2, @multicast, 'vxcan1\x00'}}, 0x1e) sendfile(r1, r0, 0x0, 0x8) 0s ago: executing program 3 (id=2587): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50) r1 = socket(0x2, 0x80805, 0x0) sendmmsg$inet_sctp(r1, &(0x7f00000032c0), 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000080)={{{@in=@broadcast, @in6=@initdev}}, {{@in6=@ipv4={""/10, ""/2, @multicast2}}, 0x0, @in6=@local}}, &(0x7f0000000200)=0xe8) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000020000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r3, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000940)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r4, 0x0, r5, 0x0, 0xf3a, 0x0) splice(0xffffffffffffffff, 0x0, r5, 0x0, 0x80, 0x6) io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0) r6 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r6, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000300)={0x2, 0x9, 0x6, 0x2, 0x2, 0x0, 0x70bd0b, 0x25dfdbff}, 0x10}}, 0x10) kernel console output (not intermixed with test programs): 014: Failed to get K90 initial state (error -71). [ 387.477096][ T5955] usb 2-1: USB disconnect, device number 83 [ 387.731279][T11035] 8021q: adding VLAN 0 to HW filter on device macvlan4 [ 387.753132][ T24] usb 1-1: USB disconnect, device number 66 [ 387.770654][T11034] fido_id[11034]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 387.989171][T11025] vivid-000: ================= START STATUS ================= [ 387.997150][T11025] vivid-000: Test Pattern: 75% Colorbar [ 388.026203][T11041] netlink: 'syz.1.1367': attribute type 1 has an invalid length. [ 388.034070][T11025] vivid-000: Fill Percentage of Frame: 100 [ 388.040856][T11025] vivid-000: Horizontal Movement: No Movement [ 388.048424][T11025] vivid-000: Vertical Movement: No Movement [ 388.056316][T11025] vivid-000: OSD Text Mode: All [ 388.062682][T11025] vivid-000: Show Border: false [ 388.073737][T11025] vivid-000: Show Square: false [ 388.082113][T11025] vivid-000: Sensor Flipped Horizontally: false [ 388.091871][T11025] vivid-000: Sensor Flipped Vertically: false [ 388.093624][T11041] 8021q: adding VLAN 0 to HW filter on device bond2 [ 388.099669][T11025] vivid-000: Insert SAV Code in Image: [ 388.106351][ T5946] usb 3-1: new high-speed USB device number 72 using dummy_hcd [ 388.121457][T11025] false [ 388.129860][T11025] vivid-000: Insert EAV Code in Image: false [ 388.137670][T11025] vivid-000: Insert Video Guard Band: false [ 388.143701][T11025] vivid-000: Reduced Framerate: false [ 388.149287][T11025] vivid-000: HDMI 000-0 Is Connected To: Test Pattern Generator [ 388.160585][T11025] vivid-000: S-Video 000-0 Is Connected To: Test Pattern Generator [ 388.175212][T11025] vivid-000: Enable Capture Cropping: true [ 388.188576][T11025] vivid-000: Enable Capture Composing: false [ 388.197501][T11025] vivid-000: Enable Capture Scaler: true [ 388.205276][T11025] vivid-000: Timestamp Source: End of Frame [ 388.214320][T11025] vivid-000: Colorspace: SMPTE 170M [ 388.226471][T11025] vivid-000: Transfer Function: Default [ 388.234200][T11025] vivid-000: Y'CbCr Encoding: Default [ 388.245541][T11025] vivid-000: HSV Encoding: Hue 0-179 [ 388.252204][T11025] vivid-000: Quantization: Default [ 388.259302][T11025] vivid-000: Apply Alpha To Red Only: false [ 388.266979][T11025] vivid-000: Standard Aspect Ratio: 4x3 [ 388.276138][T11025] vivid-000: DV Timings Signal Mode: Current DV Timings inactive [ 388.287634][T11025] vivid-000: DV Timings: 640x480p59 [ 388.297266][ T5946] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 388.312136][T11025] inactive [ 388.313468][ T5946] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 388.338195][T11025] vivid-000: DV Timings Aspect Ratio: Source Width x Height [ 388.351019][ T5946] usb 3-1: config 0 descriptor?? [ 388.354935][T11025] vivid-000: Maximum EDID Blocks: 2 [ 388.362732][T11025] vivid-000: Limited RGB Range (16-235): false [ 388.371198][T11025] vivid-000: Rx RGB Quantization Range: Automatic [ 388.375043][ T5946] cp210x 3-1:0.0: cp210x converter detected [ 388.389693][T11025] [ 388.396005][T11025] vivid-000: Power Present: 0x00000001 [ 388.406505][T11025] tpg source WxH: 720x576 (R'G'B) [ 388.415475][T11025] tpg field: 4 [ 388.421464][T11025] tpg crop: (0,0)/64x64 [ 388.427660][T11025] tpg compose: (0,0)/16x16 [ 388.433885][T11025] tpg colorspace: 1 [ 388.439363][T11025] tpg transfer function: 0/0 [ 388.446764][T11025] tpg quantization: 0/0 [ 388.452320][T11025] tpg RGB range: 0/2 [ 388.457861][T11025] vivid-000: ================== END STATUS ================== [ 388.625173][T11046] kvm_pr_unimpl_wrmsr: 21 callbacks suppressed [ 388.625193][T11046] kvm: kvm [11045]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xfc0000c9ad [ 388.641289][T11046] kvm: kvm [11045]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0xfc000089ad [ 388.658232][T11046] kvm: kvm [11045]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x470000a5d9 [ 388.684618][T11046] kvm: kvm [11045]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc1) = 0x470000e5d9 [ 388.742230][T11046] kvm: kvm [11045]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xf200004abd [ 388.763827][T11046] kvm: kvm [11045]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0xf200000abd [ 388.776025][T11039] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1366'. [ 388.800452][T11039] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1366'. [ 388.833382][ T5946] usb 3-1: cp210x converter now attached to ttyUSB0 [ 388.866359][T11046] kvm: kvm [11045]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x186) = 0x6600006a6f [ 388.894119][T11046] kvm: kvm [11045]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x186) = 0x6600002a6f [ 388.931354][T11046] kvm_intel: kvm [11045]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x1d9) = 0xd00000aa8d [ 389.021050][T11046] kvm: kvm [11045]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x11e) = 0x5e000023d3 [ 389.041415][T11046] kvm: kvm [11045]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x11e) = 0x5e000063d3 [ 389.054220][ T5955] usb 3-1: USB disconnect, device number 72 [ 389.094931][ T5955] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 389.186345][ T5955] cp210x 3-1:0.0: device disconnected [ 391.022715][T11079] FAULT_INJECTION: forcing a failure. [ 391.022715][T11079] name failslab, interval 1, probability 0, space 0, times 0 [ 391.080052][T11079] CPU: 0 UID: 0 PID: 11079 Comm: syz.4.1375 Not tainted 6.17.0-rc1-syzkaller-00004-g53e760d89498 #0 PREEMPT(full) [ 391.080079][T11079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 391.080090][T11079] Call Trace: [ 391.080097][T11079] [ 391.080105][T11079] dump_stack_lvl+0x189/0x250 [ 391.080217][T11079] ? __pfx____ratelimit+0x10/0x10 [ 391.080242][T11079] ? __pfx_dump_stack_lvl+0x10/0x10 [ 391.080264][T11079] ? __pfx__printk+0x10/0x10 [ 391.080291][T11079] ? __pfx___might_resched+0x10/0x10 [ 391.080311][T11079] should_fail_ex+0x414/0x560 [ 391.080338][T11079] should_failslab+0xa8/0x100 [ 391.080369][T11079] kmem_cache_alloc_node_noprof+0x76/0x3c0 [ 391.080400][T11079] ? __alloc_skb+0x112/0x2d0 [ 391.080429][T11079] __alloc_skb+0x112/0x2d0 [ 391.080459][T11079] netlink_sendmsg+0x5c6/0xb30 [ 391.080494][T11079] ? __pfx_netlink_sendmsg+0x10/0x10 [ 391.080522][T11079] ? aa_sock_msg_perm+0xf1/0x1d0 [ 391.080551][T11079] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 391.080572][T11079] ? __pfx_netlink_sendmsg+0x10/0x10 [ 391.080598][T11079] __sock_sendmsg+0x21c/0x270 [ 391.080623][T11079] ____sys_sendmsg+0x505/0x830 [ 391.080647][T11079] ? __pfx_____sys_sendmsg+0x10/0x10 [ 391.080676][T11079] ? import_iovec+0x74/0xa0 [ 391.080697][T11079] ___sys_sendmsg+0x21f/0x2a0 [ 391.080718][T11079] ? __pfx____sys_sendmsg+0x10/0x10 [ 391.080785][T11079] ? __fget_files+0x2a/0x420 [ 391.080801][T11079] ? __fget_files+0x3a0/0x420 [ 391.080827][T11079] __x64_sys_sendmsg+0x19b/0x260 [ 391.080848][T11079] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 391.080876][T11079] ? __pfx_ksys_write+0x10/0x10 [ 391.080970][T11079] ? rcu_is_watching+0x15/0xb0 [ 391.080994][T11079] ? do_syscall_64+0xbe/0x3b0 [ 391.081022][T11079] do_syscall_64+0xfa/0x3b0 [ 391.081044][T11079] ? lockdep_hardirqs_on+0x9c/0x150 [ 391.081066][T11079] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 391.081084][T11079] ? clear_bhb_loop+0x60/0xb0 [ 391.081110][T11079] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 391.081128][T11079] RIP: 0033:0x7fc19838ebe9 [ 391.081145][T11079] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 391.081170][T11079] RSP: 002b:00007fc19927b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 391.081190][T11079] RAX: ffffffffffffffda RBX: 00007fc1985b5fa0 RCX: 00007fc19838ebe9 [ 391.081204][T11079] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003 [ 391.081217][T11079] RBP: 00007fc19927b090 R08: 0000000000000000 R09: 0000000000000000 [ 391.081228][T11079] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 391.081239][T11079] R13: 00007fc1985b6038 R14: 00007fc1985b5fa0 R15: 00007fc1986dfa28 [ 391.081269][T11079] [ 391.404160][T11082] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1377'. [ 391.422705][T11082] FAULT_INJECTION: forcing a failure. [ 391.422705][T11082] name failslab, interval 1, probability 0, space 0, times 0 [ 391.448915][T11082] CPU: 0 UID: 0 PID: 11082 Comm: syz.2.1377 Not tainted 6.17.0-rc1-syzkaller-00004-g53e760d89498 #0 PREEMPT(full) [ 391.448942][T11082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 391.448953][T11082] Call Trace: [ 391.448961][T11082] [ 391.448968][T11082] dump_stack_lvl+0x189/0x250 [ 391.448994][T11082] ? __pfx____ratelimit+0x10/0x10 [ 391.449017][T11082] ? __pfx_dump_stack_lvl+0x10/0x10 [ 391.449035][T11082] ? __pfx__printk+0x10/0x10 [ 391.449063][T11082] ? __pfx___might_resched+0x10/0x10 [ 391.449078][T11082] ? fs_reclaim_acquire+0x7d/0x100 [ 391.449106][T11082] should_fail_ex+0x414/0x560 [ 391.449130][T11082] should_failslab+0xa8/0x100 [ 391.449165][T11082] kmem_cache_alloc_node_noprof+0x76/0x3c0 [ 391.449188][T11082] ? __alloc_skb+0x112/0x2d0 [ 391.449215][T11082] __alloc_skb+0x112/0x2d0 [ 391.449240][T11082] netlink_ack+0x146/0xa50 [ 391.449260][T11082] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 391.449280][T11082] ? ref_tracker_free+0x63a/0x7d0 [ 391.449302][T11082] ? __asan_memcpy+0x40/0x70 [ 391.449319][T11082] ? __pfx_ref_tracker_free+0x10/0x10 [ 391.449350][T11082] netlink_rcv_skb+0x28c/0x470 [ 391.449374][T11082] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 391.449396][T11082] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 391.449428][T11082] ? netlink_deliver_tap+0x2e/0x1b0 [ 391.449458][T11082] netlink_unicast+0x82c/0x9e0 [ 391.449488][T11082] ? __pfx_netlink_unicast+0x10/0x10 [ 391.449510][T11082] ? netlink_sendmsg+0x642/0xb30 [ 391.449531][T11082] ? skb_put+0x11b/0x210 [ 391.449558][T11082] netlink_sendmsg+0x805/0xb30 [ 391.449587][T11082] ? __pfx_netlink_sendmsg+0x10/0x10 [ 391.449612][T11082] ? aa_sock_msg_perm+0xf1/0x1d0 [ 391.449638][T11082] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 391.449656][T11082] ? __pfx_netlink_sendmsg+0x10/0x10 [ 391.449679][T11082] __sock_sendmsg+0x21c/0x270 [ 391.449706][T11082] ____sys_sendmsg+0x505/0x830 [ 391.449726][T11082] ? __pfx_____sys_sendmsg+0x10/0x10 [ 391.449750][T11082] ? import_iovec+0x74/0xa0 [ 391.449771][T11082] ___sys_sendmsg+0x21f/0x2a0 [ 391.449791][T11082] ? __pfx____sys_sendmsg+0x10/0x10 [ 391.449844][T11082] ? __fget_files+0x2a/0x420 [ 391.449858][T11082] ? __fget_files+0x3a0/0x420 [ 391.449883][T11082] __x64_sys_sendmsg+0x19b/0x260 [ 391.449897][T11082] ? clockevents_program_event+0x24d/0x360 [ 391.449922][T11082] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 391.449957][T11082] ? do_syscall_64+0xbe/0x3b0 [ 391.449984][T11082] do_syscall_64+0xfa/0x3b0 [ 391.450008][T11082] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 391.450025][T11082] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 391.450042][T11082] ? clear_bhb_loop+0x60/0xb0 [ 391.450062][T11082] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 391.450079][T11082] RIP: 0033:0x7fc79538ebe9 [ 391.450097][T11082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 391.450111][T11082] RSP: 002b:00007fc796280038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 391.450131][T11082] RAX: ffffffffffffffda RBX: 00007fc7955b5fa0 RCX: 00007fc79538ebe9 [ 391.450153][T11082] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 000000000000000c [ 391.450164][T11082] RBP: 00007fc796280090 R08: 0000000000000000 R09: 0000000000000000 [ 391.450175][T11082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 391.450185][T11082] R13: 00007fc7955b6038 R14: 00007fc7955b5fa0 R15: 00007fc7956dfa28 [ 391.450212][T11082] [ 391.468245][T11086] netlink: 'syz.1.1378': attribute type 1 has an invalid length. [ 391.898603][T11086] 8021q: adding VLAN 0 to HW filter on device bond3 [ 392.055115][T11093] kvm_intel: kvm [11091]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x1d9) = 0xd00000aa8d [ 392.262906][T11108] vcan0: tx address claim with dest, not broadcast [ 393.501670][T11123] kvm: pic: non byte write [ 393.670016][ T5972] usb 3-1: new high-speed USB device number 73 using dummy_hcd [ 393.747406][ T5946] usb 1-1: new high-speed USB device number 67 using dummy_hcd [ 393.844179][ T5972] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 393.844906][T11131] netlink: 'syz.4.1394': attribute type 1 has an invalid length. [ 393.881865][ T5972] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 393.888114][T11134] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1395'. [ 393.894649][ T5972] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 393.900916][ T5946] usb 1-1: Using ep0 maxpacket: 32 [ 393.902589][ T5946] usb 1-1: config 0 has an invalid interface number: 51 but max is 0 [ 393.921458][ T5972] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41 [ 393.929439][ T5946] usb 1-1: config 0 has no interface number 0 [ 393.948037][ T5946] usb 1-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 393.957750][ T5946] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 393.966465][ T5946] usb 1-1: Product: syz [ 393.978630][ T5946] usb 1-1: Manufacturer: syz [ 393.983783][ T5946] usb 1-1: SerialNumber: syz [ 393.992404][ T5946] usb 1-1: config 0 descriptor?? [ 393.996354][T11131] 8021q: adding VLAN 0 to HW filter on device bond3 [ 394.005450][ T5946] quatech2 1-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 394.015398][ T5972] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11 [ 394.040182][T11134] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1395'. [ 394.095979][ T5972] usb 3-1: Product: syz [ 394.105192][ T5972] usb 3-1: Manufacturer: syz [ 394.139823][ T5972] usb 3-1: SerialNumber: syz [ 394.203839][T11140] vlan2: entered promiscuous mode [ 394.214782][ T5946] usb 1-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 394.249119][ T5946] usb 1-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 394.344016][ T928] usb 4-1: new high-speed USB device number 60 using dummy_hcd [ 394.360809][ T5972] usblp 3-1:1.0: usblp0: USB Unidirectional printer dev 73 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 394.444856][T11144] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1398'. [ 394.457031][T11144] netlink: 'syz.4.1398': attribute type 6 has an invalid length. [ 394.465445][T11144] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1398'. [ 394.536550][ T928] usb 4-1: Using ep0 maxpacket: 16 [ 394.554923][T11148] FAULT_INJECTION: forcing a failure. [ 394.554923][T11148] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 394.571879][ T928] usb 4-1: config 0 has an invalid interface number: 53 but max is 0 [ 394.582339][ T928] usb 4-1: config 0 has no interface number 0 [ 394.591190][T11148] CPU: 0 UID: 0 PID: 11148 Comm: syz.1.1401 Not tainted 6.17.0-rc1-syzkaller-00004-g53e760d89498 #0 PREEMPT(full) [ 394.591216][T11148] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 394.591228][T11148] Call Trace: [ 394.591235][T11148] [ 394.591244][T11148] dump_stack_lvl+0x189/0x250 [ 394.591271][T11148] ? __pfx____ratelimit+0x10/0x10 [ 394.591293][T11148] ? __pfx_dump_stack_lvl+0x10/0x10 [ 394.591315][T11148] ? __pfx__printk+0x10/0x10 [ 394.591339][T11148] ? __might_fault+0xb0/0x130 [ 394.591374][T11148] should_fail_ex+0x414/0x560 [ 394.591402][T11148] _copy_from_iter+0x1db/0x16f0 [ 394.591425][T11148] ? rcu_is_watching+0x15/0xb0 [ 394.591446][T11148] ? kmem_cache_alloc_node_noprof+0x217/0x3c0 [ 394.591471][T11148] ? __pfx__copy_from_iter+0x10/0x10 [ 394.591490][T11148] ? __build_skb_around+0x257/0x3e0 [ 394.591518][T11148] ? netlink_sendmsg+0x642/0xb30 [ 394.591541][T11148] ? skb_put+0x11b/0x210 [ 394.591570][T11148] netlink_sendmsg+0x6b2/0xb30 [ 394.591603][T11148] ? __pfx_netlink_sendmsg+0x10/0x10 [ 394.591631][T11148] ? aa_sock_msg_perm+0xf1/0x1d0 [ 394.591658][T11148] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 394.591678][T11148] ? __pfx_netlink_sendmsg+0x10/0x10 [ 394.591703][T11148] __sock_sendmsg+0x21c/0x270 [ 394.591734][T11148] ____sys_sendmsg+0x505/0x830 [ 394.591759][T11148] ? __pfx_____sys_sendmsg+0x10/0x10 [ 394.591787][T11148] ? import_iovec+0x74/0xa0 [ 394.591809][T11148] ___sys_sendmsg+0x21f/0x2a0 [ 394.591831][T11148] ? __pfx____sys_sendmsg+0x10/0x10 [ 394.591884][T11148] ? __fget_files+0x2a/0x420 [ 394.591900][T11148] ? __fget_files+0x3a0/0x420 [ 394.591927][T11148] __x64_sys_sendmsg+0x19b/0x260 [ 394.591949][T11148] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 394.591976][T11148] ? __pfx_ksys_write+0x10/0x10 [ 394.591997][T11148] ? rcu_is_watching+0x15/0xb0 [ 394.592019][T11148] ? do_syscall_64+0xbe/0x3b0 [ 394.592046][T11148] do_syscall_64+0xfa/0x3b0 [ 394.592068][T11148] ? lockdep_hardirqs_on+0x9c/0x150 [ 394.592090][T11148] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 394.592109][T11148] ? clear_bhb_loop+0x60/0xb0 [ 394.592131][T11148] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 394.592149][T11148] RIP: 0033:0x7f77ec18ebe9 [ 394.592166][T11148] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 394.592181][T11148] RSP: 002b:00007f77ed041038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 394.592201][T11148] RAX: ffffffffffffffda RBX: 00007f77ec3b5fa0 RCX: 00007f77ec18ebe9 [ 394.592215][T11148] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003 [ 394.592227][T11148] RBP: 00007f77ed041090 R08: 0000000000000000 R09: 0000000000000000 [ 394.592239][T11148] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 394.592250][T11148] R13: 00007f77ec3b6038 R14: 00007f77ec3b5fa0 R15: 00007f77ec4dfa28 [ 394.592280][T11148] [ 394.593969][ T928] usb 4-1: New USB device found, idVendor=03fd, idProduct=ebbe, bcdDevice=ed.e2 [ 394.595706][T11124] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1389'. [ 394.621154][T11127] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 394.911186][ T928] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 394.919351][ T928] usb 4-1: Product: syz [ 394.924052][ T928] usb 4-1: Manufacturer: syz [ 394.928741][ T928] usb 4-1: SerialNumber: syz [ 394.937084][ T928] usb 4-1: config 0 descriptor?? [ 394.943151][T11154] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 394.973585][T11127] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 394.978336][T11154] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 395.062349][ C0] usb 1-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 395.062746][ T5972] usb 1-1: USB disconnect, device number 67 [ 395.089620][T11154] netlink: 'syz.2.1389': attribute type 6 has an invalid length. [ 395.112277][ T5972] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 395.145575][ T5972] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 395.157562][ T9] usb 4-1: USB disconnect, device number 60 [ 395.161635][ T5972] quatech2 1-1:0.51: device disconnected [ 395.216316][T11165] loop2: detected capacity change from 0 to 7 [ 395.227903][T11165] Dev loop2: unable to read RDB block 7 [ 395.233740][T11165] loop2: unable to read partition table [ 395.255089][T11165] loop2: partition table beyond EOD, truncated [ 395.274278][T11165] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 395.283743][ T5955] usb 2-1: new high-speed USB device number 84 using dummy_hcd [ 395.459859][ T5955] usb 2-1: Using ep0 maxpacket: 32 [ 395.466600][ T5955] usb 2-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 395.478176][ T5955] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xDB, changing to 0x8B [ 395.489957][ T5955] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 28739, setting to 1024 [ 395.501588][ T5955] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 395.512072][ T5955] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 395.540656][ T5955] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0 [ 395.586689][ T5955] usb 2-1: config 0 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 395.619589][ T5955] usb 2-1: New USB device found, idVendor=2040, idProduct=4901, bcdDevice=47.77 [ 395.635575][ T5955] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 395.646545][ T5955] usb 2-1: Product: syz [ 395.655293][ T5955] usb 2-1: Manufacturer: syz [ 395.660052][ T5955] usb 2-1: SerialNumber: syz [ 395.667634][T11174] vlan2: entered promiscuous mode [ 395.693042][ T5955] usb 2-1: config 0 descriptor?? [ 395.706843][T11162] raw-gadget.5 gadget.1: fail, usb_ep_enable returned -22 [ 395.870659][T11180] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1411'. [ 395.906072][T11183] FAULT_INJECTION: forcing a failure. [ 395.906072][T11183] name failslab, interval 1, probability 0, space 0, times 0 [ 395.930676][T11183] CPU: 0 UID: 0 PID: 11183 Comm: syz.4.1412 Not tainted 6.17.0-rc1-syzkaller-00004-g53e760d89498 #0 PREEMPT(full) [ 395.930704][T11183] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 395.930716][T11183] Call Trace: [ 395.930723][T11183] [ 395.930732][T11183] dump_stack_lvl+0x189/0x250 [ 395.930764][T11183] ? __pfx____ratelimit+0x10/0x10 [ 395.930789][T11183] ? __pfx_dump_stack_lvl+0x10/0x10 [ 395.930809][T11183] ? __pfx__printk+0x10/0x10 [ 395.930835][T11183] ? __lock_acquire+0xab9/0xd20 [ 395.930869][T11183] should_fail_ex+0x414/0x560 [ 395.930896][T11183] should_failslab+0xa8/0x100 [ 395.930922][T11183] kmem_cache_alloc_noprof+0x73/0x3c0 [ 395.930944][T11183] ? skb_clone+0x212/0x3a0 [ 395.930967][T11183] skb_clone+0x212/0x3a0 [ 395.930990][T11183] __netlink_deliver_tap+0x404/0x850 [ 395.931028][T11183] ? netlink_deliver_tap+0x2e/0x1b0 [ 395.931053][T11183] netlink_deliver_tap+0x19c/0x1b0 [ 395.931078][T11183] netlink_unicast+0x7fa/0x9e0 [ 395.931107][T11183] ? __pfx_netlink_unicast+0x10/0x10 [ 395.931131][T11183] ? netlink_sendmsg+0x642/0xb30 [ 395.931152][T11183] ? skb_put+0x11b/0x210 [ 395.931178][T11183] netlink_sendmsg+0x805/0xb30 [ 395.931209][T11183] ? __pfx_netlink_sendmsg+0x10/0x10 [ 395.931235][T11183] ? aa_sock_msg_perm+0xf1/0x1d0 [ 395.931263][T11183] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 395.931281][T11183] ? __pfx_netlink_sendmsg+0x10/0x10 [ 395.931306][T11183] __sock_sendmsg+0x21c/0x270 [ 395.931331][T11183] ____sys_sendmsg+0x505/0x830 [ 395.931355][T11183] ? __pfx_____sys_sendmsg+0x10/0x10 [ 395.931381][T11183] ? import_iovec+0x74/0xa0 [ 395.931405][T11183] ___sys_sendmsg+0x21f/0x2a0 [ 395.931425][T11183] ? __pfx____sys_sendmsg+0x10/0x10 [ 395.931478][T11183] ? __fget_files+0x2a/0x420 [ 395.931492][T11183] ? __fget_files+0x3a0/0x420 [ 395.931518][T11183] __x64_sys_sendmsg+0x19b/0x260 [ 395.931540][T11183] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 395.931567][T11183] ? __pfx_ksys_write+0x10/0x10 [ 395.931587][T11183] ? rcu_is_watching+0x15/0xb0 [ 395.931607][T11183] ? do_syscall_64+0xbe/0x3b0 [ 395.931644][T11183] do_syscall_64+0xfa/0x3b0 [ 395.931664][T11183] ? lockdep_hardirqs_on+0x9c/0x150 [ 395.931686][T11183] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 395.931705][T11183] ? clear_bhb_loop+0x60/0xb0 [ 395.931727][T11183] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 395.931746][T11183] RIP: 0033:0x7fc19838ebe9 [ 395.931764][T11183] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 395.931780][T11183] RSP: 002b:00007fc19927b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 395.931799][T11183] RAX: ffffffffffffffda RBX: 00007fc1985b5fa0 RCX: 00007fc19838ebe9 [ 395.931814][T11183] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003 [ 395.931825][T11183] RBP: 00007fc19927b090 R08: 0000000000000000 R09: 0000000000000000 [ 395.931837][T11183] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 395.931848][T11183] R13: 00007fc1985b6038 R14: 00007fc1985b5fa0 R15: 00007fc1986dfa28 [ 395.931879][T11183] [ 396.269591][T11186] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 396.279058][T11186] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 396.292827][T11162] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1404'. [ 396.312156][T11162] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1404'. [ 396.416615][ T5955] hdpvr 2-1:0.0: unexpected answer of status request, len -71 [ 396.428697][ T24] usb 3-1: USB disconnect, device number 73 [ 396.441759][ T24] usblp0: removed [ 396.451306][ T928] usb 1-1: new high-speed USB device number 68 using dummy_hcd [ 396.451996][ T5955] hdpvr 2-1:0.0: device init failed [ 396.512965][ T5955] hdpvr 2-1:0.0: probe with driver hdpvr failed with error -12 [ 396.595206][ T5955] usb 2-1: USB disconnect, device number 84 [ 396.615767][ T928] usb 1-1: Using ep0 maxpacket: 16 [ 396.623599][ T928] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 396.635166][ T9] usb 4-1: new high-speed USB device number 61 using dummy_hcd [ 396.666692][T11195] loop3: detected capacity change from 0 to 1 [ 396.668222][ T928] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 396.680132][ T6043] Dev loop3: unable to read RDB block 1 [ 396.683207][ T928] usb 1-1: New USB device found, idVendor=0543, idProduct=e621, bcdDevice= 0.00 [ 396.702487][ T928] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 396.711042][ T6043] loop3: AHDI p2 p3 [ 396.713457][ T928] usb 1-1: config 0 descriptor?? [ 396.720696][ T6043] loop3: partition table partially beyond EOD, truncated [ 396.740527][ T6043] loop3: p2 size 33554432 extends beyond EOD, truncated [ 396.793770][T11195] Dev loop3: unable to read RDB block 1 [ 396.801333][T11195] loop3: AHDI p2 p3 [ 396.807244][T11195] loop3: partition table partially beyond EOD, truncated [ 396.816198][T11195] loop3: p2 size 33554432 extends beyond EOD, truncated [ 396.842942][ T9] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 396.858484][ T9] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 396.869551][ T9] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 396.931538][ T6043] udevd[6043]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory [ 396.937006][ T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 396.977064][T11190] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22 [ 396.980569][ T6043] udevd[6043]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory [ 397.031068][ T9] usb 4-1: Quirk or no altset; falling back to MIDI 1.0 [ 397.246920][ T928] viewsonic 0003:0543:E621.0015: hidraw0: USB HID v0.00 Device [HID 0543:e621] on usb-dummy_hcd.0-1/input0 [ 397.267146][ T9] usb 4-1: USB disconnect, device number 61 [ 397.425894][ T928] usb 1-1: USB disconnect, device number 68 [ 397.723830][T11217] vlan2: entered promiscuous mode [ 397.802105][T11214] fido_id[11214]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory [ 397.915616][ T5953] usb 5-1: new high-speed USB device number 82 using dummy_hcd [ 398.102010][ T5953] usb 5-1: config 0 has no interfaces? [ 398.119669][ T5953] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 398.182400][ T5953] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 398.243700][T11231] FAULT_INJECTION: forcing a failure. [ 398.243700][T11231] name failslab, interval 1, probability 0, space 0, times 0 [ 398.262202][ T5953] usb 5-1: config 0 descriptor?? [ 398.267691][T11231] CPU: 1 UID: 0 PID: 11231 Comm: syz.0.1426 Not tainted 6.17.0-rc1-syzkaller-00004-g53e760d89498 #0 PREEMPT(full) [ 398.267718][T11231] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 398.267729][T11231] Call Trace: [ 398.267738][T11231] [ 398.267747][T11231] dump_stack_lvl+0x189/0x250 [ 398.267773][T11231] ? __pfx____ratelimit+0x10/0x10 [ 398.267797][T11231] ? __pfx_dump_stack_lvl+0x10/0x10 [ 398.267818][T11231] ? __pfx__printk+0x10/0x10 [ 398.267848][T11231] ? __pfx___might_resched+0x10/0x10 [ 398.267865][T11231] ? fs_reclaim_acquire+0x7d/0x100 [ 398.267893][T11231] should_fail_ex+0x414/0x560 [ 398.267923][T11231] should_failslab+0xa8/0x100 [ 398.267949][T11231] kmem_cache_alloc_node_noprof+0x76/0x3c0 [ 398.267974][T11231] ? __alloc_skb+0x112/0x2d0 [ 398.268001][T11231] __alloc_skb+0x112/0x2d0 [ 398.268031][T11231] netlink_ack+0x146/0xa50 [ 398.268053][T11231] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 398.268076][T11231] ? ref_tracker_free+0x63a/0x7d0 [ 398.268109][T11231] ? __asan_memcpy+0x40/0x70 [ 398.268129][T11231] ? __pfx_ref_tracker_free+0x10/0x10 [ 398.268162][T11231] netlink_rcv_skb+0x28c/0x470 [ 398.268187][T11231] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 398.268213][T11231] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 398.268249][T11231] ? netlink_deliver_tap+0x2e/0x1b0 [ 398.268289][T11231] netlink_unicast+0x82c/0x9e0 [ 398.268320][T11231] ? __pfx_netlink_unicast+0x10/0x10 [ 398.268343][T11231] ? netlink_sendmsg+0x642/0xb30 [ 398.268365][T11231] ? skb_put+0x11b/0x210 [ 398.268394][T11231] netlink_sendmsg+0x805/0xb30 [ 398.268427][T11231] ? __pfx_netlink_sendmsg+0x10/0x10 [ 398.268455][T11231] ? aa_sock_msg_perm+0xf1/0x1d0 [ 398.268483][T11231] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 398.268503][T11231] ? __pfx_netlink_sendmsg+0x10/0x10 [ 398.268528][T11231] __sock_sendmsg+0x21c/0x270 [ 398.268553][T11231] ____sys_sendmsg+0x505/0x830 [ 398.268575][T11231] ? __pfx_____sys_sendmsg+0x10/0x10 [ 398.268602][T11231] ? import_iovec+0x74/0xa0 [ 398.268624][T11231] ___sys_sendmsg+0x21f/0x2a0 [ 398.268642][T11231] ? __pfx____sys_sendmsg+0x10/0x10 [ 398.268692][T11231] ? __fget_files+0x2a/0x420 [ 398.268706][T11231] ? __fget_files+0x3a0/0x420 [ 398.268730][T11231] __x64_sys_sendmsg+0x19b/0x260 [ 398.268751][T11231] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 398.268777][T11231] ? __pfx_ksys_write+0x10/0x10 [ 398.268797][T11231] ? rcu_is_watching+0x15/0xb0 [ 398.268819][T11231] ? do_syscall_64+0xbe/0x3b0 [ 398.268845][T11231] do_syscall_64+0xfa/0x3b0 [ 398.268866][T11231] ? lockdep_hardirqs_on+0x9c/0x150 [ 398.268887][T11231] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 398.268906][T11231] ? clear_bhb_loop+0x60/0xb0 [ 398.268927][T11231] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 398.268945][T11231] RIP: 0033:0x7fd2cfd8ebe9 [ 398.268961][T11231] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 398.268977][T11231] RSP: 002b:00007fd2d0cdc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 398.268997][T11231] RAX: ffffffffffffffda RBX: 00007fd2cffb5fa0 RCX: 00007fd2cfd8ebe9 [ 398.269011][T11231] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003 [ 398.269023][T11231] RBP: 00007fd2d0cdc090 R08: 0000000000000000 R09: 0000000000000000 [ 398.269035][T11231] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 398.269046][T11231] R13: 00007fd2cffb6038 R14: 00007fd2cffb5fa0 R15: 00007fd2d00dfa28 [ 398.269075][T11231] [ 398.362227][ T30] audit: type=1326 audit(1755029694.497:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11232 comm="syz.2.1427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc79538ebe9 code=0x7ffc0000 [ 398.367330][ C1] vkms_vblank_simulate: vblank timer overrun [ 398.372563][ T30] audit: type=1326 audit(1755029694.497:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11232 comm="syz.2.1427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc79538ebe9 code=0x7ffc0000 [ 398.674684][ T30] audit: type=1326 audit(1755029694.497:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11232 comm="syz.2.1427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=448 compat=0 ip=0x7fc79538ebe9 code=0x7ffc0000 [ 398.697530][ T30] audit: type=1326 audit(1755029694.497:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11232 comm="syz.2.1427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc79538ebe9 code=0x7ffc0000 [ 398.787731][ T30] audit: type=1326 audit(1755029694.497:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11232 comm="syz.2.1427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc79538ebe9 code=0x7ffc0000 [ 398.816300][ T30] audit: type=1326 audit(1755029694.897:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11235 comm="syz.2.1428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc79538ebe9 code=0x7ffc0000 [ 398.912854][ T30] audit: type=1326 audit(1755029694.897:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11235 comm="syz.2.1428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc79538ebe9 code=0x7ffc0000 [ 398.935428][ C1] vkms_vblank_simulate: vblank timer overrun [ 399.029044][ T30] audit: type=1326 audit(1755029694.907:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11235 comm="syz.2.1428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc79538ebe9 code=0x7ffc0000 [ 399.052600][ C1] vkms_vblank_simulate: vblank timer overrun [ 399.080998][ T30] audit: type=1326 audit(1755029694.907:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11235 comm="syz.2.1428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc79538ebe9 code=0x7ffc0000 [ 399.103559][ C1] vkms_vblank_simulate: vblank timer overrun [ 399.113107][ T30] audit: type=1326 audit(1755029694.907:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11235 comm="syz.2.1428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc79538ebe9 code=0x7ffc0000 [ 399.136191][ C1] vkms_vblank_simulate: vblank timer overrun [ 399.152273][T11250] random: crng reseeded on system resumption [ 401.285607][ T5953] usb 5-1: USB disconnect, device number 82 [ 401.535963][T11272] bridge0: port 2(bridge_slave_1) entered blocking state [ 401.543314][T11272] bridge0: port 2(bridge_slave_1) entered listening state [ 401.550938][T11272] bridge0: port 1(bridge_slave_0) entered blocking state [ 401.559534][T11272] bridge0: port 1(bridge_slave_0) entered listening state [ 401.622828][T11272] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 401.761666][ T5953] usb 5-1: new high-speed USB device number 83 using dummy_hcd [ 401.889821][ T9] usb 2-1: new high-speed USB device number 85 using dummy_hcd [ 401.921614][ T5953] usb 5-1: Using ep0 maxpacket: 8 [ 401.934089][ T5953] usb 5-1: unable to get BOS descriptor or descriptor too short [ 401.952459][ T5953] usb 5-1: config 17 has an invalid interface number: 8 but max is 1 [ 401.966418][ T5953] usb 5-1: config 17 has an invalid descriptor of length 55, skipping remainder of the config [ 402.003919][ T5953] usb 5-1: config 17 has 1 interface, different from the descriptor's value: 2 [ 402.036302][ T5953] usb 5-1: config 17 has no interface number 0 [ 402.045141][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 402.066516][ T5953] usb 5-1: config 17 interface 8 altsetting 6 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 402.080922][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 402.104427][ T9] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 402.114893][ T5953] usb 5-1: config 17 interface 8 has no altsetting 0 [ 402.123788][ T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 402.126539][ T5953] usb 5-1: New USB device found, idVendor=0763, idProduct=2001, bcdDevice=2c.ff [ 402.146412][ T9] usb 2-1: config 0 descriptor?? [ 402.154098][ T5953] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 402.154127][ T5953] usb 5-1: Product: syz [ 402.154142][ T5953] usb 5-1: Manufacturer: syz [ 402.154157][ T5953] usb 5-1: SerialNumber: syz [ 402.380428][ T5953] usb 5-1: selecting invalid altsetting 0 [ 402.423272][ T5953] usb 5-1: USB disconnect, device number 83 [ 402.491243][ T6043] udevd[6043]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:17.8/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 402.682577][T11292] hub 8-0:1.0: USB hub found [ 402.690979][T11292] hub 8-0:1.0: 1 port detected [ 402.762458][ T9] usb 2-1: language id specifier not provided by device, defaulting to English [ 403.176977][ T9] input: HID 256c:006d as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:256C:006D.0016/input/input33 [ 403.298389][ T9] input: HID 256c:006d as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:256C:006D.0016/input/input34 [ 403.373264][ T9] input: HID 256c:006d Touch Strip as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:256C:006D.0016/input/input35 [ 403.465912][ T9] input: HID 256c:006d Dial as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:256C:006D.0016/input/input36 [ 403.592174][ T9] uclogic 0003:256C:006D.0016: input,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.1-1/input0 [ 403.695427][ T9] usb 2-1: USB disconnect, device number 85 [ 403.792234][T11320] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (148514 ns). Using initial count to start timer. [ 403.890427][ T30] kauditd_printk_skb: 25 callbacks suppressed [ 403.890446][ T30] audit: type=1326 audit(1755029700.027:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11324 comm="syz.3.1463" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3b8758ebe9 code=0x0 [ 403.933549][T11319] fido_id[11319]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/2-1/report_descriptor': No such file or directory [ 404.459810][ T30] audit: type=1326 audit(1755029700.597:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11334 comm="syz.0.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2cfd8ebe9 code=0x7ffc0000 [ 404.525871][ T30] audit: type=1326 audit(1755029700.597:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11334 comm="syz.0.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2cfd8ebe9 code=0x7ffc0000 [ 404.557114][ T30] audit: type=1326 audit(1755029700.597:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11334 comm="syz.0.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd2cfd8ebe9 code=0x7ffc0000 [ 404.652498][ T30] audit: type=1326 audit(1755029700.597:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11334 comm="syz.0.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2cfd8ebe9 code=0x7ffc0000 [ 404.739855][ T30] audit: type=1326 audit(1755029700.597:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11334 comm="syz.0.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2cfd8ebe9 code=0x7ffc0000 [ 404.849854][ T30] audit: type=1326 audit(1755029700.597:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11334 comm="syz.0.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd2cfd8ebe9 code=0x7ffc0000 [ 404.919854][ T30] audit: type=1326 audit(1755029700.597:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11334 comm="syz.0.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2cfd8ebe9 code=0x7ffc0000 [ 404.993484][ T30] audit: type=1326 audit(1755029700.597:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11334 comm="syz.0.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2cfd8ebe9 code=0x7ffc0000 [ 405.056969][T11345] binder: 11344:11345 unknown command 0 [ 405.069887][T11345] binder: 11344:11345 ioctl c0306201 200000000080 returned -22 [ 405.069934][ T30] audit: type=1326 audit(1755029700.597:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11334 comm="syz.0.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd2cfd8ebe9 code=0x7ffc0000 [ 406.190282][ T9] usb 1-1: new full-speed USB device number 69 using dummy_hcd [ 406.361834][ T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 406.420390][ T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 406.468228][ T9] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 406.501080][ T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 406.530737][ T9] usb 1-1: config 0 descriptor?? [ 406.552607][ T9] hub 1-1:0.0: USB hub found [ 406.740297][ T5972] usb 3-1: new low-speed USB device number 74 using dummy_hcd [ 406.754284][ T9] hub 1-1:0.0: 1 port detected [ 406.901911][ T5972] usb 3-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 406.914647][ T5972] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 406.950759][ T5972] usb 3-1: config 0 descriptor?? [ 407.167834][ T9] usb 1-1: USB disconnect, device number 69 [ 408.665654][ T5972] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 408.681490][ T5972] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to write Medium Mode mode to 0x0306: ffffffb9 [ 408.729040][ T5972] asix 3-1:0.0: probe with driver asix failed with error -71 [ 408.768758][ T5972] usb 3-1: USB disconnect, device number 74 [ 409.490391][ T5953] usb 4-1: new high-speed USB device number 62 using dummy_hcd [ 409.651602][ T5953] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 409.672206][ T5953] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 409.701511][ T5953] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 409.722829][ T5953] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 409.746603][T11420] netlink: 264 bytes leftover after parsing attributes in process `syz.4.1492'. [ 409.788078][ T5953] usb 4-1: config 0 descriptor?? [ 409.954000][T11421] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1489'. [ 410.384873][ T928] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 410.428009][ T5953] usb 4-1: language id specifier not provided by device, defaulting to English [ 410.458529][ T928] hid-generic 0000:0000:0000.0018: hidraw0: HID v0.00 Device [syz1] on syz0 [ 410.853389][ T30] kauditd_printk_skb: 21 callbacks suppressed [ 410.853406][ T30] audit: type=1326 audit(1755029706.997:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11425 comm="syz.4.1498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 410.900141][ T30] audit: type=1326 audit(1755029706.997:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11425 comm="syz.4.1498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 410.939863][ T30] audit: type=1326 audit(1755029707.037:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11425 comm="syz.4.1498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 411.017284][ T30] audit: type=1326 audit(1755029707.037:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11425 comm="syz.4.1498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 411.056802][ T5953] input: HID 256c:006d as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.0017/input/input37 [ 411.094552][ T30] audit: type=1326 audit(1755029707.037:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11425 comm="syz.4.1498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 411.130920][ T5953] input: HID 256c:006d as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.0017/input/input38 [ 411.152732][ T30] audit: type=1326 audit(1755029707.047:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11425 comm="syz.4.1498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 411.216207][ T5953] uclogic 0003:256C:006D.0017: input,hidraw1: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.3-1/input0 [ 411.246780][ T30] audit: type=1326 audit(1755029707.047:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11425 comm="syz.4.1498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 411.314697][ T5953] usb 4-1: USB disconnect, device number 62 [ 411.339807][ T30] audit: type=1326 audit(1755029707.047:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11425 comm="syz.4.1498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 411.437949][ T30] audit: type=1326 audit(1755029707.067:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11425 comm="syz.4.1498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 411.482041][T11434] fido_id[11434]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/4-1/report_descriptor': No such file or directory [ 411.508544][ T30] audit: type=1326 audit(1755029707.067:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11425 comm="syz.4.1498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 412.509834][ T5953] usb 4-1: new high-speed USB device number 63 using dummy_hcd [ 412.532529][T11445] netlink: 'syz.4.1503': attribute type 27 has an invalid length. [ 412.595291][T11445] ip6erspan0: left promiscuous mode [ 412.609652][ T3562] netdevsim netdevsim4 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 412.635798][ T3562] netdevsim netdevsim4 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 412.658085][ T7642] netdevsim netdevsim4 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 412.671824][ T5953] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 412.680441][ T7642] netdevsim netdevsim4 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 412.682332][ T5953] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 412.752811][ T5953] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 412.769801][ T5953] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 412.788147][ T5953] usb 4-1: SerialNumber: syz [ 413.024044][ T5953] usb 4-1: 0:2 : does not exist [ 413.029017][ T5953] usb 4-1: unit 5: unexpected type 0x0c [ 413.096633][ T5953] usb 4-1: USB disconnect, device number 63 [ 413.152274][ T6043] udevd[6043]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 413.457846][T11461] binder: 11460:11461 unknown command 0 [ 413.473579][T11461] binder: 11460:11461 ioctl c0306201 200000000080 returned -22 [ 413.899826][ T5953] usb 4-1: new high-speed USB device number 64 using dummy_hcd [ 414.050505][ T5953] usb 4-1: Using ep0 maxpacket: 16 [ 414.062259][ T5953] usb 4-1: New USB device found, idVendor=067b, idProduct=aaa8, bcdDevice=c3.0c [ 414.083589][ T5953] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 414.093268][ T5953] usb 4-1: Product: syz [ 414.097674][ T5953] usb 4-1: Manufacturer: syz [ 414.102563][ T5953] usb 4-1: SerialNumber: syz [ 414.118190][ T5953] usb 4-1: config 0 descriptor?? [ 414.123454][ T928] usb 1-1: new high-speed USB device number 70 using dummy_hcd [ 414.140685][ T5953] pl2303 4-1:0.0: required endpoints missing [ 414.295871][ T928] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 414.385364][ T5972] usb 4-1: USB disconnect, device number 64 [ 414.547522][ T928] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 414.557479][ T928] usb 1-1: New USB device found, idVendor=1d34, idProduct=0004, bcdDevice= 0.00 [ 414.567629][ T928] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 414.600984][ T928] usb 1-1: config 0 descriptor?? [ 414.665185][T11492] ip6gretap1: entered allmulticast mode [ 415.019504][ T928] hid-led 0003:1D34:0004.0019: item fetching failed at offset 3/5 [ 415.043850][ T928] hid-led 0003:1D34:0004.0019: probe with driver hid-led failed with error -22 [ 415.228025][ T928] usb 1-1: USB disconnect, device number 70 [ 417.101401][T11538] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 417.144837][T11538] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 417.170884][T11538] kvm: requested 12571 ns i8254 timer period limited to 200000 ns [ 417.209581][T11538] kvm: requested 12571 ns i8254 timer period limited to 200000 ns [ 417.230123][T11538] kvm: requested 85485 ns i8254 timer period limited to 200000 ns [ 417.268653][T11538] kvm: requested 93028 ns i8254 timer period limited to 200000 ns [ 417.297042][T11538] kvm: requested 7542 ns i8254 timer period limited to 200000 ns [ 417.330211][T11538] kvm: requested 10057 ns i8254 timer period limited to 200000 ns [ 417.342879][T11538] kvm: requested 155047 ns i8254 timer period limited to 200000 ns [ 417.369896][T11538] kvm: requested 160914 ns i8254 timer period limited to 200000 ns [ 417.556203][T11544] binder: 11542:11544 ioctl c0306201 0 returned -14 [ 417.896224][T11553] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1544'. [ 417.936311][T11553] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1544'. [ 417.985364][T11553] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1544'. [ 420.160847][T11604] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1561'. [ 420.410031][ T5955] usb 3-1: new high-speed USB device number 75 using dummy_hcd [ 420.573035][ T5955] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 420.603798][ T5955] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 420.633592][ T5955] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 420.662072][ T5955] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 420.684337][ T5955] usb 3-1: SerialNumber: syz [ 420.926383][ T5955] usb 3-1: 0:2 : does not exist [ 421.003585][ T5955] usb 3-1: USB disconnect, device number 75 [ 421.063214][ T6043] udevd[6043]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 421.332160][ T5972] usb 1-1: new high-speed USB device number 71 using dummy_hcd [ 421.447287][ T30] kauditd_printk_skb: 31 callbacks suppressed [ 421.447307][ T30] audit: type=1326 audit(1755029717.587:377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11640 comm="syz.4.1577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 421.477532][ T30] audit: type=1326 audit(1755029717.617:378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11640 comm="syz.4.1577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 421.505479][ T5972] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 421.517660][ T5972] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 421.528857][ T5972] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 421.538761][ T30] audit: type=1326 audit(1755029717.647:379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11640 comm="syz.4.1577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 421.563584][ T5972] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 421.576520][ T5972] usb 1-1: config 0 descriptor?? [ 421.582358][ T30] audit: type=1326 audit(1755029717.647:380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11640 comm="syz.4.1577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 421.649931][ T30] audit: type=1326 audit(1755029717.647:381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11640 comm="syz.4.1577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 421.686777][ T30] audit: type=1326 audit(1755029717.647:382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11640 comm="syz.4.1577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 421.712276][ T30] audit: type=1326 audit(1755029717.647:383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11640 comm="syz.4.1577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 421.736260][ T30] audit: type=1326 audit(1755029717.647:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11640 comm="syz.4.1577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 421.758962][ T30] audit: type=1326 audit(1755029717.647:385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11640 comm="syz.4.1577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 421.819428][ T30] audit: type=1326 audit(1755029717.647:386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11640 comm="syz.4.1577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 422.221087][ T5972] usb 1-1: language id specifier not provided by device, defaulting to English [ 422.499646][T11666] usb usb8: usbfs: process 11666 (syz.4.1588) did not claim interface 0 before use [ 422.509431][ T9] usb 2-1: new high-speed USB device number 86 using dummy_hcd [ 422.669908][ T9] usb 2-1: Using ep0 maxpacket: 32 [ 422.691159][ T9] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 422.703985][ T9] usb 2-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 422.719760][ T9] usb 2-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 422.727961][ T9] usb 2-1: Product: syz [ 422.732249][ T9] usb 2-1: Manufacturer: syz [ 422.736862][ T9] usb 2-1: SerialNumber: syz [ 422.745229][ T9] usb 2-1: config 0 descriptor?? [ 422.753385][T11659] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 422.765964][ T9] hub 2-1:0.0: bad descriptor, ignoring hub [ 422.772084][ T9] hub 2-1:0.0: probe with driver hub failed with error -5 [ 422.833693][ T5972] input: HID 256c:006d as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:256C:006D.001A/input/input40 [ 422.973709][ T5972] uclogic 0003:256C:006D.001A: input,hidraw0: USB HID v0.00 Device [HID 256c:006d] on usb-dummy_hcd.0-1/input0 [ 423.032784][ T5972] usb 1-1: USB disconnect, device number 71 [ 423.112414][T11671] fido_id[11671]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/1-1/report_descriptor': No such file or directory [ 423.437769][T11681] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer. [ 423.644088][T11691] fuse: Unknown parameter '0x0000000000000005' [ 423.699892][T11659] usb 2-1: reset high-speed USB device number 86 using dummy_hcd [ 423.887429][T11672] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 424.147532][T11672] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 424.179032][T11672] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 424.693446][T11672] raw-gadget.0 gadget.1: failed to queue suspend event [ 424.705677][T11672] raw-gadget.0 gadget.1: failed to queue disconnect event [ 424.721772][ T928] usb 2-1: USB disconnect, device number 86 [ 426.294125][T11727] 8021q: adding VLAN 0 to HW filter on device team0 [ 426.305253][T11727] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 427.428511][ T24] usb 3-1: new high-speed USB device number 76 using dummy_hcd [ 427.880031][ T24] usb 3-1: Using ep0 maxpacket: 8 [ 427.892749][ T24] usb 3-1: config 179 has an invalid interface number: 65 but max is 0 [ 427.909366][ T24] usb 3-1: config 179 has no interface number 0 [ 427.926213][ T24] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 427.985667][ T24] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 428.028882][ T24] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 428.065326][ T24] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 428.117625][ T24] usb 3-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 428.140188][ T24] usb 3-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 428.158532][ T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 428.168471][T11755] binder: 11754:11755 ioctl c018620c 0 returned -14 [ 428.190426][T11747] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 428.415921][ T30] kauditd_printk_skb: 242 callbacks suppressed [ 428.415935][ T30] audit: type=1326 audit(1755029724.557:629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11759 comm="syz.0.1623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2cfd8ebe9 code=0x7ffc0000 [ 428.528972][ T30] audit: type=1326 audit(1755029724.587:630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11759 comm="syz.0.1623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=429 compat=0 ip=0x7fd2cfd8ebe9 code=0x7ffc0000 [ 428.596499][ T30] audit: type=1326 audit(1755029724.587:631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11759 comm="syz.0.1623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2cfd8ebe9 code=0x7ffc0000 [ 428.651971][T11747] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 428.670695][T11747] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 429.078435][T11777] tipc: Enabling of bearer rejected, failed to enable media [ 429.106649][ T30] audit: type=1326 audit(1755029725.247:632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11753 comm="syz.4.1620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 429.166799][ T5953] usb 2-1: new high-speed USB device number 87 using dummy_hcd [ 429.180150][ T5873] usb 4-1: new low-speed USB device number 65 using dummy_hcd [ 429.289502][ T30] audit: type=1326 audit(1755029725.247:633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11753 comm="syz.4.1620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 429.320462][ T30] audit: type=1326 audit(1755029725.287:634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11753 comm="syz.4.1620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 429.343654][ T30] audit: type=1326 audit(1755029725.287:635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11753 comm="syz.4.1620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 429.367155][ T30] audit: type=1326 audit(1755029725.287:636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11753 comm="syz.4.1620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 429.372661][ T5873] usb 4-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 429.431784][ T5873] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 429.456661][ T5953] usb 2-1: config 0 has an invalid interface number: 157 but max is 1 [ 429.462863][ T5873] usb 4-1: config 0 descriptor?? [ 429.465261][ T5953] usb 2-1: config 0 has no interface number 1 [ 429.501697][T11781] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1626'. [ 429.507419][ T5953] usb 2-1: config 0 interface 157 has no altsetting 0 [ 429.549891][ T5953] usb 2-1: config 0 interface 0 has no altsetting 0 [ 429.561423][ C1] xpad 3-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 429.569774][ C1] xpad 3-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 429.570206][ T5953] usb 2-1: New USB device found, idVendor=0403, idProduct=a5ae, bcdDevice=d1.8d [ 429.579314][ T5972] usb 3-1: USB disconnect, device number 76 [ 429.659878][ T5953] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 429.672374][ T5953] usb 2-1: config 0 descriptor?? [ 429.895481][ T5953] usb 2-1: string descriptor 0 read error: -71 [ 429.910874][ T5953] ftdi_sio 2-1:0.157: FTDI USB Serial Device converter detected [ 429.945857][ T5953] ftdi_sio ttyUSB0: unknown device type: 0xd18d [ 429.972228][ T5953] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected [ 430.001525][ T5953] ftdi_sio ttyUSB1: unknown device type: 0xd18d [ 430.022851][ T5953] usb 2-1: USB disconnect, device number 87 [ 430.070231][ T5953] ftdi_sio 2-1:0.157: device disconnected [ 430.095377][ T5953] ftdi_sio 2-1:0.0: device disconnected [ 430.503463][T11801] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1638'. [ 430.799969][ T30] audit: type=1326 audit(1755029726.927:637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11815 comm="syz.1.1643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77ec18ebe9 code=0x7ffc0000 [ 430.877302][ T30] audit: type=1326 audit(1755029726.937:638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11815 comm="syz.1.1643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77ec18ebe9 code=0x7ffc0000 [ 430.893029][ T5873] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 431.009877][ T5873] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9 [ 431.030970][ T5873] asix 4-1:0.0: probe with driver asix failed with error -71 [ 431.054214][ T5873] usb 4-1: USB disconnect, device number 65 [ 431.789965][ T5953] usb 3-1: new high-speed USB device number 77 using dummy_hcd [ 431.840735][ C1] bridge0: port 1(bridge_slave_0) entered learning state [ 431.849554][ C1] bridge0: port 2(bridge_slave_1) entered learning state [ 432.355465][ T5953] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 432.396398][ T5953] usb 3-1: config 1 has no interface number 1 [ 432.417517][ T5953] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 432.462818][ T5953] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 432.472481][ T5953] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 432.489833][ T5953] usb 3-1: Product: syz [ 432.494477][ T5953] usb 3-1: Manufacturer: syz [ 432.499123][ T5953] usb 3-1: SerialNumber: syz [ 432.751218][ T5953] usb 3-1: 2:1 : invalid UAC_FORMAT_TYPE desc [ 432.819165][ T5953] usb 3-1: USB disconnect, device number 77 [ 432.883588][ T6043] udevd[6043]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 432.957113][T11850] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1654'. [ 433.020048][ T24] usb 5-1: new high-speed USB device number 84 using dummy_hcd [ 433.181691][ T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 433.204236][ T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 433.224816][ T24] usb 5-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=69.cf [ 433.234721][ T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 433.242995][ T24] usb 5-1: Product: syz [ 433.247314][ T24] usb 5-1: Manufacturer: syz [ 433.252029][ T24] usb 5-1: SerialNumber: syz [ 433.259612][ T24] usb 5-1: config 0 descriptor?? [ 433.278799][ T24] usb 5-1: Found UVC 0.00 device syz (18ec:3288) [ 433.287750][ T24] usb 5-1: No valid video chain found. [ 433.329955][ T5873] usb 1-1: new full-speed USB device number 72 using dummy_hcd [ 433.430412][ T5953] usb 2-1: new full-speed USB device number 88 using dummy_hcd [ 433.474287][ T24] usb 5-1: USB disconnect, device number 84 [ 433.502184][ T5873] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 433.534168][ T5873] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 433.550108][ T5873] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 433.561181][ T5873] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 433.582727][ T5873] usb 1-1: config 0 descriptor?? [ 433.602375][ T5873] hub 1-1:0.0: USB hub found [ 433.603148][ T5953] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 433.649904][ T5953] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 255, setting to 64 [ 433.673073][ T5953] usb 2-1: New USB device found, idVendor=0567, idProduct=3007, bcdDevice= 0.00 [ 433.699806][ T5953] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 433.719124][ T5953] usb 2-1: config 0 descriptor?? [ 433.728963][T11860] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22 [ 433.807053][ T5873] hub 1-1:0.0: 1 port detected [ 433.894796][T11868] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 434.151601][ T5953] hid-generic 0003:0567:3007.001B: unknown main item tag 0x0 [ 434.159411][ T5953] hid-generic 0003:0567:3007.001B: item fetching failed at offset 3/5 [ 434.199119][ T5953] hid-generic 0003:0567:3007.001B: probe with driver hid-generic failed with error -22 [ 434.223936][ T5873] usb 1-1: USB disconnect, device number 72 [ 434.361475][ T5953] usb 2-1: USB disconnect, device number 88 [ 435.265934][T11886] tipc: Resetting bearer [ 435.474371][T11886] bridge_slave_1: left promiscuous mode [ 435.521957][T11886] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 435.551748][T11886] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 435.661119][ T30] kauditd_printk_skb: 40 callbacks suppressed [ 435.661138][ T30] audit: type=1326 audit(1755029731.807:679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11903 comm="syz.0.1679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2cfd8ebe9 code=0x7ffc0000 [ 435.709087][ T30] audit: type=1326 audit(1755029731.807:680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11903 comm="syz.0.1679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2cfd8ebe9 code=0x7ffc0000 [ 435.737036][ T30] audit: type=1326 audit(1755029731.847:681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11903 comm="syz.0.1679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=210 compat=0 ip=0x7fd2cfd8ebe9 code=0x7ffc0000 [ 435.770645][ T30] audit: type=1326 audit(1755029731.847:682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11903 comm="syz.0.1679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2cfd8ebe9 code=0x7ffc0000 [ 435.885183][ T30] audit: type=1326 audit(1755029731.847:683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11903 comm="syz.0.1679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2cfd8ebe9 code=0x7ffc0000 [ 435.964165][ T30] audit: type=1326 audit(1755029732.077:684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11909 comm="syz.3.1682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 436.019374][ T30] audit: type=1326 audit(1755029732.077:685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11909 comm="syz.3.1682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 436.024874][T11886] netdevsim netdevsim1 netdevsim0: left promiscuous mode [ 436.045769][ T30] audit: type=1326 audit(1755029732.077:686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11909 comm="syz.3.1682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=51 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 436.126494][T11886] gretap1: left promiscuous mode [ 436.131861][ T30] audit: type=1326 audit(1755029732.077:687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11909 comm="syz.3.1682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 436.184947][T11886] ip6gretap1: left allmulticast mode [ 436.210517][ T30] audit: type=1326 audit(1755029732.227:688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11913 comm="syz.0.1684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2cfd8ebe9 code=0x7ffc0000 [ 436.219812][ T49] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 436.302614][ T49] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 436.322256][T11912] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1683'. [ 436.372537][ T49] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 436.404183][ T49] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 437.664101][T11961] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1702'. [ 437.677640][T11961] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1702'. [ 437.693571][T11961] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1702'. [ 437.719906][ T5946] usb 5-1: new full-speed USB device number 85 using dummy_hcd [ 437.884145][ T5946] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64 [ 437.907190][ T5946] usb 5-1: New USB device found, idVendor=04d8, idProduct=c002, bcdDevice= 0.00 [ 437.919246][ T5946] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 437.938716][ T5946] usb 5-1: config 0 descriptor?? [ 437.956391][T11953] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 438.001222][T11969] binder: 11968:11969 ioctl c0306201 0 returned -14 [ 438.386107][ T5946] hid-picolcd 0003:04D8:C002.001C: unknown main item tag 0x0 [ 438.413980][ T5946] hid-picolcd 0003:04D8:C002.001C: unknown main item tag 0x0 [ 438.428631][ T5946] hid-picolcd 0003:04D8:C002.001C: unknown main item tag 0x0 [ 438.461029][ T5946] hid-picolcd 0003:04D8:C002.001C: unknown main item tag 0x0 [ 438.478774][ T5946] hid-picolcd 0003:04D8:C002.001C: unknown main item tag 0x0 [ 438.513025][T11985] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00aa [ 438.524629][T11985] tipc: Enabled bearer , priority 10 [ 438.550476][ T5946] hid-picolcd 0003:04D8:C002.001C: No report with id 0x11 found [ 438.584762][ T5946] usb 5-1: USB disconnect, device number 85 [ 438.735619][T11989] netlink: 27 bytes leftover after parsing attributes in process `syz.3.1706'. [ 440.164698][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.171298][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.359959][ T5953] usb 5-1: new high-speed USB device number 86 using dummy_hcd [ 440.539966][ T5953] usb 5-1: Using ep0 maxpacket: 32 [ 440.574653][ T5953] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 440.610032][ T5953] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 440.641833][ T5953] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 440.661263][ T5953] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 440.684280][ T5953] usb 5-1: config 0 descriptor?? [ 440.690765][T12009] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 440.700149][T12019] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1722'. [ 440.701956][ T5953] hub 5-1:0.0: USB hub found [ 440.849904][ T5972] usb 4-1: new high-speed USB device number 66 using dummy_hcd [ 440.905252][ T5953] hub 5-1:0.0: 1 port detected [ 441.000678][ T5972] usb 4-1: Using ep0 maxpacket: 32 [ 441.011488][ T5972] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 441.035466][ T5972] usb 4-1: config 0 has no interfaces? [ 441.047498][ T5972] usb 4-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5 [ 441.074630][ T5972] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 441.083355][ T5972] usb 4-1: Product: syz [ 441.087552][ T5972] usb 4-1: Manufacturer: syz [ 441.092693][ T5972] usb 4-1: SerialNumber: syz [ 441.111555][ T5972] usb 4-1: config 0 descriptor?? [ 441.259894][ T5946] usb 1-1: new high-speed USB device number 73 using dummy_hcd [ 441.322474][ T5972] usb 4-1: USB disconnect, device number 66 [ 441.422489][ T5946] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 441.438386][ T5946] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 441.451920][ T5946] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 441.467131][ T5946] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 441.486889][ T5946] usb 1-1: config 0 descriptor?? [ 442.512856][ T5946] uclogic 0003:256C:006D.001D: failed retrieving Huion firmware version: -71 [ 442.536681][ T5946] uclogic 0003:256C:006D.001D: failed probing parameters: -71 [ 442.555103][ T5946] uclogic 0003:256C:006D.001D: probe with driver uclogic failed with error -71 [ 442.579986][ T5946] usb 1-1: USB disconnect, device number 73 [ 442.901627][ T9] usb 5-1: USB disconnect, device number 86 [ 443.456290][ T30] kauditd_printk_skb: 195 callbacks suppressed [ 443.456309][ T30] audit: type=1326 audit(1755029739.597:884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12074 comm="syz.3.1744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 443.549980][ T30] audit: type=1326 audit(1755029739.597:885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12074 comm="syz.3.1744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 443.629922][ T30] audit: type=1326 audit(1755029739.607:886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12074 comm="syz.3.1744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 443.702301][ T30] audit: type=1326 audit(1755029739.607:887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12074 comm="syz.3.1744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 443.749826][ T30] audit: type=1326 audit(1755029739.607:888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12074 comm="syz.3.1744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 443.809960][ T30] audit: type=1326 audit(1755029739.607:889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12074 comm="syz.3.1744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 443.899947][ T30] audit: type=1326 audit(1755029739.607:890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12074 comm="syz.3.1744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 443.978531][ T30] audit: type=1326 audit(1755029739.607:891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12074 comm="syz.3.1744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=276 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 444.076008][ T30] audit: type=1326 audit(1755029739.607:892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12074 comm="syz.3.1744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 444.159850][ T30] audit: type=1326 audit(1755029739.607:893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12074 comm="syz.3.1744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 444.625483][T12100] input: syz0 as /devices/virtual/input/input42 [ 445.927708][T12115] netlink: 'syz.0.1758': attribute type 1 has an invalid length. [ 446.341912][T12117] sit0: entered promiscuous mode [ 446.363772][T12117] netlink: 'syz.2.1759': attribute type 1 has an invalid length. [ 446.392226][T12117] netlink: 1 bytes leftover after parsing attributes in process `syz.2.1759'. [ 446.502542][T12118] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1756'. [ 449.038540][ T30] audit: type=1326 audit(1755029745.177:894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12159 comm="syz.3.1775" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 449.103210][ T30] audit: type=1326 audit(1755029745.177:895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12159 comm="syz.3.1775" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 449.159901][ T30] audit: type=1326 audit(1755029745.217:896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12159 comm="syz.3.1775" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 449.236461][ T30] audit: type=1326 audit(1755029745.217:897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12159 comm="syz.3.1775" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 449.299943][ T30] audit: type=1326 audit(1755029745.217:898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12159 comm="syz.3.1775" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 449.367161][ T30] audit: type=1326 audit(1755029745.227:899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12159 comm="syz.3.1775" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 449.445454][ T30] audit: type=1326 audit(1755029745.227:900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12159 comm="syz.3.1775" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 449.526289][ T30] audit: type=1326 audit(1755029745.227:901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12159 comm="syz.3.1775" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 449.606967][ T30] audit: type=1326 audit(1755029745.227:902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12159 comm="syz.3.1775" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 449.687309][ T30] audit: type=1326 audit(1755029745.227:903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12159 comm="syz.3.1775" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 450.598418][T12179] binder: 12165:12179 ioctl 400c620e 200000000240 returned -22 [ 452.359852][ T5972] usb 5-1: new high-speed USB device number 87 using dummy_hcd [ 452.512761][ T5972] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 452.535535][ T5972] usb 5-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00 [ 452.555504][ T5972] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 452.586505][ T5972] usb 5-1: config 0 descriptor?? [ 453.051192][ T5972] lenovo 0003:17EF:6047.001E: hidraw0: USB HID v0.00 Device [HID 17ef:6047] on usb-dummy_hcd.4-1/input0 [ 453.600710][ T9] usb 4-1: new high-speed USB device number 67 using dummy_hcd [ 453.763222][ T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0 [ 453.783451][ T9] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8E has invalid maxpacket 0 [ 453.803681][ T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 453.810091][ T5972] lenovo 0003:17EF:6047.001E: Sensitivity setting failed: -71 [ 453.839456][ T9] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0xA has invalid maxpacket 0 [ 453.841985][ T5972] usb 5-1: USB disconnect, device number 87 [ 453.866180][ T9] usb 4-1: New USB device found, idVendor=05ab, idProduct=0301, bcdDevice= 1.00 [ 453.876961][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 453.890388][ T9] usb 4-1: Product: syz [ 453.894675][ T9] usb 4-1: Manufacturer: syz [ 453.899372][ T9] usb 4-1: SerialNumber: syz [ 453.941016][ T9] usb 4-1: config 0 descriptor?? [ 453.958858][ T9] ums-isd200 4-1:0.0: USB Mass Storage device detected [ 454.580379][ T5946] usb 2-1: new full-speed USB device number 89 using dummy_hcd [ 454.753411][ T5946] usb 2-1: unable to get BOS descriptor or descriptor too short [ 454.787586][ T5946] usb 2-1: not running at top speed; connect to a high speed hub [ 454.817646][ T5946] usb 2-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 454.829800][ T5946] usb 2-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 454.864155][ T5946] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 454.896907][ T5946] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 454.907560][ T5946] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 454.933180][ T5946] usb 2-1: Product: syz [ 454.937546][ T5946] usb 2-1: Manufacturer: syz [ 454.949967][ T5946] usb 2-1: SerialNumber: syz [ 455.179170][ T5946] usb 2-1: 0:2 : does not exist [ 455.240901][ T5946] usb 2-1: USB disconnect, device number 89 [ 455.304304][ T6043] udevd[6043]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 456.436007][ T9] scsi host1: usb-storage 4-1:0.0 [ 456.630322][ T9] usb 4-1: USB disconnect, device number 67 [ 456.860708][ T30] kauditd_printk_skb: 42 callbacks suppressed [ 456.860725][ T30] audit: type=1326 audit(1755029753.007:946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12287 comm="syz.4.1820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 456.984617][ T30] audit: type=1326 audit(1755029753.007:947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12287 comm="syz.4.1820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 457.050475][ T30] audit: type=1326 audit(1755029753.037:948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12287 comm="syz.4.1820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=427 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 457.155154][ T30] audit: type=1326 audit(1755029753.037:949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12287 comm="syz.4.1820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 457.291775][ T30] audit: type=1326 audit(1755029753.037:950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12287 comm="syz.4.1820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 457.333254][T12300] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1824'. [ 457.345404][T12300] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1824'. [ 458.506007][ T30] audit: type=1326 audit(1755029754.647:951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12322 comm="syz.3.1832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 458.553682][ T5972] usb 2-1: new high-speed USB device number 90 using dummy_hcd [ 458.596144][ T30] audit: type=1326 audit(1755029754.647:952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12322 comm="syz.3.1832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 458.670870][ T30] audit: type=1326 audit(1755029754.647:953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12322 comm="syz.3.1832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 458.729892][ T30] audit: type=1326 audit(1755029754.647:954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12322 comm="syz.3.1832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 458.759796][ T5972] usb 2-1: Using ep0 maxpacket: 16 [ 458.818239][ T5972] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 458.839980][ T30] audit: type=1326 audit(1755029754.647:955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12322 comm="syz.3.1832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 458.863038][ T5972] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 458.887162][ T5972] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 458.902535][ T5972] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 458.920003][ T5972] usb 2-1: Product: syz [ 458.928738][ T5972] usb 2-1: Manufacturer: syz [ 458.951301][ T5972] usb 2-1: SerialNumber: syz [ 459.178901][ T5972] usb 2-1: 0:2 : does not exist [ 459.194890][ T5972] usb 2-1: 5:0: failed to get current value for ch 0 (-22) [ 459.265474][ T5972] usb 2-1: USB disconnect, device number 90 [ 459.355449][ T6043] udevd[6043]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 460.374639][T12362] netlink: 'syz.0.1847': attribute type 1 has an invalid length. [ 460.388085][T12362] netlink: 'syz.0.1847': attribute type 2 has an invalid length. [ 460.396154][T12362] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1847'. [ 460.413067][T12362] netlink: 'syz.0.1847': attribute type 1 has an invalid length. [ 460.425459][T12362] netlink: 'syz.0.1847': attribute type 2 has an invalid length. [ 460.434983][T12362] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1847'. [ 460.659445][T12363] syz_tun: entered promiscuous mode [ 460.686694][T12363] syz_tun: left promiscuous mode [ 461.921276][ C1] bridge0: port 2(bridge_slave_1) entered forwarding state [ 461.928566][ C1] bridge0: topology change detected, propagating [ 461.936376][ C1] bridge0: port 1(bridge_slave_0) entered forwarding state [ 461.943667][ C1] bridge0: topology change detected, propagating [ 462.029248][T12406] netlink: 9 bytes leftover after parsing attributes in process `syz.4.1856'. [ 462.089202][T12406] gretap0: entered promiscuous mode [ 462.980104][ T5972] usb 2-1: new high-speed USB device number 91 using dummy_hcd [ 463.054830][ T30] kauditd_printk_skb: 22 callbacks suppressed [ 463.054846][ T30] audit: type=1326 audit(1755029759.197:978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12429 comm="syz.3.1874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 463.148476][ T30] audit: type=1326 audit(1755029759.227:979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12429 comm="syz.3.1874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 463.159819][ T5972] usb 2-1: Using ep0 maxpacket: 16 [ 463.202434][ T5972] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 463.216126][ T30] audit: type=1326 audit(1755029759.227:980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12429 comm="syz.3.1874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=25 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 463.229845][ T5972] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 463.275169][ T30] audit: type=1326 audit(1755029759.227:981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12429 comm="syz.3.1874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 463.329849][ T5972] usb 2-1: New USB device found, idVendor=05ac, idProduct=024b, bcdDevice= 0.00 [ 463.330664][ T30] audit: type=1326 audit(1755029759.227:982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12429 comm="syz.3.1874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 463.378410][ T5972] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 463.416575][ T5972] usb 2-1: config 0 descriptor?? [ 463.832087][ T5972] apple 0003:05AC:024B.001F: bogus close delimiter [ 463.838732][ T5972] apple 0003:05AC:024B.001F: item 0 0 2 10 parsing failed [ 463.900920][ T5972] apple 0003:05AC:024B.001F: parse failed [ 463.906853][ T5972] apple 0003:05AC:024B.001F: probe with driver apple failed with error -22 [ 464.066323][ T5946] usb 2-1: USB disconnect, device number 91 [ 464.670119][ T5946] usb 1-1: new high-speed USB device number 74 using dummy_hcd [ 464.843263][ T5946] usb 1-1: Using ep0 maxpacket: 32 [ 464.874356][ T5946] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 464.900651][ T5946] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 464.926615][ T5946] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 464.950534][ T5946] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 464.978747][ T5946] usb 1-1: config 0 descriptor?? [ 464.990918][T12452] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 465.011066][ T5946] hub 1-1:0.0: USB hub found [ 465.212758][ T5946] hub 1-1:0.0: 1 port detected [ 465.508215][ T30] audit: type=1326 audit(1755029761.647:983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12471 comm="syz.1.1888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77ec18ebe9 code=0x7ffc0000 [ 465.566151][ T30] audit: type=1326 audit(1755029761.677:984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12471 comm="syz.1.1888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f77ec18ebe9 code=0x7ffc0000 [ 465.594081][ T30] audit: type=1326 audit(1755029761.677:985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12471 comm="syz.1.1888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77ec18ebe9 code=0x7ffc0000 [ 465.617316][ T928] usb 3-1: new high-speed USB device number 78 using dummy_hcd [ 465.642469][ T5946] usb 1-1: USB disconnect, device number 74 [ 465.678697][ T30] audit: type=1326 audit(1755029761.677:986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12471 comm="syz.1.1888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=200 compat=0 ip=0x7f77ec18ebe9 code=0x7ffc0000 [ 465.709150][ T30] audit: type=1326 audit(1755029761.677:987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12471 comm="syz.1.1888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77ec18ebe9 code=0x7ffc0000 [ 465.810176][ T928] usb 3-1: Using ep0 maxpacket: 32 [ 465.821581][ T928] usb 3-1: unable to get BOS descriptor or descriptor too short [ 465.837481][ T928] usb 3-1: config 128 has an invalid interface number: 127 but max is 3 [ 465.856477][ T928] usb 3-1: config 128 has an invalid descriptor of length 0, skipping remainder of the config [ 465.867706][ T928] usb 3-1: config 128 has 1 interface, different from the descriptor's value: 4 [ 465.881659][ T928] usb 3-1: config 128 has no interface number 0 [ 465.888210][ T928] usb 3-1: config 128 interface 127 altsetting 14 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 465.908167][ T928] usb 3-1: config 128 interface 127 has no altsetting 0 [ 465.918586][ T928] usb 3-1: New USB device found, idVendor=0582, idProduct=295c, bcdDevice=d4.55 [ 465.934974][ T928] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 465.955088][ T928] usb 3-1: Product: syz [ 465.959890][ T928] usb 3-1: Manufacturer: syz [ 465.964782][ T928] usb 3-1: SerialNumber: syz [ 466.271267][ T928] usb 3-1: USB disconnect, device number 78 [ 466.348288][ T6043] udevd[6043]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:128.127/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 467.319825][ T928] usb 2-1: new high-speed USB device number 92 using dummy_hcd [ 467.495084][ T928] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0 [ 467.517918][ T928] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8E has invalid maxpacket 0 [ 467.545198][ T928] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 467.569025][ T928] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0xA has invalid maxpacket 0 [ 467.596114][ T928] usb 2-1: New USB device found, idVendor=05ab, idProduct=0301, bcdDevice= 1.00 [ 467.617100][ T928] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 467.635943][ T928] usb 2-1: Product: syz [ 467.648864][ T928] usb 2-1: Manufacturer: syz [ 467.674293][ T928] usb 2-1: SerialNumber: syz [ 467.731028][ T928] usb 2-1: config 0 descriptor?? [ 467.748438][ T928] ums-isd200 2-1:0.0: USB Mass Storage device detected [ 468.355839][T12522] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1905'. [ 468.837743][T12535] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1912'. [ 468.857057][T12535] netem: change failed [ 470.047739][ T30] kauditd_printk_skb: 41 callbacks suppressed [ 470.047757][ T30] audit: type=1326 audit(1755029766.187:1029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12567 comm="syz.4.1927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 470.103873][T12568] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1927'. [ 470.141508][ T30] audit: type=1326 audit(1755029766.227:1030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12567 comm="syz.4.1927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 470.170180][ T30] audit: type=1326 audit(1755029766.227:1031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12567 comm="syz.4.1927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=270 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 470.248759][ T30] audit: type=1326 audit(1755029766.227:1032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12567 comm="syz.4.1927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 470.328531][ T30] audit: type=1326 audit(1755029766.227:1033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12567 comm="syz.4.1927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 470.372543][ T30] audit: type=1326 audit(1755029766.237:1034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12567 comm="syz.4.1927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 470.476175][ T30] audit: type=1326 audit(1755029766.237:1035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12567 comm="syz.4.1927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 470.576415][T12580] netlink: 100 bytes leftover after parsing attributes in process `syz.4.1931'. [ 470.656645][ T30] audit: type=1326 audit(1755029766.237:1036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12567 comm="syz.4.1927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 470.773585][ T30] audit: type=1326 audit(1755029766.237:1037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12567 comm="syz.4.1927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 470.904264][ T30] audit: type=1326 audit(1755029766.237:1038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12567 comm="syz.4.1927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 471.027769][ T928] scsi host1: usb-storage 2-1:0.0 [ 471.132843][ T928] usb 2-1: USB disconnect, device number 92 [ 471.219177][T12595] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1937'. [ 471.894684][T12623] ALSA: seq fatal error: cannot create timer (-22) [ 474.635063][T12686] hub 6-0:1.0: USB hub found [ 474.644578][T12686] hub 6-0:1.0: 1 port detected [ 474.814379][T12688] hub 9-0:1.0: USB hub found [ 474.837368][T12688] hub 9-0:1.0: 1 port detected [ 475.365126][ T30] kauditd_printk_skb: 61 callbacks suppressed [ 475.365144][ T30] audit: type=1326 audit(1755029771.507:1100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12703 comm="syz.1.1981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77ec18ebe9 code=0x7ffc0000 [ 475.434093][ T30] audit: type=1326 audit(1755029771.507:1101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12703 comm="syz.1.1981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77ec18ebe9 code=0x7ffc0000 [ 475.500620][ T30] audit: type=1326 audit(1755029771.507:1102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12703 comm="syz.1.1981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f77ec18ebe9 code=0x7ffc0000 [ 475.523881][ T30] audit: type=1326 audit(1755029771.507:1103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12703 comm="syz.1.1981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77ec18ebe9 code=0x7ffc0000 [ 475.589802][ T30] audit: type=1326 audit(1755029771.507:1104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12703 comm="syz.1.1981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f77ec18ebe9 code=0x7ffc0000 [ 475.622062][ T30] audit: type=1326 audit(1755029771.507:1105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12703 comm="syz.1.1981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77ec18ebe9 code=0x7ffc0000 [ 475.697075][T12715] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1985'. [ 475.713619][ T30] audit: type=1326 audit(1755029771.507:1106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12703 comm="syz.1.1981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f77ec18ebe9 code=0x7ffc0000 [ 475.738566][ T30] audit: type=1326 audit(1755029771.507:1107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12703 comm="syz.1.1981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77ec18ebe9 code=0x7ffc0000 [ 475.765582][ T30] audit: type=1326 audit(1755029771.617:1108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12709 comm="syz.0.1983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2cfd8ebe9 code=0x7ffc0000 [ 475.773145][T12715] veth0_to_team: entered promiscuous mode [ 475.805945][T12715] veth0_to_team: left promiscuous mode [ 475.825782][ T30] audit: type=1326 audit(1755029771.617:1109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12709 comm="syz.0.1983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2cfd8ebe9 code=0x7ffc0000 [ 478.309933][ T5953] IPVS: starting estimator thread 0... [ 478.409829][T12813] IPVS: using max 34 ests per chain, 81600 per kthread [ 478.893618][T12837] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2037'. [ 478.909802][ T24] usb 1-1: new full-speed USB device number 75 using dummy_hcd [ 479.062206][ T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 479.093333][ T24] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 479.121900][ T24] usb 1-1: New USB device found, idVendor=17ef, idProduct=6067, bcdDevice= 0.00 [ 479.141042][ T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 479.167737][ T24] usb 1-1: config 0 descriptor?? [ 479.308790][T12848] pimreg: entered allmulticast mode [ 479.327825][T12848] pimreg: left allmulticast mode [ 479.397041][ T24] usbhid 1-1:0.0: can't add hid device: -71 [ 479.407791][ T24] usbhid 1-1:0.0: probe with driver usbhid failed with error -71 [ 479.433834][ T24] usb 1-1: USB disconnect, device number 75 [ 479.650325][T12864] usb usb1: usbfs: process 12864 (syz.1.2051) did not claim interface 2 before use [ 479.833353][T12876] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 479.840735][T12876] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 479.964622][T12882] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2059'. [ 480.565704][T12904] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2070'. [ 483.110992][T12959] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2092'. [ 483.151700][T12959] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2092'. [ 483.167425][ T30] kauditd_printk_skb: 73 callbacks suppressed [ 483.167441][ T30] audit: type=1326 audit(1755029779.307:1183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12960 comm="syz.4.2094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 483.227151][T12959] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2092'. [ 483.329043][ T30] audit: type=1326 audit(1755029779.347:1184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12960 comm="syz.4.2094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 483.415896][ T30] audit: type=1326 audit(1755029779.347:1185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12960 comm="syz.4.2094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 483.499350][ T30] audit: type=1326 audit(1755029779.347:1186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12960 comm="syz.4.2094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 483.594293][ T30] audit: type=1326 audit(1755029779.347:1187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12960 comm="syz.4.2094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 483.672614][ T30] audit: type=1326 audit(1755029779.347:1188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12960 comm="syz.4.2094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 483.777072][ T30] audit: type=1326 audit(1755029779.347:1189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12960 comm="syz.4.2094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 483.875247][ T30] audit: type=1326 audit(1755029779.347:1190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12960 comm="syz.4.2094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=263 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 483.943559][ T30] audit: type=1326 audit(1755029779.357:1191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12960 comm="syz.4.2094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 483.974733][ T30] audit: type=1326 audit(1755029779.597:1192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12964 comm="syz.4.2096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 484.758965][T13002] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2112'. [ 484.807593][T13002] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2112'. [ 484.901125][T12995] ALSA: seq fatal error: cannot create timer (-19) [ 486.422658][T13061] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2134'. [ 486.440033][T13061] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 486.458662][T13061] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 487.228047][T13086] sch_tbf: burst 0 is lower than device lo mtu (1550) ! [ 487.468775][T13099] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2150'. [ 487.837664][T13116] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2157'. [ 487.877587][T13116] unsupported nlmsg_type 40 [ 487.965191][T13125] pim6reg: left allmulticast mode [ 488.159864][ T24] usb 3-1: new high-speed USB device number 79 using dummy_hcd [ 488.219989][ T30] kauditd_printk_skb: 97 callbacks suppressed [ 488.220007][ T30] audit: type=1326 audit(1755029784.357:1290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13136 comm="syz.4.2169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 488.297235][ T30] audit: type=1326 audit(1755029784.367:1291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13136 comm="syz.4.2169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 488.320304][ T24] usb 3-1: device descriptor read/64, error -71 [ 488.343656][ T30] audit: type=1326 audit(1755029784.407:1292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13136 comm="syz.4.2169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 488.393760][ T30] audit: type=1326 audit(1755029784.407:1293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13136 comm="syz.4.2169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 488.419529][ T30] audit: type=1326 audit(1755029784.407:1294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13136 comm="syz.4.2169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 488.455733][ T30] audit: type=1326 audit(1755029784.407:1295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13136 comm="syz.4.2169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 488.480383][ T30] audit: type=1326 audit(1755029784.407:1296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13136 comm="syz.4.2169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 488.545558][ T30] audit: type=1326 audit(1755029784.407:1297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13136 comm="syz.4.2169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 488.571568][ T30] audit: type=1326 audit(1755029784.407:1298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13136 comm="syz.4.2169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 488.595305][ T24] usb 3-1: new high-speed USB device number 80 using dummy_hcd [ 488.605978][ T30] audit: type=1326 audit(1755029784.407:1299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13136 comm="syz.4.2169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19838ebe9 code=0x7ffc0000 [ 488.760217][ T24] usb 3-1: device descriptor read/64, error -71 [ 488.870277][ T24] usb usb3-port1: attempt power cycle [ 489.219989][ T24] usb 3-1: new high-speed USB device number 81 using dummy_hcd [ 489.250642][ T24] usb 3-1: device descriptor read/8, error -71 [ 489.510220][ T24] usb 3-1: new high-speed USB device number 82 using dummy_hcd [ 489.558376][ T24] usb 3-1: device descriptor read/8, error -71 [ 489.601862][T13200] ip6tnl1: entered promiscuous mode [ 489.607155][T13200] ip6tnl1: entered allmulticast mode [ 489.680003][ T24] usb usb3-port1: unable to enumerate USB device [ 490.475624][T13249] pim6reg: entered allmulticast mode [ 491.287675][T13297] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2243'. [ 491.636681][T13318] openvswitch: netlink: Message has 8 unknown bytes. [ 491.714043][T13323] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2254'. [ 491.733654][T13323] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2254'. [ 491.991297][T13338] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2261'. [ 492.253424][T13348] syzkaller0: entered promiscuous mode [ 492.259099][T13348] syzkaller0: entered allmulticast mode [ 492.612244][T13368] netlink: 'syz.4.2272': attribute type 13 has an invalid length. [ 493.043787][T13379] openvswitch: netlink: Flow key attr not present in new flow. [ 494.251540][ T24] hid-generic 0000:3000000:0000.0020: unknown main item tag 0x4 [ 494.259513][ T24] hid-generic 0000:3000000:0000.0020: unknown main item tag 0x2 [ 494.267778][ T24] hid-generic 0000:3000000:0000.0020: unknown main item tag 0x0 [ 494.277175][ T24] hid-generic 0000:3000000:0000.0020: unknown main item tag 0x0 [ 494.285402][ T24] hid-generic 0000:3000000:0000.0020: unknown main item tag 0x0 [ 494.293798][ T24] hid-generic 0000:3000000:0000.0020: unknown main item tag 0x0 [ 494.307892][ T24] hid-generic 0000:3000000:0000.0020: unknown main item tag 0x0 [ 494.316095][ T24] hid-generic 0000:3000000:0000.0020: unknown main item tag 0x0 [ 494.324246][ T24] hid-generic 0000:3000000:0000.0020: unknown main item tag 0x0 [ 494.332743][ T24] hid-generic 0000:3000000:0000.0020: unknown main item tag 0x0 [ 494.350235][ T24] hid-generic 0000:3000000:0000.0020: hidraw0: HID v0.00 Device [sy] on syz0 [ 494.476922][T13409] fido_id[13409]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 494.886167][ T30] kauditd_printk_skb: 66 callbacks suppressed [ 494.886185][ T30] audit: type=1326 audit(1755029791.027:1366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13414 comm="syz.3.2291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 495.062647][ T30] audit: type=1326 audit(1755029791.057:1367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13414 comm="syz.3.2291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 495.120217][ T30] audit: type=1326 audit(1755029791.067:1368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13414 comm="syz.3.2291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 495.162652][ T30] audit: type=1326 audit(1755029791.067:1369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13414 comm="syz.3.2291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 495.206526][ T30] audit: type=1326 audit(1755029791.067:1370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13414 comm="syz.3.2291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 495.229462][ T30] audit: type=1326 audit(1755029791.067:1371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13414 comm="syz.3.2291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 495.261331][ T30] audit: type=1326 audit(1755029791.067:1372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13414 comm="syz.3.2291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 495.288129][ T30] audit: type=1326 audit(1755029791.067:1373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13414 comm="syz.3.2291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 495.312532][ T30] audit: type=1326 audit(1755029791.067:1374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13414 comm="syz.3.2291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 495.348527][T13418] netlink: 96 bytes leftover after parsing attributes in process `syz.0.2292'. [ 495.353632][ T30] audit: type=1326 audit(1755029791.067:1375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13414 comm="syz.3.2291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 496.127223][T13453] binfmt_misc: register: failed to install interpreter file ./bus [ 496.689816][ T5946] usb 1-1: new high-speed USB device number 76 using dummy_hcd [ 496.753726][T13483] macvlan1: entered promiscuous mode [ 496.774013][T13483] ipvlan0: entered promiscuous mode [ 496.793547][T13483] ipvlan0: left promiscuous mode [ 496.803675][T13483] macvlan1: left promiscuous mode [ 496.821002][ T5946] usb 1-1: device descriptor read/64, error -71 [ 497.069854][ T5946] usb 1-1: new high-speed USB device number 77 using dummy_hcd [ 497.229950][ T5946] usb 1-1: device descriptor read/64, error -71 [ 497.340377][ T5946] usb usb1-port1: attempt power cycle [ 497.690415][ T5946] usb 1-1: new high-speed USB device number 78 using dummy_hcd [ 497.734721][ T5946] usb 1-1: device descriptor read/8, error -71 [ 498.000136][ T5946] usb 1-1: new high-speed USB device number 79 using dummy_hcd [ 498.030929][ T5946] usb 1-1: device descriptor read/8, error -71 [ 498.141661][ T5946] usb usb1-port1: unable to enumerate USB device [ 498.358938][T13523] netlink: 14593 bytes leftover after parsing attributes in process `syz.2.2341'. [ 499.444164][ T5955] hid_parser_main: 6 callbacks suppressed [ 499.444189][ T5955] hid-generic 0000:3000000:0000.0021: unknown main item tag 0x4 [ 499.458256][ T5955] hid-generic 0000:3000000:0000.0021: unknown main item tag 0x2 [ 499.467433][ T5955] hid-generic 0000:3000000:0000.0021: unknown main item tag 0x3 [ 499.499329][ T5955] hid-generic 0000:3000000:0000.0021: hidraw0: HID v0.00 Device [sy] on syz0 [ 499.695329][T13560] fido_id[13560]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 499.887278][T13568] syzkaller0: entered promiscuous mode [ 499.892896][T13568] syzkaller0: entered allmulticast mode [ 499.964307][ T30] kauditd_printk_skb: 106 callbacks suppressed [ 499.964326][ T30] audit: type=1326 audit(1755029796.107:1482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13576 comm="syz.1.2365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77ec18ebe9 code=0x7ffc0000 [ 500.038080][ T30] audit: type=1326 audit(1755029796.107:1483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13576 comm="syz.1.2365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=43 compat=0 ip=0x7f77ec18ebe9 code=0x7ffc0000 [ 500.122397][ T30] audit: type=1326 audit(1755029796.107:1484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13576 comm="syz.1.2365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77ec18ebe9 code=0x7ffc0000 [ 500.260403][T13590] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2368'. [ 500.269348][T13590] netlink: 312 bytes leftover after parsing attributes in process `syz.1.2368'. [ 500.299550][T13590] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2368'. [ 500.317581][T13592] netlink: 64 bytes leftover after parsing attributes in process `syz.0.2371'. [ 501.196381][T13458] Set syz1 is full, maxelem 65536 reached [ 501.366312][ T30] audit: type=1326 audit(1755029797.507:1485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13600 comm="syz.1.2375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77ec18ebe9 code=0x7ffc0000 [ 501.428248][ T30] audit: type=1326 audit(1755029797.507:1486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13600 comm="syz.1.2375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77ec18ebe9 code=0x7ffc0000 [ 501.490380][ T30] audit: type=1326 audit(1755029797.507:1487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13600 comm="syz.1.2375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7f77ec18ebe9 code=0x7ffc0000 [ 501.554908][ T30] audit: type=1326 audit(1755029797.507:1488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13600 comm="syz.1.2375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77ec18ebe9 code=0x7ffc0000 [ 501.589332][ T30] audit: type=1326 audit(1755029797.507:1489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13600 comm="syz.1.2375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77ec18ebe9 code=0x7ffc0000 [ 501.621190][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.636991][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 502.502875][ T30] audit: type=1326 audit(1755029798.647:1490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13615 comm="syz.3.2382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 502.559607][ T30] audit: type=1326 audit(1755029798.647:1491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13615 comm="syz.3.2382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 503.864616][T13630] netlink: 'syz.3.2388': attribute type 298 has an invalid length. [ 503.882687][T13632] veth0_to_team: entered promiscuous mode [ 503.912134][ T7638] team0: Failed to send port change of device team_slave_0 via netlink (err -105) [ 504.249450][T13646] netdevsim netdevsim3: Direct firmware load for ./file0/file1 failed with error -2 [ 504.294552][T13646] netdevsim netdevsim3: Falling back to sysfs fallback for: ./file0/file1 [ 505.809512][ T30] kauditd_printk_skb: 16 callbacks suppressed [ 505.809530][ T30] audit: type=1326 audit(1755029801.947:1508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13721 comm="syz.3.2430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 505.847097][ T30] audit: type=1326 audit(1755029801.987:1509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13721 comm="syz.3.2430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 505.898494][ T30] audit: type=1326 audit(1755029802.017:1510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13721 comm="syz.3.2430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 505.944813][T13727] bond_slave_1: entered promiscuous mode [ 505.953675][ T30] audit: type=1326 audit(1755029802.017:1511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13721 comm="syz.3.2430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 505.980502][T13727] bond_slave_1: left promiscuous mode [ 505.995383][ T30] audit: type=1326 audit(1755029802.017:1512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13721 comm="syz.3.2430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 506.021502][ T30] audit: type=1326 audit(1755029802.017:1513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13721 comm="syz.3.2430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 506.051193][ T30] audit: type=1326 audit(1755029802.017:1514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13721 comm="syz.3.2430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 506.130427][ T30] audit: type=1326 audit(1755029802.017:1515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13721 comm="syz.3.2430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 506.162665][ T30] audit: type=1326 audit(1755029802.017:1516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13721 comm="syz.3.2430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 506.188890][ T30] audit: type=1326 audit(1755029802.017:1517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13721 comm="syz.3.2430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b8758ebe9 code=0x7ffc0000 [ 506.524207][T13744] atomic_op ffff888028304198 conn xmit_atomic 0000000000000000 [ 507.013181][T13774] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2454'. [ 507.044246][T13774] netlink: 75 bytes leftover after parsing attributes in process `syz.0.2454'. [ 507.962681][T13807] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2464'. [ 508.465185][T13836] netlink: 'syz.0.2478': attribute type 27 has an invalid length. [ 508.482840][T13836] lo: left promiscuous mode [ 508.502698][T13836] tunl0: left promiscuous mode [ 508.506093][T13836] gre0: left promiscuous mode [ 508.557586][T13836] erspan0: left promiscuous mode [ 508.573796][T13836] ip_vti0: left promiscuous mode [ 508.582658][T13836] ip6_vti0: left promiscuous mode [ 508.592882][T13836] sit0: left promiscuous mode [ 508.609297][T13836] ip6tnl0: left promiscuous mode [ 508.638134][T13836] ip6gre0: left promiscuous mode [ 508.660326][T13836] syz_tun: left promiscuous mode [ 508.715157][T13836] ip6gretap0: left promiscuous mode [ 508.742577][T13836] bridge0: port 2(bridge_slave_1) entered disabled state [ 508.750005][T13836] bridge0: port 1(bridge_slave_0) entered disabled state [ 508.768546][T13836] bridge0: left promiscuous mode [ 508.779674][T13836] vcan0: left promiscuous mode [ 508.789436][T13836] bond0: left promiscuous mode [ 508.794523][T13836] bond_slave_0: left promiscuous mode [ 508.801815][T13836] bond_slave_1: left promiscuous mode [ 508.807504][T13836] batadv0: left promiscuous mode [ 508.833279][T13836] dummy0: left promiscuous mode [ 508.851533][T13836] nlmon0: left promiscuous mode [ 508.858517][T13836] caif0: left promiscuous mode [ 508.957436][T13852] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2487'. [ 508.985566][T13836] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 509.006244][T13836] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 509.289839][ T3562] netdevsim netdevsim0 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 509.313685][ T3562] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 509.343539][ T3562] netdevsim netdevsim0 netdevsim0: unset [1, 1] type 2 family 0 port 20000 - 0 [ 509.380656][ T3562] netdevsim netdevsim0 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 509.406372][ T3562] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 509.448321][ T3562] netdevsim netdevsim0 netdevsim1: unset [1, 1] type 2 family 0 port 20000 - 0 [ 509.478159][ T49] netdevsim netdevsim0 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 509.510955][ T49] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 509.531773][ T49] netdevsim netdevsim0 netdevsim2: unset [1, 1] type 2 family 0 port 20000 - 0 [ 509.553166][ T3562] netdevsim netdevsim0 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 509.574592][ T3562] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 509.606221][ T3562] netdevsim netdevsim0 netdevsim3: unset [1, 1] type 2 family 0 port 20000 - 0 [ 509.734424][T13887] sch_tbf: burst 3298 is lower than device lo mtu (11337746) ! [ 509.933506][T13901] IPv4: Oversized IP packet from 127.202.26.0 [ 510.145918][T13907] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2512'. [ 511.411268][T13943] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2526'. [ 511.422235][T13943] openvswitch: netlink: Flow key attr not present in new flow. [ 514.141477][T14033] 8021q: adding VLAN 0 to HW filter on device macvlan3 [ 514.664402][T14057] netlink: 'syz.3.2573': attribute type 11 has an invalid length. [ 515.491654][T14092] [ 515.494199][T14092] ====================================================== [ 515.501234][T14092] WARNING: possible circular locking dependency detected [ 515.508288][T14092] 6.17.0-rc1-syzkaller-00004-g53e760d89498 #0 Not tainted [ 515.515405][T14092] ------------------------------------------------------ [ 515.522516][T14092] syz.4.2584/14092 is trying to acquire lock: [ 515.528682][T14092] ffff88801b2ffa20 (&root->kernfs_iattr_rwsem){++++}-{4:4}, at: kernfs_iop_getattr+0x9e/0x450 [ 515.538986][T14092] [ 515.538986][T14092] but task is already holding lock: [ 515.546356][T14092] ffff88814332cf28 (&q->q_usage_counter(io)#24){++++}-{0:0}, at: lo_ioctl+0x17f2/0x1d00 [ 515.556132][T14092] [ 515.556132][T14092] which lock already depends on the new lock. [ 515.556132][T14092] [ 515.566805][T14092] [ 515.566805][T14092] the existing dependency chain (in reverse order) is: [ 515.575880][T14092] [ 515.575880][T14092] -> #2 (&q->q_usage_counter(io)#24){++++}-{0:0}: [ 515.584505][T14092] lock_acquire+0x120/0x360 [ 515.589823][T14092] blk_alloc_queue+0x538/0x620 [ 515.595247][T14092] __blk_mq_alloc_disk+0x15c/0x340 [ 515.600903][T14092] loop_add+0x411/0xad0 [ 515.606772][T14092] loop_init+0xd9/0x170 [ 515.611479][T14092] do_one_initcall+0x233/0x820 [ 515.616964][T14092] do_initcall_level+0x104/0x190 [ 515.622444][T14092] do_initcalls+0x59/0xa0 [ 515.627402][T14092] kernel_init_freeable+0x334/0x4b0 [ 515.633141][T14092] kernel_init+0x1d/0x1d0 [ 515.638141][T14092] ret_from_fork+0x3f9/0x770 [ 515.643281][T14092] ret_from_fork_asm+0x1a/0x30 [ 515.648702][T14092] [ 515.648702][T14092] -> #1 (fs_reclaim){+.+.}-{0:0}: [ 515.655967][T14092] lock_acquire+0x120/0x360 [ 515.661028][T14092] fs_reclaim_acquire+0x72/0x100 [ 515.666637][T14092] kmem_cache_alloc_noprof+0x44/0x3c0 [ 515.672588][T14092] __kernfs_iattrs+0xd9/0x320 [ 515.677986][T14092] kernfs_iop_setattr+0xea/0x3f0 [ 515.683458][T14092] notify_change+0xb33/0xe40 [ 515.688650][T14092] do_truncate+0x1a4/0x220 [ 515.693597][T14092] path_openat+0x306c/0x3830 [ 515.698792][T14092] do_filp_open+0x1fa/0x410 [ 515.703811][T14092] do_sys_openat2+0x121/0x1c0 [ 515.709204][T14092] __x64_sys_openat+0x138/0x170 [ 515.714674][T14092] do_syscall_64+0xfa/0x3b0 [ 515.719731][T14092] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 515.726147][T14092] [ 515.726147][T14092] -> #0 (&root->kernfs_iattr_rwsem){++++}-{4:4}: [ 515.734653][T14092] validate_chain+0xb9b/0x2140 [ 515.739939][T14092] __lock_acquire+0xab9/0xd20 [ 515.745223][T14092] lock_acquire+0x120/0x360 [ 515.750340][T14092] down_read+0x46/0x2e0 [ 515.755182][T14092] kernfs_iop_getattr+0x9e/0x450 [ 515.760778][T14092] vfs_getattr_nosec+0x2de/0x430 [ 515.766325][T14092] loop_assign_backing_file+0x222/0x400 [ 515.772390][T14092] lo_ioctl+0x1860/0x1d00 [ 515.777244][T14092] blkdev_ioctl+0x5a5/0x6d0 [ 515.782277][T14092] __se_sys_ioctl+0xfc/0x170 [ 515.787382][T14092] do_syscall_64+0xfa/0x3b0 [ 515.792417][T14092] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 515.798903][T14092] [ 515.798903][T14092] other info that might help us debug this: [ 515.798903][T14092] [ 515.809114][T14092] Chain exists of: [ 515.809114][T14092] &root->kernfs_iattr_rwsem --> fs_reclaim --> &q->q_usage_counter(io)#24 [ 515.809114][T14092] [ 515.823726][T14092] Possible unsafe locking scenario: [ 515.823726][T14092] [ 515.831263][T14092] CPU0 CPU1 [ 515.836614][T14092] ---- ---- [ 515.841958][T14092] lock(&q->q_usage_counter(io)#24); [ 515.847320][T14092] lock(fs_reclaim); [ 515.853806][T14092] lock(&q->q_usage_counter(io)#24); [ 515.861701][T14092] rlock(&root->kernfs_iattr_rwsem); [ 515.867057][T14092] [ 515.867057][T14092] *** DEADLOCK *** [ 515.867057][T14092] [ 515.875176][T14092] 3 locks held by syz.4.2584/14092: [ 515.880369][T14092] #0: ffff88814334a400 (&lo->lo_mutex){+.+.}-{4:4}, at: lo_ioctl+0xfbf/0x1d00 [ 515.889324][T14092] #1: ffff88814332cf28 (&q->q_usage_counter(io)#24){++++}-{0:0}, at: lo_ioctl+0x17f2/0x1d00 [ 515.899503][T14092] #2: ffff88814332cf60 (&q->q_usage_counter(queue)#20){+.+.}-{0:0}, at: lo_ioctl+0x17f2/0x1d00 [ 515.910193][T14092] [ 515.910193][T14092] stack backtrace: [ 515.916077][T14092] CPU: 0 UID: 0 PID: 14092 Comm: syz.4.2584 Not tainted 6.17.0-rc1-syzkaller-00004-g53e760d89498 #0 PREEMPT(full) [ 515.916097][T14092] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 515.916107][T14092] Call Trace: [ 515.916116][T14092] [ 515.916124][T14092] dump_stack_lvl+0x189/0x250 [ 515.916146][T14092] ? __pfx_dump_stack_lvl+0x10/0x10 [ 515.916162][T14092] ? __pfx__printk+0x10/0x10 [ 515.916185][T14092] print_circular_bug+0x2ee/0x310 [ 515.916203][T14092] check_noncircular+0x134/0x160 [ 515.916220][T14092] validate_chain+0xb9b/0x2140 [ 515.916235][T14092] ? tomoyo_path_perm+0x1e3/0x4b0 [ 515.916265][T14092] __lock_acquire+0xab9/0xd20 [ 515.916286][T14092] ? kernfs_iop_getattr+0x9e/0x450 [ 515.916301][T14092] lock_acquire+0x120/0x360 [ 515.916320][T14092] ? kernfs_iop_getattr+0x9e/0x450 [ 515.916339][T14092] down_read+0x46/0x2e0 [ 515.916360][T14092] ? kernfs_iop_getattr+0x9e/0x450 [ 515.916375][T14092] kernfs_iop_getattr+0x9e/0x450 [ 515.916392][T14092] vfs_getattr_nosec+0x2de/0x430 [ 515.916408][T14092] loop_assign_backing_file+0x222/0x400 [ 515.916427][T14092] ? __pfx_loop_assign_backing_file+0x10/0x10 [ 515.916444][T14092] ? schedule+0x91/0x360 [ 515.916465][T14092] ? percpu_ref_kill_and_confirm+0xa3/0x130 [ 515.916490][T14092] lo_ioctl+0x1860/0x1d00 [ 515.916511][T14092] ? __pfx_lo_ioctl+0x10/0x10 [ 515.916530][T14092] ? __lock_acquire+0xab9/0xd20 [ 515.916552][T14092] ? __lock_acquire+0xab9/0xd20 [ 515.916574][T14092] ? __lock_acquire+0xab9/0xd20 [ 515.916596][T14092] ? __lock_acquire+0xab9/0xd20 [ 515.916621][T14092] ? is_bpf_text_address+0x26/0x2b0 [ 515.916642][T14092] ? is_bpf_text_address+0x292/0x2b0 [ 515.916661][T14092] ? is_bpf_text_address+0x26/0x2b0 [ 515.916682][T14092] ? kernel_text_address+0xa5/0xe0 [ 515.916702][T14092] ? __kernel_text_address+0xd/0x40 [ 515.916720][T14092] ? unwind_get_return_address+0x4d/0x90 [ 515.916736][T14092] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 515.916754][T14092] ? arch_stack_walk+0xfc/0x150 [ 515.916775][T14092] ? stack_trace_save+0x9c/0xe0 [ 515.916790][T14092] ? __pfx_stack_trace_save+0x10/0x10 [ 515.916807][T14092] ? stack_depot_save_flags+0x40/0x860 [ 515.916827][T14092] ? kasan_save_track+0x4f/0x80 [ 515.916843][T14092] ? kasan_save_track+0x3e/0x80 [ 515.916859][T14092] ? kasan_save_free_info+0x46/0x50 [ 515.916873][T14092] ? __kasan_slab_free+0x5b/0x80 [ 515.916890][T14092] ? kfree+0x18e/0x440 [ 515.916906][T14092] ? tomoyo_path_number_perm+0x47a/0x5a0 [ 515.916923][T14092] ? security_file_ioctl+0xcb/0x2d0 [ 515.916940][T14092] ? __se_sys_ioctl+0x47/0x170 [ 515.916956][T14092] ? do_syscall_64+0xfa/0x3b0 [ 515.916975][T14092] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 515.916996][T14092] ? __asan_memset+0x22/0x50 [ 515.917012][T14092] ? blk_get_meta_cap+0x140/0x710 [ 515.917032][T14092] ? __pfx_blk_get_meta_cap+0x10/0x10 [ 515.917051][T14092] ? kasan_quarantine_put+0xdd/0x220 [ 515.917070][T14092] ? blkdev_common_ioctl+0xff7/0x2550 [ 515.917091][T14092] ? tomoyo_path_number_perm+0x1bc/0x5a0 [ 515.917110][T14092] ? __pfx_blkdev_common_ioctl+0x10/0x10 [ 515.917131][T14092] ? do_vfs_ioctl+0xbe8/0x1430 [ 515.917148][T14092] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 515.917168][T14092] ? __lock_acquire+0xab9/0xd20 [ 515.917192][T14092] ? __pfx_lo_ioctl+0x10/0x10 [ 515.917209][T14092] blkdev_ioctl+0x5a5/0x6d0 [ 515.917229][T14092] ? __pfx_blkdev_ioctl+0x10/0x10 [ 515.917253][T14092] ? __fget_files+0x2a/0x420 [ 515.917266][T14092] ? bpf_lsm_file_ioctl+0x9/0x20 [ 515.917284][T14092] ? __pfx_blkdev_ioctl+0x10/0x10 [ 515.917303][T14092] __se_sys_ioctl+0xfc/0x170 [ 515.917320][T14092] do_syscall_64+0xfa/0x3b0 [ 515.917339][T14092] ? lockdep_hardirqs_on+0x9c/0x150 [ 515.917357][T14092] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 515.917371][T14092] ? clear_bhb_loop+0x60/0xb0 [ 515.917386][T14092] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 515.917400][T14092] RIP: 0033:0x7fc19838ebe9 [ 515.917414][T14092] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 515.917428][T14092] RSP: 002b:00007fc19927b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 515.917443][T14092] RAX: ffffffffffffffda RBX: 00007fc1985b5fa0 RCX: 00007fc19838ebe9 [ 515.917455][T14092] RDX: 0000000000000006 RSI: 0000000000004c06 RDI: 0000000000000003 [ 515.917464][T14092] RBP: 00007fc198411e19 R08: 0000000000000000 R09: 0000000000000000 [ 515.917474][T14092] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 515.917482][T14092] R13: 00007fc1985b6038 R14: 00007fc1985b5fa0 R15: 00007fc1986dfa28 [ 515.917498][T14092] [ 516.479217][ T30] kauditd_printk_skb: 105 callbacks suppressed [ 516.479235][ T30] audit: type=1326 audit(1755029812.617:1623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14093 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77ec18ebe9 code=0x7ffc0000 [ 516.510834][ T30] audit: type=1326 audit(1755029812.617:1624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14093 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77ec18ebe9 code=0x7ffc0000 [ 516.532950][ T30] audit: type=1326 audit(1755029812.617:1625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14093 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=173 compat=0 ip=0x7f77ec18ebe9 code=0x7ffc0000 [ 516.555079][ T30] audit: type=1326 audit(1755029812.617:1626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14093 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77ec18ebe9 code=0x7ffc0000 [ 516.577540][ T30] audit: type=1326 audit(1755029812.617:1627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14093 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77ec18ebe9 code=0x7ffc0000