last executing test programs: 17.322895529s ago: executing program 3 (id=1648): openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000002c0), 0x13f}}, 0x20) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0xa002, 0x0) syz_open_dev$vim2m(&(0x7f0000000280), 0x0, 0x2) write$6lowpan_enable(0xffffffffffffffff, &(0x7f0000000000)='0', 0xfffffd2c) pselect6(0x40, &(0x7f0000000600)={0x11, 0xff7ffffffffffffd, 0x2, 0xffffffffffffffff, 0xfffffffffffffffe, 0x9, 0x2, 0x8}, 0x0, &(0x7f0000000400)={0x7fc, 0x2, 0x800000, 0x0, 0x0, 0xc3ad, 0x0, 0xc2c5}, 0x0, 0x0) pselect6(0x40, &(0x7f0000000600)={0x6, 0x0, 0x0, 0x40, 0x2, 0x5e51, 0x0, 0x7}, 0x0, &(0x7f0000000680)={0x7ff, 0x7, 0x9, 0x7, 0x4, 0x0, 0x5, 0x5}, 0x0, 0x0) syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2) syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000052e8e510b1134200c4dc0102030109021b00010000000009044400012eafb200"], 0x0) close_range(r1, 0xffffffffffffffff, 0x0) r2 = msgget$private(0x0, 0x0) msgsnd(r2, 0x0, 0x0, 0x0) msgsnd(r2, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x8, 0x800) 13.564846339s ago: executing program 3 (id=1657): prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) r3 = socket$inet_smc(0x2b, 0x1, 0x0) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x4f0, 0x340, 0x25, 0x148, 0x0, 0x60, 0x458, 0x2a8, 0x2a8, 0x458, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x44, 0x0, 0x9, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@broadcast, @multicast1, 0x0, 0x0, 'veth1_to_bond\x00', 'veth0\x00', {0xff}}, 0x0, 0xd0, 0x118, 0x0, {}, [@common=@unspec=@cgroup0={{0x28}, {0x4}}, @common=@unspec=@statistic={{0x38}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x8000, 'syz0\x00', {0x481c}}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x550) 10.549400201s ago: executing program 4 (id=1665): sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x488c0}, 0xc000) socket$inet6_sctp(0xa, 0x1, 0x84) socket$nl_route(0x10, 0x3, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1) ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x2c, &(0x7f00000006c0)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r4 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f0000000140)='cdg\x00', 0x4) sendto$inet(r4, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x11) recvfrom$inet(r4, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x700, 0x0, 0xfffffffffffffd25) 10.519046259s ago: executing program 1 (id=1666): syz_open_dev$video4linux(0x0, 0x3fe, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = syz_open_dev$media(&(0x7f0000000080), 0x34, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x94) bind$tipc(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) ioctl$MEDIA_IOC_REQUEST_ALLOC(r1, 0x80047c05, &(0x7f00000002c0)) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$MEDIA_IOC_REQUEST_ALLOC(r1, 0x80047c05, &(0x7f0000000100)=0xffffffffffffffff) ioctl$MEDIA_REQUEST_IOC_QUEUE(r5, 0x7c80, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x15) 9.451855944s ago: executing program 1 (id=1668): syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[], 0x48) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) socket$netlink(0x10, 0x3, 0x4) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, 0x0, &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') open(&(0x7f0000000000)='.\x00', 0x0, 0x0) r4 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$SNDCTL_SEQ_OUTOFBAND(r4, 0x40085112, 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mkdirat(0xffffffffffffff9c, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018110000", @ANYRES32=r0, @ANYBLOB], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f0000000140)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="002208000000a20100c3"], 0x0}, 0x0) 9.449466226s ago: executing program 2 (id=1669): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = userfaultfd(0x80001) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, 0x0) madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19) r2 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f0000000340)={&(0x7f0000000000)=""/59, 0x304000, 0x800, 0x0, 0x3}, 0x20) ioctl$UFFDIO_COPY(r1, 0xc028aa05, &(0x7f0000000100)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000013000/0x4000)=nil, 0x3000, 0x3}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, 0x0}], 0x1, 0x42, 0x0, 0x0) 8.189861329s ago: executing program 2 (id=1672): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'}) r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, 0x0, 0x0) ioctl$sock_netdev_private(r1, 0x8914, &(0x7f0000000000)) r2 = syz_init_net_socket$rose(0xb, 0x5, 0x0) ioctl$sock_rose_SIOCADDRT(r2, 0x890b, &(0x7f0000000380)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0x6, @null, @bpq0, 0x0, [@bcast, @bcast, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}) r3 = syz_init_net_socket$rose(0xb, 0x5, 0x0) connect$rose(r3, &(0x7f0000000040)=@short={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x1, @default}, 0x1c) connect$rose(r3, &(0x7f0000000100)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x0, [@null, @null, @null, @default, @bcast, @default]}, 0x40) 7.610000494s ago: executing program 1 (id=1673): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) mkdir(&(0x7f0000000040)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x40000f63c) write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, 0x0, 0x0) mount$overlay(0x0, 0x0, &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@xino_on}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000200180000000000000000000850000007b000000"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x93, &(0x7f00000003c0)=""/147}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) ioctl$USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0105500, &(0x7f0000000000)={0x80, 0x10, 0x2, 0x0, 0x56, 0x101, 0x0}) chdir(&(0x7f00000003c0)='./bus\x00') r4 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents(r4, &(0x7f0000001fc0)=""/184, 0x20002078) 7.599887546s ago: executing program 3 (id=1674): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) setsockopt(0xffffffffffffffff, 0x84, 0x81, &(0x7f0000000280)="1a000000020000", 0x7) recvmmsg(r0, &(0x7f00000086c0)=[{{0x0, 0x0, 0x0}, 0x9}, {{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000840)=""/163, 0xa3}, {&(0x7f0000001c40)=""/4074, 0xfea}, {&(0x7f0000000980)=""/202, 0xca}], 0x3}, 0x6}, {{0x0, 0x0, 0x0}, 0x1}, {{0x0, 0x0, &(0x7f0000000d40)=[{&(0x7f0000000340)=""/242, 0xf2}, {&(0x7f0000000540)=""/89, 0x59}, {0x0}, {0x0}, {0x0}, {&(0x7f0000000c40)=""/199, 0xc7}], 0x6}}, {{0x0, 0x0, 0x0}, 0x27}], 0x5, 0x20, 0x0) 7.419427333s ago: executing program 0 (id=1675): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008"], 0x64}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x98}, 0x1, 0x0, 0x0, 0x24040854}, 0x40000) 6.449832785s ago: executing program 1 (id=1676): prctl$PR_SET_KEEPCAPS(0x8, 0x0) pipe(0x0) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeee, 0x8031, 0xffffffffffffffff, 0xd0fb1000) syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x2, r0, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r2 = epoll_create1(0x0) r3 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000100), 0x40, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0b00000007000000020001000900000001000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) timer_create(0x3, 0x0, &(0x7f0000044000)) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x14, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r5}, 0x10) timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00'}, 0x18) r6 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r6, 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000000)={0x90000001}) syz_open_dev$tty1(0xc, 0x4, 0x1) 6.447768307s ago: executing program 3 (id=1677): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000038c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da97e22f4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ad0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bff3b89c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10) setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0) syz_usb_connect$cdc_ncm(0x2, 0x6e, 0x0, 0x0) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40) r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0) r2 = eventfd(0xffffffff) socket$packet(0x11, 0xa, 0x300) r3 = socket(0x840000000002, 0x3, 0xfa) connect$inet(r3, &(0x7f0000000b00)={0x2, 0x0, @remote}, 0x10) sendmmsg$inet(r3, &(0x7f0000005240), 0x4000095, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r4}, 0x0, &(0x7f00000002c0)}, 0x20) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10) syz_emit_ethernet(0x6c, 0x0, 0x0) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r6}, 0x18) r7 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) fcntl$setlease(r7, 0x400, 0x0) r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) close_range(r8, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r2) ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x1, r2}) ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0}) ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74}) ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000680)) 6.309788473s ago: executing program 2 (id=1678): r0 = syz_create_resource$binfmt(&(0x7f00000000c0)='./file1\x00') socket$netlink(0x10, 0x3, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x22) rmdir(&(0x7f0000000140)='./cgroup/../file0\x00') openat$binfmt(0xffffffffffffff9c, r0, 0x42, 0x1ff) r4 = socket$inet6(0xa, 0x80002, 0x0) sendmmsg$inet(r4, &(0x7f0000002ec0)=[{{&(0x7f00000000c0)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x3c}}, 0x10, 0x0, 0x0, &(0x7f00000002c0)=[@ip_retopts={{0x10}}], 0x10}}], 0x1, 0x4000854) execveat$binfmt(0xffffffffffffff9c, r0, 0x0, 0x0, 0x0) 6.207184536s ago: executing program 0 (id=1679): ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) chdir(0x0) syz_usb_connect(0x0, 0x24, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x4, 0x80000001}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f0000000680)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@newlink={0x28, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x10290}, [@IFLA_GROUP={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x4008040) openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000005c0)=@newlink={0x34, 0x10, 0x403, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x74, 0x0, 0x800, 0x55007}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x900}, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r2, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c) sendto$inet6(r2, &(0x7f0000000240)=':', 0x1, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x8, @empty}, 0x1c) setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000000)='veno\x00', 0x5) writev(r2, 0x0, 0x0) shutdown(r2, 0x1) openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) clock_gettime(0x0, &(0x7f0000000380)) 4.887001299s ago: executing program 2 (id=1680): r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[], 0x180}}, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/syz1\x00', 0x200002, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000280)='f2fs_update_extent_tree_range\x00', r5}, 0x18) 4.659870508s ago: executing program 1 (id=1681): sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0xffffffffffffffb4, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x809d) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0) syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0) write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0) preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000499000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f320f300f20e06635800000000f22e02b6aa6c8", 0x4a}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004840}, 0x14) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000440)={&(0x7f0000000500)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa0, 0xa0, 0xa, [@restrict={0xc, 0x0, 0x0, 0xb, 0x3}, @float={0x10, 0x0, 0x0, 0x10, 0x2}, @union={0xd, 0x7, 0x0, 0x5, 0x1, 0x1, [{0xf, 0x5, 0x10001}, {0xc, 0x0, 0x3}, {0xe, 0x2, 0x9}, {0x2, 0x0, 0x40}, {0x9, 0x0, 0xe81}, {0x3, 0x4, 0x19}, {0x0, 0x3, 0x5}]}, @enum64={0x6, 0x0, 0x0, 0x13, 0x1, 0xe}, @const={0x3, 0x0, 0x0, 0xa, 0x5}, @decl_tag={0xa, 0x0, 0x0, 0x11, 0x5, 0x8}]}, {0x0, [0x5f, 0x71, 0x5f, 0x5f, 0x61, 0x30, 0x5f, 0x30]}}, &(0x7f00000006c0)=""/220, 0xc2, 0xdc, 0x0, 0xffff, 0x10000, @value=r2}, 0x28) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x2a7, 0x0, 0x0, 0x40f00, 0x20, '\x00', 0x0, 0x0, r4, 0x8, 0x0, 0x0, 0x10, &(0x7f00000002c0)={0x2, 0xe, 0x5, 0xb}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3ff}, 0x94) ioctl$KVM_RUN(r3, 0xae80, 0x0) 3.986133449s ago: executing program 4 (id=1682): openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[], 0x50) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) r1 = epoll_create1(0x0) unshare(0x2c020400) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f000001bff4)={0x10000000}) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) socket$phonet_pipe(0x23, 0x5, 0x2) socket(0x10, 0x400000000080803, 0x0) r3 = landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x3}, 0x10, 0x0) landlock_add_rule$LANDLOCK_RULE_NET_PORT(r3, 0x2, &(0x7f00000000c0)={0x1, 0x2}, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)=@newtaction={0x6c, 0x30, 0xb, 0x0, 0x0, {}, [{0x58, 0x1, [@m_ct={0x54, 0x1, 0x0, 0x0, {{0x7}, {0x2c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18}, @TCA_CT_ACTION={0x6, 0x3, 0x19}, @TCA_CT_MARK={0x8}]}, {0xfffffffffffffe4b}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) 3.648231812s ago: executing program 2 (id=1683): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x200000000000008b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000080"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48) close(r3) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd8073a46b08b94214d816f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb4147000001000000008f2b9000f22425e4097ed62cbc891061017cfa6f6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe68db8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3542646bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48) bpf$BPF_PROG_DETACH(0x8, &(0x7f00000002c0)=ANY=[@ANYRES32=r6, @ANYRES32=r5, @ANYBLOB='&\x00\x00\x00\x00\x00\x00\x00\x00', @ANYRES32, @ANYBLOB="63b95fb1d30fd68f835b2dd5c30ec994cbe6b22567ead43adb00d8cc0d47acf2842e8006573f54bf6c8e1895536e04675a60f5f1973a405f52b7b2f4d2b423abaf1acc3738980b60b6ac09d247a5e56af8"], 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r6}, &(0x7f0000000000), &(0x7f0000000080)=r3}, 0x20) sendmsg$inet(r4, &(0x7f0000000500)={0x0, 0x4003e80, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x20000281}], 0x1}, 0x0) 3.43856571s ago: executing program 4 (id=1684): sendmsg$can_bcm(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000180)={0xc, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002) r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x149802, 0x0) r4 = dup(r3) read$FUSE(r4, &(0x7f0000019300)={0x2020}, 0x2020) sendfile(r3, r4, 0x0, 0x80006) 3.043650962s ago: executing program 4 (id=1685): ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) chdir(0x0) syz_usb_connect(0x0, 0x24, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x4, 0x80000001}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f0000000680)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@newlink={0x28, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x10290}, [@IFLA_GROUP={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x4008040) r2 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r2, 0x4601, &(0x7f0000000240)={0x400, 0x30, 0xf0, 0x0, 0x0, 0x1f, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x40, 0x0, 0x7, 0x0, 0x5, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x16, 0x0, 0x0, 0x5}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000005c0)=@newlink={0x34, 0x10, 0x403, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x74, 0x0, 0x800, 0x55007}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x900}, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r3, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c) setsockopt$inet6_tcp_int(r3, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4) sendto$inet6(r3, &(0x7f0000000240)=':', 0x1, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x8, @empty}, 0x1c) setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000000)='veno\x00', 0x5) writev(r3, 0x0, 0x0) shutdown(r3, 0x1) openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) clock_gettime(0x0, &(0x7f0000000380)) 2.700172608s ago: executing program 3 (id=1686): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) mkdir(&(0x7f0000000040)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x40000f63c) write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, 0x0, 0x0) mount$overlay(0x0, 0x0, &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@xino_on}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000200180000000000000000000850000007b000000"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x93, &(0x7f00000003c0)=""/147}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) ioctl$USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0105500, &(0x7f0000000000)={0x80, 0x10, 0x2, 0x0, 0x56, 0x101, 0x0}) chdir(&(0x7f00000003c0)='./bus\x00') r4 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents(r4, &(0x7f0000001fc0)=""/184, 0x20002078) 2.636919761s ago: executing program 2 (id=1687): ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) chdir(0x0) syz_usb_connect(0x0, 0x24, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x4, 0x80000001}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f0000000680)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@newlink={0x28, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x10290}, [@IFLA_GROUP={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x4008040) r2 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r2, 0x4601, &(0x7f0000000240)={0x400, 0x30, 0xf0, 0x0, 0x0, 0x1f, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x40, 0x0, 0x7, 0x0, 0x5, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x16, 0x0, 0x0, 0x5}) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000005c0)=@newlink={0x34, 0x10, 0x403, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x74, 0x0, 0x800, 0x55007}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x900}, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) bind$inet6(0xffffffffffffffff, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4) sendto$inet6(0xffffffffffffffff, &(0x7f0000000240)=':', 0x1, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x8, @empty}, 0x1c) setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000000)='veno\x00', 0x5) shutdown(0xffffffffffffffff, 0x1) openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) clock_gettime(0x0, &(0x7f0000000380)) 1.682242454s ago: executing program 0 (id=1688): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'}) r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0xfffffffffffffe1d) ioctl$sock_netdev_private(r1, 0x8914, 0x0) r2 = syz_init_net_socket$rose(0xb, 0x5, 0x0) ioctl$sock_rose_SIOCADDRT(r2, 0x890b, &(0x7f0000000380)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0x6, @null, @bpq0, 0x0, [@bcast, @bcast, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}) r3 = syz_init_net_socket$rose(0xb, 0x5, 0x0) connect$rose(r3, &(0x7f0000000040)=@short={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x1, @default}, 0x1c) connect$rose(r3, &(0x7f0000000100)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x0, [@null, @null, @null, @default, @bcast, @default]}, 0x40) 1.63422284s ago: executing program 0 (id=1689): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008"], 0x64}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x98}, 0x1, 0x0, 0x0, 0x24040854}, 0x40000) 1.592703926s ago: executing program 0 (id=1690): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x2}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r4 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r4, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r4, 0xc01064b5, &(0x7f0000000140)={0x0}) ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r4, 0xc02064b9, &(0x7f0000000dc0)={&(0x7f0000000240)=[0x0, 0x0, 0x0], &(0x7f0000000200), 0x3}) r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1002, 0x0) openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x1) r6 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r6, @ANYBLOB=',rootmode=0000000000000000010000', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r6, &(0x7f00000021c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r6, &(0x7f0000000040)={0x50, 0x0, r7, {0x7, 0x1f, 0x0, 0x10400}}, 0x50) syz_fuse_handle_req(r6, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)={0x20, 0x0, 0x88}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0) close(r6) close_range(r5, 0xffffffffffffffff, 0x0) r8 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r8, &(0x7f0000000000)={0x500, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="020300090c00000000006ba3ddcf2d27a044a8650b0ee8d000000000eaff0200170000205dddfdcac0cf3a141400000000000000000002000100000400000000000000fffffb030007000000000002000000ac1e000100000000000000000200"], 0x60}}, 0x0) 1.436416769s ago: executing program 4 (id=1691): prctl$PR_SET_KEEPCAPS(0x8, 0x0) pipe(0x0) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeee, 0x8031, 0xffffffffffffffff, 0xd0fb1000) syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x2, r0, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r2 = epoll_create1(0x0) r3 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000100), 0x40, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0b00000007000000020001000900000001000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) timer_create(0x3, 0x0, &(0x7f0000044000)) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x14, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r5}, 0x10) timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00'}, 0x18) r6 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r6, 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000000)={0x90000001}) syz_open_dev$tty1(0xc, 0x4, 0x1) 947.03351ms ago: executing program 3 (id=1692): syz_usb_control_io$uac1(0xffffffffffffffff, 0x0, &(0x7f0000000580)={0x44, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) write$sndseq(0xffffffffffffffff, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) getrlimit(0xa, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0) getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, &(0x7f0000000240)) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x1, 0x2}, 0x28) ioctl$KVM_RUN(r2, 0xae80, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000280)) sendmmsg(0xffffffffffffffff, &(0x7f00000059c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4821) 887.15979ms ago: executing program 1 (id=1693): r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[], 0x180}}, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/syz1\x00', 0x200002, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000280)='f2fs_update_extent_tree_range\x00', r5}, 0x18) 14.754694ms ago: executing program 0 (id=1694): ioctl$IOMMU_IOAS_MAP$PAGES(0xffffffffffffffff, 0x3b85, &(0x7f0000000140)={0x28, 0x6, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x800}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x0, 0x24, 0x0, 0x0, 0x0, 0x2, 0xfffffffffffffffe, 0x200, 0x2}, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66ba4300b006ee0f01c40f009b27000000b9800000c00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a000000328fe858b660002fb90d090000b800680000ba000000000f30", 0x5a}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 0s ago: executing program 4 (id=1695): ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) chdir(0x0) syz_usb_connect(0x0, 0x24, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x4, 0x80000001}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f0000000680)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@newlink={0x28, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x10290}, [@IFLA_GROUP={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x4008040) r2 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r2, 0x4601, &(0x7f0000000240)={0x400, 0x30, 0xf0, 0x0, 0x0, 0x1f, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x40, 0x0, 0x7, 0x0, 0x5, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x16, 0x0, 0x0, 0x5}) socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r3, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c) sendto$inet6(r3, &(0x7f0000000240)=':', 0x1, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x8, @empty}, 0x1c) setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000000)='veno\x00', 0x5) writev(r3, 0x0, 0x0) shutdown(r3, 0x1) openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) clock_gettime(0x0, &(0x7f0000000380)) kernel console output (not intermixed with test programs): T9] usb 5-1: SerialNumber: syz [ 429.371285][ T9] usb 5-1: config 0 descriptor?? [ 429.384176][ T9] smsc75xx v1.0.0 [ 431.323216][ T9] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32 [ 431.353719][ T9] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 431.370896][ T30] audit: type=1326 audit(1751600461.404:757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9224 comm="syz.1.813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2d3d8e929 code=0x7ffc0000 [ 431.397898][ T30] audit: type=1326 audit(1751600461.434:758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9224 comm="syz.1.813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2d3d8e929 code=0x7ffc0000 [ 431.536807][ T30] audit: type=1326 audit(1751600461.434:759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9224 comm="syz.1.813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb2d3d8e929 code=0x7ffc0000 [ 431.560739][ T30] audit: type=1326 audit(1751600461.434:760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9224 comm="syz.1.813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2d3d8e929 code=0x7ffc0000 [ 431.585442][ T30] audit: type=1326 audit(1751600461.434:761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9224 comm="syz.1.813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb2d3d8e929 code=0x7ffc0000 [ 432.227973][ T30] audit: type=1326 audit(1751600461.434:762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9224 comm="syz.1.813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2d3d8e929 code=0x7ffc0000 [ 432.293966][ T5820] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 432.483633][ T30] audit: type=1326 audit(1751600461.434:763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9224 comm="syz.1.813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb2d3d8e929 code=0x7ffc0000 [ 432.527946][ T9] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000010: -71 [ 432.555060][ T30] audit: type=1326 audit(1751600461.434:764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9224 comm="syz.1.813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2d3d8e929 code=0x7ffc0000 [ 432.573675][ T5820] usb 3-1: Using ep0 maxpacket: 32 [ 432.578409][ T9] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to write HW_CFG: -71 [ 432.629195][ T5820] usb 3-1: config index 0 descriptor too short (expected 29220, got 36) [ 432.657953][ T5820] usb 3-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 432.673858][ T9] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71 [ 432.684062][ T30] audit: type=1326 audit(1751600461.434:765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9224 comm="syz.1.813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fb2d3d8e929 code=0x7ffc0000 [ 432.707846][ T9] smsc75xx 5-1:0.184: probe with driver smsc75xx failed with error -71 [ 432.719376][ T9] usb 5-1: USB disconnect, device number 20 [ 432.733782][ T5820] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 432.770996][ T30] audit: type=1326 audit(1751600461.434:766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9224 comm="syz.1.813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2d3d8e929 code=0x7ffc0000 [ 432.858076][ T5820] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 81 [ 432.867290][ T5820] usb 3-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 432.882620][ T5820] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 433.216050][ T5820] usb 3-1: config 0 descriptor?? [ 433.834583][ T9257] netlink: 16 bytes leftover after parsing attributes in process `syz.4.818'. [ 434.959985][ T1205] usb 3-1: USB disconnect, device number 10 [ 435.181997][ T9268] netlink: 16 bytes leftover after parsing attributes in process `syz.3.822'. [ 435.523672][ T1205] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 436.169753][ T1205] usb 3-1: Using ep0 maxpacket: 8 [ 436.182536][ T1205] usb 3-1: config 0 has an invalid interface number: 55 but max is 0 [ 436.190798][ T1205] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 436.213206][ T5820] usb 1-1: new high-speed USB device number 22 using dummy_hcd [ 436.255134][ T1205] usb 3-1: config 0 has no interface number 0 [ 436.261271][ T1205] usb 3-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 436.290224][ T1205] usb 3-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 436.299772][ T1205] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 436.523660][ T5930] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 436.719904][ T1205] usb 3-1: config 0 descriptor?? [ 436.739204][ T1205] ldusb 3-1:0.55: Interrupt in endpoint not found [ 436.778939][ T5820] usb 1-1: Using ep0 maxpacket: 32 [ 436.786925][ T5820] usb 1-1: config 0 has an invalid interface number: 184 but max is 0 [ 436.803680][ T5820] usb 1-1: config 0 has no interface number 0 [ 436.810812][ T5820] usb 1-1: config 0 interface 184 has no altsetting 0 [ 436.822171][ T5820] usb 1-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 436.832577][ T5820] usb 1-1: New USB device strings: Mfr=227, Product=1, SerialNumber=3 [ 436.846343][ T5820] usb 1-1: Product: syz [ 436.850514][ T5820] usb 1-1: Manufacturer: syz [ 436.855733][ T30] kauditd_printk_skb: 26 callbacks suppressed [ 436.855745][ T30] audit: type=1400 audit(1751600466.884:793): avc: denied { write } for pid=9283 comm="syz.3.829" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 436.863624][ T5930] usb 2-1: Using ep0 maxpacket: 32 [ 436.882262][ C0] vkms_vblank_simulate: vblank timer overrun [ 436.885206][ T5820] usb 1-1: SerialNumber: syz [ 436.900748][ T30] audit: type=1400 audit(1751600466.884:794): avc: denied { open } for pid=9283 comm="syz.3.829" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 436.904598][ T5930] usb 2-1: config 0 has an invalid interface number: 184 but max is 0 [ 436.923111][ T30] audit: type=1400 audit(1751600466.934:795): avc: denied { unmount } for pid=5810 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 436.951134][ T5930] usb 2-1: config 0 has no interface number 0 [ 436.951743][ T5820] usb 1-1: config 0 descriptor?? [ 436.963174][ T5930] usb 2-1: config 0 interface 184 has no altsetting 0 [ 436.973350][ T5930] usb 2-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 436.982674][ T5930] usb 2-1: New USB device strings: Mfr=227, Product=1, SerialNumber=3 [ 437.016721][ T1205] usb 3-1: USB disconnect, device number 11 [ 437.037187][ T5930] usb 2-1: Product: syz [ 437.041360][ T5930] usb 2-1: Manufacturer: syz [ 437.049800][ T5820] smsc75xx v1.0.0 [ 437.092067][ T5930] usb 2-1: SerialNumber: syz [ 437.116258][ T5930] usb 2-1: config 0 descriptor?? [ 437.128503][ T5930] smsc75xx v1.0.0 [ 437.355564][ T24] usb 5-1: new high-speed USB device number 21 using dummy_hcd [ 437.373632][ T5819] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 437.513638][ T24] usb 5-1: Using ep0 maxpacket: 8 [ 437.520097][ T24] usb 5-1: config 0 has an invalid interface number: 55 but max is 0 [ 437.528482][ T24] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 437.538929][ T24] usb 5-1: config 0 has no interface number 0 [ 437.540073][ T5930] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -32 [ 437.545331][ T24] usb 5-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 437.566944][ T5819] usb 4-1: Using ep0 maxpacket: 16 [ 437.567273][ T24] usb 5-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 437.581171][ T5930] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -32 [ 437.581196][ T5930] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_bind [ 437.606326][ T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 437.611810][ T5819] usb 4-1: config index 0 descriptor too short (expected 16456, got 72) [ 437.617231][ T24] usb 5-1: config 0 descriptor?? [ 437.633338][ T5819] usb 4-1: config 0 has an invalid interface number: 125 but max is 1 [ 437.642544][ T5930] smsc75xx 2-1:0.184: probe with driver smsc75xx failed with error -32 [ 437.651090][ T5819] usb 4-1: config 0 has an invalid interface number: 125 but max is 1 [ 437.652937][ T24] ldusb 5-1:0.55: Interrupt in endpoint not found [ 437.666150][ T5819] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 437.677490][ T5819] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 437.687683][ T5819] usb 4-1: config 0 has no interface number 0 [ 437.691902][ T5820] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32 [ 437.721295][ T5820] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 437.821248][ T5819] usb 4-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64 [ 437.832400][ T5819] usb 4-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0 [ 437.842351][ T5819] usb 4-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0 [ 437.852620][ T5819] usb 4-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 437.873566][ T5819] usb 4-1: config 0 interface 125 has no altsetting 0 [ 437.882144][ T5819] usb 4-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27 [ 437.886348][ T24] usb 5-1: USB disconnect, device number 21 [ 437.958423][ T9293] fuse: Bad value for 'fd' [ 437.971940][ T5820] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000010: -32 [ 438.160906][ T5820] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read HW_CFG: -32 [ 438.262742][ T5820] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -32 [ 438.323600][ T5819] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 438.331752][ T5819] usb 4-1: Product: syz [ 438.335949][ T5819] usb 4-1: Manufacturer: syz [ 438.340542][ T5819] usb 4-1: SerialNumber: syz [ 438.347512][ T5819] usb 4-1: config 0 descriptor?? [ 438.355877][ T5820] smsc75xx 1-1:0.184: probe with driver smsc75xx failed with error -32 [ 438.368522][ T5820] usb 1-1: USB disconnect, device number 22 [ 438.739892][ T5930] usb 4-1: USB disconnect, device number 14 [ 438.963632][ T5819] usb 5-1: new high-speed USB device number 22 using dummy_hcd [ 439.577139][ T5820] usb 2-1: USB disconnect, device number 16 [ 439.594366][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 439.606450][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 439.673836][ T5819] usb 5-1: Using ep0 maxpacket: 32 [ 439.682141][ T5819] usb 5-1: config index 0 descriptor too short (expected 29220, got 36) [ 439.871514][ T5819] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 440.484152][ T5819] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 440.494515][ T5819] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 440.504210][ T5819] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 440.524837][ T5819] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 18 [ 440.560157][ T5819] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 440.746066][ T5819] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 440.756310][ T5819] usb 5-1: config 0 descriptor?? [ 442.293592][ T30] audit: type=1800 audit(1751600471.414:796): pid=9328 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.2.841" name="bus" dev="overlay" ino=986 res=0 errno=0 [ 442.315059][ C0] vkms_vblank_simulate: vblank timer overrun [ 442.702128][ T5820] usb 5-1: USB disconnect, device number 22 [ 443.225511][ T5819] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 443.533832][ T5819] usb 2-1: Using ep0 maxpacket: 32 [ 443.684393][ T5819] usb 2-1: config 0 has an invalid interface number: 184 but max is 0 [ 443.692570][ T5819] usb 2-1: config 0 has no interface number 0 [ 443.703880][ T5819] usb 2-1: config 0 interface 184 has no altsetting 0 [ 443.721857][ T5819] usb 2-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 444.114635][ T5819] usb 2-1: New USB device strings: Mfr=227, Product=1, SerialNumber=3 [ 444.122841][ T5819] usb 2-1: Product: syz [ 444.127063][ T5819] usb 2-1: Manufacturer: syz [ 444.131721][ T5819] usb 2-1: SerialNumber: syz [ 444.194987][ T5819] usb 2-1: config 0 descriptor?? [ 444.205104][ T5819] smsc75xx v1.0.0 [ 444.446922][ T9360] netlink: 16 bytes leftover after parsing attributes in process `syz.0.848'. [ 445.175390][ T5819] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000040: -71 [ 445.238207][ T5819] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Error writing E2P_CMD [ 445.574112][ T5819] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71 [ 446.050866][ T9375] netlink: 16 bytes leftover after parsing attributes in process `syz.4.852'. [ 446.115650][ T5819] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71 [ 446.200437][ T5819] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset [ 446.305932][ T5819] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71 [ 446.318143][ T5819] smsc75xx 2-1:0.184: probe with driver smsc75xx failed with error -71 [ 446.335082][ T5819] usb 2-1: USB disconnect, device number 17 [ 449.887661][ T5819] usb 2-1: new high-speed USB device number 18 using dummy_hcd [ 450.173832][ T5819] usb 2-1: Using ep0 maxpacket: 32 [ 450.180574][ T5819] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 450.191985][ T5819] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 450.203738][ T5819] usb 2-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00 [ 451.166454][ T5819] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 451.178625][ T5819] usb 2-1: config 0 descriptor?? [ 452.888143][ T1205] usb 5-1: new high-speed USB device number 23 using dummy_hcd [ 453.097565][ T5819] usbhid 2-1:0.0: can't add hid device: -71 [ 453.214218][ T5819] usbhid 2-1:0.0: probe with driver usbhid failed with error -71 [ 453.230761][ T5819] usb 2-1: USB disconnect, device number 18 [ 453.343595][ T1205] usb 5-1: Using ep0 maxpacket: 32 [ 453.360069][ T1205] usb 5-1: config 0 has an invalid interface number: 184 but max is 0 [ 453.386612][ T1205] usb 5-1: config 0 has no interface number 0 [ 453.822283][ T1205] usb 5-1: config 0 interface 184 has no altsetting 0 [ 453.869058][ T1205] usb 5-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 454.189125][ T1205] usb 5-1: New USB device strings: Mfr=227, Product=1, SerialNumber=3 [ 454.273634][ T1205] usb 5-1: Product: syz [ 454.307659][ T1205] usb 5-1: Manufacturer: syz [ 454.312294][ T1205] usb 5-1: SerialNumber: syz [ 454.325812][ T1205] usb 5-1: config 0 descriptor?? [ 454.332643][ T1205] smsc75xx v1.0.0 [ 455.649698][ T1205] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32 [ 455.673709][ T1205] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 456.610119][ T1205] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000010: -71 [ 457.446889][ T1205] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read HW_CFG: -71 [ 457.456876][ T1205] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71 [ 457.466724][ T1205] smsc75xx 5-1:0.184: probe with driver smsc75xx failed with error -71 [ 457.484648][ T1205] usb 5-1: USB disconnect, device number 23 [ 457.603726][ T24] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 458.840810][ T24] usb 4-1: Using ep0 maxpacket: 32 [ 459.058680][ T30] audit: type=1326 audit(1751600489.094:797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9479 comm="syz.2.880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb57798e929 code=0x7ffc0000 [ 459.081913][ C0] vkms_vblank_simulate: vblank timer overrun [ 459.277213][ T30] audit: type=1326 audit(1751600489.134:798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9479 comm="syz.2.880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb57798e929 code=0x7ffc0000 [ 460.137698][ T30] audit: type=1326 audit(1751600489.134:799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9479 comm="syz.2.880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb57798e929 code=0x7ffc0000 [ 460.167817][ T30] audit: type=1326 audit(1751600489.134:800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9479 comm="syz.2.880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb57798e929 code=0x7ffc0000 [ 460.322717][ T30] audit: type=1326 audit(1751600489.144:801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9479 comm="syz.2.880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb57798e929 code=0x7ffc0000 [ 460.493616][ T30] audit: type=1326 audit(1751600489.144:802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9479 comm="syz.2.880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb57798e929 code=0x7ffc0000 [ 460.520020][ T30] audit: type=1326 audit(1751600489.164:803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9479 comm="syz.2.880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb57798e929 code=0x7ffc0000 [ 460.543785][ T30] audit: type=1326 audit(1751600489.164:804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9479 comm="syz.2.880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb57798e929 code=0x7ffc0000 [ 460.577859][ T30] audit: type=1326 audit(1751600489.184:805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9479 comm="syz.2.880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb57798e929 code=0x7ffc0000 [ 460.601384][ T30] audit: type=1326 audit(1751600489.184:806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9479 comm="syz.2.880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb57798e929 code=0x7ffc0000 [ 460.631447][ T24] usb 4-1: device descriptor read/all, error -71 [ 461.749471][ T9502] netlink: 28 bytes leftover after parsing attributes in process `syz.1.885'. [ 461.758610][ T9502] netlink: 28 bytes leftover after parsing attributes in process `syz.1.885'. [ 462.393766][ T1205] usb 1-1: new high-speed USB device number 23 using dummy_hcd [ 462.664740][ T9516] fuse: Bad value for 'group_id' [ 462.669723][ T9516] fuse: Bad value for 'group_id' [ 462.679815][ T5930] usb 4-1: new low-speed USB device number 17 using dummy_hcd [ 462.773781][ T1205] usb 1-1: Using ep0 maxpacket: 32 [ 462.796078][ T1205] usb 1-1: config 0 has an invalid interface number: 184 but max is 0 [ 462.822430][ T1205] usb 1-1: config 0 has no interface number 0 [ 462.851284][ T1205] usb 1-1: config 0 interface 184 has no altsetting 0 [ 462.910579][ T9519] netlink: 28 bytes leftover after parsing attributes in process `syz.4.890'. [ 462.920188][ T9519] netlink: 28 bytes leftover after parsing attributes in process `syz.4.890'. [ 462.982468][ T1205] usb 1-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 462.992555][ T1205] usb 1-1: New USB device strings: Mfr=227, Product=1, SerialNumber=3 [ 463.001118][ T1205] usb 1-1: Product: syz [ 463.005571][ T5930] usb 4-1: config 0 has an invalid interface number: 1 but max is 0 [ 463.062378][ T5930] usb 4-1: config 0 has no interface number 0 [ 463.078729][ T5930] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 59471, setting to 8 [ 463.136799][ T1205] usb 1-1: Manufacturer: syz [ 463.213346][ T1205] usb 1-1: SerialNumber: syz [ 463.223572][ T5930] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 463.240154][ T1205] usb 1-1: config 0 descriptor?? [ 463.255357][ T5930] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 463.358082][ T1205] smsc75xx v1.0.0 [ 463.365809][ T5930] usb 4-1: config 0 descriptor?? [ 463.371514][ T9506] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 463.391036][ T5930] iowarrior 4-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 464.765530][ T30] kauditd_printk_skb: 24 callbacks suppressed [ 464.765622][ T30] audit: type=1400 audit(1751600494.774:831): avc: denied { connect } for pid=9536 comm="syz.1.895" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 465.069100][ T1205] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32 [ 465.081902][ T1205] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 465.092906][ T30] audit: type=1400 audit(1751600494.944:832): avc: denied { ioctl } for pid=9536 comm="syz.1.895" path="socket:[23105]" dev="sockfs" ino=23105 ioctlcmd=0x48c8 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 465.140366][ C1] iowarrior 4-1:0.1: iowarrior_callback - usb_submit_urb failed with result -1 [ 465.151750][ T9] usb 4-1: USB disconnect, device number 17 [ 465.734644][ T30] audit: type=1326 audit(1751600495.744:833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9546 comm="syz.1.897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2d3d8e929 code=0x7ffc0000 [ 466.240872][ T30] audit: type=1326 audit(1751600495.744:834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9546 comm="syz.1.897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb2d3d8e929 code=0x7ffc0000 [ 466.264081][ C0] vkms_vblank_simulate: vblank timer overrun [ 466.270497][ T1205] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000010: -71 [ 466.282157][ T1205] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read HW_CFG: -71 [ 466.291963][ T30] audit: type=1326 audit(1751600495.744:835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9546 comm="syz.1.897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2d3d8e929 code=0x7ffc0000 [ 466.315286][ T1205] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71 [ 466.342507][ T1205] smsc75xx 1-1:0.184: probe with driver smsc75xx failed with error -71 [ 466.382732][ T30] audit: type=1326 audit(1751600495.744:836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9546 comm="syz.1.897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb2d3d8e929 code=0x7ffc0000 [ 466.412256][ T30] audit: type=1326 audit(1751600495.744:837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9546 comm="syz.1.897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2d3d8e929 code=0x7ffc0000 [ 466.438280][ T1205] usb 1-1: USB disconnect, device number 23 [ 466.447481][ T30] audit: type=1326 audit(1751600495.744:838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9546 comm="syz.1.897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb2d3d8e929 code=0x7ffc0000 [ 466.466498][ T9553] /dev/nullb0: Can't open blockdev [ 466.476826][ T30] audit: type=1326 audit(1751600495.744:839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9546 comm="syz.1.897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2d3d8e929 code=0x7ffc0000 [ 466.501616][ T30] audit: type=1326 audit(1751600495.744:840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9546 comm="syz.1.897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fb2d3d8e929 code=0x7ffc0000 [ 467.077746][ T9563] netlink: 28 bytes leftover after parsing attributes in process `syz.2.901'. [ 467.086921][ T9563] netlink: 28 bytes leftover after parsing attributes in process `syz.2.901'. [ 467.463889][ T9564] netlink: 28 bytes leftover after parsing attributes in process `syz.3.900'. [ 467.472933][ T9564] netlink: 28 bytes leftover after parsing attributes in process `syz.3.900'. [ 469.599659][ T9582] netlink: 16 bytes leftover after parsing attributes in process `syz.2.904'. [ 470.372889][ T30] kauditd_printk_skb: 23 callbacks suppressed [ 470.372901][ T30] audit: type=1400 audit(1751600500.404:864): avc: denied { read write } for pid=9591 comm="syz.1.910" name="rdma_cm" dev="devtmpfs" ino=1271 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1 [ 470.582281][ T30] audit: type=1400 audit(1751600500.404:865): avc: denied { open } for pid=9591 comm="syz.1.910" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=1271 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1 [ 471.265737][ T30] audit: type=1400 audit(1751600501.204:866): avc: denied { listen } for pid=9592 comm="syz.0.911" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 471.509258][ T30] audit: type=1326 audit(1751600501.254:867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9592 comm="syz.0.911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3f8d8e929 code=0x7ffc0000 [ 471.654532][ T30] audit: type=1326 audit(1751600501.254:868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9592 comm="syz.0.911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3f8d8e929 code=0x7ffc0000 [ 471.680343][ T30] audit: type=1326 audit(1751600501.264:869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9592 comm="syz.0.911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=252 compat=0 ip=0x7fb3f8d8e929 code=0x7ffc0000 [ 471.708244][ T30] audit: type=1326 audit(1751600501.264:870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9592 comm="syz.0.911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3f8d8e929 code=0x7ffc0000 [ 471.741901][ T30] audit: type=1326 audit(1751600501.264:871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9592 comm="syz.0.911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3f8d8e929 code=0x7ffc0000 [ 471.794709][ T9603] sctp: failed to load transform for md5: -2 [ 474.096995][ T30] audit: type=1400 audit(1751600504.134:872): avc: denied { setopt } for pid=9631 comm="syz.1.918" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 475.277720][ T9640] netlink: 28 bytes leftover after parsing attributes in process `syz.0.921'. [ 475.364932][ T9640] netlink: 28 bytes leftover after parsing attributes in process `syz.0.921'. [ 476.089241][ T30] audit: type=1400 audit(1751600505.164:873): avc: denied { create } for pid=9631 comm="syz.1.918" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 476.171518][ T9646] netlink: 8 bytes leftover after parsing attributes in process `syz.3.922'. [ 476.180786][ T30] audit: type=1400 audit(1751600506.204:874): avc: denied { name_bind } for pid=9642 comm="syz.3.922" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1 [ 476.180967][ T30] audit: type=1400 audit(1751600506.204:875): avc: denied { node_bind } for pid=9642 comm="syz.3.922" saddr=fe80::bb src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1 [ 476.181139][ T30] audit: type=1400 audit(1751600506.204:876): avc: denied { create } for pid=9642 comm="syz.3.922" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 476.181312][ T30] audit: type=1400 audit(1751600506.204:877): avc: denied { write } for pid=9642 comm="syz.3.922" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 476.424092][ T30] audit: type=1400 audit(1751600506.434:878): avc: denied { append } for pid=9642 comm="syz.3.922" name="fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 477.234661][ T5897] usb 2-1: new high-speed USB device number 19 using dummy_hcd [ 477.423959][ T5897] usb 2-1: Using ep0 maxpacket: 32 [ 477.432698][ T5897] usb 2-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92 [ 477.464880][ T5897] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 477.517306][ T5897] usb 2-1: config 0 descriptor?? [ 477.541507][ T5897] gspca_main: nw80x-2.14.0 probing 055f:d001 [ 478.241599][ T5897] gspca_nw80x: reg_r err -71 [ 478.246880][ T5897] nw80x 2-1:0.0: probe with driver nw80x failed with error -71 [ 478.571298][ T5897] usb 2-1: USB disconnect, device number 19 [ 480.630739][ T30] audit: type=1400 audit(1751600510.664:879): avc: denied { relabelfrom } for pid=9670 comm="syz.3.931" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1 [ 480.990547][ T30] audit: type=1400 audit(1751600510.664:880): avc: denied { relabelto } for pid=9670 comm="syz.3.931" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1 [ 481.010062][ C0] vkms_vblank_simulate: vblank timer overrun [ 481.449565][ T9690] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 484.095442][ T9499] usb 2-1: new high-speed USB device number 20 using dummy_hcd [ 484.263713][ T9499] usb 2-1: Using ep0 maxpacket: 32 [ 484.275239][ T9499] usb 2-1: config index 0 descriptor too short (expected 29220, got 36) [ 484.284258][ T9499] usb 2-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 484.292940][ T9499] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 484.490773][ T9699] netlink: 12 bytes leftover after parsing attributes in process `syz.2.938'. [ 485.268292][ T9499] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 485.278463][ T9499] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 485.288444][ T9499] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 485.383595][ T9499] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 18 [ 485.581646][ T30] audit: type=1400 audit(1751600515.614:881): avc: denied { setopt } for pid=9706 comm="syz.1.940" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 485.700621][ T9499] usb 2-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 485.710616][ T9499] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 485.720881][ T9499] usb 2-1: config 0 descriptor?? [ 485.730332][ T9499] usb 2-1: can't set config #0, error -71 [ 485.745179][ T9499] usb 2-1: USB disconnect, device number 20 [ 487.405981][ T30] audit: type=1400 audit(1751600517.444:882): avc: denied { ioctl } for pid=9726 comm="syz.4.944" path="/dev/binderfs/binder0" dev="binder" ino=16 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 487.407947][ T30] audit: type=1400 audit(1751600517.444:883): avc: denied { set_context_mgr } for pid=9726 comm="syz.4.944" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1 [ 487.492958][ T9730] netlink: 4 bytes leftover after parsing attributes in process `syz.2.945'. [ 487.505591][ T9733] binder: 9726:9733 ioctl c0306201 200000000540 returned -14 [ 487.514128][ T30] audit: type=1400 audit(1751600517.494:884): avc: denied { name_bind } for pid=9711 comm="syz.0.942" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1 [ 487.683000][ T9736] netlink: 8 bytes leftover after parsing attributes in process `syz.1.947'. [ 487.713683][ T5820] usb 4-1: new high-speed USB device number 18 using dummy_hcd [ 487.884917][ T5820] usb 4-1: Using ep0 maxpacket: 32 [ 487.903707][ T5820] usb 4-1: config index 0 descriptor too short (expected 29220, got 36) [ 487.913229][ T5820] usb 4-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 487.922062][ T5820] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 487.933107][ T5820] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 487.943258][ T5820] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 487.954020][ T5820] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 487.967766][ T5820] usb 4-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 487.983569][ T5820] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 487.997154][ T5820] usb 4-1: config 0 descriptor?? [ 488.325200][ T9743] netlink: 12 bytes leftover after parsing attributes in process `syz.1.949'. [ 489.155362][ T5820] usblp 4-1:0.0: usblp0: USB Bidirectional printer dev 18 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 489.185221][ T5820] usb 4-1: USB disconnect, device number 18 [ 489.202556][ T5820] usblp0: removed [ 489.392221][ T9752] netlink: 28 bytes leftover after parsing attributes in process `syz.0.951'. [ 489.401526][ T9752] netlink: 28 bytes leftover after parsing attributes in process `syz.0.951'. [ 491.129279][ T9765] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 496.982688][ T30] audit: type=1326 audit(1751600526.914:885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9799 comm="syz.2.963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb57798e929 code=0x7fc00000 [ 498.149494][ T9820] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 498.174446][ T30] audit: type=1326 audit(1751600528.204:886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9799 comm="syz.2.963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7fb57798e929 code=0x7fc00000 [ 498.197713][ C1] vkms_vblank_simulate: vblank timer overrun [ 500.521189][ T1205] usb 4-1: new full-speed USB device number 19 using dummy_hcd [ 500.715151][ T1205] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 500.979746][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 500.990292][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 501.013595][ T1205] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 501.023381][ T1205] usb 4-1: New USB device found, idVendor=04f3, idProduct=0754, bcdDevice= 0.00 [ 501.056717][ T1205] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 501.118526][ T1205] usb 4-1: config 0 descriptor?? [ 502.155321][ T9859] sctp: failed to load transform for md5: -2 [ 502.174032][ T30] audit: type=1326 audit(1751600531.954:887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9847 comm="syz.4.975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223c58e929 code=0x7ffc0000 [ 502.282232][ T30] audit: type=1326 audit(1751600531.954:888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9847 comm="syz.4.975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223c58e929 code=0x7ffc0000 [ 502.653730][ T30] audit: type=1326 audit(1751600531.954:889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9847 comm="syz.4.975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=113 compat=0 ip=0x7f223c58e929 code=0x7ffc0000 [ 502.677059][ T30] audit: type=1326 audit(1751600531.954:890): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9847 comm="syz.4.975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223c58e929 code=0x7ffc0000 [ 502.700768][ T30] audit: type=1326 audit(1751600531.954:891): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9847 comm="syz.4.975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223c58e929 code=0x7ffc0000 [ 502.724290][ C1] vkms_vblank_simulate: vblank timer overrun [ 502.730425][ T30] audit: type=1326 audit(1751600531.954:892): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9847 comm="syz.4.975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=252 compat=0 ip=0x7f223c58e929 code=0x7ffc0000 [ 502.753952][ C1] vkms_vblank_simulate: vblank timer overrun [ 502.791181][ T30] audit: type=1326 audit(1751600531.954:893): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9847 comm="syz.4.975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223c58e929 code=0x7ffc0000 [ 502.899951][ T30] audit: type=1326 audit(1751600531.954:894): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9847 comm="syz.4.975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223c58e929 code=0x7ffc0000 [ 502.923583][ C1] vkms_vblank_simulate: vblank timer overrun [ 503.071937][ T1205] usbhid 4-1:0.0: can't add hid device: -71 [ 503.434240][ T1205] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 503.851238][ T1205] usb 4-1: USB disconnect, device number 19 [ 506.915711][ T30] audit: type=1326 audit(1751600536.384:895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9894 comm="syz.1.987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2d3d8e929 code=0x7ffc0000 [ 506.915763][ T30] audit: type=1326 audit(1751600536.384:896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9894 comm="syz.1.987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2d3d8e929 code=0x7ffc0000 [ 508.066955][ T1205] usb 4-1: new high-speed USB device number 20 using dummy_hcd [ 508.257342][ T30] kauditd_printk_skb: 3 callbacks suppressed [ 508.257354][ T30] audit: type=1326 audit(1751600538.294:900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9908 comm="syz.1.990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2d3d8e929 code=0x7fc00000 [ 508.373596][ T1205] usb 4-1: Using ep0 maxpacket: 32 [ 508.380466][ T1205] usb 4-1: config index 0 descriptor too short (expected 29220, got 36) [ 508.469384][ T9922] syz.2.992 (9922): drop_caches: 2 [ 508.478224][ T9922] syz.2.992 (9922): drop_caches: 2 [ 508.533722][ T1205] usb 4-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 509.044587][ T1205] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 509.157410][ T1205] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 509.243580][ T1205] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 509.303572][ T1205] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 509.337522][ T1205] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 510.363573][ T1205] usb 4-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 510.372775][ T1205] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 510.392232][ T1205] usb 4-1: config 0 descriptor?? [ 510.548181][ T30] audit: type=1400 audit(1751600540.554:901): avc: denied { connect } for pid=9923 comm="syz.0.994" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 510.756670][ T1205] usb 4-1: can't set config #0, error -71 [ 510.764018][ T1205] usb 4-1: USB disconnect, device number 20 [ 512.666661][ T9967] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1004'. [ 513.539168][ T9970] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1005'. [ 513.548332][ T9970] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1005'. [ 514.013744][ T5819] usb 5-1: new high-speed USB device number 24 using dummy_hcd [ 514.315184][ T5819] usb 5-1: Using ep0 maxpacket: 16 [ 514.441964][ T5819] usb 5-1: config 0 has an invalid interface number: 68 but max is 0 [ 514.479926][ T5819] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 514.490252][ T5819] usb 5-1: config 0 has no interface number 0 [ 514.496405][ T5819] usb 5-1: config 0 interface 68 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 514.525100][ T5819] usb 5-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=dc.c4 [ 514.562755][ T5819] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 514.623467][ T5819] usb 5-1: Product: syz [ 514.667541][ T5819] usb 5-1: Manufacturer: syz [ 514.759090][ T5819] usb 5-1: SerialNumber: syz [ 514.802269][ T1205] usb 4-1: new high-speed USB device number 21 using dummy_hcd [ 514.824369][ T5819] usb 5-1: config 0 descriptor?? [ 514.849438][ T5819] usb 5-1: can't set config #0, error -71 [ 514.871375][ T5819] usb 5-1: USB disconnect, device number 24 [ 514.992175][ T9990] netlink: 52 bytes leftover after parsing attributes in process `syz.4.1012'. [ 515.032411][ T1205] usb 4-1: Using ep0 maxpacket: 32 [ 515.139556][ T1205] usb 4-1: config index 0 descriptor too short (expected 29220, got 36) [ 515.218434][ T1205] usb 4-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 515.234215][ T1205] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 515.246590][ T1205] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 515.256500][ T1205] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 515.288175][ T1205] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 515.304768][ T1205] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 515.320378][ T1205] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 515.343096][ T1205] usb 4-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 515.396101][ T1205] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 515.476127][ T1205] usb 4-1: config 0 descriptor?? [ 516.485918][ T1205] usblp 4-1:0.0: usblp0: USB Bidirectional printer dev 21 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 516.816632][ T1205] usb 4-1: USB disconnect, device number 21 [ 516.911401][ T30] audit: type=1400 audit(1751600546.784:902): avc: denied { read write } for pid=9984 comm="syz.3.1010" name="lp0" dev="devtmpfs" ino=3022 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:printer_device_t tclass=chr_file permissive=1 [ 516.978205][T10004] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1016'. [ 517.247846][ T30] audit: type=1400 audit(1751600546.784:903): avc: denied { open } for pid=9984 comm="syz.3.1010" path="/dev/usb/lp0" dev="devtmpfs" ino=3022 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:printer_device_t tclass=chr_file permissive=1 [ 518.367523][ T1205] usblp0: removed [ 520.395118][T10032] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1022'. [ 520.404385][T10032] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1022'. [ 520.736918][T10035] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1024'. [ 520.746172][T10035] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1024'. [ 521.071587][T10037] netlink: 52 bytes leftover after parsing attributes in process `syz.3.1025'. [ 521.551849][ T5819] usb 2-1: new full-speed USB device number 21 using dummy_hcd [ 521.932965][ T5819] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 521.994513][ T5819] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 522.030945][ T5819] usb 2-1: New USB device found, idVendor=04f3, idProduct=0754, bcdDevice= 0.00 [ 522.059511][ T5819] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 522.110018][ T5819] usb 2-1: config 0 descriptor?? [ 522.302639][T10055] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1030'. [ 523.533592][ T5930] usb 4-1: new high-speed USB device number 22 using dummy_hcd [ 523.681711][T10064] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1032'. [ 523.691051][T10064] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1032'. [ 523.874223][ T30] audit: type=1326 audit(1751600553.904:904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10053 comm="syz.2.1019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb57798e929 code=0x7fc00000 [ 523.881412][ T5819] hid-generic 0003:04F3:0754.0005: failed to start in urb: -90 [ 523.917319][ T5930] usb 4-1: Using ep0 maxpacket: 32 [ 523.955554][ T5930] usb 4-1: config index 0 descriptor too short (expected 29220, got 36) [ 523.985899][ T5930] usb 4-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 524.003243][ T5819] hid-generic 0003:04F3:0754.0005: hidraw0: USB HID v1.01 Device [HID 04f3:0754] on usb-dummy_hcd.1-1/input0 [ 524.015644][ T5930] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 524.026221][ T5930] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 524.037231][ T5930] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 524.047062][ T5930] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 524.057012][ T5930] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 524.069195][ T5930] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 524.105210][ T5819] usb 2-1: USB disconnect, device number 21 [ 524.120390][ T5930] usb 4-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 524.208668][ T5930] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 524.679749][ T5930] usb 4-1: config 0 descriptor?? [ 525.030157][ T30] audit: type=1400 audit(1751600555.064:905): avc: denied { bind } for pid=10072 comm="syz.0.1035" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 525.057265][T10075] random: crng reseeded on system resumption [ 525.591395][ T30] audit: type=1400 audit(1751600555.094:906): avc: denied { write } for pid=10072 comm="syz.0.1035" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 525.610865][ T30] audit: type=1400 audit(1751600555.094:907): avc: denied { append } for pid=10072 comm="syz.0.1035" name="snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 525.637440][ T30] audit: type=1400 audit(1751600555.094:908): avc: denied { open } for pid=10072 comm="syz.0.1035" path="/dev/snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 525.791963][ T5930] usblp 4-1:0.0: usblp0: USB Bidirectional printer dev 22 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 525.838421][T10083] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1038'. [ 526.849137][ T24] usb 4-1: USB disconnect, device number 22 [ 526.907566][ T24] usblp0: removed [ 526.949999][T10071] fido_id[10071]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 527.621049][T10097] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1041'. [ 528.608905][T10106] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1043'. [ 528.618147][T10106] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1043'. [ 532.075176][T10138] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1052'. [ 532.084467][T10138] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1052'. [ 532.234779][T10141] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1055'. [ 533.002161][T10141] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1055'. [ 533.096725][T10143] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1054'. [ 533.404240][ T9] usb 5-1: new high-speed USB device number 25 using dummy_hcd [ 533.587014][ T9] usb 5-1: Using ep0 maxpacket: 32 [ 533.626083][ T9] usb 5-1: config index 0 descriptor too short (expected 29220, got 36) [ 533.635552][ T9] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 534.421297][ T9] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 534.512383][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 534.512588][ T30] audit: type=1326 audit(1751600564.544:909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10147 comm="syz.2.1044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb57798e929 code=0x7fc00000 [ 534.759129][ T30] audit: type=1400 audit(1751600564.674:910): avc: denied { write } for pid=10157 comm="syz.0.1061" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 534.843688][ T9] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 534.969884][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 535.126623][ T9] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 535.153335][ T9] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 535.245391][ T9] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 535.254970][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 535.265734][ T9] usb 5-1: config 0 descriptor?? [ 535.293919][ T30] audit: type=1326 audit(1751600565.324:911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10159 comm="syz.3.1060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f566218e929 code=0x7fc00000 [ 535.680376][ T9] usblp 5-1:0.0: usblp0: USB Bidirectional printer dev 25 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 535.789627][ T30] audit: type=1400 audit(1751600565.824:912): avc: denied { create } for pid=10169 comm="syz.0.1064" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 535.978522][ T30] audit: type=1326 audit(1751600565.824:913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10169 comm="syz.0.1064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3f8d8e929 code=0x7ffc0000 [ 536.002519][ T30] audit: type=1326 audit(1751600565.854:914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10169 comm="syz.0.1064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb3f8d8e929 code=0x7ffc0000 [ 536.021151][ T24] usb 5-1: USB disconnect, device number 25 [ 536.560659][ T30] audit: type=1326 audit(1751600565.854:915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10169 comm="syz.0.1064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3f8d8e929 code=0x7ffc0000 [ 536.596177][ T24] usblp0: removed [ 536.625039][ T30] audit: type=1326 audit(1751600565.854:916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10169 comm="syz.0.1064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3f8d8e929 code=0x7ffc0000 [ 536.673546][ T30] audit: type=1326 audit(1751600565.854:917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10169 comm="syz.0.1064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb3f8d8e929 code=0x7ffc0000 [ 536.731869][ T30] audit: type=1326 audit(1751600565.854:918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10169 comm="syz.0.1064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3f8d8e929 code=0x7ffc0000 [ 538.287817][T10194] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1068'. [ 538.354551][T10194] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1068'. [ 539.224837][T10197] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1069'. [ 540.838581][T10211] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1073'. [ 543.341939][T10237] random: crng reseeded on system resumption [ 545.176101][ T30] kauditd_printk_skb: 33 callbacks suppressed [ 545.176116][ T30] audit: type=1326 audit(1751600575.064:952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10256 comm="syz.1.1085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2d3d8e929 code=0x7ffc0000 [ 545.366486][ T30] audit: type=1326 audit(1751600575.064:953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10256 comm="syz.1.1085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2d3d8e929 code=0x7ffc0000 [ 545.426750][ T30] audit: type=1326 audit(1751600575.064:954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10256 comm="syz.1.1085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb2d3d8e929 code=0x7ffc0000 [ 546.473713][ T30] audit: type=1326 audit(1751600575.064:955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10256 comm="syz.1.1085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2d3d8e929 code=0x7ffc0000 [ 546.883795][ T30] audit: type=1326 audit(1751600575.064:956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10256 comm="syz.1.1085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb2d3d8e929 code=0x7ffc0000 [ 546.978342][ T30] audit: type=1326 audit(1751600575.064:957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10256 comm="syz.1.1085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2d3d8e929 code=0x7ffc0000 [ 547.166408][ T30] audit: type=1326 audit(1751600575.064:958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10256 comm="syz.1.1085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb2d3d8e929 code=0x7ffc0000 [ 547.697536][ T30] audit: type=1326 audit(1751600575.064:959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10256 comm="syz.1.1085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2d3d8e929 code=0x7ffc0000 [ 547.721672][ T30] audit: type=1326 audit(1751600575.074:960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10256 comm="syz.1.1085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fb2d3d8e929 code=0x7ffc0000 [ 548.573573][ T30] audit: type=1326 audit(1751600575.074:961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10256 comm="syz.1.1085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2d3d8e929 code=0x7ffc0000 [ 550.512014][T10320] overlayfs: overlapping lowerdir path [ 550.550006][T10320] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 551.363377][T10332] random: crng reseeded on system resumption [ 554.232586][T10352] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1110'. [ 554.255286][T10352] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1110'. [ 556.613012][T10383] bridge0: port 2(bridge_slave_1) entered disabled state [ 556.620670][T10383] bridge0: port 1(bridge_slave_0) entered disabled state [ 556.953543][T10383] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 556.967369][T10383] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 557.094031][ T30] kauditd_printk_skb: 62 callbacks suppressed [ 557.094053][ T30] audit: type=1400 audit(1751600587.094:1024): avc: denied { bind } for pid=10389 comm="syz.3.1120" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 558.101630][T10383] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 558.110903][T10383] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 558.119839][T10383] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 558.128826][T10383] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 558.296898][ T30] audit: type=1400 audit(1751600588.324:1025): avc: denied { bind } for pid=10394 comm="syz.4.1122" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 558.384788][T10385] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1118'. [ 558.500248][T10397] overlayfs: overlapping lowerdir path [ 558.505949][T10385] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1118'. [ 558.527434][T10397] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 558.660899][T10402] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1123'. [ 558.814732][T10402] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1123'. [ 559.950198][T10416] bridge0: port 2(bridge_slave_1) entered disabled state [ 559.990027][T10416] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 559.993904][T10416] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 560.029519][T10416] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 560.029552][T10416] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 560.029569][T10416] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 560.029584][T10416] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 560.284191][ T5870] usb 4-1: new high-speed USB device number 23 using dummy_hcd [ 560.435425][ T5870] usb 4-1: Using ep0 maxpacket: 16 [ 560.439213][ T5870] usb 4-1: config 0 has an invalid interface number: 68 but max is 0 [ 560.439236][ T5870] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 560.439253][ T5870] usb 4-1: config 0 has no interface number 0 [ 560.439281][ T5870] usb 4-1: config 0 interface 68 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 560.445205][ T5870] usb 4-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=dc.c4 [ 560.445223][ T5870] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 560.445235][ T5870] usb 4-1: Product: syz [ 560.445246][ T5870] usb 4-1: Manufacturer: syz [ 560.445254][ T5870] usb 4-1: SerialNumber: syz [ 560.446480][ T5870] usb 4-1: config 0 descriptor?? [ 560.490861][ T5870] usb 4-1: Warning: ath10k USB support is incomplete, don't expect anything to work! [ 560.755990][ T9499] usb 4-1: USB disconnect, device number 23 [ 560.759875][ T2132] usb 4-1: Failed to submit usb control message: -71 [ 560.759951][ T2132] usb 4-1: unable to send the bmi data to the device: -71 [ 560.759966][ T2132] usb 4-1: unable to get target info from device [ 560.759980][ T2132] usb 4-1: could not get target info (-71) [ 560.759994][ T2132] usb 4-1: could not probe fw (-71) [ 562.389844][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 562.402928][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 563.400741][ T30] audit: type=1326 audit(1751600593.414:1026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10449 comm="syz.4.1135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223c58e929 code=0x7ffc0000 [ 563.565147][ T30] audit: type=1326 audit(1751600593.414:1027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10449 comm="syz.4.1135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f223c58e929 code=0x7ffc0000 [ 563.589382][ T30] audit: type=1326 audit(1751600593.414:1028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10449 comm="syz.4.1135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223c58e929 code=0x7ffc0000 [ 563.612860][ C0] vkms_vblank_simulate: vblank timer overrun [ 563.708187][ T30] audit: type=1326 audit(1751600593.414:1029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10449 comm="syz.4.1135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f223c58e929 code=0x7ffc0000 [ 563.886235][ T30] audit: type=1326 audit(1751600593.414:1030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10449 comm="syz.4.1135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223c58e929 code=0x7ffc0000 [ 563.921194][T10456] overlayfs: overlapping lowerdir path [ 563.947261][ T30] audit: type=1326 audit(1751600593.414:1031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10449 comm="syz.4.1135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f223c58e929 code=0x7ffc0000 [ 563.980808][T10458] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 564.063656][ T30] audit: type=1326 audit(1751600593.424:1032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10449 comm="syz.4.1135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223c58e929 code=0x7ffc0000 [ 564.563243][ T30] audit: type=1326 audit(1751600593.424:1033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10449 comm="syz.4.1135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f223c58e929 code=0x7ffc0000 [ 564.611431][ T2132] af_packet: tpacket_rcv: packet too big, clamped from 24 to 4294967272. macoff=96 [ 564.672897][T10464] random: crng reseeded on system resumption [ 565.553563][ T30] audit: type=1326 audit(1751600593.424:1034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10449 comm="syz.4.1135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223c58e929 code=0x7ffc0000 [ 565.577123][ T30] audit: type=1326 audit(1751600593.424:1035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10449 comm="syz.4.1135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=129 compat=0 ip=0x7f223c58e929 code=0x7ffc0000 [ 565.778574][T10471] bridge0: port 3(syz_tun) entered blocking state [ 565.779031][T10471] bridge0: port 3(syz_tun) entered disabled state [ 565.779230][T10471] syz_tun: entered allmulticast mode [ 565.784382][T10471] syz_tun: entered promiscuous mode [ 568.338520][T10495] syz.3.1148 (10495): drop_caches: 2 [ 568.339703][T10495] syz.3.1148 (10495): drop_caches: 2 [ 569.657675][T10507] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1152'. [ 569.667730][T10507] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1152'. [ 570.003582][ T9] usb 2-1: new high-speed USB device number 22 using dummy_hcd [ 570.156484][ T30] kauditd_printk_skb: 39 callbacks suppressed [ 570.156499][ T30] audit: type=1400 audit(1751600600.194:1075): avc: denied { listen } for pid=10508 comm="syz.0.1153" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 570.183722][ T9] usb 2-1: Using ep0 maxpacket: 32 [ 570.193165][ T9] usb 2-1: config index 0 descriptor too short (expected 29220, got 36) [ 570.201808][ T9] usb 2-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 570.240191][ T9] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 570.250239][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 570.268911][ T9] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 570.280518][ T9] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 570.298996][ T9] usb 2-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 570.310481][ T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 570.329598][ T9] usb 2-1: config 0 descriptor?? [ 570.607812][ T9] usblp 2-1:0.0: usblp0: USB Bidirectional printer dev 22 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 571.857487][ T9] usb 2-1: USB disconnect, device number 22 [ 571.866621][ T9] usblp0: removed [ 576.449116][ T30] audit: type=1326 audit(1751600606.014:1076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10551 comm="syz.0.1166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3f8d8e929 code=0x7fc00000 [ 576.753836][T10577] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 576.833881][ T9499] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 577.385934][ T9499] usb 3-1: Using ep0 maxpacket: 32 [ 578.397079][ T9499] usb 3-1: config index 0 descriptor too short (expected 29220, got 36) [ 578.413516][ T9499] usb 3-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 578.422146][ T9499] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 578.431184][ T9499] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 578.444830][ T9499] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 578.455134][ T9499] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 578.472146][ T9499] usb 3-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 578.482183][ T9499] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 578.496098][ T9499] usb 3-1: config 0 descriptor?? [ 578.879604][ T9499] usblp 3-1:0.0: usblp0: USB Bidirectional printer dev 12 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 578.939479][ T9499] usb 3-1: USB disconnect, device number 12 [ 578.985331][ T9499] usblp0: removed [ 579.524672][ T30] audit: type=1400 audit(1751600609.554:1077): avc: denied { read } for pid=10596 comm="syz.0.1179" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 579.599386][ T30] audit: type=1400 audit(1751600609.634:1078): avc: denied { write } for pid=10596 comm="syz.0.1179" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 581.775071][T10625] overlayfs: overlapping lowerdir path [ 581.879569][T10627] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 582.308418][ T30] audit: type=1400 audit(1751600612.334:1079): avc: denied { ioctl } for pid=10630 comm="syz.2.1186" path="socket:[27038]" dev="sockfs" ino=27038 ioctlcmd=0x890b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 583.829549][T10645] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1192'. [ 584.103562][ T5870] usb 1-1: new low-speed USB device number 24 using dummy_hcd [ 584.162856][T10650] fuse: Bad value for 'fd' [ 584.725249][ T5870] usb 1-1: config 0 has an invalid interface number: 1 but max is 0 [ 584.744284][ T5870] usb 1-1: config 0 has no interface number 0 [ 585.288249][ T5870] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 585.303655][ T5870] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 585.313641][ T5870] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 585.323123][ T5870] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 585.339285][ T5870] usb 1-1: config 0 descriptor?? [ 585.525178][ T5870] iowarrior 1-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 587.031389][ T5870] usb 1-1: USB disconnect, device number 24 [ 593.883563][T10715] syz.1.1210 (10715): drop_caches: 2 [ 593.908614][T10715] syz.1.1210 (10715): drop_caches: 2 [ 596.848352][T10762] bridge0: port 3(syz_tun) entered blocking state [ 596.855161][T10762] bridge0: port 3(syz_tun) entered disabled state [ 596.862469][T10762] syz_tun: entered allmulticast mode [ 596.870389][T10762] syz_tun: entered promiscuous mode [ 597.064609][ T30] audit: type=1400 audit(1751600627.104:1080): avc: denied { create } for pid=10765 comm="syz.4.1227" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 597.343540][ T5870] usb 3-1: new low-speed USB device number 13 using dummy_hcd [ 597.969759][ T5870] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 598.640589][ T5870] usb 3-1: config 0 has no interface number 0 [ 598.640632][ T5870] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 598.640655][ T5870] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 598.640688][ T5870] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 598.640707][ T5870] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 598.686171][ T5870] usb 3-1: config 0 descriptor?? [ 598.728325][ T5870] iowarrior 3-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 600.238453][T10768] iowarrior 3-1:0.1: Error -90 while submitting URB [ 600.988787][T10803] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1237'. [ 601.622063][ T5819] usb 3-1: USB disconnect, device number 13 [ 602.048094][T10815] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1240'. [ 602.057721][T10815] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1240'. [ 602.980259][T10824] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1243'. [ 602.989451][T10824] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1243'. [ 606.788130][T10858] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1253'. [ 606.797230][T10858] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1253'. [ 608.935895][T10884] fuse: Bad value for 'fd' [ 609.311289][T10882] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1260'. [ 609.320399][T10882] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1260'. [ 609.769781][T10893] bridge0: port 1(syz_tun) entered blocking state [ 609.924555][T10893] bridge0: port 1(syz_tun) entered disabled state [ 609.932637][T10893] syz_tun: entered allmulticast mode [ 610.443866][T10899] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1263'. [ 610.759693][T10893] syz_tun: entered promiscuous mode [ 610.770577][T10893] bridge0: port 1(syz_tun) entered blocking state [ 610.777268][T10893] bridge0: port 1(syz_tun) entered forwarding state [ 610.877220][ T30] audit: type=1400 audit(1751600640.904:1081): avc: denied { sys_module } for pid=10889 comm="syz.1.1264" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 610.898319][ C0] vkms_vblank_simulate: vblank timer overrun [ 612.081571][ T30] audit: type=1326 audit(1751600642.114:1082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10912 comm="syz.3.1269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f566218e929 code=0x7ffc0000 [ 612.126347][ T30] audit: type=1326 audit(1751600642.114:1083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10912 comm="syz.3.1269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f566218e929 code=0x7ffc0000 [ 612.149815][ C0] vkms_vblank_simulate: vblank timer overrun [ 612.504113][ T30] audit: type=1326 audit(1751600642.124:1084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10912 comm="syz.3.1269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f566218e929 code=0x7ffc0000 [ 612.527577][ C0] vkms_vblank_simulate: vblank timer overrun [ 612.535279][ T30] audit: type=1326 audit(1751600642.124:1085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10912 comm="syz.3.1269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f566218e929 code=0x7ffc0000 [ 612.566279][ T30] audit: type=1326 audit(1751600642.124:1086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10912 comm="syz.3.1269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f566218e929 code=0x7ffc0000 [ 612.605803][ T30] audit: type=1326 audit(1751600642.124:1087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10912 comm="syz.3.1269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f566218e929 code=0x7ffc0000 [ 612.629266][ C0] vkms_vblank_simulate: vblank timer overrun [ 612.637152][ T30] audit: type=1326 audit(1751600642.124:1088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10912 comm="syz.3.1269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f566218e929 code=0x7ffc0000 [ 612.688076][ T30] audit: type=1326 audit(1751600642.124:1089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10912 comm="syz.3.1269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f566218e929 code=0x7ffc0000 [ 612.711571][ C0] vkms_vblank_simulate: vblank timer overrun [ 612.824475][ T30] audit: type=1326 audit(1751600642.124:1090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10912 comm="syz.3.1269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f566218e929 code=0x7ffc0000 [ 612.847964][ C0] vkms_vblank_simulate: vblank timer overrun [ 613.570455][T10930] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1273'. [ 614.601436][T10942] fuse: Invalid rootmode [ 615.380141][T10952] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1277'. [ 615.389326][T10952] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1277'. [ 616.294077][T10961] overlayfs: failed to resolve './file1': -2 [ 616.809003][T10966] fuse: Bad value for 'group_id' [ 616.814075][T10966] fuse: Bad value for 'group_id' [ 618.425774][ T30] kauditd_printk_skb: 29 callbacks suppressed [ 618.425789][ T30] audit: type=1326 audit(1751600648.464:1120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10970 comm="syz.1.1283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2d3d8e929 code=0x7ffc0000 [ 618.470580][ T30] audit: type=1326 audit(1751600648.464:1121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10970 comm="syz.1.1283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb2d3d8e929 code=0x7ffc0000 [ 618.494254][ T30] audit: type=1326 audit(1751600648.464:1122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10970 comm="syz.1.1283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2d3d8e929 code=0x7ffc0000 [ 618.517693][ C0] vkms_vblank_simulate: vblank timer overrun [ 618.525106][ T30] audit: type=1326 audit(1751600648.464:1123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10970 comm="syz.1.1283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb2d3d8e929 code=0x7ffc0000 [ 618.548551][ C0] vkms_vblank_simulate: vblank timer overrun [ 618.554805][ T30] audit: type=1326 audit(1751600648.464:1124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10970 comm="syz.1.1283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2d3d8e929 code=0x7ffc0000 [ 618.588641][ T30] audit: type=1326 audit(1751600648.464:1125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10970 comm="syz.1.1283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb2d3d8e929 code=0x7ffc0000 [ 618.708933][ T30] audit: type=1326 audit(1751600648.464:1126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10970 comm="syz.1.1283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2d3d8e929 code=0x7ffc0000 [ 618.732841][ T30] audit: type=1326 audit(1751600648.474:1127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10970 comm="syz.1.1283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fb2d3d8e929 code=0x7ffc0000 [ 618.768696][ T30] audit: type=1326 audit(1751600648.474:1128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10970 comm="syz.1.1283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2d3d8e929 code=0x7ffc0000 [ 618.862321][T10980] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1284'. [ 619.485298][ T30] audit: type=1326 audit(1751600648.474:1129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10970 comm="syz.1.1283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=129 compat=0 ip=0x7fb2d3d8e929 code=0x7ffc0000 [ 620.843615][ T5820] usb 1-1: new high-speed USB device number 25 using dummy_hcd [ 621.003662][ T5820] usb 1-1: Using ep0 maxpacket: 16 [ 621.011414][ T5820] usb 1-1: config 0 has an invalid interface number: 68 but max is 0 [ 621.024813][ T5820] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 621.137487][ T5820] usb 1-1: config 0 has no interface number 0 [ 621.318000][ T5820] usb 1-1: config 0 interface 68 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 621.459407][ T5820] usb 1-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=dc.c4 [ 622.423664][ T5820] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 622.514598][ T5820] usb 1-1: Product: syz [ 622.620362][ T5820] usb 1-1: Manufacturer: syz [ 622.965258][T11012] overlayfs: overlapping lowerdir path [ 623.019035][T11013] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 623.343598][ T5820] usb 1-1: SerialNumber: syz [ 623.424767][ T5820] usb 1-1: config 0 descriptor?? [ 623.854516][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 623.871762][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 624.027777][ T5820] usb 1-1: can't set config #0, error -71 [ 624.033611][ T5820] usb 1-1: USB disconnect, device number 25 [ 627.342410][ T30] kauditd_printk_skb: 29 callbacks suppressed [ 627.342423][ T30] audit: type=1400 audit(1751600657.374:1159): avc: denied { block_suspend } for pid=11039 comm="syz.4.1300" capability=36 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 627.640580][T11049] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1302'. [ 627.649822][T11049] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1302'. [ 628.093599][ T5930] usb 4-1: new high-speed USB device number 24 using dummy_hcd [ 628.865237][ T5930] usb 4-1: Using ep0 maxpacket: 16 [ 628.883965][ T5930] usb 4-1: config 0 has an invalid interface number: 68 but max is 0 [ 628.902367][ T5930] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 628.914512][ T5930] usb 4-1: config 0 has no interface number 0 [ 628.923999][ T5930] usb 4-1: config 0 interface 68 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 629.093910][ T5930] usb 4-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=dc.c4 [ 629.103118][ T5930] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 629.111547][ T5930] usb 4-1: Product: syz [ 629.115970][ T5930] usb 4-1: Manufacturer: syz [ 629.120687][ T5930] usb 4-1: SerialNumber: syz [ 629.233515][ T5930] usb 4-1: config 0 descriptor?? [ 629.370111][ T5930] usb 4-1: Warning: ath10k USB support is incomplete, don't expect anything to work! [ 629.397012][T11060] netdevsim netdevsim1 netdevsim0: entered promiscuous mode [ 629.848439][T11060] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 629.974629][ T49] usb 4-1: Failed to submit usb control message: -71 [ 629.974827][ T5930] usb 4-1: USB disconnect, device number 24 [ 630.017764][ T49] usb 4-1: unable to send the bmi data to the device: -71 [ 630.047925][ T49] usb 4-1: unable to get target info from device [ 630.081956][ T49] usb 4-1: could not get target info (-71) [ 630.486509][ T49] usb 4-1: could not probe fw (-71) [ 632.149179][T11085] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 632.969222][T11096] binder: 11092:11096 ioctl c0306201 200000000540 returned -14 [ 633.500372][T11100] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1315'. [ 635.472973][T11125] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1323'. [ 635.731185][T11129] syz.4.1325 (11129): drop_caches: 2 [ 635.736780][T11129] syz.4.1325 (11129): drop_caches: 2 [ 635.887999][T11135] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1326'. [ 638.189930][T11167] syz.4.1337 (11167): drop_caches: 2 [ 638.196869][T11167] syz.4.1337 (11167): drop_caches: 2 [ 639.323686][T11179] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1341'. [ 639.332902][T11179] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1341'. [ 640.648414][T11192] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1344'. [ 644.077827][ T30] audit: type=1326 audit(1751600674.114:1160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11222 comm="syz.3.1355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f566218e929 code=0x7ffc0000 [ 644.132104][ T30] audit: type=1326 audit(1751600674.114:1161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11222 comm="syz.3.1355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f566218e929 code=0x7ffc0000 [ 644.187454][ T30] audit: type=1326 audit(1751600674.114:1162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11222 comm="syz.3.1355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f566218e929 code=0x7ffc0000 [ 644.285328][ T30] audit: type=1326 audit(1751600674.114:1163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11222 comm="syz.3.1355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f566218e929 code=0x7ffc0000 [ 644.326925][T11228] netdevsim netdevsim2 netdevsim0: entered promiscuous mode [ 644.344219][T11228] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 644.430363][ T30] audit: type=1326 audit(1751600674.114:1164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11222 comm="syz.3.1355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f566218e929 code=0x7ffc0000 [ 644.975399][ T30] audit: type=1326 audit(1751600674.114:1165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11222 comm="syz.3.1355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f566218e929 code=0x7ffc0000 [ 645.011456][ T30] audit: type=1326 audit(1751600674.114:1166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11222 comm="syz.3.1355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f566218e929 code=0x7ffc0000 [ 645.176431][ T30] audit: type=1326 audit(1751600674.114:1167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11222 comm="syz.3.1355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f566218e929 code=0x7ffc0000 [ 645.247250][ T30] audit: type=1326 audit(1751600674.114:1168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11222 comm="syz.3.1355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f566218e929 code=0x7ffc0000 [ 645.489521][ T30] audit: type=1326 audit(1751600674.114:1169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11222 comm="syz.3.1355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=129 compat=0 ip=0x7f566218e929 code=0x7ffc0000 [ 646.038539][ T5877] usb 4-1: new high-speed USB device number 25 using dummy_hcd [ 646.749986][ T5877] usb 4-1: Using ep0 maxpacket: 16 [ 647.142293][ T5877] usb 4-1: config 0 has an invalid interface number: 68 but max is 0 [ 647.150873][ T5877] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 647.161272][ T5877] usb 4-1: config 0 has no interface number 0 [ 647.173645][ T5877] usb 4-1: config 0 interface 68 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 647.207663][ T5877] usb 4-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=dc.c4 [ 647.222121][ T5877] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 647.497823][ T5877] usb 4-1: Product: syz [ 647.502013][ T5877] usb 4-1: Manufacturer: syz [ 647.592455][ T5877] usb 4-1: SerialNumber: syz [ 647.630006][ T5877] usb 4-1: config 0 descriptor?? [ 648.000070][ T5877] usb 4-1: Warning: ath10k USB support is incomplete, don't expect anything to work! [ 648.224476][ T2970] usb 4-1: Failed to submit usb control message: -71 [ 648.224529][ T2970] usb 4-1: unable to send the bmi data to the device: -71 [ 648.224544][ T2970] usb 4-1: unable to get target info from device [ 648.224558][ T2970] usb 4-1: could not get target info (-71) [ 648.224573][ T2970] usb 4-1: could not probe fw (-71) [ 648.689382][ T5930] usb 1-1: new high-speed USB device number 26 using dummy_hcd [ 648.749226][ T5877] usb 4-1: USB disconnect, device number 25 [ 648.843849][ T5930] usb 1-1: Using ep0 maxpacket: 32 [ 648.855376][ T5930] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 648.880314][ T5930] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 648.907678][ T5930] usb 1-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92 [ 648.919447][ T5930] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 648.930279][ T5930] usb 1-1: config 0 descriptor?? [ 651.104036][ T5877] usb 1-1: USB disconnect, device number 26 [ 651.775752][T11315] syz.0.1378 (11315): drop_caches: 2 [ 651.783408][T11315] syz.0.1378 (11315): drop_caches: 2 [ 653.508176][ T30] kauditd_printk_skb: 64 callbacks suppressed [ 653.508191][ T30] audit: type=1400 audit(1751600683.544:1234): avc: denied { ioctl } for pid=11334 comm="syz.0.1385" path="/dev/uinput" dev="devtmpfs" ino=920 ioctlcmd=0x5564 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 653.539461][ C1] vkms_vblank_simulate: vblank timer overrun [ 655.524553][T11349] syz.0.1391 (11349): drop_caches: 2 [ 655.531695][T11349] syz.0.1391 (11349): drop_caches: 2 [ 659.971916][T11416] random: crng reseeded on system resumption [ 661.427211][T11434] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1410'. [ 661.468561][T11434] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1410'. [ 664.334521][T11450] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1417'. [ 664.343819][T11450] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1417'. [ 666.949271][ T5877] usb 2-1: new high-speed USB device number 23 using dummy_hcd [ 667.523585][ T5877] usb 2-1: Using ep0 maxpacket: 16 [ 667.662310][ T5877] usb 2-1: config 0 has an invalid interface number: 68 but max is 0 [ 667.679662][ T5877] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 667.845599][ T5877] usb 2-1: config 0 has no interface number 0 [ 667.851742][ T5877] usb 2-1: config 0 interface 68 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 668.340018][ T5877] usb 2-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=dc.c4 [ 668.353388][ T5877] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 668.362528][ T5877] usb 2-1: Product: syz [ 668.373592][ T5877] usb 2-1: Manufacturer: syz [ 668.378492][ T5877] usb 2-1: SerialNumber: syz [ 668.439231][ T5877] usb 2-1: config 0 descriptor?? [ 668.526025][T11501] binder: 11493:11501 ioctl c0306201 200000000540 returned -14 [ 668.574318][ T5877] usb 2-1: Warning: ath10k USB support is incomplete, don't expect anything to work! [ 668.915810][ T5819] usb 2-1: USB disconnect, device number 23 [ 668.920251][ T12] usb 2-1: Failed to submit usb control message: -71 [ 668.953584][ T12] usb 2-1: unable to send the bmi data to the device: -71 [ 668.969202][ T30] audit: type=1326 audit(1751600698.974:1235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11504 comm="syz.4.1430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223c58e929 code=0x7ffc0000 [ 668.992743][ C0] vkms_vblank_simulate: vblank timer overrun [ 669.069344][ T12] usb 2-1: unable to get target info from device [ 669.101101][ T30] audit: type=1326 audit(1751600698.984:1236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11504 comm="syz.4.1430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f223c58e929 code=0x7ffc0000 [ 669.107494][ T12] usb 2-1: could not get target info (-71) [ 669.124559][ C0] vkms_vblank_simulate: vblank timer overrun [ 669.125029][ T30] audit: type=1326 audit(1751600698.984:1237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11504 comm="syz.4.1430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223c58e929 code=0x7ffc0000 [ 669.240900][ T30] audit: type=1326 audit(1751600698.984:1238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11504 comm="syz.4.1430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f223c58e929 code=0x7ffc0000 [ 669.323537][ T12] usb 2-1: could not probe fw (-71) [ 669.330592][ T30] audit: type=1326 audit(1751600698.984:1239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11504 comm="syz.4.1430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223c58e929 code=0x7ffc0000 [ 669.852217][ T30] audit: type=1326 audit(1751600698.984:1240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11504 comm="syz.4.1430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f223c58e929 code=0x7ffc0000 [ 669.911120][ T30] audit: type=1326 audit(1751600698.984:1241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11504 comm="syz.4.1430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223c58e929 code=0x7ffc0000 [ 669.936077][ T30] audit: type=1326 audit(1751600698.984:1242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11504 comm="syz.4.1430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f223c58e929 code=0x7ffc0000 [ 669.959802][ T30] audit: type=1326 audit(1751600698.984:1243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11504 comm="syz.4.1430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223c58e929 code=0x7ffc0000 [ 670.022494][ T30] audit: type=1326 audit(1751600698.984:1244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11504 comm="syz.4.1430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=129 compat=0 ip=0x7f223c58e929 code=0x7ffc0000 [ 671.472482][T11535] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1438'. [ 671.481889][T11535] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1438'. [ 671.923512][T11542] fuse: Unknown parameter 'user_i00000000000000000000' [ 674.010351][ T30] kauditd_printk_skb: 77 callbacks suppressed [ 674.010365][ T30] audit: type=1326 audit(1751600704.044:1322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11554 comm="syz.2.1445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb57798e929 code=0x7ffc0000 [ 674.224808][T11574] random: crng reseeded on system resumption [ 674.992420][ T30] audit: type=1326 audit(1751600704.044:1323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11554 comm="syz.2.1445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb57798e929 code=0x7ffc0000 [ 675.020831][ T30] audit: type=1400 audit(1751600705.064:1324): avc: denied { getopt } for pid=11571 comm="syz.2.1451" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 676.118972][ T30] audit: type=1400 audit(1751600705.994:1325): avc: denied { create } for pid=11580 comm="syz.4.1453" name="#59" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 676.385900][ T30] audit: type=1400 audit(1751600705.994:1326): avc: denied { link } for pid=11580 comm="syz.4.1453" name="#59" dev="tmpfs" ino=1589 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 676.408160][ C0] vkms_vblank_simulate: vblank timer overrun [ 676.414691][ T30] audit: type=1400 audit(1751600705.994:1327): avc: denied { rename } for pid=11580 comm="syz.4.1453" name="#5a" dev="tmpfs" ino=1589 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 676.601294][ T30] audit: type=1400 audit(1751600706.624:1328): avc: denied { unmount } for pid=5809 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 676.881375][T11590] random: crng reseeded on system resumption [ 677.485379][T11595] fuse: Unknown parameter 'grou00000000000000000000' [ 678.490240][ T30] audit: type=1326 audit(1751600708.524:1329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11613 comm="syz.0.1462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3f8d8e929 code=0x7ffc0000 [ 678.681493][T11617] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 679.213606][ T30] audit: type=1326 audit(1751600708.524:1330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11613 comm="syz.0.1462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3f8d8e929 code=0x7ffc0000 [ 679.343773][ T30] audit: type=1326 audit(1751600708.554:1331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11613 comm="syz.0.1462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb3f8d8e929 code=0x7ffc0000 [ 679.393540][ T30] audit: type=1326 audit(1751600708.554:1332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11613 comm="syz.0.1462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3f8d8e929 code=0x7ffc0000 [ 679.504917][ T30] audit: type=1326 audit(1751600708.554:1333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11613 comm="syz.0.1462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb3f8d8e929 code=0x7ffc0000 [ 679.542125][ T30] audit: type=1326 audit(1751600708.554:1334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11613 comm="syz.0.1462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3f8d8e929 code=0x7ffc0000 [ 679.581233][ T30] audit: type=1326 audit(1751600708.554:1335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11613 comm="syz.0.1462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3f8d8e929 code=0x7ffc0000 [ 679.794648][ T30] audit: type=1326 audit(1751600708.554:1336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11613 comm="syz.0.1462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb3f8d8e929 code=0x7ffc0000 [ 679.881692][ T30] audit: type=1326 audit(1751600708.554:1337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11613 comm="syz.0.1462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3f8d8e929 code=0x7ffc0000 [ 679.881904][ T30] audit: type=1326 audit(1751600708.554:1338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11613 comm="syz.0.1462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3f8d8e929 code=0x7ffc0000 [ 679.882079][ T30] audit: type=1326 audit(1751600708.554:1339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11613 comm="syz.0.1462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fb3f8d8e929 code=0x7ffc0000 [ 681.492265][ C1] vkms_vblank_simulate: vblank timer overrun [ 681.722335][T11653] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1471'. [ 681.731433][T11653] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1471'. [ 682.739605][T11660] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 683.262924][T11672] syz.3.1477 (11672): drop_caches: 2 [ 683.269984][T11672] syz.3.1477 (11672): drop_caches: 2 [ 684.022138][T11680] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 685.053148][T11690] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1480'. [ 685.667758][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 685.717582][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 686.674473][T11703] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 688.589661][T11719] random: crng reseeded on system resumption [ 688.898594][T11714] bridge0: port 1(syz_tun) entered disabled state [ 688.924109][T11714] bridge0: port 2(bridge_slave_1) entered disabled state [ 689.356195][T11723] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 689.568615][T11714] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 689.601660][T11714] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 690.142059][T11727] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1490'. [ 690.166943][ T30] kauditd_printk_skb: 69 callbacks suppressed [ 690.166959][ T30] audit: type=1326 audit(1751600720.054:1409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11724 comm="syz.4.1491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223c58e929 code=0x7ffc0000 [ 690.197568][ T30] audit: type=1326 audit(1751600720.054:1410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11724 comm="syz.4.1491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f223c58e929 code=0x7ffc0000 [ 690.224860][T11714] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 690.230327][ T30] audit: type=1326 audit(1751600720.054:1411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11724 comm="syz.4.1491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223c58e929 code=0x7ffc0000 [ 690.233933][T11714] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 690.266269][T11714] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 690.275255][T11714] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 690.677061][ T30] audit: type=1326 audit(1751600720.054:1412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11724 comm="syz.4.1491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f223c58e929 code=0x7ffc0000 [ 690.706807][ T30] audit: type=1326 audit(1751600720.054:1413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11724 comm="syz.4.1491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223c58e929 code=0x7ffc0000 [ 690.725905][T11714] netdevsim netdevsim1 netdevsim0: left promiscuous mode [ 690.730324][ C0] vkms_vblank_simulate: vblank timer overrun [ 690.745222][ T30] audit: type=1326 audit(1751600720.054:1414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11724 comm="syz.4.1491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f223c58e929 code=0x7ffc0000 [ 690.769156][ T30] audit: type=1326 audit(1751600720.054:1415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11724 comm="syz.4.1491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223c58e929 code=0x7ffc0000 [ 690.793283][ T30] audit: type=1326 audit(1751600720.054:1416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11724 comm="syz.4.1491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f223c58e929 code=0x7ffc0000 [ 690.817696][ T30] audit: type=1326 audit(1751600720.054:1417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11724 comm="syz.4.1491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223c58e929 code=0x7ffc0000 [ 690.841626][ T30] audit: type=1326 audit(1751600720.054:1418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11724 comm="syz.4.1491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=129 compat=0 ip=0x7f223c58e929 code=0x7ffc0000 [ 690.865097][ C0] vkms_vblank_simulate: vblank timer overrun [ 691.949376][T11745] netdevsim netdevsim0 netdevsim0: entered promiscuous mode [ 691.959183][T11745] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 692.791267][T11753] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 696.733702][ T5819] usb 1-1: new high-speed USB device number 27 using dummy_hcd [ 697.025882][ T5819] usb 1-1: Using ep0 maxpacket: 16 [ 697.057900][ T5819] usb 1-1: config 0 has an invalid interface number: 68 but max is 0 [ 697.066179][ T5819] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 697.193695][ T5819] usb 1-1: config 0 has no interface number 0 [ 697.275791][T11797] fuse: Bad value for 'user_id' [ 697.280767][T11797] fuse: Bad value for 'user_id' [ 697.302706][ T5819] usb 1-1: config 0 interface 68 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 697.670694][ T5819] usb 1-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=dc.c4 [ 697.685126][ T5819] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 698.608028][ T5819] usb 1-1: Product: syz [ 698.612230][ T5819] usb 1-1: Manufacturer: syz [ 698.702827][ T5819] usb 1-1: SerialNumber: syz [ 698.865996][ T5819] usb 1-1: config 0 descriptor?? [ 698.882377][ T5819] usb 1-1: can't set config #0, error -71 [ 698.933768][ T5819] usb 1-1: USB disconnect, device number 27 [ 699.122152][T11812] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1515'. [ 699.863820][ T30] kauditd_printk_skb: 24 callbacks suppressed [ 699.863830][ T30] audit: type=1326 audit(1751600729.894:1443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11801 comm="syz.1.1512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2d3d8e929 code=0x7fc00000 [ 699.920464][T11814] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1514'. [ 699.929535][T11814] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1514'. [ 701.983784][ T5819] usb 2-1: new high-speed USB device number 24 using dummy_hcd [ 702.216109][ T5819] usb 2-1: Using ep0 maxpacket: 32 [ 702.724699][ T5819] usb 2-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92 [ 702.750787][ T5819] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 702.766250][ T5819] usb 2-1: config 0 descriptor?? [ 702.870509][ T5819] gspca_main: nw80x-2.14.0 probing 055f:d001 [ 703.213895][ T5819] gspca_nw80x: reg_r err -32 [ 703.218816][ T5819] nw80x 2-1:0.0: probe with driver nw80x failed with error -32 [ 703.288600][ T5819] usb 2-1: USB disconnect, device number 24 [ 704.141080][T11857] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1527'. [ 705.384951][ T30] audit: type=1326 audit(1751600735.424:1444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11858 comm="syz.3.1528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f566218e929 code=0x7fc00000 [ 706.766370][T11884] random: crng reseeded on system resumption [ 709.422765][T11893] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1539'. [ 710.590175][T11912] netdevsim netdevsim2 netdevsim0: left promiscuous mode [ 712.167342][ T30] audit: type=1326 audit(1751600742.204:1445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11918 comm="syz.3.1547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f566218e929 code=0x7ffc0000 [ 712.381851][ T30] audit: type=1326 audit(1751600742.234:1446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11918 comm="syz.3.1547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f566218e929 code=0x7ffc0000 [ 712.901239][ T30] audit: type=1326 audit(1751600742.234:1447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11918 comm="syz.3.1547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f566218e929 code=0x7ffc0000 [ 712.932966][T11925] netdevsim netdevsim1 netdevsim0: entered promiscuous mode [ 712.956294][ T30] audit: type=1326 audit(1751600742.234:1448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11918 comm="syz.3.1547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f566218e929 code=0x7ffc0000 [ 713.062045][ T30] audit: type=1326 audit(1751600742.234:1449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11918 comm="syz.3.1547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f566218e929 code=0x7ffc0000 [ 713.086159][ T30] audit: type=1326 audit(1751600742.244:1450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11918 comm="syz.3.1547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f566218e929 code=0x7ffc0000 [ 713.119629][ T30] audit: type=1326 audit(1751600742.244:1451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11918 comm="syz.3.1547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f566218e929 code=0x7ffc0000 [ 713.682200][ T30] audit: type=1326 audit(1751600742.244:1452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11918 comm="syz.3.1547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f566218e929 code=0x7ffc0000 [ 713.705683][ C1] vkms_vblank_simulate: vblank timer overrun [ 713.726349][ T30] audit: type=1326 audit(1751600742.244:1453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11918 comm="syz.3.1547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f566218e929 code=0x7ffc0000 [ 713.753542][ T30] audit: type=1326 audit(1751600742.264:1454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11918 comm="syz.3.1547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f566218e929 code=0x7ffc0000 [ 713.981978][T11940] fuse: Bad value for 'fd' [ 716.746056][T11950] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1552'. [ 717.016790][T11949] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1554'. [ 717.025887][T11949] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1554'. [ 718.374097][T11969] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1562'. [ 718.383141][T11969] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1562'. [ 720.862304][T12003] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 721.360185][T12000] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1569'. [ 721.360313][T12000] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1569'. [ 721.768975][ T30] kauditd_printk_skb: 83 callbacks suppressed [ 721.768990][ T30] audit: type=1326 audit(1751600751.804:1538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12009 comm="syz.1.1573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2d3d8e929 code=0x7ffc0000 [ 721.848515][ T30] audit: type=1326 audit(1751600751.804:1539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12009 comm="syz.1.1573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2d3d8e929 code=0x7ffc0000 [ 721.872009][ C1] vkms_vblank_simulate: vblank timer overrun [ 722.483873][ T30] audit: type=1326 audit(1751600751.834:1540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12009 comm="syz.1.1573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb2d3d8e929 code=0x7ffc0000 [ 722.507463][ T30] audit: type=1326 audit(1751600751.834:1541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12009 comm="syz.1.1573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2d3d8e929 code=0x7ffc0000 [ 722.531253][ T30] audit: type=1326 audit(1751600751.834:1542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12009 comm="syz.1.1573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2d3d8e929 code=0x7ffc0000 [ 722.570993][ T30] audit: type=1326 audit(1751600751.834:1543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12009 comm="syz.1.1573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb2d3d8e929 code=0x7ffc0000 [ 722.612170][ T30] audit: type=1326 audit(1751600751.854:1544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12009 comm="syz.1.1573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2d3d8e929 code=0x7ffc0000 [ 722.763709][ T30] audit: type=1326 audit(1751600751.884:1545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12009 comm="syz.1.1573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb2d3d8e929 code=0x7ffc0000 [ 722.802604][ T30] audit: type=1326 audit(1751600751.884:1546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12009 comm="syz.1.1573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2d3d8e929 code=0x7ffc0000 [ 723.733617][ T30] audit: type=1326 audit(1751600751.884:1547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12009 comm="syz.1.1573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2d3d8e929 code=0x7ffc0000 [ 728.116151][ T5870] usb 4-1: new high-speed USB device number 26 using dummy_hcd [ 728.389989][T12059] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1587'. [ 728.496226][T12059] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1587'. [ 728.712688][ T5870] usb 4-1: Using ep0 maxpacket: 16 [ 728.732501][T12069] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1590'. [ 728.763026][T12069] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1590'. [ 728.776966][ T5870] usb 4-1: config 0 has an invalid interface number: 105 but max is 0 [ 728.787144][ T5870] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 728.837981][ T5870] usb 4-1: config 0 has no interface number 0 [ 728.867108][ T5870] usb 4-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28 [ 728.896026][ T5870] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 728.926357][ T5870] usb 4-1: Product: syz [ 728.930556][ T5870] usb 4-1: Manufacturer: syz [ 728.980725][ T5870] usb 4-1: SerialNumber: syz [ 729.004315][ T5870] usb 4-1: config 0 descriptor?? [ 729.481604][ T5870] usb 4-1: Found UVC 0.00 device syz (046d:08f3) [ 729.508167][ T5870] usb 4-1: No valid video chain found. [ 729.627365][ T9499] usb 4-1: USB disconnect, device number 26 [ 729.862776][T12087] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1594'. [ 729.872022][T12087] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1594'. [ 730.253554][ T5870] usb 2-1: new high-speed USB device number 25 using dummy_hcd [ 730.459481][ T30] kauditd_printk_skb: 77 callbacks suppressed [ 730.459501][ T30] audit: type=1326 audit(1751600760.494:1625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12091 comm="syz.4.1596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223c58e929 code=0x7ffc0000 [ 730.503496][ T5870] usb 2-1: Using ep0 maxpacket: 16 [ 730.549617][ T5870] usb 2-1: config 0 has an invalid interface number: 68 but max is 0 [ 730.583139][ T30] audit: type=1326 audit(1751600760.544:1626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12091 comm="syz.4.1596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223c58e929 code=0x7ffc0000 [ 730.663517][ T5870] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 730.673752][ T5870] usb 2-1: config 0 has no interface number 0 [ 730.679849][ T5870] usb 2-1: config 0 interface 68 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 730.693113][ T30] audit: type=1326 audit(1751600760.554:1627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12091 comm="syz.4.1596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f223c58e929 code=0x7ffc0000 [ 730.719695][ T30] audit: type=1326 audit(1751600760.554:1628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12091 comm="syz.4.1596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223c58e929 code=0x7ffc0000 [ 730.748922][ T30] audit: type=1326 audit(1751600760.554:1629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12091 comm="syz.4.1596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223c58e929 code=0x7ffc0000 [ 730.772630][ T30] audit: type=1326 audit(1751600760.564:1630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12091 comm="syz.4.1596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f223c58e929 code=0x7ffc0000 [ 730.798026][ T30] audit: type=1326 audit(1751600760.564:1631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12091 comm="syz.4.1596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223c58e929 code=0x7ffc0000 [ 730.822968][ T30] audit: type=1326 audit(1751600760.574:1632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12091 comm="syz.4.1596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223c58e929 code=0x7ffc0000 [ 730.869057][ T30] audit: type=1326 audit(1751600760.604:1633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12091 comm="syz.4.1596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f223c58e929 code=0x7ffc0000 [ 731.289849][ T30] audit: type=1326 audit(1751600760.604:1634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12091 comm="syz.4.1596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223c58e929 code=0x7ffc0000 [ 731.318891][ T5870] usb 2-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=dc.c4 [ 731.352566][ T5870] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 731.371564][ T5870] usb 2-1: Product: syz [ 731.375771][ T5870] usb 2-1: Manufacturer: syz [ 731.380357][ T5870] usb 2-1: SerialNumber: syz [ 731.515920][ T5870] usb 2-1: config 0 descriptor?? [ 731.633789][T12102] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1598'. [ 731.643042][T12102] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1598'. [ 731.904004][ T5870] usb 2-1: Warning: ath10k USB support is incomplete, don't expect anything to work! [ 731.925450][ T12] usb 2-1: Failed to submit usb control message: -71 [ 731.958357][ T12] usb 2-1: unable to send the bmi data to the device: -71 [ 731.966884][ T12] usb 2-1: unable to get target info from device [ 731.973337][ T12] usb 2-1: could not get target info (-71) [ 731.979353][ T12] usb 2-1: could not probe fw (-71) [ 731.998237][ T5870] usb 2-1: USB disconnect, device number 25 [ 733.214582][ T5819] usb 4-1: new high-speed USB device number 27 using dummy_hcd [ 733.733533][ T5819] usb 4-1: Using ep0 maxpacket: 16 [ 733.795903][ T5819] usb 4-1: config 0 has an invalid interface number: 105 but max is 0 [ 734.382276][ T5819] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 734.382298][ T5819] usb 4-1: config 0 has no interface number 0 [ 734.384472][ T5819] usb 4-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28 [ 734.384493][ T5819] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 734.384504][ T5819] usb 4-1: Product: syz [ 734.384513][ T5819] usb 4-1: Manufacturer: syz [ 734.384522][ T5819] usb 4-1: SerialNumber: syz [ 734.385776][ T5819] usb 4-1: config 0 descriptor?? [ 734.393819][ T5819] usb 4-1: Found UVC 0.00 device syz (046d:08f3) [ 734.443774][ T5819] usb 4-1: No valid video chain found. [ 734.750652][ T5819] usb 4-1: USB disconnect, device number 27 [ 738.247736][T12172] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1615'. [ 738.256897][T12172] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1615'. [ 739.522709][ T30] kauditd_printk_skb: 33 callbacks suppressed [ 739.522724][ T30] audit: type=1326 audit(1751600769.554:1668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12186 comm="syz.0.1620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3f8d8e929 code=0x7ffc0000 [ 739.781018][ T30] audit: type=1326 audit(1751600769.594:1669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12186 comm="syz.0.1620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3f8d8e929 code=0x7ffc0000 [ 740.539672][ T30] audit: type=1326 audit(1751600769.594:1670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12186 comm="syz.0.1620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb3f8d8e929 code=0x7ffc0000 [ 740.673621][ T30] audit: type=1326 audit(1751600769.594:1671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12186 comm="syz.0.1620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3f8d8e929 code=0x7ffc0000 [ 740.861587][ T30] audit: type=1326 audit(1751600769.594:1672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12186 comm="syz.0.1620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3f8d8e929 code=0x7ffc0000 [ 741.731369][T12207] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1624'. [ 741.747271][T12207] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1624'. [ 741.799811][ T30] audit: type=1326 audit(1751600769.604:1673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12186 comm="syz.0.1620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb3f8d8e929 code=0x7ffc0000 [ 741.823330][ C0] vkms_vblank_simulate: vblank timer overrun [ 741.832123][ T30] audit: type=1326 audit(1751600769.624:1674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12186 comm="syz.0.1620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3f8d8e929 code=0x7ffc0000 [ 741.855599][ C0] vkms_vblank_simulate: vblank timer overrun [ 741.862295][ T30] audit: type=1326 audit(1751600769.624:1675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12186 comm="syz.0.1620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3f8d8e929 code=0x7ffc0000 [ 741.915469][ T30] audit: type=1326 audit(1751600769.634:1676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12186 comm="syz.0.1620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb3f8d8e929 code=0x7ffc0000 [ 741.938981][ C0] vkms_vblank_simulate: vblank timer overrun [ 741.949860][ T30] audit: type=1326 audit(1751600769.634:1677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12186 comm="syz.0.1620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3f8d8e929 code=0x7ffc0000 [ 741.973323][ C0] vkms_vblank_simulate: vblank timer overrun [ 746.405978][T12260] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1638'. [ 746.705696][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 746.712029][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 748.316614][T12287] random: crng reseeded on system resumption [ 749.963643][ T5819] usb 4-1: new high-speed USB device number 28 using dummy_hcd [ 750.355732][ T5819] usb 4-1: Using ep0 maxpacket: 16 [ 750.420534][ T5819] usb 4-1: config 0 has an invalid interface number: 68 but max is 0 [ 750.494143][ T5819] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 750.505399][ T5819] usb 4-1: config 0 has no interface number 0 [ 750.511655][ T5819] usb 4-1: config 0 interface 68 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 750.695875][T12304] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1650'. [ 751.451028][ T5819] usb 4-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=dc.c4 [ 751.477561][ T5819] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 751.488425][ T5819] usb 4-1: Product: syz [ 751.492596][ T5819] usb 4-1: Manufacturer: syz [ 751.511347][ T5819] usb 4-1: SerialNumber: syz [ 751.528914][ T5819] usb 4-1: config 0 descriptor?? [ 751.574167][ T5819] usb 4-1: Warning: ath10k USB support is incomplete, don't expect anything to work! [ 752.257914][T12320] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1654'. [ 752.703709][T10400] usb 4-1: Failed to submit usb control message: -110 [ 752.710761][T10400] usb 4-1: unable to send the bmi data to the device: -110 [ 752.775005][ T5819] usb 4-1: USB disconnect, device number 28 [ 752.833505][T10400] usb 4-1: unable to get target info from device [ 753.285884][T10400] usb 4-1: could not get target info (-110) [ 753.323507][T10400] usb 4-1: could not probe fw (-110) [ 753.913901][T12324] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1655'. [ 753.943987][T12324] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1655'. [ 754.520535][T12343] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1652'. [ 754.529831][T12343] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1652'. [ 754.611864][T12346] fuse: Invalid rootmode [ 755.753905][T12349] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1662'. [ 758.118564][T12374] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1670'. [ 758.127753][T12374] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1670'. [ 759.482809][T12394] overlayfs: overlapping lowerdir path [ 762.923265][T12422] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1682'. [ 762.990185][T12422] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1682'. [ 764.721002][T12441] overlayfs: overlapping lowerdir path [ 765.235889][T12443] kvm: kvm [12440]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xa700000032 [ 765.246176][T12443] kvm: kvm [12440]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0xff00003027 [ 765.258190][T12443] kvm: kvm [12440]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0xc6ff0000be70 [ 765.268347][T12443] kvm: kvm [12440]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x3600008c73 [ 765.452121][T12453] fuse: Bad value for 'rootmode' [ 767.183681][ C0] ================================================================== [ 767.191786][ C0] BUG: KASAN: slab-out-of-bounds in rose_timer_expiry+0x45a/0x4d0 [ 767.199612][ C0] Read of size 2 at addr ffff8880599ed02a by task udevd/5832 [ 767.206999][ C0] [ 767.209326][ C0] CPU: 0 UID: 0 PID: 5832 Comm: udevd Not tainted 6.16.0-rc4-syzkaller-00108-g17bbde2e1716 #0 PREEMPT(full) [ 767.209352][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 767.209363][ C0] Call Trace: [ 767.209369][ C0] [ 767.209376][ C0] dump_stack_lvl+0x116/0x1f0 [ 767.209409][ C0] print_report+0xcd/0x680 [ 767.209434][ C0] ? __virt_addr_valid+0x81/0x610 [ 767.209453][ C0] ? __phys_addr+0xe8/0x180 [ 767.209473][ C0] ? rose_timer_expiry+0x45a/0x4d0 [ 767.209497][ C0] kasan_report+0xe0/0x110 [ 767.209523][ C0] ? rose_timer_expiry+0x45a/0x4d0 [ 767.209550][ C0] rose_timer_expiry+0x45a/0x4d0 [ 767.209575][ C0] ? __pfx_rose_timer_expiry+0x10/0x10 [ 767.209598][ C0] call_timer_fn+0x197/0x620 [ 767.209623][ C0] ? __pfx_call_timer_fn+0x10/0x10 [ 767.209657][ C0] ? __pfx_rose_timer_expiry+0x10/0x10 [ 767.209682][ C0] __run_timers+0x6ef/0x960 [ 767.209710][ C0] ? __pfx___run_timers+0x10/0x10 [ 767.209743][ C0] run_timer_base+0x114/0x190 [ 767.209769][ C0] ? __pfx_run_timer_base+0x10/0x10 [ 767.209796][ C0] run_timer_softirq+0x1a/0x40 [ 767.209821][ C0] handle_softirqs+0x219/0x8e0 [ 767.209846][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 767.209870][ C0] __irq_exit_rcu+0x109/0x170 [ 767.209889][ C0] irq_exit_rcu+0x9/0x30 [ 767.209909][ C0] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 767.209935][ C0] [ 767.209941][ C0] [ 767.209949][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 767.209970][ C0] RIP: 0010:lock_is_held_type+0x107/0x150 [ 767.209998][ C0] Code: 00 00 b8 ff ff ff ff 65 0f c1 05 9c 40 4c 08 83 f8 01 75 2d 9c 58 f6 c4 02 75 43 48 f7 04 24 00 02 00 00 74 01 fb 48 83 c4 08 <44> 89 e8 5b 5d 41 5c 41 5d 41 5e 41 5f e9 87 f1 02 00 45 31 ed eb [ 767.210016][ C0] RSP: 0018:ffffc900036c7980 EFLAGS: 00000292 [ 767.210033][ C0] RAX: 0000000000000046 RBX: ffff88802962af30 RCX: 0000000000000001 [ 767.210045][ C0] RDX: 0000000000000000 RSI: ffffffff8ddf51e3 RDI: ffffffff8c157da0 [ 767.210057][ C0] RBP: ffffffff8e5c4940 R08: 0000000000000001 R09: 0000000000000000 [ 767.210069][ C0] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88802962a440 [ 767.210081][ C0] R13: 0000000000000001 R14: 00000000ffffffff R15: 0000000000000000 [ 767.210100][ C0] __d_lookup_rcu+0x398/0x4c0 [ 767.210124][ C0] lookup_fast+0x90/0x610 [ 767.210147][ C0] walk_component+0x5b/0x5b0 [ 767.210169][ C0] path_lookupat+0x142/0x6d0 [ 767.210192][ C0] filename_lookup+0x224/0x5f0 [ 767.210216][ C0] ? __pfx_filename_lookup+0x10/0x10 [ 767.210248][ C0] ? find_held_lock+0x2b/0x80 [ 767.210269][ C0] ? __might_fault+0xe3/0x190 [ 767.210290][ C0] ? __might_fault+0xe3/0x190 [ 767.210312][ C0] ? __might_fault+0x13b/0x190 [ 767.210337][ C0] vfs_statx+0x101/0x3e0 [ 767.210365][ C0] ? __pfx_vfs_statx+0x10/0x10 [ 767.210391][ C0] ? getname_flags.part.0+0x1c5/0x550 [ 767.210410][ C0] ? dput.part.0+0xce/0x9b0 [ 767.210429][ C0] vfs_fstatat+0x7b/0xf0 [ 767.210447][ C0] __do_sys_newfstatat+0x97/0x120 [ 767.210465][ C0] ? __pfx___do_sys_newfstatat+0x10/0x10 [ 767.210494][ C0] do_syscall_64+0xcd/0x4c0 [ 767.210522][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 767.210541][ C0] RIP: 0033:0x7ff417630b0a [ 767.210556][ C0] Code: 48 8b 15 f1 f2 0d 00 f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 41 89 ca b8 06 01 00 00 0f 05 <3d> 00 f0 ff ff 77 07 31 c0 c3 0f 1f 40 00 48 8b 15 b9 f2 0d 00 f7 [ 767.210574][ C0] RSP: 002b:00007ffc9d4853b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000106 [ 767.210592][ C0] RAX: ffffffffffffffda RBX: 000000000000002c RCX: 00007ff417630b0a [ 767.210604][ C0] RDX: 00007ffc9d4853c0 RSI: 00007ffc9d485490 RDI: 00000000ffffff9c [ 767.210617][ C0] RBP: 00007ffc9d4864d0 R08: 00007ffc9d487100 R09: 000055d86af7a450 [ 767.210630][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffc9d487100 [ 767.210647][ C0] R13: 0000000000000000 R14: 00007ffc9d486d00 R15: 00007ffc9d486900 [ 767.210665][ C0] [ 767.210671][ C0] [ 767.596024][ C0] Allocated by task 5185: [ 767.600335][ C0] kasan_save_stack+0x33/0x60 [ 767.605007][ C0] kasan_save_track+0x14/0x30 [ 767.609670][ C0] __kasan_slab_alloc+0x89/0x90 [ 767.614515][ C0] kmem_cache_alloc_node_noprof+0x1d5/0x3b0 [ 767.620395][ C0] kmalloc_reserve+0x18b/0x2c0 [ 767.625140][ C0] __alloc_skb+0x166/0x380 [ 767.629539][ C0] alloc_uevent_skb+0x7d/0x210 [ 767.634284][ C0] kobject_uevent_env+0xca4/0x1870 [ 767.639376][ C0] kobject_synth_uevent+0x7d4/0x8a0 [ 767.644556][ C0] uevent_store+0x24/0x80 [ 767.648869][ C0] dev_attr_store+0x55/0x80 [ 767.653358][ C0] sysfs_kf_write+0xef/0x150 [ 767.657933][ C0] kernfs_fop_write_iter+0x354/0x510 [ 767.663199][ C0] vfs_write+0x6c4/0x1150 [ 767.667517][ C0] ksys_write+0x12a/0x250 [ 767.671831][ C0] do_syscall_64+0xcd/0x4c0 [ 767.676322][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 767.682198][ C0] [ 767.684501][ C0] Freed by task 5185: [ 767.688458][ C0] kasan_save_stack+0x33/0x60 [ 767.693120][ C0] kasan_save_track+0x14/0x30 [ 767.697783][ C0] kasan_save_free_info+0x3b/0x60 [ 767.702788][ C0] __kasan_slab_free+0x51/0x70 [ 767.707549][ C0] kmem_cache_free+0x2d1/0x4d0 [ 767.712307][ C0] skb_free_head+0x1b7/0x210 [ 767.716893][ C0] skb_release_data+0x776/0x9c0 [ 767.721728][ C0] consume_skb+0xbf/0x100 [ 767.726043][ C0] netlink_recvmsg+0x5b9/0xa90 [ 767.730785][ C0] sock_recvmsg+0x1f9/0x250 [ 767.735269][ C0] ____sys_recvmsg+0x218/0x6b0 [ 767.740016][ C0] ___sys_recvmsg+0x114/0x1a0 [ 767.744679][ C0] __sys_recvmsg+0x16a/0x220 [ 767.749255][ C0] do_syscall_64+0xcd/0x4c0 [ 767.753745][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 767.759618][ C0] [ 767.761923][ C0] The buggy address belongs to the object at ffff8880599ecd00 [ 767.761923][ C0] which belongs to the cache skbuff_small_head of size 704 [ 767.776476][ C0] The buggy address is located 106 bytes to the right of [ 767.776476][ C0] allocated 704-byte region [ffff8880599ecd00, ffff8880599ecfc0) [ 767.791119][ C0] [ 767.793427][ C0] The buggy address belongs to the physical page: [ 767.799818][ C0] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x599ec [ 767.808556][ C0] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 767.817031][ C0] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 767.824554][ C0] page_type: f5(slab) [ 767.828517][ C0] raw: 00fff00000000040 ffff888140ee2c80 dead000000000122 0000000000000000 [ 767.837082][ C0] raw: 0000000000000000 0000000000130013 00000000f5000000 0000000000000000 [ 767.845646][ C0] head: 00fff00000000040 ffff888140ee2c80 dead000000000122 0000000000000000 [ 767.854301][ C0] head: 0000000000000000 0000000000130013 00000000f5000000 0000000000000000 [ 767.862951][ C0] head: 00fff00000000002 ffffea0001667b01 00000000ffffffff 00000000ffffffff [ 767.871601][ C0] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 767.880246][ C0] page dumped because: kasan: bad access detected [ 767.886635][ C0] page_owner tracks the page as allocated [ 767.892327][ C0] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd2820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5810, tgid 5810 (syz-executor), ts 759191668140, free_ts 753226144707 [ 767.913236][ C0] post_alloc_hook+0x1c0/0x230 [ 767.917986][ C0] get_page_from_freelist+0x1321/0x3890 [ 767.923521][ C0] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 767.929398][ C0] alloc_pages_mpol+0x1fb/0x550 [ 767.934236][ C0] new_slab+0x23b/0x330 [ 767.938371][ C0] ___slab_alloc+0xd9c/0x1940 [ 767.943028][ C0] __slab_alloc.constprop.0+0x56/0xb0 [ 767.948382][ C0] kmem_cache_alloc_node_noprof+0xf5/0x3b0 [ 767.954184][ C0] kmalloc_reserve+0x18b/0x2c0 [ 767.958928][ C0] __alloc_skb+0x166/0x380 [ 767.963328][ C0] tcp_stream_alloc_skb+0x34/0x570 [ 767.968424][ C0] tcp_write_xmit+0x879/0x84e0 [ 767.973175][ C0] __tcp_push_pending_frames+0xaf/0x390 [ 767.978706][ C0] tcp_rcv_established+0xe32/0x22e0 [ 767.983887][ C0] tcp_v4_do_rcv+0x5ca/0xa90 [ 767.988463][ C0] tcp_v4_rcv+0x3609/0x4650 [ 767.992949][ C0] page last free pid 5185 tgid 5185 stack trace: [ 767.999253][ C0] __free_frozen_pages+0x7fe/0x1180 [ 768.004432][ C0] qlist_free_all+0x4d/0x120 [ 768.009008][ C0] kasan_quarantine_reduce+0x195/0x1e0 [ 768.014450][ C0] __kasan_slab_alloc+0x69/0x90 [ 768.019285][ C0] kmem_cache_alloc_noprof+0x1cb/0x3b0 [ 768.024726][ C0] getname_flags.part.0+0x4c/0x550 [ 768.029819][ C0] getname_flags+0x93/0xf0 [ 768.034221][ C0] do_readlinkat+0xb4/0x3a0 [ 768.038708][ C0] __x64_sys_readlink+0x78/0xc0 [ 768.043541][ C0] do_syscall_64+0xcd/0x4c0 [ 768.048030][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 768.053906][ C0] [ 768.056210][ C0] Memory state around the buggy address: [ 768.061819][ C0] ffff8880599ecf00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 768.069859][ C0] ffff8880599ecf80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 768.077910][ C0] >ffff8880599ed000: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 768.085948][ C0] ^ [ 768.091294][ C0] ffff8880599ed080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 768.099332][ C0] ffff8880599ed100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 768.107370][ C0] ================================================================== [ 768.115440][ C0] vkms_vblank_simulate: vblank timer overrun [ 768.121497][ C0] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 768.128690][ C0] CPU: 0 UID: 0 PID: 5832 Comm: udevd Not tainted 6.16.0-rc4-syzkaller-00108-g17bbde2e1716 #0 PREEMPT(full) [ 768.140232][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 768.150289][ C0] Call Trace: [ 768.153590][ C0] [ 768.156432][ C0] dump_stack_lvl+0x3d/0x1f0 [ 768.161040][ C0] panic+0x71c/0x800 [ 768.164957][ C0] ? __pfx_panic+0x10/0x10 [ 768.169388][ C0] ? mark_held_locks+0x49/0x80 [ 768.174171][ C0] ? rose_timer_expiry+0x45a/0x4d0 [ 768.179297][ C0] ? check_panic_on_warn+0x1f/0xb0 [ 768.184422][ C0] ? rose_timer_expiry+0x45a/0x4d0 [ 768.189540][ C0] check_panic_on_warn+0xab/0xb0 [ 768.194489][ C0] end_report+0x107/0x170 [ 768.198827][ C0] kasan_report+0xee/0x110 [ 768.203254][ C0] ? rose_timer_expiry+0x45a/0x4d0 [ 768.208369][ C0] rose_timer_expiry+0x45a/0x4d0 [ 768.213312][ C0] ? __pfx_rose_timer_expiry+0x10/0x10 [ 768.218775][ C0] call_timer_fn+0x197/0x620 [ 768.223373][ C0] ? __pfx_call_timer_fn+0x10/0x10 [ 768.228490][ C0] ? __pfx_rose_timer_expiry+0x10/0x10 [ 768.233954][ C0] __run_timers+0x6ef/0x960 [ 768.238462][ C0] ? __pfx___run_timers+0x10/0x10 [ 768.243499][ C0] run_timer_base+0x114/0x190 [ 768.248183][ C0] ? __pfx_run_timer_base+0x10/0x10 [ 768.253389][ C0] run_timer_softirq+0x1a/0x40 [ 768.258154][ C0] handle_softirqs+0x219/0x8e0 [ 768.262922][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 768.268207][ C0] __irq_exit_rcu+0x109/0x170 [ 768.272886][ C0] irq_exit_rcu+0x9/0x30 [ 768.277129][ C0] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 768.282770][ C0] [ 768.285694][ C0] [ 768.288632][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 768.294630][ C0] RIP: 0010:lock_is_held_type+0x107/0x150 [ 768.300362][ C0] Code: 00 00 b8 ff ff ff ff 65 0f c1 05 9c 40 4c 08 83 f8 01 75 2d 9c 58 f6 c4 02 75 43 48 f7 04 24 00 02 00 00 74 01 fb 48 83 c4 08 <44> 89 e8 5b 5d 41 5c 41 5d 41 5e 41 5f e9 87 f1 02 00 45 31 ed eb [ 768.320068][ C0] RSP: 0018:ffffc900036c7980 EFLAGS: 00000292 [ 768.326137][ C0] RAX: 0000000000000046 RBX: ffff88802962af30 RCX: 0000000000000001 [ 768.334106][ C0] RDX: 0000000000000000 RSI: ffffffff8ddf51e3 RDI: ffffffff8c157da0 [ 768.342074][ C0] RBP: ffffffff8e5c4940 R08: 0000000000000001 R09: 0000000000000000 [ 768.350040][ C0] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88802962a440 [ 768.358007][ C0] R13: 0000000000000001 R14: 00000000ffffffff R15: 0000000000000000 [ 768.365991][ C0] __d_lookup_rcu+0x398/0x4c0 [ 768.370686][ C0] lookup_fast+0x90/0x610 [ 768.375018][ C0] walk_component+0x5b/0x5b0 [ 768.379595][ C0] path_lookupat+0x142/0x6d0 [ 768.384172][ C0] filename_lookup+0x224/0x5f0 [ 768.388922][ C0] ? __pfx_filename_lookup+0x10/0x10 [ 768.394214][ C0] ? find_held_lock+0x2b/0x80 [ 768.398876][ C0] ? __might_fault+0xe3/0x190 [ 768.403543][ C0] ? __might_fault+0xe3/0x190 [ 768.408202][ C0] ? __might_fault+0x13b/0x190 [ 768.412950][ C0] vfs_statx+0x101/0x3e0 [ 768.417181][ C0] ? __pfx_vfs_statx+0x10/0x10 [ 768.421933][ C0] ? getname_flags.part.0+0x1c5/0x550 [ 768.427286][ C0] ? dput.part.0+0xce/0x9b0 [ 768.431770][ C0] vfs_fstatat+0x7b/0xf0 [ 768.435992][ C0] __do_sys_newfstatat+0x97/0x120 [ 768.440995][ C0] ? __pfx___do_sys_newfstatat+0x10/0x10 [ 768.446618][ C0] do_syscall_64+0xcd/0x4c0 [ 768.451112][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 768.456989][ C0] RIP: 0033:0x7ff417630b0a [ 768.461384][ C0] Code: 48 8b 15 f1 f2 0d 00 f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 41 89 ca b8 06 01 00 00 0f 05 <3d> 00 f0 ff ff 77 07 31 c0 c3 0f 1f 40 00 48 8b 15 b9 f2 0d 00 f7 [ 768.480983][ C0] RSP: 002b:00007ffc9d4853b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000106 [ 768.489388][ C0] RAX: ffffffffffffffda RBX: 000000000000002c RCX: 00007ff417630b0a [ 768.497348][ C0] RDX: 00007ffc9d4853c0 RSI: 00007ffc9d485490 RDI: 00000000ffffff9c [ 768.505310][ C0] RBP: 00007ffc9d4864d0 R08: 00007ffc9d487100 R09: 000055d86af7a450 [ 768.513267][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffc9d487100 [ 768.521221][ C0] R13: 0000000000000000 R14: 00007ffc9d486d00 R15: 00007ffc9d486900 [ 768.529182][ C0] [ 768.532380][ C0] Kernel Offset: disabled [ 768.536679][ C0] Rebooting in 86400 seconds..