last executing test programs: 11m35.183307779s ago: executing program 32 (id=15909): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000080), 0x40000, 0x0) ioctl$FBIOPAN_DISPLAY(r0, 0x4606, &(0x7f0000000400)={0x800, 0x10, 0x800, 0xf0, 0x50558012, 0x6, 0x0, 0x2, {0x6, 0x6, 0x1}, {0x1, 0xfffffff5}, {0x81, 0x9, 0x1}, {0x7e7, 0xf}, 0x4, 0x100, 0x0, 0x6, 0x1, 0xaf, 0x303, 0x37, 0x2, 0x5, 0x1, 0x101, 0x6, 0x2, 0x2, 0xc}) 10m17.233924801s ago: executing program 0 (id=18130): r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000ac0), 0x0, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000b00)={0x0, "abacd211119ca94c63377526aeb5ab2c7b9ca5fa07558139ede6dc06270ee042", 0xffffffffffffffff}) ioctl$SYNC_IOC_FILE_INFO(r1, 0xc0383e04, &(0x7f0000000180)={""/32, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000480)=[{}]}) 10m17.181517577s ago: executing program 0 (id=18132): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={{0x14}, [@NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @xfrm={{0x9}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_XFRM_DIR={0x5}, @NFTA_XFRM_KEY={0x8, 0x2, 0x1, 0x0, 0x2}]}}}]}]}], {0x14}}, 0x7c}}, 0x0) 10m16.974971523s ago: executing program 0 (id=18137): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3) setreuid(0xee00, 0xee00) ioctl$FS_IOC_GETFSLABEL(r0, 0x400452c8, &(0x7f0000000100)) 10m16.96493521s ago: executing program 0 (id=18141): syz_emit_ethernet(0x32, &(0x7f0000000200)={@broadcast, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0xe000, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x0, 0x10, 0x0, @opaque="0b80d010da6a6a3c"}}}}}, 0x0) socket$packet(0x11, 0x3, 0x300) syz_emit_ethernet(0x32, &(0x7f0000000240)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @multicast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x2, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x0, 0x10, 0x0, @gue={{0x2, 0x1, 0x3, 0x6}}}}}}}, 0x0) 10m16.858563423s ago: executing program 0 (id=18148): mkdir(&(0x7f0000005800)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f00000000c0)='sysfs\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000200)='./file0/bus\x00', &(0x7f00000001c0)='sysfs\x00', 0x0, 0x0) 10m16.789872859s ago: executing program 0 (id=18150): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x10, 0x7fff0000}]}) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.net/devices.allow\x00', 0x2, 0xc8) open_by_handle_at(r0, &(0x7f0000000140)=@ceph_nfs_fh={0x8, 0xfe, {0x7}}, 0x2241c2) 10m3.584209443s ago: executing program 2 (id=18489): pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r0, &(0x7f0000000680)=[{&(0x7f00000003c0)="b1f3e591937d8b12860eb438e350bae82eecc402814086fac94445a7f6cad18110c54a443a064d7d0b7b38358fe5ee323ca628d73d627cf38ef6faddbdbde6c1729a19da73e58afd22a865497aadbb9e9342d6142092d58076f033c0c0168cbbc3fad3cf3e2de62c16cfc6ea707a4f56ad7dfeaf642c96d9490853cea955dc55dd7f11946b66e6d324e75245a653a1c3b7937fcabf059f6d3a3d6a2408769104173218e44202b11b8a79470c", 0xac}, {&(0x7f0000003380)="84b0459158c085154fede4f8c066619ed64e4bb02a55ced5b3c23b3474994782b12a60d6ab167341b89e2c6adaa62c9e8e72400d802de2370a7b85dd5875a857560d36ae68c21afb36462cf600bf2f756af0edd49c0802508ebd737ebc99f84c941f1eba5e8a5366085e9acd5217df27e123a55231b58db80452e8db871f88eaba57b84d021d92613c4032bc066696f87866823c1bc25d7eb398d88c18bbdbb80271fae3d2534f1d2a508b254263cc83ecacdb039bad6fcd23f25e7643c4ea1186fd71bb6325d2adde2df0aa8773edec0f68f83e7cf91fd5de05cf71470d153a91066cc002f7dd29cf725883e080d1aa7656d238b5ff192c61947395af40fedc00f41f172c6d11e7a78f67461cc1b0c96102f94037c9520aa0557796f429db151d2dc3e869a671d0759ece16dc2ce6c923bbf54845e2b8a22e8f1455789d4b9a2e36f6f7ba966bfa5d8e5d445f8798dd3a73ad408859550d554533efa8eee469609d8b6cdb3702dc4e0d35131ca06960b3247b63e8b6e59a11a7fad01dd6799b468bbf306ba62e73b8b2b6e700fd34ca45cb62f54390f5b484a0ef0e3f3b20075be4b6ccd96cfb906b2734e3449dfe886af6568b7750de62a33805c308931eb4b2d971dd84dc336a966837066d0e966b214b48b6f669734fb95a65263a6d621f29b590cf7cdf761264d4ffad2f05f3d7ac2b204633e782da4c78d8a2fe8e3b703eb92ce75948d599a352c73456c6cdb99ffac8ee5559543efd765651b797100776df00a9a4635f2b54a8a845404a0531f29d3e5853cf8c44f45df014bc2fceaa80b63ac0084a8226dd6bf9385eef2e4fb1604edb3abc488685d6d569f6d7541d8e7f0505000e6fa5fa393df4550a8cbbb8ac4eb6c2a90db59e8942aaac64221b8b14fa27795cf89e383d11d5774974070d87983f5d4ddd38ef3d8f0e5ca9558ad77b7acbb85e8b2cfbb097efce6eb18af848b953d5dbbd894edea5f17c3dea92a788b0b516cbb7e7c03e0557dbe7baffd8572ba293129438bc7f43bf25f5f850c2da984ad488cbaf90ec166b8cd165da86abf2ac91da5e29ab3c6118680abdf648a60ff2998205ac2bd79d1b06cb11281c19bcc895c915f98c01c80bf940d853b711b62b142706336bed20dec5a4831f6f6f1e7da2c4393e31241af052558496375e5d415030f95cb74ce1d1948ed9450053eef0c02176e3ba5101a9795dcb2e44d0777b494ba4ef16ec1df22aa6a0b61f88bf3ccf52190ffb71d0321d311fa9e97b95b75c337982546c9f1ed7922d46d7815d3f0a31fe262d4c938a72c2e3a23d047e52d6c9483bc74c82ef96f4878ffe84bb02250e6be1712e9f40deb3d8122883b5948ad7b80b9784f2c291e69d9eb723eb996cfb65c88ebb0f222d5482018a97879648c2864cea726643bc59bf3d1c25d0dcdbca3c4f4f80fa55a7add8c1bf3c78cb198d6ac950df1fa6b6669227ec9f32874378e4a9e4309ba5ae247fc3018ef741a4c933ac61c30835198facf99fffc8ac958777c08dd1135b4c27c4acd5003f9a5c19d79d1230d149f5462d31c258a59029d30b46d490eedf5fd0fe17fe2c3b483895bb1a368285587047176b290cbfcdd49d8aa1666d3ed4893bad17951f3164a02f7e6db8a4b7107c2362124727d4e887e8786ddf44805c4da53caefc1241658a8c57dc922785f279a11194038ce0b80f1f50cd129db678c6ea11150e038abb1194b3651aaf23f54a6a6e90be7739783d978d5694d92e9e27b40229b2b14b65f564999e06a090866ba25b908823d7e5e426fa758a7981c2ec11e497b996f1883a67f63800e670c8c45838d00a788f4da7d617b8a8f6d09ce3a1f93ab09d544852fa60a5e7ea88778d6923581a2c308a543901ef2ba4822e2a12df6fd4384a9d35603708aca43da02cb1024a58c7acd075ba4382da74493a54b33d75d8d24a3f122e80371e72abf4aa70f81b31baf5d0114e8e471bfe8e7e99489ace7de037d4f5dbd1f58f874b04790d5b1d86b49dd428da6daf92d294096600ba9a71a469241981452fbac01615ea27ea3d02eb0202870070122d94d1ff4f45d056657b072a04b30e66ba2f8fe01f66a0309dce40590e2aa3afd7ebe141266914570c532e95acb71ae1c334f8063154fad9aa0ff15597f48bc7eb9a2a02484f4599950775aeaf2c61c2c10c6917b773a0e21c74991696a54868679f264e7b9d6a6054bf0d1a245fe1af3d9ab96283813fb15e9c36c044b8c3ef60f70cb6cb106aaef0a2c3794cda86eb6191e83f88ea50fc95a414256772b08688a6fae44e0573c286d192c55edf849461fa1affa1e7da29140a598eb7f7d86468b9175a182a33f9a928fc9a9944faef0b2434a70d45423ace458dcd5b6c9b5ec7a3e2972b3dba301dc54ff9edff7880e0631c8a5093317cf2163492f825c719bfa9a075e6e83fe86a3d333b97421aa695b2ec414666b1f9622449dcc88e5575d3f903191ccd7d3650cf32e1898d985b538efb5e64897c5b7fe03cb67e2425fa26449046ac6e03f7eceb757be1efd01dee718ca4a35ae4482676bf85cdfff9735f78852f01c889afe5a730aaaa490b62178a9571b9ea2d29d78d384bb2b1b576896c39e01686aaf263a9012c25de56c98ff07d785927a0f2d2c888a79f474f1065e254d5516c820992862c4f8c5daab06df86fbe3c86d57d3b161e3a9b75982c8a3297fea09a228bc66953ac89189cc04ff130a5c33c834e25d9b350d39a3326948e525fbaedb4167219e3c22d9275470204430e492d8713f7ca96c4b4308153f42a9d713d8d09094f3d5647c1785de58c6b9d4be5de0471a35f0e448a268a36a523308589e1352fda9af83eb89984e4fc1ffd7d2677ea04eaeda35abcf63c2a2ee898625e1e23ed00e8055637c353dfbb3c597a6e97ab05e2efedfc7c5201fdb2c070dcea73b049c42ea0c438dc65b3a3ee59a495a1f9277d26013ed44ef9e24ef9cbbbdacd423a7d0622e402cc9379aa81726b341160540255ff9820b0a54163baf2c6c89ec136f9477737d40109111dcef90b49f24e9f7d2b9dc2f5d4c611509446eb5ba7e6293c483143997c24d6c743941b7fe04c8127fd2998654c07fcb75ba8fcb52deb73f0e953002a598695b77ccdda490ae949ba873e4a34dd19feeefce89113bcef0ee48a90f4a438c4e34d0f293e5918b71d14a8cc0e3f99ddc59fa3c5b67519d8ad9aa0f9a7898516955ad9cb3ecacb1b0375676754ab54f74b87deb728bae1a708c939e7905934761d8e4a73e9f5909b1604347bfd7bffdd13885bb14063ad801542152b853e97f896af9e01b7429c6d136e0d0a68538e5239aca708757113d749f6af088acb6daa4c71495730445629c11bbabda00828c7b9bd3ac71ed938084c4077d1e187f1ce94b2f05f9620ace7e8acb9cd4536ce756989a2fefbd3d2a13446add5480c0137dd9ce50500d589d0beb77493e3f44ff3ad420023aba12ad2af2a282a4f76bb1696ec34d401245620bd3b7890f3487a6aec780c511f46cc137cd0e7d7cba8de8d86f65ebb2518e9392a2503c42b6a3d654f16e50dcad97ba37e8668555526db592cb7d04989f3f967fe874df0cc42bcabaa24ad38852c7fe28e1c582994e7209cfa4fcbec005642f49fd360fe9cc1db876b472cbcb076fe9aea545a7c3c76d8e4697e26a6971e671f2374515ab5acc9ce9ebae0248b9878cb48ad674bc202d7724e59aa242eed5c17c237990ac4800897d83509acb54e68442aaa2110f5645c0882f517b535b6853dea3b2e734d3389ee805423cc490ad1f6ab164c7e06219c811858e347939ccdf91f5a47ecaa9706e485d668a0e0ce17c44ec5d95896b088c89d2fb46b58bc017ed40429c14a001cfd7a51dffb9c9fe68c1a05b3b065f4528b88ba72179b11946b91a76eaacca06ef0dd1a3d4916ccfe13767356465ea88f132c92ab008daa26fccb7cb000baa22dd811885fccfeb7df6c58e7da4e1b26c9526327f287818f15c99d165ba25e72001e8af6375c00bd4650d8296355a2d486bed57a716b15c92e1cae932068bbd6539e840d44dd1cb0f715b9c46ef8e33ac25f2977851fef57b47c40af14bcf716f923f92c10d2de0f9564e1fc1f2a63f8f7262623a8f3a246ea7e485e251e8bf4416f91dda75719e3369b800066b3b2e52c1f9e1f56da0fe678e465b820b5d19474d62ebf6058b9a77417f0ce63d1b817415255cf2d98e436f7d9df08827a61bf774185d8f7d34590c54dbf4bd50a483cceb0b06ab0761c4986ce38d4d3f8e6336abb152bb86deb6db2c8b13e7db6b7cdd84b8cc2203d1ea09dbdcaeb07393bad9b3d552cb656a1b77dd527f4a6ff7776b9c4c5465c61f154d79da8d178cd969591b5ca6f7811cd4ea3919a84ed274b3d008715e8b15d75e9f67175dbee8ebfe039d6d5ba883b45916daca217e8768f97307f555456cdd11518f59c06b43b3ba0e66c83d6af0a4b6e39429998d9a9a417b2f472c41911292004343841fabbeb3f80636d52df5969a1e0d4d3a2db629464d9aaeeb7843e7581025a10d15a1b5f7bb4cad97f43e17387b1c091cd04e3b7a806c22fd9e38f4515bf374f89d82852c1af19885f7ce3e74d7a2183001877debdc7f9379c8e2d8acacdaf88edbf233ed12a4f05d437fa81ed3f32e48552d91a83b58214f8724c0ab867d223f82b274dbdb15e22f463000b3664eb83a3449deac376396d0a970f13a23651da51b5f0ff93743315a541f900d7e0f2a35b81ddc2e821196f3c86132261b93439082fbac7b92ddea25332c82973fc6de4cc224c374ff3656980ba15e66b8e38285317a319bd704107b5205484b08270dd7755d06104f24993755e31996138d659f43b371ba4363deaaa211ace6f71dd5e9b979c9072fe55dddebdf52398bd8f67f40b9739e8035db83395a1ef6d96bb1e7eca3e5622dadd415e9e32392703f270a689fbfab1cc00ef40acc29fda7aa1336eb33c2049e7d53d30521e29d1cbc380a91fa46c1f2d58d7def3a711c0654eb0eea171096af1c96e5cae46e0f9d2a4ea053b236d8e59e44274512bf47ecf57a086cae33f8e10072e508c4836030f43f3061ea55c6104fb1264dedd9fd8f0f59db05bfd2dce44249ec61c5d4287a619c6765368102ca4374428aa7281d52a6a73b6bee687a005baa0c2915169c631c758eb065df9d38d49921fd65ccd6341b52cce538e19d2813587641612a95c4e2a425545eb66f3b9bdb80c862b7f3df2d25b461c86741b2c4c269c079603c5e0e7b84c2a567dc948d30f661a0286904460a6506b9a2e696759b10e0066b7076233c2d2b906de3c8e5eb4f169eaa1726a9d8a494f2d13ada53ec40851d5e3a30fb2e32d2a9f7ca1ac54271d8abcbf0aa59f665c0cb40945ca1c105b1c6929131a751f0b0a01edbd35cb49b23e21ce92ba6471efe8f2cc745088bd26049740b4b51ee079ae1ca4eea89866aa337495b12593440c7efc63245a3b98a09168a76d8878e35cd49acf581d4af8d6c09d4b82ba8a9f194f6debc5afb830b775b42ae9a74d639ede0ca4", 0xf54}, {0x0, 0xf00}], 0x3, 0x0) write$binfmt_script(r1, &(0x7f0000020240), 0x10010) 10m3.49920405s ago: executing program 2 (id=18490): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f00000004c0)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c) sendto$inet6(r0, &(0x7f0000000080)="b54e34fd23", 0x5, 0x400c0d4, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, 0xffffffff}, 0x1c) 10m3.46320201s ago: executing program 2 (id=18492): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000001e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWRULE={0x64, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @hash={{0x9}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_HASH_TYPE={0x8, 0x7, 0x1, 0x0, 0x1}, @NFTA_HASH_MODULUS={0x8, 0x4, 0x1, 0x0, 0x40000}, @NFTA_HASH_DREG={0x8, 0x2, 0x1, 0x0, 0xe}, @NFTA_HASH_OFFSET={0x8, 0x6, 0x1, 0x0, 0xfffffff8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x8c}}, 0x0) 10m3.326477399s ago: executing program 2 (id=18495): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a6c000000060a0b04000000000000000002000000400004803c0001800b00010065787468647200002c0002800800034000ec000005000200000000000800044000000000080007400000000008000640000000010900010073797a30000000000900020073797a32"], 0x94}}, 0x0) 10m3.113534883s ago: executing program 2 (id=18496): mkdir(&(0x7f0000005800)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f00000000c0)='sysfs\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000200)='./file0/bus\x00', &(0x7f00000001c0)='sysfs\x00', 0x0, 0x0) 10m3.101572654s ago: executing program 2 (id=18506): mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x4004032, 0xffffffffffffffff, 0xb06cb000) r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000f40)={@in={{0x2, 0x4e24, @empty}}, 0x0, 0x0, 0x23d, 0x0, "2dfedf4fe729e6da2c283c04b074205e1eefc56dbc4e3bbeef85e81f0118fc0f64326f290de80584bce41936f14cb7a820ac8e630e660da57c076a7cb4155c7f0efdcea917bd84db674f344208d682a5"}, 0xd8) 10m0.433170529s ago: executing program 33 (id=18150): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x10, 0x7fff0000}]}) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.net/devices.allow\x00', 0x2, 0xc8) open_by_handle_at(r0, &(0x7f0000000140)=@ceph_nfs_fh={0x8, 0xfe, {0x7}}, 0x2241c2) 9m46.927007655s ago: executing program 34 (id=18506): mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x4004032, 0xffffffffffffffff, 0xb06cb000) r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000f40)={@in={{0x2, 0x4e24, @empty}}, 0x0, 0x0, 0x23d, 0x0, "2dfedf4fe729e6da2c283c04b074205e1eefc56dbc4e3bbeef85e81f0118fc0f64326f290de80584bce41936f14cb7a820ac8e630e660da57c076a7cb4155c7f0efdcea917bd84db674f344208d682a5"}, 0xd8) 9m18.718858736s ago: executing program 5 (id=18906): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000440)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWRULE={0x6c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x40, 0x4, 0x0, 0x1, [{0x3c, 0x1, 0x0, 0x1, @match={{0xa}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_MATCH_INFO={0x14, 0x3, "f4f03b0200000000030007116b61979e"}, @NFTA_MATCH_NAME={0x9, 0x1, 'l2tp\x00'}, @NFTA_MATCH_REV={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x94}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) 9m18.601204762s ago: executing program 5 (id=18909): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000100)={0xffffffffffffffff}, 0x2, 0x3}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000080)={0xe, 0x18, 0xfa00, @id_resuseaddr={&(0x7f0000001280), r1, 0x0, 0x1, 0x4}}, 0x20) 9m18.593161925s ago: executing program 5 (id=18911): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ec}, 0x94) r1 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000080)={r0, 0x0, 0x2d, 0x0, @val=@netfilter={0xa, 0x1, 0x353a, 0x1}}, 0x20) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000040)={r1, 0x0, 0x0}, 0x10) 9m18.530008457s ago: executing program 5 (id=18912): r0 = socket$inet6_icmp(0xa, 0x2, 0x3a) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000100)='veth1_to_bond\x00', 0x10) bind$inet6(r0, &(0x7f0000000240)={0xa, 0x2, 0x1000, @empty}, 0x1c) 9m18.430315284s ago: executing program 5 (id=18916): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000080)={0x8}) fstat(r0, &(0x7f0000000300)) 9m18.300372832s ago: executing program 5 (id=18921): r0 = socket(0x2, 0x2, 0x1) sendmsg$nl_netfilter(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}, 0x1, 0x0, 0x0, 0x40800}, 0x4000005) bind$unix(r0, &(0x7f0000000000)=@abs, 0x6e) 9m2.283128506s ago: executing program 35 (id=18921): r0 = socket(0x2, 0x2, 0x1) sendmsg$nl_netfilter(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}, 0x1, 0x0, 0x0, 0x40800}, 0x4000005) bind$unix(r0, &(0x7f0000000000)=@abs, 0x6e) 6m0.22614167s ago: executing program 4 (id=23573): r0 = socket$kcm(0x11, 0x200000000000002, 0x300) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="7a0af8ff75253073bfa100000000000007010000f9ffffffb702000005000000bf130000000000008500000023000000b700000000000000950000ff00000000b2595285faa6ead0169191d54f81d9217fc560e2fc91f6da4dad4fdc2eb1b5986fc4a3f611a7c8edd3aa5d6ee7ab10b1a297cf52866651ddd73f30f2382f6cda4bfdd45be583823c0f09621f3c1c65ee19ee875daf45006a4c4ea5e15b2f9618d547244a22000000000098045f785a1292fcb8c1d3079a00db453620ce72d75946c2b638d91dbef661935839c77edf2d34b12cd48a1b20fb7dd8430a19f2c50d77bc0ea9b0af58e604f4942eb613eff28902010045ef76d7d864409ef2dc9518a09f4886afc26abba34635d0e8b598a51bc7421d33fe226c944bc76be40d435aa8b5208ff0df2db7619a12df6bee431a668135b8214afa5827b56a8074bf1e6cf5d84b35a3a3a4c66824fe12dbe20fcf50a194185b9e2d8b815fedb0d982936156be34dda66fb977aef7c9cb92428ef25d9bf665bd60020500000000000000abe4cb8d826e1ec03cc492f5cad6227c94fea467aea7fa8b58abc37056433edf43fba5566a3e02200b95941d34ac81fd48f9b7314ffa730017f3d37fdb23bc26992529402a520ef67e246415a697a95ca3314ded0d8a24abd57e042888a9141ab4e6c6b939aaefc248791464970c43120211b9bc82a85cd2fc18f535c7986c2d52ba62f74f000000000080c4adf75a0a108585e9b2000000000000000000000074054d643c2b5692d8304a23eaf9153c457ae5bbe49b3c164461470a452bd357fa62341c759dc21b45a06ec414cadf9695d030012acad582e3fe75e61ae908347e4d6d089b"], &(0x7f0000000100)='GPL\x00'}, 0x48) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000300)=r1, 0x4) syz_genetlink_get_family_id$ipvs(&(0x7f0000007440), 0xffffffffffffffff) 6m0.179258742s ago: executing program 4 (id=23574): r0 = eventfd2(0x0, 0x0) r1 = syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3) io_setup(0x81, &(0x7f0000000080)=0x0) io_submit(r2, 0x1, &(0x7f0000000140)=[&(0x7f0000000000)={0x1802, 0x0, 0x0, 0x5, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x3, r0}]) 5m59.978564254s ago: executing program 4 (id=23579): r0 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$tipc(&(0x7f0000000400), r0) getsockname$packet(r0, &(0x7f0000000280)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="4800000010000305ff810000fddbdf2500000000", @ANYRES32=r1, @ANYBLOB="1748000040000200280012800a000100767863616e0000001800028014000100000000", @ANYRES32=r1], 0x48}, 0x1, 0x0, 0x0, 0x40}, 0x0) 5m59.922388928s ago: executing program 4 (id=23580): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000700)='notify_on_release\x00', 0x2, 0x0) sendfile(r1, r1, 0x0, 0x7) 5m59.781007429s ago: executing program 4 (id=23583): sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000024c0)={&(0x7f0000000000)=@newlink={0x50, 0x10, 0x401, 0x70bd2a, 0xfffffffe, {0x0, 0x0, 0x0, 0x0, 0x4982, 0x701ca}, [@IFLA_LINKINFO={0x28, 0x37, 0x0, 0x1, @veth={{0x9}, {0x10, 0x2, 0x0, 0x1, @val=@VETH_INFO_PEER={0x14, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x10000, 0x48124}}}}}}, @IFLA_PROTO_DOWN={0x5, 0x27, 0x2}]}, 0x50}, 0x1, 0x0, 0x0, 0xc10}, 0x8000) r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x0, 0x83) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r0, 0x40086602, &(0x7f0000000000)) symlinkat(&(0x7f0000000080)='.\x00', 0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00') 5m59.780664343s ago: executing program 4 (id=23584): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'generic-gcm-aesni\x00'}, 0x58) unshare(0x480) accept4(r0, 0x0, 0x0, 0x0) 5m43.720815995s ago: executing program 36 (id=23584): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'generic-gcm-aesni\x00'}, 0x58) unshare(0x480) accept4(r0, 0x0, 0x0, 0x0) 4m22.620986255s ago: executing program 8 (id=24999): r0 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0) syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000480)={0x34, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$HIDIOCGUSAGE(r1, 0xc0105b08, &(0x7f0000000000)={0x1, 0xfffffffe, 0x7, 0x0, 0x110001}) 4m21.133707436s ago: executing program 8 (id=25030): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x19, &(0x7f0000000000)=0x94b, 0x4) syz_emit_ethernet(0x6e, &(0x7f0000000440)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "cb8000", 0x38, 0x3a, 0xff, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, @mcast2, {[], @time_exceed={0x4, 0x1, 0x0, 0x9, '\x00', {0x0, 0x6, "f99063", 0x800, 0x3a, 0xff, @mcast1, @mcast1, [], "af34000000000000"}}}}}}}, 0x0) recvmmsg(r0, &(0x7f0000001740)=[{{0x0, 0x0, 0x0}, 0x4}], 0x1, 0x2000, 0x0) 4m21.086032049s ago: executing program 8 (id=25031): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) r1 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0) ioctl$DMA_HEAP_IOCTL_ALLOC(r1, 0xc0184800, &(0x7f0000000100)={0x5, r0, 0x80000}) ioctl$DMA_BUF_IOCTL_SYNC(r2, 0xc0086202, &(0x7f0000000540)=0x1) 4m21.000972422s ago: executing program 8 (id=25033): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262) 4m21.000198368s ago: executing program 8 (id=25034): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000480)={'wlan0\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000003700000008000300", @ANYRES32=r1, @ANYBLOB="0800260090150000080057"], 0x2c}}, 0x0) 4m20.229575984s ago: executing program 8 (id=25046): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'macsec0\x00', 0x0}) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000a00)=ANY=[@ANYBLOB="54000000100003052bbd7000249d020000000000", @ANYRES32=0x0, @ANYBLOB="1544010001800000240012800b0001006d616373656300001400028005000c0001000000080005000400000008000500", @ANYRES32=r1], 0x54}, 0x1, 0x0, 0x0, 0x2040}, 0x800) 4m20.133589658s ago: executing program 37 (id=25046): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'macsec0\x00', 0x0}) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000a00)=ANY=[@ANYBLOB="54000000100003052bbd7000249d020000000000", @ANYRES32=0x0, @ANYBLOB="1544010001800000240012800b0001006d616373656300001400028005000c0001000000080005000400000008000500", @ANYRES32=r1], 0x54}, 0x1, 0x0, 0x0, 0x2040}, 0x800) 2m16.020202639s ago: executing program 7 (id=27687): capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000040)) r0 = syz_open_dev$dri(&(0x7f0000000040), 0x0, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000040), 0x0, 0x0) r2 = dup3(r1, r0, 0x0) ioctl$DRM_IOCTL_SET_MASTER(r2, 0x641e) 2m15.965798494s ago: executing program 7 (id=27688): r0 = socket(0x10, 0x80002, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[], 0x64}, 0x1, 0x0, 0x0, 0x4004001}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB="3c0000001000080025bd7000fcdbff2500000000", @ANYRES32=0x0, @ANYBLOB="10000000820404001c0012800b00010062726964676500000c000280050016"], 0x3c}, 0x1, 0x0, 0x0, 0x10}, 0x8010) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840) sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0x0) 2m15.96542226s ago: executing program 7 (id=27689): sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x20008040}, 0x20004000) r0 = io_uring_setup(0x7d3, &(0x7f0000000580)={0x0, 0xb1e1, 0x2, 0xfffffffe, 0x181}) close_range(r0, r0, 0x0) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) clock_nanosleep(0xfffffff2, 0x0, &(0x7f0000000140)={0x77359400}, 0x0) 2m15.854448598s ago: executing program 7 (id=27692): mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x23e9c9e, 0x0) mount$bind(&(0x7f0000000280)='./file0/file0\x00', &(0x7f0000000bc0)='./file0\x00', 0x0, 0x28e3291, 0x0) 2m15.808814795s ago: executing program 7 (id=27693): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000280)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000cc0)={0x7c, r1, 0x5, 0x1, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x3d, 0xe, {{{}, {}, @broadcast, @broadcast, @random="0c26364ebeb3"}, 0x0, @default, 0x1, @void, @val, @void, @void, @val={0x6, 0x2, 0x6}, @void, @void, @void, @val={0x3c, 0x4, {0x1, 0xf, 0xa1, 0x4}}, @void, @void, @val={0x71, 0x7, {0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xff, 0x60}}, @void}}, @NL80211_ATTR_PROBE_RESP={0x7, 0x91, "c46608"}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8, 0xd, 0x5}]}, 0x7c}, 0x1, 0x0, 0x0, 0x84}, 0x0) 2m15.271940493s ago: executing program 7 (id=27704): syz_open_dev$dvb_frontend(&(0x7f0000000040), 0x0, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) r0 = openat$dsp1(0xffffff9c, &(0x7f0000000000), 0x2, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) 2m15.150438544s ago: executing program 38 (id=27704): syz_open_dev$dvb_frontend(&(0x7f0000000040), 0x0, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) r0 = openat$dsp1(0xffffff9c, &(0x7f0000000000), 0x2, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) 2.201014426s ago: executing program 3 (id=30098): socket$pppl2tp(0x18, 0x1, 0x1) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000040)={0x4, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f00000001c0)=@attr_other={0x0, 0x1, 0x2, &(0x7f0000000180)=0x6}) 1.974329287s ago: executing program 3 (id=30109): r0 = openat$vnet(0xffffffffffffff9c, &(0x7f00000006c0), 0x2, 0x0) ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000000)=0x200000000) write$vhost_msg_v2(r0, &(0x7f0000000200)={0x2, 0x0, {&(0x7f0000000700)=""/200, 0xc8, 0x0, 0x1, 0x2}}, 0x48) write$vhost_msg_v2(r0, &(0x7f0000002b00)={0x2, 0x0, {&(0x7f0000000080)=""/28, 0x1c, 0x0, 0x3, 0x2}}, 0x48) write$vhost_msg_v2(r0, &(0x7f0000000180)={0x2, 0x0, {&(0x7f0000000280)=""/184, 0x2562bac182d8b35a, 0x0, 0x2, 0x3}}, 0x48) 1.877280158s ago: executing program 9 (id=30112): r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1) close(r0) timerfd_create(0x0, 0x80800) r1 = eventfd2(0xffffffff, 0x80000) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 1.863081313s ago: executing program 3 (id=30114): r0 = syz_io_uring_setup(0x88f, &(0x7f0000000300)={0x0, 0xaee2, 0x0, 0x5, 0xbfdffffc}, &(0x7f0000000000)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, r0, 0x0, &(0x7f0000000040)='./file0\x00', 0x50, 0x183000, 0x12345}) openat$audio1(0xffffff9c, &(0x7f0000000040), 0x20040, 0x0) io_uring_enter(r0, 0x47f6, 0x40, 0x2, 0x0, 0x0) 1.799855344s ago: executing program 9 (id=30116): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'tunl0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0x7}, {0xffff, 0xffff}, {0x0, 0xffe0}}, [@qdisc_kind_options=@q_plug={{0x9}, {0xc, 0x2, {0x0, 0x4}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4004}, 0x4000010) sendmmsg$inet(r0, &(0x7f0000005200)=[{{0x0, 0x4b, &(0x7f0000000000), 0x1}}], 0x1, 0x0) 1.598884778s ago: executing program 9 (id=30120): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0xca02}) r1 = socket$netlink(0x10, 0x3, 0x0) preadv(r0, &(0x7f0000000200)=[{&(0x7f00000001c0)=""/2, 0x2}], 0x1, 0x479, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) 1.594736657s ago: executing program 1 (id=30127): getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) r0 = syz_create_resource$binfmt(&(0x7f0000000140)='./file0\x00') execveat$binfmt(0xffffffffffffffff, r0, &(0x7f0000000380), 0x0, 0x1000) 1.293215759s ago: executing program 3 (id=30121): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge0\x00', 0x0}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000", @ANYRES32=r1, @ANYBLOB="00000000000000001c001a800800028008000200080000003e120000080002001040e5"], 0x44}}, 0x0) r2 = socket(0x10, 0x3, 0x0) sendmmsg(r2, &(0x7f0000000000), 0x4000000000001f2, 0x0) 1.293113222s ago: executing program 6 (id=30122): r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = epoll_create1(0x80000) r2 = fcntl$dupfd(r0, 0x406, r1) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000340)) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000001c0)={0x10}) 1.167343846s ago: executing program 6 (id=30123): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000480)=@newlink={0x40, 0x10, 0xffffff1f, 0x0, 0x1, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @vti={{0x8}, {0x14, 0x2, 0x0, 0x1, [@vti_common_policy=[@IFLA_VTI_LINK={0x8, 0x1, r2}], @IFLA_VTI_REMOTE={0x8, 0x5, @multicast1}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x40000}, 0x0) 970.55871ms ago: executing program 9 (id=30124): r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000100)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_GET_WPAN_PHY(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)={0x1c, r0, 0x7d243a6ea807936d, 0x12, 0x25dfdbfc, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4044891}, 0x84) 956.532993ms ago: executing program 6 (id=30125): ioctl$VIDIOC_G_SLICED_VBI_CAP(0xffffffffffffffff, 0xc0745645, &(0x7f0000000040)={0x5f, [0x5, 0x5, 0x1, 0x1, 0xa, 0x47, 0x9, 0xff6, 0x8, 0x7, 0x6, 0x1, 0x0, 0x7, 0xf4, 0x2342, 0x2, 0x5, 0x1005, 0x0, 0x48, 0x23fd, 0x269b, 0x6, 0x4, 0x5, 0x9, 0x4b7, 0x1, 0xfff6, 0xff, 0x0, 0x5, 0x2, 0x224, 0x4, 0x3399, 0x80, 0x9, 0x8, 0xfffa, 0x4, 0x7ffb, 0x7, 0xc, 0x7ffe, 0x9, 0x1a2b], 0x7}) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x0, 0x0, @private2}]}, &(0x7f0000000180)=0x10) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x85, &(0x7f0000000000)={r1, @in={{0x2, 0x0, @empty}}, 0x0, 0x7ffe}, 0x90) 949.914194ms ago: executing program 3 (id=30126): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000140)={0x0, 0x10, &(0x7f0000000100)=[@in={0x2, 0x4e24, @private=0xa010101}]}, &(0x7f0000000180)=0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000200)={0x1, [0x0]}, &(0x7f0000000080)=0x8) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000000)={r2, 0x8}, 0x8) 858.76821ms ago: executing program 6 (id=30128): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-generic\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000200)="ad56b6cc0400aeb995298992ea5400c2", 0x10) sendmmsg$unix(r1, &(0x7f0000001c80)=[{{&(0x7f0000001480)=@file={0x1, './file0\x00'}, 0x6e, 0x0, 0x0, 0x0, 0x0, 0x20048080}}, {{&(0x7f0000001640)=@file={0x1, './file0\x00'}, 0x6e, 0x0}}], 0x2, 0x20000000) 858.343422ms ago: executing program 6 (id=30129): r0 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0) getsockname$packet(r0, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="4c000000100039042abd70000000000000000000", @ANYRES32=r1, @ANYBLOB="01180200031100002c0012800e00010069703665727370616e0000001800028008001500a8bc0d00040012"], 0x4c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000002c0)=@newlink={0x54, 0x10, 0x401, 0x0, 0x3, {0x0, 0x0, 0x0, r1, 0x0, 0x1c05}, [@IFLA_LINKINFO={0x34, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x20, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_ERSPAN_VER={0x5, 0x16, 0x2}, @IFLA_GRE_OFLAGS={0x6, 0x3, 0x1}, @IFLA_GRE_LINK={0x8, 0x1, r1}]}}}]}, 0x54}, 0x1, 0x0, 0x0, 0x10}, 0x12) 841.45766ms ago: executing program 9 (id=30130): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="900000001c00010029bd7000fedbdf250a020000", @ANYRES32=r1, @ANYBLOB="0000420305000c00010000000800010000000000070000000500010004000000040002"], 0x90}, 0x1, 0x0, 0x0, 0xc051}, 0x44040) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20024044}, 0x8000002) 570.952369ms ago: executing program 6 (id=30131): openat$kvm(0xffffff9c, &(0x7f0000000000), 0x2000, 0x0) syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000280)=ANY=[@ANYBLOB="1201000002000040257d15a44000010400010902"], 0x0) r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0xc, 0x8, &(0x7f0000000d80)=ANY=[@ANYBLOB="1800000000000000000000000000000018020000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000000d000000b70000000000000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r1, 0x3e8, 0xf, 0x0, &(0x7f0000000000)="c1df07000000d30a298ee68886dd87", 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50) 569.634508ms ago: executing program 9 (id=30132): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x458, 0x5011, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x5, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x394}}}}]}}]}}, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000340)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00220508"], 0x0}, 0x0) r1 = syz_open_dev$hiddev(&(0x7f0000000080), 0x0, 0x0) ioctl$HIDIOCGUCODE(r1, 0xc018480d, &(0x7f00000000c0)={0x1, 0x100, 0x2, 0x0, 0x1, 0x1}) 173.587481ms ago: executing program 1 (id=30133): mkdirat(0xffffffffffffff9c, 0x0, 0x0) chdir(0x0) r0 = open(&(0x7f00000001c0)='./file1\x00', 0x14da7e, 0x20) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000240)=0x10) copy_file_range(r0, 0x0, r0, 0x0, 0xb51, 0x0) 90.069204ms ago: executing program 1 (id=30134): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x80) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r0, r1, 0x5}, 0x10) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000180)={r1, r0, 0x5, 0x0, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x401, 0x0, 0x1, 0xffffffffffffffff}}, 0x40) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)=ANY=[], 0x10) 89.549246ms ago: executing program 1 (id=30135): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000080)={0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x0, @rand_addr=0x64010100}]}, &(0x7f0000000180)=0x10) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000000c0)={r1, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0xce03d4}, 0x9c) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000240)={r1, @in6={{0xa, 0x4e23, 0x80000001, @empty}}, 0xffffff27, 0xfff8, 0xbd1, 0x2, 0xa1, 0x299f, 0x6}, &(0x7f0000000000)=0x9c) 1.116711ms ago: executing program 1 (id=30136): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000000c0)) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000200)=0x97) ioctl$PPPIOCSFLAGS1(r0, 0x40047459, &(0x7f0000000100)=0x2000004) pwritev(r0, &(0x7f0000000180)=[{&(0x7f0000000940)="00214717a70700100000030600710a5e3116ffffffffffffff7f00051100000021d06b3d56000000ffff03425d4d50e7182c", 0x32}], 0x1, 0xffffffff, 0x5) 364.639µs ago: executing program 3 (id=30137): socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000003c0)={0xffffffffffffffff}) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_STATION(r1, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000280)={0x40, r2, 0xb97534d5fe9704cf, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_STA_SUPPORTED_RATES={0x4}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_AID={0x6, 0x10, 0x580}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6}, @NL80211_ATTR_STA_FLAGS={0x4}]}, 0x40}, 0x1, 0x0, 0x0, 0xc0}, 0x0) 0s ago: executing program 1 (id=30138): r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x3c, &(0x7f0000311ffc)=0x1, 0x4) setsockopt$inet6_buf(r0, 0x29, 0x3e, &(0x7f00002cef88)="d84f7398", 0x4) sendto$inet6(r0, &(0x7f0000000800)="51e251578851f74182a74b89b27df427aeef44966d202e4138b5a18e75a0424e7fe93b0d32c7abba87b65f97aba1c26a06b6d94c4aefd8fdca10e744391062c8e612721c20051608d9aa6dacf61e1eb331a4daad402b9885599d56130f7149fb1111fa116e94324d585a0569fbd311dad54cb4e32ff7f02216844ec3d526c878d5135ad1c9262239339c18885e2a0a95854d6cde3dd2feeaa50216af6c5760923413af81199a65a6332b02ec7bbf79d557c033cbe032fdc44f66a5c59cc4a3c5d218f5896b359d1efd60baf98df6396567478f7b817ce6e11d59a7def452a068e9607f57f626a5b8d476636ef1ee76307524009ae49be402000000000000001e80fed632155e14da1f7324d97bc61a3c1edc4431ee8a6caa2ed9f85cea5a2a9b263630c7d6fc35dda6002da571a2e51917e7c1019d8ce21a608147e408074c7c5f444fab931bda86d977d7c9ccefd881e5ef05b287f41eea526862885881c2cdc687dfff01a9b70a9b08734ac4d62c7f34465c34aa9e9f136c7f796d9eea41aa37f61830508338bb1f887089070567a1dd96cd700e7a098dabedb60f31acd17d487bc8be1a3101d2b5ac1715003793596c6daa93a27f4adb4d6fbea5669cabc206c944317ea18a2c762457f1bc945fec8f849641d44e7e2a24faeee28f3f266395fe18b0dce20c1f64e8896c8ff0e4a44a116fb32462471a0fcde143e551723d57339722765673b4163d66f473ac10f988cb252f106632f9884a47866d284b4efc6bb1aa74ed48d4a6535795f0873a99907ebc22be2337364cf9acc063e32f7d2e02fad64d04aa405d2dbdee1128ab1e4761d2dd30885ad37dd168478f10789d172feef4c817a5cd372caade57f23300e45f47e001e3ea093680ffffff802477368b9910f4e24037c871cb8251568c792287a6f49fa61b7c2600accaa0e7b40c59d88a29af5886c1f5dfc6837c58aaef12a9e100225c70441144ffa82927fa4802ed9ebb03eea8e945af5f4993f21a7f53baf7ec5bb6cc96b917dde82c18840c3500e9565f68f687b1c73d834c0d99d4acb002dc5682dbcdb1217a98f6c3ef8318b7fa93894e8a097b4511ba5c035e27c9fe8bfe7754741ac21bbc0303b81672e3117e5590fe2d92f912759b9937f64204ec5caa92e2cccb31016b13ed8d7bcabb03e176b1c9bda3bf1c1256ab74ab6f42ed9bafbbd0096263be1a7da1e1c88deec55a653d170e1e13c77dacaa60a37a6ba2383e661ebc9f13dbaade2dd884c9951819fb4608e19e70cd2496ccfb12f24c71f496cfe90400fe1bbea1e9a24b1d4664fb0776aca6269b396779680e52f86877d9209988d12ccb137be01ab7496d00547a7d4849d365a18dbb55c429cde87d33c4b74ad2273cdfee88b5418866ef327f25e9cbcd5a64d97107339f7e4cb5f8de171d2779c0f68884ae835e398f982d5749f085628d3608986656ea04b721f828202e9342bd7d19dfa091e772aebf9718030167a8c029df7c58b7f40029d7cfcaf26fd1900d8775ef373e8e2c5bf3525f907add3be426cd5a079c49abffe933e9ee213a3baf34f932d1299312691e1c53e6247ae0989ad66070d51fad22856a8b6b28954e7d41189b11c5321789eec8670de9e8db0b0473ba2e02731e60e7222697d61e052c18d4bcc6d1572fdf426f7b2fee6c1dee66c85c497b90facaf63b8ec5cde4a73400f9180bcfc0f81eca9580a7c81462a077f9034026bf72aa7c6de4b3c15d4a2dbd6fd7d87084aea9f25fb4bf5ec83eb56874a760533792dff2695407ccdd6a7375e0007230fd3f6501c152f1c1ff279b1d67cc95f2820762b7927659368e41657bdef2dd15b63498a93b787bdb26809d734aaf98b86fcf9fc643a34d03ebbe072820662d20d4774d66c5ae270adade5b8f6242a059b926221ee3d677487471c432b0d6d64dad030703475bb3ecac39b204a814f5ece5961621358e36f8a2cf7196c76959824bbb475a7cad8f57853fe05f59f341b5207cc9bb8d686982c2f158e0d8f5c7ec6cbfd500"/1450, 0x5de, 0x0, &(0x7f0000000080)={0xa, 0x5e20, 0x9, @mcast2}, 0x1c) readv(r0, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/140, 0x8c}], 0x1) kernel console output (not intermixed with test programs): =ý?}X %`ր5) failed (rc=-5) [ 894.760582][T31082] ldm_validate_partition_table(): Disk read failed. [ 894.763135][T31082] Dev loop6: unable to read RDB block 0 [ 894.765350][T31082] loop6: unable to read partition table [ 894.767427][T31082] loop6: partition table beyond EOD, truncated [ 894.773512][ T5349] ldm_validate_partition_table(): Disk read failed. [ 894.775820][ T5349] Dev loop6: unable to read RDB block 0 [ 894.777695][ T5349] loop6: unable to read partition table [ 894.781522][ T5349] loop6: partition table beyond EOD, truncated [ 895.359112][T31126] kvm_intel: kvm [31125]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x3 [ 896.066020][T31155] netlink: 36 bytes leftover after parsing attributes in process `syz.1.26930'. [ 896.091345][T31157] netlink: 16 bytes leftover after parsing attributes in process `syz.9.26931'. [ 896.170576][ T1178] wlan1: Trigger new scan to find an IBSS to join [ 896.351577][T31165] veth1_macvtap: left promiscuous mode [ 896.353559][T31165] macsec0: entered allmulticast mode [ 896.357014][T31166] veth1_macvtap: entered promiscuous mode [ 896.358877][T31166] veth1_macvtap: entered allmulticast mode [ 896.360827][T31166] macsec0: left allmulticast mode [ 896.362858][T31166] veth1_macvtap: left allmulticast mode [ 896.623742][T31186] vivid-007: disconnect [ 896.639950][T31185] vivid-007: reconnect [ 896.753438][T31201] TCP: TCP_TX_DELAY enabled [ 897.143815][T31232] program syz.9.26967 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 897.876313][ T40] kauditd_printk_skb: 137 callbacks suppressed [ 897.876325][ T40] audit: type=1326 audit(1103.909:21051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31281 comm="syz.9.26990" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf739d579 code=0x7ffc0000 [ 897.889949][ T40] audit: type=1326 audit(1103.928:21052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31281 comm="syz.9.26990" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf739d598 code=0x7ffc0000 [ 897.903532][ T40] audit: type=1326 audit(1103.928:21053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31281 comm="syz.9.26990" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf739d579 code=0x7ffc0000 [ 897.915870][ T40] audit: type=1326 audit(1103.928:21054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31281 comm="syz.9.26990" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf739d598 code=0x7ffc0000 [ 897.926121][ T40] audit: type=1326 audit(1103.928:21055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31281 comm="syz.9.26990" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf739d579 code=0x7ffc0000 [ 897.935784][ T40] audit: type=1326 audit(1103.928:21056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31281 comm="syz.9.26990" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf739d598 code=0x7ffc0000 [ 897.945239][ T40] audit: type=1326 audit(1103.928:21057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31281 comm="syz.9.26990" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf739d598 code=0x7ffc0000 [ 897.954319][ T40] audit: type=1326 audit(1103.928:21058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31281 comm="syz.9.26990" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf739d579 code=0x7ffc0000 [ 897.962893][ T40] audit: type=1326 audit(1103.928:21059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31281 comm="syz.9.26990" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf739d598 code=0x7ffc0000 [ 897.973061][ T40] audit: type=1326 audit(1103.928:21060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31281 comm="syz.9.26990" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf739d579 code=0x7ffc0000 [ 898.471396][T31321] __nla_validate_parse: 1 callbacks suppressed [ 898.471408][T31321] netlink: 16 bytes leftover after parsing attributes in process `syz.6.27009'. [ 898.863862][T31358] netlink: 8 bytes leftover after parsing attributes in process `syz.9.27026'. [ 898.984294][T31371] loop7: detected capacity change from 0 to 7 [ 898.986812][ C3] blk_print_req_error: 173 callbacks suppressed [ 898.986822][ C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 898.992662][ C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 898.996440][ C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 899.000070][ C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 899.006593][ C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 899.010065][ C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 899.013880][ C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 899.018035][T31371] ldm_validate_partition_table(): Disk read failed. [ 899.021030][ C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 899.025658][ C2] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 899.030248][ C2] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 899.033795][T31371] Dev loop7: unable to read RDB block 0 [ 899.037066][T31371] loop7: unable to read partition table [ 899.039674][T31371] loop7: partition table beyond EOD, truncated [ 899.045964][T31371] loop_reread_partitions: partition scan of loop7 (Cj̖P=ý?}X %`ր{֐ȵ4FLQk݊) failed (rc=-5) [ 899.105135][T31375] loop8: detected capacity change from 0 to 7 [ 899.108041][T31375] loop8: [CUMANA/ADFS] p1 [Linux] p2 [ADFS] p1 [Linux] p2 [ 899.118933][T31375] loop8: partition table partially beyond EOD, truncated [ 899.122174][T31375] loop8: p1 size 3651402975 extends beyond EOD, truncated [ 899.125695][T31375] loop8: p2 start 956478 is beyond EOD, truncated [ 899.158318][ T6235] udevd[6235]: inotify_add_watch(7, /dev/loop8p1, 10) failed: No such file or directory [ 899.344765][ T183] wlan1: Trigger new scan to find an IBSS to join [ 899.595815][T31402] netlink: 4 bytes leftover after parsing attributes in process `syz.6.27046'. [ 899.601416][T31402] netlink: 20 bytes leftover after parsing attributes in process `syz.6.27046'. [ 899.605171][T31402] netlink: 4 bytes leftover after parsing attributes in process `syz.6.27046'. [ 899.825810][T31422] bond1: option lacp_active: mode dependency failed, not supported in mode balance-rr(0) [ 899.882922][T31422] bond1 (unregistering): Released all slaves [ 900.358611][T31463] batadv_slave_0: entered promiscuous mode [ 900.370808][T31463] batman_adv: batadv0: Adding interface: macvtap1 [ 900.372982][T31463] batman_adv: batadv0: The MTU of interface macvtap1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 900.375041][T20306] wlan1: Creating new IBSS network, BSSID 16:62:3a:ad:a3:43 [ 900.382610][T31463] batman_adv: batadv0: Interface activated: macvtap1 [ 900.705037][T31486] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only [ 900.708075][T31486] overlayfs: fs on './cgroup' does not support file handles, falling back to index=off,nfs_export=off. [ 900.711680][T31486] overlayfs: fs on './cgroup' does not support file handles, falling back to xino=off. [ 900.750588][T31488] can0: slcan on ttyS3. [ 900.886049][T31488] can0 (unregistered): slcan off ttyS3. [ 900.937639][T31505] netlink: 4 bytes leftover after parsing attributes in process `syz.1.27091'. [ 901.199651][T31525] netlink: 8 bytes leftover after parsing attributes in process `syz.9.27102'. [ 901.250488][T31524] kvm: apic: phys broadcast and lowest prio [ 901.258044][T25108] usb 11-1: new high-speed USB device number 17 using dummy_hcd [ 901.420614][T25108] usb 11-1: config 0 has no interfaces? [ 901.424579][T25108] usb 11-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 901.428808][T31543] netlink: 'syz.7.27110': attribute type 7 has an invalid length. [ 901.429518][T25108] usb 11-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 901.435450][T25108] usb 11-1: Product: syz [ 901.437264][T25108] usb 11-1: Manufacturer: syz [ 901.446584][T25108] usb 11-1: config 0 descriptor?? [ 901.670782][ T830] usb 11-1: USB disconnect, device number 17 [ 902.204452][T31598] loop5: detected capacity change from 0 to 7 [ 902.218949][T31598] Dev loop5: unable to read RDB block 7 [ 902.222203][T31598] loop5: AHDI p1 [ 902.223532][T31598] loop5: partition table partially beyond EOD, truncated [ 902.340849][T31609] netlink: 8 bytes leftover after parsing attributes in process `syz.7.27141'. [ 902.779774][T31634] netlink: 8 bytes leftover after parsing attributes in process `syz.9.27153'. [ 902.784341][T31634] netlink: 8 bytes leftover after parsing attributes in process `syz.9.27153'. [ 902.863529][T31640] netlink: 'syz.1.27156': attribute type 30 has an invalid length. [ 902.930351][T31646] Attempt to restore checkpoint with obsolete wellknown handles [ 903.570555][T25108] usb 11-1: new high-speed USB device number 18 using dummy_hcd [ 903.727800][T25108] usb 11-1: Using ep0 maxpacket: 8 [ 903.771238][T25108] usb 11-1: config 0 has an invalid interface number: 55 but max is 0 [ 903.800306][T25108] usb 11-1: config 0 has no interface number 0 [ 903.809380][T25108] usb 11-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 903.819804][T25108] usb 11-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 903.838988][T25108] usb 11-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 903.846301][T25108] usb 11-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 903.857394][T25108] usb 11-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 903.862760][T25108] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 903.876706][T25108] usb 11-1: config 0 descriptor?? [ 903.921683][T25108] ldusb 11-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 904.167367][ T830] usb 11-1: USB disconnect, device number 18 [ 904.186401][ C2] ldusb 11-1:0.55: usb_submit_urb failed (-19) [ 904.202649][ T830] ldusb 11-1:0.55: LD USB Device #0 now disconnected [ 904.408280][T31685] ldusb: No device or device unplugged -19 [ 904.445747][T31725] netem: incorrect gi model size [ 904.449095][T31725] netem: change failed [ 904.716415][ T1178] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 904.833774][T31750] __nla_validate_parse: 8 callbacks suppressed [ 904.833787][T31750] netlink: 4 bytes leftover after parsing attributes in process `syz.7.27205'. [ 905.056986][T31771] netlink: 136 bytes leftover after parsing attributes in process `syz.9.27215'. [ 905.061013][T31771] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check. [ 905.441405][T31806] binder: 31804:31806 ioctl c0306201 80000640 returned -22 [ 905.635643][T31826] netlink: 136 bytes leftover after parsing attributes in process `syz.6.27241'. [ 905.639425][T31826] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check. [ 906.007434][T25108] IPVS: starting estimator thread 0... [ 906.100878][T31857] IPVS: using max 48 ests per chain, 115200 per kthread [ 906.117482][T31867] netlink: 12 bytes leftover after parsing attributes in process `syz.1.27259'. [ 906.217070][ T40] kauditd_printk_skb: 52 callbacks suppressed [ 906.217082][ T40] audit: type=1326 audit(1111.710:21113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31872 comm="syz.1.27261" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f93598 code=0x7ffc0000 [ 906.227164][ T40] audit: type=1326 audit(1111.710:21114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31872 comm="syz.1.27261" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93579 code=0x7ffc0000 [ 906.235338][ T40] audit: type=1326 audit(1111.710:21115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31872 comm="syz.1.27261" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93579 code=0x7ffc0000 [ 906.244272][ T40] audit: type=1326 audit(1111.710:21116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31872 comm="syz.1.27261" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93579 code=0x7ffc0000 [ 906.252487][ T40] audit: type=1326 audit(1111.710:21117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31872 comm="syz.1.27261" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93579 code=0x7ffc0000 [ 906.260121][ T40] audit: type=1326 audit(1111.710:21118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31872 comm="syz.1.27261" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f93598 code=0x7ffc0000 [ 906.268288][ T40] audit: type=1326 audit(1111.710:21119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31872 comm="syz.1.27261" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93579 code=0x7ffc0000 [ 906.275312][ T40] audit: type=1326 audit(1111.710:21120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31872 comm="syz.1.27261" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93579 code=0x7ffc0000 [ 906.282648][ T40] audit: type=1326 audit(1111.719:21121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31872 comm="syz.1.27261" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f93598 code=0x7ffc0000 [ 906.291849][ T40] audit: type=1326 audit(1111.719:21122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31872 comm="syz.1.27261" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93579 code=0x7ffc0000 [ 907.289244][T31929] input: syz1 as /devices/virtual/input/input88 [ 907.289323][T31927] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3 [ 907.295809][T31927] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3 [ 907.297862][T31927] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3 [ 907.299926][T31927] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3 [ 907.302012][T31927] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3 [ 907.303930][T31927] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3 [ 907.305954][T31927] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3 [ 907.307978][T31927] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3 [ 908.387682][T31996] netlink: 4 bytes leftover after parsing attributes in process `syz.6.27314'. [ 908.611702][ T830] kernel write not supported for file /sg0 (pid: 830 comm: kworker/2:2) [ 908.901965][T32031] nbd3: detected capacity change from 0 to 127 [ 908.908947][ T6058] block nbd3: Receive control failed (result -104) [ 910.337344][T32104] netlink: 4 bytes leftover after parsing attributes in process `syz.7.27365'. [ 910.381909][T32107] bridge: RTM_NEWNEIGH with invalid state 0x8 [ 911.909598][T32215] rtc_cmos 00:05: Alarms can be up to one day in the future [ 911.964134][T32219] sctp: [Deprecated]: syz.1.27418 (pid 32219) Use of int in maxseg socket option. [ 911.964134][T32219] Use struct sctp_assoc_value instead [ 912.166906][T15128] kernel write not supported for file /vcsa (pid: 15128 comm: kworker/0:6) [ 912.239598][T32245] netlink: 4 bytes leftover after parsing attributes in process `syz.7.27428'. [ 912.249480][T32245] netlink: 4 bytes leftover after parsing attributes in process `syz.7.27428'. [ 912.679833][T32286] netlink: 4 bytes leftover after parsing attributes in process `syz.7.27448'. [ 913.896257][T32353] netlink: 36 bytes leftover after parsing attributes in process `syz.6.27479'. [ 914.086631][T32375] netlink: 211856 bytes leftover after parsing attributes in process `syz.9.27490'. [ 914.289538][T32405] netlink: 8 bytes leftover after parsing attributes in process `syz.9.27504'. [ 914.330814][T32409] netlink: 64 bytes leftover after parsing attributes in process `syz.9.27506'. [ 914.334211][T32409] nbd: couldn't find a device at index 0 [ 915.034997][T32435] cgroup: fork rejected by pids controller in /syz9 [ 915.276345][T30402] bridge0: port 3(syz_tun) entered disabled state [ 915.359983][T30402] syz_tun (unregistering): left allmulticast mode [ 915.362290][T30402] syz_tun (unregistering): left promiscuous mode [ 915.364614][T30402] bridge0: port 3(syz_tun) entered disabled state [ 915.568772][T32473] netlink: 4 bytes leftover after parsing attributes in process `syz.7.27534'. [ 915.770009][ T6064] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 915.777706][ T6064] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 915.781218][ T6064] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 915.787950][ T6064] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 915.796379][ T6064] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 915.930466][T32481] lo speed is unknown, defaulting to 1000 [ 916.115316][T32481] chnl_net:caif_netlink_parms(): no params data found [ 916.162624][T32481] bridge0: port 1(bridge_slave_0) entered blocking state [ 916.165737][T32481] bridge0: port 1(bridge_slave_0) entered disabled state [ 916.168465][T32481] bridge_slave_0: entered allmulticast mode [ 916.171498][T32481] bridge_slave_0: entered promiscuous mode [ 916.175339][T32481] bridge0: port 2(bridge_slave_1) entered blocking state [ 916.177610][T32481] bridge0: port 2(bridge_slave_1) entered disabled state [ 916.179975][T32481] bridge_slave_1: entered allmulticast mode [ 916.182911][T32481] bridge_slave_1: entered promiscuous mode [ 916.199511][T32481] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 916.204181][T32481] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 916.219076][T32481] team0: Port device team_slave_0 added [ 916.222287][T32481] team0: Port device team_slave_1 added [ 916.235678][T32481] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 916.238228][T32481] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 916.246590][T32481] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 916.251330][T32481] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 916.253489][T32481] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 916.261544][T32481] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 916.283644][T32481] hsr_slave_0: entered promiscuous mode [ 916.286018][T32481] hsr_slave_1: entered promiscuous mode [ 916.288189][T32481] debugfs: 'hsr0' already exists in 'hsr' [ 916.290614][T32481] Cannot create hsr debugfs directory [ 916.530961][T32481] netdevsim netdevsim9 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 916.535240][T32481] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 916.579491][T32520] lo: entered promiscuous mode [ 916.581964][T32520] net_ratelimit: 3321 callbacks suppressed [ 916.581975][T32520] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 916.737073][T32540] netlink: 16 bytes leftover after parsing attributes in process `syz.7.27562'. [ 916.742486][T32540] netlink: 12 bytes leftover after parsing attributes in process `syz.7.27562'. [ 916.746600][T32540] netlink: 12 bytes leftover after parsing attributes in process `syz.7.27562'. [ 916.939625][T32556] input: syz1 as /devices/virtual/input/input90 [ 917.062613][T32481] netdevsim netdevsim9 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 917.067865][T32481] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 917.113434][T32562] overlay: ./file0 is not a directory [ 917.306544][T32481] netdevsim netdevsim9 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 917.310913][T32481] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 917.315353][T32564] netlink: 4 bytes leftover after parsing attributes in process `syz.7.27574'. [ 917.744703][T32481] netdevsim netdevsim9 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 917.749194][T32481] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 917.979248][ T6058] Bluetooth: hci3: command tx timeout [ 917.990989][T32583] program syz.7.27582 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 918.027291][T32481] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 918.055375][T32481] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 918.098209][T32481] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 918.140970][T32481] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 918.238841][T32481] 8021q: adding VLAN 0 to HW filter on device bond0 [ 918.249081][T32481] 8021q: adding VLAN 0 to HW filter on device team0 [ 918.253992][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 918.256641][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 918.264141][T20308] bridge0: port 2(bridge_slave_1) entered blocking state [ 918.266871][T20308] bridge0: port 2(bridge_slave_1) entered forwarding state [ 918.403272][T32481] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 918.575751][T32481] veth0_vlan: entered promiscuous mode [ 918.583401][T32481] veth1_vlan: entered promiscuous mode [ 918.610345][T32481] veth0_macvtap: entered promiscuous mode [ 918.615678][T32481] veth1_macvtap: entered promiscuous mode [ 918.627810][T32481] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 918.634980][T32481] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 918.641886][T20308] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 918.645277][T20308] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 918.653960][T20308] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 918.658332][T20308] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 918.832085][ T183] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 918.836951][ T183] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 918.859403][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 918.862568][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 919.100896][T13780] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 919.154589][T32620] syz.9.27591: attempt to access beyond end of device [ 919.154589][T32620] sr0: rw=2048, sector=3656, nr_sectors = 8 limit=128 [ 920.201734][ T6058] Bluetooth: hci3: command tx timeout [ 920.284797][T32655] netlink: 'syz.7.27607': attribute type 8 has an invalid length. [ 920.289760][T32655] netlink: 4 bytes leftover after parsing attributes in process `syz.7.27607'. [ 920.496706][T32663] i2c i2c-1: DVB: adapter 0 frontend 0 frequency 3580128042 out of range (51000000..2150000000) [ 921.238687][T12748] usb 12-1: new high-speed USB device number 27 using dummy_hcd [ 921.248829][T32712] input: syz0 as /devices/virtual/input/input91 [ 921.410412][T12748] usb 12-1: Using ep0 maxpacket: 8 [ 921.415463][T12748] usb 12-1: config index 0 descriptor too short (expected 301, got 45) [ 921.418784][T12748] usb 12-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 921.422845][T12748] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 921.426602][T12748] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 921.430691][T12748] usb 12-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 921.436667][T12748] usb 12-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 921.440394][T12748] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 921.627242][T32726] netlink: 4 bytes leftover after parsing attributes in process `syz.6.27640'. [ 921.655934][T19149] usb 14-1: new high-speed USB device number 3 using dummy_hcd [ 921.664944][T12748] usb 12-1: usb_control_msg returned -32 [ 921.667950][T12748] usbtmc 12-1:16.0: can't read capabilities [ 921.725413][T32729] overlayfs: failed to verify upper root origin [ 921.817388][T19149] usb 14-1: config index 0 descriptor too short (expected 39, got 27) [ 921.820238][T19149] usb 14-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 921.823338][T19149] usb 14-1: config 0 interface 0 has no altsetting 0 [ 921.828185][T19149] usb 14-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 921.831331][T19149] usb 14-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 921.833977][T19149] usb 14-1: Product: syz [ 921.835298][T19149] usb 14-1: Manufacturer: syz [ 921.836863][T19149] usb 14-1: SerialNumber: syz [ 921.840339][T19149] usb 14-1: config 0 descriptor?? [ 921.843308][T19149] hub 14-1:0.0: bad descriptor, ignoring hub [ 921.845332][T19149] hub 14-1:0.0: probe with driver hub failed with error -5 [ 921.849491][T19149] usb 14-1: selecting invalid altsetting 0 [ 922.211801][ T40] kauditd_printk_skb: 80 callbacks suppressed [ 922.211820][ T40] audit: type=1326 audit(1126.686:21203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32741 comm="syz.1.27646" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93579 code=0x7ffc0000 [ 922.227999][ T40] audit: type=1326 audit(1126.686:21204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32741 comm="syz.1.27646" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f93598 code=0x7ffc0000 [ 922.235912][ T40] audit: type=1326 audit(1126.686:21205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32741 comm="syz.1.27646" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f93598 code=0x7ffc0000 [ 922.242745][ T40] audit: type=1326 audit(1126.686:21206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32741 comm="syz.1.27646" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f93598 code=0x7ffc0000 [ 922.250125][ T40] audit: type=1326 audit(1126.686:21207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32741 comm="syz.1.27646" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f93598 code=0x7ffc0000 [ 922.257611][ T40] audit: type=1326 audit(1126.686:21208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32741 comm="syz.1.27646" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f93598 code=0x7ffc0000 [ 922.265821][ T40] audit: type=1326 audit(1126.686:21209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32741 comm="syz.1.27646" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f93598 code=0x7ffc0000 [ 922.272967][ T40] audit: type=1326 audit(1126.686:21210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32741 comm="syz.1.27646" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f93598 code=0x7ffc0000 [ 922.280149][ T40] audit: type=1326 audit(1126.686:21211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32741 comm="syz.1.27646" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f93598 code=0x7ffc0000 [ 922.288536][ T40] audit: type=1326 audit(1126.686:21212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32741 comm="syz.1.27646" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f93598 code=0x7ffc0000 [ 922.425227][ T6058] Bluetooth: hci3: command tx timeout [ 922.616401][T32761] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 922.824096][T32721] usb 14-1: reset high-speed USB device number 3 using dummy_hcd [ 922.832012][T32721] usb 14-1: device reset changed ep0 maxpacket size! [ 922.839892][T19149] usb 14-1: USB disconnect, device number 3 [ 922.992042][T19149] usb 14-1: new high-speed USB device number 4 using dummy_hcd [ 923.152840][T19149] usb 14-1: Using ep0 maxpacket: 32 [ 923.161852][T19149] usb 14-1: unable to get BOS descriptor or descriptor too short [ 923.165439][T19149] usb 14-1: unable to read config index 0 descriptor/start: -71 [ 923.167931][T19149] usb 14-1: can't read configurations, error -71 [ 923.169888][ T312] bridge0: port 3(vlan3) entered blocking state [ 923.172112][ T312] bridge0: port 3(vlan3) entered disabled state [ 923.174275][ T312] vlan3: entered allmulticast mode [ 923.175978][ T312] bond0: entered allmulticast mode [ 923.177592][ T312] bond_slave_0: entered allmulticast mode [ 923.179391][ T312] bond_slave_1: entered allmulticast mode [ 923.182104][ T312] vlan3: entered promiscuous mode [ 923.183819][ T312] bond0: entered promiscuous mode [ 923.185865][ T312] bond_slave_0: entered promiscuous mode [ 923.187770][ T312] bond_slave_1: entered promiscuous mode [ 924.093072][ T355] macvlan0: left promiscuous mode [ 924.094957][ T355] netlink: 'syz.1.27682': attribute type 1 has an invalid length. [ 924.098139][ T355] netlink: 'syz.1.27682': attribute type 2 has an invalid length. [ 924.212770][T24505] usb 12-1: USB disconnect, device number 27 [ 924.293885][ T369] netlink: 8 bytes leftover after parsing attributes in process `syz.7.27688'. [ 924.297655][ T369] netlink: 12 bytes leftover after parsing attributes in process `syz.7.27688'. [ 924.384107][ T374] lo speed is unknown, defaulting to 1000 [ 924.659663][ T6058] Bluetooth: hci3: command tx timeout [ 924.912060][ T403] netlink: 28 bytes leftover after parsing attributes in process `syz.6.27702'. [ 925.218878][ T6064] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 925.225604][ T6064] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 925.230784][ T6064] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 925.239207][ T6064] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 925.244799][ T6064] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 925.279177][ T414] lo speed is unknown, defaulting to 1000 [ 925.378110][ T414] chnl_net:caif_netlink_parms(): no params data found [ 925.427772][ T414] bridge0: port 1(bridge_slave_0) entered blocking state [ 925.431634][ T414] bridge0: port 1(bridge_slave_0) entered disabled state [ 925.434832][ T414] bridge_slave_0: entered allmulticast mode [ 925.438128][ T414] bridge_slave_0: entered promiscuous mode [ 925.442581][ T414] bridge0: port 2(bridge_slave_1) entered blocking state [ 925.445174][ T414] bridge0: port 2(bridge_slave_1) entered disabled state [ 925.447992][ T414] bridge_slave_1: entered allmulticast mode [ 925.451483][ T414] bridge_slave_1: entered promiscuous mode [ 925.468849][ T414] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 925.474382][ T414] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 925.493769][ T53] usb 11-1: new low-speed USB device number 19 using dummy_hcd [ 925.497989][ T414] team0: Port device team_slave_0 added [ 925.501283][ T414] team0: Port device team_slave_1 added [ 925.517184][ T414] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 925.519421][ T414] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 925.528321][ T414] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 925.532726][ T414] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 925.535600][ T414] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 925.546268][ T414] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 925.570631][ T414] hsr_slave_0: entered promiscuous mode [ 925.573386][ T414] hsr_slave_1: entered promiscuous mode [ 925.575958][ T414] debugfs: 'hsr0' already exists in 'hsr' [ 925.577947][ T414] Cannot create hsr debugfs directory [ 925.676745][ T53] usb 11-1: config 168 descriptor has 1 excess byte, ignoring [ 925.679291][ T53] usb 11-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 925.682676][ T53] usb 11-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 925.691922][ T53] usb 11-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 925.695456][ T53] usb 11-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 925.710168][ T53] usb 11-1: config 168 descriptor has 1 excess byte, ignoring [ 925.712610][ T53] usb 11-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 925.716832][ T53] usb 11-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 925.721160][ T53] usb 11-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 925.726288][ T53] usb 11-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 925.731063][ T53] usb 11-1: config 168 descriptor has 1 excess byte, ignoring [ 925.734368][ T53] usb 11-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 925.737804][ T53] usb 11-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 925.741893][ T53] usb 11-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 925.745598][ T53] usb 11-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 925.753873][ T53] usb 11-1: string descriptor 0 read error: -22 [ 925.755969][ T53] usb 11-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 925.761938][ T53] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 925.786803][ T53] adutux 11-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 926.023222][T12723] usb 11-1: USB disconnect, device number 19 [ 926.872823][ T6064] Bluetooth: hci3: command tx timeout [ 926.945282][T12748] kernel read not supported for file /input/event1 (pid: 12748 comm: kworker/1:4) [ 927.100927][ T504] input: syz0 as /devices/virtual/input/input93 [ 927.273009][ T414] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 927.302447][ T414] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 927.345276][ T414] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 927.367373][ T414] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 927.471587][ T6064] Bluetooth: hci0: command tx timeout [ 927.496969][ T414] 8021q: adding VLAN 0 to HW filter on device bond0 [ 927.509149][ T414] 8021q: adding VLAN 0 to HW filter on device team0 [ 927.516930][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 927.519291][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 927.533280][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 927.536150][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 927.576275][ T414] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 927.719089][ T414] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 927.761587][ T414] veth0_vlan: entered promiscuous mode [ 927.774233][ T414] veth1_vlan: entered promiscuous mode [ 927.811546][ T414] veth0_macvtap: entered promiscuous mode [ 927.817383][ T414] veth1_macvtap: entered promiscuous mode [ 927.826947][ T414] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 927.834146][ T414] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 927.850926][ T13] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 927.854081][ T13] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 927.863506][ T13] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 927.866394][ T13] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 928.020904][T20306] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 928.024167][T20306] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 928.038858][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 928.041702][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 928.396470][ T9] kernel write not supported for file bpf-prog (pid: 9 comm: kworker/0:0) [ 928.741746][ T9] Process accounting resumed [ 928.768352][ T631] Process accounting resumed [ 928.776359][T25108] Process accounting resumed [ 928.845286][ T647] netlink: 4 bytes leftover after parsing attributes in process `syz.9.27774'. [ 928.900117][ T651] Bluetooth: MGMT ver 1.23 [ 928.984533][ T655] netlink: 4 bytes leftover after parsing attributes in process `syz.1.27779'. [ 929.024160][ T661] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 929.026997][ T661] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 929.322705][ T691] lo speed is unknown, defaulting to 1000 [ 929.686925][ T710] syz.9.27801: vmalloc error: size 1768304430, exceeds total pages, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 929.692655][ T710] CPU: 3 UID: 0 PID: 710 Comm: syz.9.27801 Tainted: G L syzkaller #0 PREEMPT(full) [ 929.692687][ T710] Tainted: [L]=SOFTLOCKUP [ 929.692695][ T710] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 929.692708][ T710] Call Trace: [ 929.692723][ T710] [ 929.692733][ T710] dump_stack_lvl+0x100/0x190 [ 929.692764][ T710] warn_alloc.cold+0x95/0x1c1 [ 929.692799][ T710] ? __pfx_warn_alloc+0x10/0x10 [ 929.692839][ T710] __vmalloc_node_range_noprof+0x1252/0x1530 [ 929.692863][ T710] ? lock_acquire+0x17c/0x330 [ 929.692890][ T710] ? ip_set_sockfn_get+0x18e/0xd20 [ 929.692915][ T710] ? __lock_acquire+0x4a5/0x2630 [ 929.692939][ T710] ? trace_contention_end+0xd6/0x110 [ 929.692966][ T710] ? __mutex_lock+0x26a/0x1b90 [ 929.692989][ T710] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 929.693008][ T710] ? find_held_lock+0x2b/0x80 [ 929.693055][ T710] ? ip_set_sockfn_get+0x18e/0xd20 [ 929.693080][ T710] __vmalloc_node_noprof+0xad/0xf0 [ 929.693097][ T710] ? ip_set_sockfn_get+0x18e/0xd20 [ 929.693121][ T710] ip_set_sockfn_get+0x18e/0xd20 [ 929.693142][ T710] ? __pfx_ip_set_sockfn_get+0x10/0x10 [ 929.693164][ T710] ? nf_sockopt_find.isra.0+0x222/0x290 [ 929.693187][ T710] nf_getsockopt+0x7c/0xe0 [ 929.693204][ T710] ip_getsockopt+0x192/0x1e0 [ 929.693225][ T710] ? __pfx_ip_getsockopt+0x10/0x10 [ 929.693250][ T710] raw_getsockopt+0x4d/0x1f0 [ 929.693271][ T710] ? __pfx_sock_common_getsockopt+0x10/0x10 [ 929.693288][ T710] do_sock_getsockopt+0x259/0x3d0 [ 929.693307][ T710] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 929.693334][ T710] __sys_getsockopt+0x133/0x1d0 [ 929.693365][ T710] ? __ia32_sys_getsockopt+0xbc/0x160 [ 929.693390][ T710] __ia32_sys_getsockopt+0xbc/0x160 [ 929.693413][ T710] ? __do_fast_syscall_32+0x97/0x660 [ 929.693437][ T710] ? lockdep_hardirqs_on+0x78/0x100 [ 929.693458][ T710] __do_fast_syscall_32+0xde/0x660 [ 929.693508][ T710] do_fast_syscall_32+0x32/0x70 [ 929.693530][ T710] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 929.693552][ T710] RIP: 0023:0xf746d579 [ 929.693568][ T710] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 [ 929.693586][ T710] RSP: 002b:00000000f549650c EFLAGS: 00000292 ORIG_RAX: 000000000000016d [ 929.693608][ T710] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000 [ 929.693621][ T710] RDX: 0000000000000053 RSI: 0000000000000000 RDI: 0000000080000080 [ 929.693632][ T710] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 929.693642][ T710] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 929.693653][ T710] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 929.693679][ T710] [ 929.693828][ T710] Mem-Info: [ 929.709314][ T6064] Bluetooth: hci0: command tx timeout [ 929.710155][ T710] active_anon:4136 inactive_anon:1609 isolated_anon:0 [ 929.710155][ T710] active_file:1797 inactive_file:3581 isolated_file:0 [ 929.710155][ T710] unevictable:1768 dirty:624 writeback:0 [ 929.710155][ T710] slab_reclaimable:7120 slab_unreclaimable:67751 [ 929.710155][ T710] mapped:25276 shmem:4604 pagetables:2095 [ 929.710155][ T710] sec_pagetables:344 bounce:0 [ 929.710155][ T710] kernel_misc_reclaimable:0 [ 929.710155][ T710] free:67836 free_pcp:4387 free_cma:0 [ 929.777423][ T717] lo speed is unknown, defaulting to 1000 [ 929.782208][ T710] Node 0 active_anon:116kB inactive_anon:152kB active_file:288kB inactive_file:32kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:48kB dirty:28kB writeback:0kB shmem:3540kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:10708kB pagetables:1864kB sec_pagetables:1140kB all_unreclaimable? yes Balloon:0kB [ 929.844419][ T710] Node 1 active_anon:19028kB inactive_anon:6284kB active_file:6900kB inactive_file:14092kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:103656kB dirty:1468kB writeback:0kB shmem:17476kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:5776kB pagetables:6616kB sec_pagetables:236kB all_unreclaimable? no Balloon:0kB [ 929.857222][ T710] Node 0 DMA free:2080kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4kB inactive_anon:0kB active_file:24kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:4kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:40kB local_pcp:16kB free_cma:0kB [ 929.868049][ T710] lowmem_reserve[]: 0 288 288 288 288 [ 929.869927][ T710] Node 0 DMA32 free:22512kB boost:6144kB min:19364kB low:22668kB high:25972kB reserved_highatomic:0KB free_highatomic:0KB active_anon:112kB inactive_anon:152kB active_file:264kB inactive_file:32kB unevictable:3536kB writepending:28kB zspages:1504kB present:1032196kB managed:295104kB mlocked:0kB bounce:0kB free_pcp:1920kB local_pcp:496kB free_cma:0kB [ 929.881151][ T710] lowmem_reserve[]: 0 0 0 0 0 [ 929.882820][ T710] Node 1 DMA32 free:244284kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB free_highatomic:0KB active_anon:22628kB inactive_anon:6284kB active_file:6900kB inactive_file:14092kB unevictable:3536kB writepending:568kB zspages:4860kB present:1048432kB managed:948212kB mlocked:0kB bounce:0kB free_pcp:11124kB local_pcp:1948kB free_cma:0kB [ 929.894369][ T710] lowmem_reserve[]: 0 0 0 0 0 [ 929.896052][ T710] Node 0 DMA: 18*4kB (UM) 13*8kB (UM) 1*16kB (U) 5*32kB (UM) 1*64kB (M) 1*128kB (M) 0*256kB 1*512kB (M) 1*1024kB (M) 0*2048kB 0*4096kB = 2080kB [ 929.909141][ T710] Node 0 DMA32: 250*4kB (UE) 419*8kB (UME) 361*16kB (UME) 141*32kB (UM) 69*64kB (UME) 21*128kB (UME) 3*256kB (UME) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 22512kB [ 929.914577][ T710] Node 1 DMA32: 2720*4kB (UME) 4421*8kB (UME) 4344*16kB (UME) 54*32kB (UE) 100*64kB (UM) 90*128kB (UM) 169*256kB (UME) 104*512kB (UM) 6*1024kB (M) 0*2048kB 0*4096kB = 238056kB [ 929.922938][ T710] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 929.927152][ T710] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 929.930221][ T710] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 929.933306][ T710] Node 1 hugepages_total=4 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 929.936486][ T710] 13897 total pagecache pages [ 929.938387][ T710] 1105 pages in swap cache [ 929.940350][ T710] Free swap = 63932kB [ 929.942951][ T710] Total swap = 124996kB [ 929.944763][ T710] 524155 pages RAM [ 929.946410][ T710] 0 pages HighMem/MovableOnly [ 929.948159][ T710] 209486 pages reserved [ 929.949768][ T710] 0 pages cma reserved [ 930.325615][ T742] kvm: kvm [741]: vcpu0, guest rIP: 0xfff0 Unhandled RDMSR(0x4000004f) [ 930.417776][T25108] libceph: connect (1)[c::]:6789 error -13 [ 930.420487][T25108] libceph: mon0 (1)[c::]:6789 connect error [ 930.444066][ T746] ceph: No mds server is up or the cluster is laggy [ 930.566580][T24561] rtc_cmos 00:05: Alarms can be up to one day in the future [ 930.569875][T24561] rtc_cmos 00:05: Alarms can be up to one day in the future [ 930.583194][T24561] rtc_cmos 00:05: Alarms can be up to one day in the future [ 930.586282][T24561] rtc_cmos 00:05: Alarms can be up to one day in the future [ 930.588633][T24561] rtc rtc0: __rtc_set_alarm: err=-22 [ 931.435170][ T803] overlayfs: invalid origin (000000790066696c6530000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000) [ 931.537171][ T808] netlink: 4 bytes leftover after parsing attributes in process `syz.9.27843'. [ 931.918699][ T6064] Bluetooth: hci0: command tx timeout [ 932.056821][ T839] netlink: 'syz.6.27862': attribute type 11 has an invalid length. [ 932.544782][ T854] syzkaller1: entered promiscuous mode [ 932.547287][ T854] syzkaller1: entered allmulticast mode [ 932.654851][ T40] kauditd_printk_skb: 623 callbacks suppressed [ 932.654870][ T40] audit: type=1800 audit(1392.442:21836): pid=859 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.27863" name="nullb0" dev="devtmpfs" ino=3769 res=0 errno=0 [ 932.820394][ T861] lo speed is unknown, defaulting to 1000 [ 933.746733][T15128] usb 11-1: new high-speed USB device number 20 using dummy_hcd [ 933.928591][T15128] usb 11-1: Using ep0 maxpacket: 8 [ 933.935184][T15128] usb 11-1: config 0 interface 0 has no altsetting 0 [ 933.937531][T15128] usb 11-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 933.941037][T15128] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 933.946015][T15128] usb 11-1: config 0 descriptor?? [ 934.152863][ T6064] Bluetooth: hci0: command tx timeout [ 934.386464][T15128] mcp2221 0003:04D8:00DD.0014: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.6-1/input0 [ 934.606309][T15128] usb 11-1: USB disconnect, device number 20 [ 935.812420][ T920] pim6reg1: entered promiscuous mode [ 935.814732][ T920] pim6reg1: entered allmulticast mode [ 935.903528][ T926] netlink: 212368 bytes leftover after parsing attributes in process `syz.9.27891'. [ 936.723092][ T994] netlink: 20 bytes leftover after parsing attributes in process `syz.3.27914'. [ 937.012748][ T1008] netlink: 'syz.3.27918': attribute type 3 has an invalid length. [ 937.017611][ T1009] sit0: entered promiscuous mode [ 937.028921][ T1009] netlink: 'syz.6.27919': attribute type 1 has an invalid length. [ 937.032223][ T1009] netlink: 1 bytes leftover after parsing attributes in process `syz.6.27919'. [ 937.885946][T20308] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 937.918785][ T1044] lo speed is unknown, defaulting to 1000 [ 938.429356][T15128] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 938.522683][ T1098] netlink: 212368 bytes leftover after parsing attributes in process `syz.3.27954'. [ 938.867707][ T1109] lo speed is unknown, defaulting to 1000 [ 939.369841][T12723] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 939.546039][ T6145] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 940.451315][ T1214] netlink: 4 bytes leftover after parsing attributes in process `syz.1.27996'. [ 940.643110][ T6145] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 941.284126][T23115] block nbd3: Possible stuck request ffff888026c70000: control (read@0,1024B). Runtime 30 seconds [ 941.289555][T23115] block nbd3: Possible stuck request ffff888026c70200: control (read@1024,1024B). Runtime 30 seconds [ 941.293293][T23115] block nbd3: Possible stuck request ffff888026c70400: control (read@2048,1024B). Runtime 30 seconds [ 941.298787][T23115] block nbd3: Possible stuck request ffff888026c70600: control (read@3072,1024B). Runtime 30 seconds [ 941.412563][ T1249] netlink: 20 bytes leftover after parsing attributes in process `syz.9.28007'. [ 941.429556][ T1251] binder: 1250:1251 ioctl c0306201 80000540 returned -22 [ 941.743587][ T1254] lo speed is unknown, defaulting to 1000 [ 941.764488][ T6145] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 941.932914][ T1272] netlink: 212368 bytes leftover after parsing attributes in process `syz.9.28017'. [ 942.088617][ T1289] netfs: Couldn't get user pages (rc=-14) [ 942.143427][ T1292] lo speed is unknown, defaulting to 1000 [ 942.575112][ T1320] netlink: 'syz.6.28038': attribute type 11 has an invalid length. [ 942.609898][T12748] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 942.865692][T24561] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 943.242431][ T1353] sctp: [Deprecated]: syz.3.28051 (pid 1353) Use of int in max_burst socket option. [ 943.242431][ T1353] Use struct sctp_assoc_value instead [ 943.295187][T25108] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 943.417361][ T1369] netlink: 4 bytes leftover after parsing attributes in process `syz.6.28059'. [ 943.619560][ T1391] netlink: 36 bytes leftover after parsing attributes in process `syz.1.28069'. [ 943.897568][ T1418] netlink: 'syz.9.28079': attribute type 3 has an invalid length. [ 944.438991][ T1450] netlink: 15478 bytes leftover after parsing attributes in process `syz.3.28094'. [ 945.024430][ T1480] syz.9.28105: page allocation failure: order:0, mode:0x144cca(GFP_HIGHUSER_MOVABLE|__GFP_RETRY_MAYFAIL|__GFP_COMP), nodemask=0,cpuset=/,mems_allowed=0-1 [ 945.034096][ T1480] CPU: 1 UID: 0 PID: 1480 Comm: syz.9.28105 Tainted: G L syzkaller #0 PREEMPT(full) [ 945.034116][ T1480] Tainted: [L]=SOFTLOCKUP [ 945.034120][ T1480] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 945.034127][ T1480] Call Trace: [ 945.034131][ T1480] [ 945.034136][ T1480] dump_stack_lvl+0x100/0x190 [ 945.034153][ T1480] warn_alloc.cold+0x95/0x1c1 [ 945.034171][ T1480] ? __pfx_warn_alloc+0x10/0x10 [ 945.034183][ T1480] ? __mutex_unlock_slowpath+0x15c/0x790 [ 945.034207][ T1480] __alloc_frozen_pages_noprof+0x1442/0x2410 [ 945.034227][ T1480] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 945.034250][ T1480] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 945.034262][ T1480] ? cpuset_nodemask_valid_mems_allowed+0x5f/0x80 [ 945.034279][ T1480] ? policy_nodemask+0xed/0x4f0 [ 945.034296][ T1480] alloc_pages_mpol+0x1fb/0x550 [ 945.034312][ T1480] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 945.034337][ T1480] folio_alloc_mpol_noprof+0x36/0x340 [ 945.034355][ T1480] alloc_migration_target_by_mpol+0x2c1/0x5d0 [ 945.034374][ T1480] ? __pfx_alloc_migration_target_by_mpol+0x10/0x10 [ 945.034392][ T1480] ? __pfx___might_resched+0x10/0x10 [ 945.034412][ T1480] migrate_pages_batch+0x4f2/0x4530 [ 945.034430][ T1480] ? __pfx_alloc_migration_target_by_mpol+0x10/0x10 [ 945.034453][ T1480] ? __pfx_migrate_pages_batch+0x10/0x10 [ 945.034468][ T1480] ? __kasan_slab_alloc+0x89/0x90 [ 945.034482][ T1480] ? kmem_cache_alloc_noprof+0x2ad/0x780 [ 945.034495][ T1480] ? __mpol_dup+0x74/0x370 [ 945.034504][ T1480] ? mbind_range+0x339/0x550 [ 945.034512][ T1480] ? do_mbind+0x7de/0xfd0 [ 945.034522][ T1480] ? do_fast_syscall_32+0x32/0x70 [ 945.034535][ T1480] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 945.034551][ T1480] ? __pfx_remove_migration_pte+0x10/0x10 [ 945.034573][ T1480] migrate_pages_sync+0x12c/0x880 [ 945.034590][ T1480] ? __pfx_alloc_migration_target_by_mpol+0x10/0x10 [ 945.034611][ T1480] ? __pfx_migrate_pages_sync+0x10/0x10 [ 945.034631][ T1480] ? __lock_acquire+0x4a5/0x2630 [ 945.034648][ T1480] migrate_pages+0x1a5b/0x2810 [ 945.034666][ T1480] ? __pfx_alloc_migration_target_by_mpol+0x10/0x10 [ 945.034686][ T1480] ? mpol_set_shared_policy+0x291/0x8a0 [ 945.034696][ T1480] ? mpol_set_shared_policy+0x291/0x8a0 [ 945.034706][ T1480] ? __pfx_migrate_pages+0x10/0x10 [ 945.034725][ T1480] ? find_held_lock+0x2b/0x80 [ 945.034735][ T1480] ? do_mbind+0x557/0xfd0 [ 945.034747][ T1480] ? up_write+0x290/0x4f0 [ 945.034764][ T1480] do_mbind+0x5a6/0xfd0 [ 945.034778][ T1480] ? __pfx_do_mbind+0x10/0x10 [ 945.034796][ T1480] ? __pfx_get_nodes+0x10/0x10 [ 945.034813][ T1480] kernel_mbind+0x1b7/0x200 [ 945.034824][ T1480] ? __pfx_kernel_mbind+0x10/0x10 [ 945.034838][ T1480] __do_fast_syscall_32+0xde/0x660 [ 945.034853][ T1480] do_fast_syscall_32+0x32/0x70 [ 945.034867][ T1480] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 945.034880][ T1480] RIP: 0023:0xf746d579 [ 945.034890][ T1480] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 [ 945.034900][ T1480] RSP: 002b:00000000f549650c EFLAGS: 00000292 ORIG_RAX: 0000000000000112 [ 945.034911][ T1480] RAX: ffffffffffffffda RBX: 0000000080000000 RCX: 0000000000600000 [ 945.034918][ T1480] RDX: 0000000000000002 RSI: 0000000080000000 RDI: 0000000000000008 [ 945.034924][ T1480] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000 [ 945.034930][ T1480] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 945.034936][ T1480] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 945.034950][ T1480] [ 945.034954][ T1480] Mem-Info: [ 945.150119][ T1480] active_anon:2684 inactive_anon:288 isolated_anon:1025 [ 945.150119][ T1480] active_file:817 inactive_file:8358 isolated_file:0 [ 945.150119][ T1480] unevictable:1768 dirty:150 writeback:0 [ 945.150119][ T1480] slab_reclaimable:7160 slab_unreclaimable:68317 [ 945.150119][ T1480] mapped:24517 shmem:4242 pagetables:2130 [ 945.150119][ T1480] sec_pagetables:344 bounce:0 [ 945.150119][ T1480] kernel_misc_reclaimable:0 [ 945.150119][ T1480] free:67964 free_pcp:150 free_cma:0 [ 945.174726][ T1480] Node 0 active_anon:144kB inactive_anon:604kB active_file:0kB inactive_file:204kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:428kB dirty:8kB writeback:0kB shmem:3920kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:10644kB pagetables:1864kB sec_pagetables:1140kB all_unreclaimable? no Balloon:0kB [ 945.184479][ T1480] Node 0 DMA free:1880kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4kB inactive_anon:0kB active_file:24kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:4kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 945.196354][ T1480] lowmem_reserve[]: 0 288 288 288 288 [ 945.198155][ T1480] Node 0 DMA32 free:22144kB boost:0kB min:13220kB low:16524kB high:19828kB reserved_highatomic:0KB free_highatomic:0KB active_anon:72kB inactive_anon:1184kB active_file:56kB inactive_file:276kB unevictable:3536kB writepending:8kB zspages:1696kB present:1032196kB managed:295104kB mlocked:0kB bounce:0kB free_pcp:568kB local_pcp:32kB free_cma:0kB [ 945.208976][ T1480] lowmem_reserve[]: 0 0 0 0 0 [ 945.210518][ T1480] Node 0 DMA: 24*4kB (U) 15*8kB (UM) 2*16kB (UM) 3*32kB (U) 0*64kB 0*128kB 0*256kB 1*512kB (M) 1*1024kB (M) 0*2048kB 0*4096kB = 1880kB [ 945.214914][ T1480] Node 0 DMA32: 304*4kB (UME) 426*8kB (UME) 341*16kB (UME) 170*32kB (UM) 64*64kB (UME) 16*128kB (UME) 3*256kB (UME) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 22432kB [ 945.221092][ T1480] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 945.224089][ T1480] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 945.227052][ T1480] 14264 total pagecache pages [ 945.229086][ T1480] 875 pages in swap cache [ 945.230501][ T1480] Free swap = 58968kB [ 945.232092][ T1480] Total swap = 124996kB [ 945.233766][ T1480] 524155 pages RAM [ 945.235002][ T1480] 0 pages HighMem/MovableOnly [ 945.236504][ T1480] 209486 pages reserved [ 945.237847][ T1480] 0 pages cma reserved [ 945.858393][ T1536] Invalid source name [ 946.169105][ T1538] netlink: 8 bytes leftover after parsing attributes in process `syz.9.28130'. [ 946.402109][ T1556] syzkaller1: entered promiscuous mode [ 946.404143][ T1556] syzkaller1: entered allmulticast mode [ 947.714917][ T1603] netlink: 'syz.9.28154': attribute type 13 has an invalid length. [ 947.808154][ T1610] netlink: 'syz.1.28168': attribute type 64 has an invalid length. [ 947.810778][ T1610] netlink: 16 bytes leftover after parsing attributes in process `syz.1.28168'. [ 947.864142][ T1611] netlink: 'syz.1.28168': attribute type 64 has an invalid length. [ 947.866794][ T1611] netlink: 16 bytes leftover after parsing attributes in process `syz.1.28168'. [ 948.071885][ T24] usb 11-1: new high-speed USB device number 21 using dummy_hcd [ 948.249053][ T24] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 948.252485][ T24] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 948.256514][ T24] usb 11-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 948.259489][ T24] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 948.263316][ T24] usb 11-1: config 0 descriptor?? [ 948.269319][ T1613] netlink: 8 bytes leftover after parsing attributes in process `syz.1.28161'. [ 948.701722][ T24] hid_parser_main: 1 callbacks suppressed [ 948.701737][ T24] cm6533_jd 0003:0D8C:0022.0015: unknown main item tag 0x0 [ 948.706086][ T24] cm6533_jd 0003:0D8C:0022.0015: unknown main item tag 0x0 [ 948.712378][ T24] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.6/usb11/11-1/11-1:0.0/0003:0D8C:0022.0015/input/input94 [ 948.732344][ T24] cm6533_jd 0003:0D8C:0022.0015: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.6-1/input0 [ 948.923048][T25108] usb 11-1: USB disconnect, device number 21 [ 949.095472][ T1627] netlink: 'syz.1.28169': attribute type 19 has an invalid length. [ 949.543598][ T1658] netlink: 212368 bytes leftover after parsing attributes in process `syz.6.28183'. [ 950.898582][ T1735] netlink: 'syz.6.28215': attribute type 12 has an invalid length. [ 950.901126][ T1735] netlink: 'syz.6.28215': attribute type 29 has an invalid length. [ 950.903675][ T1735] netlink: 148 bytes leftover after parsing attributes in process `syz.6.28215'. [ 950.907427][ T1735] netlink: 59 bytes leftover after parsing attributes in process `syz.6.28215'. [ 950.981333][ T1741] netlink: 4 bytes leftover after parsing attributes in process `syz.3.28218'. [ 951.047549][ T1747] netlink: 16 bytes leftover after parsing attributes in process `syz.6.28221'. [ 951.170903][ T1741] bond1: Invalid ad_actor_system MAC address. [ 951.173999][ T1741] bond1: option ad_actor_system: invalid value (68719607821) [ 951.205811][ T1741] bond1 (unregistering): Released all slaves [ 951.415298][ T1777] netlink: 212368 bytes leftover after parsing attributes in process `syz.6.28233'. [ 951.461388][ T1783] team_slave_1: Caught tx_queue_len zero misconfig [ 951.640912][ T1797] ip6erspan0: entered allmulticast mode [ 951.730367][T15128] IPVS: starting estimator thread 0... [ 951.846198][ T1807] IPVS: using max 48 ests per chain, 115200 per kthread [ 951.910000][T24561] usb 11-1: new high-speed USB device number 22 using dummy_hcd [ 952.080833][T24561] usb 11-1: Using ep0 maxpacket: 8 [ 952.084655][T24561] usb 11-1: config 0 interface 0 has no altsetting 0 [ 952.087505][T24561] usb 11-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 952.091257][T24561] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 952.102629][T24561] usb 11-1: config 0 descriptor?? [ 952.545547][T24561] mcp2221 0003:04D8:00DD.0016: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.6-1/input0 [ 952.758335][ T830] usb 11-1: USB disconnect, device number 22 [ 953.440118][ T1846] netlink: 4 bytes leftover after parsing attributes in process `syz.9.28262'. [ 954.240335][T20306] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 954.453189][ T1880] syzkaller1: entered promiscuous mode [ 954.453807][T12748] usb 11-1: new high-speed USB device number 23 using dummy_hcd [ 954.456070][ T1880] syzkaller1: entered allmulticast mode [ 954.624748][T12748] usb 11-1: Using ep0 maxpacket: 8 [ 954.628272][T12748] usb 11-1: config 0 has no interfaces? [ 954.632203][T12748] usb 11-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 954.635654][T12748] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 954.638307][T12748] usb 11-1: Product: syz [ 954.639650][T12748] usb 11-1: Manufacturer: syz [ 954.641108][T12748] usb 11-1: SerialNumber: syz [ 954.644230][T12748] usb 11-1: config 0 descriptor?? [ 954.751527][ T1888] trusted_key: syz.1.28281 sent an empty control message without MSG_MORE. [ 954.864647][T12748] usb 11-1: USB disconnect, device number 23 [ 955.066280][ T1906] netlink: 16 bytes leftover after parsing attributes in process `syz.1.28289'. [ 955.578592][ T1949] netlink: 212368 bytes leftover after parsing attributes in process `syz.6.28307'. [ 955.617212][ T1952] tipc: Bearer : already 2 bearers with priority 10 [ 955.621345][ T1952] tipc: Bearer : trying with adjusted priority [ 955.623701][ T1952] tipc: Enabling of bearer rejected, max 3 bearers permitted [ 956.870533][T25108] libceph: connect (1)[c::]:6789 error -101 [ 956.872720][T25108] libceph: mon0 (1)[c::]:6789 connect error [ 957.147191][T25108] libceph: connect (1)[c::]:6789 error -101 [ 957.149697][T25108] libceph: mon0 (1)[c::]:6789 connect error [ 957.691935][T19149] libceph: connect (1)[c::]:6789 error -101 [ 957.693955][T19149] libceph: mon0 (1)[c::]:6789 connect error [ 957.756565][ T2014] ceph: No mds server is up or the cluster is laggy [ 957.872316][ T40] audit: type=1326 audit(1672.033:21837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2045 comm="syz.3.28347" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7ff5579 code=0x0 [ 959.795285][ T2105] PF_CAN: dropped non conform CAN skbuff: dev type 65534, len 34 [ 960.149563][ T2113] vcan0: tx drop: invalid da for name 0x0000008000000000 [ 960.189837][ T2115] kvm: user requested TSC rate below hardware speed [ 960.481327][ T2131] netlink: 212336 bytes leftover after parsing attributes in process `syz.6.28380'. [ 960.592552][ T2144] binder: 2143:2144 ioctl 8933 0 returned -22 [ 960.620034][ T40] audit: type=1804 audit(1674.606:21838): pid=2146 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.6.28387" name="/newroot/624/file1" dev="tmpfs" ino=3199 res=1 errno=0 [ 961.175919][T19149] kernel read not supported for file /dsp1 (pid: 19149 comm: kworker/3:5) [ 961.523163][ T2184] netlink: 20 bytes leftover after parsing attributes in process `syz.6.28405'. [ 961.568007][ T2186] syzkaller1: entered promiscuous mode [ 961.570024][ T2186] syzkaller1: entered allmulticast mode [ 962.427254][ T2196] netlink: 212368 bytes leftover after parsing attributes in process `syz.9.28411'. [ 963.192571][ T2256] syzkaller1: entered promiscuous mode [ 963.194762][ T2256] syzkaller1: entered allmulticast mode [ 963.867947][T15128] usb 14-1: new high-speed USB device number 6 using dummy_hcd [ 964.041028][T15128] usb 14-1: Using ep0 maxpacket: 8 [ 964.048955][T15128] usb 14-1: config index 0 descriptor too short (expected 301, got 45) [ 964.052805][T15128] usb 14-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 964.056961][T15128] usb 14-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 964.061325][T15128] usb 14-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 964.066076][T15128] usb 14-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 964.072794][T15128] usb 14-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 964.076821][T15128] usb 14-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 964.307226][T15128] usb 14-1: usb_control_msg returned -32 [ 964.309116][T15128] usbtmc 14-1:16.0: can't read capabilities [ 964.688625][ T2316] usbtmc 14-1:16.0: INITIATE_ABORT_BULK_OUT returned 0 [ 964.906573][ T5310] usb 14-1: USB disconnect, device number 6 [ 965.780232][T15128] usb 14-1: new high-speed USB device number 7 using dummy_hcd [ 965.951195][T15128] usb 14-1: Using ep0 maxpacket: 32 [ 965.954716][T15128] usb 14-1: config 0 has an invalid interface number: 31 but max is 0 [ 965.957503][T15128] usb 14-1: config 0 has no interface number 0 [ 965.959569][T15128] usb 14-1: config 0 interface 31 has no altsetting 0 [ 965.963862][T15128] usb 14-1: New USB device found, idVendor=045e, idProduct=0459, bcdDevice=71.7d [ 965.967160][T15128] usb 14-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 965.969844][T15128] usb 14-1: Product: syz [ 965.971278][T15128] usb 14-1: Manufacturer: syz [ 965.973042][T15128] usb 14-1: SerialNumber: syz [ 965.978223][T15128] usb 14-1: config 0 descriptor?? [ 966.458601][ T2337] netlink: 7 bytes leftover after parsing attributes in process `syz.6.28468'. [ 966.471870][ T2325] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 966.475694][ T2325] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 966.481199][T25108] usb 14-1: USB disconnect, device number 7 [ 966.580010][ T2342] netlink: 8 bytes leftover after parsing attributes in process `syz.3.28470'. [ 967.118397][ T2370] syzkaller1: entered promiscuous mode [ 967.120815][ T2370] syzkaller1: entered allmulticast mode [ 967.393897][ T2377] lo: Caught tx_queue_len zero misconfig [ 967.471533][ T2380] input: syz0 as /devices/virtual/input/input95 [ 967.795693][ T2401] syzkaller1: entered promiscuous mode [ 967.797549][ T2401] syzkaller1: entered allmulticast mode [ 968.041758][ T40] audit: type=1326 audit(1681.551:21839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2416 comm="syz.3.28504" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7ff5598 code=0x7ffc0000 [ 968.049542][ T40] audit: type=1326 audit(1681.551:21840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2416 comm="syz.3.28504" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff5579 code=0x7ffc0000 [ 968.058324][ T40] audit: type=1326 audit(1681.551:21841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2416 comm="syz.3.28504" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff5579 code=0x7ffc0000 [ 968.065161][ T40] audit: type=1326 audit(1681.551:21842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2416 comm="syz.3.28504" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7ff5598 code=0x7ffc0000 [ 968.075327][ T40] audit: type=1326 audit(1681.551:21843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2416 comm="syz.3.28504" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7ff5598 code=0x7ffc0000 [ 968.083789][ T40] audit: type=1326 audit(1681.551:21844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2416 comm="syz.3.28504" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff5579 code=0x7ffc0000 [ 968.091631][ T40] audit: type=1326 audit(1681.551:21845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2416 comm="syz.3.28504" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff5579 code=0x7ffc0000 [ 968.097710][ T40] audit: type=1326 audit(1681.551:21846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2416 comm="syz.3.28504" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff5579 code=0x7ffc0000 [ 968.110027][ T40] audit: type=1326 audit(1681.551:21847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2416 comm="syz.3.28504" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7ff5598 code=0x7ffc0000 [ 968.117098][ T40] audit: type=1326 audit(1681.551:21848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2416 comm="syz.3.28504" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7ff5598 code=0x7ffc0000 [ 968.162769][ T2413] netlink: 212916 bytes leftover after parsing attributes in process `syz.1.28501'. [ 969.672391][ T2487] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 970.166968][ T2502] netlink: 4 bytes leftover after parsing attributes in process `syz.9.28539'. [ 970.173670][ T2502] netlink: 72 bytes leftover after parsing attributes in process `syz.9.28539'. [ 970.933775][ T2544] syzkaller1: entered promiscuous mode [ 970.936056][ T2544] syzkaller1: entered allmulticast mode [ 971.046842][ T46] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 972.159114][T25108] usb 11-1: new high-speed USB device number 24 using dummy_hcd [ 972.320674][T25108] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 972.324325][T25108] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 972.327574][T25108] usb 11-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 972.333160][T25108] usb 11-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 972.336650][T25108] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 972.342519][T25108] usb 11-1: config 0 descriptor?? [ 972.802311][T25108] plantronics 0003:047F:FFFF.0017: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.6-1/input0 [ 973.064662][T12748] usb 11-1: USB disconnect, device number 24 [ 973.430899][T23115] block nbd3: Possible stuck request ffff888026c70000: control (read@0,1024B). Runtime 60 seconds [ 973.435753][T23115] block nbd3: Possible stuck request ffff888026c70200: control (read@1024,1024B). Runtime 60 seconds [ 973.440563][T23115] block nbd3: Possible stuck request ffff888026c70400: control (read@2048,1024B). Runtime 60 seconds [ 973.446585][T23115] block nbd3: Possible stuck request ffff888026c70600: control (read@3072,1024B). Runtime 60 seconds [ 973.670838][ T2618] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 973.678711][ T2618] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 973.869345][ T6058] Bluetooth: hci0: link tx timeout [ 973.872724][ T6058] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa [ 974.060669][ T2634] sp0: Synchronizing with TNC [ 974.070375][ T2634] [U] [ 974.550135][ T40] kauditd_printk_skb: 79 callbacks suppressed [ 974.550153][ T40] audit: type=1326 audit(1687.643:21928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2660 comm="syz.9.28595" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf746d579 code=0x0 [ 975.121311][ T6064] Bluetooth: hci0: link tx timeout [ 975.125789][ T6064] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa [ 976.038003][ T6064] Bluetooth: hci0: command 0x0405 tx timeout [ 976.187312][ T9] usb 14-1: new high-speed USB device number 8 using dummy_hcd [ 976.214012][ T6058] Bluetooth: hci0: Opcode 0x1407 failed: -22 [ 976.257890][ T2752] netlink: 'syz.3.28618': attribute type 2 has an invalid length. [ 976.261413][ T2752] netlink: 'syz.3.28618': attribute type 2 has an invalid length. [ 976.273170][ T2752] netlink: 'syz.3.28618': attribute type 2 has an invalid length. [ 976.358828][ T9] usb 14-1: Using ep0 maxpacket: 8 [ 976.363022][ T9] usb 14-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 976.367233][ T9] usb 14-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 976.379294][ T9] usb 14-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 976.384321][ T9] usb 14-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 976.402562][ T9] usb 14-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 976.406658][ T9] usb 14-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 976.627292][ T2775] netlink: 428 bytes leftover after parsing attributes in process `syz.3.28627'. [ 976.631421][ T2775] netlink: 32 bytes leftover after parsing attributes in process `syz.3.28627'. [ 976.636502][ T9] usb 14-1: GET_CAPABILITIES returned 0 [ 976.638755][ T9] usbtmc 14-1:16.0: can't read capabilities [ 976.853155][T10620] usb 14-1: USB disconnect, device number 8 [ 977.490207][ T2837] loop8: detected capacity change from 0 to 8 [ 977.496459][ T2837] Dev loop8: unable to read RDB block 8 [ 977.499154][ T2837] loop8: unable to read partition table [ 977.509828][ T2837] loop8: partition table beyond EOD, truncated [ 977.515239][ T2837] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5) [ 977.658239][ T2851] lo speed is unknown, defaulting to 1000 [ 978.391510][ T9] hid-generic 0005:0006:5508.0018: hidraw0: BLUETOOTH HID vc3.36 Device [syz0] on aa:aa:aa:aa:aa:aa [ 978.449316][ T2881] fido_id[2881]: Failed to open report descriptor at '/sys/devices/virtual/bluetooth/hci3/hci3:200/report_descriptor': No such file or directory [ 978.619743][ T2890] netlink: 4 bytes leftover after parsing attributes in process `syz.6.28653'. [ 978.887924][ T6058] Bluetooth: Unexpected continuation frame (len 16) [ 978.933519][ T2890] hsr_slave_1 (unregistering): left promiscuous mode [ 979.726483][ T2964] tipc: Bearer : already 2 bearers with priority 10 [ 979.729719][ T2964] tipc: Bearer : trying with adjusted priority [ 979.733105][ T2964] tipc: Enabling of bearer rejected, max 3 bearers permitted [ 979.907858][ T2983] loop8: detected capacity change from 0 to 8 [ 979.911884][ T2983] Dev loop8: unable to read RDB block 8 [ 979.914339][ T2983] loop8: unable to read partition table [ 979.919024][ T2983] loop8: partition table beyond EOD, truncated [ 979.921796][ T2983] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5) [ 981.699448][ T3048] netlink: 8 bytes leftover after parsing attributes in process `syz.6.28704'. [ 981.705242][ T3048] netlink: 4 bytes leftover after parsing attributes in process `syz.6.28704'. [ 981.709230][ T3048] netlink: 8 bytes leftover after parsing attributes in process `syz.6.28704'. [ 981.763247][ T3052] netlink: 112 bytes leftover after parsing attributes in process `syz.6.28707'. [ 982.107383][ T3075] netlink: 4 bytes leftover after parsing attributes in process `syz.1.28717'. [ 982.124157][ T3077] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 982.278170][ C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 982.282979][ C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 982.386397][ T3075] hsr_slave_1 (unregistering): left promiscuous mode [ 982.414566][ T3088] netlink: 16 bytes leftover after parsing attributes in process `syz.6.28723'. [ 982.477352][ T3098] lo speed is unknown, defaulting to 1000 [ 983.326618][ T3128] netlink: 8 bytes leftover after parsing attributes in process `syz.9.28739'. [ 983.330634][ T3128] netlink: 'syz.9.28739': attribute type 1 has an invalid length. [ 983.343182][ T1224] netdevsim netdevsim9 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 983.350864][ T3126] block device autoloading is deprecated and will be removed. [ 983.356791][ T1224] netdevsim netdevsim9 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 983.392871][ T1224] netdevsim netdevsim9 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 983.396092][ T1224] netdevsim netdevsim9 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 983.943671][ T3155] netlink: 48 bytes leftover after parsing attributes in process `syz.3.28752'. [ 984.000629][ T40] audit: type=1326 audit(1696.497:21929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3163 comm="syz.1.28757" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93579 code=0x7ffc0000 [ 984.012420][ T40] audit: type=1326 audit(1696.497:21930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3163 comm="syz.1.28757" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93579 code=0x7ffc0000 [ 984.032408][ T40] audit: type=1326 audit(1696.497:21931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3163 comm="syz.1.28757" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93579 code=0x7ffc0000 [ 984.042994][ T40] audit: type=1326 audit(1696.497:21932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3163 comm="syz.1.28757" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93579 code=0x7ffc0000 [ 984.053953][ T40] audit: type=1326 audit(1696.497:21933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3163 comm="syz.1.28757" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f93579 code=0x7ffc0000 [ 984.064403][ T40] audit: type=1326 audit(1696.497:21934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3163 comm="syz.1.28757" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93579 code=0x7ffc0000 [ 984.072682][ T40] audit: type=1326 audit(1696.497:21935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3163 comm="syz.1.28757" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93579 code=0x7ffc0000 [ 984.081604][ T40] audit: type=1326 audit(1696.497:21936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3163 comm="syz.1.28757" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93579 code=0x7ffc0000 [ 984.091364][ T40] audit: type=1326 audit(1696.497:21938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3163 comm="syz.1.28757" exe="/syz-executor" sig=0 arch=40000003 syscall=362 compat=1 ip=0xf7f93579 code=0x7ffc0000 [ 984.098626][ T3170] sch_tbf: burst 19920 is lower than device lo mtu (65550) ! [ 984.100830][ T40] audit: type=1326 audit(1696.497:21937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3163 comm="syz.1.28757" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93579 code=0x7ffc0000 [ 984.206562][T13780] usb 11-1: new high-speed USB device number 25 using dummy_hcd [ 984.306203][ T3182] binder: 3181:3182 ioctl c0306201 80000540 returned -14 [ 984.332719][T12724] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 984.393274][T13780] usb 11-1: Using ep0 maxpacket: 16 [ 984.407325][T13780] usb 11-1: too many endpoints for config 0 interface 0 altsetting 0: 129, using maximum allowed: 30 [ 984.411553][T13780] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 984.420622][T13780] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 984.426022][T13780] usb 11-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 129 [ 984.431927][T13780] usb 11-1: New USB device found, idVendor=0458, idProduct=5013, bcdDevice= 0.00 [ 984.436036][T13780] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 984.441654][T13780] usb 11-1: config 0 descriptor?? [ 984.889150][T13780] input: HID 0458:5013 as /devices/platform/dummy_hcd.6/usb11/11-1/11-1:0.0/0003:0458:5013.0019/input/input97 [ 984.912754][T13780] input: HID 0458:5013 as /devices/platform/dummy_hcd.6/usb11/11-1/11-1:0.0/0003:0458:5013.0019/input/input98 [ 984.971897][T13780] kye 0003:0458:5013.0019: input,hiddev0,hidraw0: USB HID vff.fa Device [HID 0458:5013] on usb-dummy_hcd.6-1/input0 [ 985.184891][T12725] usb 11-1: USB disconnect, device number 25 [ 985.982680][ T3221] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap1 [ 986.006910][T15128] usb 11-1: new high-speed USB device number 26 using dummy_hcd [ 986.168683][T15128] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 986.177249][T15128] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 986.182519][T15128] usb 11-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 986.189007][T15128] usb 11-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 986.193112][T15128] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 986.200909][T15128] usb 11-1: config 0 descriptor?? [ 986.245578][ T3229] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 986.653765][T15128] plantronics 0003:047F:FFFF.001A: reserved main item tag 0xd [ 986.671834][T15128] plantronics 0003:047F:FFFF.001A: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.6-1/input0 [ 986.932221][T12748] usb 11-1: USB disconnect, device number 26 [ 987.218942][ T3259] block device autoloading is deprecated and will be removed. [ 988.432795][ T46] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 988.528018][T13780] usb 11-1: new high-speed USB device number 27 using dummy_hcd [ 988.711334][T13780] usb 11-1: config 4 has an invalid interface number: 28 but max is 0 [ 988.714385][T13780] usb 11-1: config 4 has no interface number 0 [ 988.718933][T13780] usb 11-1: New USB device found, idVendor=05ac, idProduct=0245, bcdDevice= a.3a [ 988.722759][T13780] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 988.726022][T13780] usb 11-1: Product: syz [ 988.728047][T13780] usb 11-1: Manufacturer: syz [ 988.730287][T13780] usb 11-1: SerialNumber: syz [ 988.742754][T13780] input: bcm5974 as /devices/platform/dummy_hcd.6/usb11/11-1/11-1:4.28/input/input100 [ 989.043384][ T5334] bcm5974 11-1:4.28: could not read from device [ 989.098856][T13780] usb 11-1: USB disconnect, device number 27 [ 989.162742][T10728] udevd[10728]: Error opening device "/dev/input/event3": No such file or directory [ 989.168238][T10728] udevd[10728]: Unable to EVIOCGABS device "/dev/input/event3" [ 989.171996][T10728] udevd[10728]: Unable to EVIOCGABS device "/dev/input/event3" [ 989.174662][T10728] udevd[10728]: Unable to EVIOCGABS device "/dev/input/event3" [ 989.177147][T10728] udevd[10728]: Unable to EVIOCGABS device "/dev/input/event3" [ 989.393189][ T3361] netlink: 24 bytes leftover after parsing attributes in process `syz.3.28832'. [ 989.934684][ T3393] netlink: 212368 bytes leftover after parsing attributes in process `syz.1.28847'. [ 990.960785][ T3415] lo speed is unknown, defaulting to 1000 [ 991.809421][ T3430] 9pnet: p9_errstr2errno: server reported unknown error 0x000 [ 992.257327][ T3447] netlink: 'syz.3.28869': attribute type 12 has an invalid length. [ 992.260241][ T3447] netlink: 'syz.3.28869': attribute type 29 has an invalid length. [ 992.263470][ T3447] netlink: 148 bytes leftover after parsing attributes in process `syz.3.28869'. [ 992.267268][ T3447] netlink: 'syz.3.28869': attribute type 2 has an invalid length. [ 992.270368][ T3447] netlink: 23 bytes leftover after parsing attributes in process `syz.3.28869'. [ 993.223461][T12724] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 993.226368][T12724] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 993.240754][T12748] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 993.245960][T12748] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 993.288636][ T3488] overlayfs: upper fs does not support tmpfile. [ 994.105529][ T9] usb 11-1: new full-speed USB device number 28 using dummy_hcd [ 994.219542][ T3535] netlink: 8 bytes leftover after parsing attributes in process `syz.3.28906'. [ 994.223200][ T3535] netlink: 8 bytes leftover after parsing attributes in process `syz.3.28906'. [ 994.269235][ T9] usb 11-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 994.274477][ T9] usb 11-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 994.278726][ T9] usb 11-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 64 [ 994.283964][ T9] usb 11-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 994.288791][ T9] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 994.297033][ T3522] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22 [ 994.303448][ T9] hub 11-1:1.0: bad descriptor, ignoring hub [ 994.306529][ T9] hub 11-1:1.0: probe with driver hub failed with error -5 [ 994.310632][ T9] cdc_wdm 11-1:1.0: skipping garbage [ 994.313296][ T9] cdc_wdm 11-1:1.0: skipping garbage [ 994.317900][ T9] cdc_wdm 11-1:1.0: cdc-wdm0: USB WDM device [ 994.322557][ T9] cdc_wdm 11-1:1.0: Unknown control protocol [ 994.978155][ T3522] cdc_wdm 11-1:1.0: Error autopm - -16 [ 994.978247][T24561] usb 11-1: USB disconnect, device number 28 [ 995.142287][T24561] usb 11-1: new low-speed USB device number 29 using dummy_hcd [ 995.304702][T24561] usb 11-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 995.308527][T24561] usb 11-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 995.311604][T24561] usb 11-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 8 [ 995.315580][T24561] usb 11-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 995.319349][T24561] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 995.325709][ T3549] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22 [ 995.330316][T24561] hub 11-1:1.0: bad descriptor, ignoring hub [ 995.332616][T24561] hub 11-1:1.0: probe with driver hub failed with error -5 [ 995.335624][T24561] cdc_wdm 11-1:1.0: skipping garbage [ 995.338454][T24561] cdc_wdm 11-1:1.0: skipping garbage [ 995.341876][T24561] cdc_wdm 11-1:1.0: cdc-wdm0: USB WDM device [ 995.344467][T24561] cdc_wdm 11-1:1.0: Unknown control protocol [ 995.584210][ T3573] netlink: 4 bytes leftover after parsing attributes in process `syz.3.28917'. [ 995.677155][ T6126] usb 11-1: USB disconnect, device number 29 [ 995.960782][ T3585] netlink: 12 bytes leftover after parsing attributes in process `syz.9.28922'. [ 995.966544][ T3585] bridge_slave_1: Caught tx_queue_len zero misconfig [ 996.070846][ T3587] lo speed is unknown, defaulting to 1000 [ 996.115732][ T3590] netlink: 212368 bytes leftover after parsing attributes in process `syz.9.28924'. [ 996.156026][ T3593] netlink: 44 bytes leftover after parsing attributes in process `syz.6.28925'. [ 996.163451][ T3593] netlink: 43 bytes leftover after parsing attributes in process `syz.6.28925'. [ 996.168484][ T3593] netlink: 'syz.6.28925': attribute type 6 has an invalid length. [ 996.171994][ T3593] netlink: 'syz.6.28925': attribute type 5 has an invalid length. [ 996.175932][ T3593] netlink: 43 bytes leftover after parsing attributes in process `syz.6.28925'. [ 997.308031][ T3653] netlink: 12 bytes leftover after parsing attributes in process `syz.1.28952'. [ 997.568507][ T40] kauditd_printk_skb: 15 callbacks suppressed [ 997.568523][ T40] audit: type=1326 audit(1709.188:21954): auid=4294967295 uid=0 gid=60928 ses=4294967295 subj=unconfined pid=3662 comm="syz.6.28957" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f25579 code=0x0 [ 997.811212][ T3671] io-wq is not configured for unbound workers [ 998.843129][ T3712] 9pnet: p9_errstr2errno: server reported unknown error [ 998.955406][ T3717] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 999.291984][ T3731] netlink: 24 bytes leftover after parsing attributes in process `syz.9.28980'. [ 999.438405][ T3739] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 999.443686][ T3739] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 999.447319][ T3739] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 999.455838][ T3739] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 999.694915][ C3] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1000.068527][ T3744] netlink: 4 bytes leftover after parsing attributes in process `syz.1.28989'. [ 1000.154161][ C3] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1000.281096][ T3753] lo speed is unknown, defaulting to 1000 [ 1000.326439][ T3739] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1000.333914][ T3739] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1001.082798][ C3] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1001.250730][ T3777] openvswitch: netlink: Missing key (keys=40, expected=10000000) [ 1001.382735][ T3785] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 1001.614737][ T3800] kvm: user requested TSC rate below hardware speed [ 1002.503954][ T24] usb 14-1: new high-speed USB device number 9 using dummy_hcd [ 1002.686298][ T24] usb 14-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 1002.690068][ T24] usb 14-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 1002.696476][ T24] usb 14-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 1002.699972][ T24] usb 14-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 1002.704646][ T24] usb 14-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1002.708652][ T24] usb 14-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1002.718064][ T24] usb 14-1: config 0 descriptor?? [ 1002.720330][ T3836] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22 [ 1002.733931][ T3855] sch_tbf: peakrate 4371928080232180342 is lower than or equals to rate 17839573476630410903 ! [ 1002.904942][ T3859] vcan0: tx drop: invalid da for name 0x0000000000000002 [ 1003.165331][ T24] plantronics 0003:047F:FFFF.001B: unknown main item tag 0x0 [ 1003.169314][ T24] plantronics 0003:047F:FFFF.001B: unknown main item tag 0x0 [ 1003.172701][ T24] plantronics 0003:047F:FFFF.001B: unknown main item tag 0x0 [ 1003.176183][ T24] plantronics 0003:047F:FFFF.001B: unknown main item tag 0x0 [ 1003.179754][ T24] plantronics 0003:047F:FFFF.001B: unknown main item tag 0x0 [ 1003.182694][ T24] plantronics 0003:047F:FFFF.001B: unknown main item tag 0x0 [ 1003.189384][ T24] plantronics 0003:047F:FFFF.001B: unknown main item tag 0x0 [ 1003.192874][ T24] plantronics 0003:047F:FFFF.001B: unknown main item tag 0x0 [ 1003.199678][ T24] plantronics 0003:047F:FFFF.001B: unknown main item tag 0x0 [ 1003.202697][ T24] plantronics 0003:047F:FFFF.001B: unknown main item tag 0x0 [ 1003.211593][ T24] plantronics 0003:047F:FFFF.001B: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.9-1/input0 [ 1003.224930][ T3870] netlink: 4 bytes leftover after parsing attributes in process `syz.1.29045'. [ 1003.436639][T12724] usb 14-1: USB disconnect, device number 9 [ 1004.199280][T20309] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 1004.209174][ T3895] lo speed is unknown, defaulting to 1000 [ 1004.264029][ T3897] lo speed is unknown, defaulting to 1000 [ 1004.556557][ T3915] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 1004.562178][ T3915] overlayfs: workdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 1004.620003][T25106] usb 14-1: new high-speed USB device number 10 using dummy_hcd [ 1004.780110][T25106] usb 14-1: Using ep0 maxpacket: 8 [ 1004.785203][T25106] usb 14-1: config index 0 descriptor too short (expected 301, got 45) [ 1004.788274][T25106] usb 14-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 1004.801562][T25106] usb 14-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 1004.805308][T25106] usb 14-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 1004.809452][T25106] usb 14-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1004.815858][T25106] usb 14-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 1004.819427][T25106] usb 14-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1005.044981][T25106] usb 14-1: usb_control_msg returned -32 [ 1005.048237][T25106] usbtmc 14-1:16.0: can't read capabilities [ 1005.355685][ T3934] binder: 3933:3934 ioctl c0306201 80000480 returned -14 [ 1005.423027][ T3939] usbtmc 14-1:16.0: usb_control_msg returned -32 [ 1005.427383][T13780] usb 14-1: USB disconnect, device number 10 [ 1005.583517][T23115] block nbd3: Possible stuck request ffff888026c70000: control (read@0,1024B). Runtime 90 seconds [ 1005.588196][T23115] block nbd3: Possible stuck request ffff888026c70200: control (read@1024,1024B). Runtime 90 seconds [ 1005.593938][T23115] block nbd3: Possible stuck request ffff888026c70400: control (read@2048,1024B). Runtime 90 seconds [ 1005.598520][T23115] block nbd3: Possible stuck request ffff888026c70600: control (read@3072,1024B). Runtime 90 seconds [ 1005.600099][ T3949] syzkaller1: entered promiscuous mode [ 1005.605862][ T3949] syzkaller1: entered allmulticast mode [ 1005.741441][ T3953] input: syz1 as /devices/virtual/input/input101 [ 1005.903917][ T3958] lo speed is unknown, defaulting to 1000 [ 1005.925358][ T40] audit: type=1326 audit(1717.012:21955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3954 comm="syz.6.29079" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f25579 code=0x0 [ 1005.949764][ T3959] netlink: 'syz.1.29080': attribute type 16 has an invalid length. [ 1005.952680][ T3959] netlink: 'syz.1.29080': attribute type 17 has an invalid length. [ 1005.971077][ T3959] erspan0: left promiscuous mode [ 1005.983445][ T3959] ip6gretap0: left promiscuous mode [ 1005.987965][ T3959] bridge0: left allmulticast mode [ 1005.992627][ T3959] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1006.045160][ T3959] net_ratelimit: 3 callbacks suppressed [ 1006.045171][ T3959] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 1006.237194][ T40] audit: type=1800 audit(1717.302:21956): pid=3975 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.29086" name="file0" dev="9p" ino=72614093 res=0 errno=0 [ 1006.639212][ C3] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1006.643886][ C3] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1006.651333][ C3] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1007.355190][T12724] usb 14-1: new high-speed USB device number 11 using dummy_hcd [ 1007.374656][ T4034] netlink: 4 bytes leftover after parsing attributes in process `syz.1.29110'. [ 1007.517277][T12724] usb 14-1: Using ep0 maxpacket: 32 [ 1007.521033][T12724] usb 14-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1007.525184][T12724] usb 14-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1007.531715][T12724] usb 14-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 1007.535764][T12724] usb 14-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1007.541438][T12724] usb 14-1: config 0 descriptor?? [ 1007.985916][T12724] savu 0003:1E7D:2D5A.001C: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.9-1/input0 [ 1008.255096][T12725] usb 14-1: USB disconnect, device number 11 [ 1008.937091][ T4119] netlink: 8 bytes leftover after parsing attributes in process `syz.6.29147'. [ 1010.150965][ T4202] can0: slcan on ttyS3. [ 1010.390574][ T4202] can0 (unregistered): slcan off ttyS3. [ 1010.682401][ T4234] netlink: 12 bytes leftover after parsing attributes in process `syz.3.29198'. [ 1010.967011][ T4233] netlink: 60 bytes leftover after parsing attributes in process `syz.3.29198'. [ 1010.977201][ T4235] netlink: 60 bytes leftover after parsing attributes in process `syz.3.29198'. [ 1011.211528][ T4248] netlink: 4 bytes leftover after parsing attributes in process `syz.6.29203'. [ 1011.977118][ T4271] netlink: 80 bytes leftover after parsing attributes in process `syz.3.29213'. [ 1011.984150][ T4271] netlink: 80 bytes leftover after parsing attributes in process `syz.3.29213'. [ 1012.120849][ T6145] usb 11-1: new high-speed USB device number 30 using dummy_hcd [ 1012.291617][ T6145] usb 11-1: Using ep0 maxpacket: 32 [ 1012.298994][ T6145] usb 11-1: unable to get BOS descriptor or descriptor too short [ 1012.303155][ T6145] usb 11-1: config 1 interface 0 altsetting 7 endpoint 0x81 has an invalid bInterval 201, changing to 11 [ 1012.307477][ T6145] usb 11-1: config 1 interface 0 altsetting 7 bulk endpoint 0x82 has invalid maxpacket 64 [ 1012.310908][ T6145] usb 11-1: config 1 interface 0 altsetting 7 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 1012.316242][ T6145] usb 11-1: config 1 interface 0 has no altsetting 0 [ 1012.320401][ T6145] usb 11-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1012.323725][ T6145] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1012.326834][ T6145] usb 11-1: Product: syz [ 1012.328608][ T6145] usb 11-1: Manufacturer: syz [ 1012.330528][ T6145] usb 11-1: SerialNumber: syz [ 1012.336504][ T4257] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 1012.339763][ T4257] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 1013.545309][ T4294] vcan0: tx drop: invalid sa for name 0x0000000000000004 [ 1013.586666][ T4296] netlink: 80 bytes leftover after parsing attributes in process `syz.1.29223'. [ 1013.591023][ T4296] netlink: 80 bytes leftover after parsing attributes in process `syz.1.29223'. [ 1013.826280][ T40] audit: type=1804 audit(1724.406:21957): pid=4308 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.29228" name="/newroot/361/file0/file1" dev="overlay" ino=1888 res=1 errno=0 [ 1014.429001][T12725] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1014.433092][ T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1014.437760][ T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1014.441263][ T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1014.445147][ T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1014.461391][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1014.465064][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1014.468316][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1014.484808][T12725] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1014.754763][ T4342] input: syz0 as /devices/virtual/input/input102 [ 1014.793449][ T6145] cdc_ether 11-1:1.0: probe with driver cdc_ether failed with error -22 [ 1014.798654][ T6145] usb 11-1: USB disconnect, device number 30 [ 1015.716520][ T4371] netlink: 7 bytes leftover after parsing attributes in process `syz.1.29258'. [ 1015.730047][ T4373] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 1015.972589][ T4393] syz_tun: entered allmulticast mode [ 1015.976358][ T4391] syz_tun: left allmulticast mode [ 1016.151391][ T4409] input: syz1 as /devices/virtual/input/input103 [ 1016.313236][ T4422] lo speed is unknown, defaulting to 1000 [ 1017.244974][ T4484] kvm: user requested TSC rate below hardware speed [ 1017.866485][ T4511] lo speed is unknown, defaulting to 1000 [ 1018.651154][ T40] audit: type=1326 audit(1728.926:21958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4542 comm="syz.3.29333" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7ff5579 code=0x0 [ 1019.877568][T10620] usb 11-1: new high-speed USB device number 31 using dummy_hcd [ 1019.945273][ T4591] 8021q: adding VLAN 0 to HW filter on device bond9 [ 1020.081501][T10620] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1020.086119][T10620] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1020.090213][T10620] usb 11-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 1020.096049][ T40] audit: type=1326 audit(1730.274:21959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4593 comm="syz.1.29354" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f93579 code=0x0 [ 1020.112679][T10620] usb 11-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1020.116549][T10620] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1020.122321][T10620] usb 11-1: config 0 descriptor?? [ 1020.240944][ C1] net_ratelimit: 8 callbacks suppressed [ 1020.240958][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1020.575969][T10620] plantronics 0003:047F:FFFF.001D: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.6-1/input0 [ 1020.946313][ T4613] lo speed is unknown, defaulting to 1000 [ 1021.051187][ T4613] lo speed is unknown, defaulting to 1000 [ 1021.072847][ T4622] binder: 4620:4622 ioctl c0306201 80000040 returned -14 [ 1021.130336][ T4626] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 1021.441804][ T4639] netlink: 4 bytes leftover after parsing attributes in process `syz.9.29371'. [ 1021.970375][ T40] audit: type=1326 audit(1732.024:21960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4645 comm="syz.9.29374" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746d579 code=0x7ffc0000 [ 1021.979430][ T40] audit: type=1326 audit(1732.024:21961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4645 comm="syz.9.29374" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746d579 code=0x7ffc0000 [ 1021.989362][ T40] audit: type=1326 audit(1732.024:21962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4645 comm="syz.9.29374" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf746d579 code=0x7ffc0000 [ 1021.998026][ T40] audit: type=1326 audit(1732.033:21963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4645 comm="syz.9.29374" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746d579 code=0x7ffc0000 [ 1022.007067][ T40] audit: type=1326 audit(1732.033:21964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4645 comm="syz.9.29374" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746d579 code=0x7ffc0000 [ 1022.016533][ T40] audit: type=1326 audit(1732.033:21965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4645 comm="syz.9.29374" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf746d579 code=0x7ffc0000 [ 1022.025375][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1022.188060][ T40] audit: type=1326 audit(1732.230:21966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4645 comm="syz.9.29374" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746d579 code=0x7ffc0000 [ 1022.196961][ T40] audit: type=1326 audit(1732.230:21967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4645 comm="syz.9.29374" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746d579 code=0x7ffc0000 [ 1022.464179][ T4662] lo speed is unknown, defaulting to 1000 [ 1022.514148][ T4666] netlink: 'syz.6.29381': attribute type 16 has an invalid length. [ 1022.517548][ T4666] netlink: 'syz.6.29381': attribute type 17 has an invalid length. [ 1022.531833][ T4666] lo: left promiscuous mode [ 1022.542186][ T4666] sit0: left promiscuous mode [ 1022.612958][ T4666] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 1022.626646][ T13] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 1022.737407][T10620] usb 11-1: USB disconnect, device number 31 [ 1022.829132][ T4685] netlink: 'syz.6.29391': attribute type 83 has an invalid length. [ 1023.568094][ T4724] netlink: 20 bytes leftover after parsing attributes in process `syz.3.29408'. [ 1023.711299][ T4736] netlink: 240 bytes leftover after parsing attributes in process `syz.6.29411'. [ 1023.998917][ T4757] lo speed is unknown, defaulting to 1000 [ 1024.172050][ T4774] kAFS: unable to lookup cell '(,cL' [ 1024.176276][ T4774] kAFS: unable to lookup cell '(,cL' [ 1024.200169][ T4772] 9pnet: p9_errstr2errno: server reported unknown error  [ 1024.440806][ T4790] Invalid argument reading file caps for ./file0 [ 1024.504225][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1024.627714][ T4808] sctp: [Deprecated]: syz.1.29445 (pid 4808) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1024.627714][ T4808] Use struct sctp_sack_info instead [ 1024.638941][ T4808] sctp: [Deprecated]: syz.1.29445 (pid 4808) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1024.638941][ T4808] Use struct sctp_sack_info instead [ 1024.675700][T12725] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1024.766399][ T4819] syzkaller1: entered promiscuous mode [ 1024.769093][ T4819] syzkaller1: entered allmulticast mode [ 1025.469368][T10620] kernel write not supported for file bpf-prog (pid: 10620 comm: kworker/2:3) [ 1025.540807][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1025.545836][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1025.550023][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1025.651911][ T4849] lo speed is unknown, defaulting to 1000 [ 1025.699261][ T4852] netlink: 'syz.3.29461': attribute type 16 has an invalid length. [ 1025.703077][ T4852] netlink: 'syz.3.29461': attribute type 17 has an invalid length. [ 1025.980026][ T4852] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 1027.177053][ T4898] bridge_slave_0: left allmulticast mode [ 1027.179447][ T4898] bridge_slave_0: left promiscuous mode [ 1027.182113][ T4898] bridge0: port 1(bridge_slave_0) entered disabled state [ 1027.274077][ T4898] bridge_slave_1: left allmulticast mode [ 1027.276839][ T4898] bridge_slave_1: left promiscuous mode [ 1027.279501][ T4898] bridge0: port 2(bridge_slave_1) entered disabled state [ 1027.379367][ T4898] bond0: (slave bond_slave_0): Releasing backup interface [ 1027.432873][ T4898] bond_slave_0: left promiscuous mode [ 1027.435442][ T4898] bond_slave_0: left allmulticast mode [ 1027.509823][ T4898] bond0: (slave bond_slave_1): Releasing backup interface [ 1027.551584][ T4898] bond_slave_1: left promiscuous mode [ 1027.553672][ T4898] bond_slave_1: left allmulticast mode [ 1027.595756][ T4898] team0: Port device team_slave_0 removed [ 1027.680391][ T4898] team0: Port device team_slave_1 removed [ 1027.683241][ T4898] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1027.687061][ T4898] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1027.722483][ T4898] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1027.726548][ T4898] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1027.766873][ T4898] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 1028.034030][ T4929] lo speed is unknown, defaulting to 1000 [ 1028.100015][ T4929] netlink: 'syz.9.29494': attribute type 16 has an invalid length. [ 1028.102724][ T4929] netlink: 'syz.9.29494': attribute type 17 has an invalid length. [ 1028.109361][ T4929] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 1028.176257][ C3] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1028.492955][ T4955] lo speed is unknown, defaulting to 1000 [ 1028.543167][ T4957] PF_CAN: dropped non conform CAN XL skbuff: dev type 65534, len 40 [ 1029.024996][ T4970] lo speed is unknown, defaulting to 1000 [ 1029.211179][ T4980] netlink: 16 bytes leftover after parsing attributes in process `syz.1.29515'. [ 1029.282809][ T4982] netlink: 212368 bytes leftover after parsing attributes in process `syz.1.29516'. [ 1029.445453][ T4988] netlink: 212348 bytes leftover after parsing attributes in process `syz.6.29518'. [ 1029.898689][ T5020] sock: sock_set_timeout: `syz.6.29533' (pid 5020) tries to set negative timeout [ 1031.819491][ T5093] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 1032.127471][ T5101] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1032.424093][ T5101] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1032.502171][ T5129] netlink: 64 bytes leftover after parsing attributes in process `syz.9.29582'. [ 1032.703346][ T5101] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1033.208402][ T5101] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1033.328922][ T5149] netlink: 56 bytes leftover after parsing attributes in process `syz.9.29591'. [ 1033.424559][ T13] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1033.437726][ T1178] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1033.455687][ T1178] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1033.476626][ T1178] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1033.753424][ T6064] Bluetooth: hci1: command 0x0405 tx timeout [ 1034.849274][ T5237] netlink: 4 bytes leftover after parsing attributes in process `syz.3.29631'. [ 1034.933235][T12725] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1035.192346][T10620] kernel read not supported for file /video7 (pid: 10620 comm: kworker/2:3) [ 1035.282298][ T5262] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1035.291195][ T5262] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1035.294183][ T5262] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1035.298206][ T5262] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1035.301182][ T5262] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1035.304737][ T5262] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1035.308279][ T5262] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1035.311067][ T5262] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1035.532169][ T5271] sctp: [Deprecated]: syz.6.29645 (pid 5271) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1035.532169][ T5271] Use struct sctp_sack_info instead [ 1035.764621][ T5283] netlink: 212368 bytes leftover after parsing attributes in process `syz.3.29650'. [ 1037.033001][ T5335] netlink: 20 bytes leftover after parsing attributes in process `syz.1.29669'. [ 1037.232222][ T5343] pimreg: left allmulticast mode [ 1037.234394][ T5343] dvmrp9: left allmulticast mode [ 1037.351345][ T46] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 1037.711229][T23115] block nbd3: Possible stuck request ffff888026c70000: control (read@0,1024B). Runtime 120 seconds [ 1037.715850][T23115] block nbd3: Possible stuck request ffff888026c70200: control (read@1024,1024B). Runtime 120 seconds [ 1037.720614][T23115] block nbd3: Possible stuck request ffff888026c70400: control (read@2048,1024B). Runtime 120 seconds [ 1037.727250][T23115] block nbd3: Possible stuck request ffff888026c70600: control (read@3072,1024B). Runtime 120 seconds [ 1038.074965][ T5369] batadv_slave_0: entered promiscuous mode [ 1038.117820][ T5369] batadv_slave_0: left promiscuous mode [ 1038.291562][ T5379] netlink: 'syz.9.29687': attribute type 1 has an invalid length. [ 1038.294960][ T5379] netlink: 'syz.9.29687': attribute type 2 has an invalid length. [ 1038.299085][ T5379] netlink: 'syz.9.29687': attribute type 1 has an invalid length. [ 1038.302721][ T5379] netlink: 16 bytes leftover after parsing attributes in process `syz.9.29687'. [ 1038.572376][ T5383] netdevsim netdevsim9 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1038.576527][ T5383] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1038.880451][ T5383] netdevsim netdevsim9 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1038.884790][ T5383] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1039.146257][ T5383] netdevsim netdevsim9 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1039.150730][ T5383] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1039.404167][ T5383] netdevsim netdevsim9 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1039.409024][ T5383] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1039.741443][ T1178] netdevsim netdevsim9 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 1039.744355][ T1178] netdevsim netdevsim9 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1039.776996][ T183] netdevsim netdevsim9 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 1039.779764][ T183] netdevsim netdevsim9 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1039.795670][ T46] netdevsim netdevsim9 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 1039.799958][ T46] netdevsim netdevsim9 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1039.811241][ T46] netdevsim netdevsim9 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 1039.814151][ T46] netdevsim netdevsim9 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1040.205290][ T5455] veth0_macvtap: Caught tx_queue_len zero misconfig [ 1041.036361][ T40] audit: type=1326 audit(1749.871:21968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5451 comm="syz.3.29719" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff5579 code=0x7fc00000 [ 1041.121908][ T5474] syzkaller1: entered promiscuous mode [ 1041.124206][ T5474] syzkaller1: entered allmulticast mode [ 1041.383892][ T5483] netlink: 40 bytes leftover after parsing attributes in process `syz.3.29732'. [ 1041.493766][ T5483] netlink: 32 bytes leftover after parsing attributes in process `syz.3.29732'. [ 1042.613602][ T5539] netlink: 4 bytes leftover after parsing attributes in process `syz.1.29758'. [ 1042.620783][ T5539] netlink: 104 bytes leftover after parsing attributes in process `syz.1.29758'. [ 1042.624783][ T5539] netlink: 104 bytes leftover after parsing attributes in process `syz.1.29758'. [ 1043.036261][ T5559] netlink: 'syz.1.29768': attribute type 4 has an invalid length. [ 1044.437588][ T5617] fuse: Bad value for 'fd' [ 1044.722025][ T5631] syzkaller1: entered promiscuous mode [ 1044.723875][ T5631] syzkaller1: entered allmulticast mode [ 1044.798217][ T5638] netlink: 'syz.1.29802': attribute type 1 has an invalid length. [ 1044.801635][ T5638] netlink: 'syz.1.29802': attribute type 6 has an invalid length. [ 1044.805014][ T5638] netlink: 52 bytes leftover after parsing attributes in process `syz.1.29802'. [ 1045.142881][ T5641] erspan0: entered promiscuous mode [ 1045.201582][T12724] net_ratelimit: 179 callbacks suppressed [ 1045.201599][T12724] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1045.295049][ T5662] netlink: 4 bytes leftover after parsing attributes in process `syz.9.29810'. [ 1045.418499][ T5669] netlink: 212368 bytes leftover after parsing attributes in process `syz.1.29813'. [ 1045.671325][ T5694] netlink: 8 bytes leftover after parsing attributes in process `syz.1.29825'. [ 1045.674289][ T5694] netlink: 'syz.1.29825': attribute type 21 has an invalid length. [ 1045.776857][ T5705] syzkaller1: entered promiscuous mode [ 1045.778770][ T5705] syzkaller1: entered allmulticast mode [ 1045.965983][ T5716] netlink: 4 bytes leftover after parsing attributes in process `syz.9.29836'. [ 1046.496284][ T40] audit: type=1326 audit(1754.981:21969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5728 comm="syz.9.29842" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf746d579 code=0x0 [ 1046.623028][ T5746] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1046.727278][ T5752] 9p: Bad value for 'rfdno' [ 1047.365675][ T40] audit: type=1326 audit(1755.796:21970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5788 comm="syz.1.29865" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93579 code=0x7ffc0000 [ 1047.381592][ T40] audit: type=1326 audit(1755.796:21971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5788 comm="syz.1.29865" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93579 code=0x7ffc0000 [ 1047.390554][ T40] audit: type=1326 audit(1755.796:21972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5788 comm="syz.1.29865" exe="/syz-executor" sig=0 arch=40000003 syscall=425 compat=1 ip=0xf7f93579 code=0x7ffc0000 [ 1047.399145][ T40] audit: type=1326 audit(1755.796:21973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5788 comm="syz.1.29865" exe="/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf7f93579 code=0x7ffc0000 [ 1047.407935][ T40] audit: type=1326 audit(1755.796:21974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5788 comm="syz.1.29865" exe="/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf7f93579 code=0x7ffc0000 [ 1047.415386][ T40] audit: type=1326 audit(1755.805:21975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5788 comm="syz.1.29865" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93579 code=0x7ffc0000 [ 1047.422671][ T40] audit: type=1326 audit(1755.805:21976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5788 comm="syz.1.29865" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93579 code=0x7ffc0000 [ 1047.440662][ T40] audit: type=1326 audit(1755.805:21977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5788 comm="syz.1.29865" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93579 code=0x7ffc0000 [ 1047.447533][ T40] audit: type=1326 audit(1755.805:21978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5788 comm="syz.1.29865" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93579 code=0x7ffc0000 [ 1048.397248][ T5822] netlink: 4 bytes leftover after parsing attributes in process `syz.1.29880'. [ 1048.654224][ T5831] vivid-002: disconnect [ 1048.662860][ T5828] vivid-002: reconnect [ 1048.678076][ T5834] lo speed is unknown, defaulting to 1000 [ 1048.846346][ T5851] dvmrp0: entered allmulticast mode [ 1050.291279][ T5937] dvmrp0: entered allmulticast mode [ 1050.428478][ T5949] veth0_to_bridge: entered promiscuous mode [ 1050.432772][ T5948] veth0_to_bridge: left promiscuous mode [ 1050.866225][ T5976] lo speed is unknown, defaulting to 1000 [ 1051.274583][ T5989] netlink: 4 bytes leftover after parsing attributes in process `syz.1.29948'. [ 1051.501170][ T6000] lo speed is unknown, defaulting to 1000 [ 1051.947251][ T6024] 9p: Bad value for 'rfdno' [ 1052.134699][ T6034] netlink: 'syz.3.29965': attribute type 10 has an invalid length. [ 1052.149783][ T6034] bridge0: port 2(bridge_slave_1) entered disabled state [ 1052.153927][ T6034] bridge_slave_1: left allmulticast mode [ 1052.158980][ T6034] bridge_slave_1: left promiscuous mode [ 1052.161889][ T6034] bridge0: port 2(bridge_slave_1) entered disabled state [ 1052.257617][ T6034] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link [ 1052.263038][ T6036] netlink: 8 bytes leftover after parsing attributes in process `syz.1.29966'. [ 1054.122098][ T6103] netlink: 4 bytes leftover after parsing attributes in process `syz.9.29992'. [ 1054.959213][ T6154] macvlan3: entered promiscuous mode [ 1055.001432][ T6154] macvlan4: entered promiscuous mode [ 1055.216787][ T6172] netlink: 4 bytes leftover after parsing attributes in process `syz.1.30018'. [ 1055.317464][ T6182] netlink: 68 bytes leftover after parsing attributes in process `syz.9.30024'. [ 1055.441656][ T6190] macvlan2: entered promiscuous mode [ 1055.449706][T12724] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1055.525262][ T6197] macvlan3: entered promiscuous mode [ 1055.587611][ T6202] veth0_to_bridge: entered promiscuous mode [ 1055.592242][ T6201] veth0_to_bridge: left promiscuous mode [ 1055.969989][ T6230] input: syz0 as /devices/virtual/input/input104 [ 1056.023461][ T6236] debugfs: 'hsr1' already exists in 'hsr' [ 1056.028004][ T6236] Cannot create hsr debugfs directory [ 1056.030471][ T6236] hsr1: Slave B (bond0) is not up; please bring it up to get a fully working HSR network [ 1056.034146][ T6236] hsr1: entered allmulticast mode [ 1056.157728][ T6247] netlink: 8 bytes leftover after parsing attributes in process `syz.1.30049'. [ 1056.482873][ T6267] bond0: Caught tx_queue_len zero misconfig [ 1056.733127][ T6283] netlink: 4 bytes leftover after parsing attributes in process `syz.3.30064'. [ 1056.829596][T20310] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 1056.993314][ T6299] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 1057.362315][ T6312] netlink: 4 bytes leftover after parsing attributes in process `syz.3.30083'. [ 1057.452115][ T40] kauditd_printk_skb: 949 callbacks suppressed [ 1057.452127][ T40] audit: type=1326 audit(1765.229:22928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6320 comm="syz.3.30078" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff5579 code=0x7ffc0000 [ 1057.464193][ T40] audit: type=1326 audit(1765.229:22929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6320 comm="syz.3.30078" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff5579 code=0x7ffc0000 [ 1057.473094][ T40] audit: type=1326 audit(1765.248:22930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6320 comm="syz.3.30078" exe="/syz-executor" sig=0 arch=40000003 syscall=374 compat=1 ip=0xf7ff5579 code=0x7ffc0000 [ 1057.484568][ T40] audit: type=1326 audit(1765.248:22931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6320 comm="syz.3.30078" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff5579 code=0x7ffc0000 [ 1057.520897][ T40] audit: type=1326 audit(1765.248:22932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6320 comm="syz.3.30078" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff5579 code=0x7ffc0000 [ 1057.528048][ T40] audit: type=1326 audit(1765.248:22933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6320 comm="syz.3.30078" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7ff5579 code=0x7ffc0000 [ 1057.538754][ T40] audit: type=1326 audit(1765.248:22934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6320 comm="syz.3.30078" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff5579 code=0x7ffc0000 [ 1057.546658][ T40] audit: type=1326 audit(1765.248:22935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6320 comm="syz.3.30078" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff5579 code=0x7ffc0000 [ 1057.554906][ T40] audit: type=1326 audit(1765.258:22936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6320 comm="syz.3.30078" exe="/syz-executor" sig=0 arch=40000003 syscall=125 compat=1 ip=0xf7ff5579 code=0x7ffc0000 [ 1057.561794][ T40] audit: type=1326 audit(1765.258:22937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6320 comm="syz.3.30078" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff5579 code=0x7ffc0000 [ 1058.144627][ T6364] input: syz1 as /devices/virtual/input/input105 [ 1058.235959][ T6372] netlink: 212368 bytes leftover after parsing attributes in process `syz.1.30104'. [ 1058.445729][T12748] kernel write not supported for file [eventfd] (pid: 12748 comm: kworker/1:4) [ 1058.588735][ T6396] tunl0: Caught tx_queue_len zero misconfig [ 1059.437668][ T6429] netlink: 8 bytes leftover after parsing attributes in process `syz.6.30129'. [ 1059.618037][ T6431] netlink: 84 bytes leftover after parsing attributes in process `syz.9.30130'. [ 1059.622290][ T6432] netlink: 84 bytes leftover after parsing attributes in process `syz.9.30130'. [ 1059.924483][T10620] usb 11-1: new high-speed USB device number 32 using dummy_hcd [ 1059.945998][T12748] usb 14-1: new high-speed USB device number 12 using dummy_hcd [ 1060.086357][T10620] usb 11-1: config 0 has no interfaces? [ 1060.089978][T10620] usb 11-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 1060.094157][T10620] usb 11-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 1060.097986][T10620] usb 11-1: Product: syz [ 1060.099883][T10620] usb 11-1: Manufacturer: syz [ 1060.106510][T12748] usb 14-1: Using ep0 maxpacket: 32 [ 1060.110325][T12748] usb 14-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1060.114419][T10620] usb 11-1: config 0 descriptor?? [ 1060.115551][T12748] usb 14-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1060.121323][T12748] usb 14-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 1060.126991][T12748] usb 14-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00 [ 1060.130961][T12748] usb 14-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1060.136807][T12748] usb 14-1: config 0 descriptor?? [ 1060.293955][ T6448] ------------[ cut here ]------------ [ 1060.297729][ T6448] !chanctx_conf [ 1060.297741][ T6448] WARNING: net/mac80211/rate.c:53 at rate_control_rate_init+0x5c5/0x730, CPU#0: syz.3.30137/6448 [ 1060.303489][ T6448] Modules linked in: [ 1060.306768][ T6448] CPU: 0 UID: 0 PID: 6448 Comm: syz.3.30137 Tainted: G L syzkaller #0 PREEMPT(full) [ 1060.311917][ T6448] Tainted: [L]=SOFTLOCKUP [ 1060.313785][ T6448] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 1060.317683][ T6448] RIP: 0010:rate_control_rate_init+0x5c5/0x730 [ 1060.319950][ T6448] Code: 48 8d 35 00 00 00 00 e8 99 b3 f6 f6 e8 14 2d 00 f7 e9 20 fe ff ff e8 7a 76 1a f7 90 0f 0b 90 e9 12 fe ff ff e8 6c 76 1a f7 90 <0f> 0b 90 eb b1 e8 61 76 1a f7 e8 dc 33 ff f6 31 ff 89 c3 89 c6 e8 [ 1060.326395][ T6448] RSP: 0018:ffffc900031d71f0 EFLAGS: 00010287 [ 1060.329575][ T6448] RAX: 000000000000070f RBX: ffff88807439c000 RCX: ffffc9002f900000 [ 1060.333386][ T6448] RDX: 0000000000080000 RSI: ffffffff8aebd7f4 RDI: ffff88802b198000 [ 1060.336888][ T6448] RBP: 0000000000000001 R08: 0000000000000005 R09: 0000000000000000 [ 1060.340870][ T6448] R10: 0000000000000001 R11: 0000000000000000 R12: ffff88805c0ecb20 [ 1060.345073][ T6448] R13: ffff88805e130e80 R14: ffff88806e1f4000 R15: 0000000000000000 [ 1060.348556][ T6448] FS: 0000000000000000(0000) GS:ffff8880973e2000(0063) knlGS:00000000f54b6b40 [ 1060.352534][ T6448] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 1060.354825][ T6448] CR2: 00000000f7435e94 CR3: 0000000066f76000 CR4: 0000000000352ef0 [ 1060.357431][ T6448] Call Trace: [ 1060.358594][ T6448] [ 1060.359707][ T6448] rate_control_rate_init_all_links+0x76/0x1f0 [ 1060.361789][ T6448] sta_apply_auth_flags.isra.0+0x4aa/0x500 [ 1060.363857][ T6448] sta_apply_parameters+0xcb3/0x1950 [ 1060.365625][ T6448] ieee80211_add_station+0x3fe/0x6d0 [ 1060.368211][ T6448] nl80211_new_station+0x1357/0x1c30 [ 1060.371097][ T6448] ? __pfx_nl80211_new_station+0x10/0x10 [ 1060.373523][ T6448] ? nl80211_pre_doit+0x19a/0xae0 [ 1060.375495][ T6448] genl_family_rcv_msg_doit+0x214/0x300 [ 1060.377930][ T6448] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1060.380607][ T6448] ? genl_get_cmd+0x3ef/0x720 [ 1060.382678][ T6448] ? bpf_lsm_capable+0x9/0x10 [ 1060.384837][ T6448] ? security_capable+0x80/0x260 [ 1060.386935][ T6448] ? ns_capable+0xd2/0xf0 [ 1060.388762][ T6448] genl_rcv_msg+0x560/0x800 [ 1060.390702][ T6448] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1060.392935][ T6448] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 1060.395117][ T6448] ? __pfx_nl80211_new_station+0x10/0x10 [ 1060.396981][ T6448] ? __pfx_nl80211_post_doit+0x10/0x10 [ 1060.397989][T12725] usb 11-1: USB disconnect, device number 32 [ 1060.398897][ T6448] netlink_rcv_skb+0x159/0x420 [ 1060.403718][ T6448] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1060.406746][ T6448] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1060.409071][ T6448] ? netlink_deliver_tap+0x1ae/0xcc0 [ 1060.411407][ T6448] genl_rcv+0x28/0x40 [ 1060.413144][ T6448] netlink_unicast+0x5aa/0x870 [ 1060.415231][ T6448] ? __pfx_netlink_unicast+0x10/0x10 [ 1060.417755][ T6448] netlink_sendmsg+0x8b0/0xda0 [ 1060.419844][ T6448] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1060.422219][ T6448] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 1060.424685][ T6448] ____sys_sendmsg+0xa54/0xc30 [ 1060.426864][ T6448] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1060.429302][ T6448] ? __pfx_futex_wake_mark+0x10/0x10 [ 1060.431205][ T6448] ___sys_sendmsg+0x190/0x1e0 [ 1060.432745][ T6448] ? __pfx____sys_sendmsg+0x10/0x10 [ 1060.434644][ T6448] __sys_sendmsg+0x170/0x220 [ 1060.436172][ T6448] ? __pfx___sys_sendmsg+0x10/0x10 [ 1060.439467][ T6448] ? __ia32_sys_futex_time32+0x2f4/0x470 [ 1060.442131][ T6448] __do_fast_syscall_32+0xde/0x660 [ 1060.444374][ T6448] do_fast_syscall_32+0x32/0x70 [ 1060.446445][ T6448] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1060.449593][ T6448] RIP: 0023:0xf7ff5579 [ 1060.451351][ T6448] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 [ 1060.460006][ T6448] RSP: 002b:00000000f54b650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 1060.463691][ T6448] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080001080 [ 1060.467077][ T6448] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1060.470546][ T6448] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1060.473221][ T6448] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 1060.475906][ T6448] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1060.479892][ T6448] [ 1060.481604][ T6448] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 1060.485664][ T6448] CPU: 0 UID: 0 PID: 6448 Comm: syz.3.30137 Tainted: G L syzkaller #0 PREEMPT(full) [ 1060.490548][ T6448] Tainted: [L]=SOFTLOCKUP [ 1060.492407][ T6448] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 1060.496685][ T6448] Call Trace: [ 1060.498127][ T6448] [ 1060.499416][ T6448] dump_stack_lvl+0x100/0x190 [ 1060.501434][ T6448] vpanic+0x20d/0x630 [ 1060.503225][ T6448] panic+0xd1/0xd1 [ 1060.504891][ T6448] ? __pfx_panic+0x10/0x10 [ 1060.506842][ T6448] check_panic_on_warn.cold+0x19/0x34 [ 1060.509196][ T6448] ? rate_control_rate_init+0x5c5/0x730 [ 1060.511488][ T6448] __warn.cold+0x191/0x2f8 [ 1060.513424][ T6448] __report_bug+0x296/0x3d0 [ 1060.515473][ T6448] ? rate_control_rate_init+0x5c5/0x730 [ 1060.517780][ T6448] ? __pfx___report_bug+0x10/0x10 [ 1060.520104][ T6448] ? netlink_rcv_skb+0x159/0x420 [ 1060.522233][ T6448] ? genl_rcv+0x28/0x40 [ 1060.524057][ T6448] ? netlink_unicast+0x5aa/0x870 [ 1060.526270][ T6448] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1060.529019][ T6448] ? __sys_sendmsg+0x170/0x220 [ 1060.531094][ T6448] ? do_fast_syscall_32+0x32/0x70 [ 1060.533334][ T6448] ? rate_control_rate_init+0x5c5/0x730 [ 1060.535734][ T6448] report_bug+0xb2/0x220 [ 1060.537555][ T6448] ? rate_control_rate_init+0x5c5/0x730 [ 1060.539792][ T6448] handle_bug+0x166/0x2a0 [ 1060.541640][ T6448] exc_invalid_op+0x17/0x50 [ 1060.543589][ T6448] asm_exc_invalid_op+0x1a/0x20 [ 1060.545819][ T6448] RIP: 0010:rate_control_rate_init+0x5c5/0x730 [ 1060.548572][ T6448] Code: 48 8d 35 00 00 00 00 e8 99 b3 f6 f6 e8 14 2d 00 f7 e9 20 fe ff ff e8 7a 76 1a f7 90 0f 0b 90 e9 12 fe ff ff e8 6c 76 1a f7 90 <0f> 0b 90 eb b1 e8 61 76 1a f7 e8 dc 33 ff f6 31 ff 89 c3 89 c6 e8 [ 1060.557121][ T6448] RSP: 0018:ffffc900031d71f0 EFLAGS: 00010287 [ 1060.559726][ T6448] RAX: 000000000000070f RBX: ffff88807439c000 RCX: ffffc9002f900000 [ 1060.563041][ T6448] RDX: 0000000000080000 RSI: ffffffff8aebd7f4 RDI: ffff88802b198000 [ 1060.566459][ T6448] RBP: 0000000000000001 R08: 0000000000000005 R09: 0000000000000000 [ 1060.569825][ T6448] R10: 0000000000000001 R11: 0000000000000000 R12: ffff88805c0ecb20 [ 1060.572976][ T6448] R13: ffff88805e130e80 R14: ffff88806e1f4000 R15: 0000000000000000 [ 1060.575991][ T6448] ? rate_control_rate_init+0x5c4/0x730 [ 1060.578559][ T6448] rate_control_rate_init_all_links+0x76/0x1f0 [ 1060.581467][ T6448] sta_apply_auth_flags.isra.0+0x4aa/0x500 [ 1060.583996][ T6448] sta_apply_parameters+0xcb3/0x1950 [ 1060.586324][ T6448] ieee80211_add_station+0x3fe/0x6d0 [ 1060.588590][ T6448] nl80211_new_station+0x1357/0x1c30 [ 1060.590785][ T6448] ? __pfx_nl80211_new_station+0x10/0x10 [ 1060.593202][ T6448] ? nl80211_pre_doit+0x19a/0xae0 [ 1060.595364][ T6448] genl_family_rcv_msg_doit+0x214/0x300 [ 1060.598037][ T6448] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1060.600639][ T6448] ? genl_get_cmd+0x3ef/0x720 [ 1060.602657][ T6448] ? bpf_lsm_capable+0x9/0x10 [ 1060.604269][ T6448] ? security_capable+0x80/0x260 [ 1060.606380][ T6448] ? ns_capable+0xd2/0xf0 [ 1060.608114][ T6448] genl_rcv_msg+0x560/0x800 [ 1060.610027][ T6448] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1060.612153][ T6448] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 1060.614436][ T6448] ? __pfx_nl80211_new_station+0x10/0x10 [ 1060.616838][ T6448] ? __pfx_nl80211_post_doit+0x10/0x10 [ 1060.619163][ T6448] netlink_rcv_skb+0x159/0x420 [ 1060.621098][ T6448] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1060.622965][ T6448] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1060.625151][ T6448] ? netlink_deliver_tap+0x1ae/0xcc0 [ 1060.627241][ T6448] genl_rcv+0x28/0x40 [ 1060.628624][ T6448] netlink_unicast+0x5aa/0x870 [ 1060.630162][ T6448] ? __pfx_netlink_unicast+0x10/0x10 [ 1060.632366][ T6448] netlink_sendmsg+0x8b0/0xda0 [ 1060.634315][ T6448] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1060.636651][ T6448] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 1060.639094][ T6448] ____sys_sendmsg+0xa54/0xc30 [ 1060.641229][ T6448] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1060.643511][ T6448] ? __pfx_futex_wake_mark+0x10/0x10 [ 1060.645826][ T6448] ___sys_sendmsg+0x190/0x1e0 [ 1060.647888][ T6448] ? __pfx____sys_sendmsg+0x10/0x10 [ 1060.650315][ T6448] __sys_sendmsg+0x170/0x220 [ 1060.652526][ T6448] ? __pfx___sys_sendmsg+0x10/0x10 [ 1060.654857][ T6448] ? __ia32_sys_futex_time32+0x2f4/0x470 [ 1060.657388][ T6448] __do_fast_syscall_32+0xde/0x660 [ 1060.659542][ T6448] do_fast_syscall_32+0x32/0x70 [ 1060.661679][ T6448] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1060.664433][ T6448] RIP: 0023:0xf7ff5579 [ 1060.666163][ T6448] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 [ 1060.674210][ T6448] RSP: 002b:00000000f54b650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 1060.677918][ T6448] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080001080 [ 1060.681347][ T6448] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1060.684604][ T6448] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1060.687845][ T6448] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 1060.691003][ T6448] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1060.693918][ T6448] [ 1060.696653][ T6448] Kernel Offset: disabled [ 1060.698007][ T6448] Rebooting in 86400 seconds..