last executing test programs: 10m52.60289061s ago: executing program 2 (id=3556): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='netlink_extack\x00', r0}, 0x10) bpf$LINK_DETACH(0x22, &(0x7f0000000000)=r1, 0x4) 10m52.349448708s ago: executing program 2 (id=3562): unshare(0x24020400) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) r0 = socket$kcm(0x21, 0x2, 0x2) sendmsg$inet(r0, &(0x7f0000002780)={0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @multicast2, @empty}}}, @ip_retopts={{0x10, 0x110, 0xc}}], 0x30}, 0x0) 10m51.905924573s ago: executing program 2 (id=3568): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xa0000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@host}) ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r0, 0x7a5, &(0x7f00000000c0)={{@local}, 0x1}) 10m51.611677841s ago: executing program 2 (id=3575): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20) unlinkat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x200) 10m51.469111743s ago: executing program 2 (id=3578): r0 = fsopen(&(0x7f0000000040)='configfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) fchownat(r1, &(0x7f0000000080)='.\x00', 0x0, 0x0, 0x0) 10m50.609466361s ago: executing program 2 (id=3599): bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000180)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8000000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r0}, 0x10) tgkill(0x0, 0x0, 0x3d) 10m50.27537588s ago: executing program 32 (id=3599): bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000180)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8000000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r0}, 0x10) tgkill(0x0, 0x0, 0x3d) 4m26.348775137s ago: executing program 4 (id=11779): r0 = fanotify_init(0x2, 0x1) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000340)='.\x00', 0x0, 0x124) fanotify_mark(r0, 0x541, 0x1023, r1, 0x0) r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000340)='.\x00', 0x0, 0x124) mknodat$null(r2, &(0x7f0000000000)='./file1\x00', 0x1000, 0x103) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) readv(r3, 0x0, 0x0) 4m26.144699177s ago: executing program 4 (id=11783): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) poll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x80cd}], 0x1, 0x7) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000040)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x12, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0xc, 0xa13ca8e5839881ac, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) 4m26.029373254s ago: executing program 4 (id=11785): bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) socket(0x9, 0x7, 0x2) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b19, &(0x7f0000000000)={'pim6reg1\x00', @link_local}) r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0x10) ioctl$sock_netdev_private(r0, 0x8914, &(0x7f0000000000)) r1 = syz_init_net_socket$rose(0xb, 0x5, 0x0) ioctl$sock_rose_SIOCADDRT(r1, 0x890b, &(0x7f0000000380)={@dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x6, @bcast, @bpq0, 0x4, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @default, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}) 4m25.932095727s ago: executing program 4 (id=11791): mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000480)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x1c5008, 0x0) mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f00000002c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}) 4m25.838430155s ago: executing program 4 (id=11794): socket$nl_route(0x10, 0x3, 0x0) r0 = syz_io_uring_setup(0x4175, &(0x7f0000000180)={0x0, 0x136f, 0x10000, 0xa, 0x2d2}, 0x0, 0x0) ioctl$IOMMU_IOAS_MAP(0xffffffffffffffff, 0x3b85, &(0x7f00000002c0)={0x28, 0x4, 0x0, 0x0, &(0x7f0000000280), 0x0, 0x2}) io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r0, 0x13, &(0x7f0000000000)=[0x2, 0x9a800000], 0x2) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) r1 = io_uring_setup(0x9, &(0x7f0000000040)={0x0, 0x20c8a1, 0x1c881, 0x0, 0x3b6}) io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0) 4m24.877153358s ago: executing program 4 (id=11818): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b) mount$bpf(0x200000000000, &(0x7f0000000440)='./file0/../file0\x00', 0x0, 0x989046, 0x0) mount$bpf(0x0, &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x100000, 0x0) mount$bpf(0x200000000000, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x989046, 0x0) mount$bpf(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x84000, 0x0) syz_clone(0x126400, 0x0, 0x0, 0x0, 0x0, 0x0) mount$bpf(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x84000, 0x0) 4m24.676216891s ago: executing program 33 (id=11818): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b) mount$bpf(0x200000000000, &(0x7f0000000440)='./file0/../file0\x00', 0x0, 0x989046, 0x0) mount$bpf(0x0, &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x100000, 0x0) mount$bpf(0x200000000000, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x989046, 0x0) mount$bpf(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x84000, 0x0) syz_clone(0x126400, 0x0, 0x0, 0x0, 0x0, 0x0) mount$bpf(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x84000, 0x0) 3m54.233054964s ago: executing program 3 (id=12386): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000280)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c) sendto$inet6(r0, &(0x7f00000001c0)="a6e2976b5c4383036d32dadd2e144d8645ca8d1b230e105614396838da83c754887e7bea2f35d4ea667817d90d532af065f2e398dd9081ea16f8b371a202a6f9e505bbc964a0d3880bf0104a0a0a2f0d311efee1637e85a0125b38f961918f99bf9c2c146e42327f178dc2b3d4936e7f7f0a79f74ba464d83ab41742d1186776dc1779b5c50ac82d0fa8f9e42074b5b6079207fb21e718080907964669be539791e3e98687ee059853", 0xfffffffffffffcc1, 0x840, 0x0, 0x56) sendmmsg$inet6(r0, &(0x7f0000000b80)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000c80)="0b0ec2a1e3fc84788972f461fec29e0fe5be85ea822a7348bd54a57f68a85a2284ad43c367bae5f7bd6c1e1d9017109e232e5bb561d280b32fa2b07a0cd31f1b8b9acdc89d4d5725350a9ec9303e53def89bcb6bb6ea83324927b43749f25be60c4f8707382b8e3062032c28dcccb784fdcfe6f2febd55e05bf1ccb63237c1d1bea4db828a5be79e518cf55a88e130609528b8aff64359e76eee93584aad3f751172c449fb", 0xa5}, {&(0x7f0000000680)="5f62f632763c84825847145170282f67ba6d5dadf0baf135d503e93a17ee560409202f4c5f0de32b0e53e4d26d04c825d923318fd574b1924b09ebb91d5be30b532a2fb95030c6be2a14ccfbce6eef05ea88d2413dc3fc0ae8a2e071f8764a4843611ae28b34d2ffddefd03d8799429f33741886bd6c4065bba5005d74f67508dc3434165b51bf8f73bf1a7c15de8905e518e8c72584d2007c26fcbf6f548de70f8b", 0xa2}, {&(0x7f0000000740)="dfd1db04f5eef4b5714a69f5392e27d1b79a961a16fbdc4f01a9e38a1f95f939a209f049ad8d4f9447506fd73cec26b8246758f684013c99b717e119d15432e9d46da8a0c25e7e3771b0b146e56d2fcf8107332acc1c56948171260ed44c97919f70210c914c1098c9ac622d46f0ffae373480c9d8e590395ea4365569b8ea75ea1a9a181cfa88541804ec97980211c9b7eb2235d6f0b644fd31dda9bc2cc99434e0df4934d0", 0xa6}, {&(0x7f0000000c40)="a405df87c6e89abd7ae7e6b8550f9923917c9d38e14a4e9ace3100b34d0056282b7ed43e9c", 0x25}, {&(0x7f0000000800)="f76c72c4066a174e1300da0da7d191a618fc5793ff23c6328c6d61df0a2fb72441d4ded25cf7b5f31eb5d65e412665a6177f09ca3ac5cfd751577dec547711dc43b694a601fcb6575547ee6ec2a01c32b65d3429fbb9623a83d457d3ddea9eb90ab14b6b323a9358af0b55cff95844d5b47f6994a72f984e19e961cc00f6e364e141c8", 0x83}, {&(0x7f00000008c0)="4b000ffd096c1b77cd99b1458609c4b82100375ca9411e734cc8e9627df29e9b97a002d7f15ea9f42bd71401384ed6b5772b5c618c35c4aab72b1d515ceada9e64d7a35fd435e98f06243fcd53966c196ff3f47537912a1a5dec7e8e1fbf4543d1a6c80467d6ba3d241e3fd22efa09c638c98b4ce9fbe6d2053fcfa334eaee64efad2d349f048afb2635ae06c05697746fe073ed230c9c7c4643396305424c1c7eaa3ee09891995a607de26be9abcd2b65a4f9093da8a07eea61b1ff21ea3b323b191f95b997cfdface3dc21a664e38896f9f689bc06f4800d5c977102358770b0d8425f098be9383b5e487e7165e847191d5e95233e971edd", 0xf9}, {&(0x7f0000002380)="a66554178426362975b882a7d6b43fe537b6b0036a966a05363793ec2f6830cc5b81e514b9cbe4c27c3f3a581556b832100a4233e3e80fda14dd84611893300a863a8a6f6d8e0c7633e168ad7e25d4bd14ba6812101488e9444165b8100d576a996fec019ae11a03498329bcbacd0e8a206bd0de0c7e09f64a57d56974599f09aa148b4224dcffe1b5a1e55bbc1fdae8bf2f72437cf399c4cda11554b21158e3ddb00ddb71a1bd1daa50d631b027238397d692214223af1d685e7a3318da65c9233eba674ff72097411ef3ee19b892b1b36eeb925a6698f4d455b02163a3504ee6accffad7aaf9d19763d886272559ef0501594ea23d45a43e13bba05d7d332750ce5d9d3b37d234f46464fcc5f495e0fae02a24efd67db315c92f9483196bd38b38b3675bc0de5873f9d7b01ee5c564f5573b474e3c9f3b955929d9112007049e4245d68b93f365a90d35c837cc13999f2d6a23be87786e4234d74b1160669c7962b3b413201192565fb93252c153dd735e280e01d13dc34468f67684a4308c7dbe07687e0f56fa54f44b0141895ad75781ca026d813e8c17794b9d87d97136d29aced71b1f526dfab6301b78f1deab7949c97cce6616f4afd46a331e2fb54342dd1964c70a2717f4239c9e5157ac93c42d05f230da440a9227f0f82ee95cc79ca2d3da3f889b37f85f50d75711a910a57d213edb4b981cde33e01ec960885f31511ed7f8e01ddd36d76e1b1e40e81cd21ef9c34134400fdd94e34e5d77f4b7ca3612663e0f6b364be4a9dc775f3b12386ec04960524a9a5e6879e50db657c89a7dc7ec1f919ba8c77e926538599e7969868a5ef3e92817a3402c13de0efcb9fef445ee49f4b0ed26c5dbadff51459d5229661e4b7d2548c9ea4ce89b828daf5f5873e1d9e693ba037fc00ccc3dd74096c0f1ea508ee96ad7d85664947193e011e2f037917af7716d7f27cac25c9785f13baddfeba40997af5f6f4029cf5b781b654a635ee8696078d99025012cbad5af13bc26e2d100726fc98c11f8f16057a8506f29cf30bcf9ab7883ad1708d11bf70ee54fced84c69d90eb302e8aff586c0b25893e09868426cb4649145ede32035c47360fba7fe863cb00b86f583090c5b8d8549ba62cb822ed182fc07f029a826b5c86dccd603408bfc060c80c8ae21be086998f45923e1fe36eea10a66a55cc9f3cb6a296535dabc831fefe26b80ee47c723c596c51e1d7c073df20874eef79a291934c4c6a7c6b656595fc76b25d0d50590c1df29d59842a19a6acd60e783069aa0c21d792129132d59d12cd4417583dc967d7d44f392770da18e30a70a330e7b05aebf09e93aa545ca382a29f810e8a4efc0fffd3660f76892c2027daccfd743734c359bacaec86e4f15ca31b83894b67b3a3539cb5567bbcacd9a52c9b8d87252ddab0dbdd373f7150b87893fa4b6c5e6016f2146471f092a2cf4c75b6ed08a2f27f9f68d1817d7e782c0fa3026fd4e283b6b23bff2a9d84f5cdea217ce396080b623fe6d5da91fcab0e563b8c54af99007f6680efc9fdcd35d1d2ad8539ee04744e38c750114de55b80192c5d6aee8cbc34a47426bb22a9e3e2fcb87530c418a65fad7d5fbb15f569a69fc2cb92dad8f574330fdf2aa6033d1be037d5e3e964ff01329c43401bc86a72025288100ce86c053b922e9a7a692912bca4dabfc0e3a8966a65c96d3a420809c2d600928546a4ea26ff7100081f3ca8a70c64b3a4fc33b3e2546ff4a43502d448f2c0b274a244d32c955b02d897b1c53a2724ff886a1ccc91ea3a22dbd1f5f3f2e33db9ac9aae458a27e2a529ac2d8671f0e30df63a5d1a579b8f5a68f4a53fb4f3f76d41bee8e10635606f2a7fde9af7bd0df3ab9750b0c6c962fbc36e9474e3efac01ea98a4fe6e0f819d62dcde2b9b77fb0d430495ee042d1e70a52debb0d13b09906f77327dd4ccfe2b6796f9aa5e5b2fa9b2249c66b49cd7e1cbdb194c239d7e2e0928a45c8c55904cd345c5d8b92a5526ff51b5c2e477089eeb16cb3996c243c66a82f4349370ac26bef5d900ec582f274cc38b0258993de6cc79574fdacb895721fd4d04f84c4d89e109629f48a24fb3241882f154a35ae6659e0bb35af409c51cb11a26413be88a1e5ae1e8d2b1333a6c80c42c654f269dd875aa7f19517f62b8e031f11bdb11bafcf4b4f06496142579f7769ee41dd24701cd3ed016030f7d5cf24a4cfdcd9b05e38524cd1a81e16b948672329bd111f7442bdc81b68b36495b5f4aa44d7c2fdea8703849a17f7d3327086355ca3b36c10eb38556bf95b3575ba32b97f268af1f1347ed28368828124361f6c1e6b64e6ba9efc3094d50bb049c35db5ea2b3c76576b1a8f37da0711436048ae443523032497e542c04458f04cfffd11c53c431065c20e8add72c0c31caeec12d0bf391fa1c0a75e23d39c31da409083f768f545090b05c54084ffc5d7fd85cea725807638f4ab0026204452a8c198cc60133ce00e9a2b9ebeb30d7f33a1bb25cb2948bf44288cce43b6ac13012d8860fce83d9a0f6f1886723f41130466186ac56d5384bfd04fe87c67528996c1ee1ad8e551dda563e75d5dc8ac6a47990a62c915dc23f4ae6596dcfdb44661de969aec7f6d3fa8f05e106a8db7abeb3682bdc8e87aefbb09e642b2cef2919ddc55ded8dbce0606d3c4a0747a293a991b8cd832381c30813b887a22c2df569c12c430cf7471578eb787acab65b54569bece6921805af9ac41b268ce329a25bacdb02f8f3c4ef930f1799ff940f42c21955ddd5496234d62447d1c9d8e0cc7bb8fd5ca5e9fa2ef99105a4d44d6ce37532407fcccc4e71103baa0c7ff1767e05762424d9301294daa95523792cb73b348c41ec713d19c2b917a4dc50be3f0742762e5055cd6ebb3afa2b89a94c6a921e039ddaee98fc7a961a5e415322bd4b333d83768ee8945f29556f94372a16285cb1ff103640d93b837861f1d0d9e65fe35583b6f76889e7d09a2cdf3c2ef305a0f6d205deedee94ac602974fa58284e33aee55947a7a042abf0759ec8c1410493114454320b5003f23dac1c600a471ff09bdbf5bb40be87a69d388592241d9989f0435eeede193e6994b80a2145eca4afb5e691341e37e4580b0c54d7fc506cc9641020cd342a85fe56946e49854756ae6534edd03de881481e11701851f0f30fedbfcf335c3855c8d9541ef234f8718fbb0d9f127093a3e7c1d49d8a20729ab41a0118683b7044ee490d7137bebbbbfb245d5e30356e102eda0052a37cca70c221475b5c596f68c745701dc6e31f7846270bcd516ded5d0b4666b249a32f0acb1b8a7de8e6f007ee740561f64b7f30b4764ec5116a1eda1526225ddd01b1d999ff17d0798be47e3a5957011aa6e03318897ce1c452b78f9badf89098fe696894953581b01ceffc4fa0eefd654df9ea70b1f2f1e287192a5a20a381e8fad0fb99814208970902fdd28cf6a6457d7873a76359e226e5b203bd6f85bea30cb0ab5817e1b32fbbbd33a4e67f3771b7256a3a9ec20dae8a248af32a909bb5ec28f0f85722b81151f0f0a500a5c39c36476ac42c30bcb68a61a13141541ec54d895f0d7ca1afb728202e77f2f85170a3c2de378f1cfa0c2d1b0353f5d2fd0537017dc5510232a7a27a444476bbca2b84394639cf8ded35568868f9dcfa445b33c694aa8696d899afdf0d98a542e6a3c0212480ef3063ae0b8bcaa133978e9ebd76a3ccf652b0022b3cc7f1c9f2731c1c08f45fc84f7dade8471f6855e3005d75390e36a6646b8ac0dd5da9f9ef4bc35639ac96280bc47a547c0941af4516278b66469c7fc22932cbb2ac92cc12745bdf4ab4411d48396120f0e397ff6c22c54873296a897928d0158a5e63e6d48016cb4af44a3d71296acffe59241a8537f8b2cbc88b8ee2f4090e8e16b8af4700a60d0c199cc45cedf8dfe9a78ddd8637f7a9cfc16b078b1f9acfb8cb35f94b7564b1e23904e40dd5bdef1c78397457c05dd1108c3257bfda2e36b31969e8642c825c9dafe2fa4ee2708023c26255e6c41c2c873923e98eb1397dbc51324dfbec7943a5564fa815b9492d53c6cf6d42cd07165ae54e81f7989f2e406a13bea4df4d4a6971d81a4492e5703b6ba1f21ca5ffd68cdb15a713abd70d411e64d873b9f36ced7f354273c5c9782dd8a410ac28fee250f4b82095f4ab7a5c5a7d57114b6196cc2accdb44e39351a5d7c2c519ff861db8e4a368fdc1c5459f2b4cef0076d9b57b9ba2e76b3d8b87a515fc5c777d7e8023ef898fcf31365abc3e0a1307fa85f29d3c8a7e70d58b1228e8376c212ffb76f895aadedcf3f70bddcc347473dba5602d7734c4e9a2054cd3763acbb7fe82155d4a50e6a72d917b22b16ea8abd987834b4b1b04556e5442b1b643fa842a08ab5d860715b250447170c8d30829730a53974b6554a6454bab2eeda2966cc13a02a2b2c2e157ccd1795bcbc9c7bec370d9f492745b7c03c5ba21a45ff6bbba064ec83ec2ea5", 0xc72}], 0x7}}], 0x1, 0x8800) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x604ab000) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, &(0x7f0000001380)=""/4080, 0xfffffffffffffdcc, 0x0, 0x0, 0xffffffffffffff29}, &(0x7f0000000000)=0x40) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000100)={&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff78, 0x0, 0x0}, &(0x7f0000000340)=0x40) 3m53.841038628s ago: executing program 3 (id=12396): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder0\x00', 0x2, 0x0) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, 0x0) r2 = dup3(r1, r0, 0x0) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x4, 0x0, &(0x7f0000000140)="d2ffb49e"}) timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=0x0) fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r3, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) 3m53.5960433s ago: executing program 3 (id=12404): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x1}, 0x1c) ioctl$int_in(r0, 0x5452, &(0x7f0000000040)=0x8000) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x131) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x13, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020642500000000002020007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18) socket$packet(0x11, 0xa, 0x300) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000d00)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946e06bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112b0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01ac69398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ef6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b27663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b6214912a517810200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3800000000000000009c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488a0200000000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e4a59414329a7c7f2fad6bc871f5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561fe589e0d12969bc982ff3f0000006c0c6c747d9a1cc500bb89283a16ff10feea20bdac0000000000000000ca06f256a55591019465f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ee40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734837ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a6d072034cecc457776c5fa1f33b0203c07052c6bc314b0ac5c63bc2083c9cda0b7480e0b17854ffcc76176ce266bc698f7921b8afe798a7a5ed33ab0374455ee368fda99a0e681bf9426831b193395cb01a7332a50aac841cb7d48a1768a7640a9820631ba775a3dc4e97f7fda840bcdd3afaa0d7c3c229de4f0f4ac4d04f1a4e52e38325ca2e5f1f9caaa7234053eca09ec3c8c16940bc3edfb2e016f355391c0e7"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03076844268cb89e14f008004be0ffff00124000632f77fbac141416ac14141604089f034d2f87e5440c05ab845013f2325f1a39018603038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000}, 0x2c) 3m52.909353618s ago: executing program 3 (id=12422): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) poll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x80cd}], 0x1, 0x7) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000040)=ANY=[], 0x118) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000200)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x12, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x4, 0xa13ca8e5839881aa, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) 3m52.737419202s ago: executing program 3 (id=12426): mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') r0 = open(&(0x7f0000000000)='.\x00', 0x800000, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x324) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000140)='devtmpfs\x00', 0xa, 0x0) mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x401, &(0x7f0000003540)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x40049366, 0x0) 3m52.596757737s ago: executing program 3 (id=12431): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0a000000020000000200000004"], 0x2d) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000500), 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, 0xffffffffffffffff}, &(0x7f0000000580), &(0x7f0000000300)}, 0x20) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000100000000010"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x19, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000a17000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) 3m37.328393111s ago: executing program 34 (id=12431): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0a000000020000000200000004"], 0x2d) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000500), 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, 0xffffffffffffffff}, &(0x7f0000000580), &(0x7f0000000300)}, 0x20) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000100000000010"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x19, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000a17000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) 3m36.951506498s ago: executing program 6 (id=12749): r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x15}}, 0x6}, 0x1c) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0x106}, 0x1c) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000180)='veth0_macvtap\x00', 0x10) r2 = fcntl$dupfd(r1, 0x0, r1) sendmsg$TIPC_NL_NAME_TABLE_GET(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x4040011) sendmsg$NL80211_CMD_GET_PROTOCOL_FEATURES(r2, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000600)={0x14, 0x0, 0x300, 0x70bd26, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x50}, 0x40001) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 3m34.99210824s ago: executing program 6 (id=12753): r0 = epoll_create1(0x80000) close(0x3) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4) bind$inet(r1, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) connect$inet(r1, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10) sendmmsg(r1, &(0x7f0000007fc0), 0x800001d, 0x0) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) r2 = epoll_create1(0x80000) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000100)={0xb000000d}) 3m31.475987473s ago: executing program 6 (id=12759): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000008"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f0000000ac0)=@base={0xa, 0x7, 0x2, 0x4, 0x2}, 0x50) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000b00)={r1, 0x2000002, 0xe, 0x0, &(0x7f0000000200)="df33c9f7b9a60000000100000000", 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) 3m28.833166617s ago: executing program 6 (id=12765): mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='trans=f']) chdir(0x0) mknodat$loop(0xffffffffffffff9c, 0x0, 0x80, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="02"], 0x10}}, 0x8890) close(r2) socket$key(0xf, 0x3, 0x2) write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x8) 3m25.329558335s ago: executing program 6 (id=12771): syz_usb_connect(0x3, 0x1c, 0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$can_bcm(0x1d, 0x2, 0x2) r2 = socket(0x1d, 0x2, 0x6) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000000)={'vxcan0\x00', 0x0}) bind$can_j1939(r2, &(0x7f0000000100)={0x1d, r3, 0x2, {0x3}}, 0x18) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vxcan0\x00', 0x0}) syz_genetlink_get_family_id$tipc2(&(0x7f0000000180), r2) sendmsg$TIPC_NL_KEY_SET(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)=ANY=[], 0x14}}, 0x10) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=@getchain={0x24, 0x11, 0x1, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r4, {0x8}, {0x7, 0xf}, {0x0, 0xf}}}, 0x24}, 0x1, 0x0, 0x0, 0x44060}, 0x98) 3m17.762479692s ago: executing program 6 (id=12778): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socketpair$unix(0x1, 0x1, 0x0, 0x0) r2 = syz_io_uring_setup(0x1104, &(0x7f0000000300)={0x0, 0x0, 0x80, 0x0, 0x8000021e}, &(0x7f00000001c0)=0x0, &(0x7f0000000040)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f0000000380)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x200, 0x0, 0x1}) io_uring_enter(r2, 0x504b, 0x0, 0x0, 0x0, 0x0) 3m1.094926485s ago: executing program 35 (id=12778): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socketpair$unix(0x1, 0x1, 0x0, 0x0) r2 = syz_io_uring_setup(0x1104, &(0x7f0000000300)={0x0, 0x0, 0x80, 0x0, 0x8000021e}, &(0x7f00000001c0)=0x0, &(0x7f0000000040)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f0000000380)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x200, 0x0, 0x1}) io_uring_enter(r2, 0x504b, 0x0, 0x0, 0x0, 0x0) 2m11.221454262s ago: executing program 5 (id=12874): openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045) r0 = io_uring_setup(0x1978, &(0x7f0000000040)={0x0, 0xca72, 0x1cc90, 0x0, 0x20002fb}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000280)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c) sendto$inet6(r1, &(0x7f00000001c0)="a6", 0x1, 0x840, 0x0, 0x0) r2 = socket$inet(0x2, 0x80001, 0x84) syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)={0x130}}) getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000300)=0x8) fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffffb) io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0) 2m8.857467543s ago: executing program 5 (id=12879): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f00000000c0)=@req={0x8000, 0xb4f, 0x300, 0x1daf6}, 0x10) setsockopt$packet_rx_ring(r0, 0x107, 0x5, 0x0, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f00002db000/0x4000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0) mremap(&(0x7f00005a7000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f00004fe000/0x4000)=nil) mremap(&(0x7f0000ef9000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000ffc000/0x4000)=nil) mremap(&(0x7f00006bd000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000721000/0x4000)=nil) mremap(&(0x7f00007b2000/0x4000)=nil, 0x4000, 0x3000, 0x3, &(0x7f0000968000/0x3000)=nil) mremap(&(0x7f000046b000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000769000/0x1000)=nil) mremap(&(0x7f0000b89000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f00006e6000/0x3000)=nil) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='maps\x00') read$FUSE(r1, &(0x7f0000000940)={0x2020}, 0x2020) 1m55.873383474s ago: executing program 5 (id=12893): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x40, 0x7ffc1ffb}]}) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) poll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x80cd}], 0x1, 0x7) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r3, &(0x7f0000000040)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x12, r3, 0x0) ioctl$KVM_X86_SETUP_MCE(r3, 0x4008ae9c, &(0x7f0000000000)={0x4, 0xa13ca8e5839881aa, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) 1m54.786777054s ago: executing program 5 (id=12896): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x2e, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000400)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1, 0x0, 0xfffe}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @log={{0x8}, @val={0x4}}}, {0x18, 0x1, 0x0, 0x1, @byteorder={{0xe}, @val={0x4}}}]}]}], {0x14}}, 0xc8}}, 0x0) 1m50.859819679s ago: executing program 5 (id=12901): bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, 0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f00000000c0)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_DAT_CACHE(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)={0x1c, r4, 0x305, 0x0, 0x0, {0x7}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x24044080) 1m49.648804191s ago: executing program 5 (id=12902): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0) preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0) getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, &(0x7f0000000240)) ioctl$KVM_RUN(r3, 0xae80, 0x0) setrlimit(0xf, &(0x7f0000000000)={0x1, 0x5}) openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1) mount$9p_fd(0x0, 0x0, 0x0, 0x84, 0x0) 1m34.089558627s ago: executing program 36 (id=12902): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0) preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0) getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, &(0x7f0000000240)) ioctl$KVM_RUN(r3, 0xae80, 0x0) setrlimit(0xf, &(0x7f0000000000)={0x1, 0x5}) openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1) mount$9p_fd(0x0, 0x0, 0x0, 0x84, 0x0) 10.512025678s ago: executing program 0 (id=13037): socket$nl_xfrm(0x10, 0x3, 0x6) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8f}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) read$FUSE(0xffffffffffffffff, &(0x7f0000000080)={0x2020, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x2020) write$binfmt_elf32(r1, &(0x7f0000002180)=ANY=[@ANYBLOB="7f454c46040c02050f0000000000000002003e00f7267d0e65"], 0x58) getpriority(0x2, r2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f0000000280)=@abs={0x0, 0x0, 0x4e23}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000480)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0xff, 0x7fff0010}]}) ioctl$SECCOMP_IOCTL_NOTIF_ID_VALID(r5, 0x40082102, &(0x7f0000000080)) 10.498362246s ago: executing program 0 (id=13039): syz_open_procfs(0x0, &(0x7f00000003c0)='net/mcfilter6\x00') prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mount$binderfs(0x0, 0x0, 0x0, 0x4000, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$EBT_SO_SET_ENTRIES(r3, 0x0, 0x80, &(0x7f00000001c0)=@broute={'broute\x00', 0x20, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000100], 0x0, 0x0, &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x30, 0x40, 0x107, 0xfffffffc, 0x10000, {0x1, 0x7c}, [@nested={0x4, 0x142}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}]}, @nested={0xc, 0x2, 0x0, 0x1, [@nested={0x8, 0x17, 0x0, 0x1, [@nested={0x4, 0x13}]}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000) 10.430572488s ago: executing program 1 (id=13040): r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) r1 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000ac0), 0x400, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000200)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0) r2 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x2) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) bind$inet(0xffffffffffffffff, 0x0, 0x0) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x10008095, 0x0, 0x0) recvmmsg(r2, 0x0, 0x0, 0x10000, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, &(0x7f0000000b00)={0x4, "abacd211119ca94c633774262eb5ab2c7b9c5cff6ce78185d8c4dc064744e042", 0xffffffffffffffff}) ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000f40)={0x8, "b546baa5cc590d3033de259c2996817bb959ebab028deda525e19bdeffafde25", 0xffffffffffffffff}) ioctl$SYNC_IOC_MERGE(r4, 0xc0303e03, &(0x7f0000000780)={"d1ed39d88b014076ab94c1fb10628c46d2e681cdb9e581a38ebb0ddd5f307e56", r5, 0xffffffffffffffff}) ioctl$SYNC_IOC_FILE_INFO(r6, 0x40103e05, &(0x7f0000000180)={""/32, 0x0, 0x0, 0x0, 0x0, 0x0}) 7.981554849s ago: executing program 1 (id=13041): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) io_uring_register$IORING_REGISTER_CLONE_BUFFERS(0xffffffffffffffff, 0x1e, 0x0, 0x1) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r2, 0x0, 0x0) writev(r2, 0x0, 0x0) connect$inet6(r0, 0x0, 0x0) getsockopt$inet6_mreq(r0, 0x29, 0x1, 0x0, &(0x7f0000001380)) ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, 0x0) sendmsg$ETHTOOL_MSG_EEE_GET(0xffffffffffffffff, 0x0, 0x2000e443) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) close(0x3) 7.955250565s ago: executing program 0 (id=13042): mount$9p_fd(0x0, 0x0, &(0x7f0000000040), 0x420, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) ioperm(0x9, 0x9, 0x7) mknodat$loop(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1000, 0x1) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) open(&(0x7f00009e1000)='./file0\x00', 0x149040, 0x10) sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x2) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) r3 = socket(0x2b, 0x1, 0x1) setsockopt$inet6_mreq(r3, 0x29, 0x1e, &(0x7f00000000c0)={@mcast2}, 0x14) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4) rt_sigqueueinfo(0x0, 0x28, 0x0) 5.542496923s ago: executing program 1 (id=13043): openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x3, &(0x7f0000000740)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1802, 0x0) keyctl$set_reqkey_keyring(0xe, 0x7) request_key(&(0x7f0000000340)='asymmetric\x00', &(0x7f0000000080)={'syz', 0x3}, 0x0, 0x0) bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0) syz_open_dev$evdev(0x0, 0x2, 0x0) 5.435405449s ago: executing program 0 (id=13044): socket$nl_route(0x10, 0x3, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00'}) ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, 0x0) ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, 0x0) r1 = socket$inet_mptcp(0x2, 0x1, 0x106) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10) connect$inet(r1, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10) writev(r1, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x1) shutdown(r1, 0x1) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 3.682784171s ago: executing program 0 (id=13045): mkdir(0x0, 0x101) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() ptrace$ARCH_SHSTK_UNLOCK(0x1e, 0x0, 0x2, 0x5004) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r3, 0x84, 0xb, &(0x7f0000000280)={0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0xe) shutdown(r3, 0x3dc3d3e8ab26e36b) shutdown(r3, 0x0) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r3, 0x84, 0x7b, &(0x7f0000000300)={0x0, 0x1}, &(0x7f00000006c0)=0x8) r4 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r4, 0x4601, &(0x7f0000000100)={0x280, 0xdc2d74cc3fed45ee, 0x0, 0x800, 0xbbba, 0x0, 0x18, 0x2, {}, {0x0, 0xfffffffd, 0xfffffffe}, {0x4, 0xffff0000}, {0x1000000}, 0x0, 0x3f0, 0x8, 0xd413, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, 0x0, 0x9}) 3.681927529s ago: executing program 1 (id=13046): syz_usb_connect(0x1, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e40010203030902240001a823000009040000"], &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]}) r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$HIDIOCSUSAGES(0xffffffffffffffff, 0x501c4814, &(0x7f0000000dc0)={{0x1, 0x3, 0x9, 0x800, 0x5, 0x5}, 0x8d, [0x7, 0x93b, 0x6, 0x1, 0x1, 0xb8a, 0x2f, 0x100, 0x5, 0x7, 0x7, 0x5, 0x41d4, 0x83, 0x4, 0xffffffff, 0x9, 0x1000, 0x77e4, 0xffff0c56, 0x3, 0x1, 0x0, 0x40, 0x9, 0x200, 0x69, 0x4, 0x0, 0x6, 0x3, 0x7, 0x8, 0x8, 0xa522, 0x100, 0xfffffff8, 0x80000001, 0x0, 0x40, 0x1, 0x6, 0x1, 0x7fffffff, 0x5eb9, 0x5, 0x9c05, 0x800000c, 0x401, 0x4, 0x75, 0x817, 0xb, 0x3, 0xda90, 0x7, 0xf, 0xbc4b, 0x106, 0xfd, 0x81, 0x6, 0x101, 0x39, 0xffffff7f, 0x6, 0x5, 0x5, 0x77, 0xfffffffd, 0x0, 0x9, 0x73f, 0x5, 0x8, 0x4, 0x3, 0xffffffff, 0x5, 0x26be23d3, 0x7, 0x2, 0x9, 0x8, 0xdd2, 0xdd2, 0x3, 0x4, 0x2, 0xfff, 0x80000001, 0x9, 0x4, 0x0, 0x3, 0x2, 0x2, 0x5, 0x2, 0x1, 0x80000001, 0x7, 0x0, 0x40, 0x5, 0x101, 0x8, 0x9, 0x334c230c, 0x6, 0x4, 0xfffffff9, 0x8, 0x3, 0xffff0000, 0x7, 0x2, 0xffffffff, 0x4, 0x3, 0x4, 0x4, 0x3f, 0x81, 0x3, 0x400, 0x4, 0x984, 0x1, 0x6, 0x7, 0x8001, 0x1ff, 0x2a3, 0x6d, 0x1, 0x10000, 0x5, 0x80000000, 0x1d01e, 0x1, 0x3, 0xfffffffb, 0x8, 0x63, 0x400, 0x5, 0x401, 0x4, 0xfff, 0x0, 0x9, 0x3, 0x8, 0xfffffff9, 0x2, 0x80000000, 0x3, 0xc, 0x1, 0xad, 0x100, 0x144, 0x2, 0xfffffffc, 0x2, 0x5, 0x0, 0x5, 0x9, 0x1, 0x4, 0x1000, 0x974, 0x5, 0x6, 0x8, 0x5, 0x88, 0x1000, 0x0, 0x1, 0x2, 0x5, 0x9, 0x0, 0x57a, 0x1, 0x0, 0x6, 0x9, 0x5c, 0x6, 0x9, 0xd22, 0x2, 0x7, 0x10, 0x8, 0xffffffff, 0x2149, 0xf, 0x26a02622, 0x7fff, 0x8, 0x8, 0x7ff, 0x5, 0x8, 0x81, 0x8, 0xff, 0x5, 0xfffffffa, 0x2, 0x2, 0xffff, 0xf, 0x5, 0x7, 0x5, 0x100, 0x1e06, 0xf, 0xdf2, 0x0, 0xbb, 0xfff, 0x400, 0x2, 0x80000000, 0x7, 0x8, 0xf9b, 0x8, 0x7ff, 0x7, 0x3ff, 0x9, 0x5, 0xcff, 0x9, 0xb7, 0x1, 0xff, 0x4, 0x5, 0x10, 0x1, 0x92a, 0x3, 0x5, 0xd, 0x5, 0x101, 0x6, 0x7fff, 0x800, 0x3, 0x4, 0x0, 0x7f, 0x200, 0x20, 0x7, 0x1000000, 0x0, 0x7f, 0x53, 0x8, 0x8, 0x5, 0x2, 0xf, 0xd81c, 0x840, 0x1, 0x9, 0x2, 0x81, 0x9, 0x3, 0x5, 0x1000, 0x8, 0x7, 0x94, 0x7, 0x8, 0x8001, 0x56f71053, 0x1, 0x867, 0x3ff, 0x40, 0x6, 0x3, 0xfff, 0x5, 0x197, 0x9, 0x6, 0x5, 0x6, 0x7, 0x0, 0xffff, 0x3, 0x1ff, 0x400, 0x3, 0xd42, 0x9, 0x5, 0x1ff, 0x4, 0x9, 0xbec, 0x5, 0x7, 0x3, 0x5, 0x64000000, 0x2, 0x1e, 0x3a, 0x6, 0x5, 0x18000, 0x2, 0xffff, 0x9, 0x6, 0x9, 0x0, 0xe4f, 0x1fffc000, 0x27b7, 0xe, 0x9, 0x9, 0x5, 0xd, 0x5, 0x7f, 0x76, 0x9, 0xc4fe, 0x9, 0x3, 0x7, 0x8, 0x87, 0x1, 0x4, 0x6, 0x40, 0x9, 0x8, 0x1, 0x6, 0x8, 0xc75e, 0x4, 0x6, 0x1b, 0xfd3, 0x2, 0x3, 0x9, 0x10, 0x4, 0x5d2f, 0x5, 0x1b, 0x3ff, 0x5, 0x8, 0x6, 0xc000000, 0x5c, 0x9, 0x541b, 0xce, 0x6, 0x4, 0x69f, 0x3, 0x5, 0x7, 0x4, 0x200, 0x7, 0x8, 0x2323, 0xfffffff7, 0xffff, 0x7ff, 0x4, 0xd, 0xffffff42, 0x89, 0x80000001, 0x3ff, 0x3, 0x554, 0xde, 0x0, 0x400, 0x3, 0x9, 0x800, 0x7cb3aca3, 0x6, 0x6, 0x4, 0xf8000000, 0x1, 0xfffffff9, 0x9, 0xffffffff, 0x0, 0x3, 0x10000, 0x4, 0x3, 0x8001, 0x8, 0xbb, 0x5, 0xf548, 0x3, 0x36c, 0xffffffff, 0x10, 0x676, 0xe67, 0x88, 0x808, 0x560, 0x6db5, 0xa7b, 0x2, 0x4, 0x9, 0x3, 0x4, 0xffffffff, 0x6, 0xed2, 0x24bdaad2, 0x9, 0x4, 0x3, 0x1, 0xd599, 0x2, 0x6c51, 0x2, 0x0, 0x0, 0x2, 0xfce6, 0xf, 0xcd0, 0x4, 0xf, 0x0, 0x9, 0x5, 0x200, 0x6, 0x5, 0x2, 0x7, 0x17, 0xc36, 0x0, 0x8fbb, 0x3, 0x5, 0x0, 0x8, 0x8, 0x1, 0x8, 0x1000001, 0x45d8, 0x9, 0x0, 0x60000, 0x7, 0x2, 0xfffffff1, 0x6, 0x2, 0xfffffd67, 0x2, 0x4, 0x5, 0x3, 0x800, 0x10, 0xa, 0xb12c, 0x5ce, 0x1, 0xfffffffd, 0xf9c8, 0x0, 0x80f4, 0x10000, 0x3, 0x8, 0x2, 0x7, 0x5, 0x8, 0x401, 0x7, 0x10, 0x0, 0x6b, 0x100, 0x8, 0x2, 0x2, 0x5273, 0xe45f, 0x10, 0x0, 0x8, 0x4, 0x7, 0x7, 0x6, 0x4, 0x8e8b, 0x5, 0x3, 0x7, 0x3, 0xe535, 0x80, 0x5, 0x6, 0x0, 0x3, 0xff, 0x7fffffff, 0x5, 0x1, 0xa, 0x4, 0x1, 0x31, 0x0, 0xee1, 0x10001, 0x3, 0xfffffffc, 0x4, 0x1, 0x6f9, 0x7, 0xb26c, 0xb, 0x0, 0xfffffff3, 0x8, 0x8, 0x3, 0x6, 0xfd, 0x3, 0x3d, 0x6, 0x80000001, 0x5, 0x7, 0x1, 0xffffffff, 0x6, 0x3d29, 0x4, 0x7, 0x8, 0xb04, 0x3, 0xea6, 0x9, 0x101, 0x4, 0x1400, 0xfffffeff, 0x7, 0x2, 0x4, 0x8, 0x7, 0xe, 0x2, 0xc, 0x2, 0x2, 0x64c1, 0x80000000, 0x200, 0x2, 0xfffffffd, 0x1, 0x91, 0x8001, 0x401, 0x781d, 0x80, 0xfffff5b0, 0x8, 0x3, 0x8, 0xfff, 0xcd800000, 0x9, 0x6, 0x0, 0x5b5, 0x7, 0x10, 0x2, 0x5, 0x10001, 0xc, 0x9e9, 0x53, 0xfffffdd5, 0xc, 0xc00, 0x40, 0x401, 0xf2a6, 0x7, 0x3, 0x2, 0x80000001, 0x3800000, 0x0, 0x3ff, 0x3, 0x7fffffff, 0x4, 0x0, 0x1, 0xf, 0x7, 0xa84d, 0x3, 0xaf, 0xaf72, 0x5f, 0x1, 0xe, 0x6, 0x9, 0x5, 0x7, 0x3, 0x5, 0x3, 0x40, 0x1000, 0x75f1, 0x4, 0x3, 0x1, 0xfffffffd, 0x4, 0x8, 0x10, 0x80, 0x2, 0x6, 0x6, 0xe, 0xc, 0x3, 0x2, 0xd, 0x5, 0xfffff3f2, 0x6, 0x8, 0x3, 0x6, 0x5, 0x3, 0x101, 0x8, 0xbd, 0xa, 0x8, 0xffffed34, 0x8000, 0x2, 0x7, 0x7, 0x55f4727b, 0xd, 0x3b, 0x5, 0x8, 0xffffffff, 0x4, 0x81, 0x6, 0xb, 0x2, 0xa53, 0xff, 0x0, 0x2, 0x5, 0x3233, 0xff, 0x6, 0x2, 0x9, 0x1, 0x0, 0x3ff, 0x5, 0x8, 0x40, 0x0, 0x40, 0x88, 0x5, 0x80, 0x4, 0xd0000000, 0x8, 0x4, 0x5, 0x5, 0x7, 0x0, 0x0, 0x76b, 0xbb, 0x2, 0x5, 0x7fff, 0x9, 0xa, 0x5, 0x80, 0x4, 0x8, 0x8, 0x1f, 0x1, 0x3, 0x4, 0xd126, 0x7, 0x5, 0x0, 0x0, 0x8, 0x4, 0x1, 0x5, 0xfffffffa, 0x8, 0x270b, 0x5, 0x7fff, 0x4, 0x5, 0x6, 0x3, 0x4, 0x13f, 0x0, 0xc906, 0x6, 0x100, 0x4, 0x3, 0x3, 0x7f, 0x2b, 0x4, 0x3, 0x3, 0x8001, 0x46f, 0x19f1, 0x6, 0x20, 0x2, 0x2, 0x6, 0x5, 0x5, 0x401, 0x5, 0x6, 0x5, 0x7, 0xb, 0x200, 0x6, 0x9, 0x7, 0x5, 0x1, 0x7f, 0x9, 0xc3b, 0xfdf5, 0x0, 0x3, 0x0, 0xf, 0x1, 0x800, 0x4f35, 0x1, 0x18, 0x5, 0x0, 0x6, 0xaa5, 0x800, 0x9, 0x7, 0x800, 0x8, 0xfffffffb, 0xff, 0x5, 0x1000, 0x8, 0x81, 0x6, 0x80, 0x9, 0x8, 0x5, 0x8, 0x8, 0x100, 0x5, 0x10, 0x3, 0x7, 0x82, 0x4, 0x40, 0xabde, 0x1, 0xb, 0x8, 0x5, 0x8, 0x7f, 0x100, 0x8, 0x9, 0x6, 0x80000001, 0x2, 0x8, 0x2, 0x7fff, 0x3, 0x6, 0x4, 0x5, 0x3, 0x0, 0x1, 0x8, 0x59, 0x1, 0x0, 0x48, 0xaa19, 0xc, 0x401, 0x1, 0x401, 0x8, 0xc11, 0x4, 0x0, 0x7, 0x2, 0x7f, 0x0, 0x1, 0xc0000, 0x7, 0x4, 0xef47, 0x3, 0x1, 0x0, 0x2, 0x1, 0x0, 0xe14f, 0x5, 0x7, 0x8, 0x7fffffff, 0x7f, 0xffffffff, 0xffffff88, 0x400, 0x7fffffff, 0x10, 0x5, 0x9, 0x5, 0x0, 0xff, 0x0, 0x8, 0x3, 0x5, 0xfffffffc, 0x9, 0x1, 0x9, 0xfffffffe, 0x40, 0x3, 0x7, 0x0, 0x1, 0x2, 0x6, 0x81, 0x4, 0x401, 0x6, 0x5, 0x3, 0x0, 0xd, 0x6, 0xc, 0x2, 0x1, 0xfffffe5c, 0x40, 0x0, 0x9, 0x24, 0x1ff, 0x4, 0xe92, 0x5, 0x6e3, 0x4, 0xff, 0x0, 0xdf, 0x5, 0x7, 0x100, 0x3ac9, 0x10001, 0xae27, 0x80, 0x5, 0x7, 0x7fff, 0x0, 0xb, 0x4, 0xffffff12, 0x1, 0x0, 0x9, 0x331d, 0x5, 0xb9, 0x7, 0x4, 0x4, 0x9, 0x6cf3, 0x8, 0x7, 0xf, 0x9, 0x9, 0xffff, 0x8000, 0x1, 0x2, 0x2, 0xdc0, 0x5, 0x100, 0x9, 0x1, 0xfffffff8, 0x800, 0x3, 0x0, 0x9, 0x644d, 0x93, 0xb0, 0x2, 0x3ff, 0x800, 0xfffffff7, 0x2, 0x0, 0xff]}) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x1, 0x5, 0x9, 0x84, 0x144}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000dc0)={0xffffffffffffffff, 0x0, &(0x7f00000000c0), &(0x7f0000000d40), 0x21800, r4}, 0x38) bpf$MAP_LOOKUP_BATCH(0x19, &(0x7f0000000800)={0x0, &(0x7f0000000840)=""/121, &(0x7f0000000680), &(0x7f0000000540), 0x6c, r4}, 0x38) read(r0, 0x0, 0x0) pwrite64(r0, &(0x7f0000000440)="7de2", 0x2, 0x4) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 3.001451187s ago: executing program 1 (id=13047): bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400"], 0x48) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) write$FUSE_BMAP(0xffffffffffffffff, &(0x7f00000000c0)={0x18, 0x0, 0x0, {0xfffffffffffffffe}}, 0x18) socket(0x9, 0x7, 0x2) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x0) syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0x10) r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) ioctl$sock_rose_SIOCADDRT(r0, 0x890b, &(0x7f0000000380)={@dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x6, @bcast, @bpq0, 0x4, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @default, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}) r1 = syz_init_net_socket$rose(0xb, 0x5, 0x0) connect$rose(r1, &(0x7f0000000200)=@short={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x1, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}}, 0x1c) connect$rose(r1, &(0x7f0000000180)=@full={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x1, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @default, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast]}, 0x40) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 3.001064822s ago: executing program 0 (id=13048): socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0xff) socket$netlink(0x10, 0x3, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="09000000070000000080000001"], 0x48) syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x40980, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$packet(0x11, 0x2, 0x300) openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1802, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_netfilter(0x10, 0x3, 0xc) r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) socket$inet6_udp(0xa, 0x2, 0x0) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x40000012}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000180)={0x300, 0x1, &(0x7f0000000340)=[r1], &(0x7f0000000040)=[0x1], &(0x7f0000000200), &(0x7f0000000240), 0x0, 0x7f}) 0s ago: executing program 1 (id=13049): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r0, 0x8) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r1, 0x220c) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r2, 0x3) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r3, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r4, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r5, 0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r6, 0x0) r7 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r7, &(0x7f0000000040)=[{&(0x7f0000000200)="580000001400192340834b80040d8c560a0677bc45ff810500000000000058000b480400945f64009400050028925a01000000000000008000f0fffeffe809000000fff5dd0000001000010002081000418e00000004fcff", 0x7d}], 0x1) syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r7) kernel console output (not intermixed with test programs): [ 490.241564][T21152] sec_pagetables:0 bounce:0 [ 490.241564][T21152] kernel_misc_reclaimable:0 [ 490.241564][T21152] free:1302044 free_pcp:4882 free_cma:0 [ 490.241617][T21152] Node 0 active_anon:1028kB inactive_anon:19376kB active_file:66016kB inactive_file:154024kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:117160kB dirty:1180kB writeback:0kB shmem:3892kB kernel_stack:14108kB pagetables:4876kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 490.241661][T21152] Node 1 active_anon:0kB inactive_anon:0kB active_file:200kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB kernel_stack:48kB pagetables:184kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 490.241701][T21152] Node 0 DMA free:15356kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 490.241756][T21152] lowmem_reserve[]: 0 2515 2517 2517 2517 [ 490.241787][T21152] Node 0 DMA32 free:1291840kB boost:0kB min:3944kB low:6492kB high:9040kB reserved_highatomic:0KB free_highatomic:0KB active_anon:1028kB inactive_anon:19376kB active_file:66016kB inactive_file:154024kB unevictable:1536kB writepending:1180kB zspages:0kB present:3129332kB managed:2576100kB mlocked:0kB bounce:0kB free_pcp:19528kB local_pcp:11232kB free_cma:0kB [ 490.241843][T21152] lowmem_reserve[]: 0 0 1 1 1 [ 490.241873][T21152] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 490.241923][T21152] lowmem_reserve[]: 0 0 0 0 0 [ 490.241954][T21152] Node 1 Normal free:3900980kB boost:0kB min:6360kB low:10468kB high:14576kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:200kB inactive_file:0kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 490.242007][T21152] lowmem_reserve[]: 0 0 0 0 0 [ 490.242037][T21152] Node 0 DMA: 1*4kB (U) 1*8kB (U) 1*16kB (U) 1*32kB (U) 1*64kB (U) 1*128kB (U) 1*256kB (U) 1*512kB (U) 0*1024kB 1*2048kB (M) 3*4096kB (M) = 15356kB [ 490.242484][T21152] Node 0 DMA32: 826*4kB (UM) 430*8kB (ME) 213*16kB (UME) 209*32kB (UME) 195*64kB (UME) 141*128kB (UM) 57*256kB (UME) 24*512kB (ME) 9*1024kB (M) 6*2048kB (UME) 292*4096kB (UM) = 1291784kB [ 490.242627][T21152] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 490.242720][T21152] Node 1 Normal: 225*4kB (UME) 50*8kB (UME) 48*16kB (UME) 205*32kB (UME) 96*64kB (UME) 29*128kB (UME) 14*256kB (UME) 8*512kB (UM) 2*1024kB (ME) 1*2048kB (E) 945*4096kB (M) = 3900980kB [ 490.245276][T21152] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 490.245291][T21152] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 490.245305][T21152] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 490.245320][T21152] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 490.245334][T21152] 56413 total pagecache pages [ 490.245350][T21152] 0 pages in swap cache [ 490.245356][T21152] Free swap = 124996kB [ 490.245363][T21152] Total swap = 124996kB [ 490.245453][T21152] 2097051 pages RAM [ 490.245460][T21152] 0 pages HighMem/MovableOnly [ 490.245467][T21152] 421000 pages reserved [ 490.245473][T21152] 0 pages cma reserved [ 491.521069][T21232] netlink: 'syz.0.7200': attribute type 1 has an invalid length. [ 491.766411][ T5888] usb 5-1: new high-speed USB device number 39 using dummy_hcd [ 491.948779][ T5888] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 491.948811][ T5888] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 491.948831][ T5888] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 491.948870][ T5888] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 491.948891][ T5888] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 491.958420][ T5888] usb 5-1: config 0 descriptor?? [ 492.392731][ T5888] plantronics 0003:047F:FFFF.0036: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 492.519085][T21252] bridge_slave_0: left allmulticast mode [ 492.519114][T21252] bridge_slave_0: left promiscuous mode [ 492.519403][T21252] bridge0: port 1(bridge_slave_0) entered disabled state [ 492.646613][ T10] usb 5-1: USB disconnect, device number 39 [ 492.655120][T21252] bridge_slave_1: left allmulticast mode [ 492.655144][T21252] bridge_slave_1: left promiscuous mode [ 492.655394][T21252] bridge0: port 2(bridge_slave_1) entered disabled state [ 492.789522][T21252] bond0: (slave bond_slave_0): Releasing backup interface [ 492.867905][T21252] bond0: (slave bond_slave_1): Releasing backup interface [ 492.948765][T21252] team0: Port device team_slave_0 removed [ 492.992960][T21252] team0: Port device team_slave_1 removed [ 492.994041][T21252] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 492.994064][T21252] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 493.049326][T21252] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 493.049344][T21252] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 493.106310][ T10] usb 4-1: new full-speed USB device number 43 using dummy_hcd [ 493.108980][T21252] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 493.275642][ T10] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 493.275698][ T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 493.275724][ T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 493.275744][ T10] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5 [ 493.323708][ T10] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 493.323738][ T10] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 493.323756][ T10] usb 4-1: Manufacturer: syz [ 493.354482][ T10] usb 4-1: config 0 descriptor?? [ 493.694606][ T10] rc_core: IR keymap rc-hauppauge not found [ 493.694627][ T10] Registered IR keymap rc-empty [ 493.694782][ T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 493.706338][ T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 493.728328][ T10] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0 [ 493.731334][ T10] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input49 [ 493.760464][ T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 493.776404][ T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 493.796615][ T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 493.816652][ T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 493.836359][ T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 493.856351][ T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 493.876549][ T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 493.896368][ T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 493.920997][ T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 493.936628][ T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 493.956303][ T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 493.980434][ T10] mceusb 4-1:0.0: Registered 424242424242 with mce emulator interface version 1 [ 493.980521][ T10] mceusb 4-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 494.040560][ T10] usb 4-1: USB disconnect, device number 43 [ 494.192411][T21256] infiniband syz1: set down [ 494.192430][T21256] infiniband syz1: added veth1_to_bond [ 494.194993][T21256] syz1: rxe_create_cq: returned err = -12 [ 494.195059][T21256] infiniband syz1: Couldn't create ib_mad CQ [ 494.195256][T21256] infiniband syz1: Couldn't open port 1 [ 494.318149][T21256] RDS/IB: syz1: added [ 494.320373][T21256] smc: adding ib device syz1 with port count 1 [ 494.320737][T21256] smc: ib device syz1 port 1 has no pnetid [ 494.694586][T21326] netlink: 104 bytes leftover after parsing attributes in process `syz.5.7243'. [ 494.890974][ T37] kauditd_printk_skb: 4 callbacks suppressed [ 494.890990][ T37] audit: type=1326 audit(750.724:595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21331 comm="syz.5.7247" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fdaa9f8efc9 code=0x0 [ 495.317147][T21348] tap0: tun_chr_ioctl cmd 1074025675 [ 495.317165][T21348] tap0: persist enabled [ 497.466284][ T5888] usb 6-1: new high-speed USB device number 15 using dummy_hcd [ 497.627059][ T5888] usb 6-1: Using ep0 maxpacket: 8 [ 497.638790][ T5888] usb 6-1: config 0 has an invalid interface number: 246 but max is 0 [ 497.638816][ T5888] usb 6-1: config 0 has no interface number 0 [ 497.656645][ T5888] usb 6-1: New USB device found, idVendor=2040, idProduct=d300, bcdDevice=16.b3 [ 497.656672][ T5888] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 497.656689][ T5888] usb 6-1: Product: syz [ 497.656702][ T5888] usb 6-1: Manufacturer: syz [ 497.656713][ T5888] usb 6-1: SerialNumber: syz [ 497.708543][ T5888] usb 6-1: config 0 descriptor?? [ 498.102405][ T5888] msi2500 6-1:0.246: Registered as swradio24 [ 498.102426][ T5888] msi2500 6-1:0.246: SDR API is still slightly experimental and functionality changes may follow [ 498.105297][ T5888] usb 6-1: USB disconnect, device number 15 [ 498.747045][T21468] netlink: 830 bytes leftover after parsing attributes in process `syz.3.7310'. [ 498.976285][ T5888] usb 6-1: new high-speed USB device number 16 using dummy_hcd [ 499.097964][ T994] usb 4-1: new high-speed USB device number 44 using dummy_hcd [ 499.136286][ T5888] usb 6-1: Using ep0 maxpacket: 32 [ 499.139540][ T5888] usb 6-1: config 0 interface 0 has no altsetting 0 [ 499.142693][ T5888] usb 6-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e [ 499.142717][ T5888] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 499.142735][ T5888] usb 6-1: Product: syz [ 499.142747][ T5888] usb 6-1: Manufacturer: syz [ 499.142759][ T5888] usb 6-1: SerialNumber: syz [ 499.153984][ T5888] usb 6-1: config 0 descriptor?? [ 499.266250][ T994] usb 4-1: Using ep0 maxpacket: 32 [ 499.268622][ T994] usb 4-1: config 155 has an invalid descriptor of length 0, skipping remainder of the config [ 499.268673][ T994] usb 4-1: config 155 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82 [ 499.268696][ T994] usb 4-1: config 155 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 499.268720][ T994] usb 4-1: config 155 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 11 [ 499.275099][ T994] usb 4-1: New USB device found, idVendor=15c2, idProduct=ffdc, bcdDevice=bd.30 [ 499.275122][ T994] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 499.275138][ T994] usb 4-1: Product: syz [ 499.275149][ T994] usb 4-1: Manufacturer: syz [ 499.275161][ T994] usb 4-1: SerialNumber: syz [ 499.375672][ C0] imon 4-1:155.0: imon usb_rx_callback_intf0: status(-71) [ 499.390018][ T994] input: iMON Panel, Knob and Mouse(15c2:ffdc) as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:155.0/input/input50 [ 499.561953][ T5888] gs_usb 6-1:0.0: Configuring for 1 interfaces [ 499.606594][T21512] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7330'. [ 499.616212][ T994] imon 4-1:155.0: Unknown 0xffdc device, defaulting to VFD and iMON IR [ 499.616230][ T994] (id 0x00) [ 499.787629][ T994] rc_core: IR keymap rc-imon-pad not found [ 499.787651][ T994] Registered IR keymap rc-empty [ 499.790627][ T994] imon 4-1:155.0: Looks like you're trying to use an IR protocol this device does not support [ 499.790647][ T994] imon 4-1:155.0: Unsupported IR protocol specified, overriding to iMON IR protocol [ 499.819801][ T994] rc rc0: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:155.0/rc/rc0 [ 499.822879][ T994] input: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:155.0/rc/rc0/input51 [ 499.878231][ T994] imon 4-1:155.0: iMON device (15c2:ffdc, intf0) on usb<4:44> initialized [ 499.966790][ T5888] gs_usb 6-1:0.0: Couldn't register candev for channel 0 (-EINVAL) [ 500.016677][ T5888] gs_usb 6-1:0.0: probe with driver gs_usb failed with error -22 [ 500.028082][ T5790] usb 4-1: USB disconnect, device number 44 [ 500.190980][ T5789] usb 6-1: USB disconnect, device number 16 [ 501.453274][ T1319] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.759150][T21616] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7375'. [ 501.961539][T21629] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7386'. [ 501.961670][T21629] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 502.294914][T21629] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 504.053053][T21743] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7440'. [ 504.516662][ T5790] usb 4-1: new high-speed USB device number 45 using dummy_hcd [ 504.664514][T21783] loop8: detected capacity change from 0 to 8 [ 504.667907][ T5790] usb 4-1: Using ep0 maxpacket: 32 [ 504.670148][ T5790] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 504.673252][ T5790] usb 4-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 504.673329][ T5790] usb 4-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 504.673348][ T5790] usb 4-1: Product: syz [ 504.673360][ T5790] usb 4-1: Manufacturer: syz [ 504.673372][ T5790] usb 4-1: SerialNumber: syz [ 504.700597][T21783] loop8: [POWERTEC] p1 p2 p3 p4 p5 p6 p7 p8 p9 p10 p11 p12 [ 504.700720][T21783] loop8: p1 start 2326872309 is beyond EOD, truncated [ 504.700739][T21783] loop8: p2 start 3994694935 is beyond EOD, truncated [ 504.700754][T21783] loop8: p3 start 2435593795 is beyond EOD, truncated [ 504.700768][T21783] loop8: p4 start 3352088862 is beyond EOD, truncated [ 504.700782][T21783] loop8: p5 start 1844049555 is beyond EOD, truncated [ 504.700795][T21783] loop8: p6 start 4271555474 is beyond EOD, truncated [ 504.700809][T21783] loop8: p7 start 20667868 is beyond EOD, truncated [ 504.700823][T21783] loop8: p8 start 1135147739 is beyond EOD, truncated [ 504.700851][T21783] loop8: p9 start 3162079919 is beyond EOD, truncated [ 504.700865][T21783] loop8: p10 start 1377202111 is beyond EOD, truncated [ 504.700880][T21783] loop8: p11 start 2997376130 is beyond EOD, truncated [ 504.700894][T21783] loop8: p12 start 2903780680 is beyond EOD, truncated [ 504.703528][ T5790] usb 4-1: config 0 descriptor?? [ 504.704529][T21759] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 504.935746][ T5790] usb 4-1: USB disconnect, device number 45 [ 505.106526][ T994] usb 5-1: new high-speed USB device number 40 using dummy_hcd [ 505.177586][T21812] netlink: 240 bytes leftover after parsing attributes in process `syz.5.7472'. [ 505.256476][ T994] usb 5-1: Using ep0 maxpacket: 32 [ 505.265202][ T994] usb 5-1: config 0 has an invalid interface number: 67 but max is 0 [ 505.265226][ T994] usb 5-1: config 0 has no interface number 0 [ 505.289119][ T994] usb 5-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 505.289146][ T994] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 505.289163][ T994] usb 5-1: Product: syz [ 505.289173][ T994] usb 5-1: Manufacturer: syz [ 505.289184][ T994] usb 5-1: SerialNumber: syz [ 505.294339][ T994] usb 5-1: config 0 descriptor?? [ 505.339468][ T994] smsc95xx v2.0.0 [ 505.367261][T14287] wlan0: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 505.968817][ T31] kernel read not supported for file /rfkill (pid: 31 comm: kworker/1:0) [ 506.335998][ T994] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000034: -71 [ 506.336026][ T994] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_DATA [ 506.336940][ T994] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71 [ 506.337229][ T994] smsc95xx 5-1:0.67: probe with driver smsc95xx failed with error -71 [ 506.347692][ T5790] kernel read not supported for file /1300/attr/prev (pid: 5790 comm: kworker/1:4) [ 506.390274][ T994] usb 5-1: USB disconnect, device number 40 [ 506.513076][ T9] kernel write not supported for file bpf-prog (pid: 9 comm: kworker/0:0) [ 507.463498][T21930] netlink: 80 bytes leftover after parsing attributes in process `syz.3.7534'. [ 507.560429][T21934] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 507.651091][T21940] erspan0: entered promiscuous mode [ 508.713951][T22007] netlink: 104 bytes leftover after parsing attributes in process `syz.5.7568'. [ 508.798242][T22003] nbd0: detected capacity change from 0 to 549764202496 [ 508.804119][ T5809] block nbd0: Receive control failed (result -32) [ 509.782092][T22065] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 510.001767][T22077] netlink: 'syz.3.7601': attribute type 10 has an invalid length. [ 510.001788][T22077] netlink: 152 bytes leftover after parsing attributes in process `syz.3.7601'. [ 511.511640][T22162] syzkaller1: entered promiscuous mode [ 511.511664][T22162] syzkaller1: entered allmulticast mode [ 512.443498][ T9] kernel read not supported for file /input/mouse0 (pid: 9 comm: kworker/0:0) [ 514.756811][T22344] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7730'. [ 514.758161][T22344] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7730'. [ 514.818993][T22344] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7730'. [ 515.236292][ T5790] usb 5-1: new high-speed USB device number 41 using dummy_hcd [ 515.386255][ T5790] usb 5-1: Using ep0 maxpacket: 8 [ 515.388733][ T5790] usb 5-1: config 179 has an invalid interface number: 65 but max is 0 [ 515.388754][ T5790] usb 5-1: config 179 has no interface number 0 [ 515.388797][ T5790] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 515.388819][ T5790] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 515.388844][ T5790] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 515.388865][ T5790] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 515.388887][ T5790] usb 5-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 515.388925][ T5790] usb 5-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 515.388942][ T5790] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 515.437506][T22383] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 515.510024][T22360] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 515.932725][ T5790] input: Generic X-Box pad as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:179.65/input/input52 [ 516.014270][T22360] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 516.020619][T22360] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 516.176303][ T10] usb 6-1: new high-speed USB device number 17 using dummy_hcd [ 516.231185][ T9] usb 5-1: USB disconnect, device number 41 [ 516.231299][ C1] xpad 5-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 516.231365][ C1] xpad 5-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 516.326329][ T10] usb 6-1: Using ep0 maxpacket: 32 [ 516.334111][ T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 516.334140][ T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 516.335689][ T10] usb 6-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00 [ 516.335713][ T10] usb 6-1: New USB device strings: Mfr=32, Product=0, SerialNumber=0 [ 516.335732][ T10] usb 6-1: Manufacturer: syz [ 516.347993][ T10] usb 6-1: config 0 descriptor?? [ 516.777320][ T10] ft260 0003:0403:6030.0037: unknown main item tag 0x7 [ 516.985052][ T10] ft260 0003:0403:6030.0037: failed to retrieve chip version [ 516.985454][ T10] ft260 0003:0403:6030.0037: probe with driver ft260 failed with error -71 [ 516.993551][ T10] usb 6-1: USB disconnect, device number 17 [ 517.825459][T22497] 8021q: adding VLAN 0 to HW filter on device bond1 [ 518.055131][T22510] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 518.325079][T22519] can0: slcan on ttyS3. [ 518.500816][T22519] can0 (unregistered): slcan off ttyS3. [ 518.606328][ T9] usb 6-1: new high-speed USB device number 18 using dummy_hcd [ 518.746460][ T37] audit: type=1326 audit(774.574:596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22551 comm="syz.3.7830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ae6b5efc9 code=0x7ffc0000 [ 518.746799][ T37] audit: type=1326 audit(774.584:597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22551 comm="syz.3.7830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f2ae6b5efc9 code=0x7ffc0000 [ 518.747067][ T37] audit: type=1326 audit(774.584:598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22551 comm="syz.3.7830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ae6b5efc9 code=0x7ffc0000 [ 518.747691][ T37] audit: type=1326 audit(774.584:599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22551 comm="syz.3.7830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7f2ae6b5efc9 code=0x7ffc0000 [ 518.747942][ T37] audit: type=1326 audit(774.584:600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22551 comm="syz.3.7830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ae6b5efc9 code=0x7ffc0000 [ 518.748716][ T37] audit: type=1326 audit(774.584:601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22551 comm="syz.3.7830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ae6b5efc9 code=0x7ffc0000 [ 518.756251][ T9] usb 6-1: Using ep0 maxpacket: 32 [ 518.758708][ T9] usb 6-1: config 0 has an invalid interface number: 1 but max is 0 [ 518.758730][ T9] usb 6-1: config 0 has no interface number 0 [ 518.761316][ T9] usb 6-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8 [ 518.761339][ T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 518.761356][ T9] usb 6-1: Product: syz [ 518.761369][ T9] usb 6-1: Manufacturer: syz [ 518.761381][ T9] usb 6-1: SerialNumber: syz [ 518.769519][ T9] usb 6-1: config 0 descriptor?? [ 518.774304][ T9] usb 6-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state [ 518.774337][ T9] usb 6-1: selecting invalid altsetting 1 [ 518.774354][ T9] usb 6-1: dvb_usb_ce6230: usb_set_interface() failed=-22 [ 518.794093][ T9] usb 6-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 518.794472][ T9] dvbdev: DVB: registering new adapter (Intel CE9500 reference design) [ 518.794518][ T9] usb 6-1: media controller created [ 518.869459][ T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 519.264191][T22572] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7837'. [ 519.993888][T22611] netlink: 'syz.3.7858': attribute type 29 has an invalid length. [ 519.995425][T22611] netlink: 'syz.3.7858': attribute type 29 has an invalid length. [ 520.007033][ T9] usb 6-1: dvb_usb_ce6230: usb_control_msg() failed=-110 [ 520.007099][ T9] zl10353_read_register: readreg error (reg=127, ret==-110) [ 520.016639][T22611] netlink: 500 bytes leftover after parsing attributes in process `syz.3.7858'. [ 520.017571][T22611] unsupported nla_type 58 [ 520.151893][ T9] usb 6-1: USB disconnect, device number 18 [ 520.760637][ T10] kernel read not supported for file bpf-prog (pid: 10 comm: kworker/0:1) [ 521.973007][T22710] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 523.065033][T22779] macsec1: entered promiscuous mode [ 523.065053][T22779] bridge0: entered promiscuous mode [ 523.065958][T22779] bridge0: port 3(macsec1) entered blocking state [ 523.096551][T22779] bridge0: port 3(macsec1) entered disabled state [ 523.096792][T22779] macsec1: entered allmulticast mode [ 523.128554][T22779] macsec1: left allmulticast mode [ 523.211056][T22779] bridge0: left promiscuous mode [ 523.729731][T22809] netlink: 136 bytes leftover after parsing attributes in process `syz.3.7953'. [ 523.729753][T22809] A link change request failed with some changes committed already. Interface wlan1 may have been left with an inconsistent configuration, please check. [ 524.473763][T22862] netlink: 12 bytes leftover after parsing attributes in process `syz.5.7979'. [ 524.836257][ T9] usb 6-1: new high-speed USB device number 19 using dummy_hcd [ 524.992209][ T9] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 524.992243][ T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 524.992262][ T9] usb 6-1: Product: syz [ 524.992274][ T9] usb 6-1: Manufacturer: syz [ 524.992287][ T9] usb 6-1: SerialNumber: syz [ 525.049424][ T9] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 525.124558][ T10] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 525.945095][T22934] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8015'. [ 525.945122][T22934] netlink: 28 bytes leftover after parsing attributes in process `syz.3.8015'. [ 525.970840][T22934] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8015'. [ 525.970873][T22934] netlink: 28 bytes leftover after parsing attributes in process `syz.3.8015'. [ 526.502105][ T9] usb 6-1: USB disconnect, device number 19 [ 526.525982][ T10] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive [ 526.526205][ T10] ath9k_htc: Failed to initialize the device [ 526.592798][ T9] usb 6-1: ath9k_htc: USB layer deinitialized [ 526.614778][ C0] dummy_hcd dummy_hcd.5: timer fired with no URBs pending? [ 527.156406][ T9] usb 4-1: new high-speed USB device number 46 using dummy_hcd [ 527.312001][ T9] usb 4-1: config 1 interface 0 altsetting 127 bulk endpoint 0x81 has invalid maxpacket 64 [ 527.312030][ T9] usb 4-1: config 1 interface 0 altsetting 127 bulk endpoint 0x2 has invalid maxpacket 32 [ 527.312103][ T9] usb 4-1: config 1 interface 0 has no altsetting 0 [ 527.315076][ T9] usb 4-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.40 [ 527.315102][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 527.315120][ T9] usb 4-1: Product: syz [ 527.315132][ T9] usb 4-1: Manufacturer: syz [ 527.315144][ T9] usb 4-1: SerialNumber: syz [ 527.321639][T22969] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 527.321818][T22969] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 527.453724][T22991] netlink: 220 bytes leftover after parsing attributes in process `syz.5.8041'. [ 527.453760][T22991] netlink: 'syz.5.8041': attribute type 2 has an invalid length. [ 528.123599][T23018] loop8: detected capacity change from 0 to 8 [ 528.147155][T23018] Dev loop8: unable to read RDB block 8 [ 528.148531][T23018] loop8: unable to read partition table [ 528.151216][T23018] loop8: partition table beyond EOD, truncated [ 528.152467][T23018] loop_reread_partitions: partition scan of loop8 (þ被xü^>Ñà– ) failed (rc=-5) [ 528.384516][ T9] (unnamed net_device) (uninitialized): Assigned a random MAC address: 96:4f:f3:fb:90:1a [ 528.419536][ T9] rtl8150 4-1:1.0: eth5: rtl8150 is detected [ 528.441939][ T9] usb 4-1: USB disconnect, device number 46 [ 529.008182][T23068] netlink: 40 bytes leftover after parsing attributes in process `syz.5.8078'. [ 529.008213][T23068] netlink: 40 bytes leftover after parsing attributes in process `syz.5.8078'. [ 529.387315][T23091] netlink: 28 bytes leftover after parsing attributes in process `syz.5.8089'. [ 530.753844][T23167] netlink: 'syz.3.8126': attribute type 6 has an invalid length. [ 535.183718][T23395] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8234'. [ 535.270518][T23403] netlink: 28 bytes leftover after parsing attributes in process `syz.4.8241'. [ 536.863001][T23458] netlink: 4 bytes leftover after parsing attributes in process `syz.5.8265'. [ 539.130338][T23571] netlink: 24 bytes leftover after parsing attributes in process `syz.5.8317'. [ 539.130368][T23571] bond0: invalid ARP target 0.0.0.0 specified for addition [ 539.130387][T23571] bond0: option arp_ip_target: invalid value (0) [ 539.433934][ C1] vkms_vblank_simulate: vblank timer overrun [ 539.906565][ T10] usb 4-1: new high-speed USB device number 47 using dummy_hcd [ 540.056509][ T10] usb 4-1: Using ep0 maxpacket: 16 [ 540.058982][ T10] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 540.059009][ T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 540.077443][ T10] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 540.077470][ T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 540.077488][ T10] usb 4-1: Product: syz [ 540.077501][ T10] usb 4-1: Manufacturer: syz [ 540.077513][ T10] usb 4-1: SerialNumber: syz [ 540.133329][ T10] usb 4-1: config 0 descriptor?? [ 540.147453][ T10] em28xx 4-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 540.147484][ T10] em28xx 4-1:0.0: Audio interface 0 found (Vendor Class) [ 540.752540][ T10] em28xx 4-1:0.0: unknown em28xx chip ID (0) [ 540.753259][ T10] em28xx 4-1:0.0: Config register raw data: 0x9e [ 540.954214][ T10] em28xx 4-1:0.0: AC97 chip type couldn't be determined [ 540.954235][ T10] em28xx 4-1:0.0: No AC97 audio processor [ 540.961169][ T10] usb 4-1: USB disconnect, device number 47 [ 540.963482][ T10] em28xx 4-1:0.0: Disconnecting em28xx [ 540.966593][ T10] em28xx 4-1:0.0: Freeing device [ 541.886604][ T10] usb 5-1: new high-speed USB device number 42 using dummy_hcd [ 542.042002][ T10] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 542.042035][ T10] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 542.042072][ T10] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 542.042092][ T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 542.053556][T23672] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 542.056226][ T5789] usb 6-1: new high-speed USB device number 20 using dummy_hcd [ 542.071972][ T10] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 542.263630][ T5789] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 542.263659][ T5789] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 542.263693][ T5789] usb 6-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice=d6.af [ 542.263713][ T5789] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 542.282440][ T10] usb 5-1: USB disconnect, device number 42 [ 542.334296][ T5789] usb 6-1: config 0 descriptor?? [ 542.628148][ T37] audit: type=1326 audit(798.464:602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23686 comm="syz.3.8373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ae6b5efc9 code=0x7fc00000 [ 542.628281][ T37] audit: type=1326 audit(798.464:603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23686 comm="syz.3.8373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2ae6b5efc9 code=0x7fc00000 [ 542.628444][ T37] audit: type=1326 audit(798.464:604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23686 comm="syz.3.8373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ae6b5efc9 code=0x7fc00000 [ 542.628612][ T37] audit: type=1326 audit(798.464:605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23686 comm="syz.3.8373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ae6b5efc9 code=0x7fc00000 [ 542.628766][ T37] audit: type=1326 audit(798.464:606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23686 comm="syz.3.8373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ae6b5efc9 code=0x7fc00000 [ 542.628858][ T37] audit: type=1326 audit(798.464:607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23686 comm="syz.3.8373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ae6b5efc9 code=0x7fc00000 [ 542.628999][ T37] audit: type=1326 audit(798.464:608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23686 comm="syz.3.8373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ae6b5efc9 code=0x7fc00000 [ 542.629126][ T37] audit: type=1326 audit(798.464:609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23686 comm="syz.3.8373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ae6b5efc9 code=0x7fc00000 [ 542.629260][ T37] audit: type=1326 audit(798.464:610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23686 comm="syz.3.8373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ae6b5efc9 code=0x7fc00000 [ 542.629424][ T37] audit: type=1326 audit(798.464:611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23686 comm="syz.3.8373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ae6b5efc9 code=0x7fc00000 [ 542.761573][ T5789] playstation 0003:054C:0DF2.0038: unknown main item tag 0x0 [ 542.761608][ T5789] playstation 0003:054C:0DF2.0038: unknown main item tag 0x0 [ 542.761633][ T5789] playstation 0003:054C:0DF2.0038: unknown main item tag 0x0 [ 542.761658][ T5789] playstation 0003:054C:0DF2.0038: unknown main item tag 0x0 [ 542.761681][ T5789] playstation 0003:054C:0DF2.0038: unknown main item tag 0x0 [ 542.899165][ T5789] playstation 0003:054C:0DF2.0038: hidraw0: USB HID v1.01 Device [HID 054c:0df2] on usb-dummy_hcd.5-1/input0 [ 542.979839][ T5789] playstation 0003:054C:0DF2.0038: Invalid reportID received, expected 9 got 221 [ 542.979872][ T5789] playstation 0003:054C:0DF2.0038: Failed to retrieve DualSense pairing info: -22 [ 542.979923][ T5789] playstation 0003:054C:0DF2.0038: Failed to get MAC address from DualSense [ 542.979936][ T5789] playstation 0003:054C:0DF2.0038: Failed to create dualsense. [ 543.029752][ T5789] playstation 0003:054C:0DF2.0038: probe with driver playstation failed with error -22 [ 543.124448][T23730] tipc: Started in network mode [ 543.124477][T23730] tipc: Node identity ac1414aa, cluster identity 4711 [ 543.141503][T23730] tipc: Enabled bearer , priority 10 [ 543.227505][ T10] usb 6-1: USB disconnect, device number 20 [ 543.536944][T23738] netlink: 292 bytes leftover after parsing attributes in process `syz.3.8399'. [ 544.236622][ T9] tipc: Node number set to 2886997162 [ 544.796274][ T9] usb 5-1: new high-speed USB device number 43 using dummy_hcd [ 544.946265][ T9] usb 5-1: Using ep0 maxpacket: 32 [ 544.948646][ T9] usb 5-1: config 0 has an invalid interface number: 184 but max is 0 [ 544.948670][ T9] usb 5-1: config 0 has no interface number 0 [ 544.948716][ T9] usb 5-1: config 0 interface 184 has no altsetting 0 [ 544.953387][ T9] usb 5-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 544.953411][ T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 544.953430][ T9] usb 5-1: Product: syz [ 544.953441][ T9] usb 5-1: Manufacturer: syz [ 544.953454][ T9] usb 5-1: SerialNumber: syz [ 544.959756][ T9] usb 5-1: config 0 descriptor?? [ 545.020633][ T9] smsc75xx v1.0.0 [ 545.645071][ T9] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32 [ 545.645119][ T9] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 545.848768][ T9] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000010: -71 [ 545.848800][ T9] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read HW_CFG: -71 [ 545.848818][ T9] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71 [ 545.849102][ T9] smsc75xx 5-1:0.184: probe with driver smsc75xx failed with error -71 [ 545.856570][ T9] usb 5-1: USB disconnect, device number 43 [ 546.983312][T23912] input: syz0 as /devices/virtual/input/input55 [ 547.636299][ T31] usb 5-1: new high-speed USB device number 44 using dummy_hcd [ 547.799290][ T31] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 547.799319][ T31] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 547.799337][ T31] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 547.799374][ T31] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 547.799394][ T31] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 547.878630][ T31] usb 5-1: config 0 descriptor?? [ 548.341429][ T31] plantronics 0003:047F:FFFF.0039: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 548.573841][ T5875] usb 5-1: USB disconnect, device number 44 [ 548.760549][T23992] vivid-002: disconnect [ 548.763465][T23992] vivid-002: reconnect [ 549.606523][ T5809] Bluetooth: hci2: command 0x0c1a tx timeout [ 549.606667][ T9] Bluetooth: hci2: Opcode 0x0c1a failed: -110 [ 549.606683][ T9] Bluetooth: hci2: Error when powering off device on rfkill (-110) [ 549.836580][T24048] input: syz0 as /devices/virtual/input/input56 [ 550.249066][T24070] netlink: 'syz.5.8542': attribute type 10 has an invalid length. [ 550.301540][T24070] macvlan1: entered allmulticast mode [ 550.337234][T24070] veth1_vlan: entered allmulticast mode [ 550.361676][T24070] team0: Port device macvlan1 added [ 550.538543][T24086] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 551.686333][ T5809] Bluetooth: hci4: command 0x0405 tx timeout [ 551.686456][ T9] Bluetooth: hci4: Opcode 0x0c1a failed: -110 [ 551.686471][ T9] Bluetooth: hci4: Error when powering off device on rfkill (-110) [ 555.129603][ T9] Bluetooth: hci3: Opcode 0x0c1a failed: -110 [ 555.129627][ T9] Bluetooth: hci3: Error when powering off device on rfkill (-110) [ 555.208004][ T5809] Bluetooth: hci3: command 0x0406 tx timeout [ 556.039097][T24306] lo speed is unknown, defaulting to 1000 [ 557.172421][ T37] kauditd_printk_skb: 38 callbacks suppressed [ 557.172439][ T37] audit: type=1326 audit(813.004:650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24381 comm="syz.5.8666" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fdaa9f8efc9 code=0x0 [ 558.006313][ T5809] Bluetooth: hci1: command 0x0406 tx timeout [ 558.021642][ T9] Bluetooth: hci1: Opcode 0x0c1a failed: -110 [ 558.021665][ T9] Bluetooth: hci1: Error when powering off device on rfkill (-110) [ 558.209546][ T5875] usb 5-1: new high-speed USB device number 45 using dummy_hcd [ 558.360384][ T5875] usb 5-1: Using ep0 maxpacket: 8 [ 558.362924][ T5875] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 558.362976][ T5875] usb 5-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a [ 558.362998][ T5875] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 558.492415][ T5875] usb 5-1: config 0 descriptor?? [ 558.503343][ T5875] gspca_main: vc032x-2.14.0 probing 046d:0892 [ 559.509066][ T5875] gspca_vc032x: reg_r err -71 [ 559.509141][ T5875] vc032x 5-1:0.0: probe with driver vc032x failed with error -71 [ 559.525427][ T5875] usb 5-1: USB disconnect, device number 45 [ 560.466379][ T5888] usb 5-1: new high-speed USB device number 46 using dummy_hcd [ 560.639144][ T5888] usb 5-1: Using ep0 maxpacket: 32 [ 560.641584][ T5888] usb 5-1: config 0 has an invalid interface number: 51 but max is 0 [ 560.641607][ T5888] usb 5-1: config 0 has no interface number 0 [ 560.644620][ T5888] usb 5-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 560.644643][ T5888] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 560.644661][ T5888] usb 5-1: Product: syz [ 560.644673][ T5888] usb 5-1: Manufacturer: syz [ 560.644686][ T5888] usb 5-1: SerialNumber: syz [ 560.704782][ T5888] usb 5-1: config 0 descriptor?? [ 560.714680][ T5888] quatech2 5-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 561.300546][ T5888] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 561.331978][ T5888] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 561.475233][ C1] usb 5-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 561.485290][ T5789] usb 5-1: USB disconnect, device number 46 [ 561.507492][ T5789] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 561.528267][ T5789] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 561.528977][ T5789] quatech2 5-1:0.51: device disconnected [ 562.892431][ T1319] ieee802154 phy0 wpan0: encryption failed: -22 [ 564.007053][T24652] loop2: detected capacity change from 0 to 7 [ 564.013993][T24652] Dev loop2: unable to read RDB block 7 [ 564.014046][T24652] loop2: unable to read partition table [ 564.014272][T24652] loop2: partition table beyond EOD, truncated [ 564.014291][T24652] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 564.547370][T24676] sctp: [Deprecated]: syz.3.8804 (pid 24676) Use of struct sctp_assoc_value in delayed_ack socket option. [ 564.547370][T24676] Use struct sctp_sack_info instead [ 566.397810][T24788] loop2: detected capacity change from 0 to 7 [ 566.400729][T24788] Dev loop2: unable to read RDB block 7 [ 566.400770][T24788] loop2: AHDI p1 p2 p3 p4 [ 566.400797][T24788] loop2: partition table partially beyond EOD, truncated [ 566.400930][T24788] loop2: p1 start 1601398130 is beyond EOD, truncated [ 566.400946][T24788] loop2: p2 start 1702059890 is beyond EOD, truncated [ 566.400961][T24788] loop2: p3 size 150995200 extends beyond EOD, truncated [ 566.886341][ T61] Bluetooth: hci5: command 0x1003 tx timeout [ 566.892019][ T5809] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 568.181769][T24886] syzkaller1: tun_chr_ioctl cmd 1074025677 [ 568.181973][T24886] syzkaller1: linktype set to 774 [ 570.804421][T25042] netlink: 36 bytes leftover after parsing attributes in process `syz.5.8981'. [ 570.899684][ T31] usb 4-1: new high-speed USB device number 48 using dummy_hcd [ 571.019723][T25054] netlink: 'syz.5.8987': attribute type 13 has an invalid length. [ 571.051731][ T31] usb 4-1: config index 0 descriptor too short (expected 23569, got 27) [ 571.051789][ T31] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 571.053297][ T31] usb 4-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 571.053321][ T31] usb 4-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 571.053339][ T31] usb 4-1: Manufacturer: syz [ 571.115071][ T31] usb 4-1: config 0 descriptor?? [ 571.297484][ T31] rc_core: IR keymap rc-hauppauge not found [ 571.297508][ T31] Registered IR keymap rc-empty [ 571.298976][ T31] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0 [ 571.301888][ T31] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input57 [ 571.366814][ C1] igorplugusb 4-1:0.0: Error: urb status = -32 [ 571.409731][ T5875] usb 4-1: USB disconnect, device number 48 [ 572.251490][T25121] loop2: detected capacity change from 0 to 1 [ 572.252508][T25121] Dev loop2: unable to read RDB block 1 [ 572.252547][T25121] loop2: unable to read partition table [ 572.252859][T25121] loop2: partition table beyond EOD, truncated [ 572.252876][T25121] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 572.394247][T25135] netlink: 'syz.3.9024': attribute type 16 has an invalid length. [ 572.394270][T25135] netlink: 'syz.3.9024': attribute type 21 has an invalid length. [ 572.394282][T25135] netlink: 'syz.3.9024': attribute type 25 has an invalid length. [ 572.394294][T25135] netlink: 'syz.3.9024': attribute type 27 has an invalid length. [ 572.394306][T25135] netlink: 'syz.3.9024': attribute type 28 has an invalid length. [ 572.394317][T25135] netlink: 'syz.3.9024': attribute type 29 has an invalid length. [ 572.394327][T25135] netlink: 'syz.3.9024': attribute type 30 has an invalid length. [ 575.355476][T25279] overlayfs: failed to set uuid (793/file0, err=-1); falling back to uuid=null. [ 575.355548][T25279] overlayfs: failed to verify upper root origin [ 576.142988][T25316] netlink: 'syz.3.9111': attribute type 12 has an invalid length. [ 576.295023][T25320] netlink: 28 bytes leftover after parsing attributes in process `syz.4.9116'. [ 576.737961][T25343] netlink: 104 bytes leftover after parsing attributes in process `syz.4.9126'. [ 576.846277][ T5789] usb 6-1: new high-speed USB device number 21 using dummy_hcd [ 576.996343][ T5789] usb 6-1: Using ep0 maxpacket: 32 [ 577.013283][ T5789] usb 6-1: config 0 has an invalid interface number: 67 but max is 0 [ 577.013307][ T5789] usb 6-1: config 0 has no interface number 0 [ 577.025371][ T5789] usb 6-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 577.025397][ T5789] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 577.025415][ T5789] usb 6-1: Product: syz [ 577.025427][ T5789] usb 6-1: Manufacturer: syz [ 577.025439][ T5789] usb 6-1: SerialNumber: syz [ 577.078930][ T5789] usb 6-1: config 0 descriptor?? [ 577.098175][ T5789] smsc95xx v2.0.0 [ 577.807717][ T5875] usb 5-1: new high-speed USB device number 47 using dummy_hcd [ 577.957272][ T5875] usb 5-1: Using ep0 maxpacket: 8 [ 577.959563][ T5875] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 577.959618][ T5875] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 577.959638][ T5875] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 577.959659][ T5875] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 577.959680][ T5875] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 577.959717][ T5875] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 577.959737][ T5875] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 578.301758][ T5789] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000030: -71 [ 578.301785][ T5789] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Error writing E2P_CMD [ 578.302300][ T5789] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71 [ 578.302575][ T5789] smsc95xx 6-1:0.67: probe with driver smsc95xx failed with error -71 [ 578.353043][ T5789] usb 6-1: USB disconnect, device number 21 [ 579.289485][ C1] vkms_vblank_simulate: vblank timer overrun [ 579.325294][T25474] binder: 25473:25474 ioctl c0306201 200000000040 returned -22 [ 579.325710][T25474] binder: 25473:25474 ioctl c0306201 200000000640 returned -22 [ 580.100837][T25514] netlink: 63503 bytes leftover after parsing attributes in process `syz.5.9206'. [ 580.606807][ T5875] usb 5-1: USB disconnect, device number 47 [ 581.726327][ T994] usb 5-1: new high-speed USB device number 48 using dummy_hcd [ 582.026209][ T994] usb 5-1: Using ep0 maxpacket: 32 [ 582.031889][ T994] usb 5-1: config 0 has an invalid interface number: 184 but max is 0 [ 582.031911][ T994] usb 5-1: config 0 has no interface number 0 [ 582.031964][ T994] usb 5-1: config 0 interface 184 has no altsetting 0 [ 582.034353][ T994] usb 5-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 582.034376][ T994] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 582.034392][ T994] usb 5-1: Product: syz [ 582.034405][ T994] usb 5-1: Manufacturer: syz [ 582.034417][ T994] usb 5-1: SerialNumber: syz [ 582.040136][ T994] usb 5-1: config 0 descriptor?? [ 582.049368][ T994] smsc75xx v1.0.0 [ 582.668848][ T994] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32 [ 582.668876][ T994] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 582.839763][T25627] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9261'. [ 583.075838][ T994] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000010: -71 [ 583.075866][ T994] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to write HW_CFG: -71 [ 583.075884][ T994] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71 [ 583.076448][ T994] smsc75xx 5-1:0.184: probe with driver smsc75xx failed with error -71 [ 583.098701][ T994] usb 5-1: USB disconnect, device number 48 [ 583.719388][T25668] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 583.747546][ T994] kernel write not supported for file [eventfd] (pid: 994 comm: kworker/0:2) [ 584.416265][ T5875] usb 5-1: new high-speed USB device number 49 using dummy_hcd [ 584.572728][ T5875] usb 5-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36 [ 584.572756][ T5875] usb 5-1: New USB device strings: Mfr=241, Product=2, SerialNumber=3 [ 584.572773][ T5875] usb 5-1: Product: syz [ 584.572786][ T5875] usb 5-1: Manufacturer: syz [ 584.572798][ T5875] usb 5-1: SerialNumber: syz [ 584.593639][ T5875] usb 5-1: config 0 descriptor?? [ 584.614046][ T5875] ch341 5-1:0.0: ch341-uart converter detected [ 585.283173][ C1] vcan0: j1939_tp_rxtimer: 0xffff88805914cc00: rx timeout, send abort [ 585.637100][ T5875] usb 5-1: ch341-uart converter now attached to ttyUSB0 [ 585.784849][ C1] vcan0: j1939_tp_rxtimer: 0xffff88805914ec00: rx timeout, send abort [ 585.785830][ C1] vcan0: j1939_tp_rxtimer: 0xffff88805914cc00: abort rx timeout. Force session deactivation [ 585.821278][ T31] usb 5-1: USB disconnect, device number 49 [ 585.847758][ T31] ch341-uart ttyUSB0: ch341-uart converter now disconnected from ttyUSB0 [ 585.848214][ T31] ch341 5-1:0.0: device disconnected [ 586.284927][ C1] vcan0: j1939_tp_rxtimer: 0xffff88805914ec00: abort rx timeout. Force session deactivation [ 588.296313][ T5789] usb 5-1: new high-speed USB device number 50 using dummy_hcd [ 588.448667][ T5789] usb 5-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 588.448694][ T5789] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 588.454357][ T5789] usb 5-1: config 0 descriptor?? [ 588.692271][ T5789] udl 5-1:0.0: [drm] Unrecognized vendor firmware descriptor [ 588.940739][ T5789] [drm] Initialized udl 0.0.1 for 5-1:0.0 on minor 2 [ 588.940762][ T5789] [drm] Initialized udl on minor 2 [ 589.095440][ T5789] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed [ 589.105726][ T5789] udl 5-1:0.0: [drm] Cannot find any crtc or sizes [ 589.299885][T25942] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 589.301769][ T5789] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 589.321603][ T5875] usb 5-1: USB disconnect, device number 50 [ 589.335784][ T5789] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 589.335965][ T5789] udl 5-1:0.0: [drm] Cannot find any crtc or sizes [ 590.796497][ T5875] usb 5-1: new low-speed USB device number 51 using dummy_hcd [ 590.948729][ T5875] usb 5-1: config 168 descriptor has 1 excess byte, ignoring [ 590.948807][ T5875] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 590.948831][ T5875] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 590.948853][ T5875] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 590.948876][ T5875] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 590.950262][ T5875] usb 5-1: config 168 descriptor has 1 excess byte, ignoring [ 590.950312][ T5875] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 590.950336][ T5875] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 590.950358][ T5875] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 590.950381][ T5875] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 590.951769][ T5875] usb 5-1: config 168 descriptor has 1 excess byte, ignoring [ 590.951816][ T5875] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 590.951841][ T5875] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 590.951862][ T5875] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 590.951884][ T5875] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 590.955262][ T5875] usb 5-1: string descriptor 0 read error: -22 [ 590.955409][ T5875] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 590.955430][ T5875] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 590.981418][ T5875] adutux 5-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 591.201045][ T5875] usb 5-1: USB disconnect, device number 51 [ 595.637685][T26258] netlink: 'syz.4.9559': attribute type 5 has an invalid length. [ 598.487171][T26397] hsr0: entered promiscuous mode [ 598.488040][T26397] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9625'. [ 598.525303][T26397] hsr_slave_0: left promiscuous mode [ 598.711636][T26397] hsr0 (unregistering): left promiscuous mode [ 600.248322][T26478] netlink: 16 bytes leftover after parsing attributes in process `syz.5.9663'. [ 600.248351][T26478] netlink: 12 bytes leftover after parsing attributes in process `syz.5.9663'. [ 600.248397][T26478] macvlan0: entered allmulticast mode [ 604.084684][T26661] netlink: 'syz.5.9748': attribute type 10 has an invalid length. [ 604.139458][T26664] netlink: 'syz.5.9748': attribute type 10 has an invalid length. [ 604.158994][T26661] team0: Port device dummy0 added [ 604.266017][T26664] team0: Port device dummy0 removed [ 604.270336][T26664] dummy0: entered promiscuous mode [ 604.303124][T26664] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 605.899267][T26768] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 607.057221][ T9] usb 4-1: new high-speed USB device number 49 using dummy_hcd [ 607.206671][ T9] usb 4-1: Using ep0 maxpacket: 8 [ 607.219522][ T9] usb 4-1: New USB device found, idVendor=04a5, idProduct=3003, bcdDevice=3a.b2 [ 607.219550][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 607.219574][ T9] usb 4-1: Product: syz [ 607.219585][ T9] usb 4-1: Manufacturer: syz [ 607.219598][ T9] usb 4-1: SerialNumber: syz [ 607.235949][ T9] usb 4-1: config 0 descriptor?? [ 607.475593][ T9] gspca_main: sunplus-2.14.0 probing 04a5:3003 [ 607.995575][T26890] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 608.310734][ T9] gspca_sunplus: reg_w_riv err -71 [ 608.310835][ T9] sunplus 4-1:0.0: probe with driver sunplus failed with error -71 [ 608.313974][ T9] usb 4-1: USB disconnect, device number 49 [ 608.712899][T26930] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 609.295758][ T37] audit: type=1326 audit(865.124:651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26966 comm="syz.4.9896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5d065efc9 code=0x7ffc0000 [ 609.296045][ T37] audit: type=1326 audit(865.124:652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26966 comm="syz.4.9896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5d065efc9 code=0x7ffc0000 [ 609.307060][ T37] audit: type=1326 audit(865.144:653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26966 comm="syz.4.9896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc5d065efc9 code=0x7ffc0000 [ 609.307329][ T37] audit: type=1326 audit(865.144:654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26966 comm="syz.4.9896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5d065efc9 code=0x7ffc0000 [ 609.307563][ T37] audit: type=1326 audit(865.144:655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26966 comm="syz.4.9896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5d065efc9 code=0x7ffc0000 [ 609.308139][ T37] audit: type=1326 audit(865.144:656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26966 comm="syz.4.9896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7fc5d065efc9 code=0x7ffc0000 [ 609.309008][ T37] audit: type=1326 audit(865.144:657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26966 comm="syz.4.9896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5d065efc9 code=0x7ffc0000 [ 609.309444][ T37] audit: type=1326 audit(865.144:658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26966 comm="syz.4.9896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5d065efc9 code=0x7ffc0000 [ 609.310125][ T37] audit: type=1326 audit(865.144:659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26966 comm="syz.4.9896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=427 compat=0 ip=0x7fc5d065efc9 code=0x7ffc0000 [ 609.310993][ T37] audit: type=1326 audit(865.144:660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=26966 comm="syz.4.9896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5d065efc9 code=0x7ffc0000 [ 609.326219][ T9] usb 6-1: new high-speed USB device number 22 using dummy_hcd [ 609.476301][ T9] usb 6-1: Using ep0 maxpacket: 8 [ 609.484388][ T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 609.484417][ T9] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 609.484455][ T9] usb 6-1: New USB device found, idVendor=0566, idProduct=3004, bcdDevice= 0.00 [ 609.484476][ T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 609.494755][ T9] usb 6-1: config 0 descriptor?? [ 609.948540][ T9] monterey 0003:0566:3004.003A: global environment stack underflow [ 609.948560][ T9] monterey 0003:0566:3004.003A: item 0 0 1 11 parsing failed [ 609.949435][ T9] monterey 0003:0566:3004.003A: probe with driver monterey failed with error -22 [ 610.132453][ T9] usb 6-1: USB disconnect, device number 22 [ 610.216261][ T5888] usb 5-1: new high-speed USB device number 52 using dummy_hcd [ 610.368757][ T5888] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023 [ 610.368786][ T5888] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A [ 610.368809][ T5888] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 121 [ 610.372899][ T5888] usb 5-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10 [ 610.372923][ T5888] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 610.372940][ T5888] usb 5-1: Product: syz [ 610.372952][ T5888] usb 5-1: Manufacturer: syz [ 610.372965][ T5888] usb 5-1: SerialNumber: syz [ 610.446380][ T5888] usb 5-1: config 0 descriptor?? [ 610.447415][T26990] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 610.447667][T26990] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 610.449786][ T5888] usb 5-1: ucan: probing device on interface #0 [ 611.031532][T27049] tls_set_device_offload: netdev not found [ 611.064489][ T5888] ucan 5-1:0.0: probe with driver ucan failed with error -71 [ 611.084769][ T5888] usb 5-1: USB disconnect, device number 52 [ 611.715610][T27087] Bluetooth: hci0: invalid length 0, exp 2 for type 1 [ 612.046320][ T994] usb 5-1: new high-speed USB device number 53 using dummy_hcd [ 612.198751][ T994] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 612.198779][ T994] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 612.212040][ T994] usb 5-1: config 0 descriptor?? [ 612.218516][ T994] cp210x 5-1:0.0: cp210x converter detected [ 612.632900][ T994] cp210x 5-1:0.0: failed to get vendor val 0x0010 size 3: -32 [ 612.660414][ T994] usb 5-1: cp210x converter now attached to ttyUSB0 [ 612.867770][ T5888] usb 5-1: USB disconnect, device number 53 [ 612.874060][ T5888] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 612.986575][ T5888] cp210x 5-1:0.0: device disconnected [ 613.082473][T27153] netlink: 8 bytes leftover after parsing attributes in process `syz.5.9985'. [ 613.647661][ T994] usb 6-1: new low-speed USB device number 23 using dummy_hcd [ 613.800189][ T994] usb 6-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 613.800217][ T994] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 613.820895][ T994] usb 6-1: config 0 descriptor?? [ 615.062205][ T994] asix 6-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 615.062232][ T994] asix 6-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9 [ 615.062509][ T994] asix 6-1:0.0: probe with driver asix failed with error -71 [ 615.076889][ T994] usb 6-1: USB disconnect, device number 23 [ 615.906211][ T5888] usb 6-1: new full-speed USB device number 24 using dummy_hcd [ 616.064716][ T5888] usb 6-1: config 0 has no interfaces? [ 616.078256][ T5888] usb 6-1: New USB device found, idVendor=2a39, idProduct=3fa0, bcdDevice=63.01 [ 616.078284][ T5888] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 616.078300][ T5888] usb 6-1: Product: syz [ 616.078313][ T5888] usb 6-1: Manufacturer: syz [ 616.078324][ T5888] usb 6-1: SerialNumber: syz [ 616.121199][ T5888] usb 6-1: config 0 descriptor?? [ 616.338149][ T5888] usb 6-1: USB disconnect, device number 24 [ 617.424513][T27401] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 618.771920][T27464] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=2452513283 (39240212528 ns) > initial count (24967832624 ns). Using initial count to start timer. [ 620.252528][T27525] netlink: 'syz.5.10164': attribute type 1 has an invalid length. [ 620.541984][T27546] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 620.556056][T27546] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 621.371420][T27582] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 621.371528][T27582] TCP: tcp_parse_options: Illegal window scaling value 64 > 14 received [ 622.256782][T27617] netlink: 156 bytes leftover after parsing attributes in process `syz.3.10209'. [ 622.307029][ T994] IPVS: starting estimator thread 0... [ 622.396273][T27623] IPVS: using max 8 ests per chain, 19200 per kthread [ 622.494743][T27632] netlink: 'syz.3.10214': attribute type 4 has an invalid length. [ 623.070204][T27664] netem: incorrect gi model size [ 623.070242][T27664] netem: change failed [ 623.346342][ T5875] hid-generic 0000:0000:0000.003B: unknown main item tag 0x0 [ 623.374625][ T5875] hid-generic 0000:0000:0000.003B: hidraw0: HID v0.00 Device [syz1] on syz0 [ 624.339778][ T1319] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.480662][T27714] netlink: 'syz.4.10253': attribute type 5 has an invalid length. [ 624.480682][T27714] netlink: 8 bytes leftover after parsing attributes in process `syz.4.10253'. [ 624.533821][T27716] netlink: 'syz.4.10253': attribute type 5 has an invalid length. [ 624.533840][T27716] netlink: 8 bytes leftover after parsing attributes in process `syz.4.10253'. [ 628.486319][ T31] usb 4-1: new full-speed USB device number 50 using dummy_hcd [ 628.655095][T27915] netlink: 12 bytes leftover after parsing attributes in process `syz.4.10348'. [ 628.678787][ T31] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 628.678814][ T31] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 628.732676][ T31] usb 4-1: config 0 descriptor?? [ 628.739762][ T31] cp210x 4-1:0.0: cp210x converter detected [ 629.171192][ T31] usb 4-1: cp210x converter now attached to ttyUSB0 [ 629.345648][ T5875] usb 4-1: USB disconnect, device number 50 [ 629.363368][ T5875] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 629.486660][ T5875] cp210x 4-1:0.0: device disconnected [ 630.390298][T28011] netlink: 51 bytes leftover after parsing attributes in process `syz.5.10393'. [ 630.436427][ T994] usb 4-1: new full-speed USB device number 51 using dummy_hcd [ 630.548554][T28023] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 630.589306][ T994] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 630.589334][ T994] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 630.589372][ T994] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 630.589390][ T994] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 630.851597][ T994] usb 4-1: usb_control_msg returned -32 [ 630.851644][ T994] usbtmc 4-1:16.0: can't read capabilities [ 633.244170][ T31] usb 4-1: USB disconnect, device number 51 [ 633.992517][ T37] kauditd_printk_skb: 1 callbacks suppressed [ 633.992534][ T37] audit: type=1326 audit(889.824:662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=28202 comm="syz.3.10484" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2ae6b5efc9 code=0x0 [ 635.582503][T28294] netlink: 76 bytes leftover after parsing attributes in process `syz.4.10529'. [ 636.022678][T28323] netlink: 12 bytes leftover after parsing attributes in process `syz.4.10545'. [ 636.331999][ T31] hid-generic 0000:0000:0000.003C: unknown main item tag 0x0 [ 636.340511][ T31] hid-generic 0000:0000:0000.003C: hidraw0: HID v0.00 Device [syz1] on syz0 [ 637.313559][T28394] netlink: 8 bytes leftover after parsing attributes in process `syz.5.10578'. [ 637.328245][T28394] bridge0: port 2(bridge_slave_1) entered disabled state [ 637.334258][T28394] bridge0: port 1(bridge_slave_0) entered disabled state [ 637.536218][ T31] usb 5-1: new high-speed USB device number 54 using dummy_hcd [ 637.716003][ T31] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 637.716033][ T31] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 637.716053][ T31] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 637.719148][ T31] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 637.719174][ T31] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 637.730350][ T31] usb 5-1: config 0 descriptor?? [ 638.157216][ T31] plantronics 0003:047F:FFFF.003D: unbalanced delimiter at end of report description [ 638.158016][ T31] plantronics 0003:047F:FFFF.003D: parse failed [ 638.158113][ T31] plantronics 0003:047F:FFFF.003D: probe with driver plantronics failed with error -22 [ 638.347804][ T9] usb 5-1: USB disconnect, device number 54 [ 639.466184][ T5888] usb 5-1: new high-speed USB device number 55 using dummy_hcd [ 639.616200][ T5888] usb 5-1: Using ep0 maxpacket: 16 [ 639.619523][ T5888] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 639.619545][ T5888] usb 5-1: config 0 has no interface number 0 [ 639.624000][ T5888] usb 5-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d [ 639.624025][ T5888] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 639.624042][ T5888] usb 5-1: Product: syz [ 639.624054][ T5888] usb 5-1: Manufacturer: syz [ 639.624066][ T5888] usb 5-1: SerialNumber: syz [ 639.697921][ T5888] usb 5-1: config 0 descriptor?? [ 639.716012][ T5888] gspca_main: spca1528-2.14.0 probing 04fc:1528 [ 639.914021][T28492] x_tables: ip6_tables: policy.0 match: invalid size 312 (kernel) != (user) 0 [ 641.148859][ T5888] gspca_spca1528: reg_w err -71 [ 641.148978][ T5888] spca1528 5-1:0.1: probe with driver spca1528 failed with error -71 [ 641.170895][ T5888] usb 5-1: USB disconnect, device number 55 [ 641.804584][T28560] loop2: detected capacity change from 0 to 7 [ 641.805681][T28560] Dev loop2: unable to read RDB block 7 [ 641.805721][T28560] loop2: unable to read partition table [ 641.805941][T28560] loop2: partition table beyond EOD, truncated [ 641.805957][T28560] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 643.147939][ T994] usb 6-1: new high-speed USB device number 25 using dummy_hcd [ 643.297183][ T994] usb 6-1: Using ep0 maxpacket: 32 [ 643.299509][ T994] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 643.299543][ T994] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 643.299580][ T994] usb 6-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 643.299601][ T994] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 643.352613][ T994] usb 6-1: config 0 descriptor?? [ 643.365637][ T994] hub 6-1:0.0: USB hub found [ 643.563578][ T994] hub 6-1:0.0: 1 port detected [ 644.192415][ T994] hub 6-1:0.0: activate --> -90 [ 644.619954][ T5875] usb 6-1: USB disconnect, device number 25 [ 644.620081][ T994] usb 6-1: Failed to suspend device, error -71 [ 645.359705][T28736] trusted_key: syz.3.10737 sent an empty control message without MSG_MORE. [ 647.866262][ T994] usb 6-1: new high-speed USB device number 26 using dummy_hcd [ 648.037834][ T994] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 648.037865][ T994] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 648.037901][ T994] usb 6-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 648.037921][ T994] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 648.064249][ T994] usb 6-1: config 0 descriptor?? [ 648.491478][ T994] cm6533_jd 0003:0D8C:0022.003E: unknown main item tag 0x0 [ 648.491513][ T994] cm6533_jd 0003:0D8C:0022.003E: unknown main item tag 0x0 [ 648.491538][ T994] cm6533_jd 0003:0D8C:0022.003E: unknown main item tag 0x0 [ 648.491562][ T994] cm6533_jd 0003:0D8C:0022.003E: unknown main item tag 0x0 [ 648.491585][ T994] cm6533_jd 0003:0D8C:0022.003E: unknown main item tag 0x0 [ 648.512455][ T994] cm6533_jd 0003:0D8C:0022.003E: hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.5-1/input0 [ 648.759543][ T5888] usb 6-1: USB disconnect, device number 26 [ 650.551695][ T5888] usb 4-1: new high-speed USB device number 52 using dummy_hcd [ 650.729020][ T5888] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 650.729046][ T5888] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 650.729062][ T5888] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 650.729112][ T5888] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 650.731431][ T5888] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 650.731508][ T5888] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 650.731526][ T5888] usb 4-1: Product: syz [ 650.731538][ T5888] usb 4-1: Manufacturer: syz [ 650.808729][ T5888] cdc_wdm 4-1:1.0: skipping garbage [ 650.808747][ T5888] cdc_wdm 4-1:1.0: skipping garbage [ 650.812271][ T5888] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device [ 650.812302][ T5888] cdc_wdm 4-1:1.0: Unknown control protocol [ 651.024411][ T5888] usb 4-1: USB disconnect, device number 52 [ 651.516234][ T5888] usb 4-1: new high-speed USB device number 53 using dummy_hcd [ 651.680507][ T5888] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 651.680534][ T5888] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 651.680551][ T5888] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 651.680599][ T5888] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 651.682838][ T5888] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 651.682862][ T5888] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 651.682879][ T5888] usb 4-1: Product: syz [ 651.682891][ T5888] usb 4-1: Manufacturer: syz [ 651.757914][ T5888] cdc_wdm 4-1:1.0: skipping garbage [ 651.757932][ T5888] cdc_wdm 4-1:1.0: skipping garbage [ 651.776873][ T5888] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device [ 651.776892][ T5888] cdc_wdm 4-1:1.0: Unknown control protocol [ 652.056231][ T5888] usb 6-1: new full-speed USB device number 27 using dummy_hcd [ 652.212484][ T5888] usb 6-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 652.212513][ T5888] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 652.212530][ T5888] usb 6-1: Product: syz [ 652.212542][ T5888] usb 6-1: Manufacturer: syz [ 652.212554][ T5888] usb 6-1: SerialNumber: syz [ 652.256780][ T5888] usb 6-1: config 0 descriptor?? [ 652.497623][ T5888] usb 6-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 652.768106][T29120] netlink: 20 bytes leftover after parsing attributes in process `syz.4.10922'. [ 653.522387][ T5888] dvb_usb_rtl28xxu 6-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71 [ 653.539180][ T5888] usb 6-1: USB disconnect, device number 27 [ 653.746264][ T5888] usb 4-1: USB disconnect, device number 53 [ 654.248439][ C0] vkms_vblank_simulate: vblank timer overrun [ 661.087164][ T37] audit: type=1326 audit(916.924:663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=29532 comm="syz.4.11114" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc5d065efc9 code=0x0 [ 661.382778][T29550] evm: overlay not supported [ 661.855507][T29580] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 662.391553][ T994] usb 5-1: new high-speed USB device number 56 using dummy_hcd [ 662.906356][ T994] usb 5-1: Using ep0 maxpacket: 32 [ 662.910566][ T994] usb 5-1: config 0 has an invalid interface number: 184 but max is 0 [ 662.910588][ T994] usb 5-1: config 0 has no interface number 0 [ 662.910640][ T994] usb 5-1: config 0 interface 184 has no altsetting 0 [ 662.913295][ T994] usb 5-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 662.913318][ T994] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 662.913336][ T994] usb 5-1: Product: syz [ 662.913348][ T994] usb 5-1: Manufacturer: syz [ 662.913361][ T994] usb 5-1: SerialNumber: syz [ 662.939622][ T994] usb 5-1: config 0 descriptor?? [ 662.974644][ T994] smsc75xx v1.0.0 [ 663.624283][ T994] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32 [ 663.624311][ T994] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 664.239729][ T994] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000010: -71 [ 664.239758][ T994] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read HW_CFG: -71 [ 664.239775][ T994] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71 [ 664.240065][ T994] smsc75xx 5-1:0.184: probe with driver smsc75xx failed with error -71 [ 664.267932][ T994] usb 5-1: USB disconnect, device number 56 [ 664.506205][ T9] usb 6-1: new full-speed USB device number 28 using dummy_hcd [ 664.690800][ T9] usb 6-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 664.690826][ T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 664.690843][ T9] usb 6-1: Product: syz [ 664.690854][ T9] usb 6-1: Manufacturer: syz [ 664.690866][ T9] usb 6-1: SerialNumber: syz [ 664.706480][ T9] usb 6-1: config 0 descriptor?? [ 664.926239][ T9] usb 6-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 665.745796][ T9] dvb_usb_rtl28xxu 6-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32 [ 665.749703][ T9] usb 6-1: USB disconnect, device number 28 [ 666.076471][ T994] usb 4-1: new high-speed USB device number 54 using dummy_hcd [ 666.176220][ T5789] usb 5-1: new high-speed USB device number 57 using dummy_hcd [ 666.233429][ T994] usb 4-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 666.233457][ T994] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 666.233475][ T994] usb 4-1: Product: syz [ 666.233488][ T994] usb 4-1: Manufacturer: syz [ 666.233500][ T994] usb 4-1: SerialNumber: syz [ 666.327381][ T5789] usb 5-1: Using ep0 maxpacket: 16 [ 666.329814][ T5789] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 666.329842][ T5789] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 666.329862][ T5789] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 666.329899][ T5789] usb 5-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00 [ 666.329920][ T5789] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 666.335224][ T5789] usb 5-1: config 0 descriptor?? [ 666.752848][ T5789] input: HID 05ac:8241 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:05AC:8241.003F/input/input58 [ 666.836632][ T5789] appleir 0003:05AC:8241.003F: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.4-1/input0 [ 666.990537][ T5875] usb 5-1: USB disconnect, device number 57 [ 667.254894][T29789] netlink: 40 bytes leftover after parsing attributes in process `syz.5.11237'. [ 667.566243][ T5789] usb 6-1: new high-speed USB device number 29 using dummy_hcd [ 667.674885][ T994] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000118. ret = -EPROTO [ 667.674941][ T994] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED.... [ 667.687435][ T994] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 667.715621][ T994] lan78xx 4-1:1.0: probe with driver lan78xx failed with error -71 [ 667.724126][ T5789] usb 6-1: Using ep0 maxpacket: 16 [ 667.726675][ T5789] usb 6-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 667.726699][ T5789] usb 6-1: config 1 has no interface number 1 [ 667.726744][ T5789] usb 6-1: config 1 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 667.726761][ T5789] usb 6-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0 [ 667.726796][ T5789] usb 6-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 667.746434][ T994] usb 4-1: USB disconnect, device number 54 [ 667.789975][ T5789] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 667.790002][ T5789] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 667.790020][ T5789] usb 6-1: Product: syz [ 667.790031][ T5789] usb 6-1: Manufacturer: syz [ 667.790043][ T5789] usb 6-1: SerialNumber: syz [ 668.250204][ T5789] usb 6-1: 2:1 : format type 0 is detected, processed as PCM [ 668.606209][ T5875] usb 4-1: new high-speed USB device number 55 using dummy_hcd [ 668.766206][ T5875] usb 4-1: Using ep0 maxpacket: 32 [ 668.768603][ T5875] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 668.768630][ T5875] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 668.770154][ T5875] usb 4-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00 [ 668.770177][ T5875] usb 4-1: New USB device strings: Mfr=32, Product=0, SerialNumber=0 [ 668.770195][ T5875] usb 4-1: Manufacturer: syz [ 668.783809][ T5875] usb 4-1: config 0 descriptor?? [ 669.719454][ T5875] ft260 0003:0403:6030.0040: unknown main item tag 0x7 [ 669.830172][ T5789] usb 6-1: USB disconnect, device number 29 [ 669.917736][ T5875] ft260 0003:0403:6030.0040: chip code: 0000 0000 [ 670.118634][ T5875] ft260 0003:0403:6030.0040: USB HID v0.00 Device [syz] on usb-dummy_hcd.3-1/input0 [ 670.319538][ T5875] ft260 0003:0403:6030.0040: failed to retrieve status: -32, no wakeup [ 670.530612][ T5875] usb 4-1: USB disconnect, device number 55 [ 672.546168][ T5789] usb 4-1: new high-speed USB device number 56 using dummy_hcd [ 672.696132][ T5789] usb 4-1: Using ep0 maxpacket: 16 [ 672.698655][ T5789] usb 4-1: config 0 has an invalid interface number: 2 but max is 0 [ 672.698677][ T5789] usb 4-1: config 0 has no interface number 0 [ 672.701673][ T5789] usb 4-1: New USB device found, idVendor=0545, idProduct=8080, bcdDevice= 0.01 [ 672.701697][ T5789] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 672.701714][ T5789] usb 4-1: Product: syz [ 672.701727][ T5789] usb 4-1: Manufacturer: syz [ 672.701739][ T5789] usb 4-1: SerialNumber: syz [ 672.765854][ T5789] usb 4-1: config 0 descriptor?? [ 672.779733][ T5789] gspca_main: xirlink-cit-2.14.0 probing 0545:8080 [ 673.075309][T30068] netlink: 12 bytes leftover after parsing attributes in process `syz.4.11366'. [ 673.394386][ T5789] gspca_xirlink_cit: Failed to write a register (index 0x0400, value 0x00, error -71) [ 673.394804][ T5789] gspca_xirlink_cit: Failed to write a register (index 0x0400, value 0x01, error -71) [ 673.395202][ T5789] gspca_xirlink_cit: Failed to write a register (index 0x0420, value 0x00, error -71) [ 673.395590][ T5789] gspca_xirlink_cit: Failed to write a register (index 0x0420, value 0x01, error -71) [ 673.395986][ T5789] gspca_xirlink_cit: Failed to write a register (index 0x0409, value 0x0D, error -71) [ 673.444258][ T5789] gspca_xirlink_cit: Failed to write a register (index 0x040A, value 0x02, error -71) [ 673.445910][ T5789] gspca_xirlink_cit: Failed to write a register (index 0x0405, value 0x18, error -71) [ 673.465455][ T5789] gspca_xirlink_cit: Failed to write a register (index 0x0435, value 0x08, error -71) [ 673.465877][ T5789] gspca_xirlink_cit: Failed to write a register (index 0x040B, value 0x26, error -71) [ 673.466281][ T5789] gspca_xirlink_cit: Failed to write a register (index 0x0437, value 0x07, error -71) [ 673.466801][ T5789] gspca_xirlink_cit: Failed to write a register (index 0x042F, value 0x15, error -71) [ 673.467217][ T5789] gspca_xirlink_cit: Failed to write a register (index 0x0439, value 0x2B, error -71) [ 673.467610][ T5789] gspca_xirlink_cit: Failed to write a register (index 0x043A, value 0x26, error -71) [ 673.471267][ T5789] gspca_xirlink_cit: Failed to write a register (index 0x0438, value 0x08, error -71) [ 673.491621][ T5789] gspca_xirlink_cit: Failed to write a register (index 0x042B, value 0x1E, error -71) [ 673.516210][ T5789] gspca_xirlink_cit: Failed to write a register (index 0x042C, value 0x41, error -71) [ 673.542373][ T5789] gspca_xirlink_cit: Failed to write a register (index 0x0100, value 0xC0, error -71) [ 673.565896][ T5789] input: xirlink-cit as /devices/platform/dummy_hcd.3/usb4/4-1/input/input60 [ 673.589700][ T5789] usb 4-1: USB disconnect, device number 56 [ 675.625144][T30158] block nbd3: not configured, cannot reconfigure [ 675.917527][T30169] netlink: 4 bytes leftover after parsing attributes in process `syz.3.11412'. [ 676.566241][ T5789] usb 6-1: new high-speed USB device number 30 using dummy_hcd [ 676.632880][T30203] lo speed is unknown, defaulting to 1000 [ 676.788902][ T5789] usb 6-1: New USB device found, idVendor=046d, idProduct=c53f, bcdDevice= 0.00 [ 676.788930][ T5789] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 676.815056][ T5789] usb 6-1: config 0 descriptor?? [ 677.435658][ T994] usb 6-1: USB disconnect, device number 30 [ 678.629317][T30285] kvm: apic: phys broadcast and lowest prio [ 679.889263][ T5789] usb 6-1: new high-speed USB device number 31 using dummy_hcd [ 680.046210][ T5789] usb 6-1: Using ep0 maxpacket: 32 [ 680.048785][ T5789] usb 6-1: config 0 has an invalid interface number: 132 but max is 0 [ 680.048807][ T5789] usb 6-1: config 0 has no interface number 0 [ 680.048860][ T5789] usb 6-1: config 0 interface 132 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 680.053919][ T5789] usb 6-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5 [ 680.053943][ T5789] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 680.053961][ T5789] usb 6-1: Product: syz [ 680.053972][ T5789] usb 6-1: Manufacturer: syz [ 680.053984][ T5789] usb 6-1: SerialNumber: syz [ 680.132272][ T5789] usb 6-1: config 0 descriptor?? [ 680.149935][ T5789] em28xx 6-1:0.132: New device syz syz @ 480 Mbps (0413:6023, interface 132, class 132) [ 680.149966][ T5789] em28xx 6-1:0.132: Video interface 132 found: [ 680.557253][ T5789] em28xx 6-1:0.132: unknown em28xx chip ID (0) [ 681.526470][ T5789] em28xx 6-1:0.132: failed to read eeprom (err=-110) [ 681.526527][ T5789] em28xx 6-1:0.132: em28xx_i2c_register: em28xx_i2_eeprom failed! retval [-110] [ 681.756206][ T5789] em28xx 6-1:0.132: Identified as Leadtek Winfast USB II (card=7) [ 681.756242][ T5789] em28xx 6-1:0.132: analog set to bulk mode. [ 681.762324][ T5789] usb 6-1: USB disconnect, device number 31 [ 681.762420][ T5888] em28xx 6-1:0.132: Registering V4L2 extension [ 681.799982][ T5789] em28xx 6-1:0.132: Disconnecting em28xx [ 682.095185][ T5888] em28xx 6-1:0.132: Config register raw data: 0xffffffed [ 682.095202][ T5888] em28xx 6-1:0.132: AC97 chip type couldn't be determined [ 682.095208][ T5888] em28xx 6-1:0.132: No AC97 audio processor [ 682.159187][ T5888] usb 6-1: Decoder not found [ 682.159200][ T5888] em28xx 6-1:0.132: failed to create media graph [ 682.159239][ T5888] em28xx 6-1:0.132: V4L2 device video103 deregistered [ 682.211485][ T5888] em28xx 6-1:0.132: Remote control support is not available for this card. [ 682.213992][ T5789] em28xx 6-1:0.132: Closing input extension [ 682.292549][ T5789] em28xx 6-1:0.132: Freeing device [ 683.596250][ T31] usb 6-1: new high-speed USB device number 32 using dummy_hcd [ 683.746565][ T31] usb 6-1: Using ep0 maxpacket: 16 [ 683.754280][ T31] usb 6-1: config 0 has an invalid interface number: 41 but max is 0 [ 683.754303][ T31] usb 6-1: config 0 has no interface number 0 [ 683.754347][ T31] usb 6-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16 [ 683.754369][ T31] usb 6-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64 [ 683.754389][ T31] usb 6-1: config 0 interface 41 has no altsetting 0 [ 683.768938][ T31] usb 6-1: New USB device found, idVendor=0fe6, idProduct=9700, bcdDevice=d1.9a [ 683.768964][ T31] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 683.768982][ T31] usb 6-1: Product: syz [ 683.768994][ T31] usb 6-1: Manufacturer: syz [ 683.769006][ T31] usb 6-1: SerialNumber: syz [ 683.847334][ T31] usb 6-1: config 0 descriptor?? [ 683.848189][T30471] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 683.848319][T30471] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 684.060067][T30471] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 684.060240][T30471] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 684.091346][ T37] audit: type=1326 audit(939.924:664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=30508 comm="syz.3.11566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ae6b5efc9 code=0x7ffc0000 [ 684.091799][ T37] audit: type=1326 audit(939.924:665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=30508 comm="syz.3.11566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ae6b5efc9 code=0x7ffc0000 [ 684.096472][ T37] audit: type=1326 audit(939.924:666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=30508 comm="syz.3.11566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f2ae6b5efc9 code=0x7ffc0000 [ 684.096518][ T37] audit: type=1326 audit(939.924:667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=30508 comm="syz.3.11566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ae6b5efc9 code=0x7ffc0000 [ 684.096555][ T37] audit: type=1326 audit(939.924:668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=30508 comm="syz.3.11566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ae6b5efc9 code=0x7ffc0000 [ 684.096596][ T37] audit: type=1326 audit(939.924:669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=30508 comm="syz.3.11566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f2ae6b5efc9 code=0x7ffc0000 [ 684.150835][ T37] audit: type=1326 audit(939.924:670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=30508 comm="syz.3.11566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ae6b5efc9 code=0x7ffc0000 [ 684.150883][ T37] audit: type=1326 audit(939.984:671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=30508 comm="syz.3.11566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ae6b5efc9 code=0x7ffc0000 [ 684.150920][ T37] audit: type=1326 audit(939.984:672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=30508 comm="syz.3.11566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f2ae6b5efc9 code=0x7ffc0000 [ 684.150957][ T37] audit: type=1326 audit(939.984:673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=30508 comm="syz.3.11566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ae6b5efc9 code=0x7ffc0000 [ 684.433400][T30519] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (148514 ns). Using initial count to start timer. [ 684.469258][ T31] Error reading MAC address [ 684.473826][T30471] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 684.473945][T30471] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 685.178379][ T31] sr9700 6-1:0.41 eth5: register 'sr9700' at usb-dummy_hcd.5-1, CoreChip SR9700 USB Ethernet, 1e:fb:47:e1:03:bc [ 685.201183][ T31] usb 6-1: USB disconnect, device number 32 [ 685.204549][ T31] sr9700 6-1:0.41 eth5: unregister 'sr9700' usb-dummy_hcd.5-1, CoreChip SR9700 USB Ethernet [ 685.772595][ T1319] ieee802154 phy0 wpan0: encryption failed: -22 [ 685.999066][T30599] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 685.999097][T30599] overlayfs: failed to set xattr on upper [ 685.999105][T30599] overlayfs: ...falling back to redirect_dir=nofollow. [ 685.999113][T30599] overlayfs: ...falling back to uuid=null. [ 685.999157][T30599] overlayfs: conflicting lowerdir path [ 686.536674][T30587] overlayfs: statfs failed on './file0' [ 687.689060][T30683] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 691.486208][ T9] usb 4-1: new high-speed USB device number 57 using dummy_hcd [ 691.636182][ T9] usb 4-1: Using ep0 maxpacket: 8 [ 691.638651][ T9] usb 4-1: config index 0 descriptor too short (expected 301, got 45) [ 691.638705][ T9] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 691.638725][ T9] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 691.638746][ T9] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 691.638766][ T9] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 691.638809][ T9] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 691.638830][ T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 691.876777][ T9] usb 4-1: GET_CAPABILITIES returned 0 [ 691.876822][ T9] usbtmc 4-1:16.0: can't read capabilities [ 692.076571][ T9] usb 4-1: USB disconnect, device number 57 [ 693.023420][ T37] kauditd_printk_skb: 4 callbacks suppressed [ 693.023437][ T37] audit: type=1326 audit(948.854:678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=30965 comm="syz.4.11775" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5d065efc9 code=0x7ffc0000 [ 693.024293][ T37] audit: type=1326 audit(948.854:679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=30965 comm="syz.4.11775" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5d065efc9 code=0x7ffc0000 [ 693.024831][ T37] audit: type=1326 audit(948.854:680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=30965 comm="syz.4.11775" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc5d065efc9 code=0x7ffc0000 [ 693.042496][ T37] audit: type=1326 audit(948.874:681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=30965 comm="syz.4.11775" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5d065efc9 code=0x7ffc0000 [ 693.043043][ T37] audit: type=1326 audit(948.874:682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=30965 comm="syz.4.11775" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5d065efc9 code=0x7ffc0000 [ 693.043362][ T37] audit: type=1326 audit(948.874:683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=30965 comm="syz.4.11775" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7fc5d065efc9 code=0x7ffc0000 [ 693.043606][ T37] audit: type=1326 audit(948.874:684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=30965 comm="syz.4.11775" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5d065efc9 code=0x7ffc0000 [ 693.044015][ T37] audit: type=1326 audit(948.874:685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=30965 comm="syz.4.11775" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5d065efc9 code=0x7ffc0000 [ 693.044252][ T37] audit: type=1326 audit(948.874:686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=30965 comm="syz.4.11775" exe="/root/syz-executor" sig=0 arch=c000003e syscall=65 compat=0 ip=0x7fc5d065efc9 code=0x7ffc0000 [ 693.044519][ T37] audit: type=1326 audit(948.874:687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=30965 comm="syz.4.11775" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5d065efc9 code=0x7ffc0000 [ 694.477336][T31036] tipc: Enabling of bearer rejected, already enabled [ 695.512910][ T61] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 695.535064][ T61] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 695.538334][ T61] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 695.540062][ T61] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 695.545042][ T61] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 695.570024][ T5809] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 695.571273][ T5809] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 695.571650][ T5809] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 695.586415][ T5809] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 695.588217][ T5809] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 695.723215][T31090] lo speed is unknown, defaulting to 1000 [ 697.032802][T31090] chnl_net:caif_netlink_parms(): no params data found [ 697.693523][ T5809] Bluetooth: hci2: command tx timeout [ 698.056906][T31090] bridge0: port 1(bridge_slave_0) entered blocking state [ 698.057045][T31090] bridge0: port 1(bridge_slave_0) entered disabled state [ 698.057298][T31090] bridge_slave_0: entered allmulticast mode [ 698.060011][T31090] bridge_slave_0: entered promiscuous mode [ 698.075716][T31090] bridge0: port 2(bridge_slave_1) entered blocking state [ 698.075930][T31090] bridge0: port 2(bridge_slave_1) entered disabled state [ 698.077089][T31090] bridge_slave_1: entered allmulticast mode [ 698.081131][T31090] bridge_slave_1: entered promiscuous mode [ 698.525128][T31090] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 698.552390][T31090] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 699.086742][T31090] team0: Port device team_slave_0 added [ 699.110849][T31090] team0: Port device team_slave_1 added [ 699.660685][T31090] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 699.660702][T31090] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 699.660725][T31090] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 699.663005][T31090] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 699.663017][T31090] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 699.663040][T31090] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 699.775838][ T5809] Bluetooth: hci2: command tx timeout [ 699.896228][ T31] usb 6-1: new high-speed USB device number 33 using dummy_hcd [ 700.076789][ T31] usb 6-1: Using ep0 maxpacket: 32 [ 700.143721][ T31] usb 6-1: config 0 has an invalid interface number: 184 but max is 0 [ 700.143805][ T31] usb 6-1: config 0 has no interface number 0 [ 700.144341][ T31] usb 6-1: config 0 interface 184 has no altsetting 0 [ 700.308792][ T31] usb 6-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 700.308879][ T31] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 700.308960][ T31] usb 6-1: Product: syz [ 700.309035][ T31] usb 6-1: Manufacturer: syz [ 700.309109][ T31] usb 6-1: SerialNumber: syz [ 700.484345][ T31] usb 6-1: config 0 descriptor?? [ 700.507546][ T31] smsc75xx v1.0.0 [ 700.568832][T31090] hsr_slave_0: entered promiscuous mode [ 700.591298][T31090] hsr_slave_1: entered promiscuous mode [ 700.592323][T31090] debugfs: 'hsr0' already exists in 'hsr' [ 700.592347][T31090] Cannot create hsr debugfs directory [ 700.770740][T31272] netlink: 4 bytes leftover after parsing attributes in process `syz.3.11914'. [ 700.777759][T31272] netlink: 12 bytes leftover after parsing attributes in process `syz.3.11914'. [ 701.128759][ T31] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32 [ 701.128788][ T31] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 701.694878][T31090] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 701.721768][T31090] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 701.776461][ T5888] usb 4-1: new high-speed USB device number 58 using dummy_hcd [ 701.845337][T31090] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 701.852771][ T5809] Bluetooth: hci2: command tx timeout [ 701.915364][T31090] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 701.941417][ T31] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71 [ 701.941445][ T31] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71 [ 701.941462][ T31] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71 [ 701.941771][ T31] smsc75xx 6-1:0.184: probe with driver smsc75xx failed with error -71 [ 701.946245][ T5888] usb 4-1: Using ep0 maxpacket: 8 [ 701.972522][ T5888] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 701.984172][ T5888] usb 4-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d [ 701.984198][ T5888] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105 [ 701.984216][ T5888] usb 4-1: SerialNumber: syz [ 702.034048][ T5888] usb 4-1: config 0 descriptor?? [ 702.041747][ T31] usb 6-1: USB disconnect, device number 33 [ 702.060642][ T5888] uvcvideo 4-1:0.0: Found UVC 0.00 device (05ac:8501) [ 702.061368][ T5888] uvcvideo 4-1:0.0: Failed to create links for entity 255 [ 702.061386][ T5888] uvcvideo 4-1:0.0: Failed to register entities (-22). [ 702.252895][ T9] usb 4-1: USB disconnect, device number 58 [ 702.294741][T31090] 8021q: adding VLAN 0 to HW filter on device bond0 [ 702.343479][T31090] 8021q: adding VLAN 0 to HW filter on device team0 [ 702.363104][T14263] bridge0: port 1(bridge_slave_0) entered blocking state [ 702.363843][T14263] bridge0: port 1(bridge_slave_0) entered forwarding state [ 702.394554][T14284] bridge0: port 2(bridge_slave_1) entered blocking state [ 702.394719][T14284] bridge0: port 2(bridge_slave_1) entered forwarding state [ 702.963485][T31090] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 703.086481][ T5889] usb 6-1: new high-speed USB device number 34 using dummy_hcd [ 703.238232][ T5889] usb 6-1: Using ep0 maxpacket: 8 [ 703.240555][ T5889] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 703.240583][ T5889] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 703.240604][ T5889] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 703.240662][ T5889] usb 6-1: New USB device found, idVendor=1e71, idProduct=170e, bcdDevice= 0.00 [ 703.240683][ T5889] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 703.248599][ T5889] usb 6-1: config 0 descriptor?? [ 703.683999][ T5889] nzxt-kraken2 0003:1E71:170E.0042: hidraw0: USB HID v0.04 Device [HID 1e71:170e] on usb-dummy_hcd.5-1/input0 [ 703.874739][ T5889] usb 6-1: USB disconnect, device number 34 [ 703.926181][ T5809] Bluetooth: hci2: command tx timeout [ 704.067220][T31090] veth0_vlan: entered promiscuous mode [ 704.116687][T31090] veth1_vlan: entered promiscuous mode [ 704.189597][T31090] veth0_macvtap: entered promiscuous mode [ 704.207624][T31090] veth1_macvtap: entered promiscuous mode [ 704.242699][T31090] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 704.287862][T31090] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 704.358976][ T3491] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 704.361651][ T3491] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 704.371945][ T3491] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 704.414037][ T3491] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 705.019880][T31430] lo speed is unknown, defaulting to 1000 [ 705.248992][T14260] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 705.249011][T14260] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 705.442788][ T3491] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 705.442807][ T3491] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 707.577893][T31524] netlink: 4 bytes leftover after parsing attributes in process `syz.6.12025'. [ 711.596369][T31692] sg_read: process 2422 (syz.3.12097) changed security contexts after opening file descriptor, this is not allowed. [ 712.090967][T31712] input: syz0 as /devices/virtual/input/input61 [ 713.034656][T31749] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 715.173401][T31839] netlink: 36 bytes leftover after parsing attributes in process `syz.3.12168'. [ 715.175180][T31839] netlink: 36 bytes leftover after parsing attributes in process `syz.3.12168'. [ 715.526656][ T31] usb 4-1: new high-speed USB device number 59 using dummy_hcd [ 715.686338][ T31] usb 4-1: Using ep0 maxpacket: 32 [ 715.704883][ T31] usb 4-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb [ 715.704910][ T31] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 715.704928][ T31] usb 4-1: Product: syz [ 715.704940][ T31] usb 4-1: Manufacturer: syz [ 715.704953][ T31] usb 4-1: SerialNumber: syz [ 715.743072][ T31] usb 4-1: config 0 descriptor?? [ 715.755362][ T31] gspca_main: ov534_9-2.14.0 probing 05a9:1550 [ 716.766164][ T31] gspca_ov534_9: reg_w failed -71 [ 717.066171][ T31] gspca_ov534_9: Unknown sensor 0000 [ 717.066274][ T31] ov534_9 4-1:0.0: probe with driver ov534_9 failed with error -22 [ 717.069426][ T31] usb 4-1: USB disconnect, device number 59 [ 717.665349][ T37] kauditd_printk_skb: 7 callbacks suppressed [ 717.665368][ T37] audit: type=1800 audit(973.474:695): pid=31974 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.5.12232" name="bus" dev="overlay" ino=5034 res=0 errno=0 [ 718.322196][T32009] syzkaller1: entered promiscuous mode [ 718.322221][T32009] syzkaller1: entered allmulticast mode [ 719.216767][T32031] block nbd3: NBD_DISCONNECT [ 719.293132][T32031] block nbd3: Disconnected due to user request. [ 719.305666][T32031] block nbd3: shutting down sockets [ 722.606208][ T5888] usb 6-1: new full-speed USB device number 35 using dummy_hcd [ 722.770010][ T5888] usb 6-1: not running at top speed; connect to a high speed hub [ 722.785218][ T5888] usb 6-1: config 1 interface 0 altsetting 160 endpoint 0x1 has invalid maxpacket 1024, setting to 64 [ 722.785250][ T5888] usb 6-1: config 1 interface 0 has no altsetting 0 [ 722.817879][ T5888] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 722.817906][ T5888] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 722.817923][ T5888] usb 6-1: Product: syz [ 722.817935][ T5888] usb 6-1: Manufacturer: syz [ 722.817947][ T5888] usb 6-1: SerialNumber: syz [ 722.877461][T32172] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22 [ 723.622679][T32209] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 723.704958][ T5888] usb 6-1: USB disconnect, device number 35 [ 724.909648][T32278] binder: BINDER_SET_CONTEXT_MGR already set [ 724.909671][T32278] binder: 32275:32278 ioctl 4018620d 2000000002c0 returned -16 [ 725.122948][ T37] audit: type=1326 audit(980.954:696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=32290 comm="syz.5.12383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaa9f8efc9 code=0x7ffc0000 [ 725.122999][ T37] audit: type=1326 audit(980.954:697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=32290 comm="syz.5.12383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaa9f8efc9 code=0x7ffc0000 [ 725.150220][ T37] audit: type=1326 audit(980.984:698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=32290 comm="syz.5.12383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fdaa9f8efc9 code=0x7ffc0000 [ 725.150266][ T37] audit: type=1326 audit(980.984:699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=32290 comm="syz.5.12383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaa9f8efc9 code=0x7ffc0000 [ 725.150310][ T37] audit: type=1326 audit(980.984:700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=32290 comm="syz.5.12383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaa9f8efc9 code=0x7ffc0000 [ 725.150346][ T37] audit: type=1326 audit(980.984:701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=32290 comm="syz.5.12383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7fdaa9f8efc9 code=0x7ffc0000 [ 725.159948][ T37] audit: type=1326 audit(980.994:702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=32290 comm="syz.5.12383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaa9f8efc9 code=0x7ffc0000 [ 725.160001][ T37] audit: type=1326 audit(980.994:703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=32290 comm="syz.5.12383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fdaa9f8efc9 code=0x7ffc0000 [ 725.160039][ T37] audit: type=1326 audit(980.994:704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=32290 comm="syz.5.12383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaa9f8efc9 code=0x7ffc0000 [ 725.160077][ T37] audit: type=1326 audit(980.994:705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=32290 comm="syz.5.12383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fdaa9f8efc9 code=0x7ffc0000 [ 725.758257][T32323] binder: 32322:32323 ioctl c0306201 0 returned -14 [ 725.828632][T32323] binder: 32322:32323 ioctl c0306201 2000000000c0 returned -14 [ 726.074726][T32342] binder: BINDER_SET_CONTEXT_MGR already set [ 726.074740][T32342] binder: 32340:32342 ioctl 4018620d 200000004a80 returned -16 [ 726.241251][T32351] input: syz1 as /devices/virtual/input/input62 [ 730.561501][T32557] netlink: 60 bytes leftover after parsing attributes in process `syz.5.12507'. [ 730.611505][T32557] unsupported nlmsg_type 40 [ 733.226188][ T5889] usb 6-1: new high-speed USB device number 36 using dummy_hcd [ 733.376178][ T5889] usb 6-1: Using ep0 maxpacket: 32 [ 733.378689][ T5889] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 733.378717][ T5889] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 733.378754][ T5889] usb 6-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 733.378774][ T5889] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 733.384359][ T5889] usb 6-1: config 0 descriptor?? [ 733.457512][ T5889] hub 6-1:0.0: USB hub found [ 733.594634][ T5889] hub 6-1:0.0: 1 port detected [ 734.511271][ T5875] hub 6-1:0.0: activate --> -90 [ 734.600649][ T5875] hub 6-1:0.0: hub_ext_port_status failed (err = -71) [ 734.604011][ T5875] usb 6-1: Failed to suspend device, error -71 [ 734.606407][ T5789] usb 6-1: USB disconnect, device number 36 [ 736.760622][ T396] binder: 395:396 ioctl c020f509 0 returned -22 [ 738.756448][ T5875] usb 6-1: new high-speed USB device number 37 using dummy_hcd [ 738.906478][ T5875] usb 6-1: Using ep0 maxpacket: 32 [ 738.908943][ T5875] usb 6-1: config 0 has an invalid interface number: 184 but max is 0 [ 738.908966][ T5875] usb 6-1: config 0 has no interface number 0 [ 738.909013][ T5875] usb 6-1: config 0 interface 184 has no altsetting 0 [ 738.917140][ T5875] usb 6-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 738.917165][ T5875] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 738.917183][ T5875] usb 6-1: Product: syz [ 738.917195][ T5875] usb 6-1: Manufacturer: syz [ 738.917207][ T5875] usb 6-1: SerialNumber: syz [ 738.987385][ T5875] usb 6-1: config 0 descriptor?? [ 739.011309][ T5875] smsc75xx v1.0.0 [ 739.599468][ T5875] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32 [ 739.599496][ T5875] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 740.906684][ T5875] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71 [ 740.906712][ T5875] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71 [ 740.906730][ T5875] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71 [ 740.907039][ T5875] smsc75xx 6-1:0.184: probe with driver smsc75xx failed with error -71 [ 740.983216][ T5875] usb 6-1: USB disconnect, device number 37 [ 744.107688][ T37] kauditd_printk_skb: 13 callbacks suppressed [ 744.107704][ T37] audit: type=1326 audit(999.924:719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=604 comm="syz.5.12752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaa9f8efc9 code=0x7ffc0000 [ 744.107746][ T37] audit: type=1326 audit(999.944:720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=604 comm="syz.5.12752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7fdaa9f8efc9 code=0x7ffc0000 [ 744.133263][ T37] audit: type=1326 audit(999.944:721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=604 comm="syz.5.12752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaa9f8efc9 code=0x7ffc0000 [ 744.133317][ T37] audit: type=1326 audit(999.944:722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=604 comm="syz.5.12752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaa9f8efc9 code=0x7ffc0000 [ 744.133361][ T37] audit: type=1326 audit(999.944:723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=604 comm="syz.5.12752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fdaa9f8efc9 code=0x7ffc0000 [ 744.133400][ T37] audit: type=1326 audit(999.944:724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=604 comm="syz.5.12752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaa9f8efc9 code=0x7ffc0000 [ 744.312213][ T37] audit: type=1326 audit(1000.144:725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=604 comm="syz.5.12752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaa9f8efc9 code=0x7ffc0000 [ 744.312261][ T37] audit: type=1326 audit(1000.144:726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=604 comm="syz.5.12752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fdaa9f8efc9 code=0x7ffc0000 [ 744.312300][ T37] audit: type=1326 audit(1000.144:727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=604 comm="syz.5.12752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaa9f8efc9 code=0x7ffc0000 [ 744.312338][ T37] audit: type=1326 audit(1000.144:728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=604 comm="syz.5.12752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaa9f8efc9 code=0x7ffc0000 [ 747.291901][ T1319] ieee802154 phy0 wpan0: encryption failed: -22 [ 751.379368][ T61] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 751.410925][ T61] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 751.412659][ T61] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 751.419556][ T61] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 751.420280][ T61] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 753.920648][ T61] Bluetooth: hci3: command tx timeout [ 755.747869][ T655] netlink: 4 bytes leftover after parsing attributes in process `syz.6.12771'. [ 756.009328][ T5809] Bluetooth: hci3: command tx timeout [ 758.094385][ T5809] Bluetooth: hci3: command tx timeout [ 760.166625][ T5809] Bluetooth: hci3: command tx timeout [ 760.561627][ T629] lo speed is unknown, defaulting to 1000 [ 788.582105][ T629] chnl_net:caif_netlink_parms(): no params data found [ 789.434209][ T37] kauditd_printk_skb: 9 callbacks suppressed [ 789.434227][ T37] audit: type=1326 audit(1045.264:738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=759 comm="syz.5.12811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaa9f8efc9 code=0x7ffc0000 [ 789.434691][ T37] audit: type=1326 audit(1045.264:739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=759 comm="syz.5.12811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fdaa9f8efc9 code=0x7ffc0000 [ 789.434734][ T37] audit: type=1326 audit(1045.264:740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=759 comm="syz.5.12811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaa9f8efc9 code=0x7ffc0000 [ 789.435101][ T37] audit: type=1326 audit(1045.264:741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=759 comm="syz.5.12811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7fdaa9f8efc9 code=0x7ffc0000 [ 789.442416][ T37] audit: type=1326 audit(1045.274:742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=759 comm="syz.5.12811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaa9f8efc9 code=0x7ffc0000 [ 789.456966][ T61] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 789.475240][ T37] audit: type=1326 audit(1045.274:743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=759 comm="syz.5.12811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fdaa9f8efc9 code=0x7ffc0000 [ 789.475280][ T37] audit: type=1326 audit(1045.304:744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=759 comm="syz.5.12811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaa9f8efc9 code=0x7ffc0000 [ 789.567253][ T37] audit: type=1326 audit(1045.304:745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=759 comm="syz.5.12811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fdaa9f8efc9 code=0x7ffc0000 [ 789.567304][ T37] audit: type=1326 audit(1045.404:746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=759 comm="syz.5.12811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaa9f8efc9 code=0x7ffc0000 [ 789.567344][ T37] audit: type=1326 audit(1045.404:747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=759 comm="syz.5.12811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaa9f8efc9 code=0x7ffc0000 [ 789.842057][ T61] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 790.025663][ T61] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 790.173455][ T61] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 790.182633][ T61] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 792.326205][ T5809] Bluetooth: hci5: command tx timeout [ 794.760788][ T5809] Bluetooth: hci5: command tx timeout [ 797.046158][ T5809] Bluetooth: hci5: command tx timeout [ 799.150162][ T5809] Bluetooth: hci5: command tx timeout [ 800.760191][ T754] lo speed is unknown, defaulting to 1000 [ 809.107280][ T1319] ieee802154 phy0 wpan0: encryption failed: -22 [ 817.750332][ T61] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 818.257397][ T61] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 818.260760][ T61] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 818.262113][ T61] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 818.262923][ T61] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 820.375978][ T5809] Bluetooth: hci2: command tx timeout [ 821.714444][ T891] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 821.714486][ T891] IPv6: NLM_F_CREATE should be set when creating new route [ 821.714518][ T891] IPv6: NLM_F_CREATE should be set when creating new route [ 821.714938][ T891] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 821.715178][ T891] netlink: 8 bytes leftover after parsing attributes in process `syz.5.12862'. [ 821.715194][ T891] netlink: 4 bytes leftover after parsing attributes in process `syz.5.12862'. [ 822.781129][ T5809] Bluetooth: hci2: command tx timeout [ 824.822478][ T5809] Bluetooth: hci2: command tx timeout [ 826.916203][ T5809] Bluetooth: hci2: command tx timeout [ 829.397584][ T877] lo speed is unknown, defaulting to 1000 [ 830.535428][ T754] chnl_net:caif_netlink_parms(): no params data found [ 844.061531][ T37] audit: type=1326 audit(1099.894:748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=978 comm="syz.5.12893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaa9f8efc9 code=0x7ffc0000 [ 844.061591][ T37] audit: type=1326 audit(1099.894:749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=978 comm="syz.5.12893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaa9f8efc9 code=0x7ffc0000 [ 844.061631][ T37] audit: type=1326 audit(1099.894:750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=978 comm="syz.5.12893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fdaa9f8efc9 code=0x7ffc0000 [ 844.061671][ T37] audit: type=1326 audit(1099.894:751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=978 comm="syz.5.12893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaa9f8efc9 code=0x7ffc0000 [ 844.061711][ T37] audit: type=1326 audit(1099.894:752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=978 comm="syz.5.12893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaa9f8efc9 code=0x7ffc0000 [ 844.061750][ T37] audit: type=1326 audit(1099.894:753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=978 comm="syz.5.12893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7fdaa9f8efc9 code=0x7ffc0000 [ 844.076260][ T37] audit: type=1326 audit(1099.914:754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=978 comm="syz.5.12893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaa9f8efc9 code=0x7ffc0000 [ 844.077416][ T37] audit: type=1326 audit(1099.914:755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=978 comm="syz.5.12893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fdaa9f8efc9 code=0x7ffc0000 [ 844.077462][ T37] audit: type=1326 audit(1099.914:756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=978 comm="syz.5.12893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaa9f8efc9 code=0x7ffc0000 [ 844.117013][ T37] audit: type=1326 audit(1099.914:757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=978 comm="syz.5.12893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fdaa9f8efc9 code=0x7ffc0000 [ 851.038009][ T61] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 851.062637][ T61] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 851.064961][ T61] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 851.084771][ T61] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 851.085674][ T61] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 853.186420][ T61] Bluetooth: hci3: command tx timeout [ 855.295664][ T61] Bluetooth: hci3: command tx timeout [ 857.427211][ T61] Bluetooth: hci3: command tx timeout [ 859.446156][ T61] Bluetooth: hci3: command tx timeout [ 860.108170][ T997] lo speed is unknown, defaulting to 1000 [ 863.850750][ T877] chnl_net:caif_netlink_parms(): no params data found [ 871.074720][ T1319] ieee802154 phy0 wpan0: encryption failed: -22 [ 876.023661][ T5809] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 877.336671][ T5809] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 877.344106][ T5809] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 877.361945][ T5809] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 877.365486][ T5809] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 880.198226][ T5809] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 880.218827][ T5809] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 880.220505][ T5809] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 880.221653][ T5809] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 880.296372][ T5809] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 881.518826][ T1106] lo speed is unknown, defaulting to 1000 [ 881.609749][ T5809] Bluetooth: hci5: command tx timeout [ 882.097497][ T1114] lo speed is unknown, defaulting to 1000 [ 882.098107][ T997] chnl_net:caif_netlink_parms(): no params data found [ 882.446273][ T5809] Bluetooth: hci6: command tx timeout [ 883.836287][ T5809] Bluetooth: hci5: command tx timeout [ 884.566609][ T5809] Bluetooth: hci6: command tx timeout [ 885.846352][ T5809] Bluetooth: hci5: command tx timeout [ 886.786159][ T5809] Bluetooth: hci6: command tx timeout [ 888.133953][ T5809] Bluetooth: hci5: command tx timeout [ 888.849658][ T5809] Bluetooth: hci6: command tx timeout [ 912.118034][ T61] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 912.676326][ T61] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 912.693394][ T61] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 912.705594][ T61] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 912.715139][ T61] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 913.269680][ T1106] chnl_net:caif_netlink_parms(): no params data found [ 915.032362][ T61] Bluetooth: hci2: command tx timeout [ 917.136330][ T61] Bluetooth: hci2: command tx timeout [ 919.436087][ T5809] Bluetooth: hci2: command tx timeout [ 921.496244][ T61] Bluetooth: hci2: command tx timeout [ 929.110103][ T1106] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wg0": -EINTR [ 929.251518][ T1204] lo speed is unknown, defaulting to 1000 [ 931.997537][ T1319] ieee802154 phy0 wpan0: encryption failed: -22 [ 942.030119][ T5809] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 942.254009][T31092] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 942.262330][T31092] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 942.263778][T31092] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 942.264734][T31092] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 942.327352][ T61] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 942.353913][ T61] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 942.365208][ T61] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 942.379667][ T61] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 942.380524][ T61] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 946.406124][ T1294] Bluetooth: hci7: command tx timeout [ 946.407002][ T1294] Bluetooth: hci3: command tx timeout [ 948.486273][ T5809] Bluetooth: hci3: command tx timeout [ 948.486303][ T5809] Bluetooth: hci7: command tx timeout [ 950.619331][ T1294] Bluetooth: hci7: command tx timeout [ 950.619368][ T1294] Bluetooth: hci3: command tx timeout [ 952.866170][ T5809] Bluetooth: hci3: command tx timeout [ 952.866201][ T5809] Bluetooth: hci7: command tx timeout [ 953.886135][ T1284] lo speed is unknown, defaulting to 1000 [ 953.961699][ T1280] lo speed is unknown, defaulting to 1000 [ 960.404993][ T38] INFO: task syz.6.12429:32394 blocked for more than 143 seconds. [ 960.405017][ T38] Not tainted syzkaller #0 [ 960.405027][ T38] Blocked by coredump. [ 960.405032][ T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 960.405042][ T38] task:syz.6.12429 state:D stack:25192 pid:32394 tgid:32394 ppid:31090 task_flags:0x40044c flags:0x00080003 [ 960.405090][ T38] Call Trace: [ 960.405097][ T38] [ 960.405111][ T38] __schedule+0x16f3/0x4c20 [ 960.405162][ T38] ? __lock_acquire+0xab9/0xd20 [ 960.405186][ T38] ? __pfx___schedule+0x10/0x10 [ 960.405224][ T38] ? schedule+0x91/0x360 [ 960.405248][ T38] schedule+0x165/0x360 [ 960.405270][ T38] schedule_timeout+0x9a/0x270 [ 960.405291][ T38] ? __pfx_schedule_timeout+0x10/0x10 [ 960.405325][ T38] ? _raw_spin_unlock_irq+0x23/0x50 [ 960.405345][ T38] ? lockdep_hardirqs_on+0x9c/0x150 [ 960.405364][ T38] ? wait_for_completion+0x267/0x5d0 [ 960.405387][ T38] wait_for_completion+0x2bf/0x5d0 [ 960.405422][ T38] ? __pfx_wait_for_completion+0x10/0x10 [ 960.405450][ T38] ? __init_swait_queue_head+0xa9/0x150 [ 960.405477][ T38] rcu_barrier+0x463/0x570 [ 960.405504][ T38] ? __pfx_tun_chr_close+0x10/0x10 [ 960.405525][ T38] netdev_run_todo+0x327/0xea0 [ 960.405549][ T38] ? __pfx_netif_state_change+0x10/0x10 [ 960.405575][ T38] ? __pfx_netdev_run_todo+0x10/0x10 [ 960.405594][ T38] ? lockdep_hardirqs_on+0x9c/0x150 [ 960.405625][ T38] ? netdev_state_change+0x1ca/0x220 [ 960.405645][ T38] ? __pfx_tun_chr_close+0x10/0x10 [ 960.405665][ T38] tun_chr_close+0x13f/0x1c0 [ 960.405688][ T38] __fput+0x45b/0xa80 [ 960.405718][ T38] task_work_run+0x1d4/0x260 [ 960.405741][ T38] ? __pfx_task_work_run+0x10/0x10 [ 960.405758][ T38] ? do_exit+0x6b0/0x2300 [ 960.405781][ T38] ? do_exit+0x6b0/0x2300 [ 960.405816][ T38] do_exit+0x6b5/0x2300 [ 960.405839][ T38] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 960.405873][ T38] ? __pfx_do_exit+0x10/0x10 [ 960.405894][ T38] ? rt_mutex_slowunlock+0x493/0x8a0 [ 960.405910][ T38] ? rt_spin_lock+0x1c1/0x3e0 [ 960.425622][ T38] do_group_exit+0x21c/0x2d0 [ 960.425652][ T38] ? rt_spin_unlock+0x161/0x200 [ 960.425676][ T38] get_signal+0x125d/0x1310 [ 960.425721][ T38] arch_do_signal_or_restart+0xa0/0x790 [ 960.425744][ T38] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 960.425763][ T38] ? __se_sys_futex+0x36f/0x400 [ 960.425804][ T38] ? exit_to_user_mode_loop+0x40/0x130 [ 960.425831][ T38] exit_to_user_mode_loop+0x72/0x130 [ 960.425853][ T38] do_syscall_64+0x2bd/0xfa0 [ 960.425874][ T38] ? lockdep_hardirqs_on+0x9c/0x150 [ 960.425895][ T38] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 960.425913][ T38] ? clear_bhb_loop+0x60/0xb0 [ 960.425975][ T38] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 960.425994][ T38] RIP: 0033:0x7ff1b1ccefc9 [ 960.426010][ T38] RSP: 002b:00007ff1aff2e0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 960.426031][ T38] RAX: fffffffffffffe00 RBX: 00007ff1b1f25fa8 RCX: 00007ff1b1ccefc9 [ 960.426045][ T38] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007ff1b1f25fa8 [ 960.426056][ T38] RBP: 00007ff1b1f25fa0 R08: 0000000000000000 R09: 0000000000000000 [ 960.426068][ T38] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 960.426079][ T38] R13: 00007ff1b1f26038 R14: 00007fffa1ec1aa0 R15: 00007fffa1ec1b88 [ 960.426112][ T38] [ 960.426154][ T38] [ 960.426154][ T38] Showing all locks held in the system: [ 960.426165][ T38] 3 locks held by kworker/u8:0/12: [ 960.426176][ T38] #0: ffff88813ff69938 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 960.426228][ T38] #1: ffffc90000117ba0 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 960.426271][ T38] #2: ffffffff8e862eb8 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60 [ 960.426315][ T38] 8 locks held by ktimers/0/16: [ 960.426326][ T38] 3 locks held by rcuc/1/28: [ 960.426336][ T38] 5 locks held by ktimers/1/29: [ 960.426346][ T38] 1 lock held by khungtaskd/38: [ 960.426356][ T38] #0: ffffffff8d5aa4c0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180 [ 960.426422][ T38] 2 locks held by getty/5559: [ 960.426432][ T38] #0: ffff88823bf268a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 960.426473][ T38] #1: ffffc90003e8b2e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x444/0x1400 [ 960.426518][ T38] 4 locks held by syz-executor/5787: [ 960.426528][ T38] 10 locks held by syz-executor/5815: [ 960.426544][ T38] 2 locks held by kworker/u8:25/14260: [ 960.426553][ T38] #0: ffff8880197ff138 ((wq_completion)iou_exit){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 960.426596][ T38] #1: ffffc900063f7ba0 ((work_completion)(&ctx->exit_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 960.426640][ T38] 4 locks held by kworker/u8:28/14263: [ 960.426650][ T38] #0: ffff888019ad4938 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 960.426693][ T38] #1: ffffc9000626fba0 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 960.426735][ T38] #2: ffffffff8e855fa0 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xf7/0x820 [ 960.426775][ T38] #3: ffffffff8d5afe70 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 960.426823][ T38] 2 locks held by kworker/u8:41/14278: [ 960.426833][ T38] #0: ffff8880197ff138 ((wq_completion)iou_exit){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 960.426876][ T38] #1: ffffc90005aa7ba0 ((work_completion)(&ctx->exit_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 960.426919][ T38] 5 locks held by kworker/u8:43/14281: [ 960.426933][ T38] 6 locks held by kworker/u8:53/14291: [ 960.426949][ T38] 1 lock held by syz.6.12429/32394: [ 960.426958][ T38] #0: ffffffff8d5afe70 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 960.426999][ T38] 1 lock held by syz-executor/629: [ 960.427008][ T38] #0: ffffffff8d5afe70 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 960.427050][ T38] 1 lock held by syz-executor/754: [ 960.427060][ T38] #0: ffffffff8d5afe70 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 960.427101][ T38] 1 lock held by syz-executor/877: [ 960.427111][ T38] #0: ffffffff8d5afe70 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 960.427152][ T38] 2 locks held by kworker/1:1/929: [ 960.427163][ T38] 1 lock held by syz-executor/997: [ 960.427173][ T38] #0: ffffffff8d5afe70 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 960.427214][ T38] 12 locks held by kworker/u8:4/1003: [ 960.427225][ T38] 1 lock held by syz.5.12902/1009: [ 960.427234][ T38] #0: ffffffff8d5afe70 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 960.427275][ T38] 1 lock held by syz-executor/1106: [ 960.427285][ T38] #0: ffffffff8d5afe70 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 960.427327][ T38] 3 locks held by syz-executor/1204: SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 960.427337][ T38] #0: ffffffff8ed64678 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x23/0x250 [ 960.427381][ T38] #1: ffffffff8e862eb8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8e9/0x1c80 [ 960.427428][ T38] #2: ffff88813ff74238 (&root->kernfs_rwsem){++++}-{4:4}, at: kernfs_add_one+0x41/0x520 [ 960.427471][ T38] 4 locks held by syz-executor/1280: [ 960.427481][ T38] #0: ffffffff8e855fa0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x337/0x4e0 [ 960.427527][ T38] #1: ffffffff8e5cba20 (devices_rwsem){++++}-{4:4}, at: rdma_dev_init_net+0x19a/0x270 [ 960.427569][ T38] #2: ffffffff8e5cbc60 (rdma_nets_rwsem){++++}-{4:4}, at: rdma_dev_init_net+0x1d2/0x270 [ 960.427610][ T38] #3: ffff88803c6bd118 (&device->compat_devs_mutex){+.+.}-{4:4}, at: add_one_compat_dev+0xee/0x5c0 [ 960.427653][ T38] 5 locks held by syz-executor/1284: [ 960.427664][ T38] 4 locks held by syz.0.13048/1385: [ 960.427674][ T38] [ 960.427679][ T38] ============================================= [ 960.427679][ T38] [ 960.427687][ T38] NMI backtrace for cpu 1 [ 960.427705][ T38] CPU: 1 UID: 0 PID: 38 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 960.427752][ T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 960.427777][ T38] Call Trace: [ 960.427793][ T38] [ 960.427800][ T38] dump_stack_lvl+0x189/0x250 [ 960.427828][ T38] ? __pfx_dump_stack_lvl+0x10/0x10 [ 960.427851][ T38] ? __pfx__printk+0x10/0x10 [ 960.427884][ T38] nmi_cpu_backtrace+0x39e/0x3d0 [ 960.427904][ T38] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 960.427925][ T38] ? __pfx__printk+0x10/0x10 [ 960.427950][ T38] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 960.427971][ T38] nmi_trigger_cpumask_backtrace+0x17a/0x300 [ 960.427991][ T38] watchdog+0xf60/0xfa0 [ 960.428018][ T38] ? watchdog+0x1e2/0xfa0 [ 960.428046][ T38] kthread+0x711/0x8a0 [ 960.428072][ T38] ? __pfx_watchdog+0x10/0x10 [ 960.428092][ T38] ? __pfx_kthread+0x10/0x10 [ 960.428112][ T38] ? rt_spin_unlock+0x150/0x200 [ 960.428133][ T38] ? rt_spin_unlock+0x161/0x200 [ 960.428148][ T38] ? __pfx_kthread+0x10/0x10 [ 960.428172][ T38] ret_from_fork+0x4bc/0x870 [ 960.428194][ T38] ? __pfx_ret_from_fork+0x10/0x10 [ 960.428221][ T38] ? __switch_to_asm+0x39/0x70 [ 960.428237][ T38] ? __switch_to_asm+0x33/0x70 [ 960.428252][ T38] ? __pfx_kthread+0x10/0x10 [ 960.428276][ T38] ret_from_fork_asm+0x1a/0x30 [ 960.428310][ T38] [ 960.428317][ T38] Sending NMI from CPU 1 to CPUs 0: [ 960.428341][ C0] NMI backtrace for cpu 0 [ 960.428358][ C0] CPU: 0 UID: 0 PID: 1003 Comm: kworker/u8:4 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 960.428401][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 960.428424][ C0] Workqueue: events_unbound nsim_dev_trap_report_work [ 960.428450][ C0] RIP: 0010:__sanitizer_cov_trace_pc+0x33/0x80 [ 960.428473][ C0] Code: 48 8b 0c 25 08 40 a2 91 65 8b 35 88 82 e3 0f 81 e6 00 00 ff 00 ba 00 01 00 00 23 91 4c 0b 00 00 89 d7 09 f7 74 11 85 f6 75 39 <85> d2 74 35 83 b9 14 16 00 00 00 74 2c 8b 91 f0 15 00 00 83 fa 02 [ 960.428488][ C0] RSP: 0018:ffffc90004d468d8 EFLAGS: 00000246 [ 960.428503][ C0] RAX: ffffffff898619c5 RBX: 1ffff920009a8d20 RCX: ffff888024c8da00 [ 960.428516][ C0] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000100 [ 960.428527][ C0] RBP: ffffc90004d46a50 R08: 0000000000000000 R09: 0000000000000100 [ 960.428544][ C0] R10: 0000000000000000 R11: 0100000000000000 R12: 0000000000000000 [ 960.428555][ C0] R13: 1ffff920009a8d60 R14: ffff88807c787568 R15: ffffc90004d46b00 [ 960.428569][ C0] FS: 0000000000000000(0000) GS:ffff888126dfc000(0000) knlGS:0000000000000000 [ 960.428583][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 960.428595][ C0] CR2: 00007ffd597c7fe8 CR3: 000000000d3a6000 CR4: 00000000003526f0 [ 960.428611][ C0] Call Trace: [ 960.428617][ C0] [ 960.428622][ C0] __cookie_v6_init_sequence+0xf5/0x520 [ 960.428644][ C0] ? __pfx___cookie_v6_init_sequence+0x10/0x10 [ 960.428662][ C0] ? kmalloc_reserve+0xbd/0x290 [ 960.428677][ C0] ? rcu_is_watching+0x15/0xb0 [ 960.428692][ C0] ? kmalloc_reserve+0xbd/0x290 [ 960.428707][ C0] ? trace_kmem_cache_alloc+0x1f/0xc0 [ 960.428726][ C0] ? kmem_cache_alloc_node_noprof+0x291/0x6e0 [ 960.428746][ C0] ? kmalloc_reserve+0xbd/0x290 [ 960.428760][ C0] ? __alloc_skb+0x112/0x2d0 [ 960.428779][ C0] ? __build_skb_around+0x262/0x3f0 [ 960.428796][ C0] ? synproxy_send_client_synack_ipv6+0x34f/0xca0 [ 960.428816][ C0] ? skb_put+0x11b/0x210 [ 960.428833][ C0] synproxy_send_client_synack_ipv6+0x47c/0xca0 [ 960.428860][ C0] ? __pfx_synproxy_send_client_synack_ipv6+0x10/0x10 [ 960.428879][ C0] ? nft_osf_eval+0xc0/0x770 [ 960.428897][ C0] ? synproxy_pernet+0x45/0x270 [ 960.428921][ C0] nft_synproxy_eval_v6+0x36e/0x560 [ 960.428946][ C0] ? __pfx_nft_synproxy_eval_v6+0x10/0x10 [ 960.428969][ C0] ? nf_ip_checksum+0x13c/0x510 [ 960.428991][ C0] nft_synproxy_do_eval+0x3d7/0x570 [ 960.429016][ C0] ? __pfx_nft_synproxy_do_eval+0x10/0x10 [ 960.429046][ C0] nft_do_chain+0x40c/0x1920 [ 960.429073][ C0] ? __pfx_nft_do_chain+0x10/0x10 [ 960.429091][ C0] ? ipv6_find_hdr+0xc78/0x1050 [ 960.429123][ C0] ? do_xdp_generic+0x115/0xdb0 [ 960.429145][ C0] ? unwind_next_frame+0xa5/0x2390 [ 960.429169][ C0] nft_do_chain_inet+0x25d/0x340 [ 960.429190][ C0] ? __pfx_nft_do_chain_inet+0x10/0x10 [ 960.429210][ C0] ? __lock_acquire+0xab9/0xd20 [ 960.429236][ C0] ? NF_HOOK+0x9a/0x3a0 [ 960.429254][ C0] ? __pfx_nft_do_chain_inet+0x10/0x10 [ 960.429275][ C0] nf_hook_slow+0xc5/0x220 [ 960.429294][ C0] NF_HOOK+0x206/0x3a0 [ 960.429312][ C0] ? __pfx_ip6_input_finish+0x10/0x10 [ 960.429330][ C0] ? NF_HOOK+0x9a/0x3a0 [ 960.429346][ C0] ? __pfx_NF_HOOK+0x10/0x10 [ 960.429365][ C0] ? __pfx_ip6_input_finish+0x10/0x10 [ 960.429389][ C0] ip6_input+0x16a/0x270 [ 960.429406][ C0] ? ip6_input+0x23/0x270 [ 960.429425][ C0] NF_HOOK+0x30c/0x3a0 [ 960.429442][ C0] ? skb_orphan+0xaf/0xd0 [ 960.429459][ C0] ? __pfx_ip6_rcv_finish+0x10/0x10 [ 960.429476][ C0] ? NF_HOOK+0x9a/0x3a0 [ 960.429492][ C0] ? __pfx_NF_HOOK+0x10/0x10 [ 960.429511][ C0] ? __pfx_ip6_rcv_finish+0x10/0x10 [ 960.429540][ C0] __netif_receive_skb+0xd3/0x380 [ 960.429565][ C0] ? process_backlog+0x27b/0x900 [ 960.429587][ C0] process_backlog+0x31e/0x900 [ 960.429616][ C0] __napi_poll+0xb6/0x540 [ 960.429640][ C0] net_rx_action+0x5f7/0xda0 [ 960.429670][ C0] ? __pfx_net_rx_action+0x10/0x10 [ 960.429696][ C0] ? kvm_sched_clock_read+0x11/0x20 [ 960.429719][ C0] ? __pfx_sched_clock_cpu+0x10/0x10 [ 960.429744][ C0] handle_softirqs+0x22f/0x710 [ 960.429768][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 960.429792][ C0] __local_bh_enable_ip+0x1a0/0x2e0 [ 960.429810][ C0] ? reacquire_held_locks+0x127/0x1d0 [ 960.429833][ C0] ? rt_spin_lock+0x1c1/0x3e0 [ 960.429849][ C0] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 960.429868][ C0] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 960.429887][ C0] ? rt_spin_unlock+0x150/0x200 [ 960.429905][ C0] ? rt_spin_unlock+0x161/0x200 [ 960.429920][ C0] ? nsim_dev_trap_report_work+0x72e/0xbc0 [ 960.429942][ C0] nsim_dev_trap_report_work+0x7f2/0xbc0 [ 960.429971][ C0] ? process_scheduled_works+0x9ef/0x17b0 [ 960.429991][ C0] process_scheduled_works+0xae1/0x17b0 [ 960.430025][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 960.430053][ C0] worker_thread+0x8a0/0xda0 [ 960.430086][ C0] kthread+0x711/0x8a0 [ 960.430110][ C0] ? __pfx_worker_thread+0x10/0x10 [ 960.430129][ C0] ? __pfx_kthread+0x10/0x10 [ 960.430149][ C0] ? rt_spin_unlock+0x150/0x200 [ 960.430168][ C0] ? rt_spin_unlock+0x161/0x200 [ 960.430182][ C0] ? __pfx_kthread+0x10/0x10 [ 960.430205][ C0] ret_from_fork+0x4bc/0x870 [ 960.430224][ C0] ? __pfx_ret_from_fork+0x10/0x10 [ 960.430247][ C0] ? __switch_to_asm+0x39/0x70 [ 960.430262][ C0] ? __switch_to_asm+0x33/0x70 [ 960.430277][ C0] ? __pfx_kthread+0x10/0x10 [ 960.430299][ C0] ret_from_fork_asm+0x1a/0x30 [ 960.430324][ C0]