last executing test programs: 11m42.931596498s ago: executing program 1 (id=277): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) socket(0x1d, 0x2, 0x6) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc) connect$inet6(r2, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000002c0), 0x4) setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x2, 0x0, 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 11m41.632434503s ago: executing program 1 (id=278): openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x40142, 0x1) r1 = socket(0x2c, 0x3, 0x0) write$nbd(0xffffffffffffffff, 0x0, 0x40) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x88}, 0x0) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), r0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000640)={r0, 0xe0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000200)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, &(0x7f0000000240)=[0x0], &(0x7f0000000280)=[0x0], 0x0, 0xd5, &(0x7f0000000340), 0x0, 0x10, &(0x7f00000003c0), &(0x7f0000000400), 0x8, 0x4b, 0x8, 0x8, &(0x7f00000004c0)}}, 0x10) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000700)={'ip6_vti0\x00', &(0x7f0000000680)={'syztnl2\x00', 0x0, 0x2f, 0x81, 0x8, 0x1, 0x10, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x20, 0x700, 0x3, 0x80000000}}) sendmsg$ETHTOOL_MSG_STRSET_GET(r1, &(0x7f00000009c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000740)={&(0x7f0000000800)={0x150, r2, 0x400, 0x70bd26, 0x25dfdbff, {}, [@ETHTOOL_A_STRSET_STRINGSETS={0xf4, 0x2, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x64aaa1676c13893a}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}]}, {0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x5}, @ETHTOOL_A_STRINGSET_ID={0x8}]}, {0x54, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}, @ETHTOOL_A_STRINGSET_ID={0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x5}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x5}]}]}, @ETHTOOL_A_STRSET_HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}]}, @ETHTOOL_A_STRSET_STRINGSETS={0x18, 0x2, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}]}]}]}, 0x150}, 0x1, 0x0, 0x0, 0x800}, 0x81) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xfffffffffffffffe) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000780)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x80000000, '\x00', 0x0, 0x0, 0x0, 0x40000000}, 0x50) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8) r6 = socket$kcm(0x10, 0x2, 0x0) r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x100, 0x1108, 0x9, 0x1}, 0x50) bpf$MAP_LOOKUP_BATCH(0x1b, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000100), 0x0, 0x3, r7}, 0x38) r8 = syz_open_dev$vim2m(&(0x7f0000001580), 0x57, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r8, 0xc0405602, &(0x7f0000000000)={0x27, 0x1, 0x1, "3a8e07000034b52ba75088c27891ca55e21f0000000000b2b679d200", 0x41414770}) sendmsg$kcm(r6, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000040)="2e00000010008188e6b62aa73f72cc9f0ba1f848140000005e140602000000000e000a000f000000028000001294", 0x2e}, {0x0}], 0x2}, 0x0) r9 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) r10 = dup2(r9, r9) ioctl$BLKTRACETEARDOWN(r10, 0x1276, 0x0) openat$autofs(0xffffffffffffff9c, &(0x7f0000000140), 0x80, 0x0) 11m40.840931418s ago: executing program 1 (id=279): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x1000000000, 0x7, 0xfa11, 0xffffffff}, 0x0) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="fc00000019000100000000000000000000000000000000000000000000000000fc01000000000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000b93760000000000000000000000000000000000000000000200000000000000010000000000000044000500ac141400000000000000000000000000000000003c00"/163], 0xfc}, 0x1, 0x0, 0x0, 0x24008040}, 0x20040000) sendto$inet6(r2, &(0x7f0000000240)="8a", 0x1, 0x51, &(0x7f0000000080)={0xa, 0x3, 0x1, @local, 0x9}, 0x1c) 11m35.288105451s ago: executing program 1 (id=286): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0) mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b100a, 0x0) mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0) open_tree(0xffffffffffffffff, &(0x7f0000000180)='./file0/../file0\x00', 0x81101) 11m34.930699871s ago: executing program 1 (id=288): ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'pim6reg1\x00'}) r0 = openat$cachefiles(0xffffffffffffff9c, 0x0, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x2}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$btrfs_control(0xffffffffffffff9c, 0x0, 0x60000, 0x0) bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000100)={0x47, 0x0}, 0x8) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x1e, 0x3, &(0x7f0000000400)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}}, &(0x7f00000004c0)='syzkaller\x00', 0x10000, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @sk_lookup=0x24, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f00000005c0)={0x1, 0x10, 0x3, 0x1000}, 0x10, r4, 0xffffffffffffffff, 0x7, &(0x7f0000000680), &(0x7f00000006c0)=[{0x1, 0x1, 0xb}, {0x1, 0x5, 0xe, 0xa}, {0x4, 0x2, 0x4, 0x3}, {0x1, 0x1, 0x0, 0x2}, {0x5, 0x3, 0xe, 0x2}, {0x3, 0x3, 0xe, 0xc}, {0x5, 0x3, 0x4, 0x5}]}, 0x94) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0xc, &(0x7f0000000040)=@framed={{0x18, 0x7}, [@tail_call, @func={0x85, 0x0, 0x1, 0x0, 0x3}, @initr0, @exit]}, &(0x7f0000000000)='GPL\x00'}, 0x90) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff, 0x6, 0x0, @val=@tracing}, 0x40) r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x72, 0x0, 0x7fff0000}]}) close_range(r5, 0xffffffffffffffff, 0x0) syz_open_dev$dri(&(0x7f0000000140), 0x1, 0x0) 11m25.234913352s ago: executing program 1 (id=298): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) dup(0xffffffffffffffff) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x4d}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) futex(0x0, 0xc, 0x1, 0x0, &(0x7f0000048000)=0x2, 0x0) mount$tmpfs(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='quot']) openat(0xffffffffffffff9c, 0x0, 0x351142, 0x1cd) openat$ptp0(0xffffffffffffff9c, &(0x7f0000000200), 0xaad82, 0x0) syz_open_procfs(r0, &(0x7f0000000340)='net/dev_mcast\x00') socket$netlink(0x10, 0x3, 0x14) r3 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000180)={0xffffff}, 0x10) write(r3, &(0x7f0000000000), 0x0) r4 = socket(0x10, 0x3, 0x0) write(r4, &(0x7f00000000c0)="240000001d005f0214fffffffffffff80700", 0x12) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000500)=@newtaction={0xa8, 0x30, 0x4, 0x0, 0x0, {0x9}, [{0x94, 0x1, [@m_sample={0x90, 0x1, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0xffe4}, @TCA_SAMPLE_RATE={0x8, 0x3, 0x526}, @TCA_SAMPLE_PARMS={0x18}]}, {0x3a, 0x6, "3a1a4335ca12fbd67217133df355c7ba2055a00daa0e82f58eeacf7516b58aac5bd3834f1bb55837f69f7e31bec1adba9172a36b27e3"}, {0xc}, {0xc, 0x4}}}]}]}, 0xa8}}, 0x0) 11m23.099591756s ago: executing program 32 (id=298): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) dup(0xffffffffffffffff) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x4d}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) futex(0x0, 0xc, 0x1, 0x0, &(0x7f0000048000)=0x2, 0x0) mount$tmpfs(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='quot']) openat(0xffffffffffffff9c, 0x0, 0x351142, 0x1cd) openat$ptp0(0xffffffffffffff9c, &(0x7f0000000200), 0xaad82, 0x0) syz_open_procfs(r0, &(0x7f0000000340)='net/dev_mcast\x00') socket$netlink(0x10, 0x3, 0x14) r3 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000180)={0xffffff}, 0x10) write(r3, &(0x7f0000000000), 0x0) r4 = socket(0x10, 0x3, 0x0) write(r4, &(0x7f00000000c0)="240000001d005f0214fffffffffffff80700", 0x12) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000500)=@newtaction={0xa8, 0x30, 0x4, 0x0, 0x0, {0x9}, [{0x94, 0x1, [@m_sample={0x90, 0x1, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0xffe4}, @TCA_SAMPLE_RATE={0x8, 0x3, 0x526}, @TCA_SAMPLE_PARMS={0x18}]}, {0x3a, 0x6, "3a1a4335ca12fbd67217133df355c7ba2055a00daa0e82f58eeacf7516b58aac5bd3834f1bb55837f69f7e31bec1adba9172a36b27e3"}, {0xc}, {0xc, 0x4}}}]}]}, 0xa8}}, 0x0) 8m3.130178142s ago: executing program 4 (id=555): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) dup(0xffffffffffffffff) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x4d}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) futex(0x0, 0xc, 0x1, 0x0, &(0x7f0000048000)=0x2, 0x0) mount$tmpfs(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='quot']) openat(0xffffffffffffff9c, 0x0, 0x351142, 0x1cd) openat$ptp0(0xffffffffffffff9c, &(0x7f0000000200), 0xaad82, 0x0) syz_open_procfs(r0, &(0x7f0000000340)='net/dev_mcast\x00') socket$netlink(0x10, 0x3, 0x14) r3 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000180)={0xffffff}, 0x10) write(r3, &(0x7f0000000000)="240000001a005f0214f9f407000904001f00000000000000000000000800040001000000", 0x24) r4 = socket(0x10, 0x3, 0x0) write(r4, 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) 7m59.583813s ago: executing program 4 (id=558): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) dup(0xffffffffffffffff) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x4d}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) futex(0x0, 0xc, 0x1, 0x0, &(0x7f0000048000)=0x2, 0x0) mount$tmpfs(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='quot']) openat(0xffffffffffffff9c, 0x0, 0x351142, 0x1cd) openat$ptp0(0xffffffffffffff9c, &(0x7f0000000200), 0xaad82, 0x0) syz_open_procfs(r0, &(0x7f0000000340)='net/dev_mcast\x00') socket$netlink(0x10, 0x3, 0x14) r3 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000180)={0xffffff}, 0x10) write(r3, &(0x7f0000000000)="240000001a005f0214f9f407000904001f00000000000000000000000800040001000000", 0x24) r4 = socket(0x10, 0x3, 0x0) write(r4, 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) 7m58.053774761s ago: executing program 4 (id=560): r0 = syz_usb_connect$hid(0x0, 0x4c, &(0x7f0000000440)=ANY=[@ANYBLOB="1201000300000040fc04d80500000000ff020703000921000000012207000905b95756de36b3f9982b5dc7e62c81034000030000bb62873738bc8510e5bc7e4302770c753240364bb35988d2727cb585f107c6f01ef19e6a587fce431cb8c2ea04d84783dc1db6becf8d9a4dd561a38ff170831b5c076447b02042637261c8ce02df0e855e7f4caf3670d81548d654fa4924f3df69e5e1b9698e13860fbc1b9661e698db99f93647cce3407f4ed8672c886e90607c50b58cfb4cddecab9a8e8d419832b960609c430c355441b291948d401104ce98fccdd5b61830c22a5f8584cd608370e6b4869ab77f86d1e0c207153a92842837b83ef7926a85c89ff2dc58448b01df095b7bdf"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000c40)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000900)=ANY=[], 0x10) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r2, 0x107, 0xf, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) fallocate(0xffffffffffffffff, 0x5, 0x0, 0x2000402) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000000), 0x2, 0x8}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, 0x0, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f000001aa40)=""/102400, 0x19000) connect$inet6(0xffffffffffffffff, 0x0, 0x0) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0) r4 = openat$udambuf(0xffffffffffffff9c, &(0x7f00000003c0), 0x2) r5 = memfd_create(&(0x7f00000009c0)='y\x105\xf3\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdbU\xb1\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\x90i\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14O\xf8\xb5C\x1f\xb6b8b\x06A2@D\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\x05\x00\x00\x00\x00\x00\x00\x00\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00\x88\xd1\x1eQB\x18\xc1-\xc4\x8fK\xf8\xfa\xb6\xf8\v;\xaa\x8fW\xcc\n\x17\x7f\x98\xb7\xcdqV\xd4\xf0)\xfa\x0fG\xc8\xbf\xfd\xe8>K\f\xcd+\xb0\x99Q\xba/\xa8\xb9`k\b\xd1\xcc\xfc\xeaA\"\v=\x83fC\x90%\xa1d\x91\xf8:\x16<\xad\xc2\x18\xdf\x01\xe2\x96\xfcj\xe9\xa4\x065m\x03\x05Np\xda\"\xf1\xb6\xbcP\x8fP\x8d\x89%\xf2\x12T\xd0\xc3\x15W\x9c\x87\x1b\x8c\xc9\xd9\xc6\xad\x96-d\xa2wFB\xcaB\xa5\x15\xf8,\x04\x1c*\xd98\x8bG\x90\x81`\x03\xe0\xde\x9c\x9a\x0f\x1b\x8f\xd2%*&$Wc\xb3\xa6\xc4TK1}2\xb3\xab\xf4\xb7\xb7\x85\apa\xaf\x1c\x10i\xb9\x9f\x06\xff4%\"7f \x0e\xf5Bk\r\xac\"\x13tNx\xc0$\x85\x9f', 0x2) ioctl$UDMABUF_CREATE(r4, 0x40187542, &(0x7f0000000100)={r5, 0x0, 0x0, 0x8000}) close_range(r1, 0xffffffffffffffff, 0x0) 7m55.473490704s ago: executing program 4 (id=561): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0) getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, &(0x7f0000000240)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 7m53.874184059s ago: executing program 4 (id=565): openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) openat$kvm(0x0, 0x0, 0x0, 0x0) socket$inet6_sctp(0xa, 0x5, 0x84) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) write(0xffffffffffffffff, &(0x7f0000000000)="fa", 0xfffffdef) bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e21, 0x0, @dev={0xfe, 0x80, '\x00', 0x1a}, 0x10}, 0x1c) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r2 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0) writev(r2, &(0x7f0000020f80)=[{&(0x7f0000000140)='2', 0x1}], 0x1) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000540)={'wlan0\x00'}) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, r3, 0x4, 0x70bd2a, 0x25dfdbfe, {}, [@ETHTOOL_A_LINKMODES_AUTONEG={0x5, 0x2, 0x40}, @ETHTOOL_A_LINKMODES_SPEED={0x8, 0x5, 0xb}]}, 0x24}, 0x1, 0x0, 0x0, 0x4008045}, 0x4004000) 7m48.101377961s ago: executing program 4 (id=569): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x8800) r2 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r2, &(0x7f0000000200)=@name={0x1e, 0x2, 0x0, {{0x2, 0x1}}}, 0x10) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0) r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETOFFLOAD(r3, 0xc004743e, 0x110e22fff6) r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x1980, 0x0) ioctl$TUNSETOFFLOAD(r4, 0xc004743e, 0x110c230007) close(r4) r5 = syz_open_dev$vim2m(&(0x7f00000000c0), 0x6, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r5, 0xc0405602, &(0x7f0000000000)={0x10, 0x1, 0x1, "a90037e7f30f000080df4832c305f70000000000004840080000000000008300", 0x37303250}) r6 = syz_io_uring_setup(0x497, &(0x7f00000000c0)={0x0, 0x7079, 0x400, 0x3, 0x288}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0) syz_io_uring_submit(r7, r8, &(0x7f0000000240)=@IORING_OP_ACCEPT={0xd, 0x4, 0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r9}}) io_uring_enter(r6, 0x3516, 0x0, 0x0, 0x0, 0x0) 7m32.487247605s ago: executing program 33 (id=569): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x8800) r2 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r2, &(0x7f0000000200)=@name={0x1e, 0x2, 0x0, {{0x2, 0x1}}}, 0x10) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0) r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETOFFLOAD(r3, 0xc004743e, 0x110e22fff6) r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x1980, 0x0) ioctl$TUNSETOFFLOAD(r4, 0xc004743e, 0x110c230007) close(r4) r5 = syz_open_dev$vim2m(&(0x7f00000000c0), 0x6, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r5, 0xc0405602, &(0x7f0000000000)={0x10, 0x1, 0x1, "a90037e7f30f000080df4832c305f70000000000004840080000000000008300", 0x37303250}) r6 = syz_io_uring_setup(0x497, &(0x7f00000000c0)={0x0, 0x7079, 0x400, 0x3, 0x288}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0) syz_io_uring_submit(r7, r8, &(0x7f0000000240)=@IORING_OP_ACCEPT={0xd, 0x4, 0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r9}}) io_uring_enter(r6, 0x3516, 0x0, 0x0, 0x0, 0x0) 20.902104073s ago: executing program 2 (id=1156): sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$nl_rdma(0x10, 0x3, 0x14) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40) r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0) r3 = eventfd(0xfffffff9) ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000040)={0x1, r3}) ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0}) ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/246, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/70, 0x100000}) ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0x73, &(0x7f00000001c0)=""/115}]}) ioctl$VHOST_SET_VRING_ERR(r2, 0x4008af22, &(0x7f00000002c0)={0x1, r3}) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000000)=0x1) prctl$PR_SCHED_CORE(0x3e, 0xfffffffffffffffc, 0x0, 0x3, 0x0) syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f0000000d00), 0xffffffffffffffff) 11.950682522s ago: executing program 2 (id=1165): openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x40142, 0x1) r1 = socket(0x2c, 0x3, 0x0) write$nbd(0xffffffffffffffff, 0x0, 0x40) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x88}, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000640)={r0, 0xe0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000200)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, &(0x7f0000000240)=[0x0], &(0x7f0000000280)=[0x0], 0x0, 0xd5, &(0x7f0000000340), 0x0, 0x10, &(0x7f00000003c0), &(0x7f0000000400), 0x8, 0x4b, 0x8, 0x8, &(0x7f00000004c0)}}, 0x10) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000700)={'ip6_vti0\x00', &(0x7f0000000680)={'syztnl2\x00', 0x0, 0x2f, 0x81, 0x8, 0x1, 0x10, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x20, 0x700, 0x3, 0x80000000}}) sendmsg$ETHTOOL_MSG_STRSET_GET(r1, &(0x7f00000009c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000740)={&(0x7f0000000800)={0x150, 0x0, 0x400, 0x70bd26, 0x25dfdbff, {}, [@ETHTOOL_A_STRSET_STRINGSETS={0xf4, 0x2, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x64aaa1676c13893a}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}]}, {0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x5}, @ETHTOOL_A_STRINGSET_ID={0x8}]}, {0x54, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}, @ETHTOOL_A_STRINGSET_ID={0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x5}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x5}]}]}, @ETHTOOL_A_STRSET_HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}, @ETHTOOL_A_STRSET_STRINGSETS={0x18, 0x2, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}]}]}]}, 0x150}, 0x1, 0x0, 0x0, 0x800}, 0x81) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xfffffffffffffffe) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000780)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x80000000, '\x00', 0x0, 0x0, 0x0, 0x40000000}, 0x50) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) r5 = socket$kcm(0x10, 0x2, 0x0) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x100, 0x1108, 0x9, 0x1}, 0x50) bpf$MAP_LOOKUP_BATCH(0x1b, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000100), 0x0, 0x3, r6}, 0x38) r7 = syz_open_dev$vim2m(&(0x7f0000001580), 0x57, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r7, 0xc0405602, &(0x7f0000000000)={0x27, 0x1, 0x1, "3a8e07000034b52ba75088c27891ca55e21f0000000000b2b679d200", 0x41414770}) sendmsg$kcm(r5, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000040)="2e00000010008188e6b62aa73f72cc9f0ba1f848140000005e140602000000000e000a000f000000028000001294", 0x2e}, {0x0}], 0x2}, 0x0) mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0) r8 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) r9 = dup2(r8, r8) ioctl$BLKTRACETEARDOWN(r9, 0x1276, 0x0) openat$autofs(0xffffffffffffff9c, &(0x7f0000000140), 0x80, 0x0) 10.345982647s ago: executing program 0 (id=1168): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22}, 0x1c) listen(r0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000080)="67400f07c40249af4b8bb9800000c00f3235010200000f300f20a366450f769e00000100440f20c03588001d00445b66baf80cb88cf4b684ef66bafc0ced460f01c9c4827d24c366ba4cf0ff07ef87f345a57a43e16806a4", 0x58}], 0x1, 0x74, 0x0, 0xffffffffffffff65) syz_emit_ethernet(0x0, 0x0, 0x0) syz_emit_ethernet(0x42, &(0x7f0000000080)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x6, 0x4, 0x0, 0x0, 0x34, 0x25, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x640100fe, @local, {[@noop]}}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x7, 0xc2, 0x0, 0x0, 0x60, {[@exp_fastopen={0xfe, 0x5, 0xf989, '8'}]}}}}}}}, 0x0) 10.134133906s ago: executing program 0 (id=1169): r0 = openat$snapshot(0xffffffffffffff9c, 0x0, 0x1, 0x0) writev(r0, &(0x7f0000001380)=[{&(0x7f0000000180)="b1ff5cc982d34010b7cd6e11c50b9bd27a09463daa6ac62502efcdab89674523220df660aec36c3da20cdf63882deea50aab4ae728b88be047e9c1de4d3428835edfece01a907acbebb734022a8738c0733177cf2bc7d61a3a791ad3e0972faf52b29d3476b8aff7e79275ad61b36971c0d2d8e1e242261dc50464a134b1a2e36243c3b5bb93a2e7a7087c254e0b5089100624eb5b273a62e5798cb0a4b96845ef45e0238d22062a8d5f43c3875d773c45e426dc162914e26ae112c5dfdef60f2f274ac96a6c77b37799cd03dc1c8ad69d1fcad1be379ad212ea51e0f272a3ec7bf0bdda2c7a15b3fb018cb2ce53c99b0af09b5c874cf4d79e13c7580d4ebc0669bb048863f28e8f00ea67d87e92c6fc4bc31a4a06b7344519d72e9662309dd51a02a7d295972dd1f63431968d9f5212daa47d49d85bf08190aef758e842da69375269c5f33bb0e60bb98abb2a51e8a89d7b4680185b9665d5da6254cb15392332b0e850169d90ac1374cf5346092b47f682c2f22c8cdcf98718bfa0ca4c5b50ebf8d6c53afa3830233a3e486a0d73fed67851403f72492feec1528cac329dd11f82cf149ec049e71b979ad055053dcf654f470f780f32b22dd6567401f94a94c592265a2dbdd3c5c88cfde1a6cc112231a5797e092a5040be19bde03dc2d9dc0078b42f27e168810770cd5b4c0f2073037e9a57e8148392a3063ee55ad9449fa6265189337777d7a605bb7cf51d682ac7823207343fa7328ce207029e7e9818d7fcff9b9e7ac731dc502ce7471cab17108e5614fdec649d35a6638928931f110d4608a9cf22868dd3bf764d5b09a5325bcf987546e3edf1df9f1866fa89fb99a7f945c853586b4e3344eb286067e7b42d79ed93baddc3e5bd47ca613d654d4d54ece371b699ca7f05677c48cdb8f265fb35e0ff7ec5da801ae4198c7d9290d2ddc3586bd1ba3e34e722c47c14e4f310029751fbdc75da8461356b7a6784b490810284bdc727061944a283b7276b6a0b679d74089c54db98c92c2e329248b07365f45b3511ac11f8483a3f0bec8e4ceae324640f5762444efa94207115b5550fb8e4a1277aee3f11f2e6cac543d2168a83cd0367b24859e1b8b9cb9a5beb2d9851124b9c74acf21ecb5ae5e31e29543638a1cebdd2384dda1b2d301e59ea092707cd68838f12a05f9ec25832ddf22e2a01a8a28ff5c4f925a09b18849c180f0fed6057fc68d473eddb467796f8c086475dc1444c7f879d842662da4e59fd3c02b6d54c822ae8aeb91aefde57008f7728f1d236bbcda61a5b2dfdc0648ba72229b764fbd43a2eabe639a49f44de663b2e4e244370c7681f130e4a7790924e0826c0ebe768996d22edf83088b18492ccaa1344f5b14aa4218e3204434e0483bb56043e63ae02d584fed308759840064686ebb7349aa85adc00ba9ac6ec3e895f6b6cb33902cfa04a5fe6946475775284ba5f00f31a37aca06ce7485acbbf8e66db1daa273025860d216eb69a71666c0e5e3dcb9054c7c5edb138893b22a6f80655aeecd0f59f3bba544ae9897d2e795d0ca5a124519712a54366dca8b20c2191d5515231d5066c9c9f2b5b180da10542d7911f688c3b0f07ffcfe249161590d95d445c5ce2c647b97ad45249226a04144d900de9496f8f85e4607e7907eb20a1856efa7b06de5334ed1ba34b1c6e30da7df850da42b728208b85510b9acdd9ffe22894ec97c832b65257fa72d7f77a02359fad7ea2465c53df34c391c617d2e02197f6b5ab4a152327f6ae4d1107f6e8b68ce43de174dd559fe3ec95f32bd1d9244943230654e68fc3237e17dbd131996202beaf1578a925ab94510fccfa2be306bce3bdbb413ec6e50e6b0081362999ce7991b2c384001fd74e9de82dba16df74529800a201d8bd35eb789527b1f2e2ea7a12fb2858e389b4e96b5a9e32838916f147c99e3fd723972930a2eb8422ac15a254bae41e604e5459f6f573f9ce9d94e9dcbcdd392e2ed35ab5c6673f69c711ff121a2f1b1421d4a70571a20c732b1c1af990795c10ee23a6b8b056f91a4aa32d118a71cad879d5883327e7347d3fc7de504d42162a16fcd2fde8035a54205da46ce06c1f66b6ddb43248cbd5347cb80aec30a88af4166dcf131b92568ffad2f3cdb2835264705025b612d8b82920a01b87b9781020c38f438330735966ff27488db4ea6e74fa9d0e9a0fa929d9585a4de92648839a971edb1d03945fc7d6f64bb194085f63ccf8ea52b90505f2809d0ddc40b59909fff3e0c3362934019dca2b8733a8fdddd978d0b264d4b0105d4f9db315cbc8a2426f494de1d2f1b73de816e561004be0430be083fc6179ebfdc9bfca85df6b2c81bc0bf4685cdf072ddb5f7a3183a226df665c95d86c6046be75fdd008b96ad5696cbd3182a01c6a80d1bd3f4a288c015355004e6bbc788aef9bf65fe691dd6777a531a040c9ec7754d0e746dd89521d2ae6df1b13fd9433b164ba014fa7b3d8e08b30fe54b3d0ea810cc5f436a0370fd976eb481a07b3f81469cd6ed490d687528bf470d3800893a718f1f6c970a130ab49e04e1dfe4d594927bb34247d1c25c75197807206242b0ff807cb8c6ca4d67acce16de41a663fe86eec015dde1d828ac3a63763c0fbeda90c824abeb593efa9e2df76b761fa0d25e70e4e8d888f8ca1fcf7e88d35064a73600d4cc98e75ed4dd7c05919dcfdd4bdfaccd4a0a33e11c55276e105338b13ba765b728d0ae08a03cf59f3212373be7c7f74601c325c605ccbdff2bd895f43303888f9f8609df38a52d718cfb423a580711886de8affaf997d85a23af0de249f92f0b04305f12cbbd19c271339988a0c3eada32416b880f1859ba58353675b45b177d4306bbbd4ad8890a1a06126fb069b06566d92b026337f2f9c9f1321fd9b427a57df9e68505cdbbe1c5807fe485a85693e39e09bb72c7e46c95277526db6ee949ba143e4d3027c84df4c483aa0e419e438741661bb4349dffd003baa6112db3c9f84b0438ed3af79b90f1cea1b8ec4943bc3ced5567eec6510e910c8f9346e74c338fcfc892aaf970691b60f5ea4c04a33954c280c0c28f5c4ed79a3d4cb09ac60dc00060b09afa42fe60a250bb0c7529b282714df7de4938f1c56241189a707a7091a1035d82c7d43c66e9abd92ceec9ec5c102df63d4a0b8eac16b618e97567a87296a42bb7a018204b3dcdcee5e5c758faf3172e8c6c50483f341c5656cb8df27c63c98e74d1b7312e49926d143817f8e9b4125406ab91242bdcba7ccc3db507ff994047b33ce9a59179d119991a161e8bd06e0f58d7bffe6457f531942cc46c88bfec69e0b995ac7e7ab04d270efe443541bc55f327ad8921c32bcadaa0e1ad8ac263a312f92f904b333becbdf4a102f5b379619c8204c3a18af91347fbb5eab64ff81a05f3b830f36691121f0a398405521c3dac1300a0db6e21e56ac8bd6a03923a3d8ed96d9df54b98b42b70a0a3ffa8291ceb0e607f0e2f8ce1832111051bb16bdc25d5a4af117634af898f5952f98a7b132cf140a79ccb80d1d9f1bb52c3aaf50b7232dba94e896295c5a6bf71ec63a2f95315b06b590c6965249d1ea7f7039344242bae628f7b1bd45d9ccd51183279863c640d8fd7127ca5e593d7ae02b8ecc77188389c766634b18e54ab9da7ea92e8101d6088a373c3da38941e566dae9c1b191b48f387ecf8b91c6e6f05c800cef4c39b11dad2e42f1b54a44204ffe29c84defd41a3ab9173957b3007cad89d259ba60cb320d26b1ce00453629af98ab9371d8e47854396009169ebef43f471c2b00e7298dfb61a42000b68c44dc2429233f5fa17c524856c6383ae4ffed02f566edb7eb961489b5cb677e568eba83885641486af623dafe8693ac6dd5df261294a9286e445bb91098b96d5b2e912c21d161c9d6a6c0882a5ccd68d3b0025546bb79ace81b3338bc613209bb48f725d144df39604111da9c775da5e5f911934fb719d5d2d73c4d083b644d81d5ef22b900c5e00a0646972fb9984bf8023be30af1a018d16e4a33c8f1e26f5fd1e344c164a88283dbbc66142b9cfffed194984dd288779638827a4435f749a50db79918f33d67adc4014754133437c9d2bb90246a33070216d80560e4fc33047f75418d4e8d88fb244aab374b60a2a71fe7b579a121edd7cabdd38c794ce3e486803d0eba379a41f074a7667790ef9acf99f7ea8856b9383498850404704655bdac133d26967fb1ef4a484780aab18e86e9f119a11e6195a40ed26b32054e0a1939dea8b2f3e5ab7d7bc5cb32895c069b84b2f0fc9291d4e35ca2a78108593e74ea25f81fa90f86c76fecc3fe193c13fb427ab6a0f5c540512309a9b4a96fb636b4275012157420c3efa09701d35ae2b06e96d4ebcfdaeb83d3ffa44c59b301243ceb33c115ced26656e15c244b4e677e981e7456950489396b83fd66746de97e41cecc8f14435ebe2f3437890fc31eb790df327cba7d40aa352911b36d71b2aafe495c9b82b790c97d3b5179ca47eddffe1f700f506491865c86e8dad4a2870efad0772b32d67d10498d5f1d4032d341078d2d5af3e9b7ef1fb7981cc1d50fe9cec2c037782ad472edb0be5cb870c203477e6df78762b1be15fb1648c6e1da3d1f95858b7a03dae9dd6fdc82d0c4434961550aa8991c73a6df1fe5cbe815a1e2c0add62f5b340e262bb369dfbced592b77df8ce5d694a59a5125b72a7d70cbcd7fcad1f8e85fbc632c21903c611744955dc7bcfa3a83b87c7dff38516e2e8974dd8f6835b5a681ab0cfe5b72b42d63047983a6ac6efeea069e12428f2d07965ea369635390f6459b1407fa5a0c5967fb119186e665e71b9b0b386f9cd690990eda4adff85cc484874265e2a9ff6573ee8d083bfdb45325dbfc452c33e92a19d024c0841892d43f4dec71b185dad3731ca647a2ffa2c80e008a8dc25667e63f8bda20806bc1a1adb93674cbcc548ba8ca7af22df43f7a41ad774e95bb8fbcf03845d5cdfb808387fc6a4d4676ea6e01c2f39836a77852ce97bd69e92865b54bc4876f0f4243db0de84d469676bb82e43bdaaa362ce99368a7ab30b8d92611ab053fb40523658884efe299a562dc0cf6b5bf996cf05a7e03ca369754968b6c317e740679b0dfe60133414932c1ae75ca0d26cd8cfbc78989de4eb37f64cbf3a14d2a72a24fbcf4c559f261115ccb4002d8d9590a5819d04869a5bebca4cac2901c2262a49b5a86ab0a3ba33942f7b94107a5ae35afd247485786e7b23c5d008ab0d9c1ca51cc86ba7bbc596a788251a8b1ef9817191c1c0dabd1e9d826f3c451b5ea73d6b74300873e34c216d21a869ed06a0d9c3be9024be3e24828393e0635a614d78eb0abcf44bfe8c8c860027c9cee58b5e41d5f1209e48253281b18727dfb926ac3687df56217241c872a5a39f65251b5ca032bfaca2c9fe662584bcb6cb3fe9be2ae57be0655586a8c704ae915f284adac8d85174799ebf9e16c43b74a154a4524e6f33467e13a121a255acfb592d47eaf13cd538de15327151ad74f578bbbfdfde82fd6afb592b7933b52241f182cb65778e3628f177eaa8c8ecc970e82a2aa52f3b7d534748b35fa1dbc0f58ede3df5ddf1f1202290a74f4a871802d1f970de3ea5553f35456e2596669c00404337f6d394fb68c588effe8987f18b04b1b52eca71062b722b2cc44e4805abf6347715a3c9e5e9b9376a45fed63b494781a4905f9ff6d898e48c5f1279fb2f4c3af50d54204d0ab410415fcb28a1b4dc0afdcce76f19f60f65534d802ee8c", 0x1000}, {&(0x7f0000000000)='4', 0x1}], 0x2) syz_open_dev$sndctrl(&(0x7f0000000e00), 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) syz_open_dev$video4linux(&(0x7f0000001180), 0x3, 0x10040) openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81) openat$comedi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/comedi4\x00', 0x42, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) syz_io_uring_setup(0x7dca, 0x0, 0x0, 0x0) syz_open_dev$usbmon(&(0x7f0000000040), 0x9, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xe, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x50) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x100000, 0x1fffffffffe, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x9}, 0x0, &(0x7f00000002c0)={0x3fb, 0x8000, 0x400000000001, 0x9, 0x40000000000000, 0xf, 0x80000002, 0x2}, 0x0, 0x0) setsockopt$MRT_INIT(0xffffffffffffffff, 0x0, 0xc8, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={0x54, 0x0, 0x1, 0x101, 0x0, 0x0, {0x2, 0x0, 0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_SEQ_ADJ_ORIG={0x1c, 0xf, 0x0, 0x1, [@CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x2}, @CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0x9738}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x7ff}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x4004881}, 0x20008820) 9.155977731s ago: executing program 2 (id=1170): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$tipc(0x1e, 0x0, 0x0) bind$tipc(r1, &(0x7f00000000c0)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth1_virt_wifi\x00'}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0) sendmsg$ETHTOOL_MSG_RINGS_GET(0xffffffffffffffff, 0x0, 0x80) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) lsetxattr$system_posix_acl(&(0x7f0000000400)='.\x00', &(0x7f0000000440)='system.posix_acl_default\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYBLOB, @ANYBLOB="02", @ANYRES32=0x0, @ANYBLOB="040000000000800008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB], 0x5c, 0x0) open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x8) socket(0x2, 0x80805, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) syz_open_dev$evdev(0x0, 0x40800400, 0x2b6a41) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x2) ioctl$TIOCL_SETSEL(r3, 0x541c, &(0x7f00000000c0)={0x2, {0x2, 0x3bf, 0x3, 0x14a}}) ioctl$TIOCL_PASTESEL(r3, 0x541c, &(0x7f0000000000)) 9.033308771s ago: executing program 0 (id=1171): openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$kvm(0x0, 0x0, 0x0, 0x0) io_uring_setup(0x2e15, &(0x7f0000000580)={0x0, 0x1, 0x1, 0x1, 0x1be}) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) fcntl$getflags(r0, 0x401) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x2, 0x0, &(0x7f0000000140)={0x0, 0x0}) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) write(r1, &(0x7f0000000000)="fa", 0xfffffdef) bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e21, 0x0, @dev={0xfe, 0x80, '\x00', 0x1a}, 0x10}, 0x1c) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f00000003c0)={0xa, 0x0, 0x0, @private2, 0x3ff}, 0x1c) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00'}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r3 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0) writev(r3, &(0x7f0000020f80)=[{&(0x7f0000000140)='2', 0x1}], 0x1) 7.948674026s ago: executing program 2 (id=1173): unshare(0x22020400) r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) r1 = fanotify_init(0x200, 0x0) fanotify_mark(r1, 0x1, 0x40001018, r0, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) vmsplice(r2, &(0x7f0000000100)=[{&(0x7f00003fb000)="f7", 0x1}], 0x1, 0x0) 7.579014277s ago: executing program 0 (id=1174): openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$kvm(0x0, 0x0, 0x0, 0x0) io_uring_setup(0x2e15, &(0x7f0000000580)={0x0, 0x1, 0x1, 0x1, 0x1be}) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) fcntl$getflags(r0, 0x401) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) write(0xffffffffffffffff, &(0x7f0000000000)="fa", 0xfffffdef) bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e21, 0x0, @dev={0xfe, 0x80, '\x00', 0x1a}, 0x10}, 0x1c) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f00000003c0)={0xa, 0x0, 0x0, @private2, 0x3ff}, 0x1c) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r3 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0) writev(r3, &(0x7f0000020f80)=[{&(0x7f0000000140)='2', 0x1}], 0x1) syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000540)={'wlan0\x00'}) sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, 0x0, 0x4, 0x70bd2a, 0x25dfdbfe, {}, [@ETHTOOL_A_LINKMODES_AUTONEG={0x5, 0x2, 0x40}, @ETHTOOL_A_LINKMODES_SPEED={0x8, 0x5, 0xb}]}, 0x24}, 0x1, 0x0, 0x0, 0x4008045}, 0x4004000) 7.019689065s ago: executing program 3 (id=1175): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0) getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, &(0x7f0000000240)) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x1, 0x2}, 0x28) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r2, 0xc020f509, &(0x7f0000000080)={r3, 0x1, 0x8, 0x1}) 5.883057609s ago: executing program 2 (id=1176): socket(0x10, 0x803, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) getdents64(0xffffffffffffffff, &(0x7f0000000080)=""/105, 0x69) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000300)=@abs, 0x6e) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) getsockopt$sock_int(r3, 0x1, 0x2c, 0x0, &(0x7f00000001c0)) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c0000001000010700000000000000000a0000000600010017"], 0x1c}}, 0x0) r4 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$UHID_INPUT(r4, &(0x7f0000001040)={0xc, {"a2e3ad21ed0d52f91b5d390887f70e06d038e7ff7fc6e5539b3272298b089b07081b4d090890e0878f0e1ac6e7049b334a959bfc9a240d2567f3988f7ef319520100ffe8d178708c523c921b1b9b39070d075d0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb056d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498be0800000000000000f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc825d8e524b2451138e495bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546850a27af9544ae15a7e454dea05918b4fd42513f000000000000000a3621c56cea8d20fa911a0c41db6efcffac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ec126c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b8247068ae949ed06e288e810bac9c76600025e19c9000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cfe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c198045651cf4778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdc80c47ee4f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2691491abf8ab9c015073014d9e08d4338b8780bdecd436cf0541e4505bc3a45237f104b962102de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78ff95b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd735892892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af0000807e0000000002d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c5409711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5407000000e3ad038f2211f1033195563c7f93cd54b9094f226e78b271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b4051db55e0510a6e4114a53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005008000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e24919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a6d8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546def271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f00000000000000000000b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652770711935f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f42f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d53588a0f9455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d664130bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7899484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599af40005b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fd30d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb84d9a88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ea4cd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f031755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb24ee72e4363f51af62af6fb2a6df3bec89822a7a0b678458fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000000000000000000000000bd700", 0x1000}}, 0x375) syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r5 = open(&(0x7f0000000280)='.\x00', 0x40000, 0x43) getdents(r5, 0x0, 0x0) r6 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000140), 0x210000, 0x0) ioctl$UI_DEV_SETUP(r6, 0x5501, 0x0) 5.751599096s ago: executing program 3 (id=1177): syz_emit_ethernet(0x42, &(0x7f0000000080)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x6, 0x4, 0x0, 0x0, 0x34, 0x25, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x640100fe, @local, {[@noop]}}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x7, 0xc2, 0x0, 0x0, 0x60, {[@exp_fastopen={0xfe, 0x5, 0xf989, '8'}]}}}}}}}, 0x0) 5.74997098s ago: executing program 0 (id=1178): openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x40142, 0x1) r1 = socket(0x2c, 0x3, 0x0) write$nbd(0xffffffffffffffff, 0x0, 0x40) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x88}, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000640)={r0, 0xe0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000200)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, &(0x7f0000000240)=[0x0], &(0x7f0000000280)=[0x0], 0x0, 0xd5, &(0x7f0000000340), 0x0, 0x10, &(0x7f00000003c0), &(0x7f0000000400), 0x8, 0x4b, 0x8, 0x8, &(0x7f00000004c0)}}, 0x10) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000700)={'ip6_vti0\x00', &(0x7f0000000680)={'syztnl2\x00', 0x0, 0x2f, 0x81, 0x8, 0x1, 0x10, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x20, 0x700, 0x3, 0x80000000}}) sendmsg$ETHTOOL_MSG_STRSET_GET(r1, &(0x7f00000009c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000740)={&(0x7f0000000800)={0x150, 0x0, 0x400, 0x70bd26, 0x25dfdbff, {}, [@ETHTOOL_A_STRSET_STRINGSETS={0xf4, 0x2, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x64aaa1676c13893a}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}]}, {0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x5}, @ETHTOOL_A_STRINGSET_ID={0x8}]}, {0x54, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}, @ETHTOOL_A_STRINGSET_ID={0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x5}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x5}]}]}, @ETHTOOL_A_STRSET_HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}, @ETHTOOL_A_STRSET_STRINGSETS={0x18, 0x2, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}]}]}]}, 0x150}, 0x1, 0x0, 0x0, 0x800}, 0x81) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xfffffffffffffffe) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000780)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x80000000, '\x00', 0x0, 0x0, 0x0, 0x40000000}, 0x50) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) r5 = socket$kcm(0x10, 0x2, 0x0) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x100, 0x1108, 0x9, 0x1}, 0x50) bpf$MAP_LOOKUP_BATCH(0x1b, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000100), 0x0, 0x3, r6}, 0x38) r7 = syz_open_dev$vim2m(&(0x7f0000001580), 0x57, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r7, 0xc0405602, &(0x7f0000000000)={0x27, 0x1, 0x1, "3a8e07000034b52ba75088c27891ca55e21f0000000000b2b679d200", 0x41414770}) sendmsg$kcm(r5, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000040)="2e00000010008188e6b62aa73f72cc9f0ba1f848140000005e140602000000000e000a000f000000028000001294", 0x2e}, {0x0}], 0x2}, 0x0) r8 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) r9 = dup2(r8, r8) ioctl$BLKTRACETEARDOWN(r9, 0x1276, 0x0) openat$autofs(0xffffffffffffff9c, &(0x7f0000000140), 0x80, 0x0) 5.631220308s ago: executing program 3 (id=1179): r0 = openat$snapshot(0xffffffffffffff9c, 0x0, 0x1, 0x0) writev(r0, &(0x7f0000001380)=[{&(0x7f0000000180)="b1ff5cc982d34010b7cd6e11c50b9bd27a09463daa6ac62502efcdab89674523220df660aec36c3da20cdf63882deea50aab4ae728b88be047e9c1de4d3428835edfece01a907acbebb734022a8738c0733177cf2bc7d61a3a791ad3e0972faf52b29d3476b8aff7e79275ad61b36971c0d2d8e1e242261dc50464a134b1a2e36243c3b5bb93a2e7a7087c254e0b5089100624eb5b273a62e5798cb0a4b96845ef45e0238d22062a8d5f43c3875d773c45e426dc162914e26ae112c5dfdef60f2f274ac96a6c77b37799cd03dc1c8ad69d1fcad1be379ad212ea51e0f272a3ec7bf0bdda2c7a15b3fb018cb2ce53c99b0af09b5c874cf4d79e13c7580d4ebc0669bb048863f28e8f00ea67d87e92c6fc4bc31a4a06b7344519d72e9662309dd51a02a7d295972dd1f63431968d9f5212daa47d49d85bf08190aef758e842da69375269c5f33bb0e60bb98abb2a51e8a89d7b4680185b9665d5da6254cb15392332b0e850169d90ac1374cf5346092b47f682c2f22c8cdcf98718bfa0ca4c5b50ebf8d6c53afa3830233a3e486a0d73fed67851403f72492feec1528cac329dd11f82cf149ec049e71b979ad055053dcf654f470f780f32b22dd6567401f94a94c592265a2dbdd3c5c88cfde1a6cc112231a5797e092a5040be19bde03dc2d9dc0078b42f27e168810770cd5b4c0f2073037e9a57e8148392a3063ee55ad9449fa6265189337777d7a605bb7cf51d682ac7823207343fa7328ce207029e7e9818d7fcff9b9e7ac731dc502ce7471cab17108e5614fdec649d35a6638928931f110d4608a9cf22868dd3bf764d5b09a5325bcf987546e3edf1df9f1866fa89fb99a7f945c853586b4e3344eb286067e7b42d79ed93baddc3e5bd47ca613d654d4d54ece371b699ca7f05677c48cdb8f265fb35e0ff7ec5da801ae4198c7d9290d2ddc3586bd1ba3e34e722c47c14e4f310029751fbdc75da8461356b7a6784b490810284bdc727061944a283b7276b6a0b679d74089c54db98c92c2e329248b07365f45b3511ac11f8483a3f0bec8e4ceae324640f5762444efa94207115b5550fb8e4a1277aee3f11f2e6cac543d2168a83cd0367b24859e1b8b9cb9a5beb2d9851124b9c74acf21ecb5ae5e31e29543638a1cebdd2384dda1b2d301e59ea092707cd68838f12a05f9ec25832ddf22e2a01a8a28ff5c4f925a09b18849c180f0fed6057fc68d473eddb467796f8c086475dc1444c7f879d842662da4e59fd3c02b6d54c822ae8aeb91aefde57008f7728f1d236bbcda61a5b2dfdc0648ba72229b764fbd43a2eabe639a49f44de663b2e4e244370c7681f130e4a7790924e0826c0ebe768996d22edf83088b18492ccaa1344f5b14aa4218e3204434e0483bb56043e63ae02d584fed308759840064686ebb7349aa85adc00ba9ac6ec3e895f6b6cb33902cfa04a5fe6946475775284ba5f00f31a37aca06ce7485acbbf8e66db1daa273025860d216eb69a71666c0e5e3dcb9054c7c5edb138893b22a6f80655aeecd0f59f3bba544ae9897d2e795d0ca5a124519712a54366dca8b20c2191d5515231d5066c9c9f2b5b180da10542d7911f688c3b0f07ffcfe249161590d95d445c5ce2c647b97ad45249226a04144d900de9496f8f85e4607e7907eb20a1856efa7b06de5334ed1ba34b1c6e30da7df850da42b728208b85510b9acdd9ffe22894ec97c832b65257fa72d7f77a02359fad7ea2465c53df34c391c617d2e02197f6b5ab4a152327f6ae4d1107f6e8b68ce43de174dd559fe3ec95f32bd1d9244943230654e68fc3237e17dbd131996202beaf1578a925ab94510fccfa2be306bce3bdbb413ec6e50e6b0081362999ce7991b2c384001fd74e9de82dba16df74529800a201d8bd35eb789527b1f2e2ea7a12fb2858e389b4e96b5a9e32838916f147c99e3fd723972930a2eb8422ac15a254bae41e604e5459f6f573f9ce9d94e9dcbcdd392e2ed35ab5c6673f69c711ff121a2f1b1421d4a70571a20c732b1c1af990795c10ee23a6b8b056f91a4aa32d118a71cad879d5883327e7347d3fc7de504d42162a16fcd2fde8035a54205da46ce06c1f66b6ddb43248cbd5347cb80aec30a88af4166dcf131b92568ffad2f3cdb2835264705025b612d8b82920a01b87b9781020c38f438330735966ff27488db4ea6e74fa9d0e9a0fa929d9585a4de92648839a971edb1d03945fc7d6f64bb194085f63ccf8ea52b90505f2809d0ddc40b59909fff3e0c3362934019dca2b8733a8fdddd978d0b264d4b0105d4f9db315cbc8a2426f494de1d2f1b73de816e561004be0430be083fc6179ebfdc9bfca85df6b2c81bc0bf4685cdf072ddb5f7a3183a226df665c95d86c6046be75fdd008b96ad5696cbd3182a01c6a80d1bd3f4a288c015355004e6bbc788aef9bf65fe691dd6777a531a040c9ec7754d0e746dd89521d2ae6df1b13fd9433b164ba014fa7b3d8e08b30fe54b3d0ea810cc5f436a0370fd976eb481a07b3f81469cd6ed490d687528bf470d3800893a718f1f6c970a130ab49e04e1dfe4d594927bb34247d1c25c75197807206242b0ff807cb8c6ca4d67acce16de41a663fe86eec015dde1d828ac3a63763c0fbeda90c824abeb593efa9e2df76b761fa0d25e70e4e8d888f8ca1fcf7e88d35064a73600d4cc98e75ed4dd7c05919dcfdd4bdfaccd4a0a33e11c55276e105338b13ba765b728d0ae08a03cf59f3212373be7c7f74601c325c605ccbdff2bd895f43303888f9f8609df38a52d718cfb423a580711886de8affaf997d85a23af0de249f92f0b04305f12cbbd19c271339988a0c3eada32416b880f1859ba58353675b45b177d4306bbbd4ad8890a1a06126fb069b06566d92b026337f2f9c9f1321fd9b427a57df9e68505cdbbe1c5807fe485a85693e39e09bb72c7e46c95277526db6ee949ba143e4d3027c84df4c483aa0e419e438741661bb4349dffd003baa6112db3c9f84b0438ed3af79b90f1cea1b8ec4943bc3ced5567eec6510e910c8f9346e74c338fcfc892aaf970691b60f5ea4c04a33954c280c0c28f5c4ed79a3d4cb09ac60dc00060b09afa42fe60a250bb0c7529b282714df7de4938f1c56241189a707a7091a1035d82c7d43c66e9abd92ceec9ec5c102df63d4a0b8eac16b618e97567a87296a42bb7a018204b3dcdcee5e5c758faf3172e8c6c50483f341c5656cb8df27c63c98e74d1b7312e49926d143817f8e9b4125406ab91242bdcba7ccc3db507ff994047b33ce9a59179d119991a161e8bd06e0f58d7bffe6457f531942cc46c88bfec69e0b995ac7e7ab04d270efe443541bc55f327ad8921c32bcadaa0e1ad8ac263a312f92f904b333becbdf4a102f5b379619c8204c3a18af91347fbb5eab64ff81a05f3b830f36691121f0a398405521c3dac1300a0db6e21e56ac8bd6a03923a3d8ed96d9df54b98b42b70a0a3ffa8291ceb0e607f0e2f8ce1832111051bb16bdc25d5a4af117634af898f5952f98a7b132cf140a79ccb80d1d9f1bb52c3aaf50b7232dba94e896295c5a6bf71ec63a2f95315b06b590c6965249d1ea7f7039344242bae628f7b1bd45d9ccd51183279863c640d8fd7127ca5e593d7ae02b8ecc77188389c766634b18e54ab9da7ea92e8101d6088a373c3da38941e566dae9c1b191b48f387ecf8b91c6e6f05c800cef4c39b11dad2e42f1b54a44204ffe29c84defd41a3ab9173957b3007cad89d259ba60cb320d26b1ce00453629af98ab9371d8e47854396009169ebef43f471c2b00e7298dfb61a42000b68c44dc2429233f5fa17c524856c6383ae4ffed02f566edb7eb961489b5cb677e568eba83885641486af623dafe8693ac6dd5df261294a9286e445bb91098b96d5b2e912c21d161c9d6a6c0882a5ccd68d3b0025546bb79ace81b3338bc613209bb48f725d144df39604111da9c775da5e5f911934fb719d5d2d73c4d083b644d81d5ef22b900c5e00a0646972fb9984bf8023be30af1a018d16e4a33c8f1e26f5fd1e344c164a88283dbbc66142b9cfffed194984dd288779638827a4435f749a50db79918f33d67adc4014754133437c9d2bb90246a33070216d80560e4fc33047f75418d4e8d88fb244aab374b60a2a71fe7b579a121edd7cabdd38c794ce3e486803d0eba379a41f074a7667790ef9acf99f7ea8856b9383498850404704655bdac133d26967fb1ef4a484780aab18e86e9f119a11e6195a40ed26b32054e0a1939dea8b2f3e5ab7d7bc5cb32895c069b84b2f0fc9291d4e35ca2a78108593e74ea25f81fa90f86c76fecc3fe193c13fb427ab6a0f5c540512309a9b4a96fb636b4275012157420c3efa09701d35ae2b06e96d4ebcfdaeb83d3ffa44c59b301243ceb33c115ced26656e15c244b4e677e981e7456950489396b83fd66746de97e41cecc8f14435ebe2f3437890fc31eb790df327cba7d40aa352911b36d71b2aafe495c9b82b790c97d3b5179ca47eddffe1f700f506491865c86e8dad4a2870efad0772b32d67d10498d5f1d4032d341078d2d5af3e9b7ef1fb7981cc1d50fe9cec2c037782ad472edb0be5cb870c203477e6df78762b1be15fb1648c6e1da3d1f95858b7a03dae9dd6fdc82d0c4434961550aa8991c73a6df1fe5cbe815a1e2c0add62f5b340e262bb369dfbced592b77df8ce5d694a59a5125b72a7d70cbcd7fcad1f8e85fbc632c21903c611744955dc7bcfa3a83b87c7dff38516e2e8974dd8f6835b5a681ab0cfe5b72b42d63047983a6ac6efeea069e12428f2d07965ea369635390f6459b1407fa5a0c5967fb119186e665e71b9b0b386f9cd690990eda4adff85cc484874265e2a9ff6573ee8d083bfdb45325dbfc452c33e92a19d024c0841892d43f4dec71b185dad3731ca647a2ffa2c80e008a8dc25667e63f8bda20806bc1a1adb93674cbcc548ba8ca7af22df43f7a41ad774e95bb8fbcf03845d5cdfb808387fc6a4d4676ea6e01c2f39836a77852ce97bd69e92865b54bc4876f0f4243db0de84d469676bb82e43bdaaa362ce99368a7ab30b8d92611ab053fb40523658884efe299a562dc0cf6b5bf996cf05a7e03ca369754968b6c317e740679b0dfe60133414932c1ae75ca0d26cd8cfbc78989de4eb37f64cbf3a14d2a72a24fbcf4c559f261115ccb4002d8d9590a5819d04869a5bebca4cac2901c2262a49b5a86ab0a3ba33942f7b94107a5ae35afd247485786e7b23c5d008ab0d9c1ca51cc86ba7bbc596a788251a8b1ef9817191c1c0dabd1e9d826f3c451b5ea73d6b74300873e34c216d21a869ed06a0d9c3be9024be3e24828393e0635a614d78eb0abcf44bfe8c8c860027c9cee58b5e41d5f1209e48253281b18727dfb926ac3687df56217241c872a5a39f65251b5ca032bfaca2c9fe662584bcb6cb3fe9be2ae57be0655586a8c704ae915f284adac8d85174799ebf9e16c43b74a154a4524e6f33467e13a121a255acfb592d47eaf13cd538de15327151ad74f578bbbfdfde82fd6afb592b7933b52241f182cb65778e3628f177eaa8c8ecc970e82a2aa52f3b7d534748b35fa1dbc0f58ede3df5ddf1f1202290a74f4a871802d1f970de3ea5553f35456e2596669c00404337f6d394fb68c588effe8987f18b04b1b52eca71062b722b2cc44e4805abf6347715a3c9e5e9b9376a45fed63b494781a4905f9ff6d898e48c5f1279fb2f4c3af50d54204d0ab410415fcb28a1b4dc0afdcce76f19f60f65534d802ee8c", 0x1000}, {&(0x7f0000000000)='4', 0x1}], 0x2) syz_open_dev$sndctrl(&(0x7f0000000e00), 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) syz_open_dev$video4linux(&(0x7f0000001180), 0x3, 0x10040) openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81) openat$comedi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/comedi4\x00', 0x42, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) syz_io_uring_setup(0x7dca, 0x0, 0x0, 0x0) syz_open_dev$usbmon(&(0x7f0000000040), 0x9, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xe, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x50) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x100000, 0x1fffffffffe, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x9}, 0x0, &(0x7f00000002c0)={0x3fb, 0x8000, 0x400000000001, 0x9, 0x40000000000000, 0xf, 0x80000002, 0x2}, 0x0, 0x0) setsockopt$MRT_INIT(0xffffffffffffffff, 0x0, 0xc8, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={0x54, 0x0, 0x1, 0x101, 0x0, 0x0, {0x2, 0x0, 0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_SEQ_ADJ_ORIG={0x1c, 0xf, 0x0, 0x1, [@CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x2}, @CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0x9738}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x7ff}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x4004881}, 0x20008820) 4.220858913s ago: executing program 3 (id=1180): ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0) setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r2, 0x6, 0x80000000000002, &(0x7f0000000180)=0x7a, 0x4) bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r2, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendto$inet(r2, &(0x7f0000000300)="0906c422e0243219ff7b440e76a1b51b82ba23599f81b52c9d4db4486cec105e4b9f0f859f8a43eef6352f1e46e3145089b6a22f618ca14e288029b613a329c422481c6b7aff6806bce699cea461ecf591d9018b2a1d84e389a8d3127fd35913fe69754435c2", 0xffffffffffffffbb, 0x40040011, 0x0, 0x0) 4.120795902s ago: executing program 0 (id=1181): r0 = syz_usb_connect$hid(0x0, 0x4c, &(0x7f0000000440)=ANY=[@ANYBLOB="1201000300000040fc04d80500000000ff020703000921000000012207000905b95756de36b3f9982b5dc7e62c81034000030000bb62873738bc8510e5bc7e4302770c753240364bb35988d2727cb585f107c6f01ef19e6a587fce431cb8c2ea04d84783dc1db6becf8d9a4dd561a38ff170831b5c076447b02042637261c8ce02df0e855e7f4caf3670d81548d654fa4924f3df69e5e1b9698e13860fbc1b9661e698db99f93647cce3407f4ed8672c886e90607c50b58cfb4cddecab9a8e8d419832b960609c430c355441b291948d401104ce98fccdd5b61830c22a5f8584cd608370e6b4869ab77f86d1e0c207153a92842837b83ef7926a85c89ff2dc58448b01df095b7bdf"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000c40)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000900)=ANY=[], 0x10) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r2, 0x107, 0xf, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) fallocate(0xffffffffffffffff, 0x5, 0x0, 0x2000402) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000000), 0x2, 0x8}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, 0x0, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f000001aa40)=""/102400, 0x19000) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0) r4 = openat$udambuf(0xffffffffffffff9c, &(0x7f00000003c0), 0x2) r5 = memfd_create(&(0x7f00000009c0)='y\x105\xf3\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdbU\xb1\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\x90i\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14O\xf8\xb5C\x1f\xb6b8b\x06A2@D\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\x05\x00\x00\x00\x00\x00\x00\x00\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00\x88\xd1\x1eQB\x18\xc1-\xc4\x8fK\xf8\xfa\xb6\xf8\v;\xaa\x8fW\xcc\n\x17\x7f\x98\xb7\xcdqV\xd4\xf0)\xfa\x0fG\xc8\xbf\xfd\xe8>K\f\xcd+\xb0\x99Q\xba/\xa8\xb9`k\b\xd1\xcc\xfc\xeaA\"\v=\x83fC\x90%\xa1d\x91\xf8:\x16<\xad\xc2\x18\xdf\x01\xe2\x96\xfcj\xe9\xa4\x065m\x03\x05Np\xda\"\xf1\xb6\xbcP\x8fP\x8d\x89%\xf2\x12T\xd0\xc3\x15W\x9c\x87\x1b\x8c\xc9\xd9\xc6\xad\x96-d\xa2wFB\xcaB\xa5\x15\xf8,\x04\x1c*\xd98\x8bG\x90\x81`\x03\xe0\xde\x9c\x9a\x0f\x1b\x8f\xd2%*&$Wc\xb3\xa6\xc4TK1}2\xb3\xab\xf4\xb7\xb7\x85\apa\xaf\x1c\x10i\xb9\x9f\x06\xff4%\"7f \x0e\xf5Bk\r\xac\"\x13tNx\xc0$\x85\x9f', 0x2) ftruncate(r5, 0xffff) fcntl$addseals(r5, 0x409, 0x7) r6 = ioctl$UDMABUF_CREATE(r4, 0x40187542, &(0x7f0000000100)={r5, 0x0, 0x0, 0x8000}) ioctl$DMA_BUF_IOCTL_SYNC(r6, 0x40086200, &(0x7f0000000080)=0x2) close_range(r1, 0xffffffffffffffff, 0x0) 2.134291437s ago: executing program 2 (id=1182): r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="9f01000083667d1040206402d14e0102030109021b000100000000090400000190f19c000905f3ed"], 0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = open(&(0x7f0000000040)='./file0\x00', 0x108242, 0x1f6) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6, 0x4, 0x40, 0x7fff0003}]}) fchownat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0xffffffffffffffff, 0x100) r4 = gettid() r5 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180), 0x40e02, 0x0) write$rfkill(r5, &(0x7f0000000300)={0x0, 0x2, 0x3, 0x1, 0x1}, 0x8) write$rfkill(r3, 0x0, 0x0) openat$iommufd(0xffffff9c, 0x0, 0x400000, 0x0) timer_create(0x0, &(0x7f0000000040)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc)) ioctl$BTRFS_IOC_RESIZE(r2, 0x50009403, 0x0) timer_settime(0x0, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) syz_usb_connect(0x3, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x201, 0xdd, 0x8a, 0x7a, 0x20, 0x867, 0x9812, 0x240f, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0xf4, 0x8, 0x20, 0x10, [{{0x9, 0x4, 0x44, 0x3, 0x0, 0xb7, 0x9d, 0xb5, 0x5}}]}}]}}, &(0x7f0000000880)={0x0, 0x0, 0x0, 0x0}) socket$inet6_udp(0xa, 0x2, 0x0) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(0xffffffffffffffff, 0xc01064b5, 0x0) r6 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000200), 0xc0200, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r4, 0x2, 0x0) ioctl$PPPIOCNEWUNIT(r6, 0xc004743e, &(0x7f0000000340)=0x2) openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x189a42, 0x0) vmsplice(r1, &(0x7f0000003680)=[{&(0x7f00000000c0)="ab8c16e645c2", 0x6}], 0x1000000000000231, 0xe) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) 1.674274504s ago: executing program 3 (id=1183): r0 = socket$nl_generic(0x10, 0x3, 0x10) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x6) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) userfaultfd(0x80801) openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x3a) gettid() r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x1c, 0x2, 0x3, 0x401, 0x0, 0x0, {}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}}, 0x0) sendmsg$NFQNL_MSG_CONFIG(r5, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r6 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0) flock(r6, 0x2) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="300000003c0007010000000000400000017c00000400fc80100001805fd05a607fd48040ffc30000080002"], 0x30}, 0x1, 0x0, 0x0, 0xc000}, 0xc010) 0s ago: executing program 3 (id=1184): r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="9f01000083667d1040206402d14e0102030109021b000100000000090400000190f19c000905f3ed"], 0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = open(&(0x7f0000000040)='./file0\x00', 0x108242, 0x1f6) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6, 0x4, 0x40, 0x7fff0003}]}) fchownat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0xffffffffffffffff, 0x100) r4 = gettid() r5 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180), 0x40e02, 0x0) write$rfkill(r5, &(0x7f0000000300)={0x0, 0x2, 0x3, 0x1, 0x1}, 0x8) write$rfkill(r3, 0x0, 0x0) openat$iommufd(0xffffff9c, 0x0, 0x400000, 0x0) timer_create(0x0, &(0x7f0000000040)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc)) ioctl$BTRFS_IOC_RESIZE(r2, 0x50009403, 0x0) timer_settime(0x0, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) syz_usb_connect(0x3, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x201, 0xdd, 0x8a, 0x7a, 0x20, 0x867, 0x9812, 0x240f, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0xf4, 0x8, 0x20, 0x10, [{{0x9, 0x4, 0x44, 0x3, 0x0, 0xb7, 0x9d, 0xb5, 0x5}}]}}]}}, &(0x7f0000000880)={0x0, 0x0, 0x0, 0x0}) socket$inet6_udp(0xa, 0x2, 0x0) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(0xffffffffffffffff, 0xc01064b5, 0x0) r6 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000200), 0xc0200, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r4, 0x2, 0x0) ioctl$PPPIOCNEWUNIT(r6, 0xc004743e, &(0x7f0000000340)=0x2) openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x189a42, 0x0) vmsplice(r1, &(0x7f0000003680)=[{&(0x7f00000000c0)="ab8c16e645c2", 0x6}], 0x1000000000000231, 0xe) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) kernel console output (not intermixed with test programs): : 249 > 9 [ 640.065423][ T5847] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 640.069242][ T5847] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 640.079659][ T5847] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 640.413811][ T8775] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 640.413827][ T8775] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 640.413850][ T8775] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 640.531644][ T8775] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 640.531663][ T8775] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 640.531688][ T8775] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 642.396986][ T5847] Bluetooth: hci4: command tx timeout [ 642.543027][ T71] bridge_slave_1: left allmulticast mode [ 642.543060][ T71] bridge_slave_1: left promiscuous mode [ 642.543381][ T71] bridge0: port 2(bridge_slave_1) entered disabled state [ 642.845141][ T71] bridge_slave_0: left allmulticast mode [ 642.845177][ T71] bridge_slave_0: left promiscuous mode [ 642.845480][ T71] bridge0: port 1(bridge_slave_0) entered disabled state [ 642.901479][ T37] audit: type=1326 audit(1757814537.000:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9058 comm="syz.0.659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd4f1deba9 code=0x7ffc0000 [ 642.901550][ T37] audit: type=1326 audit(1757814537.000:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9058 comm="syz.0.659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd4f1deba9 code=0x7ffc0000 [ 642.901586][ T37] audit: type=1326 audit(1757814537.000:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9058 comm="syz.0.659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7fbd4f1deba9 code=0x7ffc0000 [ 642.901622][ T37] audit: type=1326 audit(1757814537.000:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9058 comm="syz.0.659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd4f1deba9 code=0x7ffc0000 [ 642.901661][ T37] audit: type=1326 audit(1757814537.000:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9058 comm="syz.0.659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd4f1deba9 code=0x7ffc0000 [ 642.901698][ T37] audit: type=1326 audit(1757814537.000:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9058 comm="syz.0.659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=78 compat=0 ip=0x7fbd4f1deba9 code=0x7ffc0000 [ 642.901743][ T37] audit: type=1326 audit(1757814537.000:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9058 comm="syz.0.659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd4f1deba9 code=0x7ffc0000 [ 642.901782][ T37] audit: type=1326 audit(1757814537.010:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9058 comm="syz.0.659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd4f1deba9 code=0x7ffc0000 [ 642.901822][ T37] audit: type=1326 audit(1757814537.010:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9058 comm="syz.0.659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbd4f1deba9 code=0x7ffc0000 [ 642.901862][ T37] audit: type=1326 audit(1757814537.010:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9058 comm="syz.0.659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd4f1deba9 code=0x7ffc0000 [ 644.421028][ T5847] Bluetooth: hci4: command tx timeout [ 646.037932][ T9073] random: crng reseeded on system resumption [ 646.056764][ T9073] Hibernate inconsistent memory map detected! [ 646.056773][ T9073] PM: hibernation: Image mismatch: architecture specific data [ 646.350147][ T71] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 646.500864][ T5847] Bluetooth: hci4: command tx timeout [ 646.581472][ T71] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 646.771074][ T71] bond0 (unregistering): Released all slaves [ 647.496293][ C1] vkms_vblank_simulate: vblank timer overrun [ 647.772865][ C1] vkms_vblank_simulate: vblank timer overrun [ 649.532411][ T8449] Bluetooth: hci4: command tx timeout [ 649.859596][ T8775] hsr_slave_0: entered promiscuous mode [ 649.911263][ T8775] hsr_slave_1: entered promiscuous mode [ 649.912630][ T8775] debugfs: 'hsr0' already exists in 'hsr' [ 649.912647][ T8775] Cannot create hsr debugfs directory [ 651.988680][ C0] vkms_vblank_simulate: vblank timer overrun [ 652.204207][ T71] hsr_slave_0: left promiscuous mode [ 652.584674][ T9106] syz.0.668 (9106): drop_caches: 2 [ 653.804855][ T71] hsr_slave_1: left promiscuous mode [ 653.805761][ T71] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 654.098720][ T71] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 654.221634][ T5847] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 654.244921][ T5847] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 654.264641][ T5847] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 654.270936][ T5847] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 654.309372][ T5847] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 654.987380][ C0] vkms_vblank_simulate: vblank timer overrun [ 656.081487][ T71] team0 (unregistering): Port device team_slave_1 removed [ 656.271513][ T9118] netlink: 68 bytes leftover after parsing attributes in process `syz.3.670'. [ 656.333095][ T71] team0 (unregistering): Port device team_slave_0 removed [ 657.471205][ T8449] Bluetooth: hci5: command tx timeout [ 657.495104][ T5938] libceph: connect (1)[c::]:6789 error -101 [ 657.495241][ T5938] libceph: mon0 (1)[c::]:6789 connect error [ 657.751482][ T5938] libceph: connect (1)[c::]:6789 error -101 [ 657.751711][ T5938] libceph: mon0 (1)[c::]:6789 connect error [ 657.827646][ T9123] ceph: No mds server is up or the cluster is laggy [ 658.419539][ T5938] libceph: connect (1)[c::]:6789 error -101 [ 658.419678][ T5938] libceph: mon0 (1)[c::]:6789 connect error [ 658.821838][ T9131] random: crng reseeded on system resumption [ 658.870908][ T9131] Hibernate inconsistent memory map detected! [ 658.870922][ T9131] PM: hibernation: Image mismatch: architecture specific data [ 659.550606][ T8449] Bluetooth: hci5: command tx timeout [ 661.623621][ T8449] Bluetooth: hci5: command tx timeout [ 663.149307][ T9156] syz.2.677 (9156): drop_caches: 2 [ 663.717943][ T8449] Bluetooth: hci5: command tx timeout [ 663.893348][ T9157] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 664.811987][ T9043] chnl_net:caif_netlink_parms(): no params data found [ 666.486242][ T9107] chnl_net:caif_netlink_parms(): no params data found [ 667.660016][ T9043] bridge0: port 1(bridge_slave_0) entered blocking state [ 667.660266][ T9043] bridge0: port 1(bridge_slave_0) entered disabled state [ 667.696856][ T9043] bridge_slave_0: entered allmulticast mode [ 667.717577][ T9043] bridge_slave_0: entered promiscuous mode [ 667.800710][ T9043] bridge0: port 2(bridge_slave_1) entered blocking state [ 667.800818][ T9043] bridge0: port 2(bridge_slave_1) entered disabled state [ 667.800977][ T9043] bridge_slave_1: entered allmulticast mode [ 667.802853][ T9043] bridge_slave_1: entered promiscuous mode [ 667.960630][ T5168] usb 4-1: new high-speed USB device number 28 using dummy_hcd [ 672.113287][ T9200] cgroup: Need name or subsystem set [ 672.140536][ T5168] usb 4-1: Using ep0 maxpacket: 16 [ 672.144272][ T5168] usb 4-1: config 1 has an invalid descriptor of length 239, skipping remainder of the config [ 672.144299][ T5168] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 672.147376][ T5168] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 672.147404][ T5168] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 672.147422][ T5168] usb 4-1: Product: syz [ 672.147453][ T5168] usb 4-1: Manufacturer: syz [ 672.147465][ T5168] usb 4-1: SerialNumber: syz [ 672.412076][ T9200] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 672.518362][ T5168] usb 4-1: 0:2 : does not exist [ 672.698066][ T5168] usb 4-1: USB disconnect, device number 28 [ 673.989951][ T9208] udevd[9208]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 675.707672][ C1] vkms_vblank_simulate: vblank timer overrun [ 675.851456][ T9043] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 675.923619][ T9043] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 676.096600][ C1] vkms_vblank_simulate: vblank timer overrun [ 676.710041][ C1] vkms_vblank_simulate: vblank timer overrun [ 676.982722][ T8257] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 677.166075][ C1] vkms_vblank_simulate: vblank timer overrun [ 677.326101][ C1] vkms_vblank_simulate: vblank timer overrun [ 677.478428][ C1] vkms_vblank_simulate: vblank timer overrun [ 677.928257][ C1] vkms_vblank_simulate: vblank timer overrun [ 678.088933][ C1] vkms_vblank_simulate: vblank timer overrun [ 678.606278][ T8257] usb 3-1: unable to get BOS descriptor or descriptor too short [ 678.607159][ T8257] usb 3-1: unable to read config index 0 descriptor/start: -71 [ 678.607181][ T8257] usb 3-1: can't read configurations, error -71 [ 678.711897][ T9242] random: crng reseeded on system resumption [ 678.796665][ T9242] Hibernate inconsistent memory map detected! [ 678.796678][ T9242] PM: hibernation: Image mismatch: architecture specific data [ 679.820790][ T9107] bridge0: port 1(bridge_slave_0) entered blocking state [ 679.820923][ T9107] bridge0: port 1(bridge_slave_0) entered disabled state [ 679.821178][ T9107] bridge_slave_0: entered allmulticast mode [ 679.857820][ T9107] bridge_slave_0: entered promiscuous mode [ 679.883869][ T9043] team0: Port device team_slave_0 added [ 679.890868][ T9107] bridge0: port 2(bridge_slave_1) entered blocking state [ 679.891068][ T9107] bridge0: port 2(bridge_slave_1) entered disabled state [ 679.891297][ T9107] bridge_slave_1: entered allmulticast mode [ 679.920883][ T9107] bridge_slave_1: entered promiscuous mode [ 680.080608][ C1] vkms_vblank_simulate: vblank timer overrun [ 680.262851][ C1] vkms_vblank_simulate: vblank timer overrun [ 680.297078][ T8257] usb 3-1: new high-speed USB device number 21 using dummy_hcd [ 681.160619][ T8257] usb 3-1: Using ep0 maxpacket: 16 [ 681.163990][ T8257] usb 3-1: config 1 has an invalid descriptor of length 239, skipping remainder of the config [ 681.164007][ T8257] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 681.169367][ T8257] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 681.169386][ T8257] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 681.169396][ T8257] usb 3-1: Product: syz [ 681.169404][ T8257] usb 3-1: Manufacturer: syz [ 681.169411][ T8257] usb 3-1: SerialNumber: syz [ 681.259733][ T9043] team0: Port device team_slave_1 added [ 681.491068][ T9254] syz.3.694 (9254): drop_caches: 2 [ 681.935225][ T8257] usb 3-1: 0:2 : does not exist [ 682.046046][ T8257] usb 3-1: USB disconnect, device number 21 [ 682.077198][ T9208] udevd[9208]: setting mode of /dev/bus/usb/003/021 to 020664 failed: No such file or directory [ 682.077394][ T9208] udevd[9208]: setting owner of /dev/bus/usb/003/021 to uid=0, gid=0 failed: No such file or directory [ 682.179701][ T9208] udevd[9208]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 682.758299][ T9265] cgroup: Need name or subsystem set [ 684.017545][ T9265] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 684.546702][ T9107] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 685.364951][ T9043] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 685.364969][ T9043] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 685.364994][ T9043] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 685.375427][ T9107] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 685.433918][ T9043] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 685.433935][ T9043] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 685.433958][ T9043] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 687.056405][ T9284] random: crng reseeded on system resumption [ 687.088166][ T9284] Hibernate inconsistent memory map detected! [ 687.088178][ T9284] PM: hibernation: Image mismatch: architecture specific data [ 687.095669][ T9107] team0: Port device team_slave_0 added [ 687.410930][ T9107] team0: Port device team_slave_1 added [ 689.097665][ T9043] hsr_slave_0: entered promiscuous mode [ 689.099037][ T9043] hsr_slave_1: entered promiscuous mode [ 689.099963][ T9043] debugfs: 'hsr0' already exists in 'hsr' [ 689.099987][ T9043] Cannot create hsr debugfs directory [ 689.399810][ T1326] ieee802154 phy0 wpan0: encryption failed: -22 [ 689.399911][ T1326] ieee802154 phy1 wpan1: encryption failed: -22 [ 689.407712][ T995] usb 1-1: new high-speed USB device number 33 using dummy_hcd [ 690.137166][ T995] usb 1-1: unable to get BOS descriptor or descriptor too short [ 690.145292][ T995] usb 1-1: unable to read config index 0 descriptor/start: -71 [ 690.145316][ T995] usb 1-1: can't read configurations, error -71 [ 690.416684][ T9107] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 690.416697][ T9107] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 690.416711][ T9107] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 690.451633][ T9107] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 690.451650][ T9107] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 690.451675][ T9107] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 690.858607][ T9307] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 691.360825][ C0] vkms_vblank_simulate: vblank timer overrun [ 692.109654][ C0] vkms_vblank_simulate: vblank timer overrun [ 692.903922][ C0] vkms_vblank_simulate: vblank timer overrun [ 693.498535][ C0] vkms_vblank_simulate: vblank timer overrun [ 694.184182][ T9107] hsr_slave_0: entered promiscuous mode [ 694.185180][ T9107] hsr_slave_1: entered promiscuous mode [ 694.189409][ T9107] debugfs: 'hsr0' already exists in 'hsr' [ 694.189436][ T9107] Cannot create hsr debugfs directory [ 694.952622][ T71] bridge_slave_1: left allmulticast mode [ 694.952646][ T71] bridge_slave_1: left promiscuous mode [ 694.952811][ T71] bridge0: port 2(bridge_slave_1) entered disabled state [ 695.211564][ T71] bridge_slave_0: left allmulticast mode [ 695.211588][ T71] bridge_slave_0: left promiscuous mode [ 695.211773][ T71] bridge0: port 1(bridge_slave_0) entered disabled state [ 696.035159][ T71] bridge_slave_1: left allmulticast mode [ 696.035195][ T71] bridge_slave_1: left promiscuous mode [ 696.035450][ T71] bridge0: port 2(bridge_slave_1) entered disabled state [ 696.147789][ T71] bridge_slave_0: left allmulticast mode [ 696.147822][ T71] bridge_slave_0: left promiscuous mode [ 696.148081][ T71] bridge0: port 1(bridge_slave_0) entered disabled state [ 697.462023][ T71] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 697.516731][ T9349] random: crng reseeded on system resumption [ 697.546270][ T9349] Hibernate inconsistent memory map detected! [ 697.546285][ T9349] PM: hibernation: Image mismatch: architecture specific data [ 697.564930][ T9350] futex_wake_op: syz.2.710 tries to shift op by -1; fix this program [ 697.734895][ T71] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 697.986452][ T71] bond0 (unregistering): Released all slaves [ 698.067118][ C1] vkms_vblank_simulate: vblank timer overrun [ 698.312498][ C1] vkms_vblank_simulate: vblank timer overrun [ 698.499024][ T71] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 698.734210][ T71] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 699.086056][ T71] bond0 (unregistering): Released all slaves [ 699.355970][ C1] vkms_vblank_simulate: vblank timer overrun [ 699.468765][ T9359] syz.2.712 (9359): drop_caches: 2 [ 699.748444][ T9370] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 700.059005][ T5847] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 700.104824][ T5847] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 700.130947][ T5847] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 700.459284][ T5847] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 700.475576][ T5156] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 700.921618][ T9378] syz.2.715 (9378): drop_caches: 2 [ 701.250582][ T71] hsr_slave_0: left promiscuous mode [ 701.312845][ T71] hsr_slave_1: left promiscuous mode [ 701.313529][ T71] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 701.455358][ C1] vkms_vblank_simulate: vblank timer overrun [ 701.492650][ T71] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 701.772750][ T71] hsr_slave_0: left promiscuous mode [ 701.814120][ T71] hsr_slave_1: left promiscuous mode [ 701.815709][ T71] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 701.871851][ T71] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 702.534354][ C1] vkms_vblank_simulate: vblank timer overrun [ 702.590720][ T5156] Bluetooth: hci1: command tx timeout [ 702.781779][ C1] vkms_vblank_simulate: vblank timer overrun [ 702.955227][ C1] vkms_vblank_simulate: vblank timer overrun [ 703.218474][ C1] vkms_vblank_simulate: vblank timer overrun [ 703.390791][ C1] vkms_vblank_simulate: vblank timer overrun [ 703.693779][ C1] vkms_vblank_simulate: vblank timer overrun [ 703.791328][ T71] team0 (unregistering): Port device team_slave_1 removed [ 703.913082][ T71] team0 (unregistering): Port device team_slave_0 removed [ 704.046983][ C1] vkms_vblank_simulate: vblank timer overrun [ 704.660566][ T5156] Bluetooth: hci1: command tx timeout [ 705.237589][ C1] vkms_vblank_simulate: vblank timer overrun [ 705.297151][ C1] vkms_vblank_simulate: vblank timer overrun [ 705.379943][ C1] vkms_vblank_simulate: vblank timer overrun [ 705.430583][ C1] vkms_vblank_simulate: vblank timer overrun [ 705.586543][ T71] team0 (unregistering): Port device team_slave_1 removed [ 705.624560][ C1] vkms_vblank_simulate: vblank timer overrun [ 705.745268][ T71] team0 (unregistering): Port device team_slave_0 removed [ 705.784567][ C1] vkms_vblank_simulate: vblank timer overrun [ 705.888046][ C1] vkms_vblank_simulate: vblank timer overrun [ 706.470817][ C1] vkms_vblank_simulate: vblank timer overrun [ 706.507399][ C1] vkms_vblank_simulate: vblank timer overrun [ 706.733855][ C1] vkms_vblank_simulate: vblank timer overrun [ 706.749343][ T5156] Bluetooth: hci1: command tx timeout [ 708.908997][ T5156] Bluetooth: hci1: command tx timeout [ 709.144960][ T9418] syz.2.724 (9418): drop_caches: 2 [ 711.412641][ T9367] chnl_net:caif_netlink_parms(): no params data found [ 711.881939][ T8449] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 711.908296][ T8449] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 711.923143][ T8449] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 711.947446][ T8449] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 711.948260][ T8449] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 714.373093][ T5156] Bluetooth: hci4: command tx timeout [ 714.417751][ T9367] bridge0: port 1(bridge_slave_0) entered blocking state [ 714.417916][ T9367] bridge0: port 1(bridge_slave_0) entered disabled state [ 714.418189][ T9367] bridge_slave_0: entered allmulticast mode [ 714.461168][ T9367] bridge_slave_0: entered promiscuous mode [ 714.500795][ T9367] bridge0: port 2(bridge_slave_1) entered blocking state [ 714.500895][ T9367] bridge0: port 2(bridge_slave_1) entered disabled state [ 714.501091][ T9367] bridge_slave_1: entered allmulticast mode [ 714.502827][ T9367] bridge_slave_1: entered promiscuous mode [ 715.242245][ T9466] cgroup: Need name or subsystem set [ 716.002948][ T9466] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 716.420639][ T5156] Bluetooth: hci4: command tx timeout [ 716.452255][ T9367] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 717.240383][ T9367] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 717.511864][ T9479] syz.3.733 (9479): drop_caches: 2 [ 718.701284][ T5156] Bluetooth: hci4: command tx timeout [ 719.721151][ T71] bridge_slave_1: left allmulticast mode [ 719.721201][ T71] bridge_slave_1: left promiscuous mode [ 719.721477][ T71] bridge0: port 2(bridge_slave_1) entered disabled state [ 719.922006][ T71] bridge_slave_0: left allmulticast mode [ 719.922041][ T71] bridge_slave_0: left promiscuous mode [ 719.922312][ T71] bridge0: port 1(bridge_slave_0) entered disabled state [ 719.965367][ T9494] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 720.107948][ C0] vkms_vblank_simulate: vblank timer overrun [ 720.296287][ C0] vkms_vblank_simulate: vblank timer overrun [ 721.020001][ C0] vkms_vblank_simulate: vblank timer overrun [ 721.027043][ T5156] Bluetooth: hci4: command tx timeout [ 721.305234][ C0] vkms_vblank_simulate: vblank timer overrun [ 721.343844][ C0] vkms_vblank_simulate: vblank timer overrun [ 721.633335][ T9509] syz.3.741 (9509): drop_caches: 2 [ 721.638415][ T71] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 722.431143][ T71] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 722.491058][ T71] bond0 (unregistering): Released all slaves [ 722.954498][ C0] vkms_vblank_simulate: vblank timer overrun [ 723.841220][ C0] vkms_vblank_simulate: vblank timer overrun [ 723.963634][ T9367] team0: Port device team_slave_0 added [ 724.046764][ T9367] team0: Port device team_slave_1 added [ 724.181367][ T71] hsr_slave_0: left promiscuous mode [ 724.213189][ T71] hsr_slave_1: left promiscuous mode [ 724.214594][ T71] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 724.265112][ T71] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 724.268398][ T9522] futex_wake_op: syz.3.744 tries to shift op by -1; fix this program [ 724.482345][ C0] vkms_vblank_simulate: vblank timer overrun [ 724.545339][ C0] vkms_vblank_simulate: vblank timer overrun [ 724.692293][ C0] vkms_vblank_simulate: vblank timer overrun [ 725.106854][ C0] vkms_vblank_simulate: vblank timer overrun [ 725.822105][ T9539] netlink: 'syz.2.748': attribute type 10 has an invalid length. [ 725.937062][ C0] vkms_vblank_simulate: vblank timer overrun [ 726.032512][ T37] kauditd_printk_skb: 17 callbacks suppressed [ 726.032543][ T37] audit: type=1326 audit(1757814620.140:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9530 comm="syz.3.747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32cac6eba9 code=0x7ffc0000 [ 726.032593][ T37] audit: type=1326 audit(1757814620.160:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9530 comm="syz.3.747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f32cac6eba9 code=0x7ffc0000 [ 726.032630][ T37] audit: type=1326 audit(1757814620.160:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9530 comm="syz.3.747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32cac6eba9 code=0x7ffc0000 [ 726.032665][ T37] audit: type=1326 audit(1757814620.160:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9530 comm="syz.3.747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=78 compat=0 ip=0x7f32cac6eba9 code=0x7ffc0000 [ 726.032701][ T37] audit: type=1326 audit(1757814620.160:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9530 comm="syz.3.747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32cac6eba9 code=0x7ffc0000 [ 726.032738][ T37] audit: type=1326 audit(1757814620.160:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9530 comm="syz.3.747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32cac6eba9 code=0x7ffc0000 [ 726.032774][ T37] audit: type=1326 audit(1757814620.160:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9530 comm="syz.3.747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f32cac6eba9 code=0x7ffc0000 [ 726.032810][ T37] audit: type=1326 audit(1757814620.160:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9530 comm="syz.3.747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32cac6eba9 code=0x7ffc0000 [ 726.032847][ T37] audit: type=1326 audit(1757814620.170:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9530 comm="syz.3.747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f32cac6eba9 code=0x7ffc0000 [ 726.032883][ T37] audit: type=1326 audit(1757814620.170:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9530 comm="syz.3.747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32cac6eba9 code=0x7ffc0000 [ 726.839305][ T71] team0 (unregistering): Port device team_slave_1 removed [ 726.849273][ T9546] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 727.787301][ T71] team0 (unregistering): Port device team_slave_0 removed [ 727.822591][ C0] vkms_vblank_simulate: vblank timer overrun [ 727.969771][ C0] vkms_vblank_simulate: vblank timer overrun [ 728.002479][ C0] vkms_vblank_simulate: vblank timer overrun [ 728.155104][ C0] vkms_vblank_simulate: vblank timer overrun [ 729.308164][ C0] vkms_vblank_simulate: vblank timer overrun [ 729.682777][ T9367] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 729.682795][ T9367] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 729.682820][ T9367] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 729.689162][ T9444] chnl_net:caif_netlink_parms(): no params data found [ 729.783297][ C0] vkms_vblank_simulate: vblank timer overrun [ 729.938830][ C0] vkms_vblank_simulate: vblank timer overrun [ 729.970763][ T9367] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 729.970780][ T9367] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 729.970804][ T9367] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 731.117066][ T9575] futex_wake_op: syz.3.756 tries to shift op by -1; fix this program [ 731.166970][ T9367] hsr_slave_0: entered promiscuous mode [ 731.170078][ T9367] hsr_slave_1: entered promiscuous mode [ 731.185589][ T9367] debugfs: 'hsr0' already exists in 'hsr' [ 731.185616][ T9367] Cannot create hsr debugfs directory [ 731.900702][ T11] usb 4-1: new high-speed USB device number 29 using dummy_hcd [ 732.120989][ C1] vkms_vblank_simulate: vblank timer overrun [ 732.743379][ T9604] netlink: 'syz.2.763': attribute type 10 has an invalid length. [ 732.807586][ C1] vkms_vblank_simulate: vblank timer overrun [ 733.067925][ C1] vkms_vblank_simulate: vblank timer overrun [ 733.083820][ T11] usb 4-1: unable to get BOS descriptor or descriptor too short [ 733.084737][ T11] usb 4-1: unable to read config index 0 descriptor/start: -71 [ 733.084758][ T11] usb 4-1: can't read configurations, error -71 [ 733.236578][ C1] vkms_vblank_simulate: vblank timer overrun [ 733.388359][ C1] vkms_vblank_simulate: vblank timer overrun [ 733.800059][ C1] vkms_vblank_simulate: vblank timer overrun [ 733.981117][ C1] vkms_vblank_simulate: vblank timer overrun [ 734.062372][ T9444] bridge0: port 1(bridge_slave_0) entered blocking state [ 734.062530][ T9444] bridge0: port 1(bridge_slave_0) entered disabled state [ 734.062738][ T9444] bridge_slave_0: entered allmulticast mode [ 734.065545][ T9444] bridge_slave_0: entered promiscuous mode [ 734.149048][ T9444] bridge0: port 2(bridge_slave_1) entered blocking state [ 734.149187][ T9444] bridge0: port 2(bridge_slave_1) entered disabled state [ 734.149416][ T9444] bridge_slave_1: entered allmulticast mode [ 734.173103][ T9444] bridge_slave_1: entered promiscuous mode [ 734.316717][ T9619] futex_wake_op: syz.0.765 tries to shift op by -1; fix this program [ 734.763865][ C1] vkms_vblank_simulate: vblank timer overrun [ 735.014791][ T71] bridge_slave_1: left allmulticast mode [ 735.014816][ T71] bridge_slave_1: left promiscuous mode [ 735.015033][ T71] bridge0: port 2(bridge_slave_1) entered disabled state [ 735.095188][ T71] bridge_slave_0: left allmulticast mode [ 735.095222][ T71] bridge_slave_0: left promiscuous mode [ 735.095832][ T71] bridge0: port 1(bridge_slave_0) entered disabled state [ 735.698920][ T37] kauditd_printk_skb: 15 callbacks suppressed [ 735.699010][ T37] audit: type=1326 audit(1757814629.840:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9629 comm="syz.0.768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd4f1deba9 code=0x7ffc0000 [ 735.699061][ T37] audit: type=1326 audit(1757814629.840:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9629 comm="syz.0.768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd4f1deba9 code=0x7ffc0000 [ 736.043844][ T71] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 736.313555][ T71] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 736.721169][ T71] bond0 (unregistering): Released all slaves [ 736.849513][ T9444] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 737.103256][ T11] libceph: connect (1)[c::]:6789 error -101 [ 737.103483][ T11] libceph: mon0 (1)[c::]:6789 connect error [ 737.107239][ T11] libceph: connect (1)[c::]:6789 error -101 [ 737.107454][ T11] libceph: mon0 (1)[c::]:6789 connect error [ 737.391813][ T11] libceph: connect (1)[c::]:6789 error -101 [ 737.392036][ T11] libceph: mon0 (1)[c::]:6789 connect error [ 737.958648][ T9644] ceph: No mds server is up or the cluster is laggy [ 738.091155][ T9444] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 738.266504][ T9653] syz.2.773 (9653): drop_caches: 2 [ 738.652813][ C1] vkms_vblank_simulate: vblank timer overrun [ 738.870981][ C1] vkms_vblank_simulate: vblank timer overrun [ 739.073828][ C1] vkms_vblank_simulate: vblank timer overrun [ 739.213349][ C1] vkms_vblank_simulate: vblank timer overrun [ 739.382377][ C1] vkms_vblank_simulate: vblank timer overrun [ 739.671100][ C1] vkms_vblank_simulate: vblank timer overrun [ 739.693458][ T9661] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 739.830329][ C1] vkms_vblank_simulate: vblank timer overrun [ 740.030001][ T9444] team0: Port device team_slave_0 added [ 741.236273][ T9677] syz.0.777 (9677): drop_caches: 2 [ 741.310290][ T71] hsr_slave_0: left promiscuous mode [ 741.466659][ T71] hsr_slave_1: left promiscuous mode [ 741.483692][ T71] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 741.514069][ T71] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 743.577935][ T71] team0 (unregistering): Port device team_slave_1 removed [ 743.850747][ T71] team0 (unregistering): Port device team_slave_0 removed [ 744.035565][ T9698] netlink: 68 bytes leftover after parsing attributes in process `syz.3.784'. [ 744.849745][ T9702] cgroup: Need name or subsystem set [ 747.381900][ T9715] syz.2.788 (9715): drop_caches: 2 [ 747.647670][ T9444] team0: Port device team_slave_1 added [ 748.733725][ T9444] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 748.733743][ T9444] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 748.733767][ T9444] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 748.745380][ T9444] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 748.745397][ T9444] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 748.745422][ T9444] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 748.970637][ T8257] usb 4-1: new high-speed USB device number 31 using dummy_hcd [ 749.372874][ T8257] usb 4-1: unable to get BOS descriptor or descriptor too short [ 749.374084][ T8257] usb 4-1: unable to read config index 0 descriptor/start: -71 [ 749.374121][ T8257] usb 4-1: can't read configurations, error -71 [ 749.599098][ T9730] syz.2.792 (9730): drop_caches: 2 [ 750.140093][ T9444] hsr_slave_0: entered promiscuous mode [ 750.145440][ T9444] hsr_slave_1: entered promiscuous mode [ 750.149351][ T9444] debugfs: 'hsr0' already exists in 'hsr' [ 750.149371][ T9444] Cannot create hsr debugfs directory [ 750.912631][ T1326] ieee802154 phy0 wpan0: encryption failed: -22 [ 750.912711][ T1326] ieee802154 phy1 wpan1: encryption failed: -22 [ 752.614880][ T9754] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 753.576306][ T9763] syz.0.799 (9763): drop_caches: 2 [ 754.869866][ T9773] cgroup: Need name or subsystem set [ 757.102263][ T9367] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 757.129446][ T9367] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 757.247106][ T9367] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 757.400484][ T9367] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 757.673783][ T9792] netlink: 68 bytes leftover after parsing attributes in process `syz.0.802'. [ 758.168430][ T9795] syz.2.803 (9795): drop_caches: 2 [ 758.549897][ T9367] kthread_run failed with err -4 [ 758.618418][ T9444] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 758.772741][ T9444] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 758.870170][ T9444] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 759.050596][ T9444] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 761.372471][ T9444] 8021q: adding VLAN 0 to HW filter on device bond0 [ 761.599709][ T8449] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 761.623518][ T8449] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 761.625796][ T8449] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 761.627914][ T8449] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 761.628722][ T8449] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 761.806212][ T9444] 8021q: adding VLAN 0 to HW filter on device team0 [ 762.368985][ T3589] bridge0: port 1(bridge_slave_0) entered blocking state [ 762.370670][ T3589] bridge0: port 1(bridge_slave_0) entered forwarding state [ 762.566869][ T987] bridge0: port 2(bridge_slave_1) entered blocking state [ 762.567033][ T987] bridge0: port 2(bridge_slave_1) entered forwarding state [ 763.730741][ T9849] syz.0.809 (9849): drop_caches: 2 [ 764.336673][ T5156] Bluetooth: hci5: command tx timeout [ 766.340594][ T5156] Bluetooth: hci5: command tx timeout [ 768.420766][ T5156] Bluetooth: hci5: command tx timeout [ 769.402250][ T995] usb 4-1: new high-speed USB device number 33 using dummy_hcd [ 769.587953][ T995] usb 4-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 769.587974][ T995] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 769.587985][ T995] usb 4-1: Product: syz [ 769.587993][ T995] usb 4-1: Manufacturer: syz [ 769.588000][ T995] usb 4-1: SerialNumber: syz [ 770.512661][ T5156] Bluetooth: hci5: command tx timeout [ 771.174587][ T9827] chnl_net:caif_netlink_parms(): no params data found [ 771.274688][ T995] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000040. ret = -EPIPE [ 771.476217][ T995] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00001004. ret = -EPROTO [ 771.476862][ T995] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x0000011c. ret = -EPROTO [ 771.476923][ T995] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED.... [ 771.477714][ T995] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 771.625754][ T995] lan78xx 4-1:1.0: probe with driver lan78xx failed with error -71 [ 771.698135][ T995] usb 4-1: USB disconnect, device number 33 [ 771.790672][ T68] bridge_slave_1: left allmulticast mode [ 771.793909][ T68] bridge_slave_1: left promiscuous mode [ 771.794214][ T68] bridge0: port 2(bridge_slave_1) entered disabled state [ 771.908183][ T68] bridge_slave_0: left allmulticast mode [ 771.908217][ T68] bridge_slave_0: left promiscuous mode [ 771.908495][ T68] bridge0: port 1(bridge_slave_0) entered disabled state [ 772.200777][ C1] vkms_vblank_simulate: vblank timer overrun [ 772.218229][ T8449] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 772.223792][ C1] vkms_vblank_simulate: vblank timer overrun [ 772.243307][ T8449] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 772.261880][ T8449] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 772.263372][ T8449] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 772.265764][ T8449] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 772.322506][ C1] vkms_vblank_simulate: vblank timer overrun [ 773.040660][ T5888] usb 4-1: new high-speed USB device number 34 using dummy_hcd [ 773.253506][ T5888] usb 4-1: unable to get BOS descriptor or descriptor too short [ 773.254591][ T5888] usb 4-1: unable to read config index 0 descriptor/start: -71 [ 773.254639][ T5888] usb 4-1: can't read configurations, error -71 [ 773.406336][ T68] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 773.481213][ T68] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 773.546669][ T68] bond0 (unregistering): Released all slaves [ 774.414942][ T9950] syz.0.822 (9950): drop_caches: 2 [ 774.424410][ T5156] Bluetooth: hci1: command tx timeout [ 774.558944][ T9952] netlink: 'syz.3.821': attribute type 10 has an invalid length. [ 775.440906][ T8257] usb 3-1: new high-speed USB device number 22 using dummy_hcd [ 775.464498][ T68] hsr_slave_0: left promiscuous mode [ 775.600107][ T68] hsr_slave_1: left promiscuous mode [ 775.603304][ T68] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 775.709460][ T37] audit: type=1326 audit(1757814669.840:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9956 comm="syz.0.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd4f1deba9 code=0x7ffc0000 [ 775.709513][ T37] audit: type=1326 audit(1757814669.840:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9956 comm="syz.0.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd4f1deba9 code=0x7ffc0000 [ 775.709548][ T37] audit: type=1326 audit(1757814669.840:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9956 comm="syz.0.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7fbd4f1deba9 code=0x7ffc0000 [ 775.709585][ T37] audit: type=1326 audit(1757814669.850:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9956 comm="syz.0.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd4f1deba9 code=0x7ffc0000 [ 775.709624][ T37] audit: type=1326 audit(1757814669.850:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9956 comm="syz.0.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd4f1deba9 code=0x7ffc0000 [ 775.709661][ T37] audit: type=1326 audit(1757814669.850:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9956 comm="syz.0.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=78 compat=0 ip=0x7fbd4f1deba9 code=0x7ffc0000 [ 775.709701][ T37] audit: type=1326 audit(1757814669.850:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9956 comm="syz.0.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd4f1deba9 code=0x7ffc0000 [ 775.709739][ T37] audit: type=1326 audit(1757814669.850:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9956 comm="syz.0.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd4f1deba9 code=0x7ffc0000 [ 775.709780][ T37] audit: type=1326 audit(1757814669.850:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9956 comm="syz.0.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbd4f1deba9 code=0x7ffc0000 [ 775.709811][ T37] audit: type=1326 audit(1757814669.850:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9956 comm="syz.0.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd4f1deba9 code=0x7ffc0000 [ 775.724186][ T68] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 776.535033][ T5156] Bluetooth: hci1: command tx timeout [ 776.580259][ T8257] usb 3-1: unable to get BOS descriptor or descriptor too short [ 776.627581][ T8257] usb 3-1: unable to read config index 0 descriptor/start: -71 [ 776.627637][ T8257] usb 3-1: can't read configurations, error -71 [ 777.375848][ C1] vkms_vblank_simulate: vblank timer overrun [ 777.604752][ C1] vkms_vblank_simulate: vblank timer overrun [ 777.653712][ C1] vkms_vblank_simulate: vblank timer overrun [ 778.334234][ C1] vkms_vblank_simulate: vblank timer overrun [ 778.580635][ T5156] Bluetooth: hci1: command tx timeout [ 778.623242][ T68] team0 (unregistering): Port device team_slave_1 removed [ 778.835115][ C1] vkms_vblank_simulate: vblank timer overrun [ 778.882350][ T68] team0 (unregistering): Port device team_slave_0 removed [ 779.892199][ C1] vkms_vblank_simulate: vblank timer overrun [ 779.942553][ C1] vkms_vblank_simulate: vblank timer overrun [ 780.960628][ T5156] Bluetooth: hci1: command tx timeout [ 781.953105][ T9827] bridge0: port 1(bridge_slave_0) entered blocking state [ 781.953199][ T9827] bridge0: port 1(bridge_slave_0) entered disabled state [ 781.953380][ T9827] bridge_slave_0: entered allmulticast mode [ 781.960555][ T9827] bridge_slave_0: entered promiscuous mode [ 781.976756][ T9827] bridge0: port 2(bridge_slave_1) entered blocking state [ 781.976839][ T9827] bridge0: port 2(bridge_slave_1) entered disabled state [ 781.977006][ T9827] bridge_slave_1: entered allmulticast mode [ 782.022266][ T9983] input: syz0 as /devices/virtual/input/input12 [ 782.045831][ T37] kauditd_printk_skb: 18 callbacks suppressed [ 782.045851][ T37] audit: type=1326 audit(1757814676.160:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9979 comm="syz.2.829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd290eba9 code=0x7ffc0000 [ 782.045907][ T37] audit: type=1326 audit(1757814676.160:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9979 comm="syz.2.829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd290eba9 code=0x7ffc0000 [ 782.045944][ T37] audit: type=1326 audit(1757814676.160:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9979 comm="syz.2.829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7fbfd290eba9 code=0x7ffc0000 [ 782.045982][ T37] audit: type=1326 audit(1757814676.160:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9979 comm="syz.2.829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd290eba9 code=0x7ffc0000 [ 782.046015][ T37] audit: type=1326 audit(1757814676.160:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9979 comm="syz.2.829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd290eba9 code=0x7ffc0000 [ 782.046046][ T37] audit: type=1326 audit(1757814676.160:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9979 comm="syz.2.829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=78 compat=0 ip=0x7fbfd290eba9 code=0x7ffc0000 [ 782.046075][ T37] audit: type=1326 audit(1757814676.160:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9979 comm="syz.2.829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd290eba9 code=0x7ffc0000 [ 782.046105][ T37] audit: type=1326 audit(1757814676.160:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9979 comm="syz.2.829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbfd290eba9 code=0x7ffc0000 [ 782.046112][ T9827] bridge_slave_1: entered promiscuous mode [ 782.046142][ T37] audit: type=1326 audit(1757814676.160:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9979 comm="syz.2.829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd290eba9 code=0x7ffc0000 [ 782.046185][ T37] audit: type=1326 audit(1757814676.170:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9979 comm="syz.2.829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbfd290eba9 code=0x7ffc0000 [ 782.179706][ C1] vkms_vblank_simulate: vblank timer overrun [ 782.668939][ C1] vkms_vblank_simulate: vblank timer overrun [ 783.699529][ T9991] syz.0.832 (9991): drop_caches: 2 [ 783.707701][ T9827] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 783.798935][ T9827] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 784.312277][ T9999] syz.0.834 (9999): drop_caches: 2 [ 785.051311][ T9827] team0: Port device team_slave_0 added [ 785.102962][ T9827] team0: Port device team_slave_1 added [ 785.199776][ C1] vkms_vblank_simulate: vblank timer overrun [ 785.218922][ T5938] usb 4-1: new high-speed USB device number 36 using dummy_hcd [ 785.282122][ C1] vkms_vblank_simulate: vblank timer overrun [ 785.376627][ T5938] usb 4-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 785.376659][ T5938] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 785.376679][ T5938] usb 4-1: Product: syz [ 785.376692][ T5938] usb 4-1: Manufacturer: syz [ 785.376722][ T5938] usb 4-1: SerialNumber: syz [ 785.494495][ C1] vkms_vblank_simulate: vblank timer overrun [ 785.840515][ C1] vkms_vblank_simulate: vblank timer overrun [ 786.145494][ C1] vkms_vblank_simulate: vblank timer overrun [ 786.222979][ C1] vkms_vblank_simulate: vblank timer overrun [ 786.351339][ C1] vkms_vblank_simulate: vblank timer overrun [ 786.630235][ T9827] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 786.630253][ T9827] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 786.630278][ T9827] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 786.706592][T10016] futex_wake_op: syz.2.837 tries to shift op by -1; fix this program [ 786.742167][ T9827] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 786.742184][ T9827] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 786.742209][ T9827] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 787.796926][ T5938] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000040. ret = -EPIPE [ 787.999081][ T5938] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00001000. ret = -EPROTO [ 787.999471][ T5938] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x0000011c. ret = -EPROTO [ 787.999504][ T5938] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED.... [ 787.999940][ T5938] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 788.375790][ T5938] lan78xx 4-1:1.0: probe with driver lan78xx failed with error -71 [ 788.400300][ T5938] usb 4-1: USB disconnect, device number 36 [ 788.853951][ T9827] hsr_slave_0: entered promiscuous mode [ 788.863236][ T9827] hsr_slave_1: entered promiscuous mode [ 788.864228][ T9827] debugfs: 'hsr0' already exists in 'hsr' [ 788.864251][ T9827] Cannot create hsr debugfs directory [ 788.993078][T10037] netlink: 68 bytes leftover after parsing attributes in process `syz.3.842'. [ 792.290971][ T9931] chnl_net:caif_netlink_parms(): no params data found [ 796.689351][T10095] cgroup: Need name or subsystem set [ 796.968492][T10095] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 797.544465][T10109] syz.2.852 (10109): drop_caches: 2 [ 799.397869][ C1] vkms_vblank_simulate: vblank timer overrun [ 799.765665][ T9931] bridge0: port 1(bridge_slave_0) entered blocking state [ 799.765899][ T9931] bridge0: port 1(bridge_slave_0) entered disabled state [ 799.766170][ T9931] bridge_slave_0: entered allmulticast mode [ 799.792719][ T9931] bridge_slave_0: entered promiscuous mode [ 799.962832][ T9931] bridge0: port 2(bridge_slave_1) entered blocking state [ 799.962981][ T9931] bridge0: port 2(bridge_slave_1) entered disabled state [ 799.963247][ T9931] bridge_slave_1: entered allmulticast mode [ 799.994003][ T9931] bridge_slave_1: entered promiscuous mode [ 800.161330][ C1] vkms_vblank_simulate: vblank timer overrun [ 800.501406][ T5927] usb 1-1: new high-speed USB device number 35 using dummy_hcd [ 800.652745][ T5927] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 800.652783][ T5927] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 800.652796][ T5927] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 800.670921][ T5927] usb 1-1: config 0 descriptor?? [ 800.713987][ T5927] pwc: Askey VC010 type 2 USB webcam detected. [ 801.033061][ T9931] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 801.116165][ T5927] pwc: recv_control_msg error -32 req 02 val 2b00 [ 801.117001][ T5927] pwc: recv_control_msg error -32 req 02 val 2700 [ 801.117748][ T5927] pwc: recv_control_msg error -32 req 02 val 2c00 [ 801.118829][ T5927] pwc: recv_control_msg error -32 req 04 val 1000 [ 801.121846][ T5927] pwc: recv_control_msg error -32 req 04 val 1300 [ 801.123017][ T5927] pwc: recv_control_msg error -32 req 04 val 1400 [ 801.123755][ T5927] pwc: recv_control_msg error -32 req 02 val 2000 [ 801.125333][ T5927] pwc: recv_control_msg error -32 req 02 val 2100 [ 801.321543][ T5938] usb 4-1: new high-speed USB device number 37 using dummy_hcd [ 801.328429][ T5927] pwc: recv_control_msg error -71 req 02 val 2500 [ 801.330166][ T5927] pwc: recv_control_msg error -71 req 02 val 2400 [ 801.331385][ T5927] pwc: recv_control_msg error -71 req 02 val 2600 [ 801.337590][ T5927] pwc: recv_control_msg error -71 req 02 val 2900 [ 801.339122][ T5927] pwc: recv_control_msg error -71 req 02 val 2800 [ 801.344267][ T5927] pwc: recv_control_msg error -71 req 04 val 1100 [ 801.344768][ T5927] pwc: recv_control_msg error -71 req 04 val 1200 [ 801.355921][ T9931] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 801.367221][ T5927] pwc: Registered as video103. [ 801.376210][ T5927] input: PWC snapshot button as /devices/platform/dummy_hcd.0/usb1/1-1/input/input13 [ 801.438222][ T5927] usb 1-1: USB disconnect, device number 35 [ 802.168989][ T5938] usb 4-1: unable to get BOS descriptor or descriptor too short [ 802.170123][ T5938] usb 4-1: unable to read config index 0 descriptor/start: -71 [ 802.170161][ T5938] usb 4-1: can't read configurations, error -71 [ 802.532575][T10140] syz.2.860 (10140): drop_caches: 2 [ 803.702776][ T9931] team0: Port device team_slave_0 added [ 803.734244][ T9931] team0: Port device team_slave_1 added [ 804.106812][T10156] syz.2.864 (10156): drop_caches: 2 [ 806.360286][ T68] bridge_slave_1: left allmulticast mode [ 806.360311][ T68] bridge_slave_1: left promiscuous mode [ 806.372312][ T68] bridge0: port 2(bridge_slave_1) entered disabled state [ 806.522073][ T68] bridge_slave_0: left allmulticast mode [ 806.522108][ T68] bridge_slave_0: left promiscuous mode [ 806.522494][ T68] bridge0: port 1(bridge_slave_0) entered disabled state [ 808.070805][T10174] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 809.663360][T10183] netlink: 'syz.0.871': attribute type 10 has an invalid length. [ 812.295270][ T1326] ieee802154 phy0 wpan0: encryption failed: -22 [ 812.295319][ T1326] ieee802154 phy1 wpan1: encryption failed: -22 [ 812.931443][ T68] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 813.001655][ T68] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 813.069344][ T68] bond0 (unregistering): Released all slaves [ 813.183021][ T9931] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 813.183038][ T9931] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 813.183064][ T9931] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 813.248191][ T9931] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 813.248211][ T9931] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 813.248234][ T9931] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 813.854602][ T5925] usb 1-1: new high-speed USB device number 36 using dummy_hcd [ 813.911028][T10214] cgroup: Need name or subsystem set [ 814.332133][T10214] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 814.696948][ T68] hsr_slave_0: left promiscuous mode [ 814.740786][ T68] hsr_slave_1: left promiscuous mode [ 814.741692][ T68] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 814.773399][ T68] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 815.752512][ T5925] usb 1-1: unable to get BOS descriptor or descriptor too short [ 815.754642][ T5925] usb 1-1: unable to read config index 0 descriptor/start: -71 [ 815.754679][ T5925] usb 1-1: can't read configurations, error -71 [ 816.163348][T10228] netlink: 'syz.2.883': attribute type 10 has an invalid length. [ 816.673856][T10233] syz.0.884 (10233): drop_caches: 2 [ 818.313678][ C0] vkms_vblank_simulate: vblank timer overrun [ 818.391582][ T37] kauditd_printk_skb: 14 callbacks suppressed [ 818.391603][ T37] audit: type=1326 audit(1757814712.510:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10236 comm="syz.0.886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd4f1deba9 code=0x7ffc0000 [ 818.391664][ T37] audit: type=1326 audit(1757814712.510:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10236 comm="syz.0.886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7fbd4f1deba9 code=0x7ffc0000 [ 818.391690][ T37] audit: type=1326 audit(1757814712.510:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10236 comm="syz.0.886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd4f1deba9 code=0x7ffc0000 [ 818.391712][ T37] audit: type=1326 audit(1757814712.510:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10236 comm="syz.0.886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd4f1deba9 code=0x7ffc0000 [ 818.391735][ T37] audit: type=1326 audit(1757814712.510:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10236 comm="syz.0.886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=78 compat=0 ip=0x7fbd4f1deba9 code=0x7ffc0000 [ 818.391757][ T37] audit: type=1326 audit(1757814712.510:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10236 comm="syz.0.886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd4f1deba9 code=0x7ffc0000 [ 818.391779][ T37] audit: type=1326 audit(1757814712.510:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10236 comm="syz.0.886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd4f1deba9 code=0x7ffc0000 [ 818.391801][ T37] audit: type=1326 audit(1757814712.520:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10236 comm="syz.0.886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbd4f1deba9 code=0x7ffc0000 [ 818.391824][ T37] audit: type=1326 audit(1757814712.520:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10236 comm="syz.0.886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd4f1deba9 code=0x7ffc0000 [ 818.391846][ T37] audit: type=1326 audit(1757814712.520:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10236 comm="syz.0.886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd4f1deba9 code=0x7ffc0000 [ 818.631618][ C0] vkms_vblank_simulate: vblank timer overrun [ 819.166230][ T68] team0 (unregistering): Port device team_slave_1 removed [ 819.581164][ T68] team0 (unregistering): Port device team_slave_0 removed [ 820.114891][ T8449] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 820.134365][ T8449] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 820.135630][ T8449] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 820.137314][ T8449] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 820.138133][ T8449] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 820.459750][T10252] netlink: 'syz.0.889': attribute type 10 has an invalid length. [ 820.812095][ C0] vkms_vblank_simulate: vblank timer overrun [ 821.028833][ C0] vkms_vblank_simulate: vblank timer overrun [ 822.260639][ T5156] Bluetooth: hci4: command tx timeout [ 822.328765][ C0] vkms_vblank_simulate: vblank timer overrun [ 822.547225][ T9931] hsr_slave_0: entered promiscuous mode [ 822.548142][ T9931] hsr_slave_1: entered promiscuous mode [ 822.548780][ T9931] debugfs: 'hsr0' already exists in 'hsr' [ 822.548797][ T9931] Cannot create hsr debugfs directory [ 823.228154][T10256] syz.3.890 (10256): drop_caches: 2 [ 824.378868][ T5156] Bluetooth: hci4: command tx timeout [ 826.440871][ T5156] Bluetooth: hci4: command tx timeout [ 827.670603][ T5925] usb 4-1: new high-speed USB device number 39 using dummy_hcd [ 827.890621][ T5888] usb 1-1: new high-speed USB device number 38 using dummy_hcd [ 828.500692][ T5156] Bluetooth: hci4: command tx timeout [ 828.871841][ T5888] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 828.871881][ T5888] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 828.871894][ T5888] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 828.936937][ T5888] usb 1-1: config 0 descriptor?? [ 828.957473][ T5888] pwc: Askey VC010 type 2 USB webcam detected. [ 829.213011][ T5925] usb 4-1: unable to get BOS descriptor or descriptor too short [ 829.216087][ T5925] usb 4-1: unable to read config index 0 descriptor/start: -71 [ 829.216178][ T5925] usb 4-1: can't read configurations, error -71 [ 829.398775][ T5888] pwc: recv_control_msg error -32 req 02 val 2b00 [ 829.411979][ T5888] pwc: recv_control_msg error -32 req 02 val 2700 [ 829.427172][ T5888] pwc: recv_control_msg error -32 req 02 val 2c00 [ 829.428027][ T5888] pwc: recv_control_msg error -32 req 04 val 1000 [ 829.433359][ T5888] pwc: recv_control_msg error -32 req 04 val 1300 [ 829.434082][ T5888] pwc: recv_control_msg error -32 req 04 val 1400 [ 829.448965][ T5888] pwc: recv_control_msg error -32 req 02 val 2000 [ 829.673031][ T5888] pwc: recv_control_msg error -71 req 04 val 1500 [ 829.676246][ T5888] pwc: recv_control_msg error -71 req 02 val 2500 [ 829.676738][ T5888] pwc: recv_control_msg error -71 req 02 val 2400 [ 829.677262][ T5888] pwc: recv_control_msg error -71 req 02 val 2600 [ 829.677769][ T5888] pwc: recv_control_msg error -71 req 02 val 2900 [ 829.678285][ T5888] pwc: recv_control_msg error -71 req 02 val 2800 [ 829.678995][ T5888] pwc: recv_control_msg error -71 req 04 val 1100 [ 829.679498][ T5888] pwc: recv_control_msg error -71 req 04 val 1200 [ 829.773131][ T5888] pwc: Registered as video103. [ 829.794136][ T5888] input: PWC snapshot button as /devices/platform/dummy_hcd.0/usb1/1-1/input/input15 [ 829.812752][ T5888] usb 1-1: USB disconnect, device number 38 [ 830.540167][T10328] syz.0.905 (10328): drop_caches: 2 [ 830.594552][T10247] chnl_net:caif_netlink_parms(): no params data found [ 831.151360][ T5925] usb 3-1: new high-speed USB device number 24 using dummy_hcd [ 831.557362][ T5925] usb 3-1: unable to get BOS descriptor or descriptor too short [ 831.558507][ T5925] usb 3-1: unable to read config index 0 descriptor/start: -71 [ 831.558543][ T5925] usb 3-1: can't read configurations, error -71 [ 832.580349][T10247] bridge0: port 1(bridge_slave_0) entered blocking state [ 832.580801][T10247] bridge0: port 1(bridge_slave_0) entered disabled state [ 832.581077][T10247] bridge_slave_0: entered allmulticast mode [ 832.598446][T10247] bridge_slave_0: entered promiscuous mode [ 832.645414][T10247] bridge0: port 2(bridge_slave_1) entered blocking state [ 832.645579][T10247] bridge0: port 2(bridge_slave_1) entered disabled state [ 832.645826][T10247] bridge_slave_1: entered allmulticast mode [ 832.648419][T10247] bridge_slave_1: entered promiscuous mode [ 832.916936][T10247] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 832.965295][T10247] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 833.399194][T10247] team0: Port device team_slave_0 added [ 833.423150][T10247] team0: Port device team_slave_1 added [ 833.663589][ T68] bridge_slave_1: left allmulticast mode [ 833.663623][ T68] bridge_slave_1: left promiscuous mode [ 833.663924][ T68] bridge0: port 2(bridge_slave_1) entered disabled state [ 833.795077][ T68] bridge_slave_0: left allmulticast mode [ 833.795100][ T68] bridge_slave_0: left promiscuous mode [ 833.795311][ T68] bridge0: port 1(bridge_slave_0) entered disabled state [ 834.102691][ T8449] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 834.127140][ T8449] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 834.132082][ T8449] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 834.139041][ T8449] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 834.140853][ T8449] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 834.829111][ T68] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 835.906899][ T68] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 835.979463][ T68] bond0 (unregistering): Released all slaves [ 836.310560][ T8383] usb 4-1: new high-speed USB device number 41 using dummy_hcd [ 836.342669][ T8449] Bluetooth: hci1: command tx timeout [ 836.483325][ T8383] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 836.483390][ T8383] usb 4-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 836.483413][ T8383] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 836.519341][ T8383] usb 4-1: config 0 descriptor?? [ 836.528269][ T8383] pwc: Askey VC010 type 2 USB webcam detected. [ 836.960551][ T8383] pwc: recv_control_msg error -32 req 02 val 2b00 [ 836.961498][ T8383] pwc: recv_control_msg error -32 req 02 val 2700 [ 836.962698][ T8383] pwc: recv_control_msg error -32 req 02 val 2c00 [ 836.963407][ T8383] pwc: recv_control_msg error -32 req 04 val 1000 [ 836.964456][ T8383] pwc: recv_control_msg error -32 req 04 val 1300 [ 836.967224][ T8383] pwc: recv_control_msg error -32 req 04 val 1400 [ 836.969766][ T8383] pwc: recv_control_msg error -32 req 02 val 2000 [ 837.172322][ T8383] pwc: recv_control_msg error -71 req 04 val 1500 [ 837.172847][ T8383] pwc: recv_control_msg error -71 req 02 val 2500 [ 837.173305][ T8383] pwc: recv_control_msg error -71 req 02 val 2400 [ 837.173779][ T8383] pwc: recv_control_msg error -71 req 02 val 2600 [ 837.174251][ T8383] pwc: recv_control_msg error -71 req 02 val 2900 [ 837.174726][ T8383] pwc: recv_control_msg error -71 req 02 val 2800 [ 837.184016][ T8383] pwc: recv_control_msg error -71 req 04 val 1100 [ 837.184390][ T8383] pwc: recv_control_msg error -71 req 04 val 1200 [ 837.241866][ T8383] pwc: Registered as video103. [ 837.244039][ T8383] input: PWC snapshot button as /devices/platform/dummy_hcd.3/usb4/4-1/input/input16 [ 837.249767][ T8383] usb 4-1: USB disconnect, device number 41 [ 837.772042][T10247] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 837.772060][T10247] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 837.772080][T10247] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 837.775053][T10247] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 837.775069][T10247] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 837.775094][T10247] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 838.420638][ T8449] Bluetooth: hci1: command tx timeout [ 840.503042][ T8449] Bluetooth: hci1: command tx timeout [ 841.087724][ T68] hsr_slave_0: left promiscuous mode [ 841.196700][ T68] hsr_slave_1: left promiscuous mode [ 841.197694][ T68] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 841.271964][ T68] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 841.740637][ T5888] usb 1-1: new high-speed USB device number 39 using dummy_hcd [ 841.941557][ T37] kauditd_printk_skb: 16 callbacks suppressed [ 841.941577][ T37] audit: type=1326 audit(1757814736.090:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10387 comm="syz.2.920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd290eba9 code=0x7ffc0000 [ 841.941625][ T37] audit: type=1326 audit(1757814736.090:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10387 comm="syz.2.920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7fbfd290eba9 code=0x7ffc0000 [ 841.941665][ T37] audit: type=1326 audit(1757814736.090:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10387 comm="syz.2.920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd290eba9 code=0x7ffc0000 [ 841.941706][ T37] audit: type=1326 audit(1757814736.090:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10387 comm="syz.2.920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=78 compat=0 ip=0x7fbfd290eba9 code=0x7ffc0000 [ 841.941746][ T37] audit: type=1326 audit(1757814736.090:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10387 comm="syz.2.920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd290eba9 code=0x7ffc0000 [ 841.941787][ T37] audit: type=1326 audit(1757814736.090:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10387 comm="syz.2.920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbfd290eba9 code=0x7ffc0000 [ 841.941827][ T37] audit: type=1326 audit(1757814736.090:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10387 comm="syz.2.920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd290eba9 code=0x7ffc0000 [ 841.941868][ T37] audit: type=1326 audit(1757814736.100:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10387 comm="syz.2.920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbfd290eba9 code=0x7ffc0000 [ 841.941909][ T37] audit: type=1326 audit(1757814736.100:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10387 comm="syz.2.920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd290eba9 code=0x7ffc0000 [ 841.941950][ T37] audit: type=1326 audit(1757814736.100:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10387 comm="syz.2.920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=19 compat=0 ip=0x7fbfd290eba9 code=0x7ffc0000 [ 842.446301][ T5888] usb 1-1: unable to get BOS descriptor or descriptor too short [ 842.469304][ T5888] usb 1-1: unable to read config index 0 descriptor/start: -71 [ 842.469331][ T5888] usb 1-1: can't read configurations, error -71 [ 842.590655][ T8449] Bluetooth: hci1: command tx timeout [ 842.821785][T10390] input: syz0 as /devices/virtual/input/input17 [ 843.253294][ C1] vkms_vblank_simulate: vblank timer overrun [ 843.934044][T10396] syz.0.921 (10396): drop_caches: 2 [ 844.378004][ T68] team0 (unregistering): Port device team_slave_1 removed [ 844.729910][ C1] vkms_vblank_simulate: vblank timer overrun [ 844.989170][ C1] vkms_vblank_simulate: vblank timer overrun [ 845.159063][ C1] vkms_vblank_simulate: vblank timer overrun [ 845.335003][ C1] vkms_vblank_simulate: vblank timer overrun [ 845.502319][ C1] vkms_vblank_simulate: vblank timer overrun [ 845.777561][ C1] vkms_vblank_simulate: vblank timer overrun [ 845.851627][ T68] team0 (unregistering): Port device team_slave_0 removed [ 845.880696][ C1] vkms_vblank_simulate: vblank timer overrun [ 846.087736][ C1] vkms_vblank_simulate: vblank timer overrun [ 846.503760][ C1] vkms_vblank_simulate: vblank timer overrun [ 846.879650][ C1] vkms_vblank_simulate: vblank timer overrun [ 847.109952][T10413] cgroup: Need name or subsystem set [ 847.147739][ C1] vkms_vblank_simulate: vblank timer overrun [ 847.355966][ C1] vkms_vblank_simulate: vblank timer overrun [ 847.503930][ C1] vkms_vblank_simulate: vblank timer overrun [ 847.877657][ C1] vkms_vblank_simulate: vblank timer overrun [ 847.878191][T10413] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 847.982746][ C1] vkms_vblank_simulate: vblank timer overrun [ 848.162423][ C1] vkms_vblank_simulate: vblank timer overrun [ 848.299126][T10247] hsr_slave_0: entered promiscuous mode [ 848.313121][T10247] hsr_slave_1: entered promiscuous mode [ 848.314166][T10247] debugfs: 'hsr0' already exists in 'hsr' [ 848.314190][T10247] Cannot create hsr debugfs directory [ 849.918737][ C1] vkms_vblank_simulate: vblank timer overrun [ 854.115388][T10474] netlink: 68 bytes leftover after parsing attributes in process `syz.0.932'. [ 854.341933][T10477] random: crng reseeded on system resumption [ 856.464967][T10357] chnl_net:caif_netlink_parms(): no params data found [ 857.858611][ C1] vkms_vblank_simulate: vblank timer overrun [ 858.037628][ C1] vkms_vblank_simulate: vblank timer overrun [ 858.251959][ C1] vkms_vblank_simulate: vblank timer overrun [ 858.259513][ T8383] usb 4-1: new high-speed USB device number 42 using dummy_hcd [ 858.645707][ C1] vkms_vblank_simulate: vblank timer overrun [ 858.781705][ C1] vkms_vblank_simulate: vblank timer overrun [ 859.467410][T10517] netlink: 68 bytes leftover after parsing attributes in process `syz.2.941'. [ 859.582390][ T8383] usb 4-1: unable to get BOS descriptor or descriptor too short [ 859.583689][ T8383] usb 4-1: unable to read config index 0 descriptor/start: -71 [ 859.583713][ T8383] usb 4-1: can't read configurations, error -71 [ 860.208870][ C1] vkms_vblank_simulate: vblank timer overrun [ 860.444618][ C1] vkms_vblank_simulate: vblank timer overrun [ 861.188678][ C1] vkms_vblank_simulate: vblank timer overrun [ 861.303852][ C1] vkms_vblank_simulate: vblank timer overrun [ 861.595901][ C1] vkms_vblank_simulate: vblank timer overrun [ 865.110551][T10357] bridge0: port 1(bridge_slave_0) entered blocking state [ 865.110633][T10357] bridge0: port 1(bridge_slave_0) entered disabled state [ 865.110831][T10357] bridge_slave_0: entered allmulticast mode [ 865.117955][T10357] bridge_slave_0: entered promiscuous mode [ 865.264453][T10357] bridge0: port 2(bridge_slave_1) entered blocking state [ 865.264534][T10357] bridge0: port 2(bridge_slave_1) entered disabled state [ 865.264710][T10357] bridge_slave_1: entered allmulticast mode [ 865.266260][T10357] bridge_slave_1: entered promiscuous mode [ 865.317824][T10536] random: crng reseeded on system resumption [ 866.387234][T10357] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 866.410046][T10357] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 866.944994][T10357] team0: Port device team_slave_0 added [ 866.986732][T10536] Hibernate inconsistent memory map detected! [ 866.986743][T10536] PM: hibernation: Image mismatch: architecture specific data [ 867.123175][T10357] team0: Port device team_slave_1 added [ 867.128098][T10247] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 868.960791][T10247] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 869.520087][T10247] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 869.547313][T10357] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 869.547331][T10357] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 869.547356][T10357] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 869.824741][T10247] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 869.891365][T10357] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 869.891377][T10357] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 869.891391][T10357] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 870.075197][ T68] bridge_slave_1: left allmulticast mode [ 870.075229][ T68] bridge_slave_1: left promiscuous mode [ 870.075498][ T68] bridge0: port 2(bridge_slave_1) entered disabled state [ 870.182292][ T68] bridge_slave_0: left allmulticast mode [ 870.182333][ T68] bridge_slave_0: left promiscuous mode [ 870.182664][ T68] bridge0: port 1(bridge_slave_0) entered disabled state [ 871.661788][ T68] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 871.756036][T10581] syz.3.957 (10581): drop_caches: 2 [ 871.772952][ T68] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 871.817207][ T68] bond0 (unregistering): Released all slaves [ 871.890479][T10312] usb 1-1: new high-speed USB device number 41 using dummy_hcd [ 872.152506][T10312] usb 1-1: config 4 has an invalid interface number: 39 but max is 1 [ 872.152525][T10312] usb 1-1: config 4 has an invalid interface number: 49 but max is 1 [ 872.152535][T10312] usb 1-1: config 4 has no interface number 0 [ 872.152543][T10312] usb 1-1: config 4 has no interface number 1 [ 872.152574][T10312] usb 1-1: config 4 interface 39 has no altsetting 0 [ 872.152583][T10312] usb 1-1: config 4 interface 49 has no altsetting 0 [ 872.157295][T10312] usb 1-1: New USB device found, idVendor=05e3, idProduct=0503, bcdDevice=25.79 [ 872.157326][T10312] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 872.157346][T10312] usb 1-1: Product: syz [ 872.157360][T10312] usb 1-1: Manufacturer: syz [ 872.157374][T10312] usb 1-1: SerialNumber: syz [ 872.581060][T10312] usb 1-1: USB disconnect, device number 41 [ 872.733183][T10357] hsr_slave_0: entered promiscuous mode [ 872.736419][T10357] hsr_slave_1: entered promiscuous mode [ 872.755015][T10357] debugfs: 'hsr0' already exists in 'hsr' [ 872.755045][T10357] Cannot create hsr debugfs directory [ 872.920577][ T68] hsr_slave_0: left promiscuous mode [ 872.970522][ T68] hsr_slave_1: left promiscuous mode [ 872.972257][ T68] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 873.001910][ T68] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 873.711388][ T1326] ieee802154 phy0 wpan0: encryption failed: -22 [ 873.711464][ T1326] ieee802154 phy1 wpan1: encryption failed: -22 [ 874.007436][T10601] syz.0.962 (10601): drop_caches: 2 [ 875.641630][ T68] team0 (unregistering): Port device team_slave_1 removed [ 875.743619][ T5925] usb 3-1: new high-speed USB device number 26 using dummy_hcd [ 875.796296][ T68] team0 (unregistering): Port device team_slave_0 removed [ 877.093421][ T5925] usb 3-1: unable to get BOS descriptor or descriptor too short [ 877.094261][ T5925] usb 3-1: unable to read config index 0 descriptor/start: -71 [ 877.094282][ T5925] usb 3-1: can't read configurations, error -71 [ 882.506615][ T5156] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 882.539557][ T5156] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 882.556456][ T5156] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 882.560814][ T5156] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 882.565131][ T5156] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 883.689837][T10677] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 884.675872][ T995] usb 3-1: new high-speed USB device number 28 using dummy_hcd [ 884.820902][ T5156] Bluetooth: hci4: command tx timeout [ 885.456981][ T995] usb 3-1: unable to get BOS descriptor or descriptor too short [ 885.458140][ T995] usb 3-1: unable to read config index 0 descriptor/start: -71 [ 885.458163][ T995] usb 3-1: can't read configurations, error -71 [ 885.833633][ T8383] usb 4-1: new high-speed USB device number 44 using dummy_hcd [ 886.001871][ T8383] usb 4-1: config 4 has an invalid interface number: 39 but max is 1 [ 886.001902][ T8383] usb 4-1: config 4 has an invalid interface number: 49 but max is 1 [ 886.001921][ T8383] usb 4-1: config 4 has no interface number 0 [ 886.001937][ T8383] usb 4-1: config 4 has no interface number 1 [ 886.001983][ T8383] usb 4-1: config 4 interface 39 has no altsetting 0 [ 886.002002][ T8383] usb 4-1: config 4 interface 49 has no altsetting 0 [ 886.005141][ T8383] usb 4-1: New USB device found, idVendor=05e3, idProduct=0503, bcdDevice=25.79 [ 886.005171][ T8383] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 886.005191][ T8383] usb 4-1: Product: syz [ 886.005205][ T8383] usb 4-1: Manufacturer: syz [ 886.005219][ T8383] usb 4-1: SerialNumber: syz [ 886.474999][ T5925] usb 1-1: new high-speed USB device number 42 using dummy_hcd [ 886.509179][ T8383] usb 4-1: USB disconnect, device number 44 [ 886.643403][ T5925] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 886.643557][ T5925] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 886.643581][ T5925] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 886.693367][ T5925] usb 1-1: config 0 descriptor?? [ 886.808329][ T5925] pwc: Askey VC010 type 2 USB webcam detected. [ 886.900540][ T5156] Bluetooth: hci4: command tx timeout [ 887.030643][T10357] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 887.099942][T10357] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 887.123308][ T5925] pwc: recv_control_msg error -32 req 02 val 2b00 [ 887.125108][ T5925] pwc: recv_control_msg error -32 req 02 val 2700 [ 887.126232][ T5925] pwc: recv_control_msg error -32 req 02 val 2c00 [ 887.127104][ T5925] pwc: recv_control_msg error -32 req 04 val 1000 [ 887.128513][ T5925] pwc: recv_control_msg error -32 req 04 val 1300 [ 887.129420][ T5925] pwc: recv_control_msg error -32 req 04 val 1400 [ 887.135556][ T5925] pwc: recv_control_msg error -32 req 02 val 2000 [ 887.139329][ T5925] pwc: recv_control_msg error -32 req 02 val 2100 [ 887.213199][T10357] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 887.277881][T10357] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 887.358189][ T5925] pwc: recv_control_msg error -71 req 02 val 2500 [ 887.358719][ T5925] pwc: recv_control_msg error -71 req 02 val 2400 [ 887.359192][ T5925] pwc: recv_control_msg error -71 req 02 val 2600 [ 887.359712][ T5925] pwc: recv_control_msg error -71 req 02 val 2900 [ 887.361466][ T5925] pwc: recv_control_msg error -71 req 02 val 2800 [ 887.363252][ T5925] pwc: recv_control_msg error -71 req 04 val 1100 [ 887.363833][ T5925] pwc: recv_control_msg error -71 req 04 val 1200 [ 887.419638][ T5925] pwc: Registered as video103. [ 887.481903][ T5925] input: PWC snapshot button as /devices/platform/dummy_hcd.0/usb1/1-1/input/input19 [ 887.553633][ T5925] usb 1-1: USB disconnect, device number 42 [ 887.824286][T10713] cgroup: Need name or subsystem set [ 888.322537][T10665] chnl_net:caif_netlink_parms(): no params data found [ 888.338804][T10713] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 889.037471][ T5156] Bluetooth: hci4: command tx timeout [ 889.062732][ C0] vkms_vblank_simulate: vblank timer overrun [ 889.091735][ T37] kauditd_printk_skb: 18 callbacks suppressed [ 889.091752][ T37] audit: type=1326 audit(1757814783.260:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10734 comm="syz.2.986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd290eba9 code=0x7ffc0000 [ 889.092517][ T37] audit: type=1326 audit(1757814783.260:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10734 comm="syz.2.986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7fbfd290eba9 code=0x7ffc0000 [ 889.093049][ T37] audit: type=1326 audit(1757814783.260:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10734 comm="syz.2.986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd290eba9 code=0x7ffc0000 [ 889.094003][ T37] audit: type=1326 audit(1757814783.260:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10734 comm="syz.2.986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=78 compat=0 ip=0x7fbfd290eba9 code=0x7ffc0000 [ 889.663505][T10742] netlink: 12 bytes leftover after parsing attributes in process `syz.3.987'. [ 890.296815][ C0] vkms_vblank_simulate: vblank timer overrun [ 890.381741][ T37] audit: type=1326 audit(1757814783.260:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10734 comm="syz.2.986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd290eba9 code=0x7ffc0000 [ 890.381797][ T37] audit: type=1326 audit(1757814784.540:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10734 comm="syz.2.986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbfd290eba9 code=0x7ffc0000 [ 890.381835][ T37] audit: type=1326 audit(1757814784.540:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10734 comm="syz.2.986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd290eba9 code=0x7ffc0000 [ 890.398862][T10738] input: syz0 as /devices/virtual/input/input20 [ 890.406252][ T37] audit: type=1326 audit(1757814784.540:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10734 comm="syz.2.986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbfd290eba9 code=0x7ffc0000 [ 890.406296][ T37] audit: type=1326 audit(1757814784.540:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10734 comm="syz.2.986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd290eba9 code=0x7ffc0000 [ 890.406335][ T37] audit: type=1326 audit(1757814784.540:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10734 comm="syz.2.986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fbfd290eba9 code=0x7ffc0000 [ 890.706042][ T68] bridge_slave_1: left allmulticast mode [ 890.706066][ T68] bridge_slave_1: left promiscuous mode [ 890.706249][ T68] bridge0: port 2(bridge_slave_1) entered disabled state [ 891.066636][ T68] bridge_slave_0: left allmulticast mode [ 891.066659][ T68] bridge_slave_0: left promiscuous mode [ 891.066847][ T68] bridge0: port 1(bridge_slave_0) entered disabled state [ 891.070987][ T5156] Bluetooth: hci4: command tx timeout [ 892.559165][ C0] vkms_vblank_simulate: vblank timer overrun [ 892.815173][ T68] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 893.082444][ T68] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 893.228054][ T68] bond0 (unregistering): Released all slaves [ 893.790186][ C0] vkms_vblank_simulate: vblank timer overrun [ 894.620541][ T68] hsr_slave_0: left promiscuous mode [ 894.690395][ T68] hsr_slave_1: left promiscuous mode [ 894.692208][ T68] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 894.735205][ T68] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 896.256399][T10795] netlink: 'syz.0.999': attribute type 10 has an invalid length. [ 896.846762][ C1] vkms_vblank_simulate: vblank timer overrun [ 897.012362][T10804] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1001'. [ 897.019106][ C1] vkms_vblank_simulate: vblank timer overrun [ 897.656894][ C1] vkms_vblank_simulate: vblank timer overrun [ 897.797911][ C1] vkms_vblank_simulate: vblank timer overrun [ 897.904618][ T8449] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 897.907474][ T8449] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 897.909876][ T8449] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 897.933264][ T8449] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 897.941135][ T8449] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 898.223876][ T68] team0 (unregistering): Port device team_slave_1 removed [ 898.402689][ C1] vkms_vblank_simulate: vblank timer overrun [ 898.531669][ T68] team0 (unregistering): Port device team_slave_0 removed [ 898.782886][ C1] vkms_vblank_simulate: vblank timer overrun [ 899.375686][T10817] syz.3.1005 (10817): drop_caches: 2 [ 900.020901][ T5156] Bluetooth: hci1: command tx timeout [ 900.091552][T10665] bridge0: port 1(bridge_slave_0) entered blocking state [ 900.091798][T10665] bridge0: port 1(bridge_slave_0) entered disabled state [ 900.092061][T10665] bridge_slave_0: entered allmulticast mode [ 900.094853][T10665] bridge_slave_0: entered promiscuous mode [ 900.453061][T10665] bridge0: port 2(bridge_slave_1) entered blocking state [ 900.453210][T10665] bridge0: port 2(bridge_slave_1) entered disabled state [ 900.453461][T10665] bridge_slave_1: entered allmulticast mode [ 900.464331][T10665] bridge_slave_1: entered promiscuous mode [ 902.115231][ T37] kauditd_printk_skb: 4 callbacks suppressed [ 902.115251][ T37] audit: type=1326 audit(1757814796.240:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10825 comm="syz.0.1009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd4f1deba9 code=0x7ffc0000 [ 902.115306][ T37] audit: type=1326 audit(1757814796.250:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10825 comm="syz.0.1009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7fbd4f1deba9 code=0x7ffc0000 [ 902.115346][ T37] audit: type=1326 audit(1757814796.250:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10825 comm="syz.0.1009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd4f1deba9 code=0x7ffc0000 [ 902.115388][ T37] audit: type=1326 audit(1757814796.260:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10825 comm="syz.0.1009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=78 compat=0 ip=0x7fbd4f1deba9 code=0x7ffc0000 [ 902.115428][ T37] audit: type=1326 audit(1757814796.260:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10825 comm="syz.0.1009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd4f1deba9 code=0x7ffc0000 [ 902.115466][ T37] audit: type=1326 audit(1757814796.260:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10825 comm="syz.0.1009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbd4f1deba9 code=0x7ffc0000 [ 902.115505][ T37] audit: type=1326 audit(1757814796.270:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10825 comm="syz.0.1009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd4f1deba9 code=0x7ffc0000 [ 902.115545][ T37] audit: type=1326 audit(1757814796.280:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10825 comm="syz.0.1009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd4f1deba9 code=0x7ffc0000 [ 902.118939][ T5156] Bluetooth: hci1: command tx timeout [ 902.352775][ T37] audit: type=1326 audit(1757814796.280:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10825 comm="syz.0.1009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbd4f1deba9 code=0x7ffc0000 [ 902.562650][ T37] audit: type=1326 audit(1757814796.720:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10825 comm="syz.0.1009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd4f1deba9 code=0x7ffc0000 [ 902.568792][T10665] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 902.606285][T10665] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 904.214859][ T5156] Bluetooth: hci1: command tx timeout [ 904.215323][T10665] team0: Port device team_slave_0 added [ 904.254856][T10665] team0: Port device team_slave_1 added [ 904.979142][T10852] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 905.091433][T10665] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 905.091444][T10665] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 905.091459][T10665] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 905.310542][T10665] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 905.310561][T10665] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 905.310586][T10665] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 906.260505][ T5156] Bluetooth: hci1: command tx timeout [ 906.501960][T10665] hsr_slave_0: entered promiscuous mode [ 906.517692][T10665] hsr_slave_1: entered promiscuous mode [ 906.518668][T10665] debugfs: 'hsr0' already exists in 'hsr' [ 906.518692][T10665] Cannot create hsr debugfs directory [ 907.621273][ C0] vkms_vblank_simulate: vblank timer overrun [ 907.778228][T10878] random: crng reseeded on system resumption [ 907.866347][T10878] Hibernate inconsistent memory map detected! [ 907.866363][T10878] PM: hibernation: Image mismatch: architecture specific data [ 910.521647][T10891] binder: 10888:10891 ioctl 400c620e 2000000001c0 returned -22 [ 910.656513][T10891] binder: 10888:10891 ioctl c018aa3f 200000000080 returned -22 [ 910.659773][T10891] binder: 10888:10891 ioctl c020aa07 200000000280 returned -22 [ 912.934550][T10915] random: crng reseeded on system resumption [ 916.148296][ T37] kauditd_printk_skb: 33 callbacks suppressed [ 916.148314][ T37] audit: type=1326 audit(1757814810.310:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10919 comm="syz.0.1030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd4f1deba9 code=0x7ffc0000 [ 916.149084][ T37] audit: type=1326 audit(1757814810.310:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10919 comm="syz.0.1030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7fbd4f1deba9 code=0x7ffc0000 [ 916.149617][ T37] audit: type=1326 audit(1757814810.310:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10919 comm="syz.0.1030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd4f1deba9 code=0x7ffc0000 [ 916.150192][ T37] audit: type=1326 audit(1757814810.310:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10919 comm="syz.0.1030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=78 compat=0 ip=0x7fbd4f1deba9 code=0x7ffc0000 [ 916.249282][ T37] audit: type=1326 audit(1757814810.410:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10919 comm="syz.0.1030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd4f1deba9 code=0x7ffc0000 [ 916.249629][ T37] audit: type=1326 audit(1757814810.410:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10919 comm="syz.0.1030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd4f1deba9 code=0x7ffc0000 [ 916.262977][ T37] audit: type=1326 audit(1757814810.430:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10919 comm="syz.0.1030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbd4f1deba9 code=0x7ffc0000 [ 916.348469][ T37] audit: type=1326 audit(1757814810.510:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10919 comm="syz.0.1030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd4f1deba9 code=0x7ffc0000 [ 916.349162][ T37] audit: type=1326 audit(1757814810.510:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10919 comm="syz.0.1030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd4f1deba9 code=0x7ffc0000 [ 916.400674][T10312] usb 3-1: new high-speed USB device number 30 using dummy_hcd [ 916.605822][T10312] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 916.605887][T10312] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 916.605911][T10312] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 916.670648][ C1] vkms_vblank_simulate: vblank timer overrun [ 916.679253][ T37] audit: type=1326 audit(1757814810.840:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10919 comm="syz.0.1030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fbd4f1deba9 code=0x7ffc0000 [ 916.729480][T10312] usb 3-1: config 0 descriptor?? [ 916.834018][T10936] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1034'. [ 916.841021][ C1] vkms_vblank_simulate: vblank timer overrun [ 917.454613][ C1] vkms_vblank_simulate: vblank timer overrun [ 917.639612][T10312] pwc: Askey VC010 type 2 USB webcam detected. [ 917.675515][T10805] chnl_net:caif_netlink_parms(): no params data found [ 918.042900][T10312] pwc: recv_control_msg error -32 req 02 val 2b00 [ 918.044360][T10312] pwc: recv_control_msg error -32 req 02 val 2700 [ 918.050464][T10312] pwc: recv_control_msg error -32 req 02 val 2c00 [ 918.053893][T10312] pwc: recv_control_msg error -32 req 04 val 1000 [ 918.060909][T10312] pwc: recv_control_msg error -32 req 04 val 1300 [ 918.070827][T10312] pwc: recv_control_msg error -32 req 04 val 1400 [ 918.093278][T10312] pwc: recv_control_msg error -32 req 02 val 2000 [ 918.094108][T10312] pwc: recv_control_msg error -32 req 02 val 2100 [ 918.301031][T10312] pwc: recv_control_msg error -71 req 02 val 2500 [ 918.301600][T10312] pwc: recv_control_msg error -71 req 02 val 2400 [ 918.301976][T10312] pwc: recv_control_msg error -71 req 02 val 2600 [ 918.302332][T10312] pwc: recv_control_msg error -71 req 02 val 2900 [ 918.302678][T10312] pwc: recv_control_msg error -71 req 02 val 2800 [ 918.303149][T10312] pwc: recv_control_msg error -71 req 04 val 1100 [ 918.303495][T10312] pwc: recv_control_msg error -71 req 04 val 1200 [ 918.307497][T10312] pwc: Registered as video103. [ 918.309365][T10312] input: PWC snapshot button as /devices/platform/dummy_hcd.2/usb3/3-1/input/input24 [ 918.318800][T10312] usb 3-1: USB disconnect, device number 30 [ 919.410580][T10312] usb 3-1: new high-speed USB device number 31 using dummy_hcd [ 920.290628][T10312] usb 3-1: unable to get BOS descriptor or descriptor too short [ 920.291766][T10312] usb 3-1: unable to read config index 0 descriptor/start: -71 [ 920.291803][T10312] usb 3-1: can't read configurations, error -71 [ 920.933146][T10957] random: crng reseeded on system resumption [ 921.058672][T10957] Hibernate inconsistent memory map detected! [ 921.058684][T10957] PM: hibernation: Image mismatch: architecture specific data [ 921.108563][T10805] bridge0: port 1(bridge_slave_0) entered blocking state [ 921.108725][T10805] bridge0: port 1(bridge_slave_0) entered disabled state [ 921.108963][T10805] bridge_slave_0: entered allmulticast mode [ 921.153096][T10805] bridge_slave_0: entered promiscuous mode [ 921.174715][T10805] bridge0: port 2(bridge_slave_1) entered blocking state [ 921.174807][T10805] bridge0: port 2(bridge_slave_1) entered disabled state [ 921.175009][T10805] bridge_slave_1: entered allmulticast mode [ 921.224545][T10805] bridge_slave_1: entered promiscuous mode [ 922.032888][ T68] bridge_slave_1: left allmulticast mode [ 922.033045][ T68] bridge_slave_1: left promiscuous mode [ 922.033223][ T68] bridge0: port 2(bridge_slave_1) entered disabled state [ 922.992348][ T68] bridge_slave_0: left allmulticast mode [ 922.992384][ T68] bridge_slave_0: left promiscuous mode [ 922.992678][ T68] bridge0: port 1(bridge_slave_0) entered disabled state [ 923.642313][ T68] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 923.985159][T10971] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1043'. [ 924.753904][ T68] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 924.817088][ T68] bond0 (unregistering): Released all slaves [ 925.088577][T10805] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 925.234562][T10975] syz.0.1044 (10975): drop_caches: 2 [ 925.269171][T10805] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 926.538825][T10979] netlink: 'syz.3.1045': attribute type 10 has an invalid length. [ 927.086680][T10985] syz.0.1047 (10985): drop_caches: 2 [ 927.879289][T10805] team0: Port device team_slave_0 added [ 927.956896][T10805] team0: Port device team_slave_1 added [ 929.737520][ T68] hsr_slave_0: left promiscuous mode [ 929.770589][ T68] hsr_slave_1: left promiscuous mode [ 929.771574][ T68] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 929.840903][ T68] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 930.230542][ T8257] usb 3-1: new high-speed USB device number 33 using dummy_hcd [ 930.380502][ T8257] usb 3-1: Using ep0 maxpacket: 16 [ 930.382919][ T8257] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 930.382938][ T8257] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 930.384928][ T8257] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 930.384943][ T8257] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 930.384953][ T8257] usb 3-1: Product: syz [ 930.384961][ T8257] usb 3-1: Manufacturer: syz [ 930.384968][ T8257] usb 3-1: SerialNumber: syz [ 930.547996][ T8257] usb 3-1: config 0 descriptor?? [ 930.597574][ T8257] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 930.597615][ T8257] em28xx 3-1:0.0: Audio interface 0 found (Vendor Class) [ 931.158174][T11008] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1052'. [ 931.760994][ T8257] em28xx 3-1:0.0: unknown em28xx chip ID (0) [ 931.761662][ T8257] em28xx 3-1:0.0: Config register raw data: 0xfffffffb [ 931.762116][ T8257] em28xx 3-1:0.0: AC97 chip type couldn't be determined [ 931.762139][ T8257] em28xx 3-1:0.0: No AC97 audio processor [ 933.006274][T11004] Bluetooth: hci2: Opcode 0x0c1a failed: -110 [ 933.006303][T11004] Bluetooth: hci2: Error when powering off device on rfkill (-110) [ 933.145539][ T5156] Bluetooth: hci2: command 0x0406 tx timeout [ 933.372240][T11004] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 933.372268][T11004] Bluetooth: hci3: Error when powering off device on rfkill (-4) [ 933.423268][ T68] team0 (unregistering): Port device team_slave_1 removed [ 933.468577][T11004] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 933.468603][T11004] Bluetooth: hci4: Error when powering off device on rfkill (-4) [ 933.581504][ T68] team0 (unregistering): Port device team_slave_0 removed [ 933.587273][T11004] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 933.587296][T11004] Bluetooth: hci1: Error when powering off device on rfkill (-4) [ 933.831330][ T8257] usb 3-1: USB disconnect, device number 33 [ 933.847001][ T8257] em28xx 3-1:0.0: Disconnecting em28xx [ 933.871743][ T8257] em28xx 3-1:0.0: Freeing device [ 933.918126][T11016] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 935.686419][ T1326] ieee802154 phy0 wpan0: encryption failed: -22 [ 935.686499][ T1326] ieee802154 phy1 wpan1: encryption failed: -22 [ 935.715791][T10805] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 935.715803][T10805] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 935.715833][T10805] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 935.856965][T10805] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 935.856981][T10805] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 935.857005][T10805] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 936.028648][T11027] syz.2.1058 (11027): drop_caches: 2 [ 938.182390][T10665] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 938.976493][T10665] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 939.105404][T10665] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 940.597412][T10665] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 941.034828][T10805] hsr_slave_0: entered promiscuous mode [ 941.036268][T10805] hsr_slave_1: entered promiscuous mode [ 941.037180][T10805] debugfs: 'hsr0' already exists in 'hsr' [ 941.037205][T10805] Cannot create hsr debugfs directory [ 943.312328][ T8449] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 943.319789][ T8449] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 943.345938][ T8449] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 943.352620][ T8449] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 943.356559][ T8449] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 943.374883][ T5156] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 943.383948][ T5156] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 943.384502][ T5156] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 943.385808][ T5156] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 943.387351][ T5156] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 943.951811][T11070] syz.3.1067 (11070): drop_caches: 2 [ 945.461111][ T8449] Bluetooth: hci5: command tx timeout [ 947.540542][ T8449] Bluetooth: hci5: command tx timeout [ 948.197697][T11092] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 949.662017][ T8449] Bluetooth: hci5: command tx timeout [ 951.702147][ T8449] Bluetooth: hci5: command tx timeout [ 952.325876][T11129] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1081'. [ 953.813775][T11146] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 954.319204][T11152] syz.3.1086 (11152): drop_caches: 2 [ 955.126570][T11156] random: crng reseeded on system resumption [ 955.967518][T11055] chnl_net:caif_netlink_parms(): no params data found [ 956.729462][T11164] netlink: 'syz.3.1089': attribute type 10 has an invalid length. [ 958.086473][ C1] vkms_vblank_simulate: vblank timer overrun [ 958.250127][T11174] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1091'. [ 958.257155][ C1] vkms_vblank_simulate: vblank timer overrun [ 958.791754][ C1] vkms_vblank_simulate: vblank timer overrun [ 959.029530][ C1] vkms_vblank_simulate: vblank timer overrun [ 959.292813][ T5156] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 959.321651][ T5156] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 959.327214][ T5156] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 959.345487][ T5156] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 959.347890][ T5156] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 959.612082][ T68] bridge_slave_1: left allmulticast mode [ 959.612117][ T68] bridge_slave_1: left promiscuous mode [ 959.612401][ T68] bridge0: port 2(bridge_slave_1) entered disabled state [ 959.778895][ T68] bridge_slave_0: left allmulticast mode [ 959.778918][ T68] bridge_slave_0: left promiscuous mode [ 959.779102][ T68] bridge0: port 1(bridge_slave_0) entered disabled state [ 960.460655][T11199] syz.3.1096 (11199): drop_caches: 2 [ 962.230964][ T8449] Bluetooth: hci1: command tx timeout [ 962.696873][ T68] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 962.957280][ T68] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 963.874408][ T68] bond0 (unregistering): Released all slaves [ 964.321966][ T8449] Bluetooth: hci1: command tx timeout [ 964.361045][T11055] bridge0: port 1(bridge_slave_0) entered blocking state [ 964.361175][T11055] bridge0: port 1(bridge_slave_0) entered disabled state [ 964.361364][T11055] bridge_slave_0: entered allmulticast mode [ 964.365035][T11055] bridge_slave_0: entered promiscuous mode [ 965.360622][T11055] bridge0: port 2(bridge_slave_1) entered blocking state [ 965.360796][T11055] bridge0: port 2(bridge_slave_1) entered disabled state [ 965.361060][T11055] bridge_slave_1: entered allmulticast mode [ 965.363837][T11055] bridge_slave_1: entered promiscuous mode [ 965.720778][T10972] libceph: connect (1)[c::]:6789 error -101 [ 965.720915][T10972] libceph: mon0 (1)[c::]:6789 connect error [ 965.986805][T10972] libceph: connect (1)[c::]:6789 error -101 [ 965.991342][T10972] libceph: mon0 (1)[c::]:6789 connect error [ 966.343117][ T8449] Bluetooth: hci1: command tx timeout [ 966.355109][T11055] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 966.488740][T11218] netlink: 'syz.2.1101': attribute type 10 has an invalid length. [ 966.501499][T10972] libceph: connect (1)[c::]:6789 error -101 [ 966.501730][T10972] libceph: mon0 (1)[c::]:6789 connect error [ 966.553874][ T68] hsr_slave_0: left promiscuous mode [ 966.590660][ T68] hsr_slave_1: left promiscuous mode [ 966.591886][ T68] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 966.641626][ T68] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 966.890606][T11213] ceph: No mds server is up or the cluster is laggy [ 967.484187][ T8383] libceph: connect (1)[c::]:6789 error -101 [ 967.492340][ T8383] libceph: mon0 (1)[c::]:6789 connect error [ 968.266912][T11237] syz.0.1105 (11237): drop_caches: 2 [ 968.420518][ T8449] Bluetooth: hci1: command tx timeout [ 969.357508][T11240] binder: 11238:11240 ioctl 400c620e 2000000001c0 returned -22 [ 970.909600][ T68] team0 (unregistering): Port device team_slave_1 removed [ 971.102633][ T68] team0 (unregistering): Port device team_slave_0 removed [ 973.973839][T11055] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 975.549362][ T5925] libceph: connect (1)[c::]:6789 error -101 [ 975.549623][ T5925] libceph: mon0 (1)[c::]:6789 connect error [ 975.581562][ T5925] libceph: connect (1)[c::]:6789 error -101 [ 975.581767][ T5925] libceph: mon0 (1)[c::]:6789 connect error [ 975.768987][T11055] team0: Port device team_slave_0 added [ 975.783374][T11055] team0: Port device team_slave_1 added [ 975.800773][T11270] ceph: No mds server is up or the cluster is laggy [ 975.840998][ T5168] libceph: connect (1)[c::]:6789 error -101 [ 975.841225][ T5168] libceph: mon0 (1)[c::]:6789 connect error [ 976.434342][T11282] cgroup: Need name or subsystem set [ 977.208191][T11282] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 977.572462][T11055] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 977.572480][T11055] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 977.572505][T11055] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 977.654964][T11055] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 977.654982][T11055] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 977.655007][T11055] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 977.756213][T11288] syz.0.1117 (11288): drop_caches: 2 [ 981.095169][T11055] hsr_slave_0: entered promiscuous mode [ 981.122268][T11055] hsr_slave_1: entered promiscuous mode [ 981.122825][T11055] debugfs: 'hsr0' already exists in 'hsr' [ 981.122841][T11055] Cannot create hsr debugfs directory [ 983.230808][ T5168] usb 3-1: new high-speed USB device number 34 using dummy_hcd [ 983.984351][T10972] libceph: connect (1)[c::]:6789 error -101 [ 983.984566][T10972] libceph: mon0 (1)[c::]:6789 connect error [ 983.991646][T10972] libceph: connect (1)[c::]:6789 error -101 [ 983.991846][T10972] libceph: mon0 (1)[c::]:6789 connect error [ 983.995592][T11322] ceph: No mds server is up or the cluster is laggy [ 984.183183][ T5168] usb 3-1: unable to get BOS descriptor or descriptor too short [ 984.184368][ T5168] usb 3-1: unable to read config index 0 descriptor/start: -71 [ 984.184404][ T5168] usb 3-1: can't read configurations, error -71 [ 986.284554][T11353] syz.3.1130 (11353): drop_caches: 2 [ 988.930872][T11178] chnl_net:caif_netlink_parms(): no params data found [ 990.745985][T11379] syz.2.1135 (11379): drop_caches: 2 [ 990.975680][T11381] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1136'. [ 994.113466][T11178] bridge0: port 1(bridge_slave_0) entered blocking state [ 994.113611][T11178] bridge0: port 1(bridge_slave_0) entered disabled state [ 994.113879][T11178] bridge_slave_0: entered allmulticast mode [ 994.230547][T11178] bridge_slave_0: entered promiscuous mode [ 994.303990][T11178] bridge0: port 2(bridge_slave_1) entered blocking state [ 994.304174][T11178] bridge0: port 2(bridge_slave_1) entered disabled state [ 994.304409][T11178] bridge_slave_1: entered allmulticast mode [ 994.307191][T11178] bridge_slave_1: entered promiscuous mode [ 996.365582][T11178] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 996.374343][T11178] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 996.739162][ T1326] ieee802154 phy0 wpan0: encryption failed: -22 [ 996.739213][ T1326] ieee802154 phy1 wpan1: encryption failed: -22 [ 997.726521][ T68] bridge_slave_1: left allmulticast mode [ 997.726572][ T68] bridge_slave_1: left promiscuous mode [ 997.726881][ T68] bridge0: port 2(bridge_slave_1) entered disabled state [ 997.871380][ T68] bridge_slave_0: left allmulticast mode [ 997.871412][ T68] bridge_slave_0: left promiscuous mode [ 997.871600][ T68] bridge0: port 1(bridge_slave_0) entered disabled state [ 999.071944][ T68] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 999.311510][ T68] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 999.537134][ T68] bond0 (unregistering): Released all slaves [ 1000.951772][T11178] team0: Port device team_slave_0 added [ 1001.171886][T11435] cgroup: Need name or subsystem set [ 1001.757963][ C0] vkms_vblank_simulate: vblank timer overrun [ 1001.822856][T11178] team0: Port device team_slave_1 added [ 1001.900946][ C0] vkms_vblank_simulate: vblank timer overrun [ 1001.929718][T11435] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 1001.997803][ C0] vkms_vblank_simulate: vblank timer overrun [ 1002.650550][ T68] hsr_slave_0: left promiscuous mode [ 1002.670505][ T68] hsr_slave_1: left promiscuous mode [ 1002.673861][ T68] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1002.721554][ T68] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1003.140548][ T5168] usb 3-1: new high-speed USB device number 36 using dummy_hcd [ 1003.751101][ C0] vkms_vblank_simulate: vblank timer overrun [ 1003.840712][ C0] vkms_vblank_simulate: vblank timer overrun [ 1004.000636][ C0] vkms_vblank_simulate: vblank timer overrun [ 1004.033330][ C0] vkms_vblank_simulate: vblank timer overrun [ 1004.409899][ T5168] usb 3-1: unable to get BOS descriptor or descriptor too short [ 1004.411277][ T5168] usb 3-1: unable to read config index 0 descriptor/start: -71 [ 1004.411828][ T5168] usb 3-1: can't read configurations, error -71 [ 1005.611389][ C0] vkms_vblank_simulate: vblank timer overrun [ 1006.412088][T11469] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 1006.432124][T11469] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 1006.434278][T11469] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 1006.438711][T11469] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 1006.452074][T11469] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 1008.099172][ T68] team0 (unregistering): Port device team_slave_1 removed [ 1008.221952][ T68] team0 (unregistering): Port device team_slave_0 removed [ 1008.660483][ T8449] Bluetooth: hci4: command tx timeout [ 1008.856663][T11178] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1008.856680][T11178] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1008.856706][T11178] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1008.947797][T11178] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1008.947815][T11178] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1008.947840][T11178] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1010.743643][ T8449] Bluetooth: hci4: command tx timeout [ 1011.159158][T11178] hsr_slave_0: entered promiscuous mode [ 1011.193478][T11178] hsr_slave_1: entered promiscuous mode [ 1011.200527][T11178] debugfs: 'hsr0' already exists in 'hsr' [ 1011.200570][T11178] Cannot create hsr debugfs directory [ 1013.461833][ T8449] Bluetooth: hci4: command tx timeout [ 1015.115523][T11511] syz.0.1162 (11511): drop_caches: 2 [ 1015.630714][T11469] Bluetooth: hci4: command tx timeout [ 1017.630045][T11463] chnl_net:caif_netlink_parms(): no params data found [ 1018.253289][T11537] syz.0.1166 (11537): drop_caches: 2 [ 1018.953423][T10972] usb 4-1: new high-speed USB device number 45 using dummy_hcd [ 1019.364129][T10972] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1019.364190][T10972] usb 4-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 1019.364213][T10972] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1019.398114][T10972] usb 4-1: config 0 descriptor?? [ 1019.454839][T10972] pwc: Askey VC010 type 2 USB webcam detected. [ 1019.598096][T11534] netlink: 'syz.2.1165': attribute type 10 has an invalid length. [ 1019.674922][T11463] bridge0: port 1(bridge_slave_0) entered blocking state [ 1019.675108][T11463] bridge0: port 1(bridge_slave_0) entered disabled state [ 1019.675370][T11463] bridge_slave_0: entered allmulticast mode [ 1019.678179][T11463] bridge_slave_0: entered promiscuous mode [ 1019.727830][T11463] bridge0: port 2(bridge_slave_1) entered blocking state [ 1019.728003][T11463] bridge0: port 2(bridge_slave_1) entered disabled state [ 1019.728230][T11463] bridge_slave_1: entered allmulticast mode [ 1019.751105][T11463] bridge_slave_1: entered promiscuous mode [ 1019.824081][T10972] pwc: recv_control_msg error -32 req 02 val 2b00 [ 1019.825200][T10972] pwc: recv_control_msg error -32 req 02 val 2700 [ 1019.826083][T10972] pwc: recv_control_msg error -32 req 02 val 2c00 [ 1019.827199][T10972] pwc: recv_control_msg error -32 req 04 val 1000 [ 1019.849087][T10972] pwc: recv_control_msg error -32 req 04 val 1300 [ 1019.906387][T10972] pwc: recv_control_msg error -32 req 04 val 1400 [ 1019.969196][T10972] pwc: recv_control_msg error -32 req 02 val 2000 [ 1020.072911][ T8449] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1020.131104][ T8449] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1020.142067][ T8449] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1020.202765][ T8449] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1020.213757][ T8449] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1020.236354][T10972] pwc: recv_control_msg error -71 req 04 val 1500 [ 1020.304022][T10972] pwc: recv_control_msg error -71 req 02 val 2500 [ 1020.366741][T10972] pwc: recv_control_msg error -71 req 02 val 2400 [ 1020.368516][T10972] pwc: recv_control_msg error -71 req 02 val 2600 [ 1020.368907][T10972] pwc: recv_control_msg error -71 req 02 val 2900 [ 1020.369278][T10972] pwc: recv_control_msg error -71 req 02 val 2800 [ 1020.369712][T10972] pwc: recv_control_msg error -71 req 04 val 1100 [ 1020.370085][T10972] pwc: recv_control_msg error -71 req 04 val 1200 [ 1020.376465][T10972] pwc: Registered as video103. [ 1020.379725][T10972] input: PWC snapshot button as /devices/platform/dummy_hcd.3/usb4/4-1/input/input25 [ 1020.690639][T10972] usb 4-1: USB disconnect, device number 45 [ 1021.858642][T11558] syz.0.1171 (11558): drop_caches: 2 [ 1022.086987][T11562] syz.3.1172 (11562): drop_caches: 2 [ 1022.356120][ T8449] Bluetooth: hci1: command tx timeout [ 1022.742081][T11463] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1022.794539][T11463] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1022.919234][T11569] syz.0.1174 (11569): drop_caches: 2 [ 1024.108636][T11463] team0: Port device team_slave_0 added [ 1024.148079][T11463] team0: Port device team_slave_1 added [ 1024.449488][ T8449] Bluetooth: hci1: command tx timeout [ 1024.868760][ T37] kauditd_printk_skb: 2 callbacks suppressed [ 1024.868775][ T37] audit: type=1326 audit(1757814919.030:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11572 comm="syz.2.1176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd290eba9 code=0x7ffc0000 [ 1024.868825][ T37] audit: type=1326 audit(1757814919.030:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11572 comm="syz.2.1176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd290eba9 code=0x7ffc0000 [ 1024.868864][ T37] audit: type=1326 audit(1757814919.030:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11572 comm="syz.2.1176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7fbfd290eba9 code=0x7ffc0000 [ 1024.868903][ T37] audit: type=1326 audit(1757814919.030:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11572 comm="syz.2.1176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd290eba9 code=0x7ffc0000 [ 1024.868943][ T37] audit: type=1326 audit(1757814919.030:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11572 comm="syz.2.1176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd290eba9 code=0x7ffc0000 [ 1024.868985][ T37] audit: type=1326 audit(1757814919.030:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11572 comm="syz.2.1176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=78 compat=0 ip=0x7fbfd290eba9 code=0x7ffc0000 [ 1024.869024][ T37] audit: type=1326 audit(1757814919.030:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11572 comm="syz.2.1176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd290eba9 code=0x7ffc0000 [ 1024.869064][ T37] audit: type=1326 audit(1757814919.030:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11572 comm="syz.2.1176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbfd290eba9 code=0x7ffc0000 [ 1024.869106][ T37] audit: type=1326 audit(1757814919.030:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11572 comm="syz.2.1176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfd290eba9 code=0x7ffc0000 [ 1024.869146][ T37] audit: type=1326 audit(1757814919.030:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11572 comm="syz.2.1176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbfd290eba9 code=0x7ffc0000 [ 1025.019016][T11583] netlink: 'syz.0.1178': attribute type 10 has an invalid length. [ 1026.343768][ T5168] usb 1-1: new high-speed USB device number 43 using dummy_hcd [ 1026.461154][T11463] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1026.461166][T11463] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1026.461188][T11463] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1026.484667][T11463] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1026.484684][T11463] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1026.484707][T11463] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1026.501916][ T8449] Bluetooth: hci1: command tx timeout [ 1026.984457][ T5168] usb 1-1: unable to get BOS descriptor or descriptor too short [ 1026.985264][ T5168] usb 1-1: unable to read config index 0 descriptor/start: -71 [ 1026.985286][ T5168] usb 1-1: can't read configurations, error -71 [ 1027.072031][ T68] bridge_slave_1: left allmulticast mode [ 1027.072056][ T68] bridge_slave_1: left promiscuous mode [ 1027.072222][ T68] bridge0: port 2(bridge_slave_1) entered disabled state [ 1027.191886][ T68] bridge_slave_0: left allmulticast mode [ 1027.191909][ T68] bridge_slave_0: left promiscuous mode [ 1027.192093][ T68] bridge0: port 1(bridge_slave_0) entered disabled state [ 1027.940483][ T8257] usb 3-1: new high-speed USB device number 38 using dummy_hcd [ 1028.000104][ T68] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1028.090568][ T8257] usb 3-1: Using ep0 maxpacket: 16 [ 1028.093245][ T8257] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 1028.093277][ T8257] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 1028.097608][ T8257] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 1028.097637][ T8257] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1028.097656][ T8257] usb 3-1: Product: syz [ 1028.097670][ T8257] usb 3-1: Manufacturer: syz [ 1028.097683][ T8257] usb 3-1: SerialNumber: syz [ 1028.166751][ T68] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1028.178891][ T8257] usb 3-1: config 0 descriptor?? [ 1028.202979][ T8257] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 1028.203023][ T8257] em28xx 3-1:0.0: Audio interface 0 found (Vendor Class) [ 1028.287230][ T68] bond0 (unregistering): Released all slaves [ 1028.537021][ C1] vkms_vblank_simulate: vblank timer overrun [ 1028.580520][ T8449] Bluetooth: hci1: command tx timeout [ 1029.251130][ C1] vkms_vblank_simulate: vblank timer overrun [ 1029.569318][T11601] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1029.571928][ C1] vkms_vblank_simulate: vblank timer overrun [ 1029.573228][T11601] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1029.743084][ C1] vkms_vblank_simulate: vblank timer overrun [ 1029.821223][ T8257] em28xx 3-1:0.0: unknown em28xx chip ID (0) [ 1029.821787][ T8257] em28xx 3-1:0.0: Config register raw data: 0xfffffffb [ 1029.822238][ T8257] em28xx 3-1:0.0: AC97 chip type couldn't be determined [ 1029.822254][ T8257] em28xx 3-1:0.0: No AC97 audio processor [ 1029.856372][T11463] hsr_slave_0: entered promiscuous mode [ 1029.857917][T11463] hsr_slave_1: entered promiscuous mode [ 1029.858897][T11463] debugfs: 'hsr0' already exists in 'hsr' [ 1029.858920][T11463] Cannot create hsr debugfs directory [ 1029.945830][T11597] BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48 [ 1029.945852][T11597] in_atomic(): 0, irqs_disabled(): 1, non_block: 0, pid: 11597, name: syz.2.1182 [ 1029.945869][T11597] preempt_count: 0, expected: 0 [ 1029.945878][T11597] RCU nest depth: 0, expected: 0 [ 1029.945899][T11597] 1 lock held by syz.2.1182/11597: [ 1029.945912][T11597] #0: ffff888027f28058 (&dum_hcd->dum->lock){+.+.}-{3:3}, at: dummy_dequeue+0x164/0x480 [ 1029.945969][T11597] irq event stamp: 11792 [ 1029.945977][T11597] hardirqs last enabled at (11791): [] _raw_spin_unlock_irq+0x23/0x50 [ 1029.946000][T11597] hardirqs last disabled at (11792): [] dummy_dequeue+0x151/0x480 [ 1029.946014][T11597] softirqs last enabled at (11224): [] __local_bh_enable_ip+0x1a4/0x270 [ 1029.946037][T11597] softirqs last disabled at (11222): [] inet6_fill_ifla6_attrs+0x116b/0x2400 [ 1029.946074][T11597] CPU: 1 UID: 0 PID: 11597 Comm: syz.2.1182 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 1029.946086][T11597] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1029.946096][T11597] Call Trace: [ 1029.946105][T11597] [ 1029.946168][T11597] dump_stack_lvl+0x189/0x250 [ 1029.946191][T11597] ? inet6_fill_ifla6_attrs+0x116b/0x2400 [ 1029.946206][T11597] ? inet6_fill_ifla6_attrs+0x116b/0x2400 [ 1029.946219][T11597] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1029.946237][T11597] ? print_lock_name+0xde/0x100 [ 1029.946253][T11597] __might_resched+0x44b/0x5d0 [ 1029.946270][T11597] ? __pfx___might_resched+0x10/0x10 [ 1029.946281][T11597] ? dummy_dequeue+0x164/0x480 [ 1029.946301][T11597] rt_spin_lock+0xc7/0x2c0 [ 1029.946314][T11597] ? _raw_spin_unlock_irq+0x23/0x50 [ 1029.946329][T11597] ? __pfx_rt_spin_lock+0x10/0x10 [ 1029.946344][T11597] ? rcu_is_watching+0x15/0xb0 [ 1029.946366][T11597] dummy_dequeue+0x164/0x480 [ 1029.946383][T11597] ? __pfx_dummy_dequeue+0x10/0x10 [ 1029.946394][T11597] ? __pfx_schedule_timeout+0x10/0x10 [ 1029.946408][T11597] ? __pfx___wait_for_common+0x10/0x10 [ 1029.946430][T11597] usb_ep_dequeue+0x66/0x250 [ 1029.946445][T11597] raw_process_ep0_io+0x435/0x980 [ 1029.946465][T11597] raw_ioctl+0x2609/0x3ba0 [ 1029.946479][T11597] ? tomoyo_path_number_perm+0x1bc/0x5a0 [ 1029.946495][T11597] ? tomoyo_path_number_perm+0x1bc/0x5a0 [ 1029.946509][T11597] ? do_vfs_ioctl+0xbeb/0x1440 [ 1029.946525][T11597] ? __pfx_raw_ioctl+0x10/0x10 [ 1029.946538][T11597] ? __pfx_smack_log+0x10/0x10 [ 1029.946554][T11597] ? smk_access+0x14c/0x4e0 [ 1029.946573][T11597] ? smk_tskacc+0x2fc/0x370 [ 1029.946592][T11597] ? smack_file_ioctl+0x2ac/0x340 [ 1029.946604][T11597] ? __pfx_smack_file_ioctl+0x10/0x10 [ 1029.946621][T11597] ? __fget_files+0x2a/0x420 [ 1029.946634][T11597] ? __fget_files+0x3a6/0x420 [ 1029.946647][T11597] ? __fget_files+0x2a/0x420 [ 1029.946663][T11597] ? bpf_lsm_file_ioctl+0x9/0x20 [ 1029.946675][T11597] ? __pfx_raw_ioctl+0x10/0x10 [ 1029.946688][T11597] __se_sys_ioctl+0xff/0x170 [ 1029.946708][T11597] do_syscall_64+0xfa/0x3b0 [ 1029.946719][T11597] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1029.946731][T11597] ? asm_sysvec_reschedule_ipi+0x1a/0x20 [ 1029.946741][T11597] ? clear_bhb_loop+0x60/0xb0 [ 1029.946753][T11597] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1029.946764][T11597] RIP: 0033:0x7fbfd290e7ab [ 1029.946780][T11597] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00 [ 1029.946793][T11597] RSP: 002b:00007fbfd0b73f60 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1029.946807][T11597] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fbfd290e7ab SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 1029.946814][T11597] RDX: 00007fbfd0b73fe0 RSI: 00000000c0085504 RDI: 0000000000000003 [ 1029.946821][T11597] RBP: 00007fbfd2991e19 R08: 0000000000000001 R09: 0000000000000000 [ 1029.946828][T11597] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fbfd0b73fe8 [ 1029.946835][T11597] R13: 0000000000000000 R14: 00007fbfd2b55fa0 R15: 00007ffd41d7b828 [ 1029.946852][T11597] [ 1030.698158][ T8257] usb 4-1: new high-speed USB device number 46 using dummy_hcd [ 1030.880527][ T8257] usb 4-1: Using ep0 maxpacket: 16 [ 1030.883539][ T8257] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 1030.883570][ T8257] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 1030.886322][ T8257] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 1030.886338][ T8257] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1030.886348][ T8257] usb 4-1: Product: syz [ 1030.886355][ T8257] usb 4-1: Manufacturer: syz [ 1030.886363][ T8257] usb 4-1: SerialNumber: syz [ 1030.889670][ T8257] usb 4-1: config 0 descriptor?? [ 1030.893852][ T8257] em28xx 4-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 1030.893882][ T8257] em28xx 4-1:0.0: Audio interface 0 found (Vendor Class) [ 1031.222197][ T5927] usb 3-1: USB disconnect, device number 38 [ 1031.263664][ T5927] em28xx 3-1:0.0: Disconnecting em28xx [ 1031.325139][ T5927] em28xx 3-1:0.0: Freeing device [ 1031.389280][ T68] hsr_slave_0: left promiscuous mode [ 1032.010861][ T8257] em28xx 4-1:0.0: unknown em28xx chip ID (0) [ 1032.011187][ T8257] em28xx 4-1:0.0: Config register raw data: 0xfffffffb [ 1032.011533][ T8257] em28xx 4-1:0.0: AC97 chip type couldn't be determined [ 1032.011543][ T8257] em28xx 4-1:0.0: No AC97 audio processor [ 1032.056719][ T68] hsr_slave_1: left promiscuous mode [ 1032.057697][ T68] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1032.137221][ T68] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1033.302869][ T68] team0 (unregistering): Port device team_slave_1 removed [ 1033.461738][ T68] team0 (unregistering): Port device team_slave_0 removed [ 1034.275742][ T8257] usb 4-1: USB disconnect, device number 46 [ 1034.277020][ T8257] em28xx 4-1:0.0: Disconnecting em28xx [ 1034.298096][ T8257] em28xx 4-1:0.0: Freeing device [ 1037.323111][ T68] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1037.636700][ T68] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1037.966638][ T68] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1038.244944][ T68] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1038.958980][ T68] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1039.339475][ T68] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1039.685645][ T68] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0