last executing test programs: 4m50.130049577s ago: executing program 1 (id=1530): pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = epoll_create1(0x0) ioctl$FS_IOC_SETFLAGS(r1, 0x40088a01, &(0x7f0000000000)=0x100) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000400)={0x80000005}) 4m49.893178441s ago: executing program 1 (id=1536): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) close_range(r0, 0xffffffffffffffff, 0x0) r1 = io_uring_setup(0x7c41, &(0x7f0000000300)={0x0, 0x0, 0x40}) io_uring_register$IORING_REGISTER_RING_FDS(r1, 0x14, &(0x7f0000001780), 0x1) 4m49.794727228s ago: executing program 1 (id=1539): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) cachestat(0xffffffffffffffff, 0x0, 0x0, 0x0) 4m49.091122942s ago: executing program 1 (id=1552): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$bind(&(0x7f0000000280)='.\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(&(0x7f0000000040)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0) mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000480)='./file0/file0\x00', 0x0, 0x2000, 0x0) 4m48.930618985s ago: executing program 1 (id=1556): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x40c4}}, 0x0) openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae09, &(0x7f0000000080)=""/157) 4m48.604070181s ago: executing program 1 (id=1564): r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x1}}) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f00000000c0)={0x5, 0xa}) readv(r0, &(0x7f0000000200)=[{&(0x7f0000003140)=""/4096, 0x20}], 0x1) 4m48.378528574s ago: executing program 32 (id=1564): r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x1}}) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f00000000c0)={0x5, 0xa}) readv(r0, &(0x7f0000000200)=[{&(0x7f0000003140)=""/4096, 0x20}], 0x1) 4m31.44476022s ago: executing program 3 (id=1871): socket$kcm(0x10, 0x3, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x4, &(0x7f0000000600)=ANY=[@ANYBLOB="1802000000000000000000000000000085000000050000009500000000000000e6923b33b19a35d427f5e67496beeea639e2b7f2c14e7f99b7ecf39c93069d27164b045baa56262b38e43704f9b69a7a628f93ee62718c1331b374a2452f29c71f8e3e27cb5734add259f2c4045905f8a45ac0bcf54572565c58b6bc51b84b04df5211835b93aa87b5b652adc617b8d2831beec0b5c4bb871cdd0350b6121829a7e3576e9a0a486e0a97a0613343c8de3bec27990cdeb3bc92c681f68983ad2c81ef5a875b67598e7066cfd5b9a146c7204013ceb14c8297cd192f43aac1624b15d6a457d4dcf94f41e7526f1cf70961f9f3b48ca6de7b2fbc7a7f3e8f0d0924cb2f957bf60d51406d3a258af3d58e0380ae328a63434a74d406020076040044240835f3668a6896dbc8fcea250f4b0c297986b8acea238698844e0675d242a7d3acfd1ac46d85c8b23ad8279643d5e3e00a2d319882945b3d0aa8e9a54cbd1aeb90c55b295b9d6021217c70fc7cedba84dd598b53c8521f149b33cb95cae5df2ebf8b7103803aaaa8e7d68dcdfaa835bdb5a23bdbff8362d41a1126043b88f00fdc17ccd274999304c1dff6f4f4f8b219b418e09cf2c0e0cb2f9ad957fd859564f7ff6f28fb3b2d3a97df6f6f54c4ea794102494e1d56e88c1439ea086b1acc9fbc26c315246741cb722188846b1175178f6fa467be03e9f7cff922a1c78bbb28bdf7816bb27db7e86d988213dffd7f012721f2ec81ace497eeca313214f1d8c89ec824b5907e3ab7ec1d387cffbdb4d79ccb3c2e29275da223f5fa52525145684e10798d3de43fa175137b205fc7ccf3a4d0a237bf80bfd9acf1be2a56eecbbce4bc4708db946b1a1b989dc6b146853fea8deab55df9eaf759ffd08ff483103720ebfbc53be6a85fc1b610ba8e3ecb8a7351cf218073aecf3b631837846b703e7772626376aa84290a8b7b4f3472976f6688cb230ccd762d00fcf810ca0c3d20ccdcac10fe09cc5fccf31d9e16e899d32dee701d2b6fff95c1328f249878e6dde3ed840d4b5fb05cc1399dd151f59e53712285d5e9c4dba7e1eb9ff174487c74454f8f5e996e600c5740d21d7ac237d62bee06c1834b04e29c8ee7a5a56a386eca1b136904aeca3cbb85c7278fe202d286d45461d8c9e74654b95b8ebdfa7d9bbe7d5cc269d368efe9056060de9bcaa714bcc8429b623dd78d4fd6ebfaadb7bd35a3ff3da98e2164c8cc1d0d7017b8a7a0fef4f802d538e5bd40daba01aa97fa689d928a6e52e1b21c"], &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0e000000040000000800000002"], 0x50) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000200)={r0, &(0x7f0000000080), &(0x7f0000000000)=""/10, 0x2}, 0x20) 4m31.313127327s ago: executing program 3 (id=1873): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt(r0, 0x1, 0x10, &(0x7f0000000280)=""/180, &(0x7f0000000200)=0xb4) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000003c0)=ANY=[@ANYBLOB="380000004900010000000000000000000a008000", @ANYRES32, @ANYBLOB="000000000800020000000000140001"], 0x38}}, 0x0) 4m31.24479837s ago: executing program 3 (id=1875): r0 = socket(0x10, 0x3, 0x0) r1 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f0000000400)=@newqdisc={0x60, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x34, 0x2, [@TCA_FQ_QUANTUM={0x8}, @TCA_FQ_ORPHAN_MASK={0x8}, @TCA_FQ_FLOW_REFILL_DELAY={0x8, 0x9, 0x3}, @TCA_FQ_FLOW_MAX_RATE, @TCA_FQ_FLOW_REFILL_DELAY={0x8, 0x9, 0x3}, @TCA_FQ_FLOW_DEFAULT_RATE={0x8, 0x6, 0x361a}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x20000011}, 0x0) 4m31.101221231s ago: executing program 3 (id=1877): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x1e) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(&(0x7f0000000080)='./file0/../file0\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x1041, 0x0) umount2(&(0x7f0000000000)='./file0/../file0\x00', 0x1) 4m31.04142803s ago: executing program 3 (id=1879): syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000004000/0x4000)=nil) mremap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4000, 0x0, &(0x7f0000001000/0x4000)=nil) 4m29.454172926s ago: executing program 3 (id=1913): r0 = syz_open_dev$rtc(&(0x7f0000000140), 0x0, 0x20001) ioctl$RTC_UIE_ON(r0, 0x7003) ioctl$RTC_WKALM_SET(r0, 0x4028700f, &(0x7f0000000000)={0x1, 0x0, {0x0, 0x0, 0x16, 0x16, 0x0, 0x8000}}) ioctl$RTC_AIE_OFF(r0, 0x7002) 4m29.268942076s ago: executing program 33 (id=1913): r0 = syz_open_dev$rtc(&(0x7f0000000140), 0x0, 0x20001) ioctl$RTC_UIE_ON(r0, 0x7003) ioctl$RTC_WKALM_SET(r0, 0x4028700f, &(0x7f0000000000)={0x1, 0x0, {0x0, 0x0, 0x16, 0x16, 0x0, 0x8000}}) ioctl$RTC_AIE_OFF(r0, 0x7002) 4m25.697451286s ago: executing program 0 (id=1950): r0 = io_uring_setup(0x3dd3, &(0x7f0000001100)={0x0, 0x0, 0x800}) io_uring_register$IORING_REGISTER_BUFFERS2(r0, 0xf, &(0x7f0000000340)={0x2, 0x0, 0x0, &(0x7f00000000c0)=[{0x0}, {&(0x7f00000001c0)=""/21, 0x15}], 0x0}, 0x20) r1 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00') pread64(r1, &(0x7f0000000140)=""/108, 0x6c, 0x0) 4m25.617680135s ago: executing program 0 (id=1951): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000e, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) munmap(&(0x7f0000523000/0x3000)=nil, 0x3000) 4m24.853375465s ago: executing program 0 (id=1956): r0 = socket$inet_sctp(0x2, 0x800000000000001, 0x84) sendto$inet(r0, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) shutdown(r0, 0x1) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f00000001c0)={0x0, 0x1}, &(0x7f0000000200)=0x8) 4m24.714907211s ago: executing program 0 (id=1957): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262) 4m24.649839859s ago: executing program 0 (id=1958): r0 = socket$qrtr(0x2a, 0x2, 0x0) r1 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2) write$binfmt_aout(r1, &(0x7f0000000200)=ANY=[@ANYBLOB="03040000b50000000100fefffeefffff"], 0xc8) sendmsg$sock(r0, &(0x7f0000001540)={&(0x7f0000000500)=@pppoe={0x2a, 0x0, {0x0, @random="b2eb98d0ed79", 'nicvf0\x00'}}, 0x80, 0x0}, 0x0) 4m24.077234013s ago: executing program 0 (id=1964): bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x68c42, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000f40)={0x8, "b546baa5cc590d3033de259c2996817bb959ebab028deda525e19bdeffafde25", 0xffffffffffffffff}) ioctl$SYNC_IOC_FILE_INFO(r1, 0xc0383e04, &(0x7f00000000c0)={""/32, 0x0, 0x0, 0x0, 0x0, 0x0}) 4m23.824406331s ago: executing program 34 (id=1964): bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x68c42, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000f40)={0x8, "b546baa5cc590d3033de259c2996817bb959ebab028deda525e19bdeffafde25", 0xffffffffffffffff}) ioctl$SYNC_IOC_FILE_INFO(r1, 0xc0383e04, &(0x7f00000000c0)={""/32, 0x0, 0x0, 0x0, 0x0, 0x0}) 2.891754305s ago: executing program 7 (id=6524): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000202070250000000000202d437b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) pause() 1.944745819s ago: executing program 7 (id=6544): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000680)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)={0x54, r1, 0x1, 0x70bd28, 0x25dfdbfe, {{}, {@val={0x8, 0x1, 0x57}, @val={0x8, 0x3, r2}, @val={0xc, 0x99, {0x7ff, 0x70}}}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'pim6reg0\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x4}, @NL80211_ATTR_4ADDR={0x5, 0x53, 0x1}]}, 0x54}, 0x1, 0x0, 0x0, 0x81}, 0x24044884) 1.748258751s ago: executing program 6 (id=6547): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'macvlan1\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000140)=ANY=[@ANYBLOB="440000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r2, @ANYBLOB="080003"], 0x44}}, 0x0) 1.717946371s ago: executing program 7 (id=6549): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0xe, 0x0, &(0x7f00000004c0)="630b008646dc3f0adf33c9f7b986", 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2}, 0x50) 1.521197797s ago: executing program 6 (id=6550): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000000)={'bond0\x00', &(0x7f0000000040)=@ethtool_sfeatures={0x3b, 0x2, [{}, {0xfffffffe, 0x80003}]}}) 1.51864802s ago: executing program 7 (id=6553): bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=r0, @ANYBLOB="0000000000000000300012800b00010065727370616e000020000280040012000500160002000000050017"], 0x50}, 0x1, 0x0, 0x0, 0x4000}, 0x4080) 1.339738805s ago: executing program 6 (id=6556): r0 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000180)=0x80000004, 0x4) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x33, &(0x7f0000000000)={0x1, &(0x7f0000000140)=[{0x6}]}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x44, &(0x7f0000000000)={0x0, 0x0}, 0x10) 1.339248138s ago: executing program 7 (id=6557): r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000740), 0x8202, 0x0) mmap$binder(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x11, r0, 0x8000000000000000) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCSWINSZ(r1, 0x5414, 0x0) 1.183594067s ago: executing program 7 (id=6561): syz_usb_connect(0x3, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000d39e6908402000d3b3160102030109021b0001000000000904"], 0x0) r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000480)={0x18, 0x0, {0x1, @broadcast, 'dummy0\x00'}}, 0x1e) syz_emit_ethernet(0x36, &(0x7f0000000240)={@local, @random="b0c942034375", @void, {@ipv4={0x8864, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x22, 0x0, 0x0, 0x6, 0x0, @dev, @initdev={0xac, 0x1e, 0x0, 0x0}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0) 1.12910804s ago: executing program 6 (id=6562): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000a9000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000500)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000340)={'netdevsim0\x00', &(0x7f0000000400)=@ethtool_flash={0x33, 0x1, './cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}}) 1.022573315s ago: executing program 5 (id=6565): creat(&(0x7f0000000040)='./bus\x00', 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = open(&(0x7f0000000180)='./bus\x00', 0x30737f, 0xa0) flock(r0, 0x5) 895.985801ms ago: executing program 5 (id=6567): mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x20}) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000080)={{&(0x7f00009c9000/0x2000)=nil, 0x2000}, 0x1}) 887.937395ms ago: executing program 4 (id=6569): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000005c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_DELFLOWTABLE={0x2c, 0x18, 0xa, 0x5, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x54}, 0x1, 0x0, 0x0, 0x40000}, 0x20008000) 762.637573ms ago: executing program 5 (id=6570): add_key(&(0x7f0000000000)='rxrpc\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffb) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008aec1, &(0x7f0000000000)) 709.169549ms ago: executing program 4 (id=6572): syz_open_dev$amidi(&(0x7f0000000480), 0x2, 0x80042) bind$bt_l2cap(0xffffffffffffffff, 0x0, 0x0) r0 = syz_open_dev$admmidi(&(0x7f0000000000), 0x2, 0x1a9882) ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r0, 0xc0305710, &(0x7f0000000040)={0x0, 0x10001, 0x3c, 0x0, 0x9}) 607.805219ms ago: executing program 5 (id=6574): r0 = socket$inet6(0xa, 0x40000080806, 0x0) r1 = epoll_create1(0x80000) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000)={0x10000000}) setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000000280), 0x4) 584.630165ms ago: executing program 4 (id=6575): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103) pipe2$9p(&(0x7f0000000240), 0x0) ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0) 490.993515ms ago: executing program 5 (id=6576): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x200, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_SET_XSAVE(r2, 0x5000aea5, &(0x7f0000000840)={[0x3, 0x681, 0x4, 0x349, 0x5, 0x0, 0x6, 0x46, 0x2, 0x0, 0xbc98, 0xffffff7f, 0xb65ba1f, 0x10001, 0x0, 0x3ff, 0xffffff95, 0x8, 0x100, 0x8000, 0x5, 0x7, 0x633, 0xc738, 0xa, 0x5, 0x6, 0x400, 0x4, 0x81, 0x1, 0x8, 0xd2, 0x800, 0x81, 0xfffffffa, 0x5a9, 0x5, 0x0, 0x0, 0xa, 0x416, 0x8, 0x8, 0x0, 0x6, 0x1, 0x2000000, 0x2, 0x3, 0x400, 0x6, 0x1, 0x100, 0x0, 0x0, 0x6, 0x3, 0x5, 0xfffffff4, 0xfffffff0, 0xd6, 0xfffffff7, 0x9, 0x1ff, 0x10001, 0x7fffffff, 0x10, 0x4, 0x8, 0x8, 0x4, 0x2, 0x0, 0x8, 0x8, 0x2, 0x8, 0x8, 0xffffffff, 0x0, 0x2, 0x6, 0x9d, 0x61580000, 0x9, 0x7, 0x8, 0x5a73, 0x3e, 0x7fff, 0x0, 0x5, 0x6, 0x9, 0x3, 0x4, 0xd67, 0x7, 0xb, 0x0, 0xffffff14, 0x7, 0xfffffffa, 0x392, 0x80000000, 0xfffffbb0, 0x8, 0x3, 0x0, 0x6, 0xb, 0x9, 0x2, 0xce, 0x8, 0x0, 0x8, 0x7, 0x9, 0x3, 0x9, 0xffffffff, 0x3, 0x2, 0x6, 0x0, 0x4, 0x0, 0x0, 0x4, 0x8, 0x2, 0x1cdf7ba0, 0x5, 0x80, 0x80000000, 0x7, 0x10001, 0x5, 0x3, 0x2, 0x8e, 0x6a, 0x9, 0x9, 0x400, 0x101, 0x7f8000, 0x5, 0x1ff, 0x7, 0x8, 0x8, 0x2cc6, 0x4, 0x8, 0x4, 0xfff, 0x8, 0x7, 0x8, 0x65, 0xc, 0x3c00000, 0x5, 0x1, 0xe, 0x8, 0x5, 0x6, 0x31bc, 0x9, 0x3, 0xe5, 0x4, 0x3090cc49, 0x3, 0x9, 0x4, 0x0, 0x7, 0xfffffc01, 0x9, 0xe455, 0x8, 0xffff, 0x8001, 0x3, 0x0, 0x0, 0x77, 0x7, 0x5d, 0x80000000, 0x7ff, 0x5, 0x2, 0xc8fb, 0xa4800000, 0x8, 0x4, 0x9, 0xa, 0x2, 0x10, 0x0, 0x1ff, 0x6, 0xde06, 0x2, 0xe6b, 0x5, 0xc80, 0x7, 0x7fffffff, 0x0, 0xdff, 0x7fff, 0x4, 0x1, 0xdb, 0x926, 0x5, 0x1, 0x1, 0x8000, 0x4, 0xe30e, 0x8, 0x9, 0x7d74, 0x0, 0x40, 0x9, 0x9, 0x77d3, 0x7f, 0x1, 0x8, 0x80, 0x8, 0x8, 0x7fff, 0x0, 0x7, 0x7, 0xac, 0x4, 0xe, 0x9, 0x1, 0xff, 0x9, 0x7, 0x68, 0x7f, 0x7, 0x4, 0x172, 0x7e, 0xa8, 0x8, 0x1, 0xfffffff8, 0x7, 0x7fffffff, 0xffffff26, 0xfffffffa, 0x7, 0x8000, 0xb836, 0xba, 0x80000000, 0x3, 0x7fffffff, 0xa, 0xf44, 0x101, 0xffffffff, 0x3ff, 0x4, 0x29d, 0xffffff7f, 0xd, 0xaca, 0x9, 0x4, 0x10000, 0x7fff, 0x6, 0x9, 0x10000, 0x1, 0x81, 0x8, 0x80000001, 0x5, 0x7fff, 0x4, 0x0, 0x0, 0x3, 0x7, 0x8, 0x1, 0xdee, 0x7, 0x1, 0x4, 0x3, 0x2, 0xffff, 0x8001, 0xfff, 0x47dc, 0xffff0000, 0xffffffff, 0x7ff, 0x3, 0x7, 0x5, 0x8, 0x8, 0x2, 0xfffffffb, 0xfffffff9, 0x400, 0x7, 0x8, 0x8931, 0x4, 0x5, 0x7, 0x6, 0x2b, 0x3, 0xda6, 0x63800000, 0x7f, 0x401, 0xffff152e, 0x0, 0x6, 0x0, 0x6, 0x7, 0x8, 0x9f5, 0x3, 0x1, 0x7, 0xa, 0x2, 0x4, 0x6, 0x3, 0x3, 0x4, 0x80000001, 0x10000, 0x94ee, 0x2c4d, 0x5, 0x8000, 0x5, 0x5, 0x9, 0x3, 0x6, 0x9, 0x7, 0x28, 0x1000, 0x558afd8a, 0x0, 0x7, 0x10000, 0x5, 0x10, 0x3, 0x9, 0x1, 0x51, 0xfc, 0x6, 0x9, 0x2fe0, 0x0, 0x2, 0x80000000, 0x0, 0x7, 0x9, 0x0, 0x80b, 0x0, 0x0, 0x8, 0x9, 0x2, 0x100, 0x0, 0xfffffff7, 0x5, 0x2013, 0x7, 0xc6, 0x40, 0x6, 0xc4a7, 0x0, 0x101, 0x6b5d, 0x8, 0xb, 0xd5b, 0x9, 0x4, 0x0, 0x1, 0x4, 0x3, 0x100, 0x7, 0x5000, 0x7, 0x200, 0x3, 0x1, 0x8c2c, 0x5, 0x7, 0x419e, 0x6, 0x8, 0x1, 0xd4, 0x5, 0x1, 0x0, 0x5, 0x2, 0x7313, 0xb8, 0x8, 0x8d1, 0x2df, 0x0, 0xbae, 0xffffffff, 0x6, 0x2, 0xba7, 0x1, 0x80, 0x0, 0xc, 0x1, 0x8, 0x6, 0x7, 0x6, 0x9, 0x2907, 0x44, 0x1, 0x8, 0x80000001, 0x4, 0x7fff, 0x0, 0x8000, 0x1f5d, 0x7, 0x0, 0x2, 0x7, 0x401, 0x1, 0xb116, 0x6, 0x7, 0x4, 0x9, 0x9, 0xf1, 0x100, 0x9, 0x60, 0xfff, 0x0, 0x4, 0x3, 0x8, 0xe, 0x9, 0x401, 0x10001, 0x17, 0x6, 0xd69, 0x7, 0x9, 0x6, 0x5, 0x1, 0xffffff01, 0x1, 0x7fffffff, 0x8, 0x9401, 0xffff, 0x79, 0x506, 0x3, 0x60, 0x2, 0x6, 0x9, 0x0, 0x0, 0x0, 0x7, 0x4, 0x0, 0x4, 0x7, 0x0, 0x5, 0x7fff, 0x81, 0xd1, 0x3, 0x0, 0x6, 0x1800000, 0x2, 0x1, 0x4, 0xe0000000, 0xfffffffd, 0x6, 0x3d, 0x4, 0x1ff, 0x6, 0x5, 0xfffffffa, 0x26, 0x0, 0x2, 0x3, 0x9, 0x1ff, 0x3, 0x824, 0x80, 0xc3, 0xfffffff9, 0x5, 0x9, 0x1, 0x3, 0x987, 0x3, 0xfffffff9, 0x5, 0x4, 0x7ff, 0x0, 0x3ff, 0x3, 0x933e, 0xfff, 0x1, 0x4, 0x5, 0x9, 0x200, 0x1, 0x400, 0x0, 0x6, 0xfffffffc, 0x1, 0xb620, 0x5, 0x7, 0xc23000, 0x3, 0x6, 0xfffffffd, 0x96f, 0x5, 0x81, 0x2, 0x8001, 0x400, 0x800, 0x136c, 0x2, 0x4, 0x6, 0xa, 0x8, 0x9db, 0x40, 0x8, 0x9, 0x9, 0x1, 0x7, 0x2, 0xfffff768, 0x8, 0x401, 0x6, 0x5, 0xffffffff, 0x3, 0x0, 0x8, 0x3, 0x2, 0xfffffffa, 0x4, 0xffffffff, 0xfffffffb, 0x6, 0x3, 0x1, 0x5, 0x4, 0xd, 0x0, 0xf, 0x10000, 0x5, 0xb61, 0x9, 0x6, 0x6, 0xffffffff, 0xa, 0x7ff, 0x27, 0x5, 0x80, 0xbc7, 0x3, 0x8, 0x4, 0x1, 0xe91, 0xffff, 0x9, 0xd59b, 0xff, 0x8, 0xb, 0x3ff, 0x8, 0x7, 0x1, 0x1, 0x3, 0xa, 0xf0, 0x3, 0x1, 0x7, 0x8, 0x24f, 0x0, 0x8841, 0x3, 0x6, 0x3, 0xfffffff8, 0xc869d87, 0x7, 0x5, 0x10, 0xfffffc00, 0x3, 0x9, 0x9, 0x25980, 0x2, 0xfc000000, 0x9, 0x5d2c04c3, 0x10000, 0x3, 0xffffffff, 0x66c0000, 0x6, 0x1ff, 0xaa, 0xfffffffb, 0xfff, 0x15, 0x8, 0x1, 0xf6, 0x7, 0x4, 0xd, 0xfffffeaa, 0x0, 0xce66, 0x0, 0x1, 0x8, 0x2, 0x4, 0xffffffff, 0x57, 0x5, 0x7, 0x0, 0xe40, 0x1, 0x697, 0x7fffffff, 0xd50, 0x0, 0x400, 0x3, 0x7, 0x7, 0xafc0, 0x7fffffff, 0x8, 0x401, 0x21, 0x8, 0x8, 0xf, 0xfffffff8, 0x3ff, 0x9, 0xe, 0xfffffffd, 0xc760, 0xb5b, 0x4, 0x10000, 0x1, 0x17d, 0x9ba9, 0x4, 0x5, 0x9, 0x56d, 0x87b, 0x2, 0xe83, 0x0, 0x0, 0xffffffff, 0x3, 0x5, 0x7f, 0x401, 0x2, 0x5, 0xaa, 0x80, 0x0, 0xfffffffe, 0x4, 0x0, 0xa, 0x8, 0x9, 0x1000, 0x0, 0xe3b, 0x218, 0x10, 0xffffffff, 0x400, 0x9, 0x58, 0x64, 0x0, 0x9, 0x9, 0x3, 0xfffffff4, 0x0, 0x7fff, 0xae6, 0x280000, 0x80000001, 0x401, 0x8606, 0x2, 0x4, 0x8, 0x8, 0x10, 0x4, 0x3, 0xf87493c9, 0x101, 0xffff2999, 0x4, 0xf, 0xa, 0x2, 0x0, 0x8, 0x7d3d, 0x7, 0x40, 0x81, 0xc0000000, 0x8, 0x5, 0x2, 0x80000001, 0xfffffffb, 0xc, 0x6, 0x9, 0x3, 0x10000, 0xffff5131, 0x8000, 0x7, 0x3, 0x7, 0x10000, 0x7c380000, 0x5, 0xa, 0x7, 0x9, 0x5, 0xbff, 0x8, 0x3ff, 0x1, 0xfffffeff, 0x3, 0x3, 0x9, 0x3b7, 0x401, 0xc7, 0x200, 0x4, 0x8, 0x8, 0x100, 0x7, 0x1ff, 0x7, 0x1, 0x1, 0x5, 0x8, 0x9, 0x3, 0xa9, 0x5, 0x1, 0x3d, 0xec, 0xb, 0x2, 0x0, 0x10000, 0x5, 0x5, 0x2, 0x5, 0x6, 0x9, 0x4, 0x3, 0x6, 0x81b8, 0x5, 0x80, 0x10, 0x7ff, 0xff, 0xfffffff9, 0x2, 0x3, 0x5428, 0x0, 0xffffff62, 0x2, 0xa390c59, 0x8000, 0x9, 0x180000, 0x8, 0x9, 0xfffffffc, 0x68bb, 0x1, 0x1, 0x80d2, 0xfffffffe, 0x8, 0x9, 0xfffffff7, 0x2, 0x7, 0x4, 0x2, 0x0, 0x2, 0x1, 0xff, 0x1, 0xfc, 0x1, 0x4, 0x2, 0x3, 0x10001, 0x6, 0x3, 0x7, 0x1, 0xa, 0x9, 0x5, 0x680, 0xa217, 0x1, 0x2, 0x4000, 0x80000001, 0x3, 0x8000, 0x3, 0x3, 0x8a, 0x8000, 0x4, 0x2, 0x7, 0x1fd6b81d, 0x4, 0x7f, 0x0, 0x81, 0x7, 0xff, 0x1, 0x4, 0x0, 0x2, 0x2ad8, 0x5, 0x6, 0x1ff, 0x10000, 0x9, 0x0, 0x1c, 0x45ab, 0x1, 0xb5, 0x3, 0x4, 0x4, 0x6, 0xb8, 0xffffffff, 0x233, 0x3, 0xfffffffc, 0xb537, 0x4, 0x4, 0x6, 0x2, 0x6c6, 0x24bc, 0x7, 0x6, 0x8, 0x7, 0xffff, 0x834, 0x7e11e15d, 0x9, 0x6, 0x5, 0x6, 0x7, 0x9, 0x9, 0x1, 0x289a4c94, 0x6, 0x2, 0xb, 0xc1c, 0x4, 0x3a5, 0x9, 0x6, 0x21, 0x0, 0x10, 0x0, 0x4, 0x3, 0x0, 0x4, 0x3, 0x9, 0x5, 0xf]}) 385.243914ms ago: executing program 4 (id=6578): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x2c, &(0x7f0000000100)=[@in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}, @in6={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010101}}]}, &(0x7f0000000180)=0x10) setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000300)=@assoc_value={r1}, 0x8) 385.022253ms ago: executing program 2 (id=6579): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000140)='hugetlb.1GB.failcnt\x00', 0x2, 0x0) sendfile(r1, r1, 0x0, 0x100000000) 316.637334ms ago: executing program 2 (id=6580): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000a40)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_choke={{0xa}, {0x18, 0x2, [@TCA_CHOKE_PARMS={0x14}]}}]}, 0x48}}, 0x0) 298.114747ms ago: executing program 5 (id=6581): r0 = socket(0x28, 0x5, 0x0) syz_usb_connect(0x0, 0x0, 0x0, 0x0) bind$vsock_stream(r0, &(0x7f0000000040)={0x28, 0x0, 0x0, @host}, 0x10) connect$vsock_stream(r0, &(0x7f00000001c0)={0x28, 0x0, 0x2710, @local}, 0x10) 209.571946ms ago: executing program 2 (id=6582): sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000)=0x1, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4) rt_sigaction(0x19, &(0x7f0000000000)={0xfffffffffffffffc, 0x0, 0x0}, 0x0, 0x8, &(0x7f0000000440)) socket$nl_generic(0x10, 0x3, 0x10) 209.091293ms ago: executing program 4 (id=6583): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000008c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000980)={&(0x7f0000000040)={0x3c, r1, 0x1, 0x70bd2d, 0x0, {{}, {@void, @val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0xa}, @NL80211_ATTR_IFNAME={0x14, 0x4, 'syzkaller1\x00'}]}, 0x3c}}, 0x0) 194.578817ms ago: executing program 6 (id=6584): r0 = userfaultfd(0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) ioctl$UFFDIO_CONTINUE(r0, 0xc020aa07, &(0x7f0000000040)={{&(0x7f00004be000/0x2000)=nil, 0x2000}, 0x1}) 153.457565ms ago: executing program 2 (id=6585): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)=@newtaction={0x250, 0x30, 0x300, 0x70bd2d, 0x25dfdbff, {}, [{0x23c, 0x1, [@m_skbedit={0x1fc, 0x19, 0x0, 0x0, {{0xc}, {0x4}, {0x1cd, 0x6, "de616dd9ce3b892bb6fafca061bed3e644dcf9151f4527045657b89def02bb9cad6c62f8293cff1e7df3eb0803889f2fd92b151ed17ab9007c47463bf4e7afe47ab1d24292b0103cbbc15977a51c0ae02a16535a666c86a6321ae76cba859e771aa7d0ff9fa033e50e56e0f68419fd47894ab8f8d473fc2af5fc18fb9399fdbb44bce22ac4c64feea69875f61ef4f46591d0547ce0f025b0a5f6dc470fd9635a05e318fa41b23e07582b3128621edbf17703923cea8b079f042f9924f50ce06116fc38e34430e0a4b60e7144cccb31d0a0457e528dd782264fec2417bd1b18aa82a223185cee31b2989e534df535b22243ec2971118b283cebb23130d1622a675cabf8788d71473f98949841ab1c34d28257f4b10e6eec198365490620753627951432cf82875ec0fccc70181d74035e141d4bbdd59571d5c3fa68b6a9365539b7e734e38e7083fe43b3104f03a618c99dc38b7b166c71dcda72645a7ddd09b867d20ef1d0f2154c6c2af7bfc13509c92a055f4ba6134cf5124359fccca93ea9ef30597c542c2e259bbd96051f001127d7e760711d895b0ae2dabbb4385da14ffe779acd84bec05fb4fc35fefad1a62e114c5f2ca5c6e884ddd618acecb553d05d8ec7fb455e2684ed"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x2}}}}, @m_gact={0x3c, 0x2, 0x0, 0x0, {{0x9}, {0x4}, {0xd, 0x6, "b78f55c15bbb4ca5b0"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x2}}}}]}]}, 0x250}}, 0x0) r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x2c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) 25.217255ms ago: executing program 2 (id=6586): r0 = socket$netlink(0x10, 0x3, 0xf) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4) sendmsg$NFT_BATCH(r0, &(0x7f0000000f40)={0x0, 0x0, &(0x7f0000000f00)={&(0x7f0000000640)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [], {0x14, 0x11, 0x1, 0x0, 0x0, {0xa}}}, 0x28}, 0x1, 0x0, 0x0, 0x240080d0}, 0x800) 24.884716ms ago: executing program 6 (id=6587): bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000008850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10) clock_settime(0x0, &(0x7f0000003c80)={0x77359400}) 8.054152ms ago: executing program 2 (id=6588): r0 = memfd_create(&(0x7f0000000200)='\x103q}2\x9a\xce\xaf\x03\xdfy[\xd9\xffR8\xf4\x1c\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94\xa0\x00\x00\x00\x90+\xd6\x05\r\x84\x87\x1c\b\xdb\xe2\x00\x00A\x90m\xb6&\xd0\x9d\x00\x00\xc5\xb8,\f\xd4s\xb2\x99/\xc0\x9a\xf2O\xdb\x00\x00\x00\x00\x00\x00\r\x1b\xd3\xff<\x83z\x80\x8fQ|\xf5d\x10\x10\xd7\x01M\x7fML\x18\'\x1a<\xfee7{l\x16}\xa0I\x7f\xb5)l\xbb\x02\xfa\xb7\xb6\xa0]\xda8\xe0~\x1c \x91\t\x8b\xbd\x1f\xb3834d1i\x9b\x94\xa6\\\x0e\xe2\xfa\xe5!\xd3\xcf\xfc\xce\xba\xe2\x9f\x05xgL5\x14Y+\xb3\x1axi)<\xf7\x98\xc1\xba\xf4|\xe7|\xc4\xd7\x03\x00\x00\x00\x04D\x15E^7%8\x94y\x98\xf0l\xa0\'Q%\xd4\xda\xee\x81}\xcc\xfd\xa2\xe3M~x\x96\xe3]\xd70\xa2\x17\xca\xde\x1b\xaa\xe0l\xfc\x85\x8fc\x1c{|e\x8bs\xb0\x85E\xce;p)\xf8\xa6\xaa&QC4V\x81\x04\xcf\xd2\x81\xdc\xdf\xd7<\x9f\x93\x8bX\xd4\xea\xb2\xff\b\x92\xc7\x00\xef\xff\x00\x93\x1f\x92\xa7dcY\x9c\x9e9O-\xfcF\xbb\xbd{:IR\xea\xd8$\xe2\xa0\xc2\x8b\x1a\xead\xb8\xe1:6\x15M\x1d\xdak\x8c\x909\xd8\xb3\x02\xe0\x04\x9c\xc2\x06|\xf0\x0f\xa6Y&r\x9b\xc7\x1d\xe7jDf\x87@\x8fg\x15RJwe\xe2\xdcunu\xff`\xa40\xce\xffB%\xe4k\xff\x8d\x06\x0e\x89\xd9DC\x9fF\x9c[M=\xe0^\xa8\xed)\xe8Z\xe8\x99&\x87\x04\xa4\t\xaa\xd8\xd6\xd5pG\xcb\xc4\x8b\xf7\xb8#\xcb\xd8|\xa5\xa6S\x8b\x8cv\xb7)\x02k\xf3L\x03\xbb\xfa\xe1\\\xf1\x8cUj\xd5\xa5\x88GL\xe7_\xfd\x17C=G\x0f\xe9u\x1d\xfeg\xfex\xcd\xaa\xad\x906\xd0sy\xc6T\x93\xae\xd5r\xc8G\xc5\xfdS\xff\x04:`\x1e\xe3;l\xcd&\xd4\xf4\x8eum\x04\x00~\xfa\x05', 0x0) ftruncate(r0, 0x80079a0) mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0xb, 0x2012, r0, 0x0) lseek(r0, 0x1003ff, 0x4) 0s ago: executing program 4 (id=6589): write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff04800000080039503230"], 0x15) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x8, 0xa, &(0x7f00000001c0)=ANY=[@ANYBLOB="18080000000000000000000000000000851000000600000018000000", @ANYRES32, @ANYBLOB="0000000000000000640000000000000018000000000000000000000000000000950000000000000095"], &(0x7f00000000c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000600)={r0, 0xe0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, 0x0, 0x0}}, 0x10) kernel console output (not intermixed with test programs): ed USB device number 17 using dummy_hcd [ 189.705684][ T5828] usb 3-1: Using ep0 maxpacket: 16 [ 189.729842][ T5828] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 189.758880][ T5828] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0 [ 189.790406][ T5828] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 189.829749][ T5828] usb 3-1: New USB device found, idVendor=04d8, idProduct=0a30, bcdDevice=ce.47 [ 189.858484][ T5828] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 189.884651][ T5828] usb 3-1: Product: syz [ 189.899186][ T5828] usb 3-1: Manufacturer: syz [ 189.904416][T10630] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2157'. [ 189.909260][ T5828] usb 3-1: SerialNumber: syz [ 189.933860][ T5828] usb 3-1: config 0 descriptor?? [ 189.946154][ T5828] mcba_usb 3-1:0.0: Can't find endpoints [ 190.154685][ T5832] usb 3-1: USB disconnect, device number 17 [ 190.206513][T10647] netlink: 'syz.6.2164': attribute type 15 has an invalid length. [ 190.307430][ T30] kauditd_printk_skb: 1 callbacks suppressed [ 190.307447][ T30] audit: type=1326 audit(1742482614.524:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10644 comm="syz.5.2163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2c758d169 code=0x7fc00000 [ 190.358576][ T30] audit: type=1326 audit(1742482614.524:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10644 comm="syz.5.2163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd2c758d169 code=0x7fc00000 [ 190.390924][ T30] audit: type=1326 audit(1742482614.524:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10644 comm="syz.5.2163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2c758d169 code=0x7fc00000 [ 190.418825][ T30] audit: type=1326 audit(1742482614.524:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10644 comm="syz.5.2163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2c758d169 code=0x7fc00000 [ 190.441514][ T30] audit: type=1326 audit(1742482614.524:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10644 comm="syz.5.2163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2c758d169 code=0x7fc00000 [ 190.492005][ T30] audit: type=1326 audit(1742482614.524:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10644 comm="syz.5.2163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2c758d169 code=0x7fc00000 [ 190.534396][ T30] audit: type=1326 audit(1742482614.524:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10644 comm="syz.5.2163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2c758d169 code=0x7fc00000 [ 190.576486][ T30] audit: type=1326 audit(1742482614.524:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10644 comm="syz.5.2163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2c758d169 code=0x7fc00000 [ 190.621703][ T30] audit: type=1326 audit(1742482614.524:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10644 comm="syz.5.2163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2c758d169 code=0x7fc00000 [ 190.667591][ T30] audit: type=1326 audit(1742482614.524:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10644 comm="syz.5.2163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2c758d169 code=0x7fc00000 [ 191.143913][ T5825] Bluetooth: hci1: command 0x0406 tx timeout [ 191.144499][ T55] Bluetooth: hci2: command 0x0406 tx timeout [ 191.200110][T10692] syzkaller0: tun_chr_ioctl cmd 35111 [ 191.254233][T10694] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2186'. [ 191.979299][T10726] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input28 [ 193.226380][T10795] bond0: entered promiscuous mode [ 193.231559][T10795] bond_slave_0: entered promiscuous mode [ 193.250367][T10795] bond_slave_1: entered promiscuous mode [ 193.292477][T10795] batadv0: entered promiscuous mode [ 193.298916][T10795] 8021q: adding VLAN 0 to HW filter on device hsr1 [ 193.324022][T10795] bond0: left promiscuous mode [ 193.334112][T10795] bond_slave_0: left promiscuous mode [ 193.347813][T10795] bond_slave_1: left promiscuous mode [ 193.354736][T10795] batadv0: left promiscuous mode [ 193.789567][T10827] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2249'. [ 193.983660][T10836] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 193.983660][T10836] The task syz.6.2250 (10836) triggered the difference, watch for misbehavior. [ 194.194334][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.200786][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.310827][T10813] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 194.322704][T10813] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 194.353896][T10813] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 194.371018][T10813] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 194.410484][T10813] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 194.422143][T10813] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 194.452877][T10813] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 194.513548][T10813] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 194.519538][T10813] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 194.578530][T10813] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 194.616633][T10813] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 194.627870][T10813] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 194.775969][T10813] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 194.900761][T10870] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2266'. [ 194.951921][T10870] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2266'. [ 194.989195][T10872] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2267'. [ 195.122264][ T5828] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 195.298922][ T5828] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 195.331850][ T5828] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 195.346816][ T5828] usb 3-1: config 0 descriptor?? [ 195.367043][ T5828] cp210x 3-1:0.0: cp210x converter detected [ 195.621989][ T5841] Bluetooth: hci1: command 0x0406 tx timeout [ 195.770653][ T5828] cp210x 3-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 195.791081][ T5828] usb 3-1: cp210x converter now attached to ttyUSB0 [ 195.987785][ T5832] usb 3-1: USB disconnect, device number 18 [ 196.005612][ T5832] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 196.034488][ T5832] cp210x 3-1:0.0: device disconnected [ 196.431854][ T5841] Bluetooth: hci4: command 0x0c1a tx timeout [ 196.431910][ T5139] Bluetooth: hci2: command 0x0406 tx timeout [ 196.582190][ T5139] Bluetooth: hci0: command 0x0c1a tx timeout [ 196.662332][ T5139] Bluetooth: hci3: command 0x0405 tx timeout [ 197.702163][ T5139] Bluetooth: hci1: command 0x0406 tx timeout [ 197.973892][T11000] mkiss: ax0: crc mode is auto. [ 198.363460][T11028] input: syz0 as /devices/virtual/input/input29 [ 198.501982][ T5139] Bluetooth: hci4: command 0x0c1a tx timeout [ 198.512345][ T5139] Bluetooth: hci2: command 0x0406 tx timeout [ 198.522077][ T5828] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 198.663148][ T5139] Bluetooth: hci0: command 0x0c1a tx timeout [ 198.682127][ T5828] usb 3-1: Using ep0 maxpacket: 16 [ 198.723777][ T5828] usb 3-1: config 0 has no interfaces? [ 198.740231][ T5828] usb 3-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15 [ 198.751990][ T5139] Bluetooth: hci3: command 0x0405 tx timeout [ 198.782660][ T5828] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 198.790762][ T5828] usb 3-1: Product: syz [ 198.831903][ T5828] usb 3-1: Manufacturer: syz [ 198.836530][ T5828] usb 3-1: SerialNumber: syz [ 198.880388][ T5828] usb 3-1: config 0 descriptor?? [ 199.110893][ T5828] usb 3-1: USB disconnect, device number 19 [ 199.124151][ T974] usb 5-1: new high-speed USB device number 19 using dummy_hcd [ 199.315213][ T974] usb 5-1: Using ep0 maxpacket: 16 [ 199.332864][ T974] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 199.343424][ T974] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 199.356196][ T974] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 199.371573][ T974] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 199.381294][ T974] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 199.400925][ T974] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 199.411819][ T974] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 199.419832][ T974] usb 5-1: Manufacturer: syz [ 199.433383][ T974] usb 5-1: config 0 descriptor?? [ 199.741932][ T974] rc_core: IR keymap rc-hauppauge not found [ 199.761898][ T974] Registered IR keymap rc-empty [ 199.766852][ T974] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 199.811905][ T974] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 199.812435][T11068] netlink: 'syz.7.2357': attribute type 1 has an invalid length. [ 199.844608][ T974] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0 [ 199.855457][T11068] netlink: 180 bytes leftover after parsing attributes in process `syz.7.2357'. [ 199.877468][ T974] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input30 [ 199.905263][T11068] netlink: 'syz.7.2357': attribute type 1 has an invalid length. [ 199.938907][T11068] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2357'. [ 199.959049][ T974] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 200.000315][ T974] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 200.052092][ T974] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 200.092503][ T974] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 200.121991][ T974] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 200.148859][ T974] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 200.202058][ T974] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 200.261864][ T974] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 200.278001][T11084] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2364'. [ 200.292008][ T974] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 200.322318][ T974] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 200.351927][ T974] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 200.405143][ T974] mceusb 5-1:0.0: Registered with mce emulator interface version 1 [ 200.426568][ T974] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 200.467306][ T974] usb 5-1: USB disconnect, device number 19 [ 200.582222][ T5139] Bluetooth: hci4: command 0x0c1a tx timeout [ 200.742742][ T5139] Bluetooth: hci0: command 0x0c1a tx timeout [ 200.822649][ T5139] Bluetooth: hci3: command 0x0405 tx timeout [ 200.929555][T11115] netem: change failed [ 200.984715][T11117] netlink: 160 bytes leftover after parsing attributes in process `syz.6.2380'. [ 201.830578][T11159] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2399'. [ 201.841031][T11159] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2399'. [ 202.056839][T11170] netlink: 'syz.6.2405': attribute type 1 has an invalid length. [ 203.001914][ T974] usb 3-1: new full-speed USB device number 20 using dummy_hcd [ 203.177289][ T974] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 203.191822][ T974] usb 3-1: config 0 has no interface number 0 [ 203.197933][ T974] usb 3-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e [ 203.207821][ T974] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 203.217666][ T974] usb 3-1: config 0 descriptor?? [ 203.225682][ T974] usb 3-1: selecting invalid altsetting 1 [ 203.232637][ T974] dvb_ttusb_budget: ttusb_init_controller: error [ 203.239232][ T974] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB) [ 203.327879][ T974] DVB: Unable to find symbol cx22700_attach() [ 203.380363][ T974] DVB: Unable to find symbol tda10046_attach() [ 203.396838][ T974] dvb_ttusb_budget: no frontend driver found for device [0b48:1005] [ 203.475756][ T26] usb 3-1: USB disconnect, device number 20 [ 203.825908][T11220] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2425'. [ 203.858963][T11220] netlink: 27 bytes leftover after parsing attributes in process `syz.6.2425'. [ 204.073965][T11228] trusted_key: encrypted key: instantiation of keys using provided decrypted data is disabled since CONFIG_USER_DECRYPTED_DATA is set to false [ 204.136977][T11230] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2430'. [ 205.158724][T11268] netlink: 'syz.7.2448': attribute type 8 has an invalid length. [ 205.314662][T11274] netlink: 'syz.2.2451': attribute type 1 has an invalid length. [ 205.373548][T11274] netlink: 'syz.2.2451': attribute type 3 has an invalid length. [ 205.381322][T11274] netlink: 216 bytes leftover after parsing attributes in process `syz.2.2451'. [ 205.415986][T11274] NCSI netlink: No device for ifindex 813332851 [ 205.707250][T11293] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2461'. [ 207.030425][T11364] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2489'. [ 207.056906][T11364] openvswitch: netlink: VXLAN extension 0 has unexpected len 12 expected 0 [ 207.446430][ T10] kernel write not supported for file /amidi2 (pid: 10 comm: kworker/0:1) [ 207.685129][T11396] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2504'. [ 209.037354][T11461] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 209.280810][T11467] xt_hashlimit: max too large, truncated to 1048576 [ 209.305644][T11467] Cannot find set identified by id 0 to match [ 209.521505][T11477] loop9: detected capacity change from 0 to 8 [ 209.557307][T11477] Dev loop9: unable to read RDB block 8 [ 209.577498][T11477] loop9: unable to read partition table [ 209.588165][T11477] loop9: partition table beyond EOD, truncated [ 209.598431][T11477] loop_reread_partitions: partition scan of loop9 (þ被x󟣑– ) failed (rc=-5) [ 209.754061][T11490] netlink: 10 bytes leftover after parsing attributes in process `syz.2.2549'. [ 210.004834][T11504] Cannot find del_set index 0 as target [ 210.009357][T11506] netlink: 1068 bytes leftover after parsing attributes in process `syz.6.2557'. [ 211.255341][T11568] netlink: 'syz.4.2586': attribute type 18 has an invalid length. [ 211.460638][T11580] erspan0: entered promiscuous mode [ 211.477535][T11580] erspan0: left promiscuous mode [ 211.508738][T11583] netlink: 36 bytes leftover after parsing attributes in process `syz.7.2592'. [ 212.100073][T11618] netem: incorrect gi model size [ 212.106090][T11618] netem: change failed [ 212.880413][T11660] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2628'. [ 213.882051][T11697] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2645'. [ 214.073984][T11707] A link change request failed with some changes committed already. Interface ip6gretap0 may have been left with an inconsistent configuration, please check. [ 214.102264][ T5828] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 214.271638][T11718] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null. [ 214.281246][T11718] overlayfs: failed to clone lowerpath [ 214.367691][T11723] netlink: 16215 bytes leftover after parsing attributes in process `syz.4.2656'. [ 214.377013][T11725] tap0: tun_chr_ioctl cmd 1074025673 [ 214.547610][ T30] kauditd_printk_skb: 98 callbacks suppressed [ 214.547626][ T30] audit: type=1326 audit(1742482638.764:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11732 comm="syz.4.2661" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f0e6778d169 code=0x0 [ 214.710886][T11742] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 214.764850][T11744] netpci0: tun_chr_ioctl cmd 2147767507 [ 214.883183][T11746] bridge0: port 2(bridge_slave_1) entered disabled state [ 215.029520][T11709] syz.2.2651 (11709) used greatest stack depth: 18000 bytes left [ 215.063068][ T5872] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 215.269437][T11755] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2670'. [ 215.348263][ T30] audit: type=1326 audit(1742482639.564:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11757 comm="syz.6.2671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb55b8d169 code=0x7ffc0000 [ 215.396212][ T30] audit: type=1326 audit(1742482639.564:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11757 comm="syz.6.2671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb55b8d169 code=0x7ffc0000 [ 215.443543][ T30] audit: type=1326 audit(1742482639.564:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11757 comm="syz.6.2671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fcb55b8d169 code=0x7ffc0000 [ 215.465780][ T30] audit: type=1326 audit(1742482639.564:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11757 comm="syz.6.2671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb55b8d169 code=0x7ffc0000 [ 215.571963][ T30] audit: type=1326 audit(1742482639.564:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11757 comm="syz.6.2671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb55b8d169 code=0x7ffc0000 [ 215.593514][ C1] vkms_vblank_simulate: vblank timer overrun [ 215.631957][ T30] audit: type=1326 audit(1742482639.564:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11757 comm="syz.6.2671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fcb55b8d169 code=0x7ffc0000 [ 215.702058][ T30] audit: type=1326 audit(1742482639.564:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11757 comm="syz.6.2671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb55b8d169 code=0x7ffc0000 [ 215.723607][ C1] vkms_vblank_simulate: vblank timer overrun [ 215.761859][ T30] audit: type=1326 audit(1742482639.564:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11757 comm="syz.6.2671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb55b8d169 code=0x7ffc0000 [ 215.787626][ T30] audit: type=1326 audit(1742482639.564:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11757 comm="syz.6.2671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=288 compat=0 ip=0x7fcb55b8d169 code=0x7ffc0000 [ 215.809173][ C1] vkms_vblank_simulate: vblank timer overrun [ 215.885459][ T5872] kernel write not supported for file /input/mouse0 (pid: 5872 comm: kworker/1:4) [ 216.022339][ T5872] usb 3-1: new high-speed USB device number 21 using dummy_hcd [ 216.181927][ T5872] usb 3-1: Using ep0 maxpacket: 32 [ 216.192831][ T5872] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 216.205030][ T5872] usb 3-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 216.214147][ T5872] usb 3-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 216.222389][ T5872] usb 3-1: Product: syz [ 216.231855][ T5872] usb 3-1: Manufacturer: syz [ 216.236517][ T5872] usb 3-1: SerialNumber: syz [ 216.248664][ T5872] usb 3-1: config 0 descriptor?? [ 216.254372][T11778] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 216.470304][ T5872] usb 3-1: USB disconnect, device number 21 [ 217.265995][T11842] netlink: 'syz.7.2709': attribute type 13 has an invalid length. [ 217.283527][T11842] netlink: 24859 bytes leftover after parsing attributes in process `syz.7.2709'. [ 217.862362][ C1] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 218.226822][T11867] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2721'. [ 218.882170][T11901] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2736'. [ 219.862198][T11925] loop4: detected capacity change from 0 to 524255232 [ 219.895782][T11928] tun0: tun_chr_ioctl cmd 1074812117 [ 220.147057][ T30] kauditd_printk_skb: 3 callbacks suppressed [ 220.147075][ T30] audit: type=1326 audit(1742482644.364:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11936 comm="syz.5.2754" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd2c758d169 code=0x0 [ 220.174479][ C1] vkms_vblank_simulate: vblank timer overrun [ 220.179392][T11943] netlink: 64 bytes leftover after parsing attributes in process `syz.4.2756'. [ 220.200840][T11944] tipc: Started in network mode [ 220.231012][T11944] tipc: Node identity ac14140f, cluster identity 4711 [ 220.240807][T11944] tipc: New replicast peer: 255.255.255.255 [ 220.256259][T11944] tipc: Enabled bearer , priority 10 [ 220.293566][T11951] netlink: 212 bytes leftover after parsing attributes in process `syz.4.2760'. [ 221.118289][T11993] netlink: 'syz.5.2780': attribute type 10 has an invalid length. [ 221.132063][T11993] netlink: 40 bytes leftover after parsing attributes in process `syz.5.2780'. [ 221.168587][T11993] team0: Port device geneve0 added [ 221.253412][ T10] tipc: Node number set to 2886997007 [ 221.359760][T12001] netlink: 'syz.4.2785': attribute type 1 has an invalid length. [ 221.888132][T12025] tipc: Started in network mode [ 221.912024][T12025] tipc: Node identity ac14140f, cluster identity 4711 [ 221.919169][T12025] tipc: New replicast peer: 255.255.255.255 [ 221.936926][T12025] tipc: Enabled bearer , priority 10 [ 222.481854][ T974] usb 3-1: new high-speed USB device number 22 using dummy_hcd [ 222.496748][T12060] random: crng reseeded on system resumption [ 222.633653][ T974] usb 3-1: Using ep0 maxpacket: 16 [ 222.643411][ T974] usb 3-1: config 0 has an invalid interface number: 251 but max is 0 [ 222.651599][ T974] usb 3-1: config 0 has no interface number 0 [ 222.679588][ T974] usb 3-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16 [ 222.699843][ T974] usb 3-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64 [ 222.719645][ T974] usb 3-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4 [ 222.729307][ T974] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 222.737708][ T974] usb 3-1: Product: syz [ 222.742281][ T974] usb 3-1: Manufacturer: syz [ 222.747104][ T974] usb 3-1: SerialNumber: syz [ 222.754001][ T974] usb 3-1: config 0 descriptor?? [ 222.759588][T12050] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 222.767112][T12050] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 222.921997][ T10] tipc: Node number set to 2886997007 [ 222.981232][T12050] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 222.996026][T12050] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 223.609635][ T974] asix 3-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 223.629621][ T974] asix 3-1:0.251 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9 [ 223.646790][ T974] asix 3-1:0.251: probe with driver asix failed with error -71 [ 223.673406][ T974] usb 3-1: USB disconnect, device number 22 [ 224.271421][T12084] netlink: 40 bytes leftover after parsing attributes in process `syz.6.2822'. [ 224.361004][T12090] netlink: 280 bytes leftover after parsing attributes in process `syz.2.2825'. [ 224.567078][T12096] IPVS: Scheduler module ip_vs_ not found [ 224.945938][T12118] program syz.2.2838 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 225.646704][T12152] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2852'. [ 226.642085][ T10] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 226.812559][ T10] usb 7-1: Using ep0 maxpacket: 8 [ 226.830716][ T10] usb 7-1: config 179 has an invalid interface number: 65 but max is 0 [ 226.844828][ T10] usb 7-1: config 179 has no interface number 0 [ 226.851124][ T10] usb 7-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9 [ 226.881866][ T10] usb 7-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024 [ 226.901896][ T974] usb 3-1: new high-speed USB device number 23 using dummy_hcd [ 226.909948][ T10] usb 7-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 52, changing to 9 [ 226.934154][ T10] usb 7-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid maxpacket 8241, setting to 1024 [ 226.949521][ T10] usb 7-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 226.992705][ T10] usb 7-1: config 179 interface 65 has no altsetting 0 [ 226.999692][ T10] usb 7-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 227.022305][ T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 227.045172][ T10] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:179.65/input/input32 [ 227.093153][ T5185] input input32: unable to receive magic message: -110 [ 227.120517][ T974] usb 3-1: config index 0 descriptor too short (expected 23569, got 27) [ 227.134799][ T5185] input input32: unable to receive magic message: -32 [ 227.151982][ T974] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 227.163777][ T974] usb 3-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 227.173074][ T974] usb 3-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 227.181435][ T974] usb 3-1: Manufacturer: syz [ 227.197978][ T5185] input input32: unable to receive magic message: -32 [ 227.209793][ T974] usb 3-1: config 0 descriptor?? [ 227.224229][ T5185] input input32: unable to receive magic message: -32 [ 227.342049][ T974] rc_core: IR keymap rc-hauppauge not found [ 227.358279][ T974] Registered IR keymap rc-empty [ 227.373034][ T974] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0 [ 227.405021][ T974] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input33 [ 227.478165][ T974] usb 7-1: USB disconnect, device number 2 [ 227.484067][ C0] xpad 7-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 227.504367][ T974] xpad 7-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 227.783840][ T5828] usb 3-1: USB disconnect, device number 23 [ 228.710828][T12266] netlink: 'syz.7.2902': attribute type 12 has an invalid length. [ 228.745294][T12266] netlink: 'syz.7.2902': attribute type 29 has an invalid length. [ 228.764733][T12266] netlink: 'syz.7.2902': attribute type 2 has an invalid length. [ 228.784328][T12266] netlink: 260 bytes leftover after parsing attributes in process `syz.7.2902'. [ 229.570996][T12288] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2912'. [ 229.793689][ T5832] kernel write not supported for file /sequencer (pid: 5832 comm: kworker/0:3) [ 230.716793][T12339] vlan2: entered allmulticast mode [ 230.754128][T12339] batadv0: entered allmulticast mode [ 230.783816][T12339] batadv0: left allmulticast mode [ 231.283528][T12361] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2945'. [ 231.319648][T12361] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2945'. [ 231.341262][T12361] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2945'. [ 232.755170][T12409] netlink: 'syz.6.2967': attribute type 3 has an invalid length. [ 232.763472][T12409] netlink: 72 bytes leftover after parsing attributes in process `syz.6.2967'. [ 232.795276][T12412] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2969'. [ 233.120113][T12422] team0: entered promiscuous mode [ 233.127637][T12422] team_slave_0: entered promiscuous mode [ 233.133711][T12422] team_slave_1: entered promiscuous mode [ 233.142111][T12421] team0: left promiscuous mode [ 233.147252][T12421] team_slave_0: left promiscuous mode [ 233.186662][T12421] team_slave_1: left promiscuous mode [ 233.246862][T12426] netlink: 'syz.4.2975': attribute type 1 has an invalid length. [ 233.259213][T12426] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 233.266496][T12426] IPv6: NLM_F_CREATE should be set when creating new route [ 233.593869][T12439] netlink: 40 bytes leftover after parsing attributes in process `syz.7.2981'. [ 234.767005][T12483] netlink: 'syz.2.3001': attribute type 1 has an invalid length. [ 234.799595][T12483] netlink: 'syz.2.3001': attribute type 2 has an invalid length. [ 234.857413][T12487] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3003'. [ 236.809550][T12561] vlan2: entered allmulticast mode [ 236.822456][T12561] batadv0: entered allmulticast mode [ 236.834935][T12561] batadv0: left allmulticast mode [ 237.454331][ T30] audit: type=1800 audit(1742482661.664:176): pid=12584 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.5.3047" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0 [ 237.605586][T12589] misc userio: Invalid payload size [ 238.057150][T12602] ip6t_rpfilter: only valid in 'raw' or 'mangle' table, not '' [ 238.236652][T12608] netlink: 'syz.6.3059': attribute type 1 has an invalid length. [ 238.545218][T12622] vlan2: entered allmulticast mode [ 238.550389][T12622] batadv0: entered allmulticast mode [ 238.575377][T12622] batadv0: left allmulticast mode [ 238.606700][T12626] program syz.7.3066 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 239.344087][T12666] vlan2: entered allmulticast mode [ 239.361881][T12666] batadv0: entered allmulticast mode [ 239.373228][T12666] batadv0: left allmulticast mode [ 239.529579][T12668] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3087'. [ 240.792834][T12725] netlink: 72 bytes leftover after parsing attributes in process `syz.2.3113'. [ 240.851444][T12727] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3114'. [ 240.869012][T12727] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3114'. [ 241.247206][T12741] netlink: zone id is out of range [ 241.285703][T12741] netlink: set zone limit has 8 unknown bytes [ 241.361058][T12745] dummy0: entered promiscuous mode [ 241.371614][T12744] dummy0: left promiscuous mode [ 241.831225][T12762] mkiss: ax0: crc mode is auto. [ 241.963351][T12762] Falling back ldisc for ttyS3. [ 242.141953][T12770] netlink: 32 bytes leftover after parsing attributes in process `syz.7.3134'. [ 242.178573][T12770] bridge0: port 1(bridge_slave_0) entered disabled state [ 242.210769][T12770] bridge0: port 1(bridge_slave_0) entered disabled state [ 242.233627][T12779] netlink: 56 bytes leftover after parsing attributes in process `syz.5.3138'. [ 242.306809][T12782] netlink: 1256 bytes leftover after parsing attributes in process `syz.2.3139'. [ 242.744467][T12798] netlink: 72 bytes leftover after parsing attributes in process `syz.5.3147'. [ 242.771981][T12798] netlink: 72 bytes leftover after parsing attributes in process `syz.5.3147'. [ 242.794577][T12798] netlink: 32 bytes leftover after parsing attributes in process `syz.5.3147'. [ 242.830075][T12800] netlink: 72 bytes leftover after parsing attributes in process `syz.5.3147'. [ 243.103217][T12812] loop2: detected capacity change from 0 to 1 [ 243.122809][T12812] Dev loop2: unable to read RDB block 1 [ 243.128432][T12812] loop2: unable to read partition table [ 243.171966][T12812] loop2: partition table beyond EOD, truncated [ 243.185529][T12812] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 243.539423][T12839] [U] Ž [ 243.809612][T12852] overlayfs: missing 'workdir' [ 244.083505][ T5139] Bluetooth: hci2: unexpected event for opcode 0x0c46 [ 244.536475][T12888] mkiss: ax0: crc mode is auto. [ 245.148207][T12913] syzkaller0: tun_chr_ioctl cmd 2147767506 [ 245.181101][T12917] tap0: tun_chr_ioctl cmd 1074025677 [ 245.188584][T12917] tap0: linktype set to 512 [ 245.501407][T12928] netlink: 'syz.6.3207': attribute type 1 has an invalid length. [ 246.083494][T12945] __nla_validate_parse: 6 callbacks suppressed [ 246.083513][T12945] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3214'. [ 246.141116][T12952] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3214'. [ 246.219678][T12957] netlink: 'syz.6.3219': attribute type 21 has an invalid length. [ 246.238788][T12957] netlink: 128 bytes leftover after parsing attributes in process `syz.6.3219'. [ 246.318272][T12957] netlink: 'syz.6.3219': attribute type 4 has an invalid length. [ 246.341202][T12957] netlink: 'syz.6.3219': attribute type 5 has an invalid length. [ 246.351528][T12957] netlink: 3 bytes leftover after parsing attributes in process `syz.6.3219'. [ 246.752642][T12984] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3231'. [ 247.611382][T13028] sch_tbf: burst 1683 is lower than device lo mtu (11337746) ! [ 247.974462][T13049] bridge0: entered promiscuous mode [ 248.016364][T13049] bridge0: port 3(macsec1) entered blocking state [ 248.042010][T13049] bridge0: port 3(macsec1) entered disabled state [ 248.051232][T13049] macsec1: entered allmulticast mode [ 248.064219][T13049] bridge0: entered allmulticast mode [ 248.083223][T13049] macsec1: left allmulticast mode [ 248.102661][T13049] bridge0: left allmulticast mode [ 248.123818][T13049] bridge0: left promiscuous mode [ 248.193102][T13058] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3268'. [ 248.263983][T13061] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 248.308568][ T30] audit: type=1326 audit(1742482672.524:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13062 comm="syz.5.3271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2c758d169 code=0x7ffc0000 [ 248.364778][ T30] audit: type=1326 audit(1742482672.524:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13062 comm="syz.5.3271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2c758d169 code=0x7ffc0000 [ 248.405054][ T30] audit: type=1326 audit(1742482672.554:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13062 comm="syz.5.3271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd2c758d169 code=0x7ffc0000 [ 248.474608][ T30] audit: type=1326 audit(1742482672.554:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13062 comm="syz.5.3271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2c758d169 code=0x7ffc0000 [ 248.524787][ T30] audit: type=1326 audit(1742482672.554:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13062 comm="syz.5.3271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2c758d169 code=0x7ffc0000 [ 248.608355][ T30] audit: type=1326 audit(1742482672.564:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13062 comm="syz.5.3271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd2c758d169 code=0x7ffc0000 [ 248.670908][ T30] audit: type=1326 audit(1742482672.564:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13062 comm="syz.5.3271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2c758d169 code=0x7ffc0000 [ 248.742667][ T30] audit: type=1326 audit(1742482672.564:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13062 comm="syz.5.3271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2c758d169 code=0x7ffc0000 [ 248.797304][ T30] audit: type=1326 audit(1742482672.574:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13062 comm="syz.5.3271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=151 compat=0 ip=0x7fd2c758d169 code=0x7ffc0000 [ 248.870754][ T30] audit: type=1326 audit(1742482672.624:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13062 comm="syz.5.3271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2c758d169 code=0x7ffc0000 [ 249.131884][ T5872] usb 3-1: new high-speed USB device number 24 using dummy_hcd [ 249.292392][ T5872] usb 3-1: too many configurations: 89, using maximum allowed: 8 [ 249.316008][ T5872] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 249.331872][ T5872] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 249.356771][ T5872] usb 3-1: Product: syz [ 249.360963][ T5872] usb 3-1: Manufacturer: syz [ 249.382527][ T5872] usb 3-1: SerialNumber: syz [ 249.404626][ T5872] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 249.453589][ T5828] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 249.681863][T13080] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 249.702979][ T5872] usb 3-1: USB disconnect, device number 24 [ 250.267266][T13137] random: crng reseeded on system resumption [ 250.506001][ T5828] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive [ 250.526021][ T5828] ath9k_htc: Failed to initialize the device [ 250.548808][ T5872] usb 3-1: ath9k_htc: USB layer deinitialized [ 250.657114][T13156] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3314'. [ 250.667021][T13155] netlink: 'syz.6.3315': attribute type 3 has an invalid length. [ 250.684273][T13155] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3315'. [ 250.791990][T13158] input: syz0 as /devices/virtual/input/input36 [ 251.212012][ T5832] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 251.381908][ T5832] usb 7-1: Using ep0 maxpacket: 32 [ 251.402110][ T5832] usb 7-1: config 0 has an invalid interface number: 51 but max is 0 [ 251.419080][ T5832] usb 7-1: config 0 has no interface number 0 [ 251.443725][ T5832] usb 7-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 251.457726][ T5832] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 251.497789][ T5832] usb 7-1: Product: syz [ 251.517848][ T5832] usb 7-1: Manufacturer: syz [ 251.533657][ T5832] usb 7-1: SerialNumber: syz [ 251.553053][ T5832] usb 7-1: config 0 descriptor?? [ 251.576794][ T5832] quatech2 7-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 251.784492][ T5832] usb 7-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 251.806466][T13191] netlink: 'syz.2.3331': attribute type 1 has an invalid length. [ 251.832630][T13191] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3331'. [ 251.849142][ T5832] usb 7-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 252.102189][T13202] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3336'. [ 252.121659][T13202] netlink: 39 bytes leftover after parsing attributes in process `syz.4.3336'. [ 252.176574][T13204] sp0: Synchronizing with TNC [ 252.191596][ C0] usb 7-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 252.200681][ T5832] usb 7-1: USB disconnect, device number 3 [ 252.227517][ T5832] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 252.272474][ T5832] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 252.302525][ T5832] quatech2 7-1:0.51: device disconnected [ 252.443673][T13218] overlayfs: failed to clone upperpath [ 252.809200][T13235] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3352'. [ 252.843119][T13239] overlayfs: disabling nfs_export due to verity=on [ 252.970574][T13243] netlink: 1256 bytes leftover after parsing attributes in process `syz.5.3355'. [ 253.212994][T13254] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3362'. [ 254.173182][T13302] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3383'. [ 254.194193][T13302] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3383'. [ 254.231938][T13302] netlink: 'syz.5.3383': attribute type 4 has an invalid length. [ 255.084764][T13338] program syz.5.3400 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 255.095826][T13339] netlink: 20 bytes leftover after parsing attributes in process `syz.6.3401'. [ 255.232727][T13343] netlink: 830 bytes leftover after parsing attributes in process `syz.6.3404'. [ 255.268133][T13346] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 255.274637][T13346] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 255.639854][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.646405][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.824987][T13401] IPVS: length: 4096 != 8 [ 258.088232][T13449] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 258.173275][T13452] netlink: 76 bytes leftover after parsing attributes in process `syz.4.3453'. [ 259.210359][T13497] netlink: 176 bytes leftover after parsing attributes in process `syz.7.3475'. [ 259.233449][T13497] ip6gretap0: entered promiscuous mode [ 259.239410][T13497] netlink: 176 bytes leftover after parsing attributes in process `syz.7.3475'. [ 259.298537][T13502] netlink: 'syz.2.3476': attribute type 12 has an invalid length. [ 259.468454][ T30] kauditd_printk_skb: 54 callbacks suppressed [ 259.468470][ T30] audit: type=1326 audit(1742482939.687:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13512 comm="syz.5.3481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2c758d169 code=0x7ffc0000 [ 259.561484][ T30] audit: type=1326 audit(1742482939.687:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13512 comm="syz.5.3481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2c758d169 code=0x7ffc0000 [ 259.593353][ T30] audit: type=1326 audit(1742482939.687:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13512 comm="syz.5.3481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7fd2c758d169 code=0x7ffc0000 [ 259.615023][ T30] audit: type=1326 audit(1742482939.687:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13512 comm="syz.5.3481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2c758d169 code=0x7ffc0000 [ 259.678862][T13519] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 259.688049][T13519] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 259.697061][T13519] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 259.705947][T13519] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 259.732793][ T30] audit: type=1326 audit(1742482939.687:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13512 comm="syz.5.3481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2c758d169 code=0x7ffc0000 [ 259.793400][ T30] audit: type=1326 audit(1742482939.687:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13512 comm="syz.5.3481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=47 compat=0 ip=0x7fd2c758d169 code=0x7ffc0000 [ 259.892654][ T30] audit: type=1326 audit(1742482939.747:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13512 comm="syz.5.3481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2c758d169 code=0x7ffc0000 [ 259.935565][T13531] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3489'. [ 259.964857][ T30] audit: type=1326 audit(1742482939.747:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13512 comm="syz.5.3481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2c758d169 code=0x7ffc0000 [ 260.899528][T13573] macsec1: entered allmulticast mode [ 260.914458][T13573] macvlan0: entered allmulticast mode [ 260.931909][T13573] veth1_vlan: entered allmulticast mode [ 261.025271][T13573] macvlan0: left allmulticast mode [ 261.041861][T13573] veth1_vlan: left allmulticast mode [ 263.320298][T13656] netlink: 60 bytes leftover after parsing attributes in process `syz.5.3544'. [ 266.762441][T13794] 8021q: adding VLAN 0 to HW filter on device bond1 [ 268.378064][T13846] overlayfs: conflicting options: nfs_export=on,index=off [ 269.577756][T13895] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3654'. [ 269.812409][T13902] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3660'. [ 269.991898][T13916] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3663'. [ 270.601714][T13956] input: syz0 as /devices/virtual/input/input40 [ 272.226106][T14024] netlink: 'syz.5.3712': attribute type 8 has an invalid length. [ 272.273273][T14024] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3712'. [ 272.425743][T14034] netem: incorrect gi model size [ 272.441675][T14034] netem: change failed [ 272.557074][ T30] audit: type=1326 audit(1742482952.767:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14037 comm="syz.5.3719" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd2c758d169 code=0x0 [ 272.577964][T14042] lo speed is unknown, defaulting to 1000 [ 273.224311][T14072] A link change request failed with some changes committed already. Interface gre0 may have been left with an inconsistent configuration, please check. [ 273.602947][T14087] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3740'. [ 273.918170][T14096] netlink: 76 bytes leftover after parsing attributes in process `syz.6.3745'. [ 273.953121][T14096] nbd: illegal input index 1768304430 [ 274.500663][T14126] netlink: 830 bytes leftover after parsing attributes in process `syz.2.3760'. [ 274.946106][T14148] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3769'. [ 274.988625][T14148] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3769'. [ 275.717186][T14182] 8021q: adding VLAN 0 to HW filter on device bond1 [ 275.774831][T14182] bond0: (slave bond1): Enslaving as an active interface with an up link [ 275.978285][T14187] netlink: 596 bytes leftover after parsing attributes in process `syz.2.3783'. [ 276.432148][T14203] input: syz1 as /devices/virtual/input/input41 [ 276.935031][ T5872] IPVS: starting estimator thread 0... [ 277.031912][T14224] IPVS: using max 22 ests per chain, 52800 per kthread [ 278.002037][T14263] tap0: tun_chr_ioctl cmd 1074025677 [ 278.016580][T14263] tap0: linktype set to 65534 [ 278.031138][T14265] input: syz0 as /devices/virtual/input/input42 [ 279.462946][T14318] netlink: 36 bytes leftover after parsing attributes in process `syz.6.3841'. [ 280.814287][T14377] bond0: option fail_over_mac: unable to set because the bond device has slaves [ 281.223833][ C1] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 281.747731][T14429] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check. [ 281.842086][ T30] audit: type=1326 audit(1742482962.057:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14430 comm="syz.2.3892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe51e78d169 code=0x7ffc0000 [ 281.928554][ T30] audit: type=1326 audit(1742482962.057:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14430 comm="syz.2.3892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe51e78d169 code=0x7ffc0000 [ 282.000847][ T30] audit: type=1326 audit(1742482962.087:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14430 comm="syz.2.3892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe51e78d169 code=0x7ffc0000 [ 282.015723][T14439] netdevsim netdevsim7 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 282.031966][T14439] netdevsim netdevsim7 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 282.040687][T14439] netdevsim netdevsim7 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 282.049458][T14439] netdevsim netdevsim7 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 282.056415][ T30] audit: type=1326 audit(1742482962.087:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14430 comm="syz.2.3892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe51e78d169 code=0x7ffc0000 [ 282.140505][ T30] audit: type=1326 audit(1742482962.087:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14430 comm="syz.2.3892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe51e78d169 code=0x7ffc0000 [ 282.194494][ T30] audit: type=1326 audit(1742482962.087:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14430 comm="syz.2.3892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe51e78d169 code=0x7ffc0000 [ 282.218912][ T30] audit: type=1326 audit(1742482962.087:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14430 comm="syz.2.3892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe51e78d169 code=0x7ffc0000 [ 282.293486][ T30] audit: type=1326 audit(1742482962.087:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14430 comm="syz.2.3892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe51e78d169 code=0x7ffc0000 [ 282.331870][ T30] audit: type=1326 audit(1742482962.087:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14430 comm="syz.2.3892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe51e78d169 code=0x7ffc0000 [ 282.442774][T14451] netlink: 'syz.7.3902': attribute type 1 has an invalid length. [ 282.455908][T14451] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3902'. [ 282.780700][T14464] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3908'. [ 282.929683][T14472] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3912'. [ 282.951542][T14472] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3912'. [ 285.710691][T14592] hsr0: left promiscuous mode [ 286.088448][T14600] lo speed is unknown, defaulting to 1000 [ 286.817712][T14628] IPVS: sync thread started: state = MASTER, mcast_ifn = hsr0, syncid = 0, id = 0 [ 286.833355][T14630] IPVS: sync thread started: state = MASTER, mcast_ifn = hsr0, syncid = 0, id = 2 [ 286.841788][T14629] IPVS: sync thread started: state = MASTER, mcast_ifn = hsr0, syncid = 0, id = 1 [ 286.862752][T14633] IPVS: sync thread started: state = MASTER, mcast_ifn = hsr0, syncid = 0, id = 3 [ 287.182779][T14644] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3990'. [ 287.199173][T14644] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3990'. [ 287.231060][T14644] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3990'. [ 287.353722][T14654] netlink: 2 bytes leftover after parsing attributes in process `syz.6.3995'. [ 287.631869][ T5872] usb 3-1: new full-speed USB device number 25 using dummy_hcd [ 287.655862][ T30] audit: type=1326 audit(1742482967.877:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14670 comm="syz.6.4002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb55b8d169 code=0x7ffc0000 [ 287.677408][ C1] vkms_vblank_simulate: vblank timer overrun [ 287.732244][ T30] audit: type=1326 audit(1742482967.877:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14670 comm="syz.6.4002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb55b8d169 code=0x7ffc0000 [ 287.771880][ T30] audit: type=1326 audit(1742482967.917:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14670 comm="syz.6.4002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fcb55b8d169 code=0x7ffc0000 [ 287.793361][ C1] vkms_vblank_simulate: vblank timer overrun [ 287.814835][ T30] audit: type=1326 audit(1742482967.917:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14670 comm="syz.6.4002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb55b8d169 code=0x7ffc0000 [ 287.837115][ T5872] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid maxpacket 512, setting to 64 [ 287.849161][ T5872] usb 3-1: config 0 interface 0 has no altsetting 0 [ 287.856285][ T5872] usb 3-1: New USB device found, idVendor=28bd, idProduct=0078, bcdDevice= 0.00 [ 287.885816][ T5872] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 287.902078][ T30] audit: type=1326 audit(1742482967.917:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14670 comm="syz.6.4002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb55b8d169 code=0x7ffc0000 [ 287.934521][ T5872] usb 3-1: config 0 descriptor?? [ 287.942230][T14657] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 287.967560][ T30] audit: type=1326 audit(1742482967.927:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14670 comm="syz.6.4002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fcb55b8d169 code=0x7ffc0000 [ 287.991093][ T30] audit: type=1326 audit(1742482967.927:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14670 comm="syz.6.4002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb55b8d169 code=0x7ffc0000 [ 288.012672][ C1] vkms_vblank_simulate: vblank timer overrun [ 288.019799][ T30] audit: type=1326 audit(1742482967.927:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14670 comm="syz.6.4002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb55b8d169 code=0x7ffc0000 [ 288.041352][ C1] vkms_vblank_simulate: vblank timer overrun [ 288.141005][ T30] audit: type=1326 audit(1742482967.927:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14670 comm="syz.6.4002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7fcb55b8d169 code=0x7ffc0000 [ 288.162636][ C1] vkms_vblank_simulate: vblank timer overrun [ 288.212026][ T30] audit: type=1326 audit(1742482967.927:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14670 comm="syz.6.4002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=96 compat=0 ip=0xffffffffff600000 code=0x7ffc0000 [ 288.347403][T14700] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4015'. [ 288.407439][T14702] netlink: 632 bytes leftover after parsing attributes in process `syz.4.4016'. [ 288.410608][ T5872] hid (null): unknown global tag 0x13 [ 288.444179][ T5872] hid (null): bogus close delimiter [ 288.473435][ T5872] uclogic 0003:28BD:0078.0023: interface is invalid, ignoring [ 288.508323][T14704] loop5: detected capacity change from 0 to 7 [ 288.529218][T14704] buffer_io_error: 7 callbacks suppressed [ 288.529233][T14704] Buffer I/O error on dev loop5, logical block 0, async page read [ 288.566458][T14704] Buffer I/O error on dev loop5, logical block 0, async page read [ 288.590779][T14704] Buffer I/O error on dev loop5, logical block 0, async page read [ 288.621277][ T5832] usb 3-1: USB disconnect, device number 25 [ 288.623545][T14706] 9pnet_fd: Insufficient options for proto=fd [ 288.638927][T14704] Buffer I/O error on dev loop5, logical block 0, async page read [ 288.664312][T14704] Buffer I/O error on dev loop5, logical block 0, async page read [ 288.685195][T14704] Buffer I/O error on dev loop5, logical block 0, async page read [ 288.702427][T14704] Buffer I/O error on dev loop5, logical block 0, async page read [ 288.718119][T14704] ldm_validate_partition_table(): Disk read failed. [ 288.733775][T14704] Buffer I/O error on dev loop5, logical block 0, async page read [ 288.751971][T14704] Buffer I/O error on dev loop5, logical block 0, async page read [ 288.770192][T14704] Buffer I/O error on dev loop5, logical block 0, async page read [ 288.790768][T14704] Dev loop5: unable to read RDB block 0 [ 288.804434][T14704] loop5: unable to read partition table [ 288.817987][T14704] loop5: partition table beyond EOD, truncated [ 288.847364][T14704] loop_reread_partitions: partition scan of loop5 (þ被xüŸÑø éÚ¬§½dƤ´à–ƒÝ¡¯¨â·û [ 288.847364][T14704] ) failed (rc=-5) [ 288.869109][T14708] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4020'. [ 289.265776][T14713] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 289.293656][T14713] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 289.320113][T14713] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 289.338938][T14713] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 289.359721][T14713] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 289.530957][T14738] netlink: 16 bytes leftover after parsing attributes in process `syz.6.4032'. [ 290.386929][T14769] netlink: 'syz.7.4046': attribute type 25 has an invalid length. [ 290.405121][T14769] netlink: 'syz.7.4046': attribute type 7 has an invalid length. [ 291.222095][ T5139] Bluetooth: hci1: command 0x0406 tx timeout [ 291.301956][ T5139] Bluetooth: hci2: command 0x0406 tx timeout [ 291.381951][ T5139] Bluetooth: hci3: command 0x0405 tx timeout [ 291.382245][ T5841] Bluetooth: hci0: command 0x0c1a tx timeout [ 291.387993][ T5139] Bluetooth: hci4: command 0x0c1a tx timeout [ 291.539866][T14801] xt_CT: No such helper "snmp" [ 293.547326][T14842] syz.6.4079 (14842) used greatest stack depth: 17712 bytes left [ 294.725491][ T30] kauditd_printk_skb: 81 callbacks suppressed [ 294.725510][ T30] audit: type=1326 audit(1742482974.947:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14874 comm="syz.4.4094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e6778d169 code=0x7ffc0000 [ 294.810305][ T30] audit: type=1326 audit(1742482974.977:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14874 comm="syz.4.4094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e6778d169 code=0x7ffc0000 [ 294.879100][ T30] audit: type=1326 audit(1742482974.977:352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14874 comm="syz.4.4094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f0e6778d169 code=0x7ffc0000 [ 294.948288][ T30] audit: type=1326 audit(1742482974.977:353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14874 comm="syz.4.4094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e6778d169 code=0x7ffc0000 [ 295.023684][ T30] audit: type=1326 audit(1742482974.977:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14874 comm="syz.4.4094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e6778d169 code=0x7ffc0000 [ 295.139209][T14897] overlay: Unknown parameter ' [ 295.139209][T14897] time [ 295.139209][T14897] string [ 295.139209][T14897] statistic [ 295.139209][T14897] state [ 295.139209][T14897] realm [ 295.139209][T14897] rateest [ 295.139209][T14897] quota [ 295.139209][T14897] pkttype [ 295.139209][T14897] physdev [ 295.139209][T14897] cgroup [ 295.139209][T14897] cgroup [ 295.139209][T14897] cgroup [ 295.139209][T14897] owner [ 295.139209][T14897] nfacct [ 295.139209][T14897] nfacct [ 295.139209][T14897] mac [ 295.139209][T14897] limit [ 295.139209][T14897] ipvs [ 295.139209][T14897] helper [ 295.139209][T14897] devgroup [ 295.139209][T14897] cpu [ 295.139209][T14897] conntrack [ 295.139209][T14897] conntrack [ 295.139209][T14897] conntrack [ 295.139209][T14897] connlabel [ 295.139209][T14897] connbytes [ 295.139209][T14897] comment [ 295.139209][T14897] bpf [ 295.139209][T14897] bpf [ 295.139209][T14897] connmark [ 295.139209][T14897] mark [ 295.139209][T14897] rpfilter [ 295.139209][T14897] ah [ 295.139209][T14897] tcpmss [ 295.139209][T14897] socket [ 295.139209][T14897] socket [ 295.139209][T14897] socket [ 295.139209][T14897] socket [ 295.139209][T14897] sctp [ 295.139209][T14897] recent [ 295.139209][T14897] recent [ 295.139209][T14897] policy [ 295.139209][T14897] osf [ 295.139209][T14897] multiport [ 295.139209][T14897] length [ 295.139209][T14897] l2tp [ 295.139209][T14897] iprange [ 295.139209][T14897] ipcomp [ 295.139209][T14897] ttl [ 295.139209][T14897] hashlimit [ 295.139209][T14897] hashlimit [ 295.139209][T14897] hashlimit [ 295.139209][T14897] esp [ 295.139209][T14897] ecn [ 295.139209][T14897] tos [ 295.139209][T14897] dscp [ 295.139209][T14897] dccp [ 295.139209][T14897] connlimit [ 295.139209][T14897] cluster [ 295.139209][T14897] addrtype [ 295.139209][T14897] addrtype [ 295.139209][T14897] set [ 295.139209][T14897] set [ 295.139209][T14897] set [ 295.139209][T14897] set [ 295.139209][T14897] set [ 295.139209][T14897] icmp [ 295.656420][T14919] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4116'. [ 295.684581][ T30] audit: type=1326 audit(1742482975.907:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14920 comm="syz.7.4114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f656318d169 code=0x7ffc0000 [ 295.712541][T14919] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4116'. [ 295.766861][ T30] audit: type=1326 audit(1742482975.907:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14920 comm="syz.7.4114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f656318d169 code=0x7ffc0000 [ 295.821849][ T30] audit: type=1326 audit(1742482975.927:357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14920 comm="syz.7.4114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f656318d169 code=0x7ffc0000 [ 295.913696][ T30] audit: type=1326 audit(1742482975.927:358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14920 comm="syz.7.4114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f656318d169 code=0x7ffc0000 [ 295.992456][ T30] audit: type=1326 audit(1742482975.927:359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14920 comm="syz.7.4114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f656318d169 code=0x7ffc0000 [ 296.660185][T14971] netlink: 65055 bytes leftover after parsing attributes in process `syz.7.4137'. [ 296.682104][T14971] tc_dump_action: action bad kind [ 297.260003][T14998] ALSA: mixer_oss: invalid index 9551615 [ 297.552069][T15011] netlink: 'syz.4.4155': attribute type 11 has an invalid length. [ 297.583930][T15011] netlink: 60 bytes leftover after parsing attributes in process `syz.4.4155'. [ 298.747787][T15060] netlink: 68 bytes leftover after parsing attributes in process `syz.5.4177'. [ 299.126554][T15076] netlink: 'syz.6.4186': attribute type 4 has an invalid length. [ 299.173724][T15076] netlink: 199836 bytes leftover after parsing attributes in process `syz.6.4186'. [ 299.493132][T15093] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4193'. [ 300.011364][T15121] netlink: 260 bytes leftover after parsing attributes in process `syz.6.4207'. [ 300.709168][T15156] netlink: 104 bytes leftover after parsing attributes in process `syz.2.4222'. [ 300.768101][T15160] input: syz0 as /devices/virtual/input/input43 [ 301.615904][T15194] netlink: 243 bytes leftover after parsing attributes in process `syz.4.4239'. [ 301.680033][T15194] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 301.690853][T15198] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4241'. [ 301.791043][T15198] mac80211_hwsim hwsim16 wlan1: entered promiscuous mode [ 301.818861][T15198] netlink: 'syz.6.4241': attribute type 2 has an invalid length. [ 302.007669][T15210] netlink: 20 bytes leftover after parsing attributes in process `syz.7.4248'. [ 302.707711][T15243] netem: incorrect ge model size [ 302.713723][T15243] netem: change failed [ 303.029918][T15256] netlink: 56 bytes leftover after parsing attributes in process `syz.4.4266'. [ 303.059436][T15256] netlink: 576 bytes leftover after parsing attributes in process `syz.4.4266'. [ 303.737596][T15275] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 303.763593][T15275] bridge0: port 1(bridge_slave_0) entered disabled state [ 305.133770][ T26] kernel read not supported for file /dsp (pid: 26 comm: kworker/1:0) [ 305.731957][T15356] CUSE: unknown device info "#! sched_switch" [ 305.738182][T15356] CUSE: unknown device info "(" [ 305.757651][T15356] CUSE: DEVNAME unspecified [ 306.420956][T15382] veth1_macvtap: left promiscuous mode [ 306.969218][T15402] syz.4.4336 (15402) used greatest stack depth: 17656 bytes left [ 306.994700][T15406] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 307.023462][ T10] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 308.022388][ T10] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 308.192562][T15472] support for the xor transformation has been removed. [ 309.328031][T15524] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4393'. [ 309.460343][T15533] @: renamed from vlan0 (while UP) [ 309.838242][T15550] use of bytesused == 0 is deprecated and will be removed in the future, [ 309.874790][T15550] use the actual size instead. [ 310.141718][T15561] ipvlan2: entered promiscuous mode [ 310.156517][T15563] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4412'. [ 310.163319][T15561] ipvlan2: entered allmulticast mode [ 310.186727][T15561] bridge0: entered allmulticast mode [ 310.200278][T15561] bridge0: port 3(ipvlan2) entered blocking state [ 310.215305][T15561] bridge0: port 3(ipvlan2) entered disabled state [ 310.275513][T15563] vlan3: entered allmulticast mode [ 310.285498][T15563] dummy0: entered allmulticast mode [ 310.297137][T15567] 9pnet_fd: Insufficient options for proto=fd [ 310.840318][T15592] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4426'. [ 310.860461][T15592] bridge: RTM_NEWNEIGH with unconfigured vlan 16 on bridge0 [ 312.399568][T15662] trusted_key: syz.4.4455 sent an empty control message without MSG_MORE. [ 313.190173][T15697] input: syz1 as /devices/virtual/input/input44 [ 313.623637][T15709] sctp: [Deprecated]: syz.2.4482 (pid 15709) Use of int in maxseg socket option. [ 313.623637][T15709] Use struct sctp_assoc_value instead [ 313.796310][T15714] vivid-000: disconnect [ 313.821653][T15713] vivid-000: reconnect [ 314.623308][T15734] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap0 [ 314.741964][ T5828] usb 3-1: new high-speed USB device number 26 using dummy_hcd [ 314.907671][ T5828] usb 3-1: Using ep0 maxpacket: 8 [ 314.921922][ T5828] usb 3-1: config 0 has no interfaces? [ 314.927508][ T5828] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 314.957722][ T5828] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 314.981595][ T5828] usb 3-1: config 0 descriptor?? [ 315.205164][ T5828] usb 3-1: USB disconnect, device number 26 [ 316.180940][T15795] netem: unknown loss type 0 [ 316.250559][T15795] netem: change failed [ 316.256627][T15799] netlink: 312 bytes leftover after parsing attributes in process `syz.4.4522'. [ 317.072128][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.078564][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.857018][T15862] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 317.883243][T15862] bridge0: port 2(bridge_slave_1) entered disabled state [ 318.036526][T15866] cgroup: fork rejected by pids controller in /syz2 [ 318.899532][ T5828] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 319.069494][ T5828] usb 7-1: Using ep0 maxpacket: 8 [ 319.093910][ T5828] usb 7-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a [ 319.121526][ T5828] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 319.151888][ T5828] usb 7-1: Product: syz [ 319.166432][ T5828] usb 7-1: Manufacturer: syz [ 319.170047][T17663] lo: entered promiscuous mode [ 319.171178][ T5828] usb 7-1: SerialNumber: syz [ 319.203759][T17663] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 319.269377][ T5828] usb 7-1: config 0 descriptor?? [ 319.293693][ T5828] gspca_main: sq930x-2.14.0 probing 2770:930c [ 320.099764][ T5828] gspca_sq930x: ucbus_write failed -71 [ 320.381881][ T5828] gspca_sq930x: Sensor ov9630 not yet treated [ 320.388233][ T5828] sq930x 7-1:0.0: probe with driver sq930x failed with error -22 [ 320.398053][ T5828] usb 7-1: USB disconnect, device number 4 [ 320.929253][T17699] 9pnet_fd: Insufficient options for proto=fd [ 321.211927][ T974] usb 7-1: new full-speed USB device number 5 using dummy_hcd [ 321.373187][ T974] usb 7-1: too many endpoints for config 0 interface 0 altsetting 2: 242, using maximum allowed: 30 [ 321.394164][ T974] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 321.424268][ T974] usb 7-1: config 0 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 242 [ 321.447877][ T974] usb 7-1: config 0 interface 0 has no altsetting 0 [ 321.458014][ T974] usb 7-1: New USB device found, idVendor=05ac, idProduct=0225, bcdDevice= 0.00 [ 321.469992][ T974] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 321.486655][ T974] usb 7-1: config 0 descriptor?? [ 321.623245][ T30] kauditd_printk_skb: 16 callbacks suppressed [ 321.623260][ T30] audit: type=1800 audit(1742483001.847:376): pid=17723 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.2.4593" name="bus" dev="tmpfs" ino=4642 res=0 errno=0 [ 321.916320][ T974] apple 0003:05AC:0225.0024: unknown main item tag 0x0 [ 321.925312][ T974] apple 0003:05AC:0225.0024: hidraw0: USB HID v0.03 Device [HID 05ac:0225] on usb-dummy_hcd.6-1/input0 [ 322.127930][ T974] usb 7-1: USB disconnect, device number 5 [ 323.238259][T17775] netlink: 'syz.7.4612': attribute type 10 has an invalid length. [ 323.267570][T17775] bridge0: port 2(bridge_slave_1) entered disabled state [ 323.292155][T17775] bridge_slave_1: left allmulticast mode [ 323.308190][T17775] bridge_slave_1: left promiscuous mode [ 323.318428][T17775] bridge0: port 2(bridge_slave_1) entered disabled state [ 323.360308][T17775] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link [ 323.565659][T17785] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4618'. [ 323.732491][T17789] IPv6: addrconf: prefix option has invalid lifetime [ 323.979307][T17795] dvmrp1: tun_chr_ioctl cmd 1074025681 [ 324.451871][ T974] usb 7-1: new full-speed USB device number 6 using dummy_hcd [ 324.637466][ T974] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid maxpacket 512, setting to 64 [ 324.663630][ T974] usb 7-1: config 0 interface 0 has no altsetting 0 [ 324.670392][ T974] usb 7-1: New USB device found, idVendor=28bd, idProduct=0078, bcdDevice= 0.00 [ 324.702421][ T974] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 324.724643][ T974] usb 7-1: config 0 descriptor?? [ 324.730115][T17802] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22 [ 325.159958][ T974] hid (null): global environment stack underflow [ 325.177186][ T974] hid (null): global environment stack underflow [ 325.189286][ T974] hid (null): report_id 0 is invalid [ 325.210417][ T974] hid (null): global environment stack underflow [ 325.227541][ T974] hid (null): report_id 0 is invalid [ 325.247474][ T974] hid (null): report_id 0 is invalid [ 325.253995][ T974] hid (null): global environment stack underflow [ 325.265065][ T974] uclogic 0003:28BD:0078.0025: interface is invalid, ignoring [ 325.384693][ T2098] usb 7-1: USB disconnect, device number 6 [ 326.293041][T17876] netlink: 'syz.6.4659': attribute type 1 has an invalid length. [ 326.300812][T17876] netlink: 134744 bytes leftover after parsing attributes in process `syz.6.4659'. [ 326.475587][T17885] loop6: detected capacity change from 0 to 524287999 [ 327.462200][T17930] program syz.7.4685 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 327.671829][ T2098] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 327.856207][ T2098] usb 7-1: Using ep0 maxpacket: 32 [ 327.903154][ T2098] usb 7-1: config index 0 descriptor too short (expected 35577, got 27) [ 327.922741][ T2098] usb 7-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 327.948027][ T2098] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 327.974897][ T2098] usb 7-1: config 1 has no interface number 0 [ 328.011672][ T2098] usb 7-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 328.039429][ T2098] usb 7-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 328.081827][ T2098] usb 7-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 328.105372][ T2098] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 328.129812][ T2098] snd_usb_pod 7-1:1.1: Line 6 Pocket POD found [ 328.245581][ T30] audit: type=1400 audit(1742483008.457:377): lsm=SMACK fn=smack_inode_permission action=denied subject="y" object="_" requested=wx pid=17956 comm="syz.5.4697" name="536" dev="tmpfs" ino=2747 [ 328.333395][T17927] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 328.391480][T17927] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 328.475400][ T2098] snd_usb_pod 7-1:1.1: Line 6 Pocket POD now attached [ 328.913927][ T2098] usb 7-1: USB disconnect, device number 7 [ 328.920744][ T2098] snd_usb_pod 7-1:1.1: Line 6 Pocket POD now disconnected [ 330.068036][T18013] netem: incorrect ge model size [ 330.094052][T18013] netem: change failed [ 330.829587][T18041] netlink: 'syz.7.4735': attribute type 10 has an invalid length. [ 330.852020][T18041] netlink: 152 bytes leftover after parsing attributes in process `syz.7.4735'. [ 330.861916][ T5828] usb 3-1: new high-speed USB device number 27 using dummy_hcd [ 331.032468][ T5828] usb 3-1: Using ep0 maxpacket: 8 [ 331.046204][ T5828] usb 3-1: config 179 has an invalid interface number: 65 but max is 0 [ 331.054879][ T5828] usb 3-1: config 179 has no interface number 0 [ 331.061147][ T5828] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 331.096198][ T5828] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 331.136580][ T5828] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 331.141673][T18052] netlink: 64 bytes leftover after parsing attributes in process `syz.7.4741'. [ 331.166374][ T5828] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 331.213357][ T5828] usb 3-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 331.253774][ T5828] usb 3-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 331.274895][ T5828] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 331.291468][T18034] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 331.597720][ T5828] input: Generic X-Box pad as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:179.65/input/input45 [ 331.865718][ T5828] usb 3-1: USB disconnect, device number 27 [ 331.871684][ C1] xpad 3-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 331.871724][ C1] xpad 3-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 331.920171][ T5828] xpad 3-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 333.353557][ T26] kernel read not supported for file /dsp1 (pid: 26 comm: kworker/1:0) [ 333.431615][T18125] netlink: 'syz.5.4773': attribute type 4 has an invalid length. [ 333.471851][T18125] netlink: 'syz.5.4773': attribute type 2 has an invalid length. [ 333.997114][T18142] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4781'. [ 334.738691][T18163] veth1_macvtap: left promiscuous mode [ 335.355484][T18192] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 335.369552][T18192] team0: Port device batadv1 added [ 335.532660][T18203] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4811'. [ 335.941010][ T26] IPVS: starting estimator thread 0... [ 335.951838][ T5828] usb 3-1: new high-speed USB device number 28 using dummy_hcd [ 336.059556][T18223] IPVS: using max 21 ests per chain, 50400 per kthread [ 336.121966][ T5828] usb 3-1: Using ep0 maxpacket: 32 [ 336.136065][ T5828] usb 3-1: config 0 has an invalid interface number: 51 but max is 0 [ 336.151859][ T5828] usb 3-1: config 0 has no interface number 0 [ 336.206153][ T5828] usb 3-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 336.216091][ T5828] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 336.238670][ T5828] usb 3-1: Product: syz [ 336.266470][ T5828] usb 3-1: Manufacturer: syz [ 336.276504][ T5828] usb 3-1: SerialNumber: syz [ 336.293007][ T5828] usb 3-1: config 0 descriptor?? [ 336.307385][ T5828] quatech2 3-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 336.525314][ T5828] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 336.560621][ T5828] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 336.953799][ C1] usb 3-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 336.965899][ T2098] usb 3-1: USB disconnect, device number 28 [ 337.009357][ T2098] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 337.051357][ T2098] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 337.086586][ T2098] quatech2 3-1:0.51: device disconnected [ 337.237375][T18261] netlink: 44 bytes leftover after parsing attributes in process `syz.4.4836'. [ 337.589891][T18276] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 337.688827][T18282] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4847'. [ 337.730279][T18282] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4847'. [ 337.825893][T18285] overlayfs: failed to clone upperpath [ 338.353588][ T5828] hid-generic 0000:0003:0000.0026: unknown main item tag 0x0 [ 338.388585][ T5828] hid-generic 0000:0003:0000.0026: unknown main item tag 0x0 [ 338.420551][ T5828] hid-generic 0000:0003:0000.0026: hidraw0: HID v0.00 Device [syz0] on syz1 [ 339.097455][T18314] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 339.199850][ T30] audit: type=1326 audit(1742483019.417:378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18352 comm="syz.2.4881" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe51e78d169 code=0x7ffc0000 [ 339.248525][ T30] audit: type=1326 audit(1742483019.417:379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18352 comm="syz.2.4881" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe51e78d169 code=0x7ffc0000 [ 339.295622][ T30] audit: type=1326 audit(1742483019.447:380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18352 comm="syz.2.4881" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7fe51e78d169 code=0x7ffc0000 [ 339.347156][ T30] audit: type=1326 audit(1742483019.447:381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18352 comm="syz.2.4881" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe51e78d169 code=0x7ffc0000 [ 339.399186][ T30] audit: type=1326 audit(1742483019.447:382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18352 comm="syz.2.4881" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe51e78d169 code=0x7ffc0000 [ 339.430004][ T30] audit: type=1326 audit(1742483019.447:383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18352 comm="syz.2.4881" exe="/root/syz-executor" sig=0 arch=c000003e syscall=427 compat=0 ip=0x7fe51e78d169 code=0x7ffc0000 [ 339.501989][ T30] audit: type=1326 audit(1742483019.447:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18352 comm="syz.2.4881" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe51e78d169 code=0x7ffc0000 [ 339.523550][ C1] vkms_vblank_simulate: vblank timer overrun [ 339.529796][ T30] audit: type=1326 audit(1742483019.447:385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18352 comm="syz.2.4881" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe51e78d169 code=0x7ffc0000 [ 339.552754][ T30] audit: type=1326 audit(1742483019.447:386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18352 comm="syz.2.4881" exe="/root/syz-executor" sig=0 arch=c000003e syscall=427 compat=0 ip=0x7fe51e78d169 code=0x7ffc0000 [ 339.578797][ T30] audit: type=1326 audit(1742483019.447:387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18352 comm="syz.2.4881" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe51e78d169 code=0x7ffc0000 [ 341.103097][ T26] usb 3-1: new high-speed USB device number 29 using dummy_hcd [ 341.143107][ T5841] Bluetooth: hci0: Opcode 0x206a failed: -110 [ 341.251932][ T26] usb 3-1: Using ep0 maxpacket: 32 [ 341.264190][ T26] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 341.284763][ T26] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 341.302538][ T26] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 341.311878][ T26] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 341.321596][ T26] usb 3-1: config 0 descriptor?? [ 341.536414][ T26] usb 3-1: USB disconnect, device number 29 [ 341.685609][T18437] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4918'. [ 341.725581][T18437] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4918'. [ 342.440084][T18465] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4932'. [ 342.454447][T18465] netlink: 'syz.7.4932': attribute type 2 has an invalid length. [ 342.492149][T18465] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4932'. [ 343.219599][T18501] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4949'. [ 343.842985][T18535] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4964'. [ 344.295328][T18547] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4971'. [ 344.548570][T18551] overlayfs: missing 'workdir' [ 344.625069][T18553] netlink: 'syz.7.4973': attribute type 6 has an invalid length. [ 344.721523][T18556] netlink: 'syz.2.4974': attribute type 30 has an invalid length. [ 344.763722][ T5841] Bluetooth: hci4: unexpected event for opcode 0x2002 [ 344.860838][T18558] netlink: 52 bytes leftover after parsing attributes in process `syz.7.4976'. [ 345.064364][T18569] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4979'. [ 345.405714][T18586] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap2 [ 346.455210][T18614] Failed to get privilege flags for destination (handle=0x2:0x9) [ 346.608572][T18618] kvm: user requested TSC rate below hardware speed [ 346.657813][T18620] random: crng reseeded on system resumption [ 347.107880][T18629] random: crng reseeded on system resumption [ 347.485468][T18636] lo speed is unknown, defaulting to 1000 [ 348.422502][T18659] [U]  [ 349.110208][T18693] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 349.124552][T18698] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5037'. [ 349.157564][T18693] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 349.197223][T18693] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 349.207844][T18693] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 349.228466][T18693] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 349.239970][T18693] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 349.256872][T18693] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 349.269239][T18693] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 349.286955][T18693] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 349.301674][T18693] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 349.319051][T18693] batadv_slave_0: entered promiscuous mode [ 349.341406][T18693] batadv_slave_0: left promiscuous mode [ 349.368417][T18702] netlink: 'syz.2.5040': attribute type 3 has an invalid length. [ 349.609812][T18721] bpf: Bad value for 'uid' [ 351.841200][T18808] netlink: 28 bytes leftover after parsing attributes in process `syz.6.5089'. [ 355.321820][ T974] usb 7-1: new high-speed USB device number 8 using dummy_hcd [ 355.502244][ T974] usb 7-1: Using ep0 maxpacket: 16 [ 355.511375][ T974] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 355.526770][ T974] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 355.550128][ T974] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 355.570170][ T974] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 355.597734][ T974] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 355.627459][T18911] syz.7.5135 (18911): drop_caches: 2 [ 355.637717][ T974] usb 7-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 355.650263][ T974] usb 7-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 355.665865][ T974] usb 7-1: Manufacturer: syz [ 355.702770][ T974] usb 7-1: config 0 descriptor?? [ 356.021909][ T974] rc_core: IR keymap rc-hauppauge not found [ 356.027851][ T974] Registered IR keymap rc-empty [ 356.033036][ T974] mceusb 7-1:0.0: Error: mce write submit urb error = -90 [ 356.078057][ T974] mceusb 7-1:0.0: Error: mce write submit urb error = -90 [ 356.113260][ T974] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/rc/rc0 [ 356.132513][ T974] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/rc/rc0/input46 [ 356.159671][ T974] mceusb 7-1:0.0: Error: mce write submit urb error = -90 [ 356.187571][T18931] netlink: 4 bytes leftover after parsing attributes in process `syz.7.5144'. [ 356.204970][ T974] mceusb 7-1:0.0: Error: mce write submit urb error = -90 [ 356.242031][ T974] mceusb 7-1:0.0: Error: mce write submit urb error = -90 [ 356.262464][ T974] mceusb 7-1:0.0: Error: mce write submit urb error = -90 [ 356.311813][ T974] mceusb 7-1:0.0: Error: mce write submit urb error = -90 [ 356.340347][ T974] mceusb 7-1:0.0: Error: mce write submit urb error = -90 [ 356.394387][ T974] mceusb 7-1:0.0: Error: mce write submit urb error = -90 [ 356.428141][ T974] mceusb 7-1:0.0: Error: mce write submit urb error = -90 [ 356.463245][ T974] mceusb 7-1:0.0: Error: mce write submit urb error = -90 [ 356.504459][ T974] mceusb 7-1:0.0: Error: mce write submit urb error = -90 [ 356.540417][ T974] mceusb 7-1:0.0: Registered 424242424242 with mce emulator interface version 1 [ 356.565903][ T974] mceusb 7-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 356.579578][ T974] usb 7-1: USB disconnect, device number 8 [ 357.569018][T18962] ceph: missing cluster fsid [ 357.576754][T18962] ceph: separator ':' missing in source [ 358.674386][T18995] netlink: 'syz.6.5172': attribute type 1 has an invalid length. [ 359.025700][T19009] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5178'. [ 359.146384][T19015] netlink: 20 bytes leftover after parsing attributes in process `syz.6.5181'. [ 359.211888][T19015] netlink: 20 bytes leftover after parsing attributes in process `syz.6.5181'. [ 359.551935][T18943] Set syz1 is full, maxelem 65536 reached [ 359.974871][T19047] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5196'. [ 360.649561][T19063] netlink: 36 bytes leftover after parsing attributes in process `syz.2.5203'. [ 360.712974][T19065] netlink: 16 bytes leftover after parsing attributes in process `syz.2.5205'. [ 360.732773][T19065] netlink: 16 bytes leftover after parsing attributes in process `syz.2.5205'. [ 360.864611][T19070] delete_channel: no stack [ 360.875444][T19074] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5209'. [ 361.232983][T19089] netlink: 24 bytes leftover after parsing attributes in process `syz.5.5216'. [ 361.917829][T19115] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5227'. [ 361.947422][T19115] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5227'. [ 361.962007][T19115] netlink: 40 bytes leftover after parsing attributes in process `syz.6.5227'. [ 362.191858][ T2098] usb 3-1: new high-speed USB device number 30 using dummy_hcd [ 362.341930][ T2098] usb 3-1: Using ep0 maxpacket: 16 [ 362.351590][ T2098] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 362.372814][ T2098] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 362.391927][ T2098] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 362.401685][ T2098] usb 3-1: config 0 interface 0 has no altsetting 0 [ 362.418435][ T2098] usb 3-1: New USB device found, idVendor=0458, idProduct=0153, bcdDevice= 0.00 [ 362.435068][ T2098] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 362.444958][ T2098] usb 3-1: config 0 descriptor?? [ 362.552030][ T26] usb 7-1: new high-speed USB device number 9 using dummy_hcd [ 362.701865][ T26] usb 7-1: Using ep0 maxpacket: 16 [ 362.722293][ T26] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 362.747455][ T26] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 362.775508][ T26] usb 7-1: New USB device found, idVendor=1770, idProduct=ff00, bcdDevice= 0.00 [ 362.804980][ T26] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 362.835977][ T26] usb 7-1: config 0 descriptor?? [ 362.857815][ T2098] kye 0003:0458:0153.0027: unexpected long global item [ 362.871264][ T2098] kye 0003:0458:0153.0027: parse failed [ 362.887963][ T2098] kye 0003:0458:0153.0027: probe with driver kye failed with error -22 [ 363.072036][ T2098] usb 3-1: USB disconnect, device number 30 [ 363.182463][T19159] netlink: 124 bytes leftover after parsing attributes in process `syz.4.5248'. [ 363.256644][ T26] gt683r_led 0003:1770:FF00.0028: unknown main item tag 0x0 [ 363.265527][ T26] gt683r_led 0003:1770:FF00.0028: unknown main item tag 0x0 [ 363.280708][ T26] gt683r_led 0003:1770:FF00.0028: unknown main item tag 0x0 [ 363.289313][ T26] gt683r_led 0003:1770:FF00.0028: unknown main item tag 0x0 [ 363.304802][ T26] gt683r_led 0003:1770:FF00.0028: unknown main item tag 0x0 [ 363.319129][ T26] gt683r_led 0003:1770:FF00.0028: hidraw0: USB HID v0.00 Device [HID 1770:ff00] on usb-dummy_hcd.6-1/input0 [ 363.468178][ T26] usb 7-1: USB disconnect, device number 9 [ 363.479839][ T2098] gt683r_led 0003:1770:FF00.0028: failed to send set report request: -19 [ 363.489850][T19171] 9pnet_fd: Insufficient options for proto=fd [ 363.588272][T19175] can0: slcan on ptm0. [ 363.664012][T19172] can0 (unregistered): slcan off ptm0. [ 363.754811][T19180] bridge0: port 1(bridge_slave_0) entered disabled state [ 363.947487][T19189] netlink: 36 bytes leftover after parsing attributes in process `syz.4.5261'. [ 364.167050][T19201] netlink: 388 bytes leftover after parsing attributes in process `syz.7.5268'. [ 364.686696][T19223] random: crng reseeded on system resumption [ 365.462038][ T974] usb 3-1: new high-speed USB device number 31 using dummy_hcd [ 365.631877][ T974] usb 3-1: Using ep0 maxpacket: 8 [ 365.640468][ T974] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 365.652765][ T974] usb 3-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d [ 365.662634][ T974] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105 [ 365.674250][ T974] usb 3-1: SerialNumber: syz [ 365.693033][ T974] usb 3-1: config 0 descriptor?? [ 365.907784][ T974] usb 3-1: Found UVC 0.00 device (05ac:8501) [ 365.926686][ T974] usb 3-1: No valid video chain found. [ 366.028233][ T974] kernel write not supported for file /input/event2 (pid: 974 comm: kworker/0:2) [ 366.115971][ T974] usb 3-1: USB disconnect, device number 31 [ 366.422109][ T5832] usb 7-1: new high-speed USB device number 10 using dummy_hcd [ 366.601871][ T5832] usb 7-1: Using ep0 maxpacket: 8 [ 366.612718][ T5832] usb 7-1: config 0 interface 0 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0 [ 366.622780][ T5832] usb 7-1: config 0 interface 0 has no altsetting 0 [ 366.629393][ T5832] usb 7-1: New USB device found, idVendor=1038, idProduct=12b6, bcdDevice= 0.00 [ 366.651918][ T5832] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 366.671838][ T5832] usb 7-1: config 0 descriptor?? [ 366.863176][T19282] ip6erspan0: entered promiscuous mode [ 367.105153][ T5832] steelseries 0003:1038:12B6.0029: hidraw0: USB HID v0.00 Device [HID 1038:12b6] on usb-dummy_hcd.6-1/input0 [ 367.548350][ T974] usb 7-1: USB disconnect, device number 10 [ 367.862871][T19302] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5315'. [ 368.820675][T19335] hsr0: entered promiscuous mode [ 369.020598][T19343] netlink: 'syz.4.5334': attribute type 4 has an invalid length. [ 369.173499][T19351] overlayfs: failed to clone lowerpath [ 371.070969][T19429] usb usb1: usbfs: process 19429 (syz.7.5375) did not claim interface 0 before use [ 371.281157][T19433] vim2m vim2m.0: vidioc_s_fmt queue busy [ 371.743889][T19450] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5383'. [ 372.407832][ T30] audit: type=1326 audit(1742483052.624:388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19468 comm="syz.5.5393" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd2c758d169 code=0x0 [ 372.718962][T19482] netlink: 165 bytes leftover after parsing attributes in process `syz.7.5399'. [ 372.945298][T19491] block nbd7: shutting down sockets [ 374.060909][T19524] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 375.831395][T19597] netlink: 'syz.5.5447': attribute type 22 has an invalid length. [ 375.982119][ T974] usb 7-1: new high-speed USB device number 11 using dummy_hcd [ 376.151821][ T974] usb 7-1: Using ep0 maxpacket: 16 [ 376.178185][ T974] usb 7-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 376.220558][ T974] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 376.259310][ T974] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 376.280458][ T974] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 376.289825][ T974] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 376.328107][ T974] usb 7-1: Product: syz [ 376.336788][ T974] usb 7-1: Manufacturer: syz [ 376.341455][ T974] usb 7-1: SerialNumber: syz [ 376.603496][T19609] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5452'. [ 376.641895][T19609] netlink: 48 bytes leftover after parsing attributes in process `syz.7.5452'. [ 376.706761][T19609] vlan2: entered allmulticast mode [ 376.721449][ T974] usb 7-1: 0:2 : does not exist [ 376.786283][ T974] usb 7-1: USB disconnect, device number 11 [ 377.382051][ T5139] Bluetooth: hci3: command 0x0405 tx timeout [ 378.505868][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.512280][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.775478][T19704] bridge_slave_1: entered allmulticast mode [ 379.609069][T19738] netlink: 6 bytes leftover after parsing attributes in process `syz.4.5509'. [ 381.090946][T19809] netlink: 68 bytes leftover after parsing attributes in process `syz.4.5544'. [ 381.254999][ T30] audit: type=1326 audit(1742483061.474:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19814 comm="syz.2.5546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe51e78d169 code=0x7ffc0000 [ 381.343025][ T30] audit: type=1326 audit(1742483061.474:390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19814 comm="syz.2.5546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe51e78d169 code=0x7ffc0000 [ 381.427404][ T30] audit: type=1326 audit(1742483061.504:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19814 comm="syz.2.5546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=237 compat=0 ip=0x7fe51e78d169 code=0x7ffc0000 [ 381.486864][ T30] audit: type=1326 audit(1742483061.504:392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19814 comm="syz.2.5546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe51e78d169 code=0x7ffc0000 [ 381.554036][ T30] audit: type=1326 audit(1742483061.504:393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19814 comm="syz.2.5546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe51e78d169 code=0x7ffc0000 [ 381.631794][ T30] audit: type=1326 audit(1742483061.504:394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19814 comm="syz.2.5546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=450 compat=0 ip=0x7fe51e78d169 code=0x7ffc0000 [ 381.706712][ T30] audit: type=1326 audit(1742483061.504:395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19814 comm="syz.2.5546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe51e78d169 code=0x7ffc0000 [ 381.760103][T19835] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5556'. [ 381.776987][ T30] audit: type=1326 audit(1742483061.504:396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19814 comm="syz.2.5546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe51e78d169 code=0x7ffc0000 [ 382.041649][T19847] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 382.053468][T19844] Invalid logical block size (131072) [ 382.225144][T19855] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5566'. [ 382.309176][ T30] audit: type=1326 audit(1742483062.524:397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19858 comm="syz.4.5568" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0e6778d169 code=0x0 [ 382.673734][T19872] netlink: 48 bytes leftover after parsing attributes in process `syz.5.5572'. [ 383.254338][T19889] autofs4:pid:19889:validate_dev_ioctl: invalid path supplied for cmd(0xc0189379) [ 383.704204][T19899] netlink: 164 bytes leftover after parsing attributes in process `syz.2.5585'. [ 385.746288][T19967] netlink: 312 bytes leftover after parsing attributes in process `syz.2.5614'. [ 386.269502][T19987] tap0: tun_chr_ioctl cmd 1074025680 [ 386.478740][T20001] netlink: 36 bytes leftover after parsing attributes in process `syz.7.5631'. [ 386.491868][T20001] netlink: 28 bytes leftover after parsing attributes in process `syz.7.5631'. [ 386.532087][ T974] usb 3-1: new high-speed USB device number 32 using dummy_hcd [ 386.721906][ T974] usb 3-1: Using ep0 maxpacket: 32 [ 386.743756][ T974] usb 3-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0 [ 386.761755][ T974] usb 3-1: config 0 interface 0 altsetting 16 endpoint 0x2 has an invalid bInterval 129, changing to 11 [ 386.778046][ T974] usb 3-1: config 0 interface 0 altsetting 16 has 2 endpoint descriptors, different from the interface descriptor's value: 5 [ 386.793685][ T974] usb 3-1: config 0 interface 0 has no altsetting 0 [ 386.800325][ T974] usb 3-1: New USB device found, idVendor=1b1c, idProduct=0c10, bcdDevice= 0.00 [ 386.816829][ T974] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 386.851205][ T974] usb 3-1: config 0 descriptor?? [ 387.287621][T20034] --map-set only usable from mangle table [ 387.311969][ T974] corsair-cpro 0003:1B1C:0C10.002A: hidraw0: USB HID v0.00 Device [HID 1b1c:0c10] on usb-dummy_hcd.2-1/input0 [ 387.501292][ T974] corsair-cpro 0003:1B1C:0C10.002A: probe with driver corsair-cpro failed with error -71 [ 387.542351][ T974] usb 3-1: USB disconnect, device number 32 [ 388.956350][T20084] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5670'. [ 389.422465][T20104] usb usb8: usbfs: process 20104 (syz.2.5675) did not claim interface 0 before use [ 389.562477][T20110] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5679'. [ 389.684756][T20118] xt_hashlimit: max too large, truncated to 1048576 [ 389.702967][T20118] Cannot find set identified by id 0 to match [ 390.853992][T20152] mkiss: ax0: crc mode is auto. [ 391.155081][T20166] tipc: New replicast peer: 255.255.255.255 [ 391.162213][T20166] tipc: Enabled bearer , priority 10 [ 392.181912][ T10] tipc: Node number set to 3758096385 [ 392.537396][T20202] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5732'. [ 393.350749][T20228] Falling back ldisc for ptm0. [ 393.706701][T20245] kAFS: unable to lookup cell '(,/¾ûM' [ 394.688424][T20288] netlink: 20 bytes leftover after parsing attributes in process `syz.7.5760'. [ 394.794130][ T26] usb 3-1: new high-speed USB device number 33 using dummy_hcd [ 394.971816][ T26] usb 3-1: Using ep0 maxpacket: 16 [ 394.983320][ T26] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 395.010270][ T26] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 395.033603][ T26] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 395.061930][ T26] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 395.081356][ T26] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 395.113643][ T26] usb 3-1: config 0 descriptor?? [ 395.300986][T20310] 9pnet_fd: Insufficient options for proto=fd [ 395.533287][ T26] microsoft 0003:045E:07DA.002B: unknown main item tag 0x2 [ 395.540970][ T26] microsoft 0003:045E:07DA.002B: unknown main item tag 0x0 [ 395.558506][ T26] microsoft 0003:045E:07DA.002B: unknown main item tag 0x0 [ 395.596583][ T26] microsoft 0003:045E:07DA.002B: unknown main item tag 0x0 [ 395.614543][ T26] microsoft 0003:045E:07DA.002B: unknown main item tag 0x0 [ 395.650735][ T26] microsoft 0003:045E:07DA.002B: unknown main item tag 0x0 [ 395.661938][ T26] microsoft 0003:045E:07DA.002B: unknown main item tag 0x0 [ 395.681612][ T26] microsoft 0003:045E:07DA.002B: unknown main item tag 0x0 [ 395.710440][ T26] microsoft 0003:045E:07DA.002B: unknown main item tag 0x0 [ 395.725429][ T26] input: HID 045e:07da as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:045E:07DA.002B/input/input49 [ 395.770598][ T26] microsoft 0003:045E:07DA.002B: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0 [ 395.836857][ T26] usb 3-1: USB disconnect, device number 33 [ 396.022272][T20331] tipc: Started in network mode [ 396.040875][T20331] tipc: Node identity ff, cluster identity 4711 [ 396.061097][T20331] tipc: Enabling of bearer rejected, failed to enable media [ 397.815974][T20391] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5808'. [ 400.182604][T20494] netlink: 'syz.6.5855': attribute type 29 has an invalid length. [ 400.195410][T20495] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 400.210190][T20494] netlink: 'syz.6.5855': attribute type 29 has an invalid length. [ 400.232823][T20494] netlink: 'syz.6.5855': attribute type 29 has an invalid length. [ 400.571812][ T26] usb 3-1: new high-speed USB device number 34 using dummy_hcd [ 400.751878][ T26] usb 3-1: Using ep0 maxpacket: 8 [ 400.760476][ T26] usb 3-1: config 179 has an invalid interface number: 65 but max is 0 [ 400.779098][ T26] usb 3-1: config 179 has no interface number 0 [ 400.791978][ T26] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 400.814079][ T26] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 400.826745][ T26] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 400.839756][ T26] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 400.851406][ T26] usb 3-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 400.865089][ T26] usb 3-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 400.888968][ T26] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 400.905290][T20501] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 401.148005][ T26] input: Generic X-Box pad as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:179.65/input/input50 [ 401.368373][ T26] usb 3-1: USB disconnect, device number 34 [ 401.368430][ C1] xpad 3-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 401.368468][ C1] xpad 3-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 401.393454][ T26] xpad 3-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 401.696851][T20533] bridge_slave_1: left promiscuous mode [ 401.703283][T20533] bridge0: port 2(bridge_slave_1) entered disabled state [ 401.968122][T20541] trusted_key: encrypted_key: keyword 'upcate' not recognized [ 402.458909][ T30] audit: type=1326 audit(1742483082.674:398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20555 comm="syz.6.5882" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcb55b8d169 code=0x0 [ 402.749598][T20568] macvlan0: entered allmulticast mode [ 402.757730][T20568] veth1_vlan: entered allmulticast mode [ 402.774006][T20568] pim6reg: entered allmulticast mode [ 403.322755][T20596] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5901'. [ 403.351049][T20596] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5901'. [ 403.623641][T20616] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5909'. [ 403.847691][ T30] audit: type=1326 audit(1742483084.064:399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20622 comm="syz.6.5913" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb55b8d169 code=0x7ffc0000 [ 403.901861][ T30] audit: type=1326 audit(1742483084.064:400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20622 comm="syz.6.5913" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb55b8d169 code=0x7ffc0000 [ 403.959584][ T30] audit: type=1326 audit(1742483084.064:401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20622 comm="syz.6.5913" exe="/root/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7fcb55b8d169 code=0x7ffc0000 [ 404.005417][ T30] audit: type=1326 audit(1742483084.064:402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20622 comm="syz.6.5913" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb55b8d169 code=0x7ffc0000 [ 404.050689][ T30] audit: type=1326 audit(1742483084.064:403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20622 comm="syz.6.5913" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb55b8d169 code=0x7ffc0000 [ 404.102192][ C1] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 404.226695][T20640] netlink: 'syz.4.5921': attribute type 10 has an invalid length. [ 404.235191][T20640] netlink: 40 bytes leftover after parsing attributes in process `syz.4.5921'. [ 404.244517][T20640] team0: entered promiscuous mode [ 404.250162][T20640] team_slave_0: entered promiscuous mode [ 404.269041][T20640] team_slave_1: entered promiscuous mode [ 404.283391][T20640] team0: entered allmulticast mode [ 404.295970][T20640] team_slave_0: entered allmulticast mode [ 404.303683][T20640] team_slave_1: entered allmulticast mode [ 404.316303][T20640] bridge0: port 3(team0) entered blocking state [ 404.357012][T20640] bridge0: port 3(team0) entered disabled state [ 404.396377][T20640] bridge0: port 3(team0) entered blocking state [ 404.402845][T20640] bridge0: port 3(team0) entered forwarding state [ 404.646748][ T30] audit: type=1326 audit(1742483084.864:404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20653 comm="syz.4.5928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e6778d169 code=0x7ffc0000 [ 404.672025][ T30] audit: type=1326 audit(1742483084.864:405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20653 comm="syz.4.5928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e6778d169 code=0x7ffc0000 [ 404.694969][ T30] audit: type=1326 audit(1742483084.864:406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20653 comm="syz.4.5928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=264 compat=0 ip=0x7f0e6778d169 code=0x7ffc0000 [ 404.727606][ T30] audit: type=1326 audit(1742483084.864:407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20653 comm="syz.4.5928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e6778d169 code=0x7ffc0000 [ 406.636166][T20717] input: syz0 as /devices/virtual/input/input51 [ 406.937195][T20729] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5962'. [ 407.013257][T20731] Invalid logical block size (2047) [ 407.522059][T20756] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 408.112200][ T26] usb 7-1: new high-speed USB device number 12 using dummy_hcd [ 408.285737][ T26] usb 7-1: unable to get BOS descriptor or descriptor too short [ 408.298440][ T26] usb 7-1: unable to read config index 0 descriptor/start: -71 [ 408.315137][ T26] usb 7-1: can't read configurations, error -71 [ 408.428287][T20793] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5993'. [ 408.804357][T20806] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6000'. [ 408.844402][T20806] openvswitch: netlink: VXLAN extension 12922 out of range max 1 [ 409.229905][T20820] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6006'. [ 409.396227][T20830] netlink: 8 bytes leftover after parsing attributes in process `syz.7.6012'. [ 409.522241][T20834] netlink: 20 bytes leftover after parsing attributes in process `syz.2.6014'. [ 410.056654][ T30] kauditd_printk_skb: 1 callbacks suppressed [ 410.056671][ T30] audit: type=1326 audit(1742483090.274:409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20854 comm="syz.6.6024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb55b8d169 code=0x7ffc0000 [ 410.136643][ T30] audit: type=1326 audit(1742483090.274:410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20854 comm="syz.6.6024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb55b8d169 code=0x7ffc0000 [ 410.220869][ T30] audit: type=1326 audit(1742483090.274:411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20854 comm="syz.6.6024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcb55b8d169 code=0x7ffc0000 [ 410.291179][ T30] audit: type=1326 audit(1742483090.274:412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20854 comm="syz.6.6024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb55b8d169 code=0x7ffc0000 [ 410.365206][ T30] audit: type=1326 audit(1742483090.274:413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20854 comm="syz.6.6024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb55b8d169 code=0x7ffc0000 [ 410.463394][ T30] audit: type=1326 audit(1742483090.284:414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20854 comm="syz.6.6024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcb55b8d169 code=0x7ffc0000 [ 410.520002][ T30] audit: type=1326 audit(1742483090.284:415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20854 comm="syz.6.6024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb55b8d169 code=0x7ffc0000 [ 410.572536][T20869] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6030'. [ 410.598030][ T30] audit: type=1326 audit(1742483090.284:416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20854 comm="syz.6.6024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb55b8d169 code=0x7ffc0000 [ 410.680657][ T30] audit: type=1326 audit(1742483090.284:417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20854 comm="syz.6.6024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=160 compat=0 ip=0x7fcb55b8d169 code=0x7ffc0000 [ 410.713333][ T30] audit: type=1326 audit(1742483090.284:418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20854 comm="syz.6.6024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb55b8d169 code=0x7ffc0000 [ 411.313630][T20894] netlink: 'syz.6.6040': attribute type 1 has an invalid length. [ 411.663265][T20901] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6043'. [ 412.236659][T20925] IPVS: set_ctl: invalid protocol: 41 172.20.20.28:20001 [ 412.263410][T20925] Non-string source [ 413.016050][T20956] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6068'. [ 413.751894][T20980] netlink: 'syz.6.6078': attribute type 10 has an invalid length. [ 413.779795][T20980] netlink: 40 bytes leftover after parsing attributes in process `syz.6.6078'. [ 413.831974][T20980] team0: entered promiscuous mode [ 413.837058][T20980] team_slave_0: entered promiscuous mode [ 413.872171][T20980] team_slave_1: entered promiscuous mode [ 413.877975][T20980] team0: entered allmulticast mode [ 413.907020][T20980] team_slave_0: entered allmulticast mode [ 413.927324][T20980] team_slave_1: entered allmulticast mode [ 413.944699][T20980] bridge0: port 2(team0) entered blocking state [ 413.972540][T20980] bridge0: port 2(team0) entered disabled state [ 414.238086][T21001] netlink: 16 bytes leftover after parsing attributes in process `syz.5.6089'. [ 414.588175][T21014] netlink: 'syz.2.6094': attribute type 9 has an invalid length. [ 414.600890][T21014] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6094'. [ 414.623653][T21014] macvlan2: entered promiscuous mode [ 414.629148][T21014] macvlan2: entered allmulticast mode [ 414.660459][T21014] hsr0: entered allmulticast mode [ 414.680203][T21014] hsr_slave_0: entered allmulticast mode [ 414.697027][T21014] hsr_slave_1: entered allmulticast mode [ 414.859388][T21020] Set syz1 is full, maxelem 65536 reached [ 415.159088][T21030] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6102'. [ 415.218826][T21034] netlink: 'syz.2.6104': attribute type 1 has an invalid length. [ 415.242824][T21036] netlink: 'syz.6.6105': attribute type 1 has an invalid length. [ 415.260825][T21036] netlink: 'syz.6.6105': attribute type 4 has an invalid length. [ 415.287226][T21036] netlink: 192 bytes leftover after parsing attributes in process `syz.6.6105'. [ 415.317902][T21039] @: renamed from vlan0 (while UP) [ 416.042753][ T10] usb 3-1: new high-speed USB device number 35 using dummy_hcd [ 416.193204][ T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 416.211765][ T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 416.221534][ T10] usb 3-1: New USB device found, idVendor=054c, idProduct=024b, bcdDevice= 0.00 [ 416.271408][ T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 416.289715][ T10] usb 3-1: config 0 descriptor?? [ 416.396086][T21079] netlink: 'syz.7.6126': attribute type 10 has an invalid length. [ 416.713176][ T10] sony 0003:054C:024B.002C: unexpected long global item [ 416.720581][ T10] sony 0003:054C:024B.002C: parse failed [ 416.741949][ T10] sony 0003:054C:024B.002C: probe with driver sony failed with error -22 [ 416.922668][ T10] usb 3-1: USB disconnect, device number 35 [ 417.176023][T21104] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6135'. [ 418.925777][T21148] netlink: 60 bytes leftover after parsing attributes in process `syz.2.6156'. [ 418.925814][T21148] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6156'. [ 419.435584][T21158] A link change request failed with some changes committed already. Interface wg1 may have been left with an inconsistent configuration, please check. [ 421.578755][T21229] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6190'. [ 421.882832][T21243] netlink: 16 bytes leftover after parsing attributes in process `syz.4.6197'. [ 422.137758][T21255] syz_tun: entered allmulticast mode [ 422.155953][T21254] syz_tun: left allmulticast mode [ 422.406306][T21269] trusted_key: encrypted_key: keyword 'load' not allowed when called from .update method [ 422.427426][ T5139] Bluetooth: hci3: command 0x0405 tx timeout [ 423.589471][T21313] netlink: 'syz.5.6229': attribute type 1 has an invalid length. [ 423.607846][T21313] netlink: 134708 bytes leftover after parsing attributes in process `syz.5.6229'. [ 424.128703][ T30] kauditd_printk_skb: 2 callbacks suppressed [ 424.128719][ T30] audit: type=1326 audit(1742483105.340:421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21325 comm="syz.4.6235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e6778d169 code=0x7ffc0000 [ 424.201982][ T30] audit: type=1326 audit(1742483105.340:422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21325 comm="syz.4.6235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7f0e6778d169 code=0x7ffc0000 [ 424.286617][ T30] audit: type=1326 audit(1742483105.340:423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21325 comm="syz.4.6235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e6778d169 code=0x7ffc0000 [ 424.336828][ T30] audit: type=1326 audit(1742483105.340:424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21325 comm="syz.4.6235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e6778d169 code=0x7ffc0000 [ 424.396217][ T30] audit: type=1326 audit(1742483105.340:425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21325 comm="syz.4.6235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0e6778bad0 code=0x7ffc0000 [ 424.445747][ T30] audit: type=1326 audit(1742483105.340:426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21325 comm="syz.4.6235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e6778d169 code=0x7ffc0000 [ 424.496299][ T30] audit: type=1326 audit(1742483105.340:427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21325 comm="syz.4.6235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e6778d169 code=0x7ffc0000 [ 424.543965][ T30] audit: type=1326 audit(1742483105.360:428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21325 comm="syz.4.6235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f0e6778d169 code=0x7ffc0000 [ 424.611673][ T30] audit: type=1326 audit(1742483105.360:429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21325 comm="syz.4.6235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e6778d169 code=0x7ffc0000 [ 424.671769][ T30] audit: type=1326 audit(1742483105.360:430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21325 comm="syz.4.6235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e6778d169 code=0x7ffc0000 [ 426.381368][T21425] netlink: 36 bytes leftover after parsing attributes in process `syz.5.6281'. [ 427.307990][T21469] ptrace attach of "./syz-executor exec"[5831] was attempted by "\x22%"[21469] [ 427.712876][T21491] netlink: zone id is out of range [ 427.730212][T21491] netlink: zone id is out of range [ 427.743467][T21491] netlink: zone id is out of range [ 427.753063][T21491] netlink: zone id is out of range [ 427.761561][T21491] netlink: zone id is out of range [ 427.771757][T21491] netlink: zone id is out of range [ 427.786494][T21491] netlink: zone id is out of range [ 427.802459][T21491] netlink: zone id is out of range [ 427.810978][T21491] netlink: zone id is out of range [ 427.827329][T21491] netlink: zone id is out of range [ 428.584225][T21531] netlink: 52 bytes leftover after parsing attributes in process `syz.5.6324'. [ 428.846981][T21543] tap0: tun_chr_ioctl cmd 1074812118 [ 429.656405][T21576] IPVS: persistence engine module ip_vs_pe_ not found [ 430.972452][T21642] ax25_connect(): syz.6.6376 uses autobind, please contact jreuter@yaina.de [ 433.563902][T21753] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6426'. [ 433.638237][T21755] vxcan1: tx address claim with dlc 0 [ 433.711812][ T974] usb 3-1: new high-speed USB device number 36 using dummy_hcd [ 433.873065][ T974] usb 3-1: config 0 has an invalid interface number: 255 but max is 0 [ 433.881264][ T974] usb 3-1: config 0 has no interface number 0 [ 433.912298][ T974] usb 3-1: too many endpoints for config 0 interface 255 altsetting 255: 255, using maximum allowed: 30 [ 433.928939][ T974] usb 3-1: config 0 interface 255 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255 [ 433.950688][ T974] usb 3-1: config 0 interface 255 has no altsetting 0 [ 433.957646][ T974] usb 3-1: New USB device found, idVendor=0bda, idProduct=0177, bcdDevice=7d.0b [ 433.968567][ T974] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 433.992767][ T974] usb 3-1: config 0 descriptor?? [ 434.007241][ T974] ums-realtek 3-1:0.255: USB Mass Storage device detected [ 434.210743][ T974] usb 3-1: USB disconnect, device number 36 [ 434.491920][T21786] net_ratelimit: 74 callbacks suppressed [ 434.491938][T21786] openvswitch: netlink: Actions may not be safe on all matching packets [ 435.234384][T21822] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6457'. [ 435.710771][T21845] C: renamed from team_slave_0 (while UP) [ 435.738828][T21845] netlink: 156 bytes leftover after parsing attributes in process `syz.7.6470'. [ 435.791763][T21845] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check. [ 436.678783][T21886] tipc: New replicast peer: 255.255.255.255 [ 436.708039][T21886] tipc: Enabled bearer , priority 10 [ 436.872829][T21892] netlink: 20 bytes leftover after parsing attributes in process `syz.6.6490'. [ 437.060983][T21900] netlink: 'syz.6.6494': attribute type 29 has an invalid length. [ 437.071343][T21900] netlink: 'syz.6.6494': attribute type 29 has an invalid length. [ 437.105847][T21900] netlink: 'syz.6.6494': attribute type 29 has an invalid length. [ 437.115023][T21900] netlink: 'syz.6.6494': attribute type 29 has an invalid length. [ 437.139200][T21900] netlink: 'syz.6.6494': attribute type 29 has an invalid length. [ 437.152082][T21900] netlink: 'syz.6.6494': attribute type 29 has an invalid length. [ 437.170862][T21900] netlink: 'syz.6.6494': attribute type 29 has an invalid length. [ 437.180836][T21900] netlink: 'syz.6.6494': attribute type 29 has an invalid length. [ 437.701912][ T26] tipc: Node number set to 4278190080 [ 437.707473][ T2098] usb 7-1: new high-speed USB device number 14 using dummy_hcd [ 437.875557][ T2098] usb 7-1: New USB device found, idVendor=1645, idProduct=0008, bcdDevice=cf.36 [ 437.886097][T21935] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 437.897756][ T2098] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 437.915065][ T2098] usb 7-1: config 0 descriptor?? [ 438.100257][T21935] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 438.141060][ T2098] kaweth 7-1:0.0: Firmware present in device. [ 438.240973][T21935] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 438.331279][ T2098] kaweth 7-1:0.0: Statistics collection: 0 [ 438.360429][ T2098] kaweth 7-1:0.0: Multicast filter limit: 0 [ 438.370012][ T2098] kaweth 7-1:0.0: MTU: 0 [ 438.385514][ T2098] kaweth 7-1:0.0: Read MAC address 00:00:00:00:00:00 [ 438.399743][T21935] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 438.526065][T21935] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 438.543992][T21935] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 438.560001][T21935] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 438.579470][T21935] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 438.618358][T21949] netlink: 8 bytes leftover after parsing attributes in process `syz.7.6516'. [ 438.736627][ T2098] kaweth 7-1:0.0: Error setting SOFS wait [ 438.743267][ T2098] kaweth 7-1:0.0: probe with driver kaweth failed with error -5 [ 438.761742][ T2098] usb 7-1: USB disconnect, device number 14 [ 439.103390][ T30] kauditd_printk_skb: 1 callbacks suppressed [ 439.103406][ T30] audit: type=1326 audit(1742483120.320:432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21965 comm="syz.7.6524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f656318d169 code=0x7ffc0000 [ 439.138247][ T30] audit: type=1326 audit(1742483120.340:433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21965 comm="syz.7.6524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7f656318d169 code=0x7ffc0000 [ 439.339583][T21974] bridge_slave_0: invalid flags given to default FDB implementation [ 439.856214][T21998] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6539'. [ 439.957052][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 439.963574][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.511514][T22024] netlink: 8 bytes leftover after parsing attributes in process `syz.7.6553'. [ 440.911967][T22044] netdevsim netdevsim6: Direct firmware load for ./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa failed with error -2 [ 440.973326][T22044] netdevsim netdevsim6: Falling back to sysfs fallback for: ./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 441.628514][T22078] sctp: [Deprecated]: syz.4.6578 (pid 22078) Use of struct sctp_assoc_value in delayed_ack socket option. [ 441.628514][T22078] Use struct sctp_sack_info instead [ 547.071656][ C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 547.078737][ C1] rcu: 0-...!: (1 GPs behind) idle=0114/1/0x4000000000000000 softirq=71678/71679 fqs=3 [ 547.090013][ C1] rcu: (detected by 1, t=10505 jiffies, g=73825, q=234 ncpus=2) [ 547.097747][ C1] Sending NMI from CPU 1 to CPUs 0: [ 547.097778][ C0] NMI backtrace for cpu 0 [ 547.097799][ C0] CPU: 0 UID: 0 PID: 5826 Comm: syz-executor Not tainted 6.14.0-rc7-syzkaller-00074-ga7f2e10ecd8f #0 [ 547.097816][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 547.097826][ C0] RIP: 0010:__lock_acquire+0x451/0x2100 [ 547.097853][ C0] Code: 38 83 e3 03 c1 e3 10 09 cb 8b 4c 24 58 83 e1 01 c1 e1 12 c1 e0 14 31 d2 83 7c 24 28 00 0f 95 c2 c1 e2 13 c1 e5 15 09 d5 09 c5 <09> cd 09 dd 48 8b 44 24 18 0f b6 04 30 84 c0 0f 85 c9 13 00 00 44 [ 547.097865][ C0] RSP: 0018:ffffc900000078f0 EFLAGS: 00000006 [ 547.097879][ C0] RAX: 0000000000000000 RBX: 0000000000004000 RCX: 0000000000040000 [ 547.097889][ C0] RDX: 0000000000080000 RSI: dffffc0000000000 RDI: ffff8880668928f0 [ 547.097899][ C0] RBP: 0000000000080000 R08: 0000000000000001 R09: 0000000000000001 [ 547.097908][ C0] R10: dffffc0000000000 R11: fffffbfff2077a0f R12: ffff8880668928d4 [ 547.097919][ C0] R13: 000000000000000f R14: 0000000000000000 R15: ffffffff9a83f690 [ 547.097929][ C0] FS: 000055557140b500(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 547.097941][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 547.097951][ C0] CR2: 0000200000003c80 CR3: 000000006503c000 CR4: 00000000003526f0 [ 547.097964][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 547.097972][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 547.097981][ C0] Call Trace: [ 547.097986][ C0] [ 547.097993][ C0] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 547.098013][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 547.098034][ C0] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 547.098058][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 547.098076][ C0] ? nmi_handle+0x14f/0x5a0 [ 547.098097][ C0] ? nmi_handle+0x2a/0x5a0 [ 547.098117][ C0] ? __lock_acquire+0x451/0x2100 [ 547.098136][ C0] ? default_do_nmi+0x63/0x160 [ 547.098153][ C0] ? exc_nmi+0x123/0x1f0 [ 547.098168][ C0] ? end_repeat_nmi+0xf/0x53 [ 547.098194][ C0] ? __lock_acquire+0x451/0x2100 [ 547.098213][ C0] ? __lock_acquire+0x451/0x2100 [ 547.098234][ C0] ? __lock_acquire+0x451/0x2100 [ 547.098253][ C0] [ 547.098257][ C0] [ 547.098269][ C0] lock_acquire+0x1ed/0x550 [ 547.098288][ C0] ? debug_object_activate+0x17f/0x580 [ 547.098312][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 547.098331][ C0] ? __lock_acquire+0x1397/0x2100 [ 547.098357][ C0] _raw_spin_lock_irqsave+0xd5/0x120 [ 547.098376][ C0] ? debug_object_activate+0x17f/0x580 [ 547.098396][ C0] ? __pfx__raw_spin_lock_irqsave+0x10/0x10 [ 547.098419][ C0] debug_object_activate+0x17f/0x580 [ 547.098441][ C0] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 547.098458][ C0] ? __pfx_debug_object_activate+0x10/0x10 [ 547.098478][ C0] ? advance_sched+0xa02/0xca0 [ 547.098499][ C0] ? _raw_spin_lock_irq+0xdf/0x120 [ 547.098517][ C0] ? __pfx__raw_spin_lock_irq+0x10/0x10 [ 547.098537][ C0] enqueue_hrtimer+0x30/0x3c0 [ 547.098553][ C0] __hrtimer_run_queues+0x6cb/0xd30 [ 547.098575][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 547.098588][ C0] ? sched_clock+0x4a/0x70 [ 547.098604][ C0] ? read_tsc+0x9/0x20 [ 547.098618][ C0] ? ktime_get_update_offsets_now+0x38e/0x3b0 [ 547.098641][ C0] hrtimer_interrupt+0x403/0xa40 [ 547.098664][ C0] __sysvec_apic_timer_interrupt+0x110/0x420 [ 547.098687][ C0] sysvec_apic_timer_interrupt+0xa1/0xc0 [ 547.098713][ C0] [ 547.098717][ C0] [ 547.098723][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 547.098744][ C0] RIP: 0010:preempt_count_sub+0x67/0x170 [ 547.098760][ C0] Code: 81 e1 ff ff ff 7f 39 d9 7c 27 81 fb fe 00 00 00 77 07 0f b6 c0 85 c0 74 5f 65 8b 05 7b 51 74 7e f7 db 65 01 1d 72 51 74 7e 5b <41> 5e c3 cc cc cc cc 90 e8 3c cf 5a 03 85 c0 74 3a 48 c7 c0 14 03 [ 547.098772][ C0] RSP: 0018:ffffc900040975e0 EFLAGS: 00000297 [ 547.098784][ C0] RAX: 0000000080000001 RBX: ffffc900040976d0 RCX: 0000000000000001 [ 547.098794][ C0] RDX: dffffc0000000000 RSI: ffffc90004090000 RDI: 0000000000000001 [ 547.098804][ C0] RBP: ffffc900040976c0 R08: ffffc90004097d58 R09: 0000000000000000 [ 547.098814][ C0] R10: ffffc90004097710 R11: fffff52000812ee4 R12: dffffc0000000000 [ 547.098825][ C0] R13: ffffc900040976c0 R14: dffffc0000000000 R15: ffffc90004097d68 [ 547.098843][ C0] unwind_next_frame+0x18e6/0x22d0 [ 547.098867][ C0] ? evict+0x785/0x9a0 [ 547.098887][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 547.098905][ C0] arch_stack_walk+0x11c/0x150 [ 547.098928][ C0] ? vfs_rmdir+0x3d7/0x510 [ 547.098949][ C0] stack_trace_save+0x118/0x1d0 [ 547.098966][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 547.098985][ C0] ? __lock_acquire+0x1397/0x2100 [ 547.099007][ C0] kasan_save_stack+0x3f/0x60 [ 547.099025][ C0] ? kasan_save_stack+0x3f/0x60 [ 547.099043][ C0] ? kasan_record_aux_stack+0xaa/0xc0 [ 547.099058][ C0] ? call_rcu+0x168/0xac0 [ 547.099071][ C0] ? __destroy_inode+0x2d9/0x670 [ 547.099084][ C0] ? evict+0x785/0x9a0 [ 547.099118][ C0] ? __phys_addr+0xba/0x170 [ 547.099139][ C0] kasan_record_aux_stack+0xaa/0xc0 [ 547.099155][ C0] call_rcu+0x168/0xac0 [ 547.099169][ C0] ? bpf_inode_storage_free+0x77/0x2b0 [ 547.099184][ C0] ? __pfx_lock_release+0x10/0x10 [ 547.099204][ C0] ? __pfx_migrate_enable+0x10/0x10 [ 547.099223][ C0] ? __pfx_call_rcu+0x10/0x10 [ 547.099239][ C0] ? bpf_inode_storage_free+0x77/0x2b0 [ 547.099256][ C0] __destroy_inode+0x2d9/0x670 [ 547.099271][ C0] evict+0x785/0x9a0 [ 547.099292][ C0] ? __pfx_evict+0x10/0x10 [ 547.099312][ C0] ? _raw_spin_unlock+0x28/0x50 [ 547.099329][ C0] ? iput+0x713/0xa50 [ 547.099346][ C0] vfs_rmdir+0x3d7/0x510 [ 547.099367][ C0] do_rmdir+0x3b5/0x580 [ 547.099385][ C0] ? __virt_addr_valid+0x183/0x530 [ 547.099407][ C0] ? __pfx_do_rmdir+0x10/0x10 [ 547.099430][ C0] ? getname_flags+0x1e3/0x540 [ 547.099446][ C0] __x64_sys_unlinkat+0xde/0xf0 [ 547.099468][ C0] do_syscall_64+0xf3/0x230 [ 547.099490][ C0] ? clear_bhb_loop+0x35/0x90 [ 547.099511][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 547.099530][ C0] RIP: 0033:0x7f0e6778c747 [ 547.099547][ C0] Code: 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 07 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 547.099558][ C0] RSP: 002b:00007ffef46eeeb8 EFLAGS: 00000207 ORIG_RAX: 0000000000000107 [ 547.099572][ C0] RAX: ffffffffffffffda RBX: 0000000000000065 RCX: 00007f0e6778c747 [ 547.099582][ C0] RDX: 0000000000000200 RSI: 00007ffef46f0000 RDI: 00000000ffffff9c [ 547.099592][ C0] RBP: 00007f0e6780e08c R08: 0000000000000000 R09: 0000000000000000 [ 547.099601][ C0] R10: 0000000000000100 R11: 0000000000000207 R12: 00007ffef46f0000 [ 547.099610][ C0] R13: 00007f0e6780e08c R14: 000000000006be04 R15: 00007ffef46f0040 [ 547.099626][ C0] [ 547.099772][ C1] rcu: rcu_preempt kthread starved for 10490 jiffies! g73825 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1 [ 547.772187][ C1] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 547.782168][ C1] rcu: RCU grace-period kthread stack dump: [ 547.788058][ C1] task:rcu_preempt state:R running task stack:25784 pid:18 tgid:18 ppid:2 task_flags:0x208040 flags:0x00004000 [ 547.801565][ C1] Call Trace: [ 547.804851][ C1] [ 547.807825][ C1] __schedule+0x18bc/0x4c40 [ 547.812373][ C1] ? _raw_spin_unlock_irqrestore+0x8f/0x140 [ 547.818302][ C1] ? __pfx___schedule+0x10/0x10 [ 547.823172][ C1] ? __pfx_lock_release+0x10/0x10 [ 547.828231][ C1] ? __pfx___mod_timer+0x10/0x10 [ 547.833190][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 547.839536][ C1] ? schedule+0x90/0x320 [ 547.843792][ C1] schedule+0x14b/0x320 [ 547.847968][ C1] schedule_timeout+0x15a/0x290 [ 547.852832][ C1] ? __pfx_schedule_timeout+0x10/0x10 [ 547.858216][ C1] ? __pfx_process_timeout+0x10/0x10 [ 547.863518][ C1] ? prepare_to_swait_event+0x330/0x350 [ 547.869086][ C1] rcu_gp_fqs_loop+0x2df/0x1330 [ 547.873952][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 547.879178][ C1] ? __pfx_rcu_watching_snap_recheck+0x10/0x10 [ 547.885349][ C1] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 547.890670][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 547.896590][ C1] ? finish_swait+0xd4/0x1e0 [ 547.901193][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 547.906406][ C1] rcu_gp_kthread+0xa7/0x3b0 [ 547.911032][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 547.916243][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 547.922156][ C1] ? __kthread_parkme+0x169/0x1d0 [ 547.927213][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 547.932443][ C1] kthread+0x7a9/0x920 [ 547.936535][ C1] ? __pfx_kthread+0x10/0x10 [ 547.941148][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 547.946399][ C1] ? __pfx_kthread+0x10/0x10 [ 547.951006][ C1] ? __pfx_kthread+0x10/0x10 [ 547.955623][ C1] ? __pfx_kthread+0x10/0x10 [ 547.960235][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 547.965448][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 547.970702][ C1] ? __pfx_kthread+0x10/0x10 [ 547.975318][ C1] ret_from_fork+0x4b/0x80 [ 547.979780][ C1] ? __pfx_kthread+0x10/0x10 [ 547.984395][ C1] ret_from_fork_asm+0x1a/0x30 [ 547.989193][ C1] [ 547.992222][ C1] rcu: Stack dump where RCU GP kthread last ran: [ 547.998548][ C1] CPU: 1 UID: 0 PID: 22093 Comm: syz.6.6587 Not tainted 6.14.0-rc7-syzkaller-00074-ga7f2e10ecd8f #0 [ 548.009324][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 548.019413][ C1] RIP: 0010:smp_call_function_many_cond+0x1ba4/0x2d30 [ 548.026205][ C1] Code: 03 84 c0 75 7e 45 8b 65 00 44 89 e6 83 e6 01 31 ff e8 c0 f4 0b 00 41 83 e4 01 4c 8b 64 24 68 75 07 e8 70 f0 0b 00 eb 41 f3 90 <48> b8 00 00 00 00 00 fc ff df 0f b6 04 03 84 c0 75 11 41 f7 45 00 [ 548.045820][ C1] RSP: 0018:ffffc900103d7880 EFLAGS: 00000293 [ 548.051901][ C1] RAX: ffffffff81b5efd5 RBX: 1ffff110170c8c75 RCX: ffff88802d473c00 [ 548.059884][ C1] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 548.067872][ C1] RBP: ffffc900103d7a80 R08: ffffffff81b5efa0 R09: 1ffffffff28a2f08 [ 548.075854][ C1] R10: dffffc0000000000 R11: fffffbfff28a2f09 R12: ffff8880b873f9c8 [ 548.083850][ C1] R13: ffff8880b86463a8 R14: ffff8880b873f9c0 R15: 0000000000000000 [ 548.091833][ C1] FS: 000055558c14d500(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 548.100773][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 548.107363][ C1] CR2: 0000001b2e91bff8 CR3: 0000000032096000 CR4: 00000000003526f0 [ 548.115344][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 548.123366][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 548.131348][ C1] Call Trace: [ 548.134637][ C1] [ 548.137498][ C1] ? rcu_check_gp_kthread_starvation+0x278/0x310 [ 548.143894][ C1] ? print_other_cpu_stall+0x1481/0x15c0 [ 548.149559][ C1] ? __pfx_print_other_cpu_stall+0x10/0x10 [ 548.155438][ C1] ? cgroup_rstat_updated+0x13b/0xc30 [ 548.160832][ C1] ? kvm_check_and_clear_guest_paused+0x6a/0xd0 [ 548.167096][ C1] ? rcu_sched_clock_irq+0xa26/0x10e0 [ 548.172490][ C1] ? __pfx_rcu_sched_clock_irq+0x10/0x10 [ 548.178144][ C1] ? update_process_times+0x242/0x2f0 [ 548.183535][ C1] ? tick_nohz_handler+0x37c/0x500 [ 548.188696][ C1] ? __pfx_tick_nohz_handler+0x10/0x10 [ 548.194188][ C1] ? __hrtimer_run_queues+0x551/0xd30 [ 548.199585][ C1] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 548.205321][ C1] ? sched_clock+0x4a/0x70 [ 548.209750][ C1] ? read_tsc+0x9/0x20 [ 548.213840][ C1] ? ktime_get_update_offsets_now+0x38e/0x3b0 [ 548.219938][ C1] ? hrtimer_interrupt+0x403/0xa40 [ 548.225080][ C1] ? __sysvec_apic_timer_interrupt+0x110/0x420 [ 548.231255][ C1] ? sysvec_apic_timer_interrupt+0xa1/0xc0 [ 548.237076][ C1] [ 548.240028][ C1] [ 548.242995][ C1] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 548.249173][ C1] ? smp_call_function_many_cond+0x1b90/0x2d30 [ 548.255347][ C1] ? smp_call_function_many_cond+0x1bc5/0x2d30 [ 548.261513][ C1] ? smp_call_function_many_cond+0x1ba4/0x2d30 [ 548.267682][ C1] ? trace_sys_enter+0x1e/0x120 [ 548.272554][ C1] ? trace_sys_enter+0x1e/0x120 [ 548.277431][ C1] ? __pfx___text_poke+0x10/0x10 [ 548.282387][ C1] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 548.288723][ C1] ? __pfx___might_resched+0x10/0x10 [ 548.294029][ C1] ? __pfx___mutex_trylock_common+0x10/0x10 [ 548.299936][ C1] ? __pfx_do_sync_core+0x10/0x10 [ 548.304986][ C1] on_each_cpu_cond_mask+0x3f/0x80 [ 548.310108][ C1] text_poke_bp_batch+0x352/0xb30 [ 548.315148][ C1] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 548.321162][ C1] ? arch_jump_label_transform_apply+0x17/0x30 [ 548.327333][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 548.332377][ C1] ? __pfx_text_poke_bp_batch+0x10/0x10 [ 548.337938][ C1] ? text_poke_queue+0x46/0x180 [ 548.342816][ C1] ? arch_jump_label_transform_queue+0x9b/0x100 [ 548.349074][ C1] ? __jump_label_update+0x379/0x3a0 [ 548.354381][ C1] text_poke_finish+0x30/0x50 [ 548.359068][ C1] arch_jump_label_transform_apply+0x1c/0x30 [ 548.365059][ C1] static_key_disable_cpuslocked+0xd2/0x1c0 [ 548.370965][ C1] static_key_disable+0x1a/0x20 [ 548.375835][ C1] tracepoint_probe_unregister+0x83c/0xa10 [ 548.381672][ C1] bpf_raw_tp_link_release+0x45/0x70 [ 548.386977][ C1] bpf_link_free+0xfd/0x3a0 [ 548.391498][ C1] bpf_link_release+0x78/0x90 [ 548.396186][ C1] ? __pfx_bpf_link_release+0x10/0x10 [ 548.401574][ C1] __fput+0x3e9/0x9f0 [ 548.405584][ C1] task_work_run+0x24f/0x310 [ 548.410187][ C1] ? _raw_spin_unlock+0x28/0x50 [ 548.415056][ C1] ? __pfx_task_work_run+0x10/0x10 [ 548.420180][ C1] ? syscall_exit_to_user_mode+0xa3/0x340 [ 548.425918][ C1] syscall_exit_to_user_mode+0x13f/0x340 [ 548.431581][ C1] do_syscall_64+0x100/0x230 [ 548.436192][ C1] ? clear_bhb_loop+0x35/0x90 [ 548.440917][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 548.446824][ C1] RIP: 0033:0x7fcb55b8d169 [ 548.451247][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 548.470860][ C1] RSP: 002b:00007ffe041ae2d8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 548.479285][ C1] RAX: 0000000000000000 RBX: 000000000006be49 RCX: 00007fcb55b8d169 [ 548.487264][ C1] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 548.495239][ C1] RBP: 00007fcb55da7ba0 R08: 0000000000000001 R09: 00000004041ae5cf [ 548.503216][ C1] R10: 00007fcb55a00000 R11: 0000000000000246 R12: 00007fcb55da5fac [ 548.511194][ C1] R13: 00007fcb55da5fa0 R14: ffffffffffffffff R15: 00007ffe041ae3f0 [ 548.519188][ C1] [ 548.522634][ C1] vkms_vblank_simulate: vblank timer overrun