last executing test programs: 1.771985185s ago: executing program 2 (id=4047): r0 = socket$inet6_udp(0xa, 0x2, 0x0) io_setup(0x2, &(0x7f0000000000)=0x0) close(0x3) r2 = socket$inet6_sctp(0xa, 0x801, 0x84) sendmmsg$inet6(r2, &(0x7f00000025c0)=[{{&(0x7f0000000000)={0xa, 0x4e22, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}}, 0x1c, &(0x7f0000000300)=[{&(0x7f0000000040)='P', 0x1}], 0x1}}, {{&(0x7f0000000100)={0xa, 0x0, 0x0, @private1}, 0x1c, &(0x7f0000002400)=[{&(0x7f0000000140)='i', 0x1}], 0x1}}], 0x2, 0x8010) shutdown(r2, 0x1) io_submit(r1, 0x1, &(0x7f00000001c0)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x5, 0x9, r0, 0x0, 0x0, 0x0, 0x0, 0x3}]) setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000000080)=0xe, 0x4) 1.604567504s ago: executing program 2 (id=4050): r0 = socket$nl_route(0x10, 0x3, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) io_uring_enter(0xffffffffffffffff, 0x2219, 0x7721, 0x16, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=@newlink={0x34, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x9801, 0x1303}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipip={{0x9}, {0x4}}}]}, 0x34}}, 0x0) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48011}, 0x4000000) 1.448878922s ago: executing program 2 (id=4055): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x400, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = eventfd2(0x7, 0x80001) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000000)={r2, 0x6, 0x2}) 1.215380848s ago: executing program 3 (id=4061): r0 = socket$inet6_udp(0xa, 0x2, 0x0) io_setup(0x2, &(0x7f0000000000)=0x0) close(0x3) r2 = socket$inet6_sctp(0xa, 0x801, 0x84) sendmmsg$inet6(r2, &(0x7f00000025c0)=[{{&(0x7f0000000000)={0xa, 0x4e22, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}}, 0x1c, &(0x7f0000000300)=[{&(0x7f0000000040)='P', 0x1}], 0x1}}, {{&(0x7f0000000100)={0xa, 0x0, 0x0, @private1}, 0x1c, &(0x7f0000002400)=[{&(0x7f0000000140)='i', 0x1}], 0x1}}], 0x2, 0x8010) shutdown(r2, 0x1) io_submit(r1, 0x1, &(0x7f00000001c0)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x5, 0x9, r0, 0x0, 0x0, 0x0, 0x0, 0x3}]) setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000000080)=0xe, 0x4) 1.198529392s ago: executing program 2 (id=4062): r0 = socket(0x10, 0x3, 0x0) sendmsg$NFNL_MSG_CTHELPER_DEL(0xffffffffffffffff, &(0x7f0000002100)={0x0, 0x0, &(0x7f00000020c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="740000000209010100000000000000000a"], 0x74}, 0x1, 0x0, 0x0, 0x4048000}, 0x40000) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, 0x0, 0x0) sendmsg$TCPDIAG_GETSOCK(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f00000000c0)=ANY=[@ANYBLOB="200000001200"], 0x54}, 0x1, 0x0, 0x0, 0x4000}, 0x40000) recvmmsg(r0, &(0x7f0000001900)=[{{0x0, 0x0, &(0x7f0000000d00)=[{&(0x7f0000000500)=""/159, 0x9f}], 0x1}, 0x4cc5a29b}], 0x1, 0x40012020, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x83, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f00000002c0)=ANY=[]) 1.1565334s ago: executing program 0 (id=4063): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0) getsockname$packet(r1, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000240)=@newlink={0x30, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x9801}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @gre={{0x8}, {0x4}}}]}, 0x30}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000002c0)=@newlink={0x34, 0x10, 0x439, 0x2000, 0x0, {0x0, 0x0, 0x0, r2, 0x7114, 0x4100}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @gre={{0x8}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x34}}, 0x0) 1.001531909s ago: executing program 0 (id=4066): r0 = socket$nl_route(0x10, 0x3, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) io_uring_enter(0xffffffffffffffff, 0x2219, 0x7721, 0x16, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=@newlink={0x34, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x9801, 0x1303}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipip={{0x9}, {0x4}}}]}, 0x34}}, 0x0) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48011}, 0x4000000) 971.656722ms ago: executing program 2 (id=4067): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, 0x0, 0x0}, 0x20) r1 = openat$cgroup_procs(r0, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f00000001c0), 0x12) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x19, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000400)={r2, 0x3, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) r3 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_udp_encap(r3, 0x11, 0x64, &(0x7f0000000080)=0x3, 0x4) 891.020828ms ago: executing program 3 (id=4070): openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x800, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x8, 0x4}}]}}]}, 0x48}}, 0x20040084) sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000008c0)=@newqdisc={0x8c, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r3, {0xc}, {0xffff, 0xffff}, {0x2, 0x1}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x4, [0xc, 0x5, 0x0, 0xf, 0x10, 0x2, 0x4, 0x2, 0xf, 0x6, 0x3, 0x7, 0x8, 0x4, 0x10, 0x4], 0x3, [0xb, 0x3, 0xad1e, 0x2002, 0x1, 0x4, 0x2, 0xd06, 0xff05, 0x2, 0xb, 0x3, 0x5, 0x6, 0xd, 0x100], [0xfff1, 0x5, 0xffff, 0xfff5, 0x4, 0x8, 0x1, 0x9, 0x5, 0x2, 0xc, 0x40, 0xfffc, 0x3, 0x1]}}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x400dc}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) r5 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=@newqdisc={0x8c, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffe00, {0x0, 0x0, 0x0, r6, {0x8}, {0xffff}, {0xfff2, 0xffe1}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x45, 0x1, {0xe, [0xc, 0x5, 0x0, 0xf, 0x10, 0x2, 0x4, 0x2, 0xf, 0x6, 0x6, 0x1, 0x8, 0x4, 0x10, 0x4], 0x3, [0xb, 0x5, 0x7fff, 0x2002, 0x1, 0x4, 0x2, 0xd06, 0xff05, 0x8000, 0xb, 0x3, 0x5, 0x6, 0xd, 0x100], [0x2, 0x5, 0x2, 0xfff5, 0x4, 0x8, 0x7, 0x9, 0x5, 0x2, 0xc, 0x40, 0xfffc, 0x3, 0x1, 0x1]}}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x400dc}, 0x0) 846.046856ms ago: executing program 0 (id=4071): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0) getsockname$packet(r1, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000002c0)=ANY=[@ANYBLOB="480000001000390429bd7000fbdbdf", @ANYRES32=r2, @ANYBLOB="0198000000000000280012800b000100697036746e6c000018000280140003007c"], 0x48}, 0x1, 0x0, 0x0, 0x20048001}, 0x4000004) r3 = socket$packet(0x11, 0x3, 0x300) sendto$packet(r3, &(0x7f0000000640)="e8b77052a9", 0x6e, 0x40, &(0x7f0000000200)={0x11, 0x86dd, r2, 0x1, 0x0, 0x6, @local}, 0x14) 818.566253ms ago: executing program 4 (id=4072): sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@ipv4_newrule={0x24, 0x20, 0x301, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, [@FRA_GENERIC_POLICY=@FRA_SPORT_RANGE={0x8, 0x17, {0x1, 0x4e24}}]}, 0x24}}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="2800000021000100"], 0x28}}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000000}, 0x0) r0 = socket(0x10, 0x3, 0x0) sendmmsg(r0, &(0x7f0000000000), 0x4000000000001f2, 0x0) 782.247473ms ago: executing program 1 (id=4073): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x15, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180200001e00000000000000000000007a02500003ffffff950000000016001b049cb83bd81ee7a5588a00"], &(0x7f0000000080)='GPL\x00', 0x4, 0xb, &(0x7f00000001c0)=""/152, 0x40f00}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x0, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) mbind(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x4005, &(0x7f0000000000)=0x6, 0x9, 0x2) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, 0x0, 0x0}, 0x94) 765.013894ms ago: executing program 2 (id=4074): r0 = open(0x0, 0x16b442, 0xa9) write$cgroup_subtree(r0, 0x0, 0x0) io_uring_setup(0x7d1, &(0x7f0000000580)={0x0, 0xddf9, 0x2, 0xfffffffe, 0x183}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x2, 0x200, @loopback, 0x7}, 0x1c) setsockopt$inet6_int(r1, 0x29, 0x4a, &(0x7f0000000040)=0x1, 0x4) setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000000)='dctcp', 0x5) sendto$inet6(r1, 0x0, 0x0, 0x20000045, &(0x7f0000000140)={0xa, 0x2, 0xffff, @loopback, 0x3}, 0x1c) write$P9_RMKNOD(r1, &(0x7f0000000280)={0x14, 0x13, 0x2, {0x4, 0x2}}, 0xfffffe5c) 764.342885ms ago: executing program 3 (id=4075): r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000040)={0x2, 0x7, 0x4, 0x7, 0x6, 0x6, 0x9, 0x2, 0x81, 0x81, 0x3, 0x73, 0x4, 0x1c}, 0xd) sendmsg$inet_sctp(r0, &(0x7f0000000700)={&(0x7f00000000c0)=@in={0x2, 0x4e24, @local}, 0x10, &(0x7f00000002c0)=[{&(0x7f0000000100)="12fe5dd172cb4a2ab91d710b3a441f5c166bceeaeea89ba8e1", 0x19}], 0x1, 0x0, 0x0, 0x804c040}, 0x2400c0d1) 653.240969ms ago: executing program 4 (id=4076): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0026}]}) r0 = fsopen(&(0x7f0000001340)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) r2 = openat$cgroup_procs(r1, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0) preadv2(r2, 0x0, 0x0, 0x7, 0x4, 0x0) 650.854544ms ago: executing program 1 (id=4077): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0) getsockname$packet(r1, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000240)=@newlink={0x38, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x9801}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @gre={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_LINK={0x8, 0x1, r2}]}}}]}, 0x38}}, 0x0) sendmsg$nl_route(r0, 0x0, 0x0) 602.263005ms ago: executing program 0 (id=4078): r0 = socket(0x10, 0x3, 0x0) sendmsg$NFNL_MSG_CTHELPER_DEL(0xffffffffffffffff, &(0x7f0000002100)={0x0, 0x0, &(0x7f00000020c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="740000000209010100000000000000000a"], 0x74}, 0x1, 0x0, 0x0, 0x4048000}, 0x40000) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, 0x0, 0x0) sendmsg$TCPDIAG_GETSOCK(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f00000000c0)=ANY=[@ANYBLOB="200000001200"], 0x54}, 0x1, 0x0, 0x0, 0x4000}, 0x40000) recvmmsg(r0, &(0x7f0000001900)=[{{0x0, 0x0, &(0x7f0000000d00)=[{&(0x7f0000000500)=""/159, 0x9f}], 0x1}, 0x4cc5a29b}], 0x1, 0x40012020, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x83, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f00000002c0)=ANY=[]) 588.745768ms ago: executing program 3 (id=4079): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000000c0)=@ipv6_newaddrlabel={0x1c, 0x18, 0x1, 0x10, 0x0, {0xa, 0x37}}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000080) 527.306417ms ago: executing program 4 (id=4080): bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1f, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000030000000000000000000000850800000f00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x15, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 496.199996ms ago: executing program 1 (id=4081): r0 = socket$inet6_udp(0xa, 0x2, 0x0) io_setup(0x2, &(0x7f0000000000)=0x0) close(0x3) r2 = socket$inet6_sctp(0xa, 0x801, 0x84) sendmmsg$inet6(r2, &(0x7f00000025c0)=[{{&(0x7f0000000000)={0xa, 0x4e22, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}}, 0x1c, &(0x7f0000000300)=[{&(0x7f0000000040)='P', 0x1}], 0x1}}, {{&(0x7f0000000100)={0xa, 0x0, 0x0, @private1}, 0x1c, &(0x7f0000002400)=[{&(0x7f0000000140)='i', 0x1}], 0x1}}], 0x2, 0x8010) r3 = eventfd(0x4) io_submit(r1, 0x1, &(0x7f00000001c0)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x5, 0x9, r0, 0x0, 0x0, 0x0, 0x0, 0x3, r3}]) setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000000080)=0xe, 0x4) 444.305308ms ago: executing program 3 (id=4082): r0 = socket$nl_route(0x10, 0x3, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) io_uring_enter(0xffffffffffffffff, 0x2219, 0x7721, 0x16, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=@newlink={0x34, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x9801, 0x1303}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipip={{0x9}, {0x4}}}]}, 0x34}}, 0x0) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="300000001000010025bd7000fbdbdf2500000000", @ANYRES32, @ANYBLOB="10080400030a000008003a"], 0x30}}, 0x4000014) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48011}, 0x4000000) 424.838491ms ago: executing program 0 (id=4083): mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0) syz_io_uring_setup(0xf00, &(0x7f0000000080)={0x0, 0xcc19, 0x13000, 0x0, 0x301}, 0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@newlink={0x3c, 0x10, 0xffffffffffffffff, 0x70bd26, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x60428, 0x2200}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x4}}}, @IFLA_NUM_TX_QUEUES={0x8, 0x1f, 0x83}]}, 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x4000) 352.043447ms ago: executing program 4 (id=4084): r0 = socket(0x2, 0x80805, 0x0) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r1, 0x0) close(r0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x7a, &(0x7f0000000340)={r2, @in={{0x2, 0x4e21, @remote}}}, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_RTOINFO(r1, 0x84, 0x0, &(0x7f0000000240)={r3, 0x401, 0xc, 0xffffffc7}, 0x10) 316.26416ms ago: executing program 0 (id=4085): r0 = gettid() timer_create(0x1, &(0x7f0000000800)={0x0, 0x21, 0x4, @tid=r0}, &(0x7f0000000000)) fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x3ed4, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9) timer_settime(0x0, 0x1, &(0x7f0000000040), 0x0) keyctl$revoke(0x3, 0x0) 300.775261ms ago: executing program 1 (id=4086): sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@ipv4_newrule={0x24, 0x20, 0x301, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, [@FRA_GENERIC_POLICY=@FRA_SPORT_RANGE={0x8, 0x17, {0x1, 0x4e24}}]}, 0x24}}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="2800000021000100"], 0x28}}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={0x0, 0xa0}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) r0 = socket(0x10, 0x3, 0x0) sendmmsg(r0, &(0x7f0000000000), 0x4000000000001f2, 0x0) 279.150434ms ago: executing program 4 (id=4087): openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x800, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x8, 0x4}}]}}]}, 0x48}}, 0x20040084) sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000008c0)=@newqdisc={0x8c, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r3, {0xc}, {0xffff, 0xffff}, {0x2, 0x1}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x4, [0xc, 0x5, 0x0, 0xf, 0x10, 0x2, 0x4, 0x2, 0xf, 0x6, 0x3, 0x7, 0x8, 0x4, 0x10, 0x4], 0x3, [0xb, 0x3, 0xad1e, 0x2002, 0x1, 0x4, 0x2, 0xd06, 0xff05, 0x2, 0xb, 0x3, 0x5, 0x6, 0xd, 0x100], [0xfff1, 0x5, 0xffff, 0xfff5, 0x4, 0x8, 0x1, 0x9, 0x5, 0x2, 0xc, 0x40, 0xfffc, 0x3, 0x1]}}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x400dc}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) r5 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=@newqdisc={0x8c, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffe00, {0x0, 0x0, 0x0, r6, {0x8}, {0xffff}, {0xfff2, 0xffe1}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x45, 0x1, {0xe, [0xc, 0x5, 0x0, 0xf, 0x10, 0x2, 0x4, 0x2, 0xf, 0x6, 0x6, 0x1, 0x8, 0x4, 0x10, 0x4], 0x3, [0xb, 0x5, 0x7fff, 0x2002, 0x1, 0x4, 0x2, 0xd06, 0xff05, 0x8000, 0xb, 0x3, 0x5, 0x6, 0xd, 0x100], [0x2, 0x5, 0x2, 0xfff5, 0x4, 0x8, 0x7, 0x9, 0x5, 0x2, 0xc, 0x40, 0xfffc, 0x3, 0x1, 0x1]}}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x400dc}, 0x0) 274.61264ms ago: executing program 3 (id=4088): timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=0x0) fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) futex(0x0, 0xc, 0x1, 0x0, &(0x7f0000048000), 0x0) 181.368588ms ago: executing program 1 (id=4089): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0) getsockname$packet(r1, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000002c0)=ANY=[@ANYBLOB="480000001000390429bd7000fbdbdf", @ANYRES32=r2, @ANYBLOB="0198000000000000280012800b000100697036746e6c000018000280140003007c"], 0x48}, 0x1, 0x0, 0x0, 0x20048001}, 0x4000004) r3 = socket$packet(0x11, 0x3, 0x300) sendto$packet(r3, &(0x7f0000000640)="e8b77052a9", 0x6e, 0x40, &(0x7f0000000200)={0x11, 0x86dd, r2, 0x1, 0x0, 0x6, @local}, 0x14) 1.545976ms ago: executing program 1 (id=4090): mknod$loop(&(0x7f00000001c0)='./file0\x00', 0x6000, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r0, &(0x7f0000006380)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x80f9a8, 0x3300, 0x40, 0x0, 0x40, 0xffffffff, 0x0, 0x0, 0x20}}, 0x50) syz_fuse_handle_req(r0, &(0x7f00000021c0)="d56cea33946c0eae3241d3604bfce89adddb2eb96960338db7572fa254eb7c69dc0cb526989630e26224c258c8d70ccacc5564d67723f4756c0399174c5460c4995942d24092c36dc820e97344798b5bb45423f853bf50e374323abacf0388cd091016b7a3d7843f4d3ae1658bd34d967e3323a64908442788dbc99c1f4248da53fb5be2c8001236b994ca594e3b3c588beaf3cb1c32c072d768b9e665e7d87044fdfc1fd6452593e6793963153f3850bf85042a5c139799ba8f6cb8d877fc436c4f1601270d6e29d60a4c80d6315e46f4219494ce897127d0b76f5d681e90f4e9282468ef7993cd92076aed266c1db8b81b93adc4969c9b89b32b8768c9f39f2d148e933dbb651746a9364f49986ef73b4c29f647b82b83216bb8179fe5346fdacdc5fda4bd48875cd2f1cf57a0c9a91e059446bac310a6d68948675c35a8e442168fd84d78d9800e5b05bdbce3a6eac65bee7279a3628f2a08931d3d52ce490652c20f8ae529eaf24bf421dad976c68b234ee6f6210c9f9aac3a55c6939d6aa3805b95619546264ff3ff82d0dc690e8ead61b6ed528c3c117cd771a3b7feb214ce8d720640d97f14b399b7f46dc4aad83117e8e642ccb117d13f345536fc3801c124cfaf8aa7aafff6c8df3fdd4469c077eccbd8ddacad80d9113dfde26ae67b226185743b2d53667fb3016fe114f87484ab614ddf0887c4b2c85351ab21a0ece6c066a154b38b4d7c1792d2db2cc5f8ceb42078187949d354b7a08d1529f3d10814757179c860db031dad4a3dc13ca01d1013238ed5f7a9674fcc77f0d34e2118fb851c970d86ecf9de1cfdb8d3ab197480e263c3207c3d7ebe17f9547c7c56b08e83de875294d0fd68df1926ecac24350b2c70bd73e14122ed480c564353d34049e67c26036fc35d04022cd35d6ac00756d3b8550bb22ae80a4bd630a00268d07fa249b0bf545dfbf01bea2f12b30738c6e13156244eb24e6d69ba7c3acdbbefe8bbc06b821aebf836ca07a3cc7b6b24686ed8f3b23085c893e72188b797651c5ab5cceb1465414a325f793a3af6d06eed7eb734ad05bc1f6619e8485259f570a482a67273ee01fe15dd938afce026f1111c7a38ed6d1aba34f009ce1e99140fd0db2de74150541fd48dd2ec5b1d15669de2ffe3a198184b6186ccda31aa64c585ff8cb65b67fe1455753895a88b6ab4c6bf1bb8329739178147e6f15801bfa707bd9ec9da662573ce07af684bb7c880a7d63b0a0a7300881408c44e95c679ea32b0eab845d0b333f245e8d6006258678704aa8cccdaf80cc46138d5b7a0804fdfa34c91d61a0d2fa6c62e7d1a675e5743f845ab40ea5df0182d6eb9781905c94751c75a411699a76f48433142c5f109d5dfddcc0b1dc6254efd5ea50d6ffbc7b9ca031e1a0123844b63c48b964645c6d24707582825e219bcd61677ed4fc45ee1f4be91b4c1b856d65a86acf22b8b0d588bc473248ac040326b1490c2fea24bc0c0a721e2ed63e39973cd4d38df1001dba9b9d995c229655dd26f3cd3d64077ec111e2c370717cb4cd068e0d3a52f1027d3df953e1f1ac768a7215a3695722b1b6714ce43801451a9532212b651d073c780d61712aebadd145c1cd95c1dc0dcf51850046ae5771e365f45858a36e48afe563ec0afee3803ff6a35bc25217b53eda39bb813b8d3d728c21a0b80d014003143666c0d1398cc46a01aaaf97117edda217f984010e7c5cf32535a669d4f11f6b70e3a3b823987ef7c9f878415063bf05205e13bcf7acb287bd0bb0fce77529a711f0ed145ea2ecf2194658dff17c5681cf8c7ad8521d235a705292af4878b3f124be2df661026c091d6c07aae1a74c919f7478d1083f70b3a0fe00c2e220ab998b4595268b6f7cabbfc85e59dfb6ab7a794cd3fd70d5cc4d70ca933a4452df5a345cb31f3267de53519ba39c915d492cd4652843f1d30a5fb311e3b5d868347969f013c5e3b4841b22240abcb61a14ff567186766ce8f6ae64877f672835dbff4fcf19c8230d8a402397630effb698a8b0c9a28ae028d7938ffde488fd64113085bce504cd0551e0eb3730c3f781cbecf0c41d2338766d3f6096661c1f1bec3162b8a0c4099fccd9480e821df8782c2e070530befb62bccd8539fe9dc7d8d3f9bded1bb34db3f2d6050885c8f1d57f5e603f629de7491f5fd9fafcceb565abeaec838b10a763a00a4607d4330bdcedc066d8cf9790d806e03c219866bb8f053a6e602645436d1f469df1d5008f5dcd4bdb7ce5b76ec015a8f4693cb2a63ceb2be00bcf221f0ca32db4efaf8f7022622b335fa8dea4afdd86be10be6c4d66e5f57416add4480509cb98cf31cdda84644eeb782eea041d4bc0e005a20bccc3c4a08cefcdb91cc2c61d9231c4e36e96f6edd2133f9b34e7da90ce20d1c60ff223c6a204bb942766a359b923573bbbaf2a827d79e4f649e79a840216ac4ddb3409c94e71ff08d109bc3f0cf6583219de7d7131a956f835ecf5c131a0b1e056a86d800a0204243f3b695029578c064306a31db53f28a8f0c0302486cd05970904e9b5c53100ac1aabb3110a89820e4d8307c3d46084999d0456c53fec61a9242b486eb41a90f3300fdfd0d8a472e8da7a842588721d1df1f5e4cc425efebc75a904ef4cc881346a4bc23eef4d492e3efccebab86ae4213f42671370579ee7f8341396e9515619e100a8fae2c5cba0139a088579ece7a603c8b8bab9998223fe862dff8480aeaa5970c90b894e5f71c2784e4dfd50ed3e9ed91036e8356c09464de13b4a95227203133b2c2c71cd6323492f083bda58ad7721b6666b9cd93f93f0288482813fd8aade02cca81cd35257e023504ac4f86be1c7a810b67c6d7077f5cdbd305b618a05c03d196894bfb1a6ff511e59ac8ce45d16cee95e1de0797a543728caaa43e5ae42a12b6bb7910d18d4e1ea89d264491287eb23a76095a12a39c46a7c85349e2969edaed3c1fa6a2150494f63f4c98c65fcdd650ac7424ac1ae64421294356ac1e4dbf9d4c817f081f4f7751ebf56788d799bac29dc0bfe83ead7ab3e338b8b84df4cad2b549aaac4e6048a6fa8f8f6f1f7e0e51c8b3c872f18c466e590222b03230f46bc8e9a0171bbd2096c7a480d6a6f29bd74b60105bebda42e59cc830c4b31f6c52687b4ec2ba869149ae363d711d099f94ceade1ada193e931ed9aea0a280ed5f25ad5ab3b4083f140ca17b43e5f6aef2c24a28a0262c80a040187e052ea7d54a528b6fcc176ed3afc07fe6a661d050fb4a3a6abfa3dac5f3230540b45af060781cb5499c2894d6a4a2bf908ddd48d6b34207f56c31229e206c88db3552ceb6e82a0fa2bf7f97baf603d37d6a8b1f2b1f5f95b251129ed05351681908b7cf5cf6cc86dd854174cc19713b4d262b021952b6da5f20f57bbacca62f5b7124409aa625bbea59819baebc1bc2dd188feba48c998d0dbed60d44b8a4f0ac28f6c1c8c9998f7406f1a34e4ce902be2420f7ff51a5ab3b1faa86ab2ec1edbea2493cae090abde43ff27d685c993dedb24eb255772cc56fbd104f4f5275f10d54d7cacb8cbf188ae1a4d29ea880068fb2696b3ba6e8a7c15939e1f7c394ab4bd4c4bef2383121cbeb18646a8e013d570cee3eeecd7fbe84a619f8aa2e34f2e1e9b99d0c7d7d179d9df8d2e2f1cd7ba2c7e60166dc14e5e4ed9c41195935e2884b5bd0057ed0155a5d4c6482e8f554e4cd0d0aef7d6487801ab54d54eb41755d833ab83883b40f47595063ad2a0fee5c661f86b8ab04ad0047d988ad86b3c520eb78dc3d750a57e777f5d766349f1a687e090f744206cb5d048346061b414060f6826d8a884e93f73f1f1f4cb8bd6e8d1215d436d390dbda35b555f550e11e6d8008fce1c429bd9bbd04a1fbb9de28663c1be4d8d7e506bc681ada28a69014b972919b5f70cbb770349324c9af0b7ee7ff4cc8bfe807fb9faa0a69498448b22192d578a1e82582b943051beb543ddca8b643ee6c76ee32278aa8bc92b44a8439a24ed5040545349ab05e831d4511a8da03ca539659585b2267a73775f1cb7c2c5548d3508c896f99a8e5cb55160ab1267e320ac2d7c8f8b57079dd14d301636a1374e24541f8d453978998ed256b381bcf638bb372ce1ebefb341656c02f4092a7667ffec5505e4938dcb03d404654430e244f9f7f7d0fb4189a93f7c2bd7a4fcb3ccff79e41a98adcac3e4c19eebebaec15bd8cea1df0e509cdef62ae10c66734d162caf35a6e511baa717f769c2e449892224fa8ae78de9138cf6ea1d939998a8cb68b0e83cf604e03b99634796d3d495e4617f8fdd9764631e7ed6eafa797deb1159259777bf2915d48b63286f6d6528ad4ca5783609263d9a03aad41ec8ef1e2e1e77734d27229f801192be238468854945c20dab4e1baff9dd593361efda1de95e04561d33cd73a45dff5f85b2e85b0747a49345ac8d38add8ef9c14685eb3d3432f3f994e3ddd4e45b16005870485253afc4f08d8a6d8023b722284d11d56c6ff9209a5bacb7ce1708244bd21878b8cd5c13ab453bd589f6196322de9faede39ce6f94c75d008d2d7ced27a2375cc62c3d5c15c1c4301a01299d8f4c41e5a44e4130e9555a356d6b19728c7d3c86cb9a1ddf906ab63a9447f8233bcd09bd74cf9749f085f0c4689ef40dbc41a7a299f0f891d9d0d3e39409d4d774da53bfb6e8ce668ce50885558e909add2cb9bda2f7e9232541b1a7f742a99740f486ef4f7c98e4052f2da705c56a18d5a8289ae6cbb9dc7de13a8cf420b7a930abaae813b40517d84ae984dfc94cd1021e0e4a7a9e7de841018d474083ca28a829ee03fe625cafcbedadcdef6621ccd679fcd9c9a9ab2136211f8c9a679895aa39facf2d6668e5098b3dd8e0ad78d8caf250dc38f2c9518bccb353ef3418d3906827514c1959d58344ee11a0ef1c1424495cc1a9910187685a47d6dd91f07e5081c5ac3f1b6e363069694dd9072684c5ab0ba56157c10f5fa8409e5bc43b38b31f24a306ca5f7e3de9a392eac1984e877ecb3dfd044f1449b4ae9b586051b1780c0ce462919f4a4b54ad8011d013c3962fc6697d33c2dc6771fec664c82cb16144619b207deb4391866d6c1976b945c5959d19018f15376ce3b05666747743527f22b54171da4dabee2f4e469a5521067de4f92e2bad02e15e812b6cbd27ec88a9eccf600ce7f5643392da9ff6b6412f8e7c68d8c8b9e0006e41777e2a1363a9556befbbb110dff3a84b179da3838acde0b25f53798733a9fb463d76b630aef7c8a43f6219482b34b893fd99cf3a013ecefde7c5c6528e304c1868ff3fd8dd5aba348a05dc950b1c4c281cbb28b800d6d0da180fdee06ec3bad6f97180295ed1d77078156a885b5b0c501ea563e8871adb97dd6052de0ab369bf2d98f434bb2d172d9967bb73d3eba6b52bb8d55d8963bf58d310afedb51c0f94c7814b6da30fd8056ab7be74ac31b1b75c217e3ab93eadcb2d253e5d8bbe47c0f1a411a9e502cf4301d898d905cd5db828e56a722394fa11cca64a03a42e7fc1b3481b71ca0b6a3d9bd1fc8229f7f9d3e6aa0d48051942579fb759201d4715db9a2d399e0745a66dbbd571accf1f2e15573ce832e91bd1f042ab758d9ec13e354f38454cc42668c8d60358916f7e937015f6c38732bcf6131ecde001892cb20fe47153e7e23b1cd2fc4a22662e7bde09f7df10fcbf475783fe23a0fdcb2c3bd8b28453ce523ac19ff77e68c3e9fa0193b796ea68f44132b3a96adebc04181e503f52be4778ef422ce3e6ca38514fa18b500ca518590479e8c73a7942dc2e237d82cda953ae1b296b97ee8ed62e2e755d6ddea7c0334e1b8d76c278bdc454724003106cb6fdc85340d1e784ac8b6551eaabc33c502163ce0d401627bd22ba6be90089372bfa3f91ee745e45844ef8dc0fe3936bef07f9c1d3aadfa4c8e99be6b038bed6beb9597add881da2acc1a3a471f500d68f639cd2bf6f4afab919a2cf747bcbb42b95684e8741b485c3297cf07c7bd98d6653421b61f701a06b82be0fbeecd32eb00feca9c5732bb5e565bccf8c9feb27a50760a785bbb50402768cbd458811e284a604b3374faf3480e1736743665617de9c32fd10e37105ac6dd5303f1a6dc78950bce56215c2a2f9e0ccbc0bf9fe8ccf7647ed29e2aa4948689d681a7a9fe582631338f3eea3df846f28564038ab75aa2a8ee5416b66ceeda9d8f56ecefe07f6a21ace83a2e15ad408d0a480f56708e3d1c96020b124c58f6ff5247f73aff7f77d389167650b8a0b98c97f87a1e5d6c08fa99874ff144bfa905e9da3812f010eeee00f3c9b594450faab5342e1b6e98fed5714a802b67b3e5b1964a62606aacb8222efd4980823f076675ae859e64de7b08f7a0b3d8bc829e1a93eb3b4975b4761cd7fa743e393da537c91f658ea2b23c94244498cdc4bc32c8b9859b9d9792eeabdce635b2d61c311949204826054dba0880505e2b53cc3521fa8b68bbba2ec05050bd3244c02752af1555625ddf50a3656c0043005c43c26a2dc907d5dd67efa831ad974151067b436a75fe99b8c94c9ca9737279fa1aaa09b0108c48c79c7e4ec1eeccfd43aa8e7ab6cacf5a956fc47d4ce77fe719d6eec1730d3e3b3be71d313f644177b6d16df0180848c28b850fbf71168a1ee4e5639bc46f2555b3984dbb91520538dfa6a1905abfb7238ff344d0a7d760f040718a57cfb56634e7de7584097f69f87630693bcf410796266cc3f50302feacfb556bad2506b7191023817527dfe5973101712bda922472076633133a11a76e8bc7d763a2cdaa53fa8d47d442fcc572f791d66d10d8d6a9058ecbbcd6d3dbe45d67b75e1091dd0368bea33ef0f56ba68885630429c24800922062e1066f2d4c4b795332ab03239548df4e6e01c432fe5eb29e8e63f6c7ba4f2edefa208c69e781786e4717c2f71dc2032a98cf1e6d66c10831e17ee776edc6b060ae20d025dc570a88e17da771acd32b7b93d46e43a917b8e2ba8232ad2707324b9b04dd8ee50c3c5a4372c0b1461ab2b7424faf00c7162bd8e8ffc7fadcb055403b0fa7087226ba4330e746af97a3f915f0b9e105759e81fe94a0df0cd6c324fb0b871491b5516c2fbc82c77b07159e3f4c0b7952b74cb4e203a69f241485191e1afc76d12a56db065b0513a41582f655340603c73cb39b728c97d1e919ecf963b91ec2282d25dc426db873394055beb0f9ba20545e2465ce2d0d962f42e1e4c79bdea4cd2829269ff7ef650bbeb5083d39dc7aad668af0b01c521192c548857473b29991f7bb917b5814fe945f4c3ed9bbe0563f4004b391b76860e9fd6b7c0baae82e4ac033f62a2c6ce6a2311b8700b06b5215e604a9b99d37e00450fc7790e893176e9fecda220f838a078a8ef7da7d499b1fe0eb8780c4b9705a6a10674e61b5c228fae1c13488f98c10c1792fa40229dba44b1cb534f9fab6a14407687761d738c91f4b8d4371a1de1a47bde0563a6fc88c4886be5d48c4cb89078c255eb1639598379daf50a672cbf4d8add2d4af6c02aeb1d0f86b611abd363409c7c7fc0b66f307ad3df24241fe06d0f7617d6c3987bb9e5d8f1712aebf095fad19b3b4fcb9cc4fb39012f333c4b040666259ee7bc43cff299a527a8914d71324e91c774b84e9392e615453e9fc648c539059b66f780c888892fe8b30eba799ed18fab08ebc3b9da8bc12a249456351bc0ebafc9f54d5d24697fb53eeb5e734527d690620989f605f57dc65a15a754d304be592acc616cd528b6986064b4457b96cf1fb0ab383a0585acf9887b18e1d6d3aff1e7f2328ea0313a2b36f6f79d671d9ddc4d34fb8fb55a596b2a16c63757083fb4bd01be2e1d82e47c5a44e052279097c5a18feae9884e102cf087611a3b94467ad61635dae6275974f6e6ca7a42ded0ee4577574d56b142853a8c955d92d1eb780de11dc9289acd193214ed4c9f5f26d0481cb3c0c0b8d4c9ad929c61ffeed66bf2e4f7018049593b99358d93559847d55654cee93da30f6578d2e295909791d227a12c09cd4a0edec25d3155086b64a787997a53265cbffb7fe6a2bfd589e12b4d0e21a600276e920397888443584aa99a06d7cfef8e68eeab8fa739c3d8fb74581ceff295110742e763320bed3a4be982b3ebed15ecde37e849aaa91959327d25149f38854ea1137f870aff99979e5e74cc9e45be12e3f0f9912a0955e718a4917e835bca50f43ce92a6bc60ed006b8f623fbacebbfb3dcb4fabd9941a5487c6f637de9a2005a6bc4062e1210a08a51d6f8a5e3f6f97fe90dc7e2e21d4d2f038c0fbc1918aa00e230a4a0e5c41a4808fb9a731271fcc1e73713c9592aa4b2ddccd0d13c3cb68d51166623153445c9ec955c6870dc8543c0684883186082e34ea5714febf8b46921015c3623220d17529896e1a6edac6e32fea2ba30db203238300353602c17dddad7608cad8170b520f6d9d32cdf0156a1de4e9b9eea78f73255ddc6da6994a6018ff900d9886590602ca6a072d8aa5645e2adac0744e2d5b2e1038c746635d5814692c3498aa9043b68f8ce79c44678c5a7d5bc26c085475853b229b2af3dc822ec58047f313c778aae2b64995148174e42908f3ecacd3921855790c0c5a25814416930293010b4f917979d837f4ef9d2d6dce804f5c0926244097746252124a6e0055559ffab197c38778f717362152af8f6dbf7ee03df050ab9b8909556691c2c2775f0f9c26a545db7ba698a4ce37de877705ea97ac0a002db274ea8360a4aa732c2d5e7417138c60cbea69d3b4993ada6a9d8f51d851543a6500a31bac5a057dbef498001f08a44e3c4141900e18b6d73c28c8c67dca805edeb5376384cefe75be1f127225e4d9724b7047d68fa2ed4629e91711a37c80158a07dbce78918931402b472a98a5d5c6b66a2d116314577e94298c37bc441499a9ecea132d87c5d305a0f8f0b3ed16f3b820941082c73b28391d8482ca0cfa78e1e09aa588b0eb1849c6c7916a6bbe56134a6bd93ea306dec125982628dea1db6d022d210627959e1dc819c841f173ed25f356909222e481a1ebb31185fbaeacbd359d2779efe4554ccdac7f4bcc528f656a45049331e16e9c0c796423ec9c7cba15c69d4a8a7741699910f33cc9798a8bf1e48182f08029a14d0131654fd388225d7509e1d7a484e9c7df34d1680bfc6b8d1f6f3920cc4113509fe42dfbd6b261000da9651f7e18088f6c2564472046e5eb7e8c9f8b5286a7452741a7103ced710bfb8e699fb8b1a85c0ae887cc06ef2ff9e2a2b1a77bb4d44ddd4a4e1ba60afcb92baaef108b60486d409889cbb2b1cc77ddff7e4b6caf8cf3488764d84bf3605eb9df709ac6cb36d1a3de89cdd6657f0e6b4009e6dac5d9be14f4ed997cf61e5aaec932520c321359cf286adf6e2dc3094794ae61a4f16089d06e3dc62c958950e73213c1e865c894fe7b8a30de65f5534a1e9c5d19ed49397980126322cb9c72c46a86d7487571300d85b3b5661555f20ab63a78f846c1b8f51a19610a11ffee44f7ccf0f1d67f4148b2c828d74c7f3993965c9067114467a71d242113a68574e28601fce343a023ecc68a72d75259f9a5dce144a7f61ef327192f6474d2bbd06fde3049fe7fb306ba3f54337008d7dbdeaf28a37a224e38ade23adb076cefd3148efcb62539a96d4dfc53f369e34c3d493ac3a5e8c8881133be630a2a906703da62ce7cc02ace9f666d6c3d4b9763a83548825ee1efb54ee3475b09e2616c5bdde3d193181bf020e8ac9ac25f32604b6c11de8ad1a15b9f908c6d7e79181aad1d741b7434aa92597a835c53b9e4b61d6069fa4ee921824d17c98784a8c04590f8d2cf877662b410cae4ebd1ba3616074c020d8cb6099a095735635490d318821310ddd016150edb80370b8d4e2f05557fd619b17192c13353cdae76d495821c610c8641e5b3dff1e7f2ea77b17810ca7975b8e36b7f501a8710b326ef92672096ef66598510902fe663e2a9ef00c3a052f1cfb1739fccb4371f8f28bb92654de5bf87cc2863e92e6d7e4b45d773f90f434eafc8f8398a48527af829a6cae359e7af5941bef158f53798058351107ce58f79ed21036770f6e10e7da92bbca25f369ee83a0f894bbf366a1361f8125b4ffd8e8b4d47ec68cd6b37c840cc5beb8cf65b2269ea1a0e9c371a571f30458ff8ad9bbf8723c19ddae1de5ca7461a436ffcd103c01a20f3252ba0965ee928cfb0d002b9aa4d4f20c805b77e67c8d991c4d07e5419bec9626a32c115d28253dd5f16c17182c1779edf49bdfe3823d87fec88929801163a27bfaeddfd8cdccae8cc3bfd6a9f2e2fec5971fa560c434debd434ff4d0058dcb05d9f3ac5193c458472d6d1685f9f46c8864900c5edbaeeee08971ee1c087f2e11467ff4766743bccf9e3414feedd6dcb904b92a05eec5de8db95444b920c995c770edcedcf7bffc48836c8f30037dde47f0e66fd79550de0ebc3c0c3eba0b66e2a353542eeb20397800e5f41635c5ec2f9a271461bcee8e570ddf945b186f15ab5cabe2a3123189935c6b9010b31732c425a9b2582b097486a5a7b1880b2f16104484e1ca83fa9c278b87e30e4b0cf6ed66c87a979c05683ac94a295d1c53e6f0975a079dd9a2825fdd6ae0926ba1a69f3f69f408eea9d00fbd43235a52c53d11963a611b81dd9f5e05582e1822398873e883662a64c225be19e0b85e102e23fb73d5dcb11435a5437d7418b0409f2e60793038f55ed54c79882b3a17e74ae2148bd558d131dbf446edeb0d05353492534e216761cfcf6582d066a8235a2bd5eb383350a52d7fc2761514e27b6125cb3e387c103dd62e31f5b789c217811c80ccbe3f10fec7a19ad32dc9271368b6d6ba549c45dfd8018507c40962b6ac6468c3078edb71d8ec7f728be8cc23dea1139ac30c2e8d0fc077280e420fbbffc896863db5f1e76922d7dd8e4479c1be822e74212c6f74765e108f916a1b83f6efc8ea54080e9a28b1ba5813a1fefddbe2d0cda413ee1463985b51b59f818f440c9b6a10e4ebf71d37995ae9694ba5867ca2eb2f7bf4e58d26149f2b25943fba216beb3de1f954bcf1bd32ce358b5d23023ab456ebbc493ead41e25b62b5b4ace6c5c18c9a8d512a9cbb4dd59f33663f6138d6b06bc8eb1ec9caccc0077b2e68e7a09d412dfa352e7e5c3942b710ab1648e16d0adda424d9fc2d15c619f4e8093c2b9521e4cdb3f22e655f52ce0fcc1bfd94e56cba8decadb68214451be53f9286c82d2a4912bd2394d1133be908409d791d6d8c2194ca37a76a38d6d0a1fced6478848891d9264cfc08fa849d720339ce00977cad8d9738372184098a7333dd1564d1d7754b4aa4afd6217585804159d31f53017869cb78b718c837b7fd176ce19e3d6996b6f055ed3ba7cd55b0349676c0c113c33d070081ce4ef29af156c4ac8ce760013688d0295d90271e23ef3ca10ec2b3b889855a153c867ce79297a10a02d21e5e8995fbc10d2f4d4bf521565376053b80937bfafaac688108f9962b7c72cf0111874ac8ae27d024ee2f9d57f15b9910a7486ef7542c6629fb0520c93a445542d", 0x2000, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)={0x20, 0x0, 0x0, {0x0, 0x9}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r2 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x24c01, 0x0) dup3(r2, r0, 0x0) writev(r0, &(0x7f0000000380)=[{&(0x7f00000008c0)="c900", 0x2}], 0x1) 0s ago: executing program 4 (id=4091): r0 = memfd_create(&(0x7f0000000340)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\xdenJ\xeb\x87\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38\x14\xcb\xfa\xb3j\x92\f\xe0\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf0\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x2) ftruncate(r0, 0xffff) fcntl$setpipe(r0, 0x407, 0x9) fcntl$addseals(r0, 0x409, 0x7) r1 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000180), 0x2) r2 = ioctl$UDMABUF_CREATE(r1, 0x40187542, &(0x7f00000000c0)={r0, 0x0, 0x2000, 0x2000}) mmap(&(0x7f0000576000/0x2000)=nil, 0x2000, 0x3000000, 0x11, r2, 0xffffe000) kernel console output (not intermixed with test programs): 11023] __sys_sendmsg+0x164/0x220 [ 445.073391][T11023] ? __pfx___sys_sendmsg+0x10/0x10 [ 445.073427][T11023] ? __pfx_ksys_write+0x10/0x10 [ 445.073454][T11023] ? syscall_enter_from_user_mode_prepare+0x8f/0x110 [ 445.073479][T11023] ? lockdep_hardirqs_on+0x9c/0x150 [ 445.073503][T11023] __do_fast_syscall_32+0xb6/0x2b0 [ 445.073527][T11023] ? lockdep_hardirqs_on+0x9c/0x150 [ 445.073554][T11023] do_fast_syscall_32+0x34/0x80 [ 445.073579][T11023] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 445.073600][T11023] RIP: 0023:0xf709d539 [ 445.073616][T11023] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 445.073631][T11023] RSP: 002b:00000000f548d55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172 [ 445.073651][T11023] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000000 [ 445.073665][T11023] RDX: 0000000008000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 445.073676][T11023] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 445.073687][T11023] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 445.073699][T11023] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 445.073727][T11023] [ 445.485794][ C0] vkms_vblank_simulate: vblank timer overrun [ 445.625795][ T9603] usb 5-1: new high-speed USB device number 50 using dummy_hcd [ 445.697543][T11035] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1451'. [ 445.756202][ T24] usb 3-1: new high-speed USB device number 31 using dummy_hcd [ 445.775150][ T9603] usb 5-1: Using ep0 maxpacket: 8 [ 445.784742][ T9603] usb 5-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a [ 445.795576][ T9603] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 445.812559][ T9603] usb 5-1: Product: syz [ 445.819664][ T9603] usb 5-1: Manufacturer: syz [ 445.824453][ T9603] usb 5-1: SerialNumber: syz [ 445.840183][ T9603] usb 5-1: config 0 descriptor?? [ 445.854529][ T9603] gspca_main: sq930x-2.14.0 probing 2770:930c [ 445.914996][ T24] usb 3-1: Using ep0 maxpacket: 16 [ 445.922225][ T24] usb 3-1: config 0 has an invalid interface number: 161 but max is 0 [ 445.931256][ T24] usb 3-1: config 0 has no interface number 0 [ 445.943284][ T24] usb 3-1: New USB device found, idVendor=0bfd, idProduct=0002, bcdDevice=9a.fd [ 445.963147][ T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 445.972088][ T24] usb 3-1: Product: syz [ 445.977355][ T24] usb 3-1: Manufacturer: syz [ 445.982313][ T24] usb 3-1: SerialNumber: syz [ 445.990497][ T24] usb 3-1: config 0 descriptor?? [ 445.997790][ T24] kvaser_usb 3-1:0.161: error -ENODEV: Cannot get usb endpoint(s) [ 446.065381][ T5948] usb 4-1: new high-speed USB device number 36 using dummy_hcd [ 446.182824][T11047] vivid-008: disconnect [ 446.225073][ T5948] usb 4-1: Using ep0 maxpacket: 16 [ 446.232364][ T5948] usb 4-1: config 0 has an invalid descriptor of length 48, skipping remainder of the config [ 446.243815][ T5948] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid maxpacket 30768, setting to 64 [ 446.260492][ T5948] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 446.288713][ T5948] usb 4-1: New USB device found, idVendor=0c72, idProduct=000c, bcdDevice=f6.59 [ 446.298670][ T5948] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 446.307419][ T5948] usb 4-1: Product: syz [ 446.312313][ T5948] usb 4-1: Manufacturer: syz [ 446.317252][ T24] usb 2-1: new high-speed USB device number 36 using dummy_hcd [ 446.325514][ T5948] usb 4-1: SerialNumber: syz [ 446.337619][ T5948] usb 4-1: config 0 descriptor?? [ 446.359469][ T5948] peak_usb 4-1:0.0 can0: sending cmd f=0x6 n=0x1 failure: -8 [ 446.368837][ T9603] gspca_sq930x: reg_r 001f failed -110 [ 446.374501][ T9603] sq930x 5-1:0.0: probe with driver sq930x failed with error -110 [ 446.384656][ T5948] peak_usb 4-1:0.0: unable to read PCAN-USB serial number (err -8) [ 446.494444][ T24] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 446.507174][ T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8D has invalid wMaxPacketSize 0 [ 446.526080][ T5948] peak_usb 4-1:0.0: probe with driver peak_usb failed with error -8 [ 446.534191][ T24] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8D has invalid maxpacket 0 [ 446.580028][ T24] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 446.601005][ T5948] usb 4-1: USB disconnect, device number 36 [ 446.638057][ T24] usb 2-1: New USB device found, idVendor=0bfd, idProduct=010c, bcdDevice=2d.16 [ 446.647371][ T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 446.661992][ T24] usb 2-1: Product: syz [ 446.682034][ T24] usb 2-1: Manufacturer: syz [ 446.690990][ T24] usb 2-1: SerialNumber: syz [ 446.705179][ T24] usb 2-1: config 0 descriptor?? [ 446.725761][ T24] kvaser_usb 2-1:0.0: error -ENODEV: Cannot get usb endpoint(s) [ 446.946226][T11046] pim6reg0: tun_chr_ioctl cmd 1074812118 [ 446.961170][T11053] fuse: Bad value for 'user_id' [ 446.966382][T11053] fuse: Bad value for 'user_id' [ 447.178862][T11057] input: syz0 as /devices/virtual/input/input51 [ 447.449073][ T24] usb 4-1: new high-speed USB device number 37 using dummy_hcd [ 447.625154][ T24] usb 4-1: Using ep0 maxpacket: 16 [ 447.631918][ T24] usb 4-1: config 0 has an invalid interface number: 8 but max is 0 [ 447.642477][ T24] usb 4-1: config 0 has no interface number 0 [ 447.649684][ T24] usb 4-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 447.660989][ T24] usb 4-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 447.696018][ T24] usb 4-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 447.705387][ T24] usb 4-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 447.713475][ T24] usb 4-1: Product: syz [ 447.726919][ T24] usb 4-1: SerialNumber: syz [ 447.755566][ T24] usb 4-1: config 0 descriptor?? [ 447.786567][ T24] cm109 4-1:0.8: invalid payload size 0, expected 4 [ 447.807027][ T24] input: CM109 USB driver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.8/input/input52 [ 448.011279][ C1] cm109_urb_ctl_callback: 36 callbacks suppressed [ 448.011294][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 448.025032][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 448.032302][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 448.039455][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 448.046621][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 448.054774][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 448.062117][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 448.069301][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 448.076471][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 448.083633][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 448.453106][ T5912] usb 5-1: USB disconnect, device number 50 [ 448.460139][ T24] usb 4-1: USB disconnect, device number 37 [ 448.466190][ C1] cm109 4-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 448.485603][T11047] vivid-008: reconnect [ 448.556645][ T24] cm109 4-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 449.029724][ T24] usb 2-1: USB disconnect, device number 36 [ 449.075237][T11080] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1463'. [ 449.192054][T11083] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 449.225329][T11083] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 449.284677][T11087] warning: `syz.0.1465' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 449.378349][T11090] FAULT_INJECTION: forcing a failure. [ 449.378349][T11090] name failslab, interval 1, probability 0, space 0, times 0 [ 449.393074][T11090] CPU: 0 UID: 0 PID: 11090 Comm: syz.3.1466 Not tainted syzkaller #0 PREEMPT(full) [ 449.393100][T11090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 449.393111][T11090] Call Trace: [ 449.393120][T11090] [ 449.393129][T11090] dump_stack_lvl+0x189/0x250 [ 449.393156][T11090] ? __pfx____ratelimit+0x10/0x10 [ 449.393179][T11090] ? __pfx_dump_stack_lvl+0x10/0x10 [ 449.393201][T11090] ? __pfx__printk+0x10/0x10 [ 449.393235][T11090] should_fail_ex+0x414/0x560 [ 449.393266][T11090] should_failslab+0xa8/0x100 [ 449.393287][T11090] __kmalloc_cache_noprof+0x6f/0x6f0 [ 449.393310][T11090] ? sctp_copy_local_addr_list+0x9b/0x4e0 [ 449.393330][T11090] ? sctp_add_bind_addr+0x8c/0x370 [ 449.393354][T11090] ? sctp_add_bind_addr+0xb0/0x370 [ 449.393380][T11090] sctp_add_bind_addr+0x8c/0x370 [ 449.393404][T11090] sctp_copy_local_addr_list+0x30b/0x4e0 [ 449.393429][T11090] ? sctp_copy_local_addr_list+0x9b/0x4e0 [ 449.393451][T11090] ? __pfx_sctp_copy_local_addr_list+0x10/0x10 [ 449.393475][T11090] ? sctp_v6_is_any+0x64/0x80 [ 449.393500][T11090] ? sctp_copy_one_addr+0x93/0x360 [ 449.393526][T11090] sctp_bind_addr_copy+0xb3/0x3c0 [ 449.393549][T11090] ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0 [ 449.393574][T11090] sctp_connect_new_asoc+0x2e0/0x690 [ 449.393597][T11090] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 449.393613][T11090] ? __local_bh_enable_ip+0x12d/0x1c0 [ 449.393639][T11090] ? bpf_lsm_sctp_bind_connect+0x9/0x20 [ 449.393659][T11090] ? security_sctp_bind_connect+0x7e/0x2e0 [ 449.393684][T11090] sctp_sendmsg+0x155c/0x2810 [ 449.393712][T11090] ? __pfx_sctp_sendmsg+0x10/0x10 [ 449.393741][T11090] ? aa_sk_perm+0x81e/0x950 [ 449.393770][T11090] ? __pfx_aa_sk_perm+0x10/0x10 [ 449.393796][T11090] ? sock_rps_record_flow+0x19/0x410 [ 449.393825][T11090] ? inet_sendmsg+0x2f4/0x370 [ 449.393853][T11090] __sock_sendmsg+0x19c/0x270 [ 449.393880][T11090] __sys_sendto+0x3bd/0x520 [ 449.393901][T11090] ? __pfx___sys_sendto+0x10/0x10 [ 449.393916][T11090] ? __mutex_unlock_slowpath+0x1a1/0x740 [ 449.393960][T11090] ? __fget_files+0x3a0/0x420 [ 449.393989][T11090] ? ksys_write+0x22a/0x250 [ 449.394011][T11090] ? exc_page_fault+0x82/0x100 [ 449.394034][T11090] ? __pfx_ksys_write+0x10/0x10 [ 449.394063][T11090] __ia32_sys_sendto+0xdd/0x100 [ 449.394084][T11090] __do_fast_syscall_32+0xb6/0x2b0 [ 449.394109][T11090] ? lockdep_hardirqs_on+0x9c/0x150 [ 449.394136][T11090] do_fast_syscall_32+0x34/0x80 [ 449.394160][T11090] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 449.394181][T11090] RIP: 0023:0xf709d539 [ 449.394197][T11090] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 449.394212][T11090] RSP: 002b:00000000f548d55c EFLAGS: 00000206 ORIG_RAX: 0000000000000171 [ 449.394232][T11090] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040 [ 449.394245][T11090] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000080000100 [ 449.394256][T11090] RBP: 000000000000001c R08: 0000000000000000 R09: 0000000000000000 [ 449.394267][T11090] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 449.394278][T11090] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 449.394307][T11090] [ 449.887823][T11094] fuse: Bad value for 'user_id' [ 449.892764][T11094] fuse: Bad value for 'user_id' [ 450.261721][T11100] input: syz0 as /devices/virtual/input/input53 [ 450.270096][T11101] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6) [ 450.276631][T11101] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 450.288736][T11101] vhci_hcd vhci_hcd.0: Device attached [ 450.633158][T11102] vhci_hcd: connection closed [ 450.635018][ T8249] vhci_hcd: stop threads [ 450.701834][ T24] usb 34-1: SetAddress Request (2) to port 0 [ 450.711096][ T24] usb 34-1: new SuperSpeed USB device number 2 using vhci_hcd [ 450.714884][ T8249] vhci_hcd: release socket [ 450.731273][ T8249] vhci_hcd: disconnect device [ 450.745067][ T24] usb 34-1: enqueue for inactive port 0 [ 451.155793][ T24] usb usb34-port1: attempt power cycle [ 451.204437][T11111] bond3 (unregistering): Released all slaves [ 451.664953][ T9610] usb 2-1: new high-speed USB device number 37 using dummy_hcd [ 451.715874][ T24] usb usb34-port1: unable to enumerate USB device [ 451.804913][ T9610] usb 2-1: device descriptor read/64, error -71 [ 452.064931][ T9610] usb 2-1: new high-speed USB device number 38 using dummy_hcd [ 452.214939][ T9610] usb 2-1: device descriptor read/64, error -71 [ 452.216589][T11135] syzkaller0: entered promiscuous mode [ 452.235865][T11135] syzkaller0: entered allmulticast mode [ 452.254572][T11136] fuse: Bad value for 'user_id' [ 452.284130][T11136] fuse: Bad value for 'user_id' [ 452.325375][ T9610] usb usb2-port1: attempt power cycle [ 452.369774][T11138] input: syz0 as /devices/virtual/input/input54 [ 452.700742][T11148] netlink: 'syz.3.1483': attribute type 4 has an invalid length. [ 452.708591][T11148] netlink: 17 bytes leftover after parsing attributes in process `syz.3.1483'. [ 452.740874][ T9610] usb 2-1: new high-speed USB device number 39 using dummy_hcd [ 452.777622][T11151] FAULT_INJECTION: forcing a failure. [ 452.777622][T11151] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 452.795462][T11151] CPU: 0 UID: 0 PID: 11151 Comm: syz.0.1486 Not tainted syzkaller #0 PREEMPT(full) [ 452.795487][T11151] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 452.795498][T11151] Call Trace: [ 452.795506][T11151] [ 452.795514][T11151] dump_stack_lvl+0x189/0x250 [ 452.795540][T11151] ? __pfx____ratelimit+0x10/0x10 [ 452.795562][T11151] ? __pfx_dump_stack_lvl+0x10/0x10 [ 452.795585][T11151] ? __pfx__printk+0x10/0x10 [ 452.795607][T11151] should_fail_ex+0x414/0x560 [ 452.795625][T11151] _copy_to_user+0x31/0xb0 [ 452.795640][T11151] simple_read_from_buffer+0xe1/0x170 [ 452.795657][T11151] proc_fail_nth_read+0x1b3/0x220 [ 452.795675][T11151] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 452.795689][T11151] ? rw_verify_area+0x2a6/0x4d0 [ 452.795701][T11151] ? __lock_acquire+0xab9/0xd20 [ 452.795710][T11151] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 452.795723][T11151] vfs_read+0x200/0xa30 [ 452.795736][T11151] ? fdget_pos+0x247/0x320 [ 452.795748][T11151] ? __pfx___mutex_lock+0x10/0x10 [ 452.795761][T11151] ? __pfx_vfs_read+0x10/0x10 [ 452.795775][T11151] ? __fget_files+0x2a/0x420 [ 452.795787][T11151] ? __fget_files+0x3a0/0x420 [ 452.795795][T11151] ? __fget_files+0x2a/0x420 [ 452.795809][T11151] ksys_read+0x145/0x250 [ 452.795823][T11151] ? __pfx_ksys_read+0x10/0x10 [ 452.795837][T11151] ? syscall_enter_from_user_mode_prepare+0x8f/0x110 [ 452.795851][T11151] ? lockdep_hardirqs_on+0x9c/0x150 [ 452.795865][T11151] __do_fast_syscall_32+0xb6/0x2b0 [ 452.795879][T11151] ? lockdep_hardirqs_on+0x9c/0x150 [ 452.795893][T11151] do_fast_syscall_32+0x34/0x80 [ 452.795907][T11151] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 452.795918][T11151] RIP: 0023:0xf7f74539 [ 452.795927][T11151] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 452.795936][T11151] RSP: 002b:00000000f5466590 EFLAGS: 00000206 ORIG_RAX: 0000000000000003 [ 452.795947][T11151] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5466620 [ 452.795954][T11151] RDX: 000000000000000f RSI: 00000000f7405ff4 RDI: 0000000000000000 [ 452.795961][T11151] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 452.795966][T11151] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 452.795972][T11151] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 452.795988][T11151] [ 452.796682][ T9610] usb 2-1: device descriptor read/8, error -71 [ 453.225167][ T5912] usb 4-1: new high-speed USB device number 38 using dummy_hcd [ 453.256494][T11157] loop6: detected capacity change from 0 to 7 [ 453.269705][T11157] Dev loop6: unable to read RDB block 7 [ 453.275679][T11157] loop6: AHDI p2 p3 [ 453.279811][T11157] loop6: partition table partially beyond EOD, truncated [ 453.291702][T11157] loop6: p2 size 335544428 extends beyond EOD, truncated [ 453.354209][ T7524] udevd[7524]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory [ 453.365273][ T9610] usb 2-1: new high-speed USB device number 40 using dummy_hcd [ 453.416503][ T5912] usb 4-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config [ 453.433001][ T9610] usb 2-1: device descriptor read/8, error -71 [ 453.440475][ T5912] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 453.471317][ T5912] usb 4-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 453.495944][ T5912] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 453.505297][ T5912] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 453.524802][ T5912] usb 4-1: Quirk or no altset; falling back to MIDI 1.0 [ 453.532994][ T5912] usb 4-1: invalid MIDI out EP 0 [ 453.565423][ T9610] usb usb2-port1: unable to enumerate USB device [ 453.627045][ T5912] snd-usb-audio 4-1:27.0: probe with driver snd-usb-audio failed with error -22 [ 453.674224][T11163] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 453.683991][T11163] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 453.697012][T11163] netlink: 'syz.2.1490': attribute type 9 has an invalid length. [ 453.705422][T11163] netlink: 80 bytes leftover after parsing attributes in process `syz.2.1490'. [ 453.835141][T11168] FAULT_INJECTION: forcing a failure. [ 453.835141][T11168] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 453.849304][T11168] CPU: 1 UID: 0 PID: 11168 Comm: syz.4.1491 Not tainted syzkaller #0 PREEMPT(full) [ 453.849330][T11168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 453.849342][T11168] Call Trace: [ 453.849349][T11168] [ 453.849357][T11168] dump_stack_lvl+0x189/0x250 [ 453.849384][T11168] ? __pfx____ratelimit+0x10/0x10 [ 453.849406][T11168] ? __pfx_dump_stack_lvl+0x10/0x10 [ 453.849429][T11168] ? __pfx__printk+0x10/0x10 [ 453.849449][T11168] ? fs_reclaim_acquire+0x7d/0x100 [ 453.849483][T11168] should_fail_ex+0x414/0x560 [ 453.849513][T11168] prepare_alloc_pages+0x213/0x610 [ 453.849538][T11168] __alloc_frozen_pages_noprof+0x123/0x370 [ 453.849563][T11168] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 453.849589][T11168] ? policy_nodemask+0x27c/0x720 [ 453.849612][T11168] alloc_pages_mpol+0x232/0x4a0 [ 453.849635][T11168] alloc_pages_noprof+0xa9/0x190 [ 453.849655][T11168] pte_alloc_one+0x23/0x310 [ 453.849674][T11168] ? __handle_mm_fault+0x1d74/0x5400 [ 453.849700][T11168] __handle_mm_fault+0x2767/0x5400 [ 453.849738][T11168] ? __pfx___handle_mm_fault+0x10/0x10 [ 453.849781][T11168] ? find_vma+0xe7/0x160 [ 453.849802][T11168] ? __pfx_find_vma+0x10/0x10 [ 453.849826][T11168] handle_mm_fault+0x40a/0x8e0 [ 453.849859][T11168] do_user_addr_fault+0x764/0x1380 [ 453.849893][T11168] exc_page_fault+0x82/0x100 [ 453.849913][T11168] ? __might_fault+0xb0/0x130 [ 453.849937][T11168] asm_exc_page_fault+0x26/0x30 [ 453.849954][T11168] RIP: 0010:__get_user_4+0x14/0x20 [ 453.849973][T11168] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 ba 00 f0 ff ff ff 7f 00 00 48 39 d0 48 0f 47 c2 0f 01 cb <8b> 10 31 c0 0f 01 ca e9 d0 2a 04 00 90 90 90 90 90 90 90 90 90 90 [ 453.849988][T11168] RSP: 0018:ffffc9001adefd70 EFLAGS: 00050287 [ 453.850004][T11168] RAX: 00000000f53f1000 RBX: ffff88803188c218 RCX: a0974f507e35c000 [ 453.850017][T11168] RDX: 00007ffffffff000 RSI: ffffffff8d8f3eb0 RDI: ffffffff8bbf0760 [ 453.850031][T11168] RBP: ffffc9001adefec0 R08: 0000000000000000 R09: ffffffff820d5e20 [ 453.850043][T11168] R10: ffffc9001adefe00 R11: fffff520035bdfc8 R12: 00000000f53f1000 [ 453.850057][T11168] R13: dffffc0000000000 R14: ffff88807b5bc080 R15: 0000000080001440 [ 453.850076][T11168] ? __might_fault+0xb0/0x130 [ 453.850106][T11168] lookup_ioctx+0x62/0x720 [ 453.850132][T11168] __ia32_compat_sys_io_submit+0xfa/0x330 [ 453.850154][T11168] ? __pfx___ia32_compat_sys_io_submit+0x10/0x10 [ 453.850172][T11168] ? ksys_write+0x22a/0x250 [ 453.850204][T11168] ? syscall_enter_from_user_mode_prepare+0x8f/0x110 [ 453.850227][T11168] ? lockdep_hardirqs_on+0x9c/0x150 [ 453.850253][T11168] __do_fast_syscall_32+0xb6/0x2b0 [ 453.850276][T11168] ? lockdep_hardirqs_on+0x9c/0x150 [ 453.850308][T11168] do_fast_syscall_32+0x34/0x80 [ 453.850332][T11168] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 453.850352][T11168] RIP: 0023:0xf7f24539 [ 453.850367][T11168] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 453.850381][T11168] RSP: 002b:00000000f541655c EFLAGS: 00000206 ORIG_RAX: 00000000000000f8 [ 453.850397][T11168] RAX: ffffffffffffffda RBX: 00000000f53f1000 RCX: 000000000000027f [ 453.850410][T11168] RDX: 0000000080001440 RSI: 0000000000000000 RDI: 0000000000000000 [ 453.850420][T11168] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 453.850431][T11168] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 453.850442][T11168] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 453.850471][T11168] [ 453.884972][ T5912] usb 1-1: new high-speed USB device number 44 using dummy_hcd [ 454.354917][ T5912] usb 1-1: Using ep0 maxpacket: 16 [ 454.370240][T11173] fuse: Bad value for 'user_id' [ 454.380044][T11173] fuse: Bad value for 'user_id' [ 454.385574][ T5912] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 454.407966][ T5912] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 454.438207][ T5912] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 454.463408][ T5912] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 454.491555][ T5912] usb 1-1: config 0 descriptor?? [ 455.130357][ T5912] HID 045e:07da: Invalid code 65791 type 1 [ 455.229810][ T5912] input: HID 045e:07da as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:045E:07DA.0011/input/input55 [ 455.294595][ T5912] microsoft 0003:045E:07DA.0011: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0 [ 455.565894][ T5912] usb 4-1: USB disconnect, device number 38 [ 455.584264][T11148] delete_channel: no stack [ 455.654152][T11202] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1504'. [ 455.751510][T11207] netlink: 56 bytes leftover after parsing attributes in process `syz.4.1503'. [ 456.229597][T11217] fuse: Bad value for 'user_id' [ 456.234537][T11217] fuse: Bad value for 'user_id' [ 456.414728][T11225] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1510'. [ 456.471065][T11227] netlink: 'syz.4.1511': attribute type 29 has an invalid length. [ 456.704003][T11230] bridge2: entered promiscuous mode [ 457.162332][ T5912] usb 1-1: USB disconnect, device number 44 [ 457.549565][T11244] syzkaller1: entered promiscuous mode [ 457.577982][T11244] syzkaller1: entered allmulticast mode [ 457.841348][T11254] syz_tun: entered allmulticast mode [ 457.992780][ T5912] IPVS: starting estimator thread 0... [ 458.095773][T11258] IPVS: using max 26 ests per chain, 62400 per kthread [ 458.232036][T11241] syz_tun: left allmulticast mode [ 458.328392][T11266] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1523'. [ 458.356847][T11268] fuse: Unknown parameter 'fdA]%ājCd' [ 458.546475][T11271] FAULT_INJECTION: forcing a failure. [ 458.546475][T11271] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 458.622921][T11271] CPU: 0 UID: 0 PID: 11271 Comm: syz.1.1525 Not tainted syzkaller #0 PREEMPT(full) [ 458.622948][T11271] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 458.622959][T11271] Call Trace: [ 458.622968][T11271] [ 458.622976][T11271] dump_stack_lvl+0x189/0x250 [ 458.623007][T11271] ? __pfx____ratelimit+0x10/0x10 [ 458.623030][T11271] ? __pfx_dump_stack_lvl+0x10/0x10 [ 458.623053][T11271] ? __pfx__printk+0x10/0x10 [ 458.623087][T11271] should_fail_ex+0x414/0x560 [ 458.623123][T11271] copy_folio_from_iter_atomic+0x325/0x1910 [ 458.623146][T11271] ? shmem_allowable_huge_orders+0x1d7/0x4f0 [ 458.623177][T11271] ? shmem_get_folio_gfp+0x1432/0x1660 [ 458.623207][T11271] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 458.623238][T11271] ? shmem_write_begin+0x15f/0x2b0 [ 458.623267][T11271] generic_perform_write+0x5df/0x900 [ 458.623301][T11271] ? __pfx_generic_perform_write+0x10/0x10 [ 458.623321][T11271] ? do_raw_spin_unlock+0x122/0x240 [ 458.623345][T11271] ? mnt_put_write_access_file+0xc0/0x100 [ 458.623368][T11271] ? file_update_time+0x416/0x490 [ 458.623393][T11271] shmem_file_write_iter+0xf8/0x120 [ 458.623420][T11271] do_iter_readv_writev+0x623/0x8c0 [ 458.623451][T11271] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 458.623474][T11271] ? rcu_read_lock_any_held+0xb3/0x120 [ 458.623513][T11271] vfs_writev+0x31a/0x960 [ 458.623537][T11271] ? __lock_acquire+0xab9/0xd20 [ 458.623556][T11271] ? __pfx_vfs_writev+0x10/0x10 [ 458.623591][T11271] ? __fget_files+0x2a/0x420 [ 458.623612][T11271] ? __fget_files+0x3a0/0x420 [ 458.623628][T11271] ? __fget_files+0x2a/0x420 [ 458.623654][T11271] __ia32_compat_sys_pwritev2+0x227/0x320 [ 458.623676][T11271] ? __pfx___ia32_compat_sys_pwritev2+0x10/0x10 [ 458.623700][T11271] ? syscall_enter_from_user_mode_prepare+0x8f/0x110 [ 458.623725][T11271] ? lockdep_hardirqs_on+0x9c/0x150 [ 458.623751][T11271] __do_fast_syscall_32+0xb6/0x2b0 [ 458.623775][T11271] ? lockdep_hardirqs_on+0x9c/0x150 [ 458.623802][T11271] do_fast_syscall_32+0x34/0x80 [ 458.623825][T11271] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 458.623847][T11271] RIP: 0023:0xf704d539 [ 458.623862][T11271] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 458.623877][T11271] RSP: 002b:00000000f543d55c EFLAGS: 00000206 ORIG_RAX: 000000000000017b [ 458.623896][T11271] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000240 [ 458.623910][T11271] RDX: 0000000000000001 RSI: 0000000000007a00 RDI: 0000000000000000 [ 458.623921][T11271] RBP: 0000000000000020 R08: 0000000000000000 R09: 0000000000000000 [ 458.623932][T11271] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 458.623943][T11271] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 458.623973][T11271] [ 458.804703][T11276] input: syz0 as /devices/virtual/input/input56 [ 458.808094][ C0] vkms_vblank_simulate: vblank timer overrun [ 459.272659][T11279] Cannot find add_set index 2 as target [ 460.484742][T11300] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 460.613723][T11300] FAULT_INJECTION: forcing a failure. [ 460.613723][T11300] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 460.653490][T11300] CPU: 0 UID: 0 PID: 11300 Comm: syz.4.1531 Not tainted syzkaller #0 PREEMPT(full) [ 460.653516][T11300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 460.653528][T11300] Call Trace: [ 460.653536][T11300] [ 460.653544][T11300] dump_stack_lvl+0x189/0x250 [ 460.653572][T11300] ? __pfx____ratelimit+0x10/0x10 [ 460.653594][T11300] ? __pfx_dump_stack_lvl+0x10/0x10 [ 460.653616][T11300] ? __pfx__printk+0x10/0x10 [ 460.653646][T11300] should_fail_ex+0x414/0x560 [ 460.653676][T11300] _copy_to_user+0x31/0xb0 [ 460.653698][T11300] simple_read_from_buffer+0xe1/0x170 [ 460.653727][T11300] proc_fail_nth_read+0x1b3/0x220 [ 460.653752][T11300] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 460.653777][T11300] ? rw_verify_area+0x2a6/0x4d0 [ 460.653798][T11300] ? __lock_acquire+0xab9/0xd20 [ 460.653813][T11300] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 460.653834][T11300] vfs_read+0x200/0xa30 [ 460.653853][T11300] ? fdget_pos+0x247/0x320 [ 460.653875][T11300] ? __pfx___mutex_lock+0x10/0x10 [ 460.653899][T11300] ? __pfx_vfs_read+0x10/0x10 [ 460.653931][T11300] ? __fget_files+0x2a/0x420 [ 460.653951][T11300] ? __fget_files+0x3a0/0x420 [ 460.653967][T11300] ? __fget_files+0x2a/0x420 [ 460.653991][T11300] ksys_read+0x145/0x250 [ 460.654015][T11300] ? __pfx_ksys_read+0x10/0x10 [ 460.654040][T11300] ? syscall_enter_from_user_mode_prepare+0x8f/0x110 [ 460.654064][T11300] ? lockdep_hardirqs_on+0x9c/0x150 [ 460.654090][T11300] __do_fast_syscall_32+0xb6/0x2b0 [ 460.654114][T11300] ? lockdep_hardirqs_on+0x9c/0x150 [ 460.654137][T11300] do_fast_syscall_32+0x34/0x80 [ 460.654161][T11300] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 460.654182][T11300] RIP: 0023:0xf7f24539 [ 460.654197][T11300] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 460.654212][T11300] RSP: 002b:00000000f5416590 EFLAGS: 00000206 ORIG_RAX: 0000000000000003 [ 460.654231][T11300] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5416620 [ 460.654244][T11300] RDX: 000000000000000f RSI: 00000000f73b5ff4 RDI: 0000000000000000 [ 460.654255][T11300] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000 [ 460.654265][T11300] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 460.654275][T11300] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 460.654304][T11300] [ 461.143446][T11311] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1534'. [ 461.248148][T11315] netlink: 72 bytes leftover after parsing attributes in process `syz.4.1536'. [ 461.572732][T11331] input: syz0 as /devices/virtual/input/input57 [ 461.618326][T11332] 8021q: adding VLAN 0 to HW filter on device bond0 [ 461.636571][ T24] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 461.713143][T11332] 8021q: adding VLAN 0 to HW filter on device team0 [ 461.745697][T11332] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 462.061056][ T30] kauditd_printk_skb: 32 callbacks suppressed [ 462.061071][ T30] audit: type=1326 audit(1762179661.692:3122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11335 comm="syz.2.1540" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffd539 code=0x7ffc0000 [ 462.222710][ T5948] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 462.524943][ T30] audit: type=1326 audit(1762179661.692:3123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11335 comm="syz.2.1540" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffd539 code=0x7ffc0000 [ 462.548785][ T30] audit: type=1326 audit(1762179661.732:3124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11335 comm="syz.2.1540" exe="/root/syz-executor" sig=0 arch=40000003 syscall=331 compat=1 ip=0xf6ffd539 code=0x7ffc0000 [ 462.572712][ T30] audit: type=1326 audit(1762179661.732:3125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11335 comm="syz.2.1540" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffd539 code=0x7ffc0000 [ 462.780563][ T30] audit: type=1326 audit(1762179661.732:3126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11335 comm="syz.2.1540" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffd539 code=0x7ffc0000 [ 462.871616][ T30] audit: type=1326 audit(1762179661.732:3127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11335 comm="syz.2.1540" exe="/root/syz-executor" sig=0 arch=40000003 syscall=316 compat=1 ip=0xf6ffd539 code=0x7ffc0000 [ 462.965013][ T30] audit: type=1326 audit(1762179661.732:3128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11335 comm="syz.2.1540" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffd539 code=0x7ffc0000 [ 463.022007][ T30] audit: type=1326 audit(1762179661.742:3129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11335 comm="syz.2.1540" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffd539 code=0x7ffc0000 [ 463.075373][ T30] audit: type=1326 audit(1762179661.742:3130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11335 comm="syz.2.1540" exe="/root/syz-executor" sig=0 arch=40000003 syscall=337 compat=1 ip=0xf6ffd539 code=0x7ffc0000 [ 463.098263][ T30] audit: type=1326 audit(1762179661.742:3131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11335 comm="syz.2.1540" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffd539 code=0x7ffc0000 [ 463.248920][T11353] netlink: 'syz.0.1541': attribute type 10 has an invalid length. [ 463.281378][T11353] team0: Port device netdevsim0 added [ 463.302068][T11353] netlink: 'syz.0.1541': attribute type 10 has an invalid length. [ 463.488476][T11364] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1546'. [ 463.558401][T11363] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1548'. [ 463.588260][T11368] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1547'. [ 463.608532][T11353] team0: Port device netdevsim0 removed [ 463.633042][T11353] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 464.584965][ T5948] usb 2-1: new high-speed USB device number 41 using dummy_hcd [ 464.754990][ T5948] usb 2-1: Using ep0 maxpacket: 16 [ 464.770915][ T5948] usb 2-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4 [ 464.852720][ T5948] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 464.883155][ T5948] usb 2-1: config 0 descriptor?? [ 464.899025][ T5948] gspca_main: sonixj-2.14.0 probing 0471:0327 [ 465.415879][ T5948] gspca_sonixj: reg_w1 err -110 [ 465.420829][ T5948] sonixj 2-1:0.0: probe with driver sonixj failed with error -110 [ 465.872556][T11400] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 466.395043][ T5948] usb 1-1: new high-speed USB device number 45 using dummy_hcd [ 466.566037][T11411] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 466.574991][T11411] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 466.585430][ T5948] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 466.597961][ T5948] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 466.633269][ T5948] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 466.670551][ T5948] usb 1-1: config 0 descriptor?? [ 466.810608][T11415] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1561'. [ 467.181331][T11421] fuse: Bad value for 'user_id' [ 467.195573][T11421] fuse: Bad value for 'user_id' [ 467.207419][ T9610] usb 2-1: USB disconnect, device number 41 [ 469.301381][ T5948] usbhid 1-1:0.0: can't add hid device: -71 [ 469.307746][ T5948] usbhid 1-1:0.0: probe with driver usbhid failed with error -71 [ 469.344513][ T5948] usb 1-1: USB disconnect, device number 45 [ 471.361842][T11464] netlink: 172 bytes leftover after parsing attributes in process `syz.0.1574'. [ 471.378712][ T24] usb 5-1: new low-speed USB device number 51 using dummy_hcd [ 471.424497][T11464] netlink: 172 bytes leftover after parsing attributes in process `syz.0.1574'. [ 471.484013][T11468] fuse: Bad value for 'user_id' [ 471.489505][T11468] fuse: Bad value for 'user_id' [ 471.505326][T11460] loop6: detected capacity change from 0 to 7 [ 471.538250][T11460] Dev loop6: unable to read RDB block 7 [ 471.571249][ T24] usb 5-1: config 0 has an invalid interface number: 55 but max is 0 [ 471.586641][ T24] usb 5-1: config 0 has no interface number 0 [ 471.632889][ T24] usb 5-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 471.651430][T11460] loop6: unable to read partition table [ 471.683425][ T24] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8 [ 471.689120][T11460] loop6: partition table beyond EOD, truncated [ 471.739307][ T24] usb 5-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 471.786992][ T24] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10 [ 471.805708][T11460] loop_reread_partitions: partition scan of loop6 (被x ) failed (rc=-5) [ 471.817631][ T24] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8 [ 471.835153][ T24] usb 5-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 471.871741][ T24] usb 5-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 471.889751][ T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 471.937941][ T24] usb 5-1: config 0 descriptor?? [ 471.974591][T11462] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 472.001311][T11462] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 472.036068][ T24] ldusb 5-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 472.309426][T11478] usb usb8: usbfs: process 11478 (syz.2.1577) did not claim interface 0 before use [ 472.455691][T11462] ldusb 5-1:0.55: Write buffer overflow, 138595949 bytes dropped [ 472.663103][T11462] binder_alloc: 11461: binder_alloc_buf, no vma [ 472.680139][ T9610] usb 5-1: USB disconnect, device number 51 [ 472.860321][ T9610] ldusb 5-1:0.55: LD USB Device #0 now disconnected [ 473.378501][ T30] kauditd_printk_skb: 2 callbacks suppressed [ 473.378518][ T30] audit: type=1326 audit(1762179673.012:3134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11486 comm="syz.3.1580" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 473.407520][ T30] audit: type=1326 audit(1762179673.012:3135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11486 comm="syz.3.1580" exe="/root/syz-executor" sig=0 arch=40000003 syscall=331 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 473.430331][ T30] audit: type=1326 audit(1762179673.012:3136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11486 comm="syz.3.1580" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 473.455792][ T30] audit: type=1326 audit(1762179673.012:3137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11486 comm="syz.3.1580" exe="/root/syz-executor" sig=0 arch=40000003 syscall=316 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 473.478194][ T30] audit: type=1326 audit(1762179673.012:3138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11486 comm="syz.3.1580" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 473.501323][ T30] audit: type=1326 audit(1762179673.012:3139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11486 comm="syz.3.1580" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709d539 code=0x7ffc0000 [ 473.807329][T11500] syz_tun: entered allmulticast mode [ 473.899635][ T9610] usb 5-1: new full-speed USB device number 52 using dummy_hcd [ 474.152044][ T9610] usb 5-1: config 0 has an invalid interface number: 69 but max is 0 [ 474.172733][ T9610] usb 5-1: config 0 has no interface number 0 [ 474.183111][ T9610] usb 5-1: config 0 interface 69 altsetting 0 endpoint 0x8 has invalid maxpacket 1023, setting to 64 [ 474.197853][ T9610] usb 5-1: config 0 interface 69 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 474.239721][ T9610] usb 5-1: config 0 interface 69 altsetting 0 endpoint 0x82 has invalid maxpacket 43776, setting to 64 [ 474.258153][ T9610] usb 5-1: New USB device found, idVendor=0c4b, idProduct=0100, bcdDevice=d7.ca [ 474.267962][ T9610] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 474.276503][ T9610] usb 5-1: Product: syz [ 474.280858][ T9610] usb 5-1: Manufacturer: syz [ 474.714003][T11493] syz_tun: left allmulticast mode [ 474.984288][ T9610] usb 5-1: SerialNumber: syz [ 475.014808][ T9610] usb 5-1: config 0 descriptor?? [ 475.536618][T11496] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 475.543890][T11496] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 475.586704][ T9610] cyberjack 5-1:0.69: Reiner SCT Cyberjack USB card reader converter detected [ 475.723610][ T9610] usb 5-1: Reiner SCT Cyberjack USB card reader converter now attached to ttyUSB0 [ 475.804912][ T30] audit: type=1326 audit(1762179675.432:3140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11512 comm="syz.2.1586" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf6ffd539 code=0x0 [ 475.827216][ T5948] usb 5-1: USB disconnect, device number 52 [ 475.899137][ T5948] cyberjack ttyUSB0: Reiner SCT Cyberjack USB card reader converter now disconnected from ttyUSB0 [ 475.935800][T11516] fuse: Bad value for 'user_id' [ 475.940663][T11516] fuse: Bad value for 'user_id' [ 475.953718][ T5948] cyberjack 5-1:0.69: device disconnected [ 477.407284][T11554] syz_tun: entered allmulticast mode [ 477.564914][ T9610] usb 2-1: new high-speed USB device number 42 using dummy_hcd [ 477.725199][ T9610] usb 2-1: Using ep0 maxpacket: 8 [ 477.742223][ T9610] usb 2-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config [ 477.754227][ T9610] usb 2-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 477.792205][ T9610] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 477.813877][ T9610] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 477.823427][T11562] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 477.871946][T11543] syz_tun: left allmulticast mode [ 477.887545][T11562] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 477.964047][ T9610] usbtmc 2-1:16.0: bulk endpoints not found [ 478.339560][ T9610] usb 2-1: USB disconnect, device number 42 [ 480.117646][T11585] netlink: 72 bytes leftover after parsing attributes in process `syz.4.1611'. [ 480.439318][T11603] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 480.466194][T11603] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 480.498874][T11604] team0: Port device vxlan0 added [ 480.506191][ T8249] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 480.518909][ T8249] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 480.572268][ T8249] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 480.585170][ T8249] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 481.471571][T11617] syzkaller0: entered promiscuous mode [ 481.477124][T11617] syzkaller0: entered allmulticast mode [ 481.828150][T11622] netlink: 72 bytes leftover after parsing attributes in process `syz.4.1623'. [ 482.511402][T11632] fuse: Bad value for 'group_id' [ 482.516555][T11632] fuse: Bad value for 'group_id' [ 482.935018][ T24] usb 5-1: new high-speed USB device number 53 using dummy_hcd [ 483.084942][ T24] usb 5-1: Using ep0 maxpacket: 32 [ 483.092166][ T24] usb 5-1: config 0 has an invalid interface number: 67 but max is 0 [ 483.100631][ T24] usb 5-1: config 0 has no interface number 0 [ 483.109636][ T24] usb 5-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 483.119127][ T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 483.127546][ T24] usb 5-1: Product: syz [ 483.131766][ T24] usb 5-1: Manufacturer: syz [ 483.136412][ T24] usb 5-1: SerialNumber: syz [ 483.143871][ T24] usb 5-1: config 0 descriptor?? [ 483.152990][ T24] smsc95xx v2.0.0 [ 483.517339][T11650] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1632'. [ 483.529101][T11650] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1632'. [ 483.640024][ T24] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32 [ 483.740646][T11654] FAULT_INJECTION: forcing a failure. [ 483.740646][T11654] name failslab, interval 1, probability 0, space 0, times 0 [ 483.740724][ T24] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 483.763263][T11654] CPU: 0 UID: 0 PID: 11654 Comm: syz.3.1634 Not tainted syzkaller #0 PREEMPT(full) [ 483.763293][T11654] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 483.763304][T11654] Call Trace: [ 483.763312][T11654] [ 483.763319][T11654] dump_stack_lvl+0x189/0x250 [ 483.763346][T11654] ? __pfx____ratelimit+0x10/0x10 [ 483.763367][T11654] ? __pfx_dump_stack_lvl+0x10/0x10 [ 483.763387][T11654] ? __pfx__printk+0x10/0x10 [ 483.763415][T11654] should_fail_ex+0x414/0x560 [ 483.763443][T11654] should_failslab+0xa8/0x100 [ 483.763461][T11654] __kmalloc_cache_noprof+0x6f/0x6f0 [ 483.763480][T11654] ? sctp_copy_local_addr_list+0x9b/0x4e0 [ 483.763499][T11654] ? sctp_add_bind_addr+0x8c/0x370 [ 483.763517][T11654] ? sctp_add_bind_addr+0xb0/0x370 [ 483.763540][T11654] sctp_add_bind_addr+0x8c/0x370 [ 483.763564][T11654] sctp_copy_local_addr_list+0x30b/0x4e0 [ 483.763589][T11654] ? sctp_copy_local_addr_list+0x9b/0x4e0 [ 483.763610][T11654] ? __pfx_sctp_copy_local_addr_list+0x10/0x10 [ 483.763631][T11654] ? sctp_association_new+0x18b3/0x25f0 [ 483.763650][T11654] ? sctp_v6_is_any+0x64/0x80 [ 483.763674][T11654] ? sctp_copy_one_addr+0x93/0x360 [ 483.763700][T11654] sctp_bind_addr_copy+0xb3/0x3c0 [ 483.763724][T11654] ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0 [ 483.763748][T11654] sctp_connect_new_asoc+0x2e0/0x690 [ 483.763769][T11654] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 483.763791][T11654] ? __local_bh_enable_ip+0x12d/0x1c0 [ 483.763817][T11654] ? bpf_lsm_sctp_bind_connect+0x9/0x20 [ 483.763836][T11654] ? security_sctp_bind_connect+0x7e/0x2e0 [ 483.763860][T11654] sctp_sendmsg+0x155c/0x2810 [ 483.763889][T11654] ? __pfx_sctp_sendmsg+0x10/0x10 [ 483.763918][T11654] ? aa_sk_perm+0x81e/0x950 [ 483.763945][T11654] ? __pfx_aa_sk_perm+0x10/0x10 [ 483.763971][T11654] ? sock_rps_record_flow+0x19/0x410 [ 483.763999][T11654] ? inet_sendmsg+0x2f4/0x370 [ 483.764027][T11654] __sock_sendmsg+0x19c/0x270 [ 483.764053][T11654] __sys_sendto+0x3bd/0x520 [ 483.764075][T11654] ? __pfx___sys_sendto+0x10/0x10 [ 483.764088][T11654] ? __mutex_unlock_slowpath+0x1a1/0x740 [ 483.764125][T11654] ? __fget_files+0x3a0/0x420 [ 483.764153][T11654] ? ksys_write+0x22a/0x250 [ 483.764175][T11654] ? exc_page_fault+0x82/0x100 [ 483.764199][T11654] ? __pfx_ksys_write+0x10/0x10 [ 483.764227][T11654] __ia32_sys_sendto+0xdd/0x100 [ 483.764248][T11654] __do_fast_syscall_32+0xb6/0x2b0 [ 483.764285][T11654] ? lockdep_hardirqs_on+0x9c/0x150 [ 483.764312][T11654] do_fast_syscall_32+0x34/0x80 [ 483.764336][T11654] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 483.764357][T11654] RIP: 0023:0xf709d539 [ 483.764373][T11654] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 483.764387][T11654] RSP: 002b:00000000f548d55c EFLAGS: 00000206 ORIG_RAX: 0000000000000171 [ 483.764406][T11654] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000100 [ 483.764418][T11654] RDX: 0000000000000001 RSI: 000000002000c851 RDI: 0000000080000140 [ 483.764430][T11654] RBP: 000000000000001c R08: 0000000000000000 R09: 0000000000000000 [ 483.764440][T11654] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 483.764451][T11654] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 483.764480][T11654] [ 484.160757][T11659] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1636'. [ 484.928002][ T24] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71 [ 484.939286][ T24] smsc95xx 5-1:0.67: probe with driver smsc95xx failed with error -71 [ 484.954046][ T24] usb 5-1: USB disconnect, device number 53 [ 485.608686][T11687] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1645'. [ 485.660362][T11691] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1646'. [ 485.682528][T11685] bridge0: port 2(bridge_slave_1) entered disabled state [ 485.689863][T11685] bridge0: port 1(bridge_slave_0) entered disabled state [ 485.811063][T11685] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 485.827739][T11685] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 485.886610][ T24] usb 4-1: new high-speed USB device number 39 using dummy_hcd [ 485.944543][T11687] FAULT_INJECTION: forcing a failure. [ 485.944543][T11687] name failslab, interval 1, probability 0, space 0, times 0 [ 485.970630][T11687] CPU: 1 UID: 0 PID: 11687 Comm: syz.2.1645 Not tainted syzkaller #0 PREEMPT(full) [ 485.970657][T11687] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 485.970668][T11687] Call Trace: [ 485.970676][T11687] [ 485.970684][T11687] dump_stack_lvl+0x189/0x250 [ 485.970712][T11687] ? __pfx____ratelimit+0x10/0x10 [ 485.970735][T11687] ? __pfx_dump_stack_lvl+0x10/0x10 [ 485.970758][T11687] ? __pfx__printk+0x10/0x10 [ 485.970782][T11687] ? __pfx___might_resched+0x10/0x10 [ 485.970806][T11687] should_fail_ex+0x414/0x560 [ 485.970838][T11687] should_failslab+0xa8/0x100 [ 485.970858][T11687] kmem_cache_alloc_lru_noprof+0x79/0x6d0 [ 485.970883][T11687] ? __d_alloc+0x36/0x7a0 [ 485.970908][T11687] __d_alloc+0x36/0x7a0 [ 485.970933][T11687] d_alloc_parallel+0xe1/0x1610 [ 485.970955][T11687] ? __lock_acquire+0xab9/0xd20 [ 485.970983][T11687] ? __lock_acquire+0xab9/0xd20 [ 485.971007][T11687] ? __pfx_d_alloc_parallel+0x10/0x10 [ 485.971033][T11687] ? __raw_spin_lock_init+0x45/0x100 [ 485.971058][T11687] ? __init_waitqueue_head+0xa9/0x150 [ 485.971094][T11687] __lookup_slow+0x116/0x3d0 [ 485.971118][T11687] ? __pfx___lookup_slow+0x10/0x10 [ 485.971149][T11687] ? d_lookup+0x8a/0xa0 [ 485.971169][T11687] ? lookup_noperm+0x112/0x220 [ 485.971194][T11687] simple_start_creating+0xfd/0x1e0 [ 485.971214][T11687] ? __pfx_simple_start_creating+0x10/0x10 [ 485.971245][T11687] debugfs_start_creating+0x10f/0x180 [ 485.971273][T11687] __debugfs_create_file+0x79/0x4f0 [ 485.971303][T11687] debugfs_create_file_full+0x3f/0x60 [ 485.971331][T11687] ref_tracker_dir_debugfs+0x14e/0x270 [ 485.971350][T11687] ? __pfx_ref_tracker_dir_debugfs+0x10/0x10 [ 485.971397][T11687] ? trace_kmalloc+0x1f/0xd0 [ 485.971417][T11687] ? __kvmalloc_node_noprof+0x5ed/0x910 [ 485.971447][T11687] ? __raw_spin_lock_init+0x45/0x100 [ 485.971473][T11687] alloc_netdev_mqs+0x272/0x11b0 [ 485.971494][T11687] ? __pfx_macvlan_setup+0x10/0x10 [ 485.971525][T11687] rtnl_create_link+0x31f/0xd10 [ 485.971554][T11687] rtnl_newlink_create+0x25c/0xb00 [ 485.971578][T11687] ? __mutex_lock+0x5bb/0x1350 [ 485.971608][T11687] ? __pfx_rtnl_newlink_create+0x10/0x10 [ 485.971630][T11687] ? __pfx___mutex_lock+0x10/0x10 [ 485.971664][T11687] ? ns_capable+0x8a/0xf0 [ 485.971688][T11687] rtnl_newlink+0x16e4/0x1c80 [ 485.971729][T11687] ? __pfx_rtnl_newlink+0x10/0x10 [ 485.971762][T11687] ? __lock_acquire+0xab9/0xd20 [ 485.971790][T11687] ? __lock_acquire+0xab9/0xd20 [ 485.971826][T11687] ? __lock_acquire+0xab9/0xd20 [ 485.971864][T11687] ? is_bpf_text_address+0x26/0x2b0 [ 485.971889][T11687] ? is_bpf_text_address+0x292/0x2b0 [ 485.971907][T11687] ? is_bpf_text_address+0x26/0x2b0 [ 485.971934][T11687] ? __lock_acquire+0xab9/0xd20 [ 485.971977][T11687] ? __pfx_rtnl_newlink+0x10/0x10 [ 485.972001][T11687] rtnetlink_rcv_msg+0x7cf/0xb70 [ 485.972024][T11687] ? __lock_acquire+0xab9/0xd20 [ 485.972043][T11687] ? rtnetlink_rcv_msg+0x1ab/0xb70 [ 485.972067][T11687] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 485.972115][T11687] netlink_rcv_skb+0x208/0x470 [ 485.972139][T11687] ? __lock_acquire+0xab9/0xd20 [ 485.972157][T11687] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 485.972183][T11687] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 485.972221][T11687] ? netlink_deliver_tap+0x2e/0x1b0 [ 485.972247][T11687] netlink_unicast+0x82f/0x9e0 [ 485.972281][T11687] ? __pfx_netlink_unicast+0x10/0x10 [ 485.972307][T11687] ? netlink_sendmsg+0x642/0xb30 [ 485.972322][T11687] ? skb_put+0x11b/0x210 [ 485.972343][T11687] netlink_sendmsg+0x805/0xb30 [ 485.972372][T11687] ? __pfx_netlink_sendmsg+0x10/0x10 [ 485.972393][T11687] ? __import_iovec+0x5d4/0x7f0 [ 485.972411][T11687] ? aa_sock_msg_perm+0xf1/0x1d0 [ 485.972438][T11687] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 485.972456][T11687] ? __pfx_netlink_sendmsg+0x10/0x10 [ 485.972474][T11687] __sock_sendmsg+0x21c/0x270 [ 485.972501][T11687] ____sys_sendmsg+0x505/0x830 [ 485.972527][T11687] ? __pfx_____sys_sendmsg+0x10/0x10 [ 485.972564][T11687] ___sys_sendmsg+0x21f/0x2a0 [ 485.972585][T11687] ? __pfx____sys_sendmsg+0x10/0x10 [ 485.972640][T11687] ? __fget_files+0x2a/0x420 [ 485.972655][T11687] ? __fget_files+0x3a0/0x420 [ 485.972680][T11687] __sys_sendmsg+0x164/0x220 [ 485.972701][T11687] ? __pfx___sys_sendmsg+0x10/0x10 [ 485.972729][T11687] ? __pfx_ksys_write+0x10/0x10 [ 485.972757][T11687] ? syscall_enter_from_user_mode_prepare+0x8f/0x110 [ 485.972782][T11687] ? lockdep_hardirqs_on+0x9c/0x150 [ 485.972808][T11687] __do_fast_syscall_32+0xb6/0x2b0 [ 485.972832][T11687] ? lockdep_hardirqs_on+0x9c/0x150 [ 485.972859][T11687] do_fast_syscall_32+0x34/0x80 [ 485.972891][T11687] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 485.972912][T11687] RIP: 0023:0xf6ffd539 [ 485.972927][T11687] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 485.972942][T11687] RSP: 002b:00000000f53ed55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172 [ 485.972961][T11687] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000100 [ 485.972973][T11687] RDX: 0000000008000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 485.972984][T11687] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 485.972993][T11687] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 485.973004][T11687] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 485.973034][T11687] [ 486.492881][ C1] vkms_vblank_simulate: vblank timer overrun [ 486.524921][ T24] usb 4-1: Using ep0 maxpacket: 8 [ 486.531760][ T24] usb 4-1: config 168 descriptor has 1 excess byte, ignoring [ 486.535064][ T8242] netdevsim netdevsim4 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 486.539236][ T24] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 486.601219][ T24] usb 4-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 486.614805][ T24] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 486.626119][ T24] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 486.641090][ T24] usb 4-1: config 168 descriptor has 1 excess byte, ignoring [ 486.648649][ T8242] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 486.648683][ T24] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 486.669506][ T24] usb 4-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 486.681454][ T24] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 486.692611][ T24] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 486.703630][ T24] usb 4-1: config 168 descriptor has 1 excess byte, ignoring [ 486.711189][ T24] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 486.722710][ T24] usb 4-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 486.729900][ T8242] netdevsim netdevsim4 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 486.734492][ T24] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 486.754423][ T24] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 486.768291][ T24] usb 4-1: string descriptor 0 read error: -22 [ 486.774719][ T24] usb 4-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 486.783966][ T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 486.786141][ T8242] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 486.813429][ T24] adutux 4-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 486.995344][ T8242] netdevsim netdevsim4 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 487.004260][ T8242] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 487.034698][ T8248] netdevsim netdevsim4 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 487.102815][ T8248] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 487.290019][ T9613] usb 5-1: new high-speed USB device number 54 using dummy_hcd [ 487.539678][T11714] syz_tun: entered allmulticast mode [ 487.715920][T11705] syz_tun: left allmulticast mode [ 487.761706][ T9613] usb 5-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 487.772407][ T9613] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 487.830833][ T9613] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 487.853180][ T9613] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 487.863499][ T9613] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 487.871756][ T9613] usb 5-1: Product: syz [ 487.879419][ T9613] usb 5-1: Manufacturer: syz [ 487.905605][ T9613] usb 5-1: SerialNumber: syz [ 488.206867][T11726] FAULT_INJECTION: forcing a failure. [ 488.206867][T11726] name failslab, interval 1, probability 0, space 0, times 0 [ 488.219770][T11726] CPU: 1 UID: 0 PID: 11726 Comm: syz.2.1655 Not tainted syzkaller #0 PREEMPT(full) [ 488.219795][T11726] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 488.219805][T11726] Call Trace: [ 488.219813][T11726] [ 488.219821][T11726] dump_stack_lvl+0x189/0x250 [ 488.219857][T11726] ? __pfx____ratelimit+0x10/0x10 [ 488.219880][T11726] ? __pfx_dump_stack_lvl+0x10/0x10 [ 488.219902][T11726] ? __pfx__printk+0x10/0x10 [ 488.219935][T11726] should_fail_ex+0x414/0x560 [ 488.219965][T11726] should_failslab+0xa8/0x100 [ 488.219986][T11726] __kmalloc_cache_noprof+0x6f/0x6f0 [ 488.220010][T11726] ? sctp_copy_local_addr_list+0x9b/0x4e0 [ 488.220030][T11726] ? sctp_add_bind_addr+0x8c/0x370 [ 488.220048][T11726] ? sctp_add_bind_addr+0xb0/0x370 [ 488.220073][T11726] sctp_add_bind_addr+0x8c/0x370 [ 488.220098][T11726] sctp_copy_local_addr_list+0x30b/0x4e0 [ 488.220125][T11726] ? sctp_copy_local_addr_list+0x9b/0x4e0 [ 488.220146][T11726] ? __pfx_sctp_copy_local_addr_list+0x10/0x10 [ 488.220170][T11726] ? sctp_v6_is_any+0x64/0x80 [ 488.220193][T11726] ? sctp_copy_one_addr+0x93/0x360 [ 488.220217][T11726] sctp_bind_addr_copy+0xb3/0x3c0 [ 488.220239][T11726] ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0 [ 488.220262][T11726] sctp_connect_new_asoc+0x2e0/0x690 [ 488.220283][T11726] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 488.220302][T11726] ? sctp_endpoint_lookup_assoc+0x7b/0x260 [ 488.220320][T11726] ? sctp_endpoint_lookup_assoc+0x7b/0x260 [ 488.220336][T11726] ? sctp_endpoint_lookup_assoc+0x7b/0x260 [ 488.220352][T11726] ? bpf_lsm_sctp_bind_connect+0x9/0x20 [ 488.220372][T11726] ? security_sctp_bind_connect+0x7e/0x2e0 [ 488.220396][T11726] sctp_sendmsg+0x155c/0x2810 [ 488.220425][T11726] ? __pfx_sctp_sendmsg+0x10/0x10 [ 488.220454][T11726] ? aa_sk_perm+0x81e/0x950 [ 488.220478][T11726] ? __pfx_aa_sk_perm+0x10/0x10 [ 488.220500][T11726] ? sock_rps_record_flow+0x19/0x410 [ 488.220540][T11726] ? inet_sendmsg+0x2f4/0x370 [ 488.220562][T11726] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 488.220581][T11726] __sock_sendmsg+0x19c/0x270 [ 488.220606][T11726] ____sys_sendmsg+0x505/0x830 [ 488.220633][T11726] ? __pfx_____sys_sendmsg+0x10/0x10 [ 488.220674][T11726] ___sys_sendmsg+0x21f/0x2a0 [ 488.220696][T11726] ? __pfx____sys_sendmsg+0x10/0x10 [ 488.220756][T11726] ? __fget_files+0x2a/0x420 [ 488.220772][T11726] ? __fget_files+0x3a0/0x420 [ 488.220798][T11726] __sys_sendmsg+0x164/0x220 [ 488.220818][T11726] ? __pfx___sys_sendmsg+0x10/0x10 [ 488.220851][T11726] ? __pfx_ksys_write+0x10/0x10 [ 488.220875][T11726] ? syscall_enter_from_user_mode_prepare+0x8f/0x110 [ 488.220899][T11726] ? lockdep_hardirqs_on+0x9c/0x150 [ 488.220923][T11726] __do_fast_syscall_32+0xb6/0x2b0 [ 488.220948][T11726] ? lockdep_hardirqs_on+0x9c/0x150 [ 488.220973][T11726] do_fast_syscall_32+0x34/0x80 [ 488.220996][T11726] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 488.221016][T11726] RIP: 0023:0xf6ffd539 [ 488.221032][T11726] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 488.221045][T11726] RSP: 002b:00000000f53cc55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172 [ 488.221064][T11726] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000800 [ 488.221076][T11726] RDX: 0000000004048043 RSI: 0000000000000000 RDI: 0000000000000000 [ 488.221087][T11726] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 488.221097][T11726] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 488.221107][T11726] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 488.221135][T11726] [ 488.611995][ T9613] usb 5-1: 0:2 : does not exist [ 488.733854][T11730] ptrace attach of "./syz-executor exec"[5845] was attempted by "./syz-executor exec"[11730] [ 488.878406][ T9610] usb 4-1: USB disconnect, device number 39 [ 488.900013][ T9613] usb 5-1: USB disconnect, device number 54 [ 489.034066][ T7524] udevd[7524]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 489.089609][T11737] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1658'. [ 489.098734][T11737] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 489.986397][T11740] QAT: Device 0 not found [ 490.314237][T11751] FAULT_INJECTION: forcing a failure. [ 490.314237][T11751] name failslab, interval 1, probability 0, space 0, times 0 [ 490.461663][T11751] CPU: 1 UID: 0 PID: 11751 Comm: syz.3.1662 Not tainted syzkaller #0 PREEMPT(full) [ 490.461689][T11751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 490.461701][T11751] Call Trace: [ 490.461708][T11751] [ 490.461717][T11751] dump_stack_lvl+0x189/0x250 [ 490.461745][T11751] ? __pfx____ratelimit+0x10/0x10 [ 490.461768][T11751] ? __pfx_dump_stack_lvl+0x10/0x10 [ 490.461790][T11751] ? __pfx__printk+0x10/0x10 [ 490.461814][T11751] ? __pfx___might_resched+0x10/0x10 [ 490.461833][T11751] ? fs_reclaim_acquire+0x7d/0x100 [ 490.461870][T11751] should_fail_ex+0x414/0x560 [ 490.461901][T11751] should_failslab+0xa8/0x100 [ 490.461921][T11751] __kmalloc_noprof+0xcb/0x7f0 [ 490.461943][T11751] ? usb_hcd_submit_urb+0x798/0x1aa0 [ 490.461962][T11751] ? _raw_spin_unlock_irq+0x23/0x50 [ 490.461988][T11751] usb_hcd_submit_urb+0x798/0x1aa0 [ 490.462020][T11751] usbfs_start_wait_urb+0x144/0x420 [ 490.462047][T11751] ? __pfx_usbfs_start_wait_urb+0x10/0x10 [ 490.462081][T11751] ? snoop_urb+0x32/0x200 [ 490.462109][T11751] do_proc_control+0x585/0xe40 [ 490.462146][T11751] proc_control+0xc8/0x110 [ 490.462166][T11751] ? __pfx_proc_control+0x10/0x10 [ 490.462200][T11751] usbdev_ioctl+0xc4c/0x20b0 [ 490.462225][T11751] ? __fget_files+0x2a/0x420 [ 490.462244][T11751] ? __pfx_usbdev_ioctl+0x10/0x10 [ 490.462264][T11751] ? __fget_files+0x3a0/0x420 [ 490.462280][T11751] ? __fget_files+0x2a/0x420 [ 490.462301][T11751] ? bpf_lsm_file_ioctl_compat+0x9/0x20 [ 490.462325][T11751] __ia32_compat_sys_ioctl+0x543/0x840 [ 490.462351][T11751] ? __pfx___ia32_compat_sys_ioctl+0x10/0x10 [ 490.462374][T11751] ? __fget_files+0x3a0/0x420 [ 490.462397][T11751] ? fput+0xa0/0xd0 [ 490.462417][T11751] ? ksys_write+0x22a/0x250 [ 490.462438][T11751] ? exc_page_fault+0x82/0x100 [ 490.462461][T11751] ? __pfx_ksys_write+0x10/0x10 [ 490.462486][T11751] ? syscall_enter_from_user_mode_prepare+0x8f/0x110 [ 490.462510][T11751] ? lockdep_hardirqs_on+0x9c/0x150 [ 490.462535][T11751] __do_fast_syscall_32+0xb6/0x2b0 [ 490.462560][T11751] ? lockdep_hardirqs_on+0x9c/0x150 [ 490.462586][T11751] do_fast_syscall_32+0x34/0x80 [ 490.462609][T11751] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 490.462629][T11751] RIP: 0023:0xf709d539 [ 490.462644][T11751] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 490.462659][T11751] RSP: 002b:00000000f548d55c EFLAGS: 00000206 ORIG_RAX: 0000000000000036 [ 490.462679][T11751] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0185500 [ 490.462692][T11751] RDX: 00000000800000c0 RSI: 0000000000000000 RDI: 0000000000000000 [ 490.462703][T11751] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 490.462714][T11751] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 490.462725][T11751] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 490.462752][T11751] [ 490.969018][T11760] syz_tun: entered allmulticast mode [ 491.304463][T11753] syz_tun: left allmulticast mode [ 491.734928][ T9613] usb 4-1: new full-speed USB device number 40 using dummy_hcd [ 491.857238][ T30] audit: type=1326 audit(1762179691.492:3141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11775 comm="syz.2.1670" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffd539 code=0x7ffc0000 [ 491.887007][ T30] audit: type=1326 audit(1762179691.522:3142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11775 comm="syz.2.1670" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffd539 code=0x7ffc0000 [ 491.942960][ T9613] usb 4-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10 [ 491.960570][ T9613] usb 4-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0 [ 491.986382][ T30] audit: type=1326 audit(1762179691.522:3143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11775 comm="syz.2.1670" exe="/root/syz-executor" sig=0 arch=40000003 syscall=316 compat=1 ip=0xf6ffd539 code=0x7ffc0000 [ 492.013994][ T9613] usb 4-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00 [ 492.046517][ T9613] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 492.091100][ T30] audit: type=1326 audit(1762179691.522:3144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11775 comm="syz.2.1670" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffd539 code=0x7ffc0000 [ 492.132289][ T30] audit: type=1326 audit(1762179691.522:3145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11775 comm="syz.2.1670" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffd539 code=0x7ffc0000 [ 492.827992][ T9613] aiptek 4-1:17.0: Aiptek using 400 ms programming speed [ 492.863553][ T9613] input: Aiptek as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:17.0/input/input58 [ 492.902206][ T9613] input: failed to attach handler kbd to device input58, error: -5 [ 493.021824][ T9613] usb 4-1: USB disconnect, device number 40 [ 493.348606][T11834] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1693'. [ 493.757733][T11860] 8021q: adding VLAN 0 to HW filter on device bond0 [ 493.766174][T11860] 8021q: adding VLAN 0 to HW filter on device team0 [ 493.776271][T11860] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 493.825524][ T24] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 494.032599][T11873] team0: Caught tx_queue_len zero misconfig [ 494.078705][ T24] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 494.750411][ T8242] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 495.209741][T11930] lo: Caught tx_queue_len zero misconfig [ 495.786467][ T8242] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 495.802476][ T8242] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 495.935235][ T9610] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 496.054305][T11980] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1759'. [ 496.522035][T12002] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1770'. [ 496.843017][T12019] syzkaller0: entered promiscuous mode [ 496.848698][T12019] syzkaller0: entered allmulticast mode [ 497.906228][T12088] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1807'. [ 498.553478][T12131] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1828'. [ 499.659980][T12204] tap0: tun_chr_ioctl cmd 1074025675 [ 499.672538][T12204] tap0: persist enabled [ 499.795051][ C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 500.483379][T12249] syzkaller0: entered promiscuous mode [ 500.489112][T12249] syzkaller0: entered allmulticast mode [ 501.551187][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.564061][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 502.077439][T12269] workqueue: Failed to create a rescuer kthread for wq "bond4": -EINTR [ 502.178746][T12290] binfmt_misc: register: failed to install interpreter file ./file3 [ 502.224964][ T30] audit: type=1326 audit(1762179701.852:3146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12272 comm="syz.1.1896" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704d539 code=0x7fc00000 [ 503.707320][T12383] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1946'. [ 503.831557][T12390] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1949'. [ 504.864037][T12451] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1977'. [ 506.008740][T12491] netlink: 'syz.4.1996': attribute type 12 has an invalid length. [ 506.343212][T12512] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2003'. [ 506.705425][T12530] netlink: 'syz.0.2013': attribute type 16 has an invalid length. [ 506.735808][T12530] netlink: 'syz.0.2013': attribute type 17 has an invalid length. [ 507.087305][T12549] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2021'. [ 507.135679][T12550] macvtap1: entered promiscuous mode [ 507.159001][T12550] macvtap1: entered allmulticast mode [ 507.305072][ C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 510.342646][T12745] netlink: 79 bytes leftover after parsing attributes in process `syz.3.2116'. [ 511.781805][T12809] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2145'. [ 513.233260][T12841] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem [ 513.272416][T12858] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2165'. [ 513.948261][T12897] syzkaller0: entered promiscuous mode [ 513.964990][T12897] syzkaller0: entered allmulticast mode [ 515.962961][T12977] syzkaller0: entered promiscuous mode [ 515.974958][T12977] syzkaller0: entered allmulticast mode [ 516.593288][T12997] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2224'. [ 516.657180][T12997] bridge_slave_1: left allmulticast mode [ 516.684773][T12997] bridge_slave_1: left promiscuous mode [ 516.726608][T12997] bridge0: port 2(bridge_slave_1) entered disabled state [ 516.791037][T12997] bridge_slave_0: left allmulticast mode [ 516.944995][T12997] bridge_slave_0: left promiscuous mode [ 516.950742][T12997] bridge0: port 1(bridge_slave_0) entered disabled state [ 517.393112][T12997] bond1: (slave vlan2): Releasing active interface [ 518.267681][T13035] bond0: option mode: unable to set because the bond device has slaves [ 518.429180][T13047] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2244'. [ 520.483199][T13115] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2272'. [ 521.164567][T13141] netlink: 'syz.2.2285': attribute type 11 has an invalid length. [ 521.185263][T13141] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2285'. [ 521.244955][T13141] bond0: option primary: mode dependency failed, not supported in mode balance-rr(0) [ 521.976643][T13190] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check. [ 522.082821][T13197] sctp: [Deprecated]: syz.2.2313 (pid 13197) Use of int in maxseg socket option. [ 522.082821][T13197] Use struct sctp_assoc_value instead [ 522.136195][T13197] sctp: [Deprecated]: syz.2.2313 (pid 13197) Use of int in max_burst socket option deprecated. [ 522.136195][T13197] Use struct sctp_assoc_value instead [ 522.966251][T13242] gre1: entered promiscuous mode [ 523.304997][ C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 524.843707][T13308] support for the xor transformation has been removed. [ 526.724181][T13360] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2382'. [ 526.904166][T13364] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 526.922370][ T24] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 527.169004][T13376] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2391'. [ 527.865455][ T24] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 528.650949][T13430] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2415'. [ 529.542076][T13469] sock: sock_set_timeout: `syz.0.2431' (pid 13469) tries to set negative timeout [ 530.398976][T13495] .: renamed from bond0 [ 530.756226][T13498] 8021q: adding VLAN 0 to HW filter on device bond0 [ 530.787286][T13498] 8021q: adding VLAN 0 to HW filter on device team0 [ 530.825090][T13498] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 531.345958][ T9613] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 531.354925][T13516] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 532.348764][T13568] trusted_key: encrypted_key: keylen parameter is missing [ 532.425194][ T5912] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 532.617080][T13573] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2476'. [ 534.083795][T13606] netlink: 148 bytes leftover after parsing attributes in process `syz.1.2486'. [ 534.671210][T13609] 8021q: adding VLAN 0 to HW filter on device bond0 [ 534.683835][T13609] 8021q: adding VLAN 0 to HW filter on device team0 [ 534.793641][T13609] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 535.299079][T13655] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2504'. [ 535.608624][T13667] raw_sendmsg: syz.4.2508 forgot to set AF_INET. Fix it! [ 536.368900][T13691] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 537.385996][T13737] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2537'. [ 537.412617][ T30] audit: type=1326 audit(1762179737.042:3147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13738 comm="syz.4.2538" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f24539 code=0x0 [ 537.494460][T13743] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2540'. [ 537.726630][T13753] loop2: detected capacity change from 0 to 7 [ 537.748793][T13753] loop2: [ 537.756929][T13753] loop2: partition table partially beyond EOD, truncated [ 539.168841][T13812] sctp: [Deprecated]: syz.3.2569 (pid 13812) Use of int in max_burst socket option. [ 539.168841][T13812] Use struct sctp_assoc_value instead [ 539.508447][T13818] syzkaller0: entered promiscuous mode [ 539.523444][T13818] syzkaller0: entered allmulticast mode [ 541.750633][T13855] team0: Port device . removed [ 541.757035][T13855] .: (slave bond_slave_0): Releasing backup interface [ 541.768419][T13855] .: (slave bond_slave_1): Releasing backup interface [ 541.780403][T13855] team0: Port device team_slave_0 removed [ 541.792889][T13855] team0: Port device team_slave_1 removed [ 541.805632][T13855] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 541.832883][T13855] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 541.842104][T13855] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 541.868721][T13880] syzkaller0: left promiscuous mode [ 541.886660][T13880] syzkaller0: left allmulticast mode [ 542.022198][T13891] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2598'. [ 544.812703][T14030] sctp: [Deprecated]: syz.0.2661 (pid 14030) Use of struct sctp_assoc_value in delayed_ack socket option. [ 544.812703][T14030] Use struct sctp_sack_info instead [ 551.257352][ T5833] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 551.285054][ T5833] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 551.295161][ T5833] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 551.305631][ T5833] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 551.313440][ T5833] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 552.176588][ T8968] . (unregistering): Released all slaves [ 552.356908][ T8968] tipc: Left network mode [ 552.472804][T14290] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 552.496571][ T9610] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 552.805134][ T5912] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 552.987836][ T8968] hsr_slave_0: left promiscuous mode [ 553.003949][ T8968] hsr_slave_1: left promiscuous mode [ 553.386653][ T5838] Bluetooth: hci3: command tx timeout [ 553.891487][T14257] chnl_net:caif_netlink_parms(): no params data found [ 554.285757][T14257] bridge0: port 1(bridge_slave_0) entered blocking state [ 554.315724][T14257] bridge0: port 1(bridge_slave_0) entered disabled state [ 554.337805][T14257] bridge_slave_0: entered allmulticast mode [ 554.370600][T14257] bridge_slave_0: entered promiscuous mode [ 554.420133][T14257] bridge0: port 2(bridge_slave_1) entered blocking state [ 554.448678][T14257] bridge0: port 2(bridge_slave_1) entered disabled state [ 554.465717][T14257] bridge_slave_1: entered allmulticast mode [ 554.493342][T14257] bridge_slave_1: entered promiscuous mode [ 554.625145][T14257] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 554.646395][ T8968] IPVS: stop unused estimator thread 0... [ 554.678021][T14257] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 555.028493][T14257] team0: Port device team_slave_0 added [ 555.372978][T14257] team0: Port device team_slave_1 added [ 555.474890][ T5838] Bluetooth: hci3: command tx timeout [ 555.603179][T14257] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 555.622989][T14257] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 555.654685][T14257] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 555.702599][T14257] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 555.721055][T14257] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 555.777950][T14257] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 555.945076][ C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 555.999680][T14257] hsr_slave_0: entered promiscuous mode [ 556.012046][T14257] hsr_slave_1: entered promiscuous mode [ 556.020718][T14257] debugfs: 'hsr0' already exists in 'hsr' [ 556.033944][T14257] Cannot create hsr debugfs directory [ 556.747318][T14447] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2812'. [ 557.130858][T14257] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 557.195742][T14257] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 557.271173][T14257] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 557.328083][T14257] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 557.545473][ T5838] Bluetooth: hci3: command tx timeout [ 557.605824][T14257] 8021q: adding VLAN 0 to HW filter on device bond0 [ 557.642927][T14257] 8021q: adding VLAN 0 to HW filter on device team0 [ 557.687673][ T8968] bridge0: port 1(bridge_slave_0) entered blocking state [ 557.694887][ T8968] bridge0: port 1(bridge_slave_0) entered forwarding state [ 557.774733][ T8249] bridge0: port 2(bridge_slave_1) entered blocking state [ 557.781952][ T8249] bridge0: port 2(bridge_slave_1) entered forwarding state [ 558.039849][T14257] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 558.187114][T14257] veth0_vlan: entered promiscuous mode [ 558.222869][T14257] veth1_vlan: entered promiscuous mode [ 558.327559][T14257] veth0_macvtap: entered promiscuous mode [ 558.367647][T14257] veth1_macvtap: entered promiscuous mode [ 558.430138][T14257] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 558.488958][T14257] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 558.541362][ T8242] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 558.563228][ T8242] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 558.601659][ T8242] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 558.624212][ T8242] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 558.859362][ T8246] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 558.888523][ T8246] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 559.019052][ T8249] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 559.035622][ T8249] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 559.625151][ T5838] Bluetooth: hci3: command tx timeout [ 560.516012][T14600] program syz.1.2857 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 560.589796][ T5833] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 560.599485][ T5833] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 560.608383][ T5833] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 560.616628][ T5833] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 560.624551][ T5833] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 561.186946][T14623] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2864'. [ 562.000376][T14608] chnl_net:caif_netlink_parms(): no params data found [ 562.514211][T14679] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2882'. [ 562.571726][T14683] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2882'. [ 562.707311][T14608] bridge0: port 1(bridge_slave_0) entered blocking state [ 562.714517][T14608] bridge0: port 1(bridge_slave_0) entered disabled state [ 562.745718][ T5838] Bluetooth: hci5: command tx timeout [ 562.755363][T14608] bridge_slave_0: entered allmulticast mode [ 562.763113][T14608] bridge_slave_0: entered promiscuous mode [ 562.771824][T14608] bridge0: port 2(bridge_slave_1) entered blocking state [ 562.779003][T14608] bridge0: port 2(bridge_slave_1) entered disabled state [ 562.788717][T14608] bridge_slave_1: entered allmulticast mode [ 562.796459][T14608] bridge_slave_1: entered promiscuous mode [ 562.993496][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.004994][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 563.053877][T14608] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 563.171767][T14608] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 564.240690][ T8242] bond2 (unregistering): (slave gretap1): Releasing active interface [ 564.384628][T14746] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2903'. [ 564.460936][ T8242] team0: Port device vxlan0 removed [ 564.698253][ T8242] team0: Port device bond0 removed [ 564.705400][ T8242] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 564.715891][ T8242] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 564.725740][ T8242] bond0 (unregistering): Released all slaves [ 564.826701][ T5838] Bluetooth: hci5: command tx timeout [ 564.843600][ T8242] bond1 (unregistering): Released all slaves [ 564.856653][ T8242] bond2 (unregistering): Released all slaves [ 564.870031][T14608] team0: Port device team_slave_0 added [ 564.878799][T14608] team0: Port device team_slave_1 added [ 565.010355][T14748] syzkaller0: entered promiscuous mode [ 565.016215][T14748] syzkaller0: entered allmulticast mode [ 565.115446][T14754] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 565.150899][T14756] bridge0: port 1(bridge_slave_0) entered disabled state [ 565.159684][ T30] audit: type=1326 audit(1762179764.792:3148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14762 comm="syz.2.2907" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffd539 code=0x7ffc0000 [ 565.184143][ T30] audit: type=1326 audit(1762179764.812:3149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14762 comm="syz.2.2907" exe="/root/syz-executor" sig=0 arch=40000003 syscall=174 compat=1 ip=0xf6ffd539 code=0x7ffc0000 [ 565.226279][ T30] audit: type=1326 audit(1762179764.812:3150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14762 comm="syz.2.2907" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffd539 code=0x7ffc0000 [ 565.269776][ T30] audit: type=1326 audit(1762179764.812:3151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14762 comm="syz.2.2907" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffd539 code=0x7ffc0000 [ 565.303041][ T30] audit: type=1326 audit(1762179764.812:3152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14762 comm="syz.2.2907" exe="/root/syz-executor" sig=0 arch=40000003 syscall=356 compat=1 ip=0xf6ffd539 code=0x7ffc0000 [ 565.327735][ T30] audit: type=1326 audit(1762179764.812:3153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14762 comm="syz.2.2907" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffd539 code=0x7ffc0000 [ 565.351744][ T30] audit: type=1326 audit(1762179764.822:3154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14762 comm="syz.2.2907" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffd539 code=0x7ffc0000 [ 565.374730][ T30] audit: type=1326 audit(1762179764.822:3155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14762 comm="syz.2.2907" exe="/root/syz-executor" sig=0 arch=40000003 syscall=324 compat=1 ip=0xf6ffd539 code=0x7ffc0000 [ 565.397559][ T30] audit: type=1326 audit(1762179764.822:3156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14762 comm="syz.2.2907" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffd539 code=0x7ffc0000 [ 566.627812][T14608] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 566.635358][T14608] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 566.661492][T14608] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 566.785966][T14608] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 566.792954][T14608] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 566.866539][T14608] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 566.906453][ T5838] Bluetooth: hci5: command tx timeout [ 567.138829][T14779] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=4294967282 (34359738256 ns) > initial count (240 ns). Using initial count to start timer. [ 567.400951][ T8242] hsr_slave_0: left promiscuous mode [ 567.426027][ T8242] hsr_slave_1: left promiscuous mode [ 567.432268][ T8242] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 567.456428][ T8242] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 567.866348][ T8242] team0 (unregistering): Port device team_slave_1 removed [ 567.903544][ T8242] team0 (unregistering): Port device team_slave_0 removed [ 568.250459][T14608] hsr_slave_0: entered promiscuous mode [ 568.258213][T14608] hsr_slave_1: entered promiscuous mode [ 568.265967][T14608] debugfs: 'hsr0' already exists in 'hsr' [ 568.272224][T14608] Cannot create hsr debugfs directory [ 568.323243][T14817] syzkaller0: entered promiscuous mode [ 568.329147][T14817] syzkaller0: entered allmulticast mode [ 568.995367][ T5838] Bluetooth: hci5: command tx timeout [ 571.819746][ T8242] IPVS: stop unused estimator thread 0... [ 572.860433][T14608] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 572.931158][T14608] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 573.021240][T14921] 8021q: adding VLAN 0 to HW filter on device bond0 [ 573.048760][T14921] 8021q: adding VLAN 0 to HW filter on device team0 [ 573.075452][T14921] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 573.103733][T14608] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 573.144074][T14608] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 573.194769][ T30] audit: type=1326 audit(1762179772.822:3157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14926 comm="syz.0.2956" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74539 code=0x7ffc0000 [ 573.321470][ T30] audit: type=1326 audit(1762179772.862:3158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14926 comm="syz.0.2956" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74539 code=0x7ffc0000 [ 573.406299][ T30] audit: type=1326 audit(1762179772.862:3159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14926 comm="syz.0.2956" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74539 code=0x7ffc0000 [ 573.514337][T14608] 8021q: adding VLAN 0 to HW filter on device bond0 [ 573.539748][ T30] audit: type=1326 audit(1762179772.862:3160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14926 comm="syz.0.2956" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74539 code=0x7ffc0000 [ 573.603013][T14608] 8021q: adding VLAN 0 to HW filter on device team0 [ 573.614369][ T30] audit: type=1326 audit(1762179772.872:3161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14926 comm="syz.0.2956" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f74539 code=0x7ffc0000 [ 573.670297][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 573.677538][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 573.721317][ T30] audit: type=1326 audit(1762179772.872:3162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14926 comm="syz.0.2956" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74539 code=0x7ffc0000 [ 573.745993][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 573.753141][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 573.801625][ T30] audit: type=1326 audit(1762179772.872:3163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14926 comm="syz.0.2956" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74539 code=0x7ffc0000 [ 573.890627][ T30] audit: type=1326 audit(1762179772.872:3164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14926 comm="syz.0.2956" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74539 code=0x7ffc0000 [ 573.976473][ T30] audit: type=1326 audit(1762179772.872:3165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14926 comm="syz.0.2956" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74539 code=0x7ffc0000 [ 574.019670][T14608] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 574.057873][ T30] audit: type=1326 audit(1762179772.872:3166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14926 comm="syz.0.2956" exe="/root/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf7f74539 code=0x7ffc0000 [ 574.154783][T14608] veth0_vlan: entered promiscuous mode [ 574.190721][T14608] veth1_vlan: entered promiscuous mode [ 574.260776][T14608] veth0_macvtap: entered promiscuous mode [ 574.299799][T14608] veth1_macvtap: entered promiscuous mode [ 574.364735][T14608] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 574.413229][T14608] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 574.464252][ T8246] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 574.499884][ T8246] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 574.598748][ T8246] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 574.634912][ T8246] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 574.787358][ T8249] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 574.815199][ T8249] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 574.924157][ T8249] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 574.967405][ T8249] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 575.351007][T14984] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 575.822938][ T5948] usb 3-1: USB disconnect, device number 31 [ 576.616530][T15012] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer. [ 577.000259][ T5833] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 577.019205][ T5833] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 577.028018][ T5833] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 577.036270][ T5833] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 577.047712][ T5833] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 578.042353][T15042] chnl_net:caif_netlink_parms(): no params data found [ 578.083158][ T8248] bridge_slave_1: left allmulticast mode [ 578.095067][ T8248] bridge_slave_1: left promiscuous mode [ 578.103561][ T8248] bridge0: port 2(bridge_slave_1) entered disabled state [ 578.754349][ T8248] bridge0: port 1(bridge_slave_0) entered disabled state [ 579.145362][ T5838] Bluetooth: hci2: command tx timeout [ 579.631662][ T8248] team0: Port device bond0 removed [ 579.642365][ T8248] bond0 (unregistering): (slave c1): Releasing backup interface [ 579.652762][ T8248] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 579.664409][ T8248] bond0 (unregistering): Released all slaves [ 579.880765][T15103] netlink: 96 bytes leftover after parsing attributes in process `syz.1.3007'. [ 580.615136][T15042] bridge0: port 1(bridge_slave_0) entered blocking state [ 580.633191][T15042] bridge0: port 1(bridge_slave_0) entered disabled state [ 580.646798][T15042] bridge_slave_0: entered allmulticast mode [ 580.665033][T15042] bridge_slave_0: entered promiscuous mode [ 580.782154][ T8248] hsr_slave_0: left promiscuous mode [ 580.828764][ T8248] hsr_slave_1: left promiscuous mode [ 581.005494][ T8248] pimreg (unregistering): left allmulticast mode [ 581.078029][ T8248] pim6reg (unregistering): left allmulticast mode [ 581.235293][ T5838] Bluetooth: hci2: command tx timeout [ 582.000023][ T8248] team0 (unregistering): Port device team_slave_1 removed [ 582.082872][ T8248] team0 (unregistering): Port device team_slave_0 removed [ 582.642368][T15042] bridge0: port 2(bridge_slave_1) entered blocking state [ 582.650935][T15042] bridge0: port 2(bridge_slave_1) entered disabled state [ 582.658767][T15042] bridge_slave_1: entered allmulticast mode [ 582.667698][T15042] bridge_slave_1: entered promiscuous mode [ 582.827028][T15042] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 582.861064][T15042] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 583.103119][T15042] team0: Port device team_slave_0 added [ 583.124357][T15042] team0: Port device team_slave_1 added [ 583.314962][ T5838] Bluetooth: hci2: command tx timeout [ 583.409023][T15042] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 583.417195][T15042] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 583.447075][T15042] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 583.459942][T15042] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 583.470337][T15042] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 583.496847][T15042] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 583.609196][ T8248] IPVS: stop unused estimator thread 0... [ 583.727205][T15042] hsr_slave_0: entered promiscuous mode [ 583.734679][T15042] hsr_slave_1: entered promiscuous mode [ 583.746423][T15042] debugfs: 'hsr0' already exists in 'hsr' [ 583.752174][T15042] Cannot create hsr debugfs directory [ 583.803437][T15205] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3037'. [ 585.405118][ T5838] Bluetooth: hci2: command tx timeout [ 585.471094][T15253] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3052'. [ 585.884255][T15042] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 585.948127][T15042] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 586.127820][T15042] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 586.189859][T15042] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 586.458234][T15042] 8021q: adding VLAN 0 to HW filter on device bond0 [ 586.548299][T15289] bond1 (unregistering): Released all slaves [ 586.603377][T15042] 8021q: adding VLAN 0 to HW filter on device team0 [ 586.631676][ T8242] bridge0: port 1(bridge_slave_0) entered blocking state [ 586.638886][ T8242] bridge0: port 1(bridge_slave_0) entered forwarding state [ 586.696132][ T8968] bridge0: port 2(bridge_slave_1) entered blocking state [ 586.703345][ T8968] bridge0: port 2(bridge_slave_1) entered forwarding state [ 586.839039][T15042] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 586.955449][T15304] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3065'. [ 586.976599][T15042] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 587.177571][T15042] veth0_vlan: entered promiscuous mode [ 587.218307][T15042] veth1_vlan: entered promiscuous mode [ 587.357909][T15042] veth0_macvtap: entered promiscuous mode [ 587.391082][T15042] veth1_macvtap: entered promiscuous mode [ 587.469363][T15042] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 587.501714][T15042] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 587.550577][ T13] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 587.584405][ T13] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 587.632867][ T13] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 587.645181][ T13] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 587.887159][ T8968] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 587.914956][ T8968] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 587.976346][ T8968] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 587.984186][ T8968] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 587.993262][T15333] team_slave_1: default FDB implementation only supports local addresses [ 588.192390][T15341] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3078'. [ 589.884621][ T5833] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 589.895531][ T5833] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 589.905361][ T5833] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 589.922596][ T5833] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 589.932114][ T5833] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 590.075902][ T5841] syz_tun (unregistering): left allmulticast mode [ 590.137812][T15402] 8021q: adding VLAN 0 to HW filter on device team0 [ 590.250235][T15402] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 591.240192][T15399] chnl_net:caif_netlink_parms(): no params data found [ 591.956221][T15399] bridge0: port 1(bridge_slave_0) entered blocking state [ 591.971945][T15399] bridge0: port 1(bridge_slave_0) entered disabled state [ 591.999791][T15399] bridge_slave_0: entered allmulticast mode [ 592.029809][ T5838] Bluetooth: hci4: command tx timeout [ 592.045806][T15399] bridge_slave_0: entered promiscuous mode [ 592.132774][T15399] bridge0: port 2(bridge_slave_1) entered blocking state [ 592.151880][T15399] bridge0: port 2(bridge_slave_1) entered disabled state [ 592.185160][T15399] bridge_slave_1: entered allmulticast mode [ 592.202667][T15399] bridge_slave_1: entered promiscuous mode [ 592.846852][T15500] fuse: Bad value for 'fd' [ 592.955760][ T8968] team0: Port device vxlan0 removed [ 593.170360][ T8968] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 593.192880][ T8968] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 593.211118][ T8968] bond0 (unregistering): Released all slaves [ 593.424927][ T8968] tipc: Left network mode [ 593.436285][T15399] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 593.459868][T15399] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 593.800006][T15399] team0: Port device team_slave_0 added [ 593.812880][T15399] team0: Port device team_slave_1 added [ 594.070996][T15399] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 594.094226][T15399] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 594.115075][ T5838] Bluetooth: hci4: command tx timeout [ 594.181169][T15399] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 594.354502][T15399] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 594.369013][T15399] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 594.448686][T15399] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 594.625055][ T8968] hsr_slave_0: left promiscuous mode [ 594.688260][ T8968] hsr_slave_1: left promiscuous mode [ 594.745035][ T8968] pim6reg (unregistering): left allmulticast mode [ 595.634462][ T8968] team0 (unregistering): Port device team_slave_1 removed [ 595.670326][ T8968] team0 (unregistering): Port device team_slave_0 removed [ 596.184957][ T5838] Bluetooth: hci4: command tx timeout [ 596.279776][T15399] hsr_slave_0: entered promiscuous mode [ 596.287913][T15399] hsr_slave_1: entered promiscuous mode [ 596.294316][T15399] debugfs: 'hsr0' already exists in 'hsr' [ 596.301804][T15399] Cannot create hsr debugfs directory [ 596.976957][T15399] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 596.990975][T15399] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 597.002635][T15399] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 597.019034][T15399] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 597.123170][T15399] 8021q: adding VLAN 0 to HW filter on device bond0 [ 597.152758][T15399] 8021q: adding VLAN 0 to HW filter on device team0 [ 597.170226][ T8249] bridge0: port 1(bridge_slave_0) entered blocking state [ 597.177427][ T8249] bridge0: port 1(bridge_slave_0) entered forwarding state [ 597.193010][ T8871] bridge0: port 2(bridge_slave_1) entered blocking state [ 597.200226][ T8871] bridge0: port 2(bridge_slave_1) entered forwarding state [ 597.267345][T15399] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 597.317860][T15399] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 597.379763][T15399] veth0_vlan: entered promiscuous mode [ 597.394045][T15399] veth1_vlan: entered promiscuous mode [ 597.437404][T15399] veth0_macvtap: entered promiscuous mode [ 597.450397][T15399] veth1_macvtap: entered promiscuous mode [ 597.486371][T15399] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 597.504582][T15399] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 597.521683][ T8242] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 597.542871][ T8242] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 597.564191][ T8242] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 597.597660][ T8242] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 597.667179][ T8249] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 597.681842][ T8249] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 597.722995][ T8871] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 597.733155][ T8871] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 598.267229][ T5838] Bluetooth: hci4: command tx timeout [ 598.567527][ T5833] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 598.586788][ T5833] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 598.613109][ T5833] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 598.630141][ T5833] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 598.641461][ T5833] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 598.756730][T15692] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3181'. [ 599.520113][T15689] chnl_net:caif_netlink_parms(): no params data found [ 599.714342][T15689] bridge0: port 1(bridge_slave_0) entered blocking state [ 599.721697][T15689] bridge0: port 1(bridge_slave_0) entered disabled state [ 599.729603][T15689] bridge_slave_0: entered allmulticast mode [ 599.738050][T15689] bridge_slave_0: entered promiscuous mode [ 599.747859][T15689] bridge0: port 2(bridge_slave_1) entered blocking state [ 599.755151][T15689] bridge0: port 2(bridge_slave_1) entered disabled state [ 599.762389][T15689] bridge_slave_1: entered allmulticast mode [ 599.770483][T15689] bridge_slave_1: entered promiscuous mode [ 599.815416][T15689] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 599.828920][T15689] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 599.874629][T15689] team0: Port device team_slave_0 added [ 599.883808][T15689] team0: Port device team_slave_1 added [ 599.927375][T15689] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 599.934344][T15689] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 599.961355][T15689] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 599.974415][T15689] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 599.982455][T15689] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 600.008895][T15689] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 600.095947][T15689] hsr_slave_0: entered promiscuous mode [ 600.102667][T15689] hsr_slave_1: entered promiscuous mode [ 600.122752][T15689] debugfs: 'hsr0' already exists in 'hsr' [ 600.129239][T15689] Cannot create hsr debugfs directory [ 600.571702][T15738] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3198'. [ 600.670071][T15689] bond0: (slave netdevsim0): Releasing backup interface [ 600.750437][ T5838] Bluetooth: hci0: command tx timeout [ 600.904987][ T30] kauditd_printk_skb: 13 callbacks suppressed [ 600.905004][ T30] audit: type=1326 audit(1762179800.532:3180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15739 comm="syz.4.3199" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70dd539 code=0x0 [ 601.033199][T15689] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 601.049854][T15689] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 601.073148][T15689] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 601.101219][T15689] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 601.309504][T15689] 8021q: adding VLAN 0 to HW filter on device bond0 [ 601.346017][T15689] 8021q: adding VLAN 0 to HW filter on device team0 [ 601.361328][ T8871] bridge0: port 1(bridge_slave_0) entered blocking state [ 601.368525][ T8871] bridge0: port 1(bridge_slave_0) entered forwarding state [ 601.411160][ T8871] bridge0: port 2(bridge_slave_1) entered blocking state [ 601.418359][ T8871] bridge0: port 2(bridge_slave_1) entered forwarding state [ 601.541063][T15689] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 601.660057][T15689] veth0_vlan: entered promiscuous mode [ 601.687456][T15689] veth1_vlan: entered promiscuous mode [ 601.780178][T15689] veth0_macvtap: entered promiscuous mode [ 601.809970][T15689] veth1_macvtap: entered promiscuous mode [ 601.862048][T15689] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 601.899208][T15689] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 601.930981][ T8871] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 601.955498][ T8871] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 601.984224][ T8871] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 602.005787][ T8871] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 602.300964][ T8242] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 602.313160][ T8242] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 602.383192][ T8968] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 602.392022][ T8968] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 602.825263][ T5838] Bluetooth: hci0: command tx timeout [ 603.013539][T15792] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3217'. [ 604.905309][ T5838] Bluetooth: hci0: command tx timeout [ 605.108642][T15833] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3233'. [ 606.987761][ T5838] Bluetooth: hci0: command tx timeout [ 608.027338][T15924] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3280'. [ 608.672118][T15944] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3289'. [ 608.899202][T15954] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3294'. [ 610.155716][T15990] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3311'. [ 610.420680][T15998] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3325'. [ 611.214927][ T30] audit: type=1326 audit(1762179810.842:3181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16019 comm="syz.0.3324" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74539 code=0x7ffc0000 [ 611.284971][ T30] audit: type=1326 audit(1762179810.842:3182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16019 comm="syz.0.3324" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74539 code=0x7ffc0000 [ 611.375117][ T30] audit: type=1326 audit(1762179810.872:3183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16019 comm="syz.0.3324" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f74539 code=0x7ffc0000 [ 611.467354][ T30] audit: type=1326 audit(1762179810.872:3184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16019 comm="syz.0.3324" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74539 code=0x7ffc0000 [ 611.560515][ T30] audit: type=1326 audit(1762179810.872:3185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16019 comm="syz.0.3324" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74539 code=0x7ffc0000 [ 611.645012][T16030] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3330'. [ 612.527433][T16063] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3344'. [ 612.659493][T16070] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3359'. [ 612.677667][T16068] gre1: entered promiscuous mode [ 613.568928][T16097] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3361'. [ 614.944120][T16124] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3374'. [ 615.217360][T16132] gre1: entered promiscuous mode [ 615.787147][T16150] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3387'. [ 616.080950][T16160] gre1: entered promiscuous mode [ 616.314289][T16178] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3401'. [ 617.001165][T16210] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3415'. [ 617.273940][T16227] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3434'. [ 617.409564][T16235] gre1: entered promiscuous mode [ 617.843749][T16258] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3439'. [ 618.061266][T16265] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3452'. [ 618.789616][T16301] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3459'. [ 619.369255][T16333] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3474'. [ 619.433600][T16338] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3475'. [ 619.790526][T16358] gre1: entered promiscuous mode [ 620.012462][T16371] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3489'. [ 620.944725][T16403] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3503'. [ 621.641467][T16438] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3520'. [ 621.666331][T16436] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3518'. [ 622.478776][T16474] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3533'. [ 622.551993][T16478] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3535'. [ 623.390048][T16508] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3547'. [ 623.949342][T16535] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3562'. [ 624.343969][T16554] ip6gretap1: entered allmulticast mode [ 624.430873][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.437378][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 625.865595][T16607] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3593'. [ 626.906822][T16643] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3608'. [ 627.718801][T16674] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3622'. [ 627.890002][T16684] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3626'. [ 628.297162][T16705] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3637'. [ 628.400578][T16709] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3639'. [ 628.594987][T16719] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3643'. [ 629.087726][T16742] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3653'. [ 629.143898][T16745] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3655'. [ 629.474250][T16759] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3660'. [ 629.748234][T16771] af_packet: tpacket_rcv: packet too big, clamped from 65354 to 4294967272. macoff=96 [ 629.760865][T16769] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 629.835581][T16776] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3668'. [ 630.831891][ T4876] kworker/u8:7 (4876) used greatest stack depth: 18392 bytes left [ 631.988308][T16895] __nla_validate_parse: 7 callbacks suppressed [ 631.988329][T16895] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3724'. [ 632.597929][T16924] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3737'. [ 633.282591][T16954] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3750'. [ 633.383895][T16959] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3753'. [ 633.892367][T16984] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3764'. [ 634.090490][T16991] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3769'. [ 634.768942][T17021] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3781'. [ 635.040881][T17034] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3786'. [ 635.436746][T17049] 8021q: adding VLAN 0 to HW filter on device team0 [ 635.463188][T17055] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3797'. [ 635.515692][T17049] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 635.641894][T17062] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3809'. [ 636.060651][T17079] netlink: 'syz.0.3806': attribute type 5 has an invalid length. [ 638.387004][ T30] audit: type=1326 audit(1762179838.022:3186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17172 comm="syz.2.3849" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f83539 code=0x0 [ 639.564222][T17227] __nla_validate_parse: 3 callbacks suppressed [ 639.564235][T17227] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3873'. [ 640.054147][ T30] audit: type=1326 audit(1762179839.682:3187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17247 comm="syz.0.3882" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74539 code=0x7ffc0000 [ 640.077905][ T30] audit: type=1326 audit(1762179839.682:3188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17247 comm="syz.0.3882" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74539 code=0x7ffc0000 [ 640.132887][ T30] audit: type=1326 audit(1762179839.702:3189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17247 comm="syz.0.3882" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74539 code=0x7ffc0000 [ 640.164436][ T30] audit: type=1326 audit(1762179839.702:3190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17247 comm="syz.0.3882" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74539 code=0x7ffc0000 [ 640.215939][ T30] audit: type=1326 audit(1762179839.712:3191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17247 comm="syz.0.3882" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f74539 code=0x7ffc0000 [ 640.241492][ T30] audit: type=1326 audit(1762179839.712:3192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17247 comm="syz.0.3882" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74539 code=0x7ffc0000 [ 640.271823][T17253] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3883'. [ 640.289233][ T30] audit: type=1326 audit(1762179839.712:3193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17247 comm="syz.0.3882" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74539 code=0x7ffc0000 [ 640.312856][ T30] audit: type=1326 audit(1762179839.732:3194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17247 comm="syz.0.3882" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74539 code=0x7ffc0000 [ 640.337354][ T30] audit: type=1326 audit(1762179839.732:3195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17247 comm="syz.0.3882" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74539 code=0x7ffc0000 [ 640.375907][T17257] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3885'. [ 640.422930][ T8242] team0: Port device vxlan0 removed [ 640.523471][ T8242] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 640.535148][ T8242] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 640.544357][ T8242] bond0 (unregistering): Released all slaves [ 640.646473][ T8242] bond1 (unregistering): Released all slaves [ 640.752197][ T8242] bond2 (unregistering): Released all slaves [ 640.859847][ T8242] bond3 (unregistering): Released all slaves [ 641.136021][T17266] blktrace: Concurrent blktraces are not allowed on sg0 [ 641.412672][ T8242] hsr_slave_0: left promiscuous mode [ 641.463289][ T8242] hsr_slave_1: left promiscuous mode [ 641.480583][ T8242] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 641.528972][ T8242] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 641.565152][T17284] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3898'. [ 641.581125][T17288] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3899'. [ 641.771713][T17294] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3901'. [ 642.133387][ T8242] team0 (unregistering): Port device team_slave_1 removed [ 642.178322][ T8242] team0 (unregistering): Port device team_slave_0 removed [ 643.112925][T17323] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3913'. [ 643.250880][T17327] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3915'. [ 643.481666][T17340] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3920'. [ 643.664448][T17346] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 643.820897][T17359] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3929'. [ 643.886146][T17356] bridge0: port 1(bridge_slave_0) entered disabled state [ 646.108659][T17489] blktrace: Concurrent blktraces are not allowed on sg0 [ 646.703301][T17523] __nla_validate_parse: 1 callbacks suppressed [ 646.703319][T17523] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4007'. [ 647.384285][T17559] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4024'. [ 647.496062][T17563] netlink: 40 bytes leftover after parsing attributes in process `syz.0.4026'. [ 648.169393][T17593] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4039'. [ 648.320307][T17599] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4042'. [ 648.325289][T17598] netlink: 40 bytes leftover after parsing attributes in process `syz.3.4041'. [ 648.913232][T17629] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4057'. [ 649.529545][T17657] netlink: 40 bytes leftover after parsing attributes in process `syz.0.4071'. [ 649.897992][T17683] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4082'. [ 650.128759][T17695] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4089'. [ 650.383079][T17698] ------------[ cut here ]------------ [ 650.388761][T17698] WARNING: CPU: 0 PID: 17698 at fs/exec.c:119 path_noexec+0x1af/0x200 [ 650.397839][T17698] Modules linked in: [ 650.402126][T17698] CPU: 0 UID: 0 PID: 17698 Comm: syz.4.4091 Not tainted syzkaller #0 PREEMPT(full) [ 650.412229][T17698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 650.422369][T17698] RIP: 0010:path_noexec+0x1af/0x200 [ 650.427702][T17698] Code: 02 31 ff 48 89 de e8 00 9d 87 ff d1 eb eb 07 e8 17 98 87 ff b3 01 89 d8 5b 41 5e 41 5f 5d e9 18 b6 10 09 cc e8 02 98 87 ff 90 <0f> 0b 90 e9 48 ff ff ff 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c a6 [ 650.447431][T17698] RSP: 0018:ffffc90014377bb8 EFLAGS: 00010283 [ 650.453522][T17698] RAX: ffffffff82386e8e RBX: ffff88807500ce80 RCX: 0000000000080000 [ 650.461769][T17698] RDX: ffffc9001ccc9000 RSI: 0000000000000066 RDI: 0000000000000067 [ 650.470574][T17698] RBP: 0000000000080000 R08: ffff888066fedac0 R09: 0000000000000003 [ 650.478751][T17698] R10: 0000000000000003 R11: 0000000000000002 R12: 0000000000000011 [ 650.486825][T17698] R13: 1ffff9200286ef8c R14: 0000000000000000 R15: dffffc0000000000 [ 650.495525][T17698] FS: 0000000000000000(0000) GS:ffff88812613d000(0063) knlGS:00000000f54cdb40 [ 650.504473][T17698] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 650.511948][T17698] CR2: 0000000034520ff8 CR3: 00000000329fe000 CR4: 00000000003526f0 [ 650.520074][T17698] Call Trace: [ 650.523373][T17698] [ 650.526364][T17698] do_mmap+0xa43/0x10d0 [ 650.530555][T17698] ? __pfx_do_mmap+0x10/0x10 [ 650.535222][T17698] ? down_write_killable+0x178/0x230 [ 650.540526][T17698] ? __pfx_down_write_killable+0x10/0x10 [ 650.546356][T17698] ? common_file_perm+0x1b5/0x230 [ 650.551415][T17698] vm_mmap_pgoff+0x2a6/0x4d0 [ 650.556103][T17698] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 650.561234][T17698] ? __fget_files+0x2a/0x420 [ 650.565899][T17698] ? __fget_files+0x3a0/0x420 [ 650.570598][T17698] ? __fget_files+0x2a/0x420 [ 650.575275][T17698] ksys_mmap_pgoff+0x51f/0x760 [ 650.580066][T17698] __do_fast_syscall_32+0xb6/0x2b0 [ 650.585269][T17698] do_fast_syscall_32+0x34/0x80 [ 650.590140][T17698] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 650.596640][T17698] RIP: 0023:0xf70dd539 [ 650.600719][T17698] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 650.621340][T17698] RSP: 002b:00000000f54cd55c EFLAGS: 00000206 ORIG_RAX: 00000000000000c0 [ 650.630450][T17698] RAX: ffffffffffffffda RBX: 0000000080576000 RCX: 0000000000002000 [ 650.638544][T17698] RDX: 0000000003000000 RSI: 0000000000000011 RDI: 0000000000000005 [ 650.646625][T17698] RBP: 00000000ffffe000 R08: 0000000000000000 R09: 0000000000000000 [ 650.654622][T17698] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 650.662670][T17698] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 650.671439][T17698] [ 650.675124][T17698] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 650.682416][T17698] CPU: 0 UID: 0 PID: 17698 Comm: syz.4.4091 Not tainted syzkaller #0 PREEMPT(full) [ 650.691795][T17698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 650.701857][T17698] Call Trace: [ 650.705143][T17698] [ 650.708080][T17698] dump_stack_lvl+0x99/0x250 [ 650.712689][T17698] ? __asan_memcpy+0x40/0x70 [ 650.717295][T17698] ? __pfx_dump_stack_lvl+0x10/0x10 [ 650.722507][T17698] ? __pfx__printk+0x10/0x10 [ 650.727119][T17698] vpanic+0x237/0x6d0 [ 650.731117][T17698] ? __pfx_vpanic+0x10/0x10 [ 650.735643][T17698] panic+0xb9/0xc0 [ 650.739376][T17698] ? __pfx_panic+0x10/0x10 [ 650.743824][T17698] __warn+0x31b/0x4b0 [ 650.747826][T17698] ? path_noexec+0x1af/0x200 [ 650.752436][T17698] ? path_noexec+0x1af/0x200 [ 650.757046][T17698] report_bug+0x2be/0x4f0 [ 650.761393][T17698] ? path_noexec+0x1af/0x200 [ 650.765998][T17698] ? path_noexec+0x1af/0x200 [ 650.770601][T17698] ? path_noexec+0x1b1/0x200 [ 650.775208][T17698] handle_bug+0x84/0x160 [ 650.779476][T17698] exc_invalid_op+0x1a/0x50 [ 650.783998][T17698] asm_exc_invalid_op+0x1a/0x20 [ 650.788882][T17698] RIP: 0010:path_noexec+0x1af/0x200 [ 650.794207][T17698] Code: 02 31 ff 48 89 de e8 00 9d 87 ff d1 eb eb 07 e8 17 98 87 ff b3 01 89 d8 5b 41 5e 41 5f 5d e9 18 b6 10 09 cc e8 02 98 87 ff 90 <0f> 0b 90 e9 48 ff ff ff 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c a6 [ 650.813836][T17698] RSP: 0018:ffffc90014377bb8 EFLAGS: 00010283 [ 650.820019][T17698] RAX: ffffffff82386e8e RBX: ffff88807500ce80 RCX: 0000000000080000 [ 650.827994][T17698] RDX: ffffc9001ccc9000 RSI: 0000000000000066 RDI: 0000000000000067 [ 650.835955][T17698] RBP: 0000000000080000 R08: ffff888066fedac0 R09: 0000000000000003 [ 650.844181][T17698] R10: 0000000000000003 R11: 0000000000000002 R12: 0000000000000011 [ 650.852139][T17698] R13: 1ffff9200286ef8c R14: 0000000000000000 R15: dffffc0000000000 [ 650.860122][T17698] ? path_noexec+0x1ae/0x200 [ 650.864710][T17698] ? path_noexec+0x1ae/0x200 [ 650.869292][T17698] do_mmap+0xa43/0x10d0 [ 650.873556][T17698] ? __pfx_do_mmap+0x10/0x10 [ 650.878131][T17698] ? down_write_killable+0x178/0x230 [ 650.883410][T17698] ? __pfx_down_write_killable+0x10/0x10 [ 650.889023][T17698] ? common_file_perm+0x1b5/0x230 [ 650.894043][T17698] vm_mmap_pgoff+0x2a6/0x4d0 [ 650.898626][T17698] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 650.903733][T17698] ? __fget_files+0x2a/0x420 [ 650.908317][T17698] ? __fget_files+0x3a0/0x420 [ 650.912983][T17698] ? __fget_files+0x2a/0x420 [ 650.917588][T17698] ksys_mmap_pgoff+0x51f/0x760 [ 650.922381][T17698] __do_fast_syscall_32+0xb6/0x2b0 [ 650.927596][T17698] do_fast_syscall_32+0x34/0x80 [ 650.932456][T17698] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 650.938776][T17698] RIP: 0023:0xf70dd539 [ 650.942836][T17698] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 650.962432][T17698] RSP: 002b:00000000f54cd55c EFLAGS: 00000206 ORIG_RAX: 00000000000000c0 [ 650.970837][T17698] RAX: ffffffffffffffda RBX: 0000000080576000 RCX: 0000000000002000 [ 650.978802][T17698] RDX: 0000000003000000 RSI: 0000000000000011 RDI: 0000000000000005 [ 650.986766][T17698] RBP: 00000000ffffe000 R08: 0000000000000000 R09: 0000000000000000 [ 650.994743][T17698] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 651.002703][T17698] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 651.010691][T17698] [ 651.013990][T17698] Kernel Offset: disabled [ 651.018298][T17698] Rebooting in 86400 seconds..